From owner-freebsd-doc@FreeBSD.ORG Mon Jul 10 03:10:15 2006 Return-Path: X-Original-To: freebsd-doc@hub.freebsd.org Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB76416A4DF for ; Mon, 10 Jul 2006 03:10:15 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id C731D43D53 for ; Mon, 10 Jul 2006 03:10:13 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k6A3ADt1020592 for ; Mon, 10 Jul 2006 03:10:13 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k6A3ADH0020591; Mon, 10 Jul 2006 03:10:13 GMT (envelope-from gnats) Resent-Date: Mon, 10 Jul 2006 03:10:13 GMT Resent-Message-Id: <200607100310.k6A3ADH0020591@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Cheng-Lung Sung Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 67C9016A4DA for ; Mon, 10 Jul 2006 03:06:48 +0000 (UTC) (envelope-from clsung@FreeBSD.csie.nctu.edu.tw) Received: from FreeBSD.csie.nctu.edu.tw (freebsd.csie.nctu.edu.tw [140.113.17.209]) by mx1.FreeBSD.org (Postfix) with ESMTP id B676E43D46 for ; Mon, 10 Jul 2006 03:06:47 +0000 (GMT) (envelope-from clsung@FreeBSD.csie.nctu.edu.tw) Received: from localhost (localhost.csie.nctu.edu.tw [127.0.0.1]) by FreeBSD.csie.nctu.edu.tw (Postfix) with ESMTP id 0FCFC7E8C4 for ; Mon, 10 Jul 2006 11:07:59 +0800 (CST) Received: from FreeBSD.csie.nctu.edu.tw ([127.0.0.1]) by localhost (FreeBSD.csie.nctu.edu.tw [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id evwAtZi-lqsO for ; Mon, 10 Jul 2006 11:07:56 +0800 (CST) Received: by FreeBSD.csie.nctu.edu.tw (Postfix, from userid 1038) id 9FCDA7E94F; Mon, 10 Jul 2006 11:07:56 +0800 (CST) Message-Id: <20060710030756.9FCDA7E94F@FreeBSD.csie.nctu.edu.tw> Date: Mon, 10 Jul 2006 11:07:56 +0800 (CST) From: Cheng-Lung Sung To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: docs/99992: [patch] zh_TW handbook/{disks,config}: up-to-date X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Cheng-Lung Sung List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Jul 2006 03:10:15 -0000 >Number: 99992 >Category: docs >Synopsis: [patch] zh_TW handbook/{disks,config}: up-to-date >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Mon Jul 10 03:10:13 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Cheng-Lung Sung >Release: FreeBSD 6.1-PRERELEASE i386 >Organization: FreeBSD @ Taiwan >Environment: System: FreeBSD.csie.nctu.edu.tw 6.1-STABLE FreeBSD 6.1-STABLE #9: Thu May 11 14:31:45 CST 2006 root@FreeBSD.csie.nctu.edu.tw:/home/usr.obj/usr/src/sys/FREEBSD i386 >Description: - remove 4.X documentation >How-To-Repeat: >Fix: Index: config/chapter.sgml =================================================================== RCS file: /home/dcvs/doc/zh_TW.Big5/books/handbook/config/chapter.sgml,v retrieving revision 1.4 diff -u -r1.4 chapter.sgml --- config/chapter.sgml 8 Jul 2006 03:01:13 -0000 1.4 +++ config/chapter.sgml 10 Jul 2006 03:03:17 -0000 @@ -3,6 +3,7 @@ $FreeBSD: doc/zh_TW.Big5/books/handbook/config/chapter.sgml,v 1.4 2006/07/08 03:01:13 vanilla Exp $ Original revision: 1.213 + Chased revision: 1.217 --> @@ -102,7 +103,7 @@ Base Partitions - 用 &man.disklabel.8; 或 &man.sysinstall.8; 來規劃檔案系統時,請記住: + 用 &man.bsdlabel.8; 或 &man.sysinstall.8; 來規劃檔案系統時,請記住: 硬碟在傳輸資料方面,(由於結構為碟片因素)外圈會比內圈來得快些。 因此,建議把較小、常會存取的分割區儘量放外圈,而較大的分割區像是 /usr 則應放在較內圈。 @@ -370,7 +371,7 @@ kill -9 `cat /var/run/utility.pid` ;; *) - echo "Usage: `basename $0` {start|stop}" >&2 + echo "Usage: `basename $0` {start|stop}" >&2 exit 64 ;; esac @@ -830,15 +831,6 @@ the supported hardware and even the possible problems that could occur. - - NOTES does not exist on - &os; 4.X. Instead, check the LINT - file for information about various network interfaces. See - for a more detailed - summary of NOTES versus - LINT. - - If you own a common card, most of the time you will not have to look very hard for a driver. Drivers for common network cards are present in the GENERIC @@ -1578,7 +1570,7 @@ syntax: &prompt.root; sysctl kern.maxfiles=5000 -kern.maxfiles: 2088 -> 5000 +kern.maxfiles: 2088 -> 5000 Settings of sysctl variables are usually either strings, numbers, or booleans (a boolean being 1 for yes @@ -1698,8 +1690,8 @@ There are various other buffer-cache and VM page cache - related sysctls. We do not recommend modifying these values. As - of &os; 4.3, the VM system does an extremely good job of + related sysctls. We do not recommend modifying these values, + the VM system does an extremely good job of automatically tuning itself. @@ -1801,10 +1793,6 @@ it is mounted. A good time to enable Soft Updates is before any partitions have been mounted, in single-user mode. - As of &os; 4.5, it is possible to enable Soft Updates - at filesystem creation time, through use of the -U - option to &man.newfs.8;. - Soft Updates drastically improves meta-data performance, mainly file creation and deletion, through the use of a memory cache. We recommend to use Soft Updates on all of your file systems. There @@ -2011,16 +1999,13 @@ connected at once, the resources needed may be similar to a high-scale web server. - Starting with &os; 4.5, the system will auto-tune + The system will auto-tune maxusers for you if you explicitly set it to 0 The auto-tuning algorithm sets maxusers equal to the amount of memory in the system, with a minimum of 32, and a maximum of 384. - . In &os; 5.X and above, maxusers - will default to 0 if not specified. If you - are using an version of &os; earlier than 4.5, or you want to - manage it yourself you will want to set + . When setting this option, you will want to set maxusers to at least 4, especially if you are using the X Window System or compiling software. The reason is that the most important table set by maxusers is the @@ -2207,17 +2192,6 @@ 3500) to get the desired effect. Reducing these parameters should be done as a last resort only. - - In 4.X and earlier releases of &os; the - inflight sysctl variables are directly under - net.inet.tcp. Their names were - (in alphabetic order): - net.inet.tcp.inflight_debug, - net.inet.tcp.inflight_enable, - net.inet.tcp.inflight_max, - net.inet.tcp.inflight_min, - net.inet.tcp.inflight_stab. - @@ -2267,6 +2241,10 @@ space: adding a new hard drive, enabling swap over NFS, and creating a swap file on an existing partition. + For information on how to encrypt swap space, what options + for this task exist and why it should be done, please refer to + of the Handbook. + Swap on a New Hard Drive @@ -2283,10 +2261,7 @@ Swapping over NFS Swapping over NFS is only recommended if you do not have a - local hard disk to swap to. Swapping over NFS is slow and - inefficient in versions of &os; prior to 4.X. It is - reasonably fast and efficient in 4.0-RELEASE and newer. Even - with newer versions of &os;, NFS swapping will be limited + local hard disk to swap to; NFS swapping will be limited by the available network bandwidth and puts an additional burden on the NFS server. @@ -2300,53 +2275,7 @@ want, of course. - Creating a Swapfile on &os; 4.X - - - - Be certain that your kernel configuration includes - the vnode driver. It is not in recent versions of - GENERIC. - - pseudo-device vn 1 #Vnode driver (turns a file into a device) - - - - Create a vn-device: - &prompt.root; cd /dev -&prompt.root; sh MAKEDEV vn0 - - - - Create a swapfile (/usr/swap0): - - &prompt.root; dd if=/dev/zero of=/usr/swap0 bs=1024k count=64 - - - - Set proper permissions on (/usr/swap0): - - &prompt.root; chmod 0600 /usr/swap0 - - - - Enable the swap file in /etc/rc.conf: - - swapfile="/usr/swap0" # Set to name of swapfile if aux swapfile desired. - - - - - Reboot the machine or to enable the swap file immediately, - type: - - &prompt.root; vnconfig -e /dev/vn0b /usr/swap0 swap - - - - - - Creating a Swapfile on &os; 5.X + Creating a Swapfile on &os; @@ -2380,7 +2309,7 @@ Reboot the machine or to enable the swap file immediately, type: - &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 + &prompt.root; mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0 @@ -2419,12 +2348,7 @@ In this section of the &os; Handbook, we will provide comprehensive information about ACPI. References - will be provided for further reading at the end. Please be aware - that ACPI is available on &os; 5.X and - above systems as a default kernel module. For &os; 4.9, - ACPI can be enabled by adding the line - device acpica to a kernel configuration and - rebuilding. + will be provided for further reading at the end. What Is ACPI? @@ -2446,8 +2370,7 @@ more control and flexibility to the operating system (OS). Modern systems stretched the limits of the - current Plug and Play interfaces (such as APM, which is used in - &os; 4.X), prior to the introduction of + current Plug and Play interfaces prior to the introduction of ACPI. ACPI is the direct successor to APM (Advanced Power Management). Index: disks/chapter.sgml =================================================================== RCS file: /home/dcvs/doc/zh_TW.Big5/books/handbook/disks/chapter.sgml,v retrieving revision 1.4 diff -u -r1.4 chapter.sgml --- disks/chapter.sgml 17 Jun 2006 10:22:45 -0000 1.4 +++ disks/chapter.sgml 10 Jul 2006 03:03:18 -0000 @@ -100,12 +100,7 @@ 非標準規格光碟機 Mitsumi 光碟機用 mcd, - Sony 光碟機用 scd, - Matsushita/Pansonic 光碟機用 matcd - - 2002 年 10 月 5 日 FreeBSD 4.X 移除了 &man.matcd.4; 驅動程式, - 因此 FreeBSD 5.0 及以後的版本不再支援。 - + Sony 光碟機用 scd @@ -164,8 +159,7 @@ 看一下 /var/run/dmesg.boot 以確認系統是否抓到新硬碟。 繼續剛才的範例,新增的硬碟會是 da1, 假設我們想將它掛載到 /1 這個位置 - (如果您新增的是 IDE 硬碟的話,4.0 之前的系統是 - wd1,4.X 及之後的系統則是 + (如果您新增的是 IDE 硬碟的話,請用 ad1)。 partitions @@ -194,7 +188,7 @@ 及 e BSD partition。在 dedicated 模式的話, 新硬碟則是 /dev/da1e。 - 因為 &man.bsdlabel.8;(在 &os; 4.X 稱為 &man.disklabel.8;) + 因為 &man.bsdlabel.8; 用 32-bit 整數來儲存 sector(磁區) 數, 因此限制一個硬碟最大只能有 2^32-1 個 sector,亦即 2TB 的空間。 而 &man.fdisk.8; 的格式容許起始 sector 編號不超過 2^32-1, @@ -216,8 +210,7 @@ 操作 <application>Sysinstall</application> 透過 sysinstall - (/stand/sysinstall in &os; versions older - than 5.2) 的選單介面,您可以輕易為硬碟分割 BIOS partition(slice) + 的選單介面,您可以輕易為硬碟分割 BIOS partition(slice) 和 BSD patition。您必須以 root 身份使用 sysinstall, 要嘛用 root 登入,要嘛用 su 切換到 root。 執行 sysinstall 後,選 Configure @@ -300,8 +293,8 @@ &prompt.root; dd if=/dev/zero of=/dev/da1 bs=1k count=1 &prompt.root; fdisk -BI da1 # 初始您的硬碟。 -&prompt.root; disklabel -B -w -r da1s1 auto # 建立 disklabel。 -&prompt.root; disklabel -e da1s1 # 編輯 disklabel 以新增 label。 +&prompt.root; bsdlabel -B -w -r da1s1 auto # 建立 bsdlabel。 +&prompt.root; bsdlabel -e da1s1 # 編輯 bsdlabel 以新增 label。 &prompt.root; mkdir -p /1 &prompt.root; newfs /dev/da1s1e # 如果您新增了多個 label,對每個 label 重覆這個步驟。 &prompt.root; mount /dev/da1s1e /1 # 掛載這些新 label。 @@ -309,8 +302,7 @@ 如果您新增的是 IDE 硬碟,將 da 改成 da 即可 - 譯註:da 是 direct access,ad 則是 ata disk。。 - 而如果是 4.X 之前的系統,用 wd + 譯註:da 是 direct access。 @@ -326,8 +318,8 @@ not understand. &prompt.root; dd if=/dev/zero of=/dev/da1 bs=1k count=1 -&prompt.root; disklabel -Brw da1 auto -&prompt.root; disklabel -e da1 # 建立 `e' partition。 +&prompt.root; bsdlabel -Brw da1 auto +&prompt.root; bsdlabel -e da1 # 建立 `e' partition。 &prompt.root; newfs -d0 /dev/da1e &prompt.root; mkdir -p /1 &prompt.root; vi /etc/fstab # 新增一筆 /dev/da1e 的資訊。 @@ -336,17 +328,12 @@ 另一種方法: &prompt.root; dd if=/dev/zero of=/dev/da1 count=2 -&prompt.root; disklabel /dev/da1 | disklabel -BrR da1 /dev/stdin +&prompt.root; bsdlabel /dev/da1 | bsdlabel -BrR da1 /dev/stdin &prompt.root; newfs /dev/da1e &prompt.root; mkdir -p /1 &prompt.root; vi /etc/fstab # 新增一筆 /dev/da1e 的資訊。 &prompt.root; mount /1 - 從 &os; 5.1-RELEASE 開始,&man.bsdlabel.8; 取代原本的 - &man.disklabel.8; 程式,某些指令參數已經廢棄不用。 - 上面範例裡,如果用的是 &man.bsdlabel.8;, - 參數應該拿掉。更多的資訊請參考 &man.bsdlabel.8; manual page。 - @@ -430,47 +417,28 @@ Add this line to your kernel configuration file, rebuild, and reinstall the kernel: - pseudo-device ccd 4 - - On 5.X systems, you have to use instead the following - line: - device ccd - In FreeBSD 5.X, it is not necessary to specify - a number of &man.ccd.4; devices, as the &man.ccd.4; device driver is now - self-cloning — new device instances will automatically be - created on demand. - The &man.ccd.4; support can also be - loaded as a kernel loadable module in FreeBSD 3.0 or - later. + loaded as a kernel loadable module. To set up &man.ccd.4;, you must first use - &man.disklabel.8; to label the disks: + &man.bsdlabel.8; to label the disks: - disklabel -r -w ad1 auto -disklabel -r -w ad2 auto -disklabel -r -w ad3 auto + bsdlabel -r -w ad1 auto +bsdlabel -r -w ad2 auto +bsdlabel -r -w ad3 auto - This creates a disklabel for ad1c, ad2c and ad3c that + This creates a bsdlabel for ad1c, ad2c and ad3c that spans the entire disk. - Since &os; 5.1-RELEASE, the &man.bsdlabel.8; - utility replaces the old &man.disklabel.8; program. With - &man.bsdlabel.8; a number of obsolete options and parameters - have been retired; in the examples above the option - should be removed. For more - information, please refer to the &man.bsdlabel.8; - manual page. - The next step is to change the disk label type. You - can use &man.disklabel.8; to edit the + can use &man.bsdlabel.8; to edit the disks: - disklabel -e ad1 -disklabel -e ad2 -disklabel -e ad3 + bsdlabel -e ad1 +bsdlabel -e ad2 +bsdlabel -e ad3 This opens up the current disk label on each disk with the editor specified by the EDITOR @@ -499,17 +467,6 @@ Building the File System - The device node for - ccd0c may not exist yet, so to - create it, perform the following commands: - - cd /dev -sh MAKEDEV ccd0 - - In FreeBSD 5.0, &man.devfs.5; will automatically - manage device nodes in /dev, so use of - MAKEDEV is not necessary. - Now that you have all the disks labeled, you must build the &man.ccd.4;. To do that, use &man.ccdconfig.8;, with options similar to the following: @@ -788,22 +745,13 @@ Support for USB 2.0 controllers is provided on - &os; 5.X, and on the 4.X branch since &os; 4.10-RELEASE. - You have to add: + &os;; however, you must add: device ehci to your configuration file for USB 2.0 support. Note &man.uhci.4; and &man.ohci.4; drivers are still needed if you want USB 1.X support. - - - On &os; 4.X, the USB daemon (&man.usbd.8;) must be - running to be able to see some USB devices. To enable it, - add usbd_enable="YES" to your - /etc/rc.conf file and reboot the - machine. - @@ -1020,16 +968,9 @@ &prompt.root; mkisofs -R -no-emul-boot -b boot/cdboot -o /tmp/bootable.iso /tmp/myboot - Having done that, if you have vn - (FreeBSD 4.X), or md - (FreeBSD 5.X) + Having done that, if you have md configured in your kernel, you can mount the file system with: - &prompt.root; vnconfig -e vn0c /tmp/bootable.iso -&prompt.root; mount -t cd9660 /dev/vn0c /mnt - - for FreeBSD 4.X, and for FreeBSD 5.X: - &prompt.root; mdconfig -a -t vnode -f /tmp/bootable.iso -u 0 &prompt.root; mount -t cd9660 /dev/md0 /mnt @@ -1058,7 +999,7 @@ Will burn a copy of imagefile.iso on cddevice. The default device is - /dev/acd0 (or /dev/acd0c under &os; 4.X). See &man.burncd.8; for options to + /dev/acd0. See &man.burncd.8; for options to set the write speed, eject the CD after burning, and write audio data. @@ -1093,7 +1034,7 @@ burning &prompt.root; cdrecord -scanbus -Cdrecord 1.9 (i386-unknown-freebsd4.2) Copyright (C) 1995-2000 Jörg Schilling +Cdrecord-Clone 2.01 (i386-unknown-freebsd7.0) Copyright (C) 1995-2004 Jörg Schilling Using libscg version 'schily-0.1' scsibus0: 0,0,0 0) 'SEAGATE ' 'ST39236LW ' '0004' Disk @@ -1173,15 +1114,6 @@ &prompt.root; dd if=/dev/acd0 of=/dev/null count=1 - In &os; 4.X, the entries are not prefixed with - zero. If the necessary entries in /dev - are missing, use MAKEDEV to create - them: - - &prompt.root; cd /dev -&prompt.root; sh MAKEDEV acd0t99 - - @@ -1213,9 +1145,7 @@ &man.mkisofs.8;, and you can use it to duplicate any data CD. The example given here assumes that your CDROM device is acd0. Substitute your - correct CDROM device. Under &os; 4.X, a c must be appended - to the end of the device name to indicate the entire partition - or, in the case of CDROMs, the entire disc. + correct CDROM device. &prompt.root; dd if=/dev/acd0 of=file.iso bs=2048 @@ -1260,7 +1190,7 @@ oddly, however. For example, Joliet disks store all filenames in two-byte Unicode characters. The FreeBSD kernel does not speak Unicode (yet!), so non-English characters show up as - question marks. (If you are running FreeBSD 4.3 or later, the + question marks. (The FreeBSD CD9660 driver includes hooks to load an appropriate Unicode conversion table on the fly. Modules for some of the common encodings are available via the @@ -1797,44 +1727,9 @@ Floppy disks are accessed through entries in /dev, just like other devices. To - access the raw floppy disk in 4.X and earlier releases, one - uses - /dev/fdN, - where N stands for the drive - number, usually 0, or - /dev/fdNX, - where X stands for a - letter. - - In 5.0 or newer releases, simply use + access the raw floppy disk, simply use /dev/fdN. - - The Disk Size in 4.X and Earlier Releases - - There are also /dev/fdN.size - devices, where size is a floppy disk - size in kilobytes. These entries are used at low-level format - time to determine the disk size. 1440kB is the size that will be - used in the following examples. - - Sometimes the entries under /dev will - have to be (re)created. To do that, issue: - - &prompt.root; cd /dev && ./MAKEDEV "fd*" - - - - The Disk Size in 5.0 and Newer Releases - - In 5.0, &man.devfs.5; will automatically - manage device nodes in /dev, so use of - MAKEDEV is not necessary. - - The desired disk size is passed to &man.fdformat.1; through - the flag. Supported sizes are listed in - &man.fdcontrol.8;, but be advised that 1440kB is what works best. - @@ -1854,19 +1749,7 @@ determine if the disk is good or bad. - Formatting in 4.X and Earlier Releases - - Use the - /dev/fdN.size - devices to format the floppy. Insert a new 3.5inch floppy - disk in your drive and issue: - - &prompt.root; /usr/sbin/fdformat /dev/fd0.1440 - - - - - Formatting in 5.0 and Newer Releases + Formatting Floppy Disks Use the /dev/fdN @@ -1879,8 +1762,6 @@ - - The Disk Label @@ -1894,12 +1775,12 @@ floppy. The geometry values for the disk label are listed in /etc/disktab. - You can run now &man.disklabel.8; like so: + You can run now &man.bsdlabel.8; like so: - &prompt.root; /sbin/disklabel -B -r -w /dev/fd0 fd1440 + &prompt.root; /sbin/bsdlabel -B -r -w /dev/fd0 fd1440 Since &os; 5.1-RELEASE, the &man.bsdlabel.8; - utility replaces the old &man.disklabel.8; program. With + utility replaces the old &man.bsdlabel.8; program. With &man.bsdlabel.8; a number of obsolete options and parameters have been retired; in the example above the option should be removed. For more @@ -1931,9 +1812,7 @@ Using the Floppy - To use the floppy, mount it with &man.mount.msdos.8; (in - 4.X and earlier releases) or &man.mount.msdosfs.8; (in 5.0 or - newer releases). One can also use + To use the floppy, mount it with &man.mount.msdos.8;. One can also use emulators/mtools from the ports collection. @@ -2607,11 +2486,11 @@ There are only four steps that you need to perform in preparation for any disaster that may occur. - disklabel + bsdlabel - First, print the disklabel from each of your disks - (e.g. disklabel da0 | lpr), your file system table + First, print the bsdlabel from each of your disks + (e.g. bsdlabel da0 | lpr), your file system table (/etc/fstab) and all boot messages, two copies of each. @@ -2627,7 +2506,7 @@ Otherwise, you have to create two custom bootable floppies which have a kernel that can mount all of your disks and access your tape drive. These floppies must contain: - fdisk, disklabel, + fdisk, bsdlabel, newfs, mount, and whichever backup program you use. These programs must be statically linked. If you use dump, the @@ -2674,7 +2553,7 @@ # place boot blocks on the floppy # -disklabel -w -B /dev/fd0c fd1440 +bsdlabel -w -B /dev/fd0c fd1440 # # newfs the one and only partition @@ -2848,14 +2727,14 @@ root partition - disklabel + bsdlabel newfs Try to mount (e.g. mount /dev/da0a /mnt) the root partition of your first disk. If the - disklabel was damaged, use disklabel to re-partition and + bsdlabel was damaged, use bsdlabel to re-partition and label the disk to match the label that you printed and saved. Use newfs to re-create the file systems. Re-mount the root partition of the floppy read-write (mount -u -o rw @@ -2920,73 +2799,19 @@ memory-based file systems. - The FreeBSD 4.X users will have to use &man.MAKEDEV.8; - to create the required devices. FreeBSD 5.0 and later use - &man.devfs.5; to allocate device nodes transparently for the + Use &man.devfs.5; to allocate device nodes transparently for the user. - - File-Backed File System under FreeBSD 4.X - - disks - file-backed (4.X) - - - The utility &man.vnconfig.8; configures and enables vnode pseudo-disk - devices. A vnode is a representation - of a file, and is the focus of file activity. This means that - &man.vnconfig.8; uses files to create and operate a - file system. One possible use is the mounting of floppy or CD - images kept in files. - - To use &man.vnconfig.8;, you need &man.vn.4; support in your - kernel configuration file: - - pseudo-device vn - - To mount an existing file system image: - - - Using vnconfig to Mount an Existing File System - Image under FreeBSD 4.X - - &prompt.root; vnconfig vn0 diskimage -&prompt.root; mount /dev/vn0c /mnt - - - To create a new file system image with &man.vnconfig.8;: - - - Creating a New File-Backed Disk with <command>vnconfig</command> - - &prompt.root; dd if=/dev/zero of=newimage bs=1k count=5k -5120+0 records in -5120+0 records out -&prompt.root; vnconfig -s labels -c vn0 newimage -&prompt.root; disklabel -r -w vn0 auto -&prompt.root; newfs vn0c -Warning: 2048 sector(s) in last cylinder unallocated -/dev/vn0c: 10240 sectors in 3 cylinders of 1 tracks, 4096 sectors - 5.0MB in 1 cyl groups (16 c/g, 32.00MB/g, 1280 i/g) -super-block backups (for fsck -b #) at: - 32 -&prompt.root; mount /dev/vn0c /mnt -&prompt.root; df /mnt -Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/vn0c 4927 1 4532 0% /mnt - - - - File-Backed File System under FreeBSD 5.X + File-Backed File System disks - file-backed (5.X) + file-backed The utility &man.mdconfig.8; is used to configure and enable - memory disks, &man.md.4;, under FreeBSD 5.X. To use + memory disks, &man.md.4;, under FreeBSD. To use &man.mdconfig.8;, you have to load &man.md.4; module or to add the support in your kernel configuration file: @@ -3002,7 +2827,7 @@ Using <command>mdconfig</command> to Mount an Existing File System - Image under FreeBSD 5.X + Image &prompt.root; mdconfig -a -t vnode -f diskimage -u 0 &prompt.root; mount /dev/md0 /mnt @@ -3017,16 +2842,16 @@ 5120+0 records in 5120+0 records out &prompt.root; mdconfig -a -t vnode -f newimage -u 0 -&prompt.root; disklabel -r -w md0 auto -&prompt.root; newfs md0c -/dev/md0c: 5.0MB (10240 sectors) block size 16384, fragment size 2048 - using 4 cylinder groups of 1.27MB, 81 blks, 256 inodes. +&prompt.root; bsdlabel -w md0 auto +&prompt.root; newfs md0a +/dev/md0a: 5.0MB (10224 sectors) block size 16384, fragment size 2048 + using 4 cylinder groups of 1.25MB, 80 blks, 192 inodes. super-block backups (for fsck -b #) at: - 32, 2624, 5216, 7808 -&prompt.root; mount /dev/md0c /mnt + 160, 2720, 5280, 7840 +&prompt.root; mount /dev/md0a /mnt &prompt.root; df /mnt -Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/md0c 4846 2 4458 0% /mnt +Filesystem 1K-blocks Used Avail Capacity Mounted on +/dev/md0a 4710 4 4330 0% /mnt If you do not specify the unit number with the @@ -3036,17 +2861,9 @@ md4. For more details about &man.mdconfig.8;, please refer to the manual page. - Since &os; 5.1-RELEASE, the &man.bsdlabel.8; - utility replaces the old &man.disklabel.8; program. With - &man.bsdlabel.8; a number of obsolete options and parameters - have been retired; in the example above the option - should be removed. For more - information, please refer to the &man.bsdlabel.8; - manual page. - The utility &man.mdconfig.8; is very useful, however it asks many command lines to create a file-backed file system. - FreeBSD 5.0 also comes with a tool called &man.mdmfs.8;, + FreeBSD also comes with a tool called &man.mdmfs.8;, this program configures a &man.md.4; disk using &man.mdconfig.8;, puts a UFS file system on it using &man.newfs.8;, and mounts it using &man.mount.8;. For example, @@ -3061,7 +2878,7 @@ &prompt.root; mdmfs -F newimage -s 5m md0 /mnt &prompt.root; df /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/md0 4846 2 4458 0% /mnt +/dev/md0 4718 4 4338 0% /mnt If you use the option without unit @@ -3071,47 +2888,23 @@ - - Memory-Based File System under FreeBSD 4.X - - disks - memory file system (4.X) - - - The &man.md.4; driver is a simple, efficient means to create memory - file systems under FreeBSD 4.X. &man.malloc.9; is used - to allocate the memory. - - Simply take a file system you have prepared with, for - example, &man.vnconfig.8;, and: - - - md Memory Disk under FreeBSD 4.X - - &prompt.root; dd if=newimage of=/dev/md0 -5120+0 records in -5120+0 records out -&prompt.root; mount /dev/md0c /mnt -&prompt.root; df /mnt -Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/md0c 4927 1 4532 0% /mnt - - - For more details, please refer to &man.md.4; manual - page. - - - Memory-Based File System under FreeBSD 5.X + Memory-Based File System disks - memory file system (5.X) + memory file system - The same tools are used for memory-based and file-backed - file systems: &man.mdconfig.8; or &man.mdmfs.8;. The storage - for memory-based file system is allocated with - &man.malloc.9;. + For a + memory-based file system the swap backing + should normally be used. Using swap backing does not mean + that the memory disk will be swapped out to disk by default, + but merely that the memory disk will be allocated from a + memory pool which can be swapped out to disk if needed. It is + also possible to create memory-based disk which are + &man.malloc.9; backed, but using malloc backed memory disks, + especially large ones, can result in a system panic if the + kernel runs out of memory. Creating a New Memory-Based Disk with @@ -3170,13 +2963,6 @@ &man.md.4; devices in using the command <command>mdconfig -l</command>.</para> - <para>For FreeBSD 4.X, &man.vnconfig.8; is used to detach - the device. For example to detach and free all resources - used by <filename>/dev/vn4</filename>:</para> - - <screen>&prompt.root; <userinput>vnconfig -u vn<replaceable>4</replaceable></userinput></screen> - - </sect2> </sect1> @@ -3199,7 +2985,7 @@ <secondary>snapshots</secondary> </indexterm> - <para>FreeBSD 5.0 offers a new feature in conjunction with + <para>FreeBSD offers a feature in conjunction with <link linkend="soft-updates">Soft Updates</link>: File system snapshots.</para> <para>Snapshots allow a user to create images of specified file @@ -3594,15 +3380,6 @@ </step> <step> - <title>Verify the Operating System Version - - &man.gbde.4; requires FreeBSD 5.0 or higher. - - &prompt.root; uname -r -5.0-RELEASE - - - Add &man.gbde.4; Support to the Kernel Configuration File Add the following line to the kernel configuration @@ -3742,9 +3519,6 @@ initialize the old UFS1 file system, using &man.newfs.8; with the option is recommended. - The option is the default - with &os; 5.1-RELEASE and later. - &prompt.root; newfs -U -O2 /dev/ad4s1c.bde @@ -4100,6 +3874,137 @@ + + + + + + + Christian + Brüffer + Written by + + + + + Encrypting Swap Space + + swap + encrypting + + + Swap encryption in &os; is easy to configure and has been + available since &os; 5.3-RELEASE. Depending on which version + of &os; is being used, different options are available + and configuration can vary slightly. From &os; 6.0-RELEASE onwards, + the &man.gbde.8; or &man.geli.8; encryption systems can be used + for swap encryption. With earlier versions, only &man.gbde.8; is + available. Both systems use the encswap + rc.d script. + + The previous section, Encrypting + Disk Partitions, includes a short discussion on the different + encryption systems. + + + Why should Swap be Encrypted? + + Like the encryption of disk partitions, encryption of swap space + is done to protect sensitive information. Imagine an application + that e.g. deals with passwords. As long as these passwords stay in + physical memory, all is well. However, if the operating system starts + swapping out memory pages to free space for other applications, the + passwords may be written to the disk platters unencrypted and easy to + retrieve for an adversary. Encrypting swap space can be a solution for + this scenario. + + + + Preparation + + + For the remainder of this section, ad0s1b + will be the swap partition. + + + Up to this point the swap has been unencrypted. It is possible that + there are already passwords or other sensitive data on the disk platters + in cleartext. To rectify this, the data on the swap partition should be + overwritten with random garbage: + + &prompt.root; dd if=/dev/random of=/dev/ad0s1b bs=1m + + + + Swap Encryption with &man.gbde.8; + + If &os; 6.0-RELEASE or newer is being used, the + .bde suffix should be added to the device in the + respective /etc/fstab swap line: + + +# Device Mountpoint FStype Options Dump Pass# +/dev/ad0s1b.bde none swap sw 0 0 + + + For systems prior to &os; 6.0-RELEASE, the following line + in /etc/rc.conf is also needed: + + gbde_swap_enable="YES" + + + + Swap Encryption with &man.geli.8; + + Alternatively, the procedure for using &man.geli.8; for swap + encryption is similar to that of using &man.gbde.8;. The + .eli suffix should be added to the device in the + respective /etc/fstab swap line: + + +# Device Mountpoint FStype Options Dump Pass# +/dev/ad0s1b.eli none swap sw 0 0 + + + &man.geli.8; uses the AES algorithm with + a key length of 256 bit by default. + + Optionally, these defaults can be altered using the + geli_swap_flags option in + /etc/rc.conf. The following line tells the + encswap rc.d script to create &man.geli.8; swap + partitions using the Blowfish algorithm with a key length of 128 bit, + a sectorsize of 4 kilobytes and the detach on last close + option set: + + geli_swap_flags="-a blowfish -l 128 -s 4096 -d" + + Please refer to the description of the onetime command + in the &man.geli.8; manual page for a list of possible options. + + + + Verifying that it Works + + Once the system has been rebooted, proper operation of the + encrypted swap can be verified using the + swapinfo command. + + If &man.gbde.8; is being used: + + &prompt.user; swapinfo +Device 1K-blocks Used Avail Capacity +/dev/ad0s1b.bde 542720 0 542720 0% + + + If &man.geli.8; is being used: + + &prompt.user; swapinfo +Device 1K-blocks Used Avail Capacity +/dev/ad0s1b.eli 542720 0 542720 0% + + +