PERFORCE change 24160 for review
Chris Costello
chris at freebsd.org
Sat Jan 25 01:38:13 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=24160
Change 24160 by chris at chris_holly on 2003/01/24 17:37:16
Integ.
Affected files ...
.. //depot/projects/trustedbsd/doc/de_DE.ISO8859-1/books/handbook/mirrors/chapter.sgml#6 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/checkpoint/article.sgml#3 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/committers-guide/article.sgml#11 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/contributing/article.sgml#6 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/contributors/article.sgml#14 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/hubs/article.sgml#6 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/releng/article.sgml#9 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/solid-state/article.sgml#4 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/developers-handbook/sound/chapter.sgml#3 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/faq/book.sgml#11 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml#12 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/config/chapter.sgml#10 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.sgml#13 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/desktop/chapter.sgml#6 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/disks/chapter.sgml#11 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.sgml#9 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/mirrors/chapter.sgml#13 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/multimedia/chapter.sgml#7 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/pgpkeys/obraun.key#2 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/ports/chapter.sgml#7 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/handbook/printing/chapter.sgml#8 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/books/porters-handbook/book.sgml#14 integrate
.. //depot/projects/trustedbsd/doc/en_US.ISO8859-1/share/sgml/mailing-lists.ent#4 integrate
.. //depot/projects/trustedbsd/doc/share/sgml/freebsd.ent#8 integrate
.. //depot/projects/trustedbsd/doc/share/sgml/man-refs.ent#13 integrate
.. //depot/projects/trustedbsd/doc/zh_TW.Big5/books/faq/Makefile#2 integrate
.. //depot/projects/trustedbsd/doc/zh_TW.Big5/books/faq/book.sgml#2 integrate
.. //depot/projects/trustedbsd/doc/zh_TW.Big5/share/sgml/bookinfo.ent#1 branch
.. //depot/projects/trustedbsd/doc/zh_TW.Big5/share/sgml/catalog#2 integrate
.. //depot/projects/trustedbsd/doc/zh_TW.Big5/share/sgml/freebsd.dsl#2 integrate
.. //depot/projects/trustedbsd/doc/zh_TW.Big5/share/sgml/legalnotice.sgml#1 branch
.. //depot/projects/trustedbsd/doc/zh_TW.Big5/share/sgml/mailing-lists.ent#1 branch
Differences ...
==== //depot/projects/trustedbsd/doc/de_DE.ISO8859-1/books/handbook/mirrors/chapter.sgml#6 (text+ko) ====
@@ -2,9 +2,9 @@
The FreeBSD Documentation Project
The FreeBSD German Documentation Project
- $FreeBSD: doc/de_DE.ISO8859-1/books/handbook/mirrors/chapter.sgml,v 1.10 2003/01/12 19:19:32 mheinen Exp $
- $FreeBSDde: de-docproj/books/handbook/mirrors/chapter.sgml,v 1.29 2003/01/12 19:04:31 mheinen Exp $
- basiert auf: 1.256
+ $FreeBSD: doc/de_DE.ISO8859-1/books/handbook/mirrors/chapter.sgml,v 1.11 2003/01/14 23:38:41 mheinen Exp $
+ $FreeBSDde: de-docproj/books/handbook/mirrors/chapter.sgml,v 1.30 2003/01/14 23:42:58 mheinen Exp $
+ basiert auf: 1.257
-->
<appendix id="mirrors">
@@ -4332,6 +4332,16 @@
</varlistentry>
<varlistentry>
+ <term>RELENG_5_0</term>
+
+ <listitem>
+ <para>Der Zweig, auf dem sicherheitsrelevante oder kritische
+ Fehlerbehebungen für FreeBSD 5.0 durchgeführt
+ werden.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>RELENG_4</term>
<listitem>
==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/checkpoint/article.sgml#3 (text+ko) ====
@@ -26,8 +26,6 @@
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
-
- $FreeBSD: doc/en_US.ISO8859-1/articles/checkpoint/article.sgml,v 1.4 2003/01/10 05:58:04 blackend Exp $
-->
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
@@ -42,25 +40,25 @@
<authorgroup>
<author>
- <firstname>Jon</firstname>
- <surname>Orbeton</surname>
+ <firstname>Jon</firstname>
+ <surname>Orbeton</surname>
- <affiliation>
- <address><email>jono at securityreports.com</email></address>
- </affiliation>
+ <affiliation>
+ <address><email>jono at securityreports.com</email></address>
+ </affiliation>
</author>
<author>
- <firstname>Matt</firstname>
- <surname>Hite</surname>
+ <firstname>Matt</firstname>
+ <surname>Hite</surname>
- <affiliation>
- <address><email>mhite at hotmail.com</email></address>
- </affiliation>
- </author>
+ <affiliation>
+ <address><email>mhite at hotmail.com</email></address>
+ </affiliation>
+ </author>
</authorgroup>
- <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/checkpoint/article.sgml,v 1.4 2003/01/10 05:58:04 blackend Exp $</pubdate>
+ <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/checkpoint/article.sgml,v 1.15 2003/01/22 17:40:24 keramida Exp $</pubdate>
<copyright>
<year>2001, 2002, 2003</year>
@@ -68,22 +66,22 @@
</copyright>
&legalnotice;
-
+
<abstract>
- <para>This document explains how to configure a
- <acronym>VPN</acronym> tunnel between FreeBSD and Checkpoint's
- VPN-1/Firewall-1. Other documents provide similar information,
- but do not contain instructions specific to VPN-1/Firewall-1
- and its integration with FreeBSD. These documents are
- listed at the conclusion of this paper for further reference.</para>
+ <para>This document explains how to configure a <acronym>VPN</acronym>
+ tunnel between FreeBSD and Checkpoint's VPN-1/Firewall-1. Other
+ documents provide similar information, but do not contain instructions
+ specific to VPN-1/Firewall-1 and its integration with FreeBSD. These
+ documents are listed at the conclusion of this paper for further
+ reference.</para>
</abstract>
</articleinfo>
<sect1 id="prerequisites">
<title>Prerequisites</title>
- <para>The following is a diagram of the machines and networks
- referenced in this document.</para>
+ <para>The following is a diagram of the machines and networks referenced
+ in this document.</para>
<programlisting>External Interface External Interface
208.229.100.6 216.218.197.2
@@ -96,34 +94,33 @@
<para>The FreeBSD gateway <acronym>GW</acronym> serves as a firewall and
<acronym>NAT</acronym> device for <quote>internal nets.</quote></para>
- <para>The FreeBSD kernel must be compiled to support IPSec.
- Use the following kernel options:</para>
+ <para>The FreeBSD kernel must be compiled to support IPSec. Use the
+ following kernel options to enable IPSec support in your kernel:</para>
<programlisting>options IPSEC
options IPSEC_ESP
options IPSEC_DEBUG</programlisting>
<para>For instructions on building a custom kernel, refer to the
- <ulink url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html">
- FreeBSD handbook</ulink>. Please note that <acronym>IP</acronym>
- protocol 50 (<acronym>ESP</acronym>) and <acronym>UDP</acronym>
- port <literal>500</literal> must be open between the Firewall-1
+ <ulink url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig.html">FreeBSD
+ handbook</ulink>. Please note that <acronym>IP</acronym>
+ protocol 50 (<acronym>ESP</acronym>) and <acronym>UDP</acronym>
+ port <literal>500</literal> must be open between the Firewall-1
host and the FreeBSD <acronym>GW</acronym>.</para>
- <para>Also, <application>racoon</application> must be installed to
- support key exchange. <application>Racoon</application> is part
- of the FreeBSD ports collection in
- <filename role="package">security/racoon</filename>. The
- <application>racoon</application> configuration file will be
- covered later in this document.</para>
+ <para>Also, <application>racoon</application> must be installed to support
+ key exchange. <application>Racoon</application> is part of the FreeBSD
+ ports collection in <filename role="package">security/racoon</filename>.
+ The <application>racoon</application> configuration file will be covered
+ later in this document.</para>
</sect1>
<sect1 id="object">
<title>Firewall-1 Network Object Configuration</title>
- <para>Begin by configuring the Firewall-1 Policy. Open the
- Policy Editor on the Firewall-1 Management server and create
- a new <quote>Workstation</quote> Network Object representing FreeBSD
+ <para>Begin by configuring the Firewall-1 Policy. Open the Policy Editor
+ on the Firewall-1 Management server and create a new
+ <quote>Workstation</quote> Network Object representing FreeBSD
<acronym>GW</acronym>.</para>
<programlisting>General Tab:
@@ -143,11 +140,12 @@
<programlisting>Support Aggressive Mode: Checked
Supports Subnets: Checked</programlisting>
-
- <para>After setting the pre-shared secret in the Firewall-1 Network
- Object definition, place this secret in
- <filename>/usr/local/etc/racoon/psk.txt</filename> on FreeBSD
- <acronym>GW</acronym>. The format for <filename>psk.txt</filename> is:</para>
+
+ <para>After setting the pre-shared secret in the Firewall-1 Network Object
+ definition, place this secret in the
+ <filename>/usr/local/etc/racoon/psk.txt</filename> file on FreeBSD
+ <acronym>GW</acronym>. The format for <filename>psk.txt</filename>
+ is:</para>
<programlisting>208.229.100.6 rUac0wtoo?</programlisting>
@@ -156,8 +154,8 @@
<sect1 id="rulecfg">
<title>Firewall-1 VPN Rule Configuration</title>
- <para>Next, create a Firewall-1 rule enabling encryption between
- the FreeBSD <acronym>GW</acronym> and the Firewall-1 protected network.
+ <para>Next, create a Firewall-1 rule enabling encryption between the
+ FreeBSD <acronym>GW</acronym> and the Firewall-1 protected network.
In this rule, the network services permitted through the
<acronym>VPN</acronym> must be defined.</para>
@@ -168,16 +166,16 @@
<para><quote>VPN services</quote> are any services (i.e.
<command>telnet</command>, <acronym>SSH</acronym>,
- <acronym>NTP</acronym>, etc.) which remote hosts are permitted to
- access through the <acronym>VPN</acronym>. Use caution when
- permitting services; hosts connecting through a <acronym>VPN</acronym>
- still represent a potential security risk. Encrypting the traffic
- between the two networks offers little protection if a host on either
- side of the tunnel has been compromised.</para>
+ <acronym>NTP</acronym>, etc.) which remote hosts are permitted to access
+ through the <acronym>VPN</acronym>. Use caution when permitting
+ services; hosts connecting through a <acronym>VPN</acronym> still
+ represent a potential security risk. Encrypting the traffic between the
+ two networks offers little protection if a host on either side of the
+ tunnel has been compromised.</para>
<para>Once the rule specifying data encryption between the FreeBSD
- <acronym>GW</acronym> and the Firewall-1 protected network has
- been configured, review the <quote>Action Encrypt</quote> settings.</para>
+ <acronym>GW</acronym> and the Firewall-1 protected network has been
+ configured, review the <quote>Action Encrypt</quote> settings.</para>
<programlisting>Encryption Schemes Defined: IKE ---> Edit
Transform: Encryption + Data Integrity (ESP)
@@ -187,13 +185,14 @@
Use Perfect Forward Secrecy: Checked</programlisting>
<para>The use of Perfect Forward Secrecy (<acronym>PFS</acronym>) is
- optional. Enabling <acronym>PFS</acronym> will add another layer of
+ optional. Enabling <acronym>PFS</acronym> will add another layer of
encryption security, but does come at the cost of increased
- <acronym>CPU</acronym> overhead. If <acronym>PFS</acronym> is not
- used, uncheck the box above and comment out the <literal>pfs_group 1</literal>
- line from <filename>racoon.conf</filename> on FreeBSD
- <acronym>GW</acronym>. An example <filename>racoon.conf</filename>
- is provided later in this document.</para>
+ <acronym>CPU</acronym> overhead. If <acronym>PFS</acronym> is not used,
+ uncheck the box above and comment out the
+ <literal>pfs_group 1</literal> line in the
+ <filename>racoon.conf</filename> file on FreeBSD <acronym>GW</acronym>.
+ An example <filename>racoon.conf</filename> file is provided later in
+ this document.</para>
</sect1>
@@ -201,8 +200,8 @@
<title>FreeBSD <acronym>VPN</acronym> Policy Configuration</title>
<para>At this point, the <acronym>VPN</acronym> policy on FreeBSD
- <acronym>GW</acronym> must be defined. The
- <filename>/usr/sbin/setkey</filename> tool performs this function.</para>
+ <acronym>GW</acronym> must be defined. The &man.setkey.8; tool performs
+ this function.</para>
<para>Below is an example shell script which will flush &man.setkey.8; and
add your <acronym>VPN</acronym> policy rules.</para>
@@ -244,12 +243,14 @@
<title>FreeBSD <application>Racoon</application> Configuration</title>
<para>To facilitate the negotiation of IPSec keys on the FreeBSD
- <acronym>GW</acronym>, <filename>/usr/ports/security/racoon</filename> must
- be installed and configured.</para>
+ <acronym>GW</acronym>, the
+ <filename role="package">security/racoon</filename> port must be
+ installed and configured.</para>
- <para>The following is a racoon configuration file suitable for use with
- the examples outlined in this document. Please make sure you fully
- understand this file before using in a production environment.</para>
+ <para>The following is a <application>racoon</application> configuration
+ file suitable for use with the examples outlined in this document.
+ Please make sure you fully understand this file before using it in a
+ production environment.</para>
<programlisting># racoon.conf for use with Checkpoint VPN-1/Firewall-1
#
@@ -328,23 +329,24 @@
compression_algorithm deflate ;
}</programlisting>
- <para>Ensure that <filename>/usr/local/etc/racoon/psk.txt</filename>
- contains the pre-shared secret configured in the "Firewall-1 Network Object
- Configuration" section of this document and has mode <literal>600</literal>
- permissions.</para>
+ <para>Ensure that the <filename>/usr/local/etc/racoon/psk.txt</filename>
+ file contains the pre-shared secret configured in the <quote>Firewall-1
+ Network Object Configuration</quote> section of this document and has
+ mode <literal>600</literal> permissions.</para>
<screen>&prompt.root; <userinput>chmod 600 /usr/local/etc/racoon/psk.txt</userinput></screen>
- </sect1>
+ </sect1>
- <sect1 id="startingvpn">
- <title>Starting the <acronym>VPN</acronym></title>
+ <sect1 id="startingvpn">
+ <title>Starting the <acronym>VPN</acronym></title>
- <para>You are now ready to launch <application>racoon</application> and test
- the <acronym>VPN</acronym> tunnel. For debugging purposes, open the
- Firewall-1 Log Viewer and define a log filter to isolate entries pertaining
- to FreeBSD <acronym>GW</acronym>. You may also find it helpful to
- &man.tail.1; the <application>racoon</application> log:</para>
+ <para>You are now ready to launch <application>racoon</application> and
+ test the <acronym>VPN</acronym> tunnel. For debugging purposes, open
+ the Firewall-1 Log Viewer and define a log filter to isolate entries
+ pertaining to FreeBSD <acronym>GW</acronym>. You may also find it
+ helpful to &man.tail.1; the <application>racoon</application>
+ log:</para>
<screen>&prompt.root; <userinput>tail -f /var/log/racoon.log</userinput></screen>
@@ -353,30 +355,32 @@
<screen>&prompt.root; <userinput>/usr/local/sbin/racoon -f /usr/local/etc/racoon/racoon.conf</userinput></screen>
- <para>Once <application>racoon</application> has been launched, &man.telnet.1;
- to a host on the Firewall-1 protected network.</para>
+ <para>Once <application>racoon</application> has been launched,
+ &man.telnet.1; to a host on the Firewall-1 protected network.</para>
<screen>&prompt.root; <userinput>telnet -s 192.168.10.3 199.208.192.66 22</userinput></screen>
- <para>This command attempts to connect to the &man.ssh.1;
- port on 199.208.192.66, a machine in the Firewall-1 protected network. The
- <option>-s</option> switch indicates the source interface of the outbound
- connection. This is particularly important when running
- <acronym>NAT</acronym> and <acronym>IPFW</acronym> on FreeBSD
- <acronym>GW</acronym>. Using <literal>-s</literal> and specifying an
- explicit source address prevents <acronym>NAT</acronym> from mangling the
- packet prior to tunneling.</para>
+ <para>This command attempts to connect to the &man.ssh.1; port on <hostid
+ role="ipaddr">199.208.192.66</hostid>, a machine in the Firewall-1
+ protected network. The <option>-s</option> switch indicates the source
+ interface of the outbound connection. This is particularly important
+ when running <acronym>NAT</acronym> and <acronym>IPFW</acronym> on
+ FreeBSD <acronym>GW</acronym>. Using <literal>-s</literal> and
+ specifying an explicit source address prevents <acronym>NAT</acronym>
+ from mangling the packet prior to tunneling.</para>
<para>A successful <application>racoon</application> key exchange will
- output the following to <filename>racoon.log</filename>:</para>
+ output the following to the <filename>racoon.log</filename> log
+ file:</para>
<programlisting>pfkey UPDATE succeeded: ESP/Tunnel 216.218.197.2->208.229.100.6
pk_recvupdate(): IPSec-SA established: ESP/Tunnel 216.218.197.2->208.229.100.6
get pfkey ADD message IPsec-SA established: ESP/Tunnel 208.229.100.6->216.218.197.2</programlisting>
- <para>Once key exchange completes (which takes a few seconds), an &man.ssh.1;
- banner will appear. If all went well, two "Key Install" messages will be logged
- in the Firewall-1 Log Viewer.</para>
+ <para>Once key exchange completes (which takes a few seconds), an
+ &man.ssh.1; banner will appear. If all went well, two <quote>Key
+ Install</quote> messages will be logged in the Firewall-1 Log
+ Viewer.</para>
<programlisting>Action | Source | Dest. | Info.
Key Install | 216.218.197.2 | 208.229.100.6 | IKE Log: Phase 1 (aggressive) completion.
@@ -391,21 +395,20 @@
<sect1 id="References">
<title>References</title>
- <itemizedlist>
- <listitem>
- <para><ulink url="http://www.freebsd.org/handbook/ipsec.html">
- The FreeBSD Handbook: IPSec</ulink></para>
- </listitem>
+ <itemizedlist>
+ <listitem>
+ <para><ulink url="http://www.FreeBSD.org/handbook/ipsec.html">
+ The FreeBSD Handbook: IPSec</ulink></para>
+ </listitem>
- <listitem>
- <para><ulink url="http://www.kame.net">KAME Project</ulink></para>
- </listitem>
+ <listitem>
+ <para><ulink url="http://www.kame.net">KAME Project</ulink></para>
+ </listitem>
- <listitem>
- <para><ulink url="http://www.x-itec.de/projects/tuts/ipsec-howto.txt">
- FreeBSD IPSec mini-HOWTO</ulink></para>
- </listitem>
- </itemizedlist>
-
+ <listitem>
+ <para><ulink url="http://www.x-itec.de/projects/tuts/ipsec-howto.txt">
+ FreeBSD IPSec mini-HOWTO</ulink></para>
+ </listitem>
+ </itemizedlist>
</sect1>
</article>
==== //depot/projects/trustedbsd/doc/en_US.ISO8859-1/articles/committers-guide/article.sgml#11 (text+ko) ====
@@ -25,7 +25,7 @@
</author>
</authorgroup>
- <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/committers-guide/article.sgml,v 1.148 2003/01/11 11:43:55 blackend Exp $</pubdate>
+ <pubdate>$FreeBSD: doc/en_US.ISO8859-1/articles/committers-guide/article.sgml,v 1.151 2003/01/21 23:08:04 bmah Exp $</pubdate>
<copyright>
<year>1999</year>
@@ -54,26 +54,26 @@
<entry><emphasis>Main Repository Host</emphasis></entry>
<entry><hostid role="fqdn">ncvs.FreeBSD.org</hostid></entry>
</row>
-
+
<row>
<entry><emphasis>Login Methods</emphasis></entry>
<entry>&man.ssh.1;, protocol 2 only</entry>
</row>
-
- <row>
+
+ <row>
<entry><emphasis>Main CVSROOT</emphasis></entry>
<entry>
<hostid role="fqdn">ncvs.FreeBSD.org</hostid><literal>:</literal><filename>/home/ncvs</filename>
</entry>
</row>
-
+
<row>
<entry><emphasis>Main &a.cvs;</emphasis></entry>
<entry>&a.peter; and &a.markm;, as well as &a.joe; for
<filename>ports/</filename></entry>
</row>
-
- <row>
+
+ <row>
<entry><emphasis>Mailing Lists</emphasis></entry>
<entry>&a.developers;, &a.committers;
(Both of these are private list; archives can be found
@@ -83,7 +83,7 @@
cluster.)
</entry>
</row>
-
+
<row>
<entry><emphasis>Core Team monthly reports</emphasis></entry>
@@ -92,14 +92,14 @@
</entry>
</row>
- <row>
+ <row>
<entry><emphasis>Noteworthy CVS Tags</emphasis></entry>
<entry><literal>RELENG_4</literal> (4.X-STABLE), <literal>HEAD</literal> (-CURRENT)</entry>
</row>
</tbody>
</tgroup>
</informaltable>
-
+
<para>It is required that you use &man.ssh.1; or &man.telnet.1;
with Kerberos 5 to connect to the project hosts and only
&man.ssh.1;, protocol 2 is allowed connecting to the repository
@@ -176,9 +176,9 @@
<sect1 id="cvs.operations">
<title>CVS Operations</title>
- <para>It is assumed that you are already familiar with the basic operation
+ <para>It is assumed that you are already familiar with the basic operation
of CVS.</para>
-
+
<para>The CVS repository is hosted on the repository machines. The &a.cvs;
are the <quote>owners</quote> of the CVS repository and are
responsible for direct modification of it for the purposes of
@@ -244,9 +244,9 @@
<para>CVS reference information, tutorials, and FAQs can also be found at:
<ulink
- url="http://www.cvshome.org/docs/">http://www.cvshome.org/docs/</ulink>,
+ url="http://www.cvshome.org/docs/">http://www.cvshome.org/docs/</ulink>,
and the information in <ulink url="http://cvsbook.red-bean.com/cvsbook.html">Karl Fogel's
- chapters from <quote>Open Source Development with CVS</quote></ulink> are also very
+ chapters from <quote>Open Source Development with CVS</quote></ulink> are also very
useful.</para>
<para>&a.des; also supplied the following <quote>mini primer</quote> for
@@ -254,520 +254,520 @@
<orderedlist>
<listitem>
- <para>Check out a module with the <command>co</command> or
+ <para>Check out a module with the <command>co</command> or
<command>checkout</command> command.</para>
- <screen>&prompt.user; <userinput>cvs checkout shazam</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs checkout shazam</userinput></screen>
- <para>This checks out a copy of the <filename>shazam</filename> module. If
- there is no <filename>shazam</filename> module in the modules file, it looks for a
- top-level directory named <filename>shazam</filename> instead.</para>
+ <para>This checks out a copy of the <filename>shazam</filename> module. If
+ there is no <filename>shazam</filename> module in the modules file, it looks for a
+ top-level directory named <filename>shazam</filename> instead.</para>
- <table frame="none">
+ <table frame="none">
<title>Useful <command>cvs checkout</command> options</title>
- <tgroup cols=2>
- <tbody>
- <row>
- <entry><option>-P</option></entry>
- <entry>Do not create empty directories</entry>
- </row>
+ <tgroup cols=2>
+ <tbody>
+ <row>
+ <entry><option>-P</option></entry>
+ <entry>Do not create empty directories</entry>
+ </row>
- <row>
- <entry><option>-l</option></entry>
- <entry>Check out a single level, no subdirectories</entry>
- </row>
+ <row>
+ <entry><option>-l</option></entry>
+ <entry>Check out a single level, no subdirectories</entry>
+ </row>
- <row>
- <entry><option>-r<replaceable>rev</replaceable></option></entry>
- <entry>Check out revision, branch or tag
- <replaceable>rev</replaceable></entry>
- </row>
+ <row>
+ <entry><option>-r<replaceable>rev</replaceable></option></entry>
+ <entry>Check out revision, branch or tag
+ <replaceable>rev</replaceable></entry>
+ </row>
- <row>
- <entry><option>-D<replaceable>date</replaceable></option></entry>
- <entry>Check out the sources as they were on date
- <replaceable>date</replaceable></entry>
- </row>
- </tbody>
- </tgroup>
- </table>
+ <row>
+ <entry><option>-D<replaceable>date</replaceable></option></entry>
+ <entry>Check out the sources as they were on date
+ <replaceable>date</replaceable></entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
- <para>Practical FreeBSD examples:</para>
+ <para>Practical FreeBSD examples:</para>
- <itemizedlist>
- <listitem>
- <para>Check out the <filename>miscfs</filename> module,
- which corresponds to <filename>src/sys/miscfs</filename>:</para>
+ <itemizedlist>
+ <listitem>
+ <para>Check out the <filename>miscfs</filename> module,
+ which corresponds to <filename>src/sys/miscfs</filename>:</para>
- <screen>&prompt.user; <userinput>cvs co miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co miscfs</userinput></screen>
- <para>You now have a directory named <filename>miscfs</filename>
- with subdirectories <filename>CVS</filename>,
- <filename>deadfs</filename>, <filename>devfs</filename>, and so
- on. One of these (<filename>linprocfs</filename>) is
- empty.</para>
- </listitem>
+ <para>You now have a directory named <filename>miscfs</filename>
+ with subdirectories <filename>CVS</filename>,
+ <filename>deadfs</filename>, <filename>devfs</filename>, and so
+ on. One of these (<filename>linprocfs</filename>) is
+ empty.</para>
+ </listitem>
- <listitem>
- <para>Check out the same files, but with full path:</para>
+ <listitem>
+ <para>Check out the same files, but with full path:</para>
- <screen>&prompt.user; <userinput>cvs co src/sys/miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co src/sys/miscfs</userinput></screen>
- <para>You now have a directory named <filename>src</filename>,
- with subdirectories <filename>CVS</filename> and
- <filename>sys</filename>. <filename>src/sys</filename> has
- subdirectories <filename>CVS</filename> and
- <filename>miscfs</filename>, etc.</para>
- </listitem>
+ <para>You now have a directory named <filename>src</filename>,
+ with subdirectories <filename>CVS</filename> and
+ <filename>sys</filename>. <filename>src/sys</filename> has
+ subdirectories <filename>CVS</filename> and
+ <filename>miscfs</filename>, etc.</para>
+ </listitem>
- <listitem>
- <para>Check out the same files, but prunes empty
- directories:</para>
+ <listitem>
+ <para>Check out the same files, but prunes empty
+ directories:</para>
- <screen>&prompt.user; <userinput>cvs co -P miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co -P miscfs</userinput></screen>
- <para>You now have a directory named
- <filename>miscfs</filename> with subdirectories
- <filename>CVS</filename>, <filename>deadfs</filename>,
- <filename>devfs</filename>... but note that there is no
- <filename>linprocfs</filename> subdirectory, because there
- are no files in it.</para>
- </listitem>
+ <para>You now have a directory named
+ <filename>miscfs</filename> with subdirectories
+ <filename>CVS</filename>, <filename>deadfs</filename>,
+ <filename>devfs</filename>... but note that there is no
+ <filename>linprocfs</filename> subdirectory, because there
+ are no files in it.</para>
+ </listitem>
- <listitem>
- <para>Check out the directory <filename>miscfs</filename>, but
- none of the subdirectories:</para>
+ <listitem>
+ <para>Check out the directory <filename>miscfs</filename>, but
+ none of the subdirectories:</para>
- <screen>&prompt.user; <userinput>cvs co -l miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co -l miscfs</userinput></screen>
- <para>You now have a directory named <filename>miscfs</filename>
- with just one subdirectory named
- <filename>CVS</filename>.</para>
- </listitem>
+ <para>You now have a directory named <filename>miscfs</filename>
+ with just one subdirectory named
+ <filename>CVS</filename>.</para>
+ </listitem>
- <listitem>
- <para>Check out the <filename>miscfs</filename> module as
- it is in the 4.X branch:</para>
+ <listitem>
+ <para>Check out the <filename>miscfs</filename> module as
+ it is in the 4.X branch:</para>
- <screen>&prompt.user; <userinput>cvs co -rRELENG_4 miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co -rRELENG_4 miscfs</userinput></screen>
- <para>You can modify the sources and commit along this
- branch.</para>
- </listitem>
+ <para>You can modify the sources and commit along this
+ branch.</para>
+ </listitem>
- <listitem>
- <para>Check out the <filename>miscfs</filename> module as
- it was in 3.4-RELEASE.</para>
+ <listitem>
+ <para>Check out the <filename>miscfs</filename> module as
+ it was in 3.4-RELEASE.</para>
- <screen>&prompt.user; <userinput>cvs co -rRELENG_3_4_0_RELEASE miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co -rRELENG_3_4_0_RELEASE miscfs</userinput></screen>
- <para>You will not be able to commit modifications, since
- <literal>RELENG_3_4_0_RELEASE</literal> is a point in time, not a branch.</para>
- </listitem>
+ <para>You will not be able to commit modifications, since
+ <literal>RELENG_3_4_0_RELEASE</literal> is a point in time, not a branch.</para>
+ </listitem>
- <listitem>
- <para>Check out the <filename>miscfs</filename> module as it was
- on Jan 15 2000.</para>
+ <listitem>
+ <para>Check out the <filename>miscfs</filename> module as it was
+ on Jan 15 2000.</para>
- <screen>&prompt.user; <userinput>cvs co -D'01/15/2000' miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co -D'01/15/2000' miscfs</userinput></screen>
- <para>You will not be able to commit modifications.</para>
- </listitem>
+ <para>You will not be able to commit modifications.</para>
+ </listitem>
- <listitem>
- <para>Check out the <filename>miscfs</filename> module as it was
- one week ago.</para>
+ <listitem>
+ <para>Check out the <filename>miscfs</filename> module as it was
+ one week ago.</para>
- <screen>&prompt.user; <userinput>cvs co -D'last week' miscfs</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs co -D'last week' miscfs</userinput></screen>
- <para>You will not be able to commit modifications.</para>
- </listitem>
- </itemizedlist>
+ <para>You will not be able to commit modifications.</para>
+ </listitem>
+ </itemizedlist>
- <para>Note that cvs stores metadata in subdirectories named
- <filename>CVS</filename>.</para>
+ <para>Note that cvs stores metadata in subdirectories named
+ <filename>CVS</filename>.</para>
- <para>Arguments to <option>-D</option> and <option>-r</option>
- are sticky, which means cvs will remember them later, e.g.
- when you do a <command>cvs update</command>.</para>
+ <para>Arguments to <option>-D</option> and <option>-r</option>
+ are sticky, which means cvs will remember them later, e.g.
+ when you do a <command>cvs update</command>.</para>
</listitem>
<listitem>
- <para>Check the status of checked-out files with the
- <command>status</command> command.</para>
+ <para>Check the status of checked-out files with the
+ <command>status</command> command.</para>
- <screen>&prompt.user; <userinput>cvs status shazam</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs status shazam</userinput></screen>
- <para>This displays the status of the
- <filename>shazam</filename> file or of every file in the
- <filename>shazam</filename> directory. For every file, the
- status is given as one of:</para>
+ <para>This displays the status of the
+ <filename>shazam</filename> file or of every file in the
+ <filename>shazam</filename> directory. For every file, the
+ status is given as one of:</para>
- <informaltable frame="none">
- <tgroup cols=2>
- <tbody>
- <row>
- <entry>Up-to-date</entry>
- <entry>File is up-to-date and unmodified.</entry>
- </row>
+ <informaltable frame="none">
+ <tgroup cols=2>
+ <tbody>
+ <row>
+ <entry>Up-to-date</entry>
+ <entry>File is up-to-date and unmodified.</entry>
+ </row>
- <row>
- <entry>Needs Patch</entry>
- <entry>File is unmodified, but there is a newer revision in
- the repository.</entry>
- </row>
+ <row>
+ <entry>Needs Patch</entry>
+ <entry>File is unmodified, but there is a newer revision in
+ the repository.</entry>
+ </row>
- <row>
- <entry>Locally Modified</entry>
- <entry>File is up-to-date, but modified.</entry>
- </row>
+ <row>
+ <entry>Locally Modified</entry>
+ <entry>File is up-to-date, but modified.</entry>
+ </row>
- <row>
- <entry>Needs Merge</entry>
- <entry>File is modified, and there is a newer revision in the
- repository.</entry>
- </row>
+ <row>
+ <entry>Needs Merge</entry>
+ <entry>File is modified, and there is a newer revision in the
+ repository.</entry>
+ </row>
- <row>
- <entry>File had conflicts on merge</entry>
- <entry>There were conflicts the last time this file was
- updated, and they have not been resolved yet.</entry>
- </row>
- </tbody>
- </tgroup>
- </informaltable>
+ <row>
+ <entry>File had conflicts on merge</entry>
+ <entry>There were conflicts the last time this file was
+ updated, and they have not been resolved yet.</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
- <para>You will also see the local revision and date,
- the revision number of the newest applicable version
- (<quote>newest applicable</quote> because if you have a
- sticky date, tag or branch, it may not be the actual newest
- revision), and any sticky tags, dates or options.</para>
+ <para>You will also see the local revision and date,
+ the revision number of the newest applicable version
+ (<quote>newest applicable</quote> because if you have a
+ sticky date, tag or branch, it may not be the actual newest
+ revision), and any sticky tags, dates or options.</para>
</listitem>
<listitem>
- <para>Once you have checked something out, update it with the
- <command>update</command> command.</para>
+ <para>Once you have checked something out, update it with the
+ <command>update</command> command.</para>
- <screen>&prompt.user; <userinput>cvs update shazam</userinput></screen>
+ <screen>&prompt.user; <userinput>cvs update shazam</userinput></screen>
- <para>This updates the <filename>shazam</filename> file or the
- contents of the <filename>shazam</filename> directory to the
- latest version along the branch you checked out. If you
- checked out a <quote>point in time</quote>, does nothing
- unless the tags have moved in the repository or some other weird
- stuff is going on.</para>
+ <para>This updates the <filename>shazam</filename> file or the
+ contents of the <filename>shazam</filename> directory to the
+ latest version along the branch you checked out. If you
+ checked out a <quote>point in time</quote>, does nothing
+ unless the tags have moved in the repository or some other weird
+ stuff is going on.</para>
- <para>Useful options, in addition to those listed above for
- <command>checkout</command>:</para>
+ <para>Useful options, in addition to those listed above for
+ <command>checkout</command>:</para>
- <informaltable frame="none">
- <tgroup cols=2>
- <tbody>
- <row>
- <entry><option>-d</option></entry>
- <entry>Check out any additional missing directories.</entry>
- </row>
+ <informaltable frame="none">
+ <tgroup cols=2>
+ <tbody>
+ <row>
+ <entry><option>-d</option></entry>
+ <entry>Check out any additional missing directories.</entry>
+ </row>
- <row>
- <entry><option>-A</option></entry>
- <entry>Update to head of main branch.</entry>
- </row>
+ <row>
+ <entry><option>-A</option></entry>
+ <entry>Update to head of main branch.</entry>
+ </row>
- <row>
- <entry><option>-j<replaceable>rev</replaceable></option></entry>
- <entry>More magic (see below).</entry>
- </row>
- </tbody>
- </tgroup>
- </informaltable>
+ <row>
+ <entry><option>-j<replaceable>rev</replaceable></option></entry>
+ <entry>More magic (see below).</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
- <para>If you checked out a module with <option>-r</option> or
- <option>-D</option>, running <command>cvs update</command>
- with a different <option>-r</option> or <option>-D</option>
- argument or with <option>-A</option> will select a new branch,
- revision or date. The <option>-A</option> option clears all
- sticky tags, dates or revisions whereas <option>-r</option>
- and <option>-D</option> set new ones.</para>
+ <para>If you checked out a module with <option>-r</option> or
+ <option>-D</option>, running <command>cvs update</command>
+ with a different <option>-r</option> or <option>-D</option>
+ argument or with <option>-A</option> will select a new branch,
+ revision or date. The <option>-A</option> option clears all
+ sticky tags, dates or revisions whereas <option>-r</option>
+ and <option>-D</option> set new ones.</para>
- <para>Theoretically, specifying <literal>HEAD</literal> as
- argument to <option>-r</option> will give you the same result
- as <option>-A</option>, but that is just theory.</para>
+ <para>Theoretically, specifying <literal>HEAD</literal> as
+ argument to <option>-r</option> will give you the same result
+ as <option>-A</option>, but that is just theory.</para>
- <para>The <option>-d</option> option is useful if:</para>
+ <para>The <option>-d</option> option is useful if:</para>
- <itemizedlist>
- <listitem>
- <para>somebody has added subdirectories to the module
- you have checked out after you checked it out.</para>
- </listitem>
+ <itemizedlist>
+ <listitem>
+ <para>somebody has added subdirectories to the module
+ you have checked out after you checked it out.</para>
+ </listitem>
- <listitem>
- <para>you checked out with <option>-l</option>, and later
- change your mind and want to check out the subdirectories
- as well.</para>
- </listitem>
+ <listitem>
+ <para>you checked out with <option>-l</option>, and later
+ change your mind and want to check out the subdirectories
+ as well.</para>
+ </listitem>
- <listitem>
- <para>you deleted some subdirectories and want to check
- them all back out.</para>
- </listitem>
- </itemizedlist>
+ <listitem>
+ <para>you deleted some subdirectories and want to check
+ them all back out.</para>
+ </listitem>
+ </itemizedlist>
- <para><emphasis>Watch the output of the <command>cvs
- update</command> with care.</emphasis> The letter in front of
- each filename indicates what was done with it:</para>
+ <para><emphasis>Watch the output of the <command>cvs
+ update</command> with care.</emphasis> The letter in front of
+ each filename indicates what was done with it:</para>
- <informaltable frame="none">
- <tgroup cols=2>
- <tbody>
- <row>
- <entry><literal>U</literal></entry>
- <entry>The file was updated without trouble.</entry>
- </row>
+ <informaltable frame="none">
>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list