git: f267164260 - main - Remove trailing whitespaces from lines in various chapters.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 29 Jan 2022 14:27:10 UTC
The branch main has been updated by bcr:
URL: https://cgit.FreeBSD.org/doc/commit/?id=f267164260fc168cbc164765225e299938ac194d
commit f267164260fc168cbc164765225e299938ac194d
Author: Benedict Reuschling <bcr@FreeBSD.org>
AuthorDate: 2022-01-29 14:26:45 +0000
Commit: Benedict Reuschling <bcr@FreeBSD.org>
CommitDate: 2022-01-29 14:26:45 +0000
Remove trailing whitespaces from lines in various chapters.
---
.../content/en/books/handbook/firewalls/_index.adoc | 10 +++++-----
.../content/en/books/handbook/geom/_index.adoc | 6 +++---
.../content/en/books/handbook/mac/_index.adoc | 10 +++++-----
.../content/en/books/handbook/mail/_index.adoc | 8 ++++----
.../content/en/books/handbook/multimedia/_index.adoc | 2 +-
.../en/books/handbook/network-servers/_index.adoc | 18 +++++++++---------
.../content/en/books/handbook/ports/_index.adoc | 2 +-
.../content/en/books/handbook/printing/_index.adoc | 4 ++--
.../content/en/books/handbook/x11/_index.adoc | 4 ++--
9 files changed, 32 insertions(+), 32 deletions(-)
diff --git a/documentation/content/en/books/handbook/firewalls/_index.adoc b/documentation/content/en/books/handbook/firewalls/_index.adoc
index 82a644035e..ec3bc64543 100644
--- a/documentation/content/en/books/handbook/firewalls/_index.adoc
+++ b/documentation/content/en/books/handbook/firewalls/_index.adoc
@@ -93,7 +93,7 @@ For a good introduction, refer to http://www.ipprimer.com[Daryl's TCP/IP Primer]
A ruleset contains a group of rules which pass or block packets based on the values contained in the packet.
The bi-directional exchange of packets between hosts comprises a session conversation.
-The firewall ruleset processes both the packets arriving from the public Internet, as well as the packets produced by the system as a response to them.
+The firewall ruleset processes both the packets arriving from the public Internet, as well as the packets produced by the system as a response to them.
Each TCP/IP service is predefined by its protocol and listening port.
Packets destined for a specific service originate from the source address using an unprivileged port and target the specific service port on the destination address.
All the above parameters can be used as selection criteria to create rules which will pass or block services.
@@ -488,7 +488,7 @@ Note the `quick` keyword in this rule.
Since the ruleset consists of several rules, it is important to understand the relationships between the rules in a ruleset.
Rules are evaluated from top to bottom, in the sequence they are written.
For each packet or connection evaluated by PF, _the last matching rule_ in the ruleset is the one which is applied.
-However, when a packet matches a rule which contains the `quick` keyword, the rule processing stops and the packet is treated according to that rule.
+However, when a packet matches a rule which contains the `quick` keyword, the rule processing stops and the packet is treated according to that rule.
This is very useful when an exception to the general rules is needed.
[[pftut-ftp]]
@@ -715,7 +715,7 @@ This is indicative of a brute force attack where somebody or some program is try
If external SSH access is needed for legitimate users, changing the default port used by SSH can offer some protection.
However, PF provides a more elegant solution.
-Pass rules can contain limits on what connecting hosts can do and violators can be banished to a table of addresses which are denied some or all access.
+Pass rules can contain limits on what connecting hosts can do and violators can be banished to a table of addresses which are denied some or all access.
It is even possible to drop all existing connections from machines which overreach the limits.
To configure this, create this table in the tables section of the ruleset:
@@ -1400,7 +1400,7 @@ $cmd 00999 deny log all from any to any
[[in-kernel-nat]]
=== In-kernel NAT
-FreeBSD's IPFW firewall has two implementations of NAT: the userland implementation man:natd[8], and the more recent in-kernel NAT implementation.
+FreeBSD's IPFW firewall has two implementations of NAT: the userland implementation man:natd[8], and the more recent in-kernel NAT implementation.
Both work in conjunction with IPFW to provide network address translation.
This can be used to provide an Internet Connection Sharing solution so that several internal computers can connect to the Internet using a single public IP address.
@@ -2320,7 +2320,7 @@ To turn verbose mode on and display information relating to rule processing and
=== Viewing IPF Statistics
-IPF includes man:ipfstat[8] which can be used to retrieve and display statistics which are gathered as packets match rules as they go through the firewall.
+IPF includes man:ipfstat[8] which can be used to retrieve and display statistics which are gathered as packets match rules as they go through the firewall.
Statistics are accumulated since the firewall was last started or since the last time they were reset to zero using `ipf -Z`.
The default `ipfstat` output looks like this:
diff --git a/documentation/content/en/books/handbook/geom/_index.adoc b/documentation/content/en/books/handbook/geom/_index.adoc
index d0667b683f..b220487080 100644
--- a/documentation/content/en/books/handbook/geom/_index.adoc
+++ b/documentation/content/en/books/handbook/geom/_index.adoc
@@ -247,7 +247,7 @@ Create the mirror with the two new drives:
After the mirror has been started, this device name appears in [.filename]#/dev/mirror/#.
MBR and bsdlabel partition tables can now be created on the mirror with man:gpart[8].
-This example uses a traditional file system layout, with partitions for [.filename]#/#, swap, [.filename]#/var#, [.filename]#/tmp#, and [.filename]#/usr#.
+This example uses a traditional file system layout, with partitions for [.filename]#/#, swap, [.filename]#/var#, [.filename]#/tmp#, and [.filename]#/usr#.
A single [.filename]#/# and a swap partition will also work.
Partitions on the mirror do not have to be the same size as those on the existing disk, but they must be large enough to hold all the data already present on [.filename]#ada0#.
@@ -555,7 +555,7 @@ Each file system dumped with `dump -L` will create a snapshot first, which can t
....
Restart the system, booting from [.filename]#ada1#.
-If everything is working, the system will boot from [.filename]#mirror/gm0#, which now contains the same data as [.filename]#ada0# had previously.
+If everything is working, the system will boot from [.filename]#mirror/gm0#, which now contains the same data as [.filename]#ada0# had previously.
See <<gmirror-troubleshooting>> if there are problems booting.
At this point, the mirror still consists of only the single [.filename]#ada1# disk.
@@ -1297,7 +1297,7 @@ For instance, if [.filename]#ad4s1# and [.filename]#ad4s2# are both slices, then
Journaling may also be enabled on current file systems by using `tunefs`.
However, _always_ make a backup before attempting to alter an existing file system.
-In most cases, `gjournal` will fail if it is unable to create the journal, but this does not protect against data loss incurred as a result of misusing `tunefs`.
+In most cases, `gjournal` will fail if it is unable to create the journal, but this does not protect against data loss incurred as a result of misusing `tunefs`.
Refer to man:gjournal[8] and man:tunefs[8] for more information about these commands.
It is possible to journal the boot disk of a FreeBSD system.
diff --git a/documentation/content/en/books/handbook/mac/_index.adoc b/documentation/content/en/books/handbook/mac/_index.adoc
index b6630ab398..431f01a1f6 100644
--- a/documentation/content/en/books/handbook/mac/_index.adoc
+++ b/documentation/content/en/books/handbook/mac/_index.adoc
@@ -52,7 +52,7 @@ endif::[]
== Synopsis
FreeBSD supports security extensions based on the POSIX(R).1e draft.
-These security mechanisms include file system Access Control Lists (crossref:security[fs-acl,“Access Control Lists”]) and Mandatory Access Control (MAC).
+These security mechanisms include file system Access Control Lists (crossref:security[fs-acl,“Access Control Lists”]) and Mandatory Access Control (MAC).
MAC allows access control modules to be loaded in order to implement security policies.
Some modules provide protections for a narrow subset of the system, hardening a particular service.
Others provide comprehensive labeled security across all subjects and objects.
@@ -133,7 +133,7 @@ Basic control over objects will then be released to the group, but `root` may re
When appropriate, a multi label policy can be set on a UFS file system by passing `multilabel` to man:tunefs[8].
A multi label policy permits each subject or object to have its own independent MAC label.
-The decision to use a multi label or single label policy is only required for policies which implement the labeling feature, such as `biba`, `lomac`, and `mls`.
+The decision to use a multi label or single label policy is only required for policies which implement the labeling feature, such as `biba`, `lomac`, and `mls`.
Some policies, such as `seeotheruids`, `portacl` and `partition`, do not use labels at all.
Using a multi label policy on a partition and establishing a multi label security model can increase administrative overhead as everything in that file system has a label.
@@ -208,7 +208,7 @@ Refer to the manual page of the module to determine the traits of the generic la
=== Numeric Labels
The Biba and MLS policy modules support a numeric label which may be set to indicate the precise level of hierarchical control.
-This numeric level is used to partition or sort information into different groups of classification, only permitting access to that group or a higher group level.
+This numeric level is used to partition or sort information into different groups of classification, only permitting access to that group or a higher group level.
For example:
[.programlisting]
@@ -553,7 +553,7 @@ Boot option: `mac_mls_load="YES"`
The man:mac_mls[4] policy controls access between subjects and objects in the system by enforcing a strict information flow policy.
In MLS environments, a "clearance" level is set in the label of each subject or object, along with compartments.
-Since these clearance levels can reach numbers greater than several thousand, it would be a daunting task to thoroughly configure every subject or object.
+Since these clearance levels can reach numbers greater than several thousand, it would be a daunting task to thoroughly configure every subject or object.
To ease this administrative overhead, three labels are included in this policy: `mls/low`, `mls/equal`, and `mls/high`, where:
* Anything labeled with `mls/low` will have a low clearance level and not be permitted to access information of a higher level. This label also prevents objects of a higher clearance level from writing or passing information to a lower level.
@@ -595,7 +595,7 @@ The default `block read up block write down` sets everything to a low state.
Everything is accessible and an administrator slowly augments the confidentiality of the information.
Beyond the three basic label options, an administrator may group users and groups as required to block the information flow between them.
-It might be easier to look at the information in clearance levels using descriptive words, such as classifications of `Confidential`, `Secret`, and `Top Secret`.
+It might be easier to look at the information in clearance levels using descriptive words, such as classifications of `Confidential`, `Secret`, and `Top Secret`.
Some administrators instead create different groups based on project levels.
Regardless of the classification method, a well thought out plan must exist before implementing a restrictive policy.
diff --git a/documentation/content/en/books/handbook/mail/_index.adoc b/documentation/content/en/books/handbook/mail/_index.adoc
index 7632825a6c..565e546b12 100644
--- a/documentation/content/en/books/handbook/mail/_index.adoc
+++ b/documentation/content/en/books/handbook/mail/_index.adoc
@@ -117,7 +117,7 @@ To secure the transmission of information across these protocols, consider tunne
Domain Name System (DNS)::
The Domain Name System (DNS) and its daemon `named` play a large role in the delivery of email.
-In order to deliver mail from one site to another, the MTA will look up the remote site in DNS to determine which host will receive mail for the destination.
+In order to deliver mail from one site to another, the MTA will look up the remote site in DNS to determine which host will receive mail for the destination.
This process also occurs when mail is sent from a remote host to the MTA.
+
In addition to mapping hostnames to IP addresses, DNS is responsible for storing information specific to mail delivery, known as Mail eXchanger MX records.
@@ -137,7 +137,7 @@ Refer to crossref:network-servers[network-dns,"Domain Name System (DNS)"] for mo
[[sendmail]]
== Sendmail Configuration Files
-Sendmail is the default MTA installed with FreeBSD. It accepts mail from MUAs and delivers it to the appropriate mail host, as defined by its configuration.
+Sendmail is the default MTA installed with FreeBSD. It accepts mail from MUAs and delivers it to the appropriate mail host, as defined by its configuration.
Sendmail can also accept network connections and deliver mail to local mailboxes or to another program.
The configuration files for Sendmail are located in [.filename]#/etc/mail#.
@@ -212,7 +212,7 @@ Whenever this file is updated, run `newaliases` to update and initialize the ali
[.filename]#/etc/mail/sendmail.cf#::
This is the master configuration file for Sendmail.
-It controls the overall behavior of Sendmail, including everything from rewriting email addresses to printing rejection messages to remote mail servers.
+It controls the overall behavior of Sendmail, including everything from rewriting email addresses to printing rejection messages to remote mail servers.
Accordingly, this configuration file is quite complex.
Fortunately, this file rarely needs to be changed for standard mail servers.
+
@@ -315,7 +315,7 @@ More information on Sendmail's startup options is available in man:rc.sendmail[8
=== Replace the Default MTA
-When a new MTA is installed using the Ports Collection, its startup script is also installed and startup instructions are mentioned in its package message.
+When a new MTA is installed using the Ports Collection, its startup script is also installed and startup instructions are mentioned in its package message.
Before starting the new MTA, stop the running Sendmail processes.
This example stops all of these services, then starts the Postfix service:
diff --git a/documentation/content/en/books/handbook/multimedia/_index.adoc b/documentation/content/en/books/handbook/multimedia/_index.adoc
index 5a8330276c..37d7669dc8 100644
--- a/documentation/content/en/books/handbook/multimedia/_index.adoc
+++ b/documentation/content/en/books/handbook/multimedia/_index.adoc
@@ -52,7 +52,7 @@ endif::[]
== Synopsis
FreeBSD supports a wide variety of sound cards, allowing users to enjoy high fidelity output from a FreeBSD system.
-This includes the ability to record and play back audio in the MPEG Audio Layer 3 (`MP3`), Waveform Audio File (`WAV`), Ogg Vorbis, and other formats.
+This includes the ability to record and play back audio in the MPEG Audio Layer 3 (`MP3`), Waveform Audio File (`WAV`), Ogg Vorbis, and other formats.
The FreeBSD Ports Collection contains many applications for editing recorded audio, adding sound effects, and controlling attached MIDI devices.
FreeBSD also supports the playback of video files and ``DVD``s.
diff --git a/documentation/content/en/books/handbook/network-servers/_index.adoc b/documentation/content/en/books/handbook/network-servers/_index.adoc
index a028dfa190..4635cdab78 100644
--- a/documentation/content/en/books/handbook/network-servers/_index.adoc
+++ b/documentation/content/en/books/handbook/network-servers/_index.adoc
@@ -574,7 +574,7 @@ There are three types of hosts in an NIS environment:
* NIS master server
+
-This server acts as a central repository for host configuration information and maintains the authoritative copy of the files used by all of the NIS clients.
+This server acts as a central repository for host configuration information and maintains the authoritative copy of the files used by all of the NIS clients.
The [.filename]#passwd#, [.filename]#group#, and other various files used by NIS clients are stored on the master server.
While it is possible for one machine to be an NIS master server for more than one NIS domain, this type of configuration will not be covered in this chapter as it assumes a relatively small-scale NIS environment.
* NIS slave servers
@@ -915,7 +915,7 @@ After completing these steps, running `ypcat passwd` on the client should show t
=== NIS Security
Since RPC is a broadcast-based service, any system running ypbind within the same domain can retrieve the contents of the NIS maps.
-To prevent unauthorized transactions, man:ypserv[8] supports a feature called "securenets" which can be used to restrict access to a given set of hosts.
+To prevent unauthorized transactions, man:ypserv[8] supports a feature called "securenets" which can be used to restrict access to a given set of hosts.
By default, this information is stored in [.filename]#/var/yp/securenets#, unless man:ypserv[8] is started with `-p` and an alternate path.
This file contains entries that consist of a network specification and a network mask separated by white space.
Lines starting with `#` are considered to be comments.
@@ -943,7 +943,7 @@ While either access control mechanism adds some security, they are both vulnerab
All NIS-related traffic should be blocked at the firewall.
Servers using [.filename]#securenets# may fail to serve legitimate NIS clients with archaic TCP/IP implementations.
-Some of these implementations set all host bits to zero when doing broadcasts or fail to observe the subnet mask when calculating the broadcast address.
+Some of these implementations set all host bits to zero when doing broadcasts or fail to observe the subnet mask when calculating the broadcast address.
While some of these problems can be fixed by changing the client configuration, other problems may force the retirement of these client systems or the abandonment of [.filename]#securenets#.
The use of TCP Wrapper increases the latency of the NIS server.
@@ -2509,7 +2509,7 @@ The most common settings are `security = share` and `security = user`.
If the clients use usernames that are the same as their usernames on the FreeBSD machine, user level security should be used.
This is the default security policy and it requires clients to first log on before they can access shared resources.
+
-In share level security, clients do not need to log onto the server with a valid username and password before attempting to connect to a shared resource.
+In share level security, clients do not need to log onto the server with a valid username and password before attempting to connect to a shared resource.
This was the default security model for older versions of Samba.
`passdb backend`::
@@ -2639,7 +2639,7 @@ The descriptions below provide a quick overview of just the keywords used in the
By default, an NTP server is accessible to any network host.
The `restrict` keyword controls which systems can access the server.
Multiple `restrict` entries are supported, each one refining the restrictions given in previous statements.
-The values shown in the example grant the local system full query and control access, while allowing remote systems only the ability to query the time.
+The values shown in the example grant the local system full query and control access, while allowing remote systems only the ability to query the time.
For more details, refer to the `Access Control Support` subsection of man:ntp.conf[5].
The `server` keyword specifies a single server to query.
@@ -2673,7 +2673,7 @@ Set `ntpd_oomprotect=YES` to protect the ntpd daemon from being killed by the sy
Set `ntpd_config=` to the location of an alternate [.filename]#ntp.conf# file.
-Set `ntpd_flags=` to contain any other ntpd flags as needed, but avoid using these flags which are managed internally by [.filename]#/etc/rc.d/ntpd#:
+Set `ntpd_flags=` to contain any other ntpd flags as needed, but avoid using these flags which are managed internally by [.filename]#/etc/rc.d/ntpd#:
* `-p` (pid file location)
* `-c` (set `ntpd_config=` instead)
@@ -2687,7 +2687,7 @@ The [.filename]#/etc/rc.d/ntpd# startup script first examines the NTP configurat
If possible, it loads the `mac_ntpd` module, then starts ntpd as unpriveleged user `ntpd` (user id 123).
To avoid problems with file and directory access, the startup script will not automatically start ntpd as `ntpd` when the configuration contains any file-related options.
-The presence of any of the following in `ntpd_flags` requires manual configuration as described below to run as the `ntpd` user:
+The presence of any of the following in `ntpd_flags` requires manual configuration as described below to run as the `ntpd` user:
* -f or --driftfile
* -i or --jaildir
@@ -2695,7 +2695,7 @@ The presence of any of the following in `ntpd_flags` requires manual configurati
* -l or --logfile
* -s or --statsdir
-The presence of any of the following keywords in [.filename]#ntp.conf# requires manual configuration as described below to run as the `ntpd` user:
+The presence of any of the following keywords in [.filename]#ntp.conf# requires manual configuration as described below to run as the `ntpd` user:
* crypto
* driftfile
@@ -2703,7 +2703,7 @@ The presence of any of the following keywords in [.filename]#ntp.conf# requires
* logdir
* statsdir
-To manually configure ntpd to run as user `ntpd` you must:
+To manually configure ntpd to run as user `ntpd` you must:
* Ensure that the `ntpd` user has access to all the files and directories specified in the configuration.
* Arrange for the `mac_ntpd` module to be loaded or compiled into the kernel. See man:mac_ntpd[4] for details.
diff --git a/documentation/content/en/books/handbook/ports/_index.adoc b/documentation/content/en/books/handbook/ports/_index.adoc
index 074257d4e5..cfe881e847 100644
--- a/documentation/content/en/books/handbook/ports/_index.adoc
+++ b/documentation/content/en/books/handbook/ports/_index.adoc
@@ -201,7 +201,7 @@ Info: Lists information about open files (similar to fstat(1))
Maint: ler@lerctr.org
Index: sysutils
B-deps:
-R-deps:
+R-deps:
....
+
[TIP]
diff --git a/documentation/content/en/books/handbook/printing/_index.adoc b/documentation/content/en/books/handbook/printing/_index.adoc
index 72fdf4f276..e8b92039c5 100644
--- a/documentation/content/en/books/handbook/printing/_index.adoc
+++ b/documentation/content/en/books/handbook/printing/_index.adoc
@@ -185,7 +185,7 @@ Network::
Network printers are connected directly to the local computer network.
+
The `DNS` hostname of the printer must be known.
-If the printer is assigned a dynamic address by `DHCP`, `DNS` should be dynamically updated so that the host name always has the correct `IP` address.
+If the printer is assigned a dynamic address by `DHCP`, `DNS` should be dynamically updated so that the host name always has the correct `IP` address.
Network printers are often given static `IP` addresses to avoid this problem.
+
Most network printers understand print jobs sent with the LPD protocol.
@@ -858,7 +858,7 @@ These pages are also sometimes called _banner_ or _separator_ pages.
Enabling header pages differs depending on whether the printer is connected directly to the computer with a `USB`, parallel, or serial cable, or is connected remotely over a network.
-Header pages on directly-connected printers are enabled by removing the `:sh:\` (Suppress Header) line from the entry in [.filename]#/etc/printcap#.
+Header pages on directly-connected printers are enabled by removing the `:sh:\` (Suppress Header) line from the entry in [.filename]#/etc/printcap#.
These header pages only use line feed characters for new lines.
Some printers will need the [.filename]#/usr/share/examples/printing/hpif# filter to prevent stairstepped text.
The filter configures `PCL` printers to print both carriage returns and line feeds when a line feed is received.
diff --git a/documentation/content/en/books/handbook/x11/_index.adoc b/documentation/content/en/books/handbook/x11/_index.adoc
index cda692d10a..0776bda76b 100644
--- a/documentation/content/en/books/handbook/x11/_index.adoc
+++ b/documentation/content/en/books/handbook/x11/_index.adoc
@@ -1170,7 +1170,7 @@ Once KDE Plasma is started, refer to its built-in help system for more informati
Xfce is a desktop environment based on the GTK+ toolkit used by GNOME.
However, it is more lightweight and provides a simple, efficient, easy-to-use desktop.
-It is fully configurable, has a main panel with menus, applets, and application launchers, provides a file manager and sound manager, and is themeable.
+It is fully configurable, has a main panel with menus, applets, and application launchers, provides a file manager and sound manager, and is themeable.
Since it is fast, light, and efficient, it is ideal for older or slower machines with memory limitations.
More information on Xfce can be found at http://www.xfce.org/[http://www.xfce.org].
@@ -1552,7 +1552,7 @@ This section assumes a bit of advanced configuration knowledge.
If attempts to use the standard configuration tools above have not resulted in a working configuration, there is information enough in the log files to be of use in getting the setup working.
Use of a text editor will be necessary.
-Current widescreen (WSXGA, WSXGA+, WUXGA, WXGA, WXGA+, et.al.) formats support 16:10 and 10:9 formats or aspect ratios that can be problematic.
+Current widescreen (WSXGA, WSXGA+, WUXGA, WXGA, WXGA+, et.al.) formats support 16:10 and 10:9 formats or aspect ratios that can be problematic.
Examples of some common screen resolutions for 16:10 aspect ratios are:
* 2560x1600