From owner-svn-doc-all@FreeBSD.ORG Tue May 6 18:40:54 2014 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BD9D684E; Tue, 6 May 2014 18:40:54 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A868B38F; Tue, 6 May 2014 18:40:54 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s46IesAg065049; Tue, 6 May 2014 18:40:54 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s46Ies7N065048; Tue, 6 May 2014 18:40:54 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201405061840.s46Ies7N065048@svn.freebsd.org> From: Dru Lavigne Date: Tue, 6 May 2014 18:40:54 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r44777 - head/en_US.ISO8859-1/books/handbook/cutting-edge X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 May 2014 18:40:54 -0000 Author: dru Date: Tue May 6 18:40:54 2014 New Revision: 44777 URL: http://svnweb.freebsd.org/changeset/doc/44777 Log: White space fix only. Translators can ignore. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 18:10:37 2014 (r44776) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue May 6 18:40:54 2014 (r44777) @@ -293,10 +293,10 @@ MergeChanges /etc/ /var/named/etc/ /boot &prompt.root; freebsd-update install If the update applies any kernel patches, the system will - need a reboot in order to boot into the patched kernel. - If the patch was applied to any running binaries, the affected + need a reboot in order to boot into the patched kernel. If + the patch was applied to any running binaries, the affected applications should be restarted so that the patched version - of the binary is used. + of the binary is used. The system can be configured to automatically check for updates once every day by adding this entry to @@ -304,23 +304,23 @@ MergeChanges /etc/ /var/named/etc/ /boot @daily root freebsd-update cron - If patches exist, they will automatically be - downloaded but will not be applied. The - root user will be - sent an email so that the patches may be reviewed and manually + If patches exist, they will automatically be downloaded + but will not be applied. The root user will be sent an + email so that the patches may be reviewed and manually installed with freebsd-update install. If anything goes wrong, freebsd-update - has the ability to roll back the last set of changes with - the following command: + has the ability to roll back the last set of changes with the + following command: &prompt.root; freebsd-update rollback Uninstalling updates... done. - Again, the system should be restarted if the - kernel or any kernel modules were modified and any affected - binaries should be restarted. + Again, the system should be restarted if the kernel or any + kernel modules were modified and any affected binaries should + be restarted. Only the GENERIC kernel can be automatically updated by freebsd-update. @@ -329,15 +329,13 @@ Uninstalling updates... done. finishes installing the updates. However, freebsd-update will detect and update the GENERIC kernel if - /boot/GENERIC exists, - even if it is not the current running kernel of the - system. + /boot/GENERIC exists, even if it is not + the current running kernel of the system. - Always keep a copy of the - GENERIC kernel in - /boot/GENERIC. It - will be helpful in diagnosing a variety of problems and in + Always keep a copy of the GENERIC + kernel in /boot/GENERIC. It will be + helpful in diagnosing a variety of problems and in performing version upgrades. Refer to either or for @@ -352,21 +350,21 @@ Uninstalling updates... done. Rebuilding and reinstalling a new custom kernel can then be performed in the usual way. - The updates distributed by - freebsd-update do not always involve the - kernel. It is not necessary to rebuild a custom kernel if - the kernel sources have not been modified by - freebsd-update install. - However, freebsd-update will always - update /usr/src/sys/conf/newvers.sh. - The current patch level, as indicated by the - -p number reported by - uname -r, is obtained from this file. - Rebuilding a custom kernel, even if nothing else changed, - allows uname to accurately report the current - patch level of the system. This is particularly helpful - when maintaining multiple systems, as it allows for a quick - assessment of the updates installed in each one. + The updates distributed by + freebsd-update do not always involve the + kernel. It is not necessary to rebuild a custom kernel if the + kernel sources have not been modified by + freebsd-update install. However, + freebsd-update will always update + /usr/src/sys/conf/newvers.sh. The + current patch level, as indicated by the -p + number reported by uname -r, is obtained + from this file. Rebuilding a custom kernel, even if nothing + else changed, allows uname to accurately + report the current patch level of the system. This is + particularly helpful when maintaining multiple systems, as it + allows for a quick assessment of the updates installed in each + one. @@ -375,8 +373,8 @@ Uninstalling updates... done. Upgrades from one minor version of &os; to another, like from &os; 9.0 to &os; 9.1, are called minor version upgrades. - Major version upgrades occur when - &os; is upgraded from one major version to another, like from + Major version upgrades occur when &os; + is upgraded from one major version to another, like from &os; 9.X to &os; 10.X. Both types of upgrades can be performed by providing freebsd-update with a release version target. @@ -392,20 +390,19 @@ Uninstalling updates... done. GENERIC kernel. - The following command, when - run on a &os; 9.0 system, will upgrade it to - &os; 9.1: - - &prompt.root; freebsd-update -r 9.1-RELEASE upgrade - - After the command has been received, - freebsd-update will evaluate the - configuration file and current system in an attempt to - gather the information necessary to perform the upgrade. A - screen listing will display which components have and have - not been detected. For example: + The following command, when run on a &os; 9.0 system, + will upgrade it to &os; 9.1: + + &prompt.root; freebsd-update -r 9.1-RELEASE upgrade + + After the command has been received, + freebsd-update will evaluate the + configuration file and current system in an attempt to gather + the information necessary to perform the upgrade. A screen + listing will display which components have and have not been + detected. For example: - Looking up update.FreeBSD.org mirrors... 1 mirrors found. + Looking up update.FreeBSD.org mirrors... 1 mirrors found. Fetching metadata signature for 9.0-RELEASE from update1.FreeBSD.org... done. Fetching metadata index... done. Inspecting system... done. @@ -422,210 +419,201 @@ world/proflibs Does this look reasonable (y/n)? y - At this point, freebsd-update will - attempt to download all files required for the upgrade. In - some cases, the user may be prompted with questions - regarding what to install or how to proceed. + At this point, freebsd-update will + attempt to download all files required for the upgrade. In + some cases, the user may be prompted with questions regarding + what to install or how to proceed. - When using a custom kernel, the above step will produce - a warning similar to the following: + When using a custom kernel, the above step will produce a + warning similar to the following: - WARNING: This system is running a "MYKERNEL" kernel, which is not a + WARNING: This system is running a "MYKERNEL" kernel, which is not a kernel configuration distributed as part of FreeBSD 9.0-RELEASE. This kernel will not be updated: you MUST update the kernel manually before running "/usr/sbin/freebsd-update install" - This warning may be safely ignored at this point. The - updated GENERIC kernel will be used as - an intermediate step in the upgrade process. - - Once all the patches have been downloaded to the local - system, they will be applied. This process may take a - while, depending on the speed and workload of the machine. - Configuration files will then be merged. The merging - process requires some user intervention as a file may be - merged or an editor may appear on screen for a manual merge. - The results of every successful merge will be shown to the - user as the process continues. A failed or ignored merge - will cause the process to abort. Users may wish to make a - backup of /etc and - manually merge important files, such as - master.passwd or - group at a later time. - - - The system is not being altered yet as all patching - and merging is happening in another directory. Once all - patches have been applied successfully, all configuration - files have been merged and it seems the process will go - smoothly, the changes can be committed to disk by the - user using the following command: + This warning may be safely ignored at this point. The + updated GENERIC kernel will be used as an + intermediate step in the upgrade process. + + Once all the patches have been downloaded to the local + system, they will be applied. This process may take a while, + depending on the speed and workload of the machine. + Configuration files will then be merged. The merging process + requires some user intervention as a file may be merged or an + editor may appear on screen for a manual merge. The results + of every successful merge will be shown to the user as the + process continues. A failed or ignored merge will cause the + process to abort. Users may wish to make a backup of + /etc and manually merge important files, + such as master.passwd or + group at a later time. + + + The system is not being altered yet as all patching and + merging is happening in another directory. Once all patches + have been applied successfully, all configuration files have + been merged and it seems the process will go smoothly, the + changes can be committed to disk by the user using the + following command: &prompt.root; freebsd-update install + - + The kernel and kernel modules will be patched first. If + the system is running with a custom kernel, use + &man.nextboot.8; to set the kernel for the next boot to the + updated /boot/GENERIC: - The kernel and kernel modules will be patched first. If - the system is - running with a custom kernel, use &man.nextboot.8; to set - the kernel for the next boot to the updated - /boot/GENERIC: - - &prompt.root; nextboot -k GENERIC - - - Before rebooting with the GENERIC - kernel, make sure it contains all the drivers required for - the system to boot properly and connect to the network, - if the machine being updated is accessed remotely. In - particular, if the running custom kernel contains built-in - functionality usually provided by kernel modules, make - sure to temporarily load these modules into the - GENERIC kernel using the - /boot/loader.conf facility. - It is recommended to disable non-essential services as - well as any disk and network mounts until the upgrade - process is complete. - - - The machine should now be restarted with the updated - kernel: - - &prompt.root; shutdown -r now - - Once the system has come back online, restart - freebsd-update using the following - command. Since the state of the process has been saved, - freebsd-update will not start from the - beginning, but will instead move on to the next phase and - remove all old shared libraries and - object files. + &prompt.root; nextboot -k GENERIC - &prompt.root; freebsd-update install + + Before rebooting with the GENERIC + kernel, make sure it contains all the drivers required for + the system to boot properly and connect to the network, if + the machine being updated is accessed remotely. In + particular, if the running custom kernel contains built-in + functionality usually provided by kernel modules, make sure + to temporarily load these modules into the + GENERIC kernel using the + /boot/loader.conf facility. It is + recommended to disable non-essential services as well as any + disk and network mounts until the upgrade process is + complete. + + + The machine should now be restarted with the updated + kernel: - - Depending upon whether any library version numbers - were bumped, there may only be two install phases instead - of three. - - - The upgrade is now complete. If this was a major - version upgrade, reinstall all ports and packages as - described in . - - - Custom Kernels with &os; 9.X and Later - - Before using freebsd-update, ensure - that a copy of the GENERIC kernel - exists in /boot/GENERIC. If a custom - kernel has only been built once, the - kernel in /boot/kernel.old is - the GENERIC kernel. - Simply rename this directory to - /boot/kernel. - - If a custom kernel has been built more than once - or if it is unknown how many times the custom kernel - has been built, obtain a copy of the - GENERIC kernel that matches the - current version of the operating system. If physical - access to the system is available, a - copy of the GENERIC kernel can be - installed from the installation media: + &prompt.root; shutdown -r now - &prompt.root; mount /cdrom + Once the system has come back online, restart + freebsd-update using the following command. + Since the state of the process has been saved, + freebsd-update will not start from the + beginning, but will instead move on to the next phase and + remove all old shared libraries and object files. + + &prompt.root; freebsd-update install + + + Depending upon whether any library version numbers were + bumped, there may only be two install phases instead of + three. + + + The upgrade is now complete. If this was a major version + upgrade, reinstall all ports and packages as described in + . + + + Custom Kernels with &os; 9.X and Later + + Before using freebsd-update, ensure + that a copy of the GENERIC kernel + exists in /boot/GENERIC. If a custom + kernel has only been built once, the kernel in + /boot/kernel.old is the + GENERIC kernel. Simply rename this + directory to /boot/kernel. + + If a custom kernel has been built more than once or if + it is unknown how many times the custom kernel has been + built, obtain a copy of the GENERIC + kernel that matches the current version of the operating + system. If physical access to the system is available, a + copy of the GENERIC kernel can be + installed from the installation media: + + &prompt.root; mount /cdrom &prompt.root; cd /cdrom/usr/freebsd-dist &prompt.root; tar -C/ -xvf kernel.txz boot/kernel/kernel - Alternately, the - GENERIC kernel may be rebuilt and - installed from source: + Alternately, the GENERIC kernel may + be rebuilt and installed from source: - &prompt.root; cd /usr/src + &prompt.root; cd /usr/src &prompt.root; make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null - For this kernel to be identified as the - GENERIC kernel by - freebsd-update, the - GENERIC configuration file must - not have been modified in any way. It is also - suggested that the kernel is built without any other - special options. - - Rebooting into the GENERIC kernel - is not required as freebsd-update only - needs /boot/GENERIC to exist. + For this kernel to be identified as the + GENERIC kernel by + freebsd-update, the + GENERIC configuration file must not + have been modified in any way. It is also suggested that + the kernel is built without any other special + options. + + Rebooting into the GENERIC kernel + is not required as freebsd-update only + needs /boot/GENERIC to exist. - - Custom Kernels with &os; 8.X + + Custom Kernels with &os; 8.X - On an &os; 8.X system, the instructions for - obtaining or building a - GENERIC kernel differ slightly. - - Assuming physical access to the machine is - possible, a copy of the GENERIC - kernel can be installed from the installation media - using the following commands: + On an &os; 8.X system, the instructions for + obtaining or building a GENERIC kernel + differ slightly. + + Assuming physical access to the machine is possible, a + copy of the GENERIC kernel can be + installed from the installation media using the following + commands: - &prompt.root; mount /cdrom + &prompt.root; mount /cdrom &prompt.root; cd /cdrom/X.Y-RELEASE/kernels &prompt.root; ./install.sh GENERIC - Replace X.Y-RELEASE - with the version of the release being used. - The GENERIC kernel will be - installed in /boot/GENERIC by - default. + Replace X.Y-RELEASE + with the version of the release being used. The + GENERIC kernel will be installed in + /boot/GENERIC by default. - To instead build the - GENERIC kernel from source: + To instead build the GENERIC kernel + from source: - &prompt.root; cd /usr/src + &prompt.root; cd /usr/src &prompt.root; env DESTDIR=/boot/GENERIC make kernel __MAKE_CONF=/dev/null SRCCONF=/dev/null &prompt.root; mv /boot/GENERIC/boot/kernel/* /boot/GENERIC &prompt.root; rm -rf /boot/GENERIC/boot - For this kernel to be picked up as - GENERIC by - freebsd-update, the - GENERIC configuration file must - not have been modified in any way. It is also - suggested that it is built without any other special - options. - - Rebooting into the GENERIC kernel - is not required. - + For this kernel to be picked up as + GENERIC by + freebsd-update, the + GENERIC configuration file must not + have been modified in any way. It is also suggested that it + is built without any other special options. + + Rebooting into the GENERIC kernel + is not required. + Rebuilding Ports After a Major Version Upgrade - Generally, - installed applications will continue to work without problems - after minor version upgrades. Major versions use different - Application Binary Interfaces (ABIs), which - which will break most third-party - applications. After a - major version upgrade, all installed packages and - ports need to be upgraded using a utility such as - ports-mgmt/portmaster. A - rebuild of all installed applications can be - accomplished with this command: - - &prompt.root; portmaster -af - - This command will display the configuration screens for - each application that has configurable options and wait for the user to interact with those - screens. To prevent this behavior, and use only the default - options, include in the above command. - - Once the software upgrades are complete, finish the upgrade process with - a final call to freebsd-update in order - to tie up all the loose ends in the upgrade process: + Generally, installed applications will continue to work + without problems after minor version upgrades. Major + versions use different Application Binary Interfaces + (ABIs), which which will break most + third-party applications. After a major version upgrade, + all installed packages and ports need to be upgraded using a + utility such as ports-mgmt/portmaster. A + rebuild of all installed applications can be accomplished + with this command: + + &prompt.root; portmaster -af + + This command will display the configuration screens for + each application that has configurable options and wait for + the user to interact with those screens. To prevent this + behavior, and use only the default options, include + in the above command. + + Once the software upgrades are complete, finish the + upgrade process with a final call to + freebsd-update in order to tie up all the + loose ends in the upgrade process: &prompt.root; freebsd-update install @@ -634,8 +622,8 @@ before running "/usr/sbin/freebsd-update new custom kernel using the instructions in . - Reboot the machine into the new &os; version. The upgrade - process is now complete. + Reboot the machine into the new &os; version. The + upgrade process is now complete. @@ -643,15 +631,16 @@ before running "/usr/sbin/freebsd-update System State Comparison The state of the installed &os; version against a known - good copy can be tested using freebsd-update IDS. - This command evaluates the current version of system utilities, - libraries, and configuration files and can be used as a - built-in Intrusion Detection System (IDS). + good copy can be tested using + freebsd-update IDS. This command evaluates + the current version of system utilities, libraries, and + configuration files and can be used as a built-in Intrusion + Detection System (IDS). - This command is - not a replacement for a real IDS such - as security/snort. As + This command is not a replacement for a real + IDS such as + security/snort. As freebsd-update stores data on disk, the possibility of tampering is evident. While this possibility may be reduced using kern.securelevel and @@ -665,15 +654,16 @@ before running "/usr/sbin/freebsd-update linkend="security-ids"/> - To begin the comparison, - specify the output file to save the results to: + To begin the comparison, specify the output file to save + the results to: &prompt.root; freebsd-update IDS >> outfile.ids The system will now be inspected and a lengthy listing of - files, along with the SHA256 hash values for both the - known value in the release and the current installation, will - be sent to the specified output file. + files, along with the SHA256 hash values + for both the known value in the release and the current + installation, will be sent to the specified output + file. The entries in the listing are extremely long, but the output format may be easily parsed. For instance, to obtain a @@ -688,11 +678,10 @@ before running "/usr/sbin/freebsd-update This sample output has been truncated as many more files exist. Some files have natural modifications. For example, - /etc/passwd will be modified if - users have been added to the system. - Kernel modules may differ as - freebsd-update may have updated them. - To exclude specific files or directories, add them to the + /etc/passwd will be modified if users + have been added to the system. Kernel modules may differ as + freebsd-update may have updated them. To + exclude specific files or directories, add them to the IDSIgnorePaths option in /etc/freebsd-update.conf. @@ -1081,8 +1070,9 @@ before running "/usr/sbin/freebsd-update sites listed in . Users with very slow or limited Internet connectivity - can instead use CTM as described in , but it is - not as reliable as svn and + can instead use CTM as described in , + but it is not as reliable as + svn and svn is the recommended method for synchronizing source. @@ -1182,8 +1172,8 @@ before running "/usr/sbin/freebsd-update recent &os.stable; release from the &os; mirror sites or use a monthly snapshot built from &os.stable;. Refer to www.freebsd.org/snapshots for - more information about snapshots. + xlink:href="&url.base;/snapshots/">www.freebsd.org/snapshots + for more information about snapshots. To compile or upgrade to an existing &os; system to &os.stable;, use svn @@ -1194,8 +1184,7 @@ before running "/usr/sbin/freebsd-update stable/9, are listed at www.freebsd.org/releng. CTM () can be used if a reliable - Internet connection is not - available. + Internet connection is not available. @@ -1205,11 +1194,10 @@ before running "/usr/sbin/freebsd-update compiling , read /usr/src/Makefile carefully and follow the instructions in . Read - &a.stable; and /usr/src/UPDATING to - keep up-to-date on other bootstrapping procedures that - sometimes become necessary on the road to the next - release. + linkend="makeworld"/>. Read &a.stable; and + /usr/src/UPDATING to keep up-to-date + on other bootstrapping procedures that sometimes become + necessary on the road to the next release. @@ -1218,8 +1206,7 @@ before running "/usr/sbin/freebsd-update Synchronizing Source - There are various methods for - staying up-to-date with the + There are various methods for staying up-to-date with the &os; sources. This section compares the primary services, Subversion and CTM. @@ -1242,13 +1229,13 @@ before running "/usr/sbin/freebsd-update Subversion uses the pull model of updating sources. The user, or a cron script, invokes the - svn program which updates the local version of the source. - Subversion is the preferred method for - updating local source trees as updates are up-to-the-minute - and the user controls when updates are downloaded. It is easy to - restrict updates to specific files or directories and the - requested updates are generated on the fly by the server. How - to synchronize source using + svn program which updates the local version + of the source. Subversion is the + preferred method for updating local source trees as updates are + up-to-the-minute and the user controls when updates are + downloaded. It is easy to restrict updates to specific files or + directories and the requested updates are generated on the fly + by the server. How to synchronize source using Subversion is described in . @@ -1261,25 +1248,24 @@ before running "/usr/sbin/freebsd-update changes in files since its previous run is executed several times a day on the master CTM machine. Any detected changes are compressed, stamped with a sequence-number, and encoded for - transmission over email in printable ASCII only. Once downloaded, - these deltas can be run through - ctm.rmail which will automatically decode, - verify, and apply the changes to the user's copy of the sources. - This process is more efficient than + transmission over email in printable ASCII + only. Once downloaded, these deltas can + be run through ctm.rmail which will + automatically decode, verify, and apply the changes to the + user's copy of the sources. This process is more efficient than Subversion and places less strain on server resources since it is a push, rather than a pull, model. Instructions for using CTM to synchronize source can be found at . - If a user inadvertently wipes - out portions of the local archive, - Subversion will detect and rebuild - the damaged portions. CTM will not, - and if a user deletes some portion of the source tree + If a user inadvertently wipes out portions of the local + archive, Subversion will detect and + rebuild the damaged portions. CTM + will not, and if a user deletes some portion of the source tree and does not have a backup, they will have to start from scratch - from the most recent base delta and rebuild - it all with CTM. + from the most recent base delta and + rebuild it all with CTM. @@ -1456,12 +1442,13 @@ Script started, output file is /var/tmp/ possible to boot with the newly updated kernel. If kern.securelevel has been raised above 1 and - noschg or similar flags have been set on the kernel - binary, drop the system into single-user mode first. - Otherwise, this command can be run from multi-user mode - without problems. See &man.init.8; for details about - kern.securelevel and &man.chflags.1; - for details about the various file flags. + noschg or similar flags have been set + on the kernel binary, drop the system into single-user + mode first. Otherwise, this command can be run from + multi-user mode without problems. See &man.init.8; for + details about kern.securelevel and + &man.chflags.1; for details about the various file + flags. &prompt.root; make installkernel