Date: Mon, 29 Oct 2012 00:50:21 +0000 (UTC) From: Warren Block <wblock@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r39831 - head/en_US.ISO8859-1/books/handbook/basics Message-ID: <201210290050.q9T0oL1S039633@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: wblock Date: Mon Oct 29 00:50:20 2012 New Revision: 39831 URL: http://svn.freebsd.org/changeset/doc/39831 Log: Whitespace-only fixes. Translators, please ignore. Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/basics/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Sun Oct 28 22:47:52 2012 (r39830) +++ head/en_US.ISO8859-1/books/handbook/basics/chapter.xml Mon Oct 29 00:50:20 2012 (r39831) @@ -9,7 +9,7 @@ <chapterinfo> <authorgroup> <author> - <firstname>Chris</firstname> + <firstname>Chris</firstname> <surname>Shumway</surname> <contrib>Rewritten by </contrib> </author> @@ -22,75 +22,88 @@ <sect1 id="basics-synopsis"> <title>Synopsis</title> - <para>The following chapter will cover the basic commands and - functionality of the FreeBSD operating system. Much of this - material is relevant for any &unix;-like operating system. Feel - free to skim over this chapter if you are familiar with the - material. If you are new to FreeBSD, then you will definitely - want to read through this chapter carefully.</para> + <para>The following chapter will cover the basic commands and + functionality of the FreeBSD operating system. Much of this + material is relevant for any &unix;-like operating system. Feel + free to skim over this chapter if you are familiar with the + material. If you are new to FreeBSD, then you will definitely + want to read through this chapter carefully.</para> <para>After reading this chapter, you will know:</para> <itemizedlist> <listitem> - <para>How to use the <quote>virtual consoles</quote> of + <para>How to use the <quote>virtual consoles</quote> of FreeBSD.</para> </listitem> + <listitem> <para>How &unix; file permissions work along with understanding file flags in &os;.</para> </listitem> + <listitem> <para>The default &os; file system layout.</para> </listitem> + <listitem> <para>The &os; disk organization.</para> </listitem> + <listitem> <para>How to mount and unmount file systems.</para> </listitem> + <listitem> <para>What processes, daemons, and signals are.</para> </listitem> + <listitem> <para>What a shell is, and how to change your default login - environment.</para> + environment.</para> </listitem> + <listitem> <para>How to use basic text editors.</para> </listitem> + <listitem> <para>What devices and device nodes are.</para> </listitem> + <listitem> <para>What binary format is used under &os;.</para> </listitem> + <listitem> <para>How to read manual pages for more information.</para> </listitem> </itemizedlist> - </sect1> <sect1 id="consoles"> <title>Virtual Consoles and Terminals</title> + <indexterm><primary>virtual consoles</primary></indexterm> <indexterm><primary>terminals</primary></indexterm> - <para>FreeBSD can be used in various ways. One of them is typing commands - to a text terminal. A lot of the flexibility and power of a &unix; - operating system is readily available at your hands when using FreeBSD - this way. This section describes what <quote>terminals</quote> and - <quote>consoles</quote> are, and how you can use them in FreeBSD.</para> + <para>FreeBSD can be used in various ways. One of them is typing + commands to a text terminal. A lot of the flexibility and power + of a &unix; operating system is readily available at your hands + when using FreeBSD this way. This section describes what + <quote>terminals</quote> and <quote>consoles</quote> are, and + how you can use them in FreeBSD.</para> <sect2 id="consoles-intro"> <title>The Console</title> + <indexterm><primary>console</primary></indexterm> - <para>If you have not configured FreeBSD to automatically start a - graphical environment during startup, the system will present you with - a login prompt after it boots, right after the startup scripts finish - running. You will see something similar to:</para> + <para>If you have not configured FreeBSD to automatically start + a graphical environment during startup, the system will + present you with a login prompt after it boots, right after + the startup scripts finish running. You will see something + similar to:</para> <screen>Additional ABI support:. Local package initialization:. @@ -102,25 +115,26 @@ FreeBSD/i386 (pc3.example.org) (ttyv0) login:</screen> - <para>The messages might be a bit different on your system, but you will - see something similar. The last two lines are what we are interested - in right now. The second last line reads:</para> + <para>The messages might be a bit different on your system, but + you will see something similar. The last two lines are what + we are interested in right now. The second last line + reads:</para> <programlisting>FreeBSD/i386 (pc3.example.org) (ttyv0)</programlisting> - <para>This line contains some bits of information about the system you - have just booted. You are looking at a <quote>FreeBSD</quote> - console, running on an Intel or compatible processor of the x86 - architecture<footnote> - <para>This is what <literal>i386</literal> means. Note that even if - you are not running FreeBSD on an Intel 386 CPU, this is going to - be <literal>i386</literal>. It is not the type of your processor, - but the processor <quote>architecture</quote> that is shown - here.</para> - </footnote>. The name of this machine (every &unix; machine has a - name) is <hostid>pc3.example.org</hostid>, and you are now looking - at its system console—the <devicename>ttyv0</devicename> - terminal.</para> + <para>This line contains some bits of information about the + system you have just booted. You are looking at a + <quote>FreeBSD</quote> console, running on an Intel or + compatible processor of the x86 architecture<footnote> + <para>This is what <literal>i386</literal> means. Note that + even if you are not running FreeBSD on an Intel 386 CPU, + this is going to be <literal>i386</literal>. It is not + the type of your processor, but the processor + <quote>architecture</quote> that is shown here.</para> + </footnote>. The name of this machine (every &unix; machine + has a name) is <hostid>pc3.example.org</hostid>, and you are + now looking at its system console—the + <devicename>ttyv0</devicename> terminal.</para> <para>Finally, the last line is always:</para> @@ -135,110 +149,121 @@ login:</screen> <title>Logging into FreeBSD</title> <para>FreeBSD is a multiuser, multiprocessing system. This is - the formal description that is usually given to a system that can be - used by many different people, who simultaneously run a lot of - programs on a single machine.</para> + the formal description that is usually given to a system that + can be used by many different people, who simultaneously run a + lot of programs on a single machine.</para> <para>Every multiuser system needs some way to distinguish one <quote>user</quote> from the rest. In FreeBSD (and all the - &unix;-like operating systems), this is accomplished by requiring that - every user must <quote>log into</quote> the system before being able - to run programs. Every user has a unique name (the - <quote>username</quote>) and a personal, secret key (the - <quote>password</quote>). FreeBSD will ask for these two before - allowing a user to run any programs.</para> + &unix;-like operating systems), this is accomplished by + requiring that every user must <quote>log into</quote> the + system before being able to run programs. Every user has a + unique name (the <quote>username</quote>) and a personal, + secret key (the <quote>password</quote>). FreeBSD will ask + for these two before allowing a user to run any + programs.</para> <indexterm><primary>startup scripts</primary></indexterm> <para>Right after FreeBSD boots and finishes running its startup scripts<footnote> - <para>Startup scripts are programs that are run automatically by - FreeBSD when booting. Their main function is to set things up for - everything else to run, and start any services that you have - configured to run in the background doing useful things.</para> - </footnote>, it will present you with a prompt and ask for a valid - username:</para> + <para>Startup scripts are programs that are run + automatically by FreeBSD when booting. Their main + function is to set things up for everything else to run, + and start any services that you have configured to run in + the background doing useful things.</para> + </footnote>, it will present you with a prompt and ask for a + valid username:</para> <screen>login:</screen> - <para>For the sake of this example, let us assume that your username is - <username>john</username>. Type <literal>john</literal> at this prompt and press - <keycap>Enter</keycap>. You should then be presented with a prompt to - enter a <quote>password</quote>:</para> + <para>For the sake of this example, let us assume that your + username is <username>john</username>. Type + <literal>john</literal> at this prompt and press + <keycap>Enter</keycap>. You should then be presented with a + prompt to enter a <quote>password</quote>:</para> <screen>login: <userinput>john</userinput> Password:</screen> - <para>Type in <username>john</username>'s password now, and press - <keycap>Enter</keycap>. The password is <emphasis>not - echoed!</emphasis> You need not worry about this right now. Suffice - it to say that it is done for security reasons.</para> - - <para>If you have typed your password correctly, you should by now be - logged into FreeBSD and ready to try out all the available - commands.</para> + <para>Type in <username>john</username>'s password now, and + press <keycap>Enter</keycap>. The password is + <emphasis>not echoed!</emphasis> You need not worry about this + right now. Suffice it to say that it is done for security + reasons.</para> + + <para>If you have typed your password correctly, you should by + now be logged into FreeBSD and ready to try out all the + available commands.</para> <para>You should see the <acronym>MOTD</acronym> or message of the day followed by a command prompt (a <literal>#</literal>, - <literal>$</literal>, or <literal>%</literal> character). This - indicates you have successfully logged into FreeBSD.</para> + <literal>$</literal>, or <literal>%</literal> character). + This indicates you have successfully logged into + FreeBSD.</para> </sect2> <sect2 id="consoles-virtual"> <title>Multiple Consoles</title> - <para>Running &unix; commands in one console is fine, but FreeBSD can - run many programs at once. Having one console where commands can be - typed would be a bit of a waste when an operating system like FreeBSD - can run dozens of programs at the same time. This is where - <quote>virtual consoles</quote> can be very helpful.</para> - - <para>FreeBSD can be configured to present you with many different - virtual consoles. You can switch from one of them to any other - virtual console by pressing a couple of keys on your keyboard. Each - console has its own different output channel, and FreeBSD takes care - of properly redirecting keyboard input and monitor output as you - switch from one virtual console to the next.</para> + <para>Running &unix; commands in one console is fine, but + FreeBSD can run many programs at once. Having one console + where commands can be typed would be a bit of a waste when an + operating system like FreeBSD can run dozens of programs at + the same time. This is where <quote>virtual consoles</quote> + can be very helpful.</para> + + <para>FreeBSD can be configured to present you with many + different virtual consoles. You can switch from one of them + to any other virtual console by pressing a couple of keys on + your keyboard. Each console has its own different output + channel, and FreeBSD takes care of properly redirecting + keyboard input and monitor output as you switch from one + virtual console to the next.</para> <para>Special key combinations have been reserved by FreeBSD for switching consoles<footnote> - <para>A fairly technical and accurate description of all the details - of the FreeBSD console and keyboard drivers can be found in the - manual pages of &man.syscons.4;, &man.atkbd.4;, &man.vidcontrol.1; - and &man.kbdcontrol.1;. We will not expand on the details here, - but the interested reader can always consult the manual pages for - a more detailed and thorough explanation of how things + <para>A fairly technical and accurate description of all the + details of the FreeBSD console and keyboard drivers can be + found in the manual pages of &man.syscons.4;, + &man.atkbd.4;, &man.vidcontrol.1; and &man.kbdcontrol.1;. + We will not expand on the details here, but the interested + reader can always consult the manual pages for a more + detailed and thorough explanation of how things work.</para> - </footnote>. You can use + </footnote>. You can use <keycombo><keycap>Alt</keycap><keycap>F1</keycap></keycombo>, - <keycombo><keycap>Alt</keycap><keycap>F2</keycap></keycombo>, through - <keycombo><keycap>Alt</keycap><keycap>F8</keycap></keycombo> to switch - to a different virtual console in FreeBSD.</para> - - <para>As you are switching from one console to the next, FreeBSD takes - care of saving and restoring the screen output. The result is an - <quote>illusion</quote> of having multiple <quote>virtual</quote> - screens and keyboards that you can use to type commands for - FreeBSD to run. The programs that you launch on one virtual console - do not stop running when that console is not visible. They continue - running when you have switched to a different virtual console.</para> + <keycombo><keycap>Alt</keycap><keycap>F2</keycap></keycombo>, + through + <keycombo><keycap>Alt</keycap><keycap>F8</keycap></keycombo> + to switch to a different virtual console in FreeBSD.</para> + + <para>As you are switching from one console to the next, FreeBSD + takes care of saving and restoring the screen output. The + result is an <quote>illusion</quote> of having multiple + <quote>virtual</quote> screens and keyboards that you can use + to type commands for FreeBSD to run. The programs that you + launch on one virtual console do not stop running when that + console is not visible. They continue running when you have + switched to a different virtual console.</para> </sect2> <sect2 id="consoles-ttys"> <title>The <filename>/etc/ttys</filename> File</title> - <para>The default configuration of FreeBSD will start up with eight - virtual consoles. This is not a hardwired setting though, and - you can easily customize your installation to boot with more - or fewer virtual consoles. The number and settings of the - virtual consoles are configured in the - <filename>/etc/ttys</filename> file.</para> - - <para>You can use the <filename>/etc/ttys</filename> file to configure - the virtual consoles of FreeBSD. Each uncommented line in this file - (lines that do not start with a <literal>#</literal> character) contains - settings for a single terminal or virtual console. The default - version of this file that ships with FreeBSD configures nine virtual - consoles, and enables eight of them. They are the lines that start with + <para>The default configuration of FreeBSD will start up with + eight virtual consoles. This is not a hardwired setting + though, and you can easily customize your installation to boot + with more or fewer virtual consoles. The number and settings + of the virtual consoles are configured in the + <filename>/etc/ttys</filename> file.</para> + + <para>You can use the <filename>/etc/ttys</filename> file to + configure the virtual consoles of FreeBSD. Each uncommented + line in this file (lines that do not start with a + <literal>#</literal> character) contains settings for a single + terminal or virtual console. The default version of this file + that ships with FreeBSD configures nine virtual consoles, and + enables eight of them. They are the lines that start with <literal>ttyv</literal>:</para> <programlisting># name getty type status comments @@ -254,21 +279,22 @@ ttyv6 "/usr/libexec/getty Pc" ttyv7 "/usr/libexec/getty Pc" cons25 on secure ttyv8 "/usr/X11R6/bin/xdm -nodaemon" xterm off secure</programlisting> - <para>For a detailed description of every column in this file and all - the options you can use to set things up for the virtual consoles, - consult the &man.ttys.5; manual page.</para> + <para>For a detailed description of every column in this file + and all the options you can use to set things up for the + virtual consoles, consult the &man.ttys.5; manual page.</para> </sect2> <sect2 id="consoles-singleuser"> <title>Single User Mode Console</title> - <para>A detailed description of what <quote>single user mode</quote> is - can be found in <xref linkend="boot-singleuser"/>. It is worth noting - that there is only one console when you are running FreeBSD in single - user mode. There are no virtual consoles available. The settings of - the single user mode console can also be found in the - <filename>/etc/ttys</filename> file. Look for the line that starts - with <literal>console</literal>:</para> + <para>A detailed description of what + <quote>single user mode</quote> is can be found in + <xref linkend="boot-singleuser"/>. It is worth noting that + there is only one console when you are running FreeBSD in + single user mode. There are no virtual consoles available. + The settings of the single user mode console can also be found + in the <filename>/etc/ttys</filename> file. Look for the line + that starts with <literal>console</literal>:</para> <programlisting># name getty type status comments # @@ -277,18 +303,20 @@ ttyv8 "/usr/X11R6/bin/xdm -nodaemon" console none unknown off secure</programlisting> <note> - <para>As the comments above the <literal>console</literal> line - indicate, you can edit this line and change <literal>secure</literal> to - <literal>insecure</literal>. If you do that, when FreeBSD boots - into single user mode, it will still ask for the - <username>root</username> password.</para> + <para>As the comments above the <literal>console</literal> + line indicate, you can edit this line and change + <literal>secure</literal> to <literal>insecure</literal>. + If you do that, when FreeBSD boots into single user mode, it + will still ask for the <username>root</username> + password.</para> <para><emphasis>Be careful when changing this to - <literal>insecure</literal></emphasis>. If you ever forget - the <username>root</username> password, booting into single user - mode is a bit involved. It is still possible, but it might be a bit - hard for someone who is not very comfortable with the FreeBSD - booting process and the programs involved.</para> + <literal>insecure</literal></emphasis>. If you ever + forget the <username>root</username> password, booting into + single user mode is a bit involved. It is still possible, + but it might be a bit hard for someone who is not very + comfortable with the FreeBSD booting process and the + programs involved.</para> </note> </sect2> @@ -307,19 +335,21 @@ options SC_PIXEL_MODE</programlisting> <para>Once the kernel has been recompiled with these two options, you can then determine what video modes are supported by your hardware by using the &man.vidcontrol.1; utility. To - get a list of supported video modes issue the following:</para> + get a list of supported video modes issue the + following:</para> <screen>&prompt.root; <userinput>vidcontrol -i mode</userinput></screen> <para>The output of this command is a list of video modes that are supported by your hardware. You can then choose to use a - new video mode by passing it to &man.vidcontrol.1; in a <username>root</username> console:</para> + new video mode by passing it to &man.vidcontrol.1; in a + <username>root</username> console:</para> <screen>&prompt.root; <userinput>vidcontrol MODE_279</userinput></screen> <para>If the new video mode is acceptable, it can be permanently - set on boot by setting it in the <filename>/etc/rc.conf</filename> - file:</para> + set on boot by setting it in the + <filename>/etc/rc.conf</filename> file:</para> <programlisting>allscreens_flags="MODE_279"</programlisting> </sect2> @@ -327,23 +357,24 @@ options SC_PIXEL_MODE</programlisting> <sect1 id="permissions"> <title>Permissions</title> + <indexterm><primary>UNIX</primary></indexterm> - <para>FreeBSD, being a direct descendant of BSD &unix;, is based on - several key &unix; concepts. The first and - most pronounced is that FreeBSD is a multi-user operating system. - The system can handle several users all working simultaneously on - completely unrelated tasks. The system is responsible for properly - sharing and managing requests for hardware devices, peripherals, - memory, and CPU time fairly to each user.</para> + <para>FreeBSD, being a direct descendant of BSD &unix;, is based + on several key &unix; concepts. The first and most pronounced + is that FreeBSD is a multi-user operating system. The system + can handle several users all working simultaneously on + completely unrelated tasks. The system is responsible for + properly sharing and managing requests for hardware devices, + peripherals, memory, and CPU time fairly to each user.</para> <para>Because the system is capable of supporting multiple users, - everything the system manages has a set of permissions governing who - can read, write, and execute the resource. These permissions are - stored as three octets broken into three pieces, one for the owner of - the file, one for the group that the file belongs to, and one for - everyone else. This numerical representation works like - this:</para> + everything the system manages has a set of permissions governing + who can read, write, and execute the resource. These + permissions are stored as three octets broken into three pieces, + one for the owner of the file, one for the group that the file + belongs to, and one for everyone else. This numerical + representation works like this:</para> <indexterm><primary>permissions</primary></indexterm> <indexterm> @@ -419,7 +450,8 @@ options SC_PIXEL_MODE</programlisting> argument to &man.ls.1; to view a long directory listing that includes a column with information about a file's permissions for the owner, group, and everyone else. For example, a - <command>ls -l</command> in an arbitrary directory may show:</para> + <command>ls -l</command> in an arbitrary directory may + show:</para> <screen>&prompt.user; <userinput>ls -l</userinput> total 530 @@ -433,48 +465,49 @@ total 530 <screen>-rw-r--r--</screen> - <para>The first (leftmost) character - tells if this file is a regular file, a directory, a special - character device, a socket, or any other special - pseudo-file device. In this case, the <literal>-</literal> - indicates a regular file. The next three characters, - <literal>rw-</literal> in this example, give the permissions for the owner of the - file. The next three characters, <literal>r--</literal>, give the - permissions for the group that the file belongs to. The final three + <para>The first (leftmost) character tells if this file is a + regular file, a directory, a special character device, a socket, + or any other special pseudo-file device. In this case, the + <literal>-</literal> indicates a regular file. The next three + characters, <literal>rw-</literal> in this example, give the + permissions for the owner of the file. The next three characters, <literal>r--</literal>, give the permissions for the - rest of the world. A dash means that the permission is turned off. - In the case of this file, the permissions are set so the owner can - read and write to the file, the group can read the file, and the - rest of the world can only read the file. According to the table + group that the file belongs to. The final three characters, + <literal>r--</literal>, give the permissions for the rest of the + world. A dash means that the permission is turned off. In the + case of this file, the permissions are set so the owner can read + and write to the file, the group can read the file, and the rest + of the world can only read the file. According to the table above, the permissions for this file would be - <literal>644</literal>, where each digit represents the three parts - of the file's permission.</para> + <literal>644</literal>, where each digit represents the three + parts of the file's permission.</para> <para>This is all well and good, but how does the system control permissions on devices? FreeBSD actually treats most hardware - devices as a file that programs can open, read, and write data to - just like any other file. These special device files are stored on - the <filename>/dev</filename> directory.</para> - - <para>Directories are also treated as files. They have read, write, - and execute permissions. The executable bit for a directory has a - slightly different meaning than that of files. When a directory is - marked executable, it means it can be traversed into, that is, it is - possible to <quote>cd</quote> (change directory) into it. This also means that - within the directory it is possible to access files whose names are - known (subject, of course, to the permissions on the files + devices as a file that programs can open, read, and write data + to just like any other file. These special device files are + stored on the <filename>/dev</filename> directory.</para> + + <para>Directories are also treated as files. They have read, + write, and execute permissions. The executable bit for a + directory has a slightly different meaning than that of files. + When a directory is marked executable, it means it can be + traversed into, that is, it is possible to <quote>cd</quote> + (change directory) into it. This also means that within the + directory it is possible to access files whose names are known + (subject, of course, to the permissions on the files themselves).</para> - <para>In particular, in order to perform a directory listing, - read permission must be set on the directory, whilst to delete a file + <para>In particular, in order to perform a directory listing, read + permission must be set on the directory, whilst to delete a file that one knows the name of, it is necessary to have write <emphasis>and</emphasis> execute permissions to the directory containing the file.</para> - <para>There are more permission bits, but they are primarily used in - special circumstances such as setuid binaries and sticky - directories. If you want more information on file permissions and - how to set them, be sure to look at the &man.chmod.1; manual + <para>There are more permission bits, but they are primarily used + in special circumstances such as setuid binaries and sticky + directories. If you want more information on file permissions + and how to set them, be sure to look at the &man.chmod.1; manual page.</para> <sect2> @@ -489,12 +522,17 @@ total 530 </sect2info> <title>Symbolic Permissions</title> - <indexterm><primary>permissions</primary><secondary>symbolic</secondary></indexterm> - <para>Symbolic permissions, sometimes referred to as symbolic expressions, - use characters in place of octal values to assign permissions to files - or directories. Symbolic expressions use the syntax of (who) (action) - (permissions), where the following values are available:</para> + <indexterm> + <primary>permissions</primary> + <secondary>symbolic</secondary> + </indexterm> + + <para>Symbolic permissions, sometimes referred to as symbolic + expressions, use characters in place of octal values to assign + permissions to files or directories. Symbolic expressions use + the syntax of (who) (action) (permissions), where the + following values are available:</para> <informaltable frame="none" pgwide="1"> <tgroup cols="3"> @@ -506,101 +544,102 @@ total 530 </row> </thead> - <tbody> - <row> - <entry>(who)</entry> - <entry>u</entry> - <entry>User</entry> - </row> + <tbody> + <row> + <entry>(who)</entry> + <entry>u</entry> + <entry>User</entry> + </row> - <row> - <entry>(who)</entry> - <entry>g</entry> - <entry>Group owner</entry> - </row> + <row> + <entry>(who)</entry> + <entry>g</entry> + <entry>Group owner</entry> + </row> - <row> - <entry>(who)</entry> - <entry>o</entry> - <entry>Other</entry> - </row> + <row> + <entry>(who)</entry> + <entry>o</entry> + <entry>Other</entry> + </row> - <row> - <entry>(who)</entry> - <entry>a</entry> - <entry>All (<quote>world</quote>)</entry> - </row> + <row> + <entry>(who)</entry> + <entry>a</entry> + <entry>All (<quote>world</quote>)</entry> + </row> - <row> - <entry>(action)</entry> - <entry>+</entry> - <entry>Adding permissions</entry> - </row> + <row> + <entry>(action)</entry> + <entry>+</entry> + <entry>Adding permissions</entry> + </row> - <row> - <entry>(action)</entry> - <entry>-</entry> - <entry>Removing permissions</entry> - </row> + <row> + <entry>(action)</entry> + <entry>-</entry> + <entry>Removing permissions</entry> + </row> - <row> - <entry>(action)</entry> - <entry>=</entry> - <entry>Explicitly set permissions</entry> - </row> + <row> + <entry>(action)</entry> + <entry>=</entry> + <entry>Explicitly set permissions</entry> + </row> - <row> - <entry>(permissions)</entry> - <entry>r</entry> - <entry>Read</entry> - </row> + <row> + <entry>(permissions)</entry> + <entry>r</entry> + <entry>Read</entry> + </row> - <row> - <entry>(permissions)</entry> - <entry>w</entry> - <entry>Write</entry> - </row> + <row> + <entry>(permissions)</entry> + <entry>w</entry> + <entry>Write</entry> + </row> - <row> - <entry>(permissions)</entry> - <entry>x</entry> - <entry>Execute</entry> - </row> + <row> + <entry>(permissions)</entry> + <entry>x</entry> + <entry>Execute</entry> + </row> - <row> - <entry>(permissions)</entry> - <entry>t</entry> - <entry>Sticky bit</entry> - </row> + <row> + <entry>(permissions)</entry> + <entry>t</entry> + <entry>Sticky bit</entry> + </row> - <row> - <entry>(permissions)</entry> - <entry>s</entry> - <entry>Set UID or GID</entry> - </row> - </tbody> - </tgroup> - </informaltable> + <row> + <entry>(permissions)</entry> + <entry>s</entry> + <entry>Set UID or GID</entry> + </row> + </tbody> + </tgroup> + </informaltable> - <para>These values are used with the &man.chmod.1; command - just like before, but with letters. For an example, you could use - the following command to block other users from accessing - <replaceable>FILE</replaceable>:</para> - - <screen>&prompt.user; <userinput>chmod go= FILE</userinput></screen> - - <para>A comma separated list can be provided when more than one set - of changes to a file must be made. For example the following command - will remove the group and <quote>world</quote> write permission - on <replaceable>FILE</replaceable>, then it adds the execute - permissions for everyone:</para> + <para>These values are used with the &man.chmod.1; command + just like before, but with letters. For an example, you could + use the following command to block other users from accessing + <replaceable>FILE</replaceable>:</para> + + <screen>&prompt.user; <userinput>chmod go= FILE</userinput></screen> + + <para>A comma separated list can be provided when more than one + set of changes to a file must be made. For example the + following command will remove the group and + <quote>world</quote> write permission on + <replaceable>FILE</replaceable>, then it adds the execute + permissions for everyone:</para> - <screen>&prompt.user; <userinput>chmod go-w,a+x <replaceable>FILE</replaceable></userinput></screen> + <screen>&prompt.user; <userinput>chmod go-w,a+x <replaceable>FILE</replaceable></userinput></screen> <!-- - <para>Most users will not notice this, but it should be pointed out - that using the octal method will only set or assign permissions to - a file; it does not add or delete them.</para> + <para>Most users will not notice this, but it should be pointed + out that using the octal method will only set or assign + permissions to a file; it does not add or delete them.</para> --> </sect2> @@ -618,18 +657,19 @@ total 530 <title>&os; File Flags</title> <para>In addition to file permissions discussed previously, &os; - supports the use of <quote>file flags.</quote> These flags - add an additional level of security and control over files, but + supports the use of <quote>file flags.</quote> These flags add + an additional level of security and control over files, but not directories.</para> <para>These file flags add an additional level of control over files, helping to ensure that in some cases not even the <username>root</username> can remove or alter files.</para> - <para>File flags are altered by using the &man.chflags.1; utility, - using a simple interface. For example, to enable the system - undeletable flag on the file <filename>file1</filename>, - issue the following command:</para> + <para>File flags are altered by using the &man.chflags.1; + utility, using a simple interface. For example, to enable the + system undeletable flag on the file + <filename>file1</filename>, issue the following + command:</para> <screen>&prompt.root; <userinput>chflags sunlink <filename>file1</filename></userinput></screen> @@ -649,10 +689,10 @@ total 530 <programlisting>-rw-r--r-- 1 trhodes trhodes sunlnk 0 Mar 1 05:54 file1</programlisting> <para>Several flags may only added or removed to files by the - <username>root</username> user. In other cases, the file owner - may set these flags. It is recommended that administrators read - over the &man.chflags.1; and &man.chflags.2; manual pages for - more information.</para> + <username>root</username> user. In other cases, the file + owner may set these flags. It is recommended that + administrators read over the &man.chflags.1; and + &man.chflags.2; manual pages for more information.</para> </sect2> <sect2> @@ -666,7 +706,8 @@ total 530 </authorgroup> </sect2info> - <title>The <literal>setuid</literal>, <literal>setgid</literal>, and <literal>sticky</literal> Permissions</title> + <title>The <literal>setuid</literal>, <literal>setgid</literal>, + and <literal>sticky</literal> Permissions</title> <para>Other than the permissions already discussed, there are three other specific settings that all administrators should @@ -693,9 +734,9 @@ total 530 <para>The <literal>nosuid</literal> &man.mount.8; option will cause these binaries to silently fail. That is, they will fail to execute without ever alerting the user. That option - is also not completely reliable as a <literal>nosuid</literal> - wrapper may be able to circumvent it; according to the - &man.mount.8; manual page.</para> + is also not completely reliable as a + <literal>nosuid</literal> wrapper may be able to circumvent + it; according to the &man.mount.8; manual page.</para> </note> <para>The setuid permission may be set by prefixing a permission @@ -772,8 +813,8 @@ root 5211 0.0 0.2 3620 1724 2 that can strengthen the security of a system: the <literal>sticky bit</literal>.</para> - <para>The <literal>sticky bit</literal>, when set on a directory, - allows file deletion only by the file owner. This + <para>The <literal>sticky bit</literal>, when set on a + directory, allows file deletion only by the file owner. This permission set is useful to prevent file deletion in public directories, such as <filename class="directory">/tmp</filename>, by users who do @@ -797,6 +838,7 @@ root 5211 0.0 0.2 3620 1724 2 <sect1 id="dirstructure"> <title>Directory Structure</title> + <indexterm><primary>directory hierarchy</primary></indexterm> <para>The FreeBSD directory hierarchy is fundamental to obtaining @@ -805,23 +847,25 @@ root 5211 0.0 0.2 3620 1724 2 <quote>/</quote>. This directory is the first one mounted at boot time and it contains the base system necessary to prepare the operating system for multi-user operation. The root - directory also contains mount points for other file systems - that are mounted during the transition to multi-user + directory also contains mount points for other file systems that + are mounted during the transition to multi-user operation.</para> - <para>A mount point is a directory where additional file systems can - be grafted onto a parent file system (usually the root file system). - This is further described in <xref linkend="disk-organization"/>. - Standard mount points include - <filename>/usr</filename>, <filename>/var</filename>, <filename>/tmp</filename>, - <filename>/mnt</filename>, and <filename>/cdrom</filename>. These - directories are usually referenced to entries in the file - <filename>/etc/fstab</filename>. <filename>/etc/fstab</filename> is - a table of various file systems and mount points for reference by the - system. Most of the file systems in <filename>/etc/fstab</filename> - are mounted automatically at boot time from the script &man.rc.8; - unless they contain the <option>noauto</option> option. - Details can be found in <xref linkend="disks-fstab"/>.</para> + <para>A mount point is a directory where additional file systems + can be grafted onto a parent file system (usually the root file + system). This is further described in + <xref linkend="disk-organization"/>. Standard mount points + include <filename>/usr</filename>, <filename>/var</filename>, + <filename>/tmp</filename>, <filename>/mnt</filename>, and + <filename>/cdrom</filename>. These directories are usually + referenced to entries in the file + <filename>/etc/fstab</filename>. + <filename>/etc/fstab</filename> is a table of various file + systems and mount points for reference by the system. Most of + the file systems in <filename>/etc/fstab</filename> are mounted + automatically at boot time from the script &man.rc.8; unless + they contain the <option>noauto</option> option. Details can be + found in <xref linkend="disks-fstab"/>.</para> <para>A complete description of the file system hierarchy is available in &man.hier.7;. For now, a brief overview of the @@ -829,7 +873,7 @@ root 5211 0.0 0.2 3620 1724 2 <para> <informaltable frame="none" pgwide="1"> - <tgroup cols="2"> + <tgroup cols="2"> <thead> <row> <entry>Directory</entry> @@ -837,326 +881,366 @@ root 5211 0.0 0.2 3620 1724 2 </row> </thead> <tbody valign="top"> - <row> + <row> <entry><filename class="directory">/</filename></entry> <entry>Root directory of the file system.</entry> - </row> + </row> <row> - <entry><filename class="directory">/bin/</filename></entry> + <entry><filename + class="directory">/bin/</filename></entry> <entry>User utilities fundamental to both single-user - and multi-user environments.</entry> + and multi-user environments.</entry> </row> <row> - <entry><filename class="directory">/boot/</filename></entry> + <entry><filename + class="directory">/boot/</filename></entry> <entry>Programs and configuration files used during - operating system bootstrap.</entry> + operating system bootstrap.</entry> </row> <row> - <entry><filename class="directory">/boot/defaults/</filename></entry> + <entry><filename + class="directory">/boot/defaults/</filename></entry> <entry>Default bootstrapping configuration files; see - &man.loader.conf.5;.</entry> + &man.loader.conf.5;.</entry> </row> <row> - <entry><filename class="directory">/dev/</filename></entry> + <entry><filename + class="directory">/dev/</filename></entry> <entry>Device nodes; see &man.intro.4;.</entry> </row> <row> - <entry><filename class="directory">/etc/</filename></entry> + <entry><filename + class="directory">/etc/</filename></entry> <entry>System configuration files and scripts.</entry> </row> <row> - <entry><filename class="directory">/etc/defaults/</filename></entry> - <entry>Default system configuration files; see &man.rc.8;.</entry> + <entry><filename + class="directory">/etc/defaults/</filename></entry> + <entry>Default system configuration files; see + &man.rc.8;.</entry> </row> <row> - <entry><filename class="directory">/etc/mail/</filename></entry> - <entry>Configuration files for mail transport agents such - as &man.sendmail.8;.</entry> + <entry><filename + class="directory">/etc/mail/</filename></entry> + <entry>Configuration files for mail transport agents + such as &man.sendmail.8;.</entry> </row> <row> - <entry><filename class="directory">/etc/namedb/</filename></entry> + <entry><filename + class="directory">/etc/namedb/</filename></entry> <entry><command>named</command> configuration files; see - &man.named.8;.</entry> + &man.named.8;.</entry> </row> <row> - <entry><filename class="directory">/etc/periodic/</filename></entry> + <entry><filename + class="directory">/etc/periodic/</filename></entry> <entry>Scripts that are run daily, weekly, and monthly, via &man.cron.8;; see &man.periodic.8;.</entry> </row> *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201210290050.q9T0oL1S039633>