svn commit: r40744 - head/en_US.ISO8859-1/books/handbook/network-servers
Dru Lavigne
dru at FreeBSD.org
Fri Jan 25 00:30:28 UTC 2013
Author: dru
Date: Fri Jan 25 00:30:28 2013
New Revision: 40744
URL: http://svnweb.freebsd.org/changeset/doc/40744
Log:
White space fix only. Translators can ignore.
Approved by: gjb (mentor)
Modified:
head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Fri Jan 25 00:26:46 2013 (r40743)
+++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Fri Jan 25 00:30:28 2013 (r40744)
@@ -340,22 +340,27 @@ server-program-arguments</programlisting
<entry>tcp, tcp4</entry>
<entry>TCP IPv4</entry>
</row>
+
<row>
<entry>udp, udp4</entry>
<entry>UDP IPv4</entry>
</row>
+
<row>
<entry>tcp6</entry>
<entry>TCP IPv6</entry>
</row>
+
<row>
<entry>udp6</entry>
<entry>UDP IPv6</entry>
</row>
+
<row>
<entry>tcp46</entry>
<entry>Both TCP IPv4 and v6</entry>
</row>
+
<row>
<entry>udp46</entry>
<entry>Both UDP IPv4 and v6</entry>
@@ -635,12 +640,14 @@ server-program-arguments</programlisting
requests from the <acronym>NFS</acronym>
clients.</entry>
</row>
+
<row>
<entry><application>mountd</application></entry>
<entry>The <acronym>NFS</acronym> mount daemon which
carries out the requests that &man.nfsd.8; passes on
to it.</entry>
</row>
+
<row>
<entry><application>rpcbind</application></entry>
<entry> This daemon allows
@@ -662,6 +669,7 @@ server-program-arguments</programlisting
<sect2 id="network-configuring-nfs">
<title>Configuring <acronym>NFS</acronym></title>
+
<indexterm>
<primary>NFS</primary>
<secondary>configuration</secondary>
@@ -799,8 +807,8 @@ mountd_flags="-r"</programlisting>
<screen>&prompt.root; <userinput>/etc/rc.d/mountd onereload</userinput></screen>
- <para>Please refer to <xref linkend="configtuning-rcd"/> for more
- information about using rc scripts.</para>
+ <para>Please refer to <xref linkend="configtuning-rcd"/> for
+ more information about using rc scripts.</para>
<para>Alternatively, a reboot will make FreeBSD set everything
up properly. A reboot is not necessary though.
@@ -1155,6 +1163,7 @@ Exports list on foobar:
<sect2>
<title>What Is It?</title>
+
<indexterm><primary>NIS</primary></indexterm>
<indexterm><primary>Solaris</primary></indexterm>
<indexterm><primary>HP-UX</primary></indexterm>
@@ -1218,8 +1227,8 @@ Exports list on foobar:
<informaltable frame="none" pgwide="1">
<tgroup cols="2">
- <colspec colwidth="1*"/>
- <colspec colwidth="3*"/>
+ <colspec colwidth="1*"/>
+ <colspec colwidth="3*"/>
<thead>
<row>
@@ -1237,6 +1246,7 @@ Exports list on foobar:
domainname does not have anything to do with
<acronym>DNS</acronym>.</entry>
</row>
+
<row>
<entry><application>rpcbind</application></entry>
@@ -1247,6 +1257,7 @@ Exports list on foobar:
will be impossible to run an NIS server, or to act as
an NIS client.</entry>
</row>
+
<row>
<entry><application>ypbind</application></entry>
@@ -1259,6 +1270,7 @@ Exports list on foobar:
on a client machine, it will not be able to access the
NIS server.</entry>
</row>
+
<row>
<entry><application>ypserv</application></entry>
<entry>Should only be running on NIS servers; this is
@@ -1274,6 +1286,7 @@ Exports list on foobar:
<application>ypbind</application> process on the
client.</entry>
</row>
+
<row>
<entry><application>rpc.yppasswdd</application></entry>
<entry>Another process that should only be running on
@@ -1404,21 +1417,25 @@ Exports list on foobar:
<entry><hostid role="ipaddr">10.0.0.2</hostid></entry>
<entry>NIS master</entry>
</row>
+
<row>
<entry><hostid>coltrane</hostid></entry>
<entry><hostid role="ipaddr">10.0.0.3</hostid></entry>
<entry>NIS slave</entry>
</row>
+
<row>
<entry><hostid>basie</hostid></entry>
<entry><hostid role="ipaddr">10.0.0.4</hostid></entry>
<entry>Faculty workstation</entry>
</row>
+
<row>
<entry><hostid>bird</hostid></entry>
<entry><hostid role="ipaddr">10.0.0.5</hostid></entry>
<entry>Client machine</entry>
</row>
+
<row>
<entry><hostid>cli[1-11]</hostid></entry>
<entry>
@@ -1517,6 +1534,7 @@ Exports list on foobar:
<sect4>
<title>Setting Up a NIS Master Server</title>
+
<indexterm>
<primary>NIS</primary>
<secondary>server configuration</secondary>
@@ -1531,18 +1549,23 @@ Exports list on foobar:
<procedure>
<step>
<para><programlisting>nisdomainname="test-domain"</programlisting>
+
This line will set the NIS domainname to
<literal>test-domain</literal>
upon network setup (e.g., after reboot).</para>
</step>
+
<step>
<para><programlisting>nis_server_enable="YES"</programlisting>
+
This will tell FreeBSD to start up the NIS server
processes when the networking is next brought
up.</para>
</step>
+
<step>
<para><programlisting>nis_yppasswdd_enable="YES"</programlisting>
+
This will enable the <command>rpc.yppasswdd</command>
daemon which, as mentioned above, will allow users to
change their NIS password from a client
@@ -1570,6 +1593,7 @@ Exports list on foobar:
<sect4>
<title>Initializing the NIS Maps</title>
+
<indexterm>
<primary>NIS</primary>
<secondary>maps</secondary>
@@ -1661,6 +1685,7 @@ ellington has been setup as an YP master
<sect4>
<title>Setting up a NIS Slave Server</title>
+
<indexterm>
<primary>NIS</primary>
<secondary>slave server</secondary>
@@ -1785,9 +1810,11 @@ Don't forget to update map ypservers on
another server.</para>
<sect4>
- <title>Setting Up a NIS Client</title> <indexterm>
+ <title>Setting Up a NIS Client</title>
+
+ <indexterm>
<primary>NIS</primary> <secondary>client
- configuration</secondary>
+ configuration</secondary>
</indexterm> <para>Setting up a FreeBSD machine to be a NIS
client is fairly straightforward.</para>
@@ -2006,6 +2033,7 @@ basie&prompt.root;</screen>
</sect2info>
<title>Using Netgroups</title>
+
<indexterm><primary>netgroups</primary></indexterm>
<para>The method shown in the previous section works reasonably
@@ -2097,6 +2125,7 @@ basie&prompt.root;</screen>
employees are allowed to log onto these
machines.</entry>
</row>
+
<row>
<!-- gluttony was omitted because it was too fat -->
<entry><hostid>pride</hostid>, <hostid>greed</hostid>,
@@ -2106,6 +2135,7 @@ basie&prompt.root;</screen>
department are allowed to login onto these
machines.</entry>
</row>
+
<row>
<entry><hostid>one</hostid>, <hostid>two</hostid>,
<hostid>three</hostid>, <hostid>four</hostid>,
@@ -2509,6 +2539,7 @@ nis_client_flags="-S <replaceable>NIS do
<sect2>
<title>Password Formats</title>
+
<indexterm>
<primary>NIS</primary>
<secondary>password formats</secondary>
@@ -2585,6 +2616,7 @@ nis_client_flags="-S <replaceable>NIS do
<sect2>
<title>What Is DHCP?</title>
+
<indexterm>
<primary>Dynamic Host Configuration Protocol</primary>
<see>DHCP</see>
@@ -2619,6 +2651,7 @@ nis_client_flags="-S <replaceable>NIS do
<sect2>
<title>How It Works</title>
+
<indexterm><primary>UDP</primary></indexterm>
<para>When <command>dhclient</command>, the DHCP client, is
executed on the client machine, it begins broadcasting
@@ -2644,12 +2677,14 @@ nis_client_flags="-S <replaceable>NIS do
<command>dhclient</command>. DHCP client support is provided
within both the installer and the base system, obviating the
need for detailed knowledge of network configurations on any
- network that runs a DHCP server.</para> <indexterm>
- <primary><application>sysinstall</application></primary>
- </indexterm>
+ network that runs a DHCP server.</para>
+
+ <indexterm>
+ <primary><application>sysinstall</application></primary>
+ </indexterm>
- <para>DHCP is supported by
- <application>sysinstall</application>. When configuring a
+ <para>DHCP is supported by
+ <application>sysinstall</application>. When configuring a
network interface within
<application>sysinstall</application>, the second question
asked is: <quote>Do you want to try DHCP configuration of
@@ -2745,132 +2780,135 @@ dhclient_flags=""</programlisting>
role="package">net/isc-dhcp42-server</filename> port in
the ports collection. This port contains the ISC DHCP
server and documentation.</para>
- </sect2>
+ </sect2>
- <sect2>
- <title>Files</title>
- <indexterm>
- <primary>DHCP</primary>
- <secondary>configuration files</secondary>
- </indexterm>
- <itemizedlist>
- <listitem>
- <para><filename>/etc/dhclient.conf</filename></para>
- <para><command>dhclient</command> requires a configuration
- file, <filename>/etc/dhclient.conf</filename>. Typically
- the file contains only comments, the defaults being
- reasonably sane. This configuration file is described by
- the &man.dhclient.conf.5;
- manual page.</para>
- </listitem>
+ <sect2>
+ <title>Files</title>
- <listitem>
- <para><filename>/sbin/dhclient</filename></para>
- <para><command>dhclient</command> is statically linked and
- resides in <filename>/sbin</filename>. The
- &man.dhclient.8; manual page gives more information about
- <command>dhclient</command>.</para>
- </listitem>
+ <indexterm>
+ <primary>DHCP</primary>
+ <secondary>configuration files</secondary>
+ </indexterm>
+ <itemizedlist>
+ <listitem>
+ <para><filename>/etc/dhclient.conf</filename></para>
+ <para><command>dhclient</command> requires a configuration
+ file, <filename>/etc/dhclient.conf</filename>.
+ Typically the file contains only comments, the defaults
+ being reasonably sane. This configuration file is
+ described by the &man.dhclient.conf.5; manual
+ page.</para>
+ </listitem>
- <listitem>
- <para><filename>/sbin/dhclient-script</filename></para>
- <para><command>dhclient-script</command> is the
- FreeBSD-specific DHCP client configuration script. It is
- described in &man.dhclient-script.8;, but should not need
- any user modification to function properly.</para>
- </listitem>
+ <listitem>
+ <para><filename>/sbin/dhclient</filename></para>
+ <para><command>dhclient</command> is statically linked and
+ resides in <filename>/sbin</filename>. The
+ &man.dhclient.8; manual page gives more information
+ about <command>dhclient</command>.</para>
+ </listitem>
- <listitem>
- <para><filename>/var/db/dhclient.leases.<replaceable>interface</replaceable></filename></para>
- <para>The DHCP client keeps a database of valid leases in
- this file, which is written as a log.
- &man.dhclient.leases.5; gives a slightly longer
- description.</para>
- </listitem>
- </itemizedlist>
- </sect2>
+ <listitem>
+ <para><filename>/sbin/dhclient-script</filename></para>
+ <para><command>dhclient-script</command> is the
+ FreeBSD-specific DHCP client configuration script. It
+ is described in &man.dhclient-script.8;, but should not
+ need any user modification to function properly.</para>
+ </listitem>
- <sect2>
- <title>Further Reading</title>
+ <listitem>
+ <para><filename>/var/db/dhclient.leases.<replaceable>interface</replaceable></filename></para>
+ <para>The DHCP client keeps a database of valid leases
+ in this file, which is written as a log.
+ &man.dhclient.leases.5; gives a slightly longer
+ description.</para>
+ </listitem>
+ </itemizedlist>
+ </sect2>
- <para>The DHCP protocol is fully described in <ulink
- url="http://www.freesoft.org/CIE/RFC/2131/">RFC
- 2131</ulink>. An informational resource has also been set up
- at <ulink url="http://www.dhcp.org/"></ulink>.</para>
- </sect2>
+ <sect2>
+ <title>Further Reading</title>
- <sect2 id="network-dhcp-server">
- <title>Installing and Configuring a DHCP Server</title>
+ <para>The DHCP protocol is fully described in <ulink
+ url="http://www.freesoft.org/CIE/RFC/2131/">RFC
+ 2131</ulink>. An informational resource has also been set
+ up at <ulink url="http://www.dhcp.org/"></ulink>.</para>
+ </sect2>
+
+ <sect2 id="network-dhcp-server">
+ <title>Installing and Configuring a DHCP Server</title>
+
+ <sect3>
+ <title>What This Section Covers</title>
+
+ <para>This section provides information on how to configure
+ a FreeBSD system to act as a DHCP server using the ISC
+ (Internet Systems Consortium) implementation of the DHCP
+ server.</para>
- <sect3>
- <title>What This Section Covers</title>
+ <para>The server is not provided as part of FreeBSD, and so
+ you will need to install the <filename
+ role="package">net/isc-dhcp42-server</filename> port to
+ provide this service. See <xref linkend="ports"/> for
+ more information on using the Ports Collection.</para>
+ </sect3>
- <para>This section provides information on how to configure
- a FreeBSD system to act as a DHCP server using the ISC
- (Internet Systems Consortium) implementation of the DHCP
- server.</para>
-
- <para>The server is not provided as part of FreeBSD, and so
- you will need to install the <filename
- role="package">net/isc-dhcp42-server</filename> port to
- provide this service. See <xref linkend="ports"/> for
- more information on using the Ports Collection.</para>
- </sect3>
+ <sect3>
+ <title>DHCP Server Installation</title>
- <sect3>
- <title>DHCP Server Installation</title>
- <indexterm>
- <primary>DHCP</primary>
- <secondary>installation</secondary>
- </indexterm>
- <para>In order to configure your FreeBSD system as a DHCP
- server, you will need to ensure that the &man.bpf.4;
- device is compiled into your kernel. To do this, add
- <literal>device bpf</literal> to your kernel
- configuration file, and rebuild the kernel. For more
- information about building kernels, see <xref
- linkend="kernelconfig"/>.</para>
-
- <para>The <devicename>bpf</devicename> device is already
- part of the <filename>GENERIC</filename> kernel that is
- supplied with FreeBSD, so you do not need to create a
- custom kernel in order to get DHCP working.</para>
+ <indexterm>
+ <primary>DHCP</primary>
+ <secondary>installation</secondary>
+ </indexterm>
+ <para>In order to configure your FreeBSD system as a DHCP
+ server, you will need to ensure that the &man.bpf.4;
+ device is compiled into your kernel. To do this, add
+ <literal>device bpf</literal> to your kernel
+ configuration file, and rebuild the kernel. For more
+ information about building kernels, see <xref
+ linkend="kernelconfig"/>.</para>
+
+ <para>The <devicename>bpf</devicename> device is already
+ part of the <filename>GENERIC</filename> kernel that is
+ supplied with FreeBSD, so you do not need to create a
+ custom kernel in order to get DHCP working.</para>
- <note>
- <para>Those who are particularly security conscious
- should note that <devicename>bpf</devicename> is also
- the device that allows packet sniffers to work
- correctly (although such programs still need
- privileged access). <devicename>bpf</devicename>
- <emphasis>is</emphasis> required to use DHCP, but if
- you are very sensitive about security, you probably
- should not include <devicename>bpf</devicename> in
- your kernel purely because you expect to use DHCP at
- some point in the future.</para>
- </note>
+ <note>
+ <para>Those who are particularly security conscious
+ should note that <devicename>bpf</devicename> is also
+ the device that allows packet sniffers to work
+ correctly (although such programs still need
+ privileged access). <devicename>bpf</devicename>
+ <emphasis>is</emphasis> required to use DHCP, but if
+ you are very sensitive about security, you probably
+ should not include <devicename>bpf</devicename> in
+ your kernel purely because you expect to use DHCP at
+ some point in the future.</para>
+ </note>
- <para>The next thing that you will need to do is edit the
- sample <filename>dhcpd.conf</filename> which was installed
- by the <filename
- role="package">net/isc-dhcp42-server</filename> port.
- By default, this will be
- <filename>/usr/local/etc/dhcpd.conf.sample</filename>, and
- you should copy this to
- <filename>/usr/local/etc/dhcpd.conf</filename> before
- proceeding to make changes.</para>
- </sect3>
+ <para>The next thing that you will need to do is edit the
+ sample <filename>dhcpd.conf</filename> which was installed
+ by the <filename
+ role="package">net/isc-dhcp42-server</filename> port.
+ By default, this will be
+ <filename>/usr/local/etc/dhcpd.conf.sample</filename>, and
+ you should copy this to
+ <filename>/usr/local/etc/dhcpd.conf</filename> before
+ proceeding to make changes.</para>
+ </sect3>
- <sect3>
- <title>Configuring the DHCP Server</title>
- <indexterm>
- <primary>DHCP</primary>
- <secondary>dhcpd.conf</secondary>
- </indexterm>
- <para><filename>dhcpd.conf</filename> is comprised of
- declarations regarding subnets and hosts, and is perhaps
- most easily explained using an example :</para>
+ <sect3>
+ <title>Configuring the DHCP Server</title>
+
+ <indexterm>
+ <primary>DHCP</primary>
+ <secondary>dhcpd.conf</secondary>
+ </indexterm>
+ <para><filename>dhcpd.conf</filename> is comprised of
+ declarations regarding subnets and hosts, and is perhaps
+ most easily explained using an example :</para>
- <programlisting>option domain-name "example.com";<co id="domain-name"/>
+ <programlisting>option domain-name "example.com";<co id="domain-name"/>
option domain-name-servers 192.168.4.100;<co id="domain-name-servers"/>
option subnet-mask 255.255.255.0;<co id="subnet-mask"/>
@@ -2986,6 +3024,7 @@ dhcpd_ifaces="dc0"</programlisting>
<sect3>
<title>Files</title>
+
<indexterm>
<primary>DHCP</primary>
<secondary>configuration files</secondary>
@@ -3063,6 +3102,7 @@ dhcpd_ifaces="dc0"</programlisting>
<sect2>
<title>Overview</title>
+
<indexterm><primary>BIND</primary></indexterm>
<para>&os; utilizes, by default, a version of BIND (Berkeley
@@ -3272,6 +3312,7 @@ dhcpd_ifaces="dc0"</programlisting>
<sect2>
<title>How It Works</title>
+
<para>In &os;, the BIND daemon is called
<application>named</application>.</para>
@@ -3725,6 +3766,7 @@ zone "1.168.192.in-addr.arpa" {
<sect3>
<title>Zone Files</title>
+
<indexterm>
<primary>BIND</primary>
<secondary>zone files</secondary>
@@ -3966,6 +4008,7 @@ mail IN A 192.168.
<sect2>
<title>Caching Name Server</title>
+
<indexterm>
<primary>BIND</primary>
<secondary>caching name server</secondary>
@@ -3979,24 +4022,25 @@ mail IN A 192.168.
<sect2>
<title><acronym
role="Domain Name Security Extensions">DNSSEC</acronym></title>
+
<indexterm>
<primary>BIND</primary>
<secondary>DNS security extensions</secondary>
</indexterm>
<para>Domain Name System Security Extensions, or <acronym
- role="Domain Name Security Extensions">DNSSEC</acronym> for
- short, is a suite of specifications to protect resolving name
- servers from forged <acronym>DNS</acronym> data, such as
- spoofed <acronym>DNS</acronym> records. By using digital
- signatures, a resolver can verify the integrity of the record.
- Note that <acronym
- role="Domain Name Security Extensions">DNSSEC</acronym> only
- provides integrity via digitally signing the Resource
- Records (<acronym role="Resource Record">RR</acronym>s). It
- provides neither confidentiality nor protection against false
- end-user assumptions. This means that it cannot protect
- against people going to <hostid
+ role="Domain Name Security Extensions">DNSSEC</acronym>
+ for short, is a suite of specifications to protect resolving
+ name servers from forged <acronym>DNS</acronym> data, such
+ as spoofed <acronym>DNS</acronym> records. By using digital
+ signatures, a resolver can verify the integrity of the
+ record. Note that <acronym
+ role="Domain Name Security Extensions">DNSSEC</acronym>
+ only provides integrity via digitally signing the Resource
+ Records (<acronym role="Resource Record">RR</acronym>s).
+ It provides neither confidentiality nor protection against
+ false end-user assumptions. This means that it cannot
+ protect against people going to <hostid
role="domainname">example.net</hostid> instead of <hostid
role="domainname">example.com</hostid>. The only thing
<acronym>DNSSEC</acronym> does is authenticate that the data
@@ -4610,6 +4654,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key
following commands:</para>
<screen>&prompt.root; <userinput>/usr/local/etc/rc.d/apache22 configtest</userinput></screen>
+
<screen>&prompt.root; <userinput>service apache22 configtest</userinput></screen>
<note>
@@ -4626,6 +4671,7 @@ $include Kexample.com.+005+nnnnn.ZSK.key
mechanisms:</para>
<screen>&prompt.root; <userinput>/usr/local/etc/rc.d/apache22 start</userinput></screen>
+
<screen>&prompt.root; <userinput>service apache22 start</userinput></screen>
<para>The <command>httpd</command> service can be tested by
@@ -5166,6 +5212,7 @@ DocumentRoot /www/someotherdomain.tld
<application>Samba</application>:</para>
<programlisting>swat stream tcp nowait/400 root /usr/local/sbin/swat swat</programlisting>
+
<para>As explained in <xref linkend="network-inetd-reread"/>,
the <application>inetd</application> configuration must be
reloaded after this configuration file is changed.</para>
@@ -5289,6 +5336,7 @@ DocumentRoot /www/someotherdomain.tld
the following command:</para>
<screen>&prompt.root; <userinput>smbpasswd -a username</userinput></screen>
+
<note>
<para>The recommended backend is now
<literal>tdbsam</literal>, and the following command
@@ -5323,6 +5371,7 @@ DocumentRoot /www/someotherdomain.tld
<para>Or, for fine grain control:</para>
<programlisting>nmbd_enable="YES"</programlisting>
+
<programlisting>smbd_enable="YES"</programlisting>
<note>
@@ -5339,8 +5388,8 @@ Starting SAMBA: removing stale tdbs :
Starting nmbd.
Starting smbd.</screen>
- <para>Please refer to <xref linkend="configtuning-rcd"/> for more
- information about using rc scripts.</para>
+ <para>Please refer to <xref linkend="configtuning-rcd"/> for
+ more information about using rc scripts.</para>
<para><application>Samba</application> actually consists of
three separate daemons. You should see that both the
@@ -5445,6 +5494,7 @@ Starting smbd.</screen>
<sect3>
<title>Basic Configuration</title>
+
<indexterm><primary>ntpdate</primary></indexterm>
<para>If you only wish to synchronize your clock when the
More information about the svn-doc-head
mailing list