diff options
Diffstat (limited to 'pl_PL.ISO8859-2/books/handbook/network-servers/chapter.xml')
| -rw-r--r-- | pl_PL.ISO8859-2/books/handbook/network-servers/chapter.xml | 653 |
1 files changed, 267 insertions, 386 deletions
diff --git a/pl_PL.ISO8859-2/books/handbook/network-servers/chapter.xml b/pl_PL.ISO8859-2/books/handbook/network-servers/chapter.xml index acfaed70fa..7b5496483c 100644 --- a/pl_PL.ISO8859-2/books/handbook/network-servers/chapter.xml +++ b/pl_PL.ISO8859-2/books/handbook/network-servers/chapter.xml @@ -4,22 +4,17 @@ $FreeBSD$ --> - -<chapter id="network-servers"> - <chapterinfo> +<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="network-servers"> + <info><title>Network Servers</title> <authorgroup> - <author> - <firstname>Murray</firstname> - <surname>Stokely</surname> - <contrib>Reorganized by </contrib> - </author> + <author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname><contrib>Reorganized by </contrib></author> </authorgroup> - <!-- 23 July 2004 --> - </chapterinfo> + + </info> - <title>Network Servers</title> + - <sect1 id="network-servers-synopsis"> + <sect1 xml:id="network-servers-synopsis"> <title>Synopsis</title> <para>This chapter will cover some of the more frequently used @@ -94,26 +89,19 @@ </itemizedlist> </sect1> - <sect1 id="network-inetd"> - <sect1info> + <sect1 xml:id="network-inetd"> + <info><title>The <application>inetd</application> <quote>Super-Server</quote></title> <authorgroup> - <author> - <firstname>Chern</firstname> - <surname>Lee</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Chern</firstname><surname>Lee</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> <authorgroup> - <author> - <contrib>Updated for &os; 6.1-RELEASE by </contrib> - <othername>The &os; Documentation Project</othername> - </author> + <author><personname><othername>The &os; Documentation Project</othername></personname><contrib>Updated for &os; 6.1-RELEASE by </contrib></author> </authorgroup> - </sect1info> + </info> - <title>The <application>inetd</application> <quote>Super-Server</quote></title> + - <sect2 id="network-inetd-overview"> + <sect2 xml:id="network-inetd-overview"> <title>Overview</title> <para>&man.inetd.8; is sometimes referred to as the <quote>Internet @@ -140,7 +128,7 @@ <filename>/etc/inetd.conf</filename>.</para> </sect2> - <sect2 id="network-inetd-settings"> + <sect2 xml:id="network-inetd-settings"> <title>Settings</title> <para><application>inetd</application> is initialized through @@ -163,7 +151,7 @@ <literal>inetd_flags</literal> option.</para> </sect2> - <sect2 id="network-inetd-cmdline"> + <sect2 xml:id="network-inetd-cmdline"> <title>Command-Line Options</title> <para>Like most server daemons, <application>inetd</application> @@ -238,7 +226,7 @@ </variablelist> </sect2> - <sect2 id="network-inetd-conf"> + <sect2 xml:id="network-inetd-conf"> <!-- XXX This section isn't very clear, and could do with some lovin' --> <title><filename>inetd.conf</filename></title> @@ -250,7 +238,7 @@ <application>inetd</application> can be forced to re-read its configuration file by running the command:</para> - <example id="network-inetd-reread"> + <example xml:id="network-inetd-reread"> <title>Reloading the <application>inetd</application> configuration file</title> @@ -425,10 +413,10 @@ server-program-arguments</programlisting> <listitem> <para>This is the username that the particular daemon should run as. Most commonly, daemons run as the - <username>root</username> user. For security purposes, it is + <systemitem class="username">root</systemitem> user. For security purposes, it is common to find some servers running as the - <username>daemon</username> user, or the least privileged - <username>nobody</username> user.</para> + <systemitem class="username">daemon</systemitem> user, or the least privileged + <systemitem class="username">nobody</systemitem> user.</para> </listitem> </varlistentry> @@ -462,7 +450,7 @@ server-program-arguments</programlisting> </variablelist> </sect2> - <sect2 id="network-inetd-security"> + <sect2 xml:id="network-inetd-security"> <title>Security</title> <para>Depending on the choices made at install time, many @@ -490,7 +478,7 @@ server-program-arguments</programlisting> invoked daemons.</para> </sect2> - <sect2 id="network-inetd-misc"> + <sect2 xml:id="network-inetd-misc"> <title>Miscellaneous</title> <para><application>daytime</application>, @@ -511,32 +499,21 @@ server-program-arguments</programlisting> </sect2> </sect1> - <sect1 id="network-nfs"> - <sect1info> + <sect1 xml:id="network-nfs"> + <info><title>Network File System (NFS)</title> <authorgroup> - <author> - <firstname>Tom</firstname> - <surname>Rhodes</surname> - <contrib>Reorganized and enhanced by </contrib> - </author> + <author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Reorganized and enhanced by </contrib></author> </authorgroup> <authorgroup> - <author> - <firstname>Bill</firstname> - <surname>Swingle</surname> - <contrib>Written by </contrib> - </author> + <author><personname><firstname>Bill</firstname><surname>Swingle</surname></personname><contrib>Written by </contrib></author> </authorgroup> - </sect1info> - <title>Network File System (NFS)</title> + </info> + <indexterm><primary>NFS</primary></indexterm> <para>Among the many different file systems that FreeBSD supports - is the Network File System, also known as <acronym role="Network - File System">NFS</acronym>. <acronym role="Network File - System">NFS</acronym> allows a system to share directories and - files with others over a network. By using <acronym - role="Network File System">NFS</acronym>, users and programs can + is the Network File System, also known as <acronym role="Network File System">NFS</acronym>. <acronym role="Network File System">NFS</acronym> allows a system to share directories and + files with others over a network. By using <acronym role="Network File System">NFS</acronym>, users and programs can access files on remote systems almost as if they were local files.</para> @@ -637,7 +614,7 @@ server-program-arguments</programlisting> </para> </sect2> - <sect2 id="network-configuring-nfs"> + <sect2 xml:id="network-configuring-nfs"> <title>Configuring <acronym>NFS</acronym></title> <indexterm> <primary>NFS</primary> @@ -713,10 +690,10 @@ mountd_flags="-r"</programlisting> <para>The following line exports <filename>/a</filename> so that two clients from different domains may access the file system. The <option>-maproot=root</option> flag allows the - <username>root</username> user on the remote system to write - data on the exported file system as <username>root</username>. + <systemitem class="username">root</systemitem> user on the remote system to write + data on the exported file system as <systemitem class="username">root</systemitem>. If the <literal>-maproot=root</literal> flag is not specified, - then even if a user has <username>root</username> access on + then even if a user has <systemitem class="username">root</systemitem> access on the remote system, he will not be able to modify files on the exported file system.</para> @@ -740,7 +717,7 @@ mountd_flags="-r"</programlisting> /usr/ports client</programlisting> <para>One file system, <filename>/usr</filename>, has two lines - specifying exports to the same host, <hostid>client</hostid>. + specifying exports to the same host, <systemitem>client</systemitem>. The correct format for this situation is:</para> <programlisting>/usr/src /usr/ports client</programlisting> @@ -780,7 +757,7 @@ mountd_flags="-r"</programlisting> <para>Alternatively, a reboot will make FreeBSD set everything up properly. A reboot is not necessary though. - Executing the following commands as <username>root</username> + Executing the following commands as <systemitem class="username">root</systemitem> should start everything up.</para> <para>On the <acronym>NFS</acronym> server:</para> @@ -795,10 +772,10 @@ mountd_flags="-r"</programlisting> <para>Now everything should be ready to actually mount a remote file system. In these examples the - server's name will be <hostid>server</hostid> and the client's - name will be <hostid>client</hostid>. If you only want to + server's name will be <systemitem>server</systemitem> and the client's + name will be <systemitem>client</systemitem>. If you only want to temporarily mount a remote file system or would rather test the - configuration, just execute a command like this as <username>root</username> on the + configuration, just execute a command like this as <systemitem class="username">root</systemitem> on the client:</para> <indexterm> <primary>NFS</primary> @@ -858,24 +835,16 @@ mountd_flags="-r"</programlisting> </itemizedlist> </sect2> - <sect2 id="network-amd"> - <sect2info> + <sect2 xml:id="network-amd"> + <info><title>Automatic Mounts with <application>amd</application></title> <authorgroup> - <author> - <firstname>Wylie</firstname> - <surname>Stilwell</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Wylie</firstname><surname>Stilwell</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> <authorgroup> - <author> - <firstname>Chern</firstname> - <surname>Lee</surname> - <contrib>Rewritten by </contrib> - </author> + <author><personname><firstname>Chern</firstname><surname>Lee</surname></personname><contrib>Rewritten by </contrib></author> </authorgroup> - </sect2info> - <title>Automatic Mounts with <application>amd</application></title> + </info> + <indexterm><primary>amd</primary></indexterm> <indexterm><primary>automatic mounter daemon</primary></indexterm> @@ -903,14 +872,14 @@ mountd_flags="-r"</programlisting> <filename>/host/foobar/usr</filename> would tell <application>amd</application> to attempt to mount the <filename>/usr</filename> export on the host - <hostid>foobar</hostid>.</para> + <systemitem>foobar</systemitem>.</para> <example> <title>Mounting an Export with <application>amd</application></title> <para>You can view the available mounts of a remote host with the <command>showmount</command> command. For example, to - view the mounts of a host named <hostid>foobar</hostid>, you + view the mounts of a host named <systemitem>foobar</systemitem>, you can use:</para> <screen>&prompt.user; <userinput>showmount -e foobar</userinput> @@ -923,7 +892,7 @@ Exports list on foobar: <para>As seen in the example, the <command>showmount</command> shows <filename>/usr</filename> as an export. When changing directories to <filename>/host/foobar/usr</filename>, <application>amd</application> - attempts to resolve the hostname <hostid>foobar</hostid> and + attempts to resolve the hostname <systemitem>foobar</systemitem> and automatically mount the desired export.</para> <para><application>amd</application> can be started by the @@ -948,17 +917,13 @@ Exports list on foobar: information.</para> </sect2> - <sect2 id="network-nfs-integration"> - <sect2info> + <sect2 xml:id="network-nfs-integration"> + <info><title>Problems Integrating with Other Systems</title> <authorgroup> - <author> - <firstname>John</firstname> - <surname>Lind</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>John</firstname><surname>Lind</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect2info> - <title>Problems Integrating with Other Systems</title> + </info> + <para>Certain Ethernet adapters for ISA PC systems have limitations which can lead to serious network problems, particularly with NFS. @@ -998,9 +963,9 @@ Exports list on foobar: necessary <acronym>UDP</acronym> information, or you will not get anywhere, no matter what else you are doing.</para> - <para>In the following examples, <hostid>fastws</hostid> is the host + <para>In the following examples, <systemitem>fastws</systemitem> is the host (interface) name of a high-performance workstation, and - <hostid>freebox</hostid> is the host (interface) name of a FreeBSD + <systemitem>freebox</systemitem> is the host (interface) name of a FreeBSD system with a lower-performance Ethernet adapter. Also, <filename>/sharedfs</filename> will be the exported NFS file system (see &man.exports.5;), and @@ -1010,23 +975,23 @@ Exports list on foobar: <option>soft</option> and <option>bg</option> may be desirable in your application.</para> - <para>Examples for the FreeBSD system (<hostid>freebox</hostid>) + <para>Examples for the FreeBSD system (<systemitem>freebox</systemitem>) as the client in <filename>/etc/fstab</filename> on - <hostid>freebox</hostid>:</para> + <systemitem>freebox</systemitem>:</para> <programlisting>fastws:/sharedfs /project nfs rw,-r=1024 0 0</programlisting> - <para>As a manual mount command on <hostid>freebox</hostid>:</para> + <para>As a manual mount command on <systemitem>freebox</systemitem>:</para> <screen>&prompt.root; <userinput>mount -t nfs -o -r=1024 fastws:/sharedfs /project</userinput></screen> <para>Examples for the FreeBSD system as the server in <filename>/etc/fstab</filename> on - <hostid>fastws</hostid>:</para> + <systemitem>fastws</systemitem>:</para> <programlisting>freebox:/sharedfs /project nfs rw,-w=1024 0 0</programlisting> - <para>As a manual mount command on <hostid>fastws</hostid>:</para> + <para>As a manual mount command on <systemitem>fastws</systemitem>:</para> <screen>&prompt.root; <userinput>mount -t nfs -o -w=1024 freebox:/sharedfs /project</userinput></screen> @@ -1067,28 +1032,17 @@ Exports list on foobar: </sect2> </sect1> - <sect1 id="network-nis"> - <sect1info> + <sect1 xml:id="network-nis"> + <info><title>Network Information System (NIS/YP)</title> <authorgroup> - <author> - <firstname>Bill</firstname> - <surname>Swingle</surname> - <contrib>Written by </contrib> - </author> + <author><personname><firstname>Bill</firstname><surname>Swingle</surname></personname><contrib>Written by </contrib></author> </authorgroup> <authorgroup> - <author> - <firstname>Eric</firstname> - <surname>Ogren</surname> - <contrib>Enhanced by </contrib> - </author> - <author> - <firstname>Udo</firstname> - <surname>Erdelhoff</surname> - </author> + <author><personname><firstname>Eric</firstname><surname>Ogren</surname></personname><contrib>Enhanced by </contrib></author> + <author><personname><firstname>Udo</firstname><surname>Erdelhoff</surname></personname></author> </authorgroup> - </sect1info> - <title>Network Information System (NIS/YP)</title> + </info> + <sect2> <title>What Is It?</title> @@ -1106,8 +1060,7 @@ Exports list on foobar: (originally &sunos;) systems. It has now essentially become an industry standard; all major &unix; like systems (&solaris;, HP-UX, &aix;, Linux, NetBSD, OpenBSD, FreeBSD, - etc) support <acronym role="Network Information - System">NIS</acronym>.</para> + etc) support <acronym role="Network Information System">NIS</acronym>.</para> <indexterm><primary>yellow pages</primary><see>NIS</see></indexterm> @@ -1327,28 +1280,28 @@ Exports list on foobar: </thead> <tbody> <row> - <entry><hostid>ellington</hostid></entry> - <entry><hostid role="ipaddr">10.0.0.2</hostid></entry> + <entry><systemitem>ellington</systemitem></entry> + <entry><systemitem class="ipaddress">10.0.0.2</systemitem></entry> <entry>NIS master</entry> </row> <row> - <entry><hostid>coltrane</hostid></entry> - <entry><hostid role="ipaddr">10.0.0.3</hostid></entry> + <entry><systemitem>coltrane</systemitem></entry> + <entry><systemitem class="ipaddress">10.0.0.3</systemitem></entry> <entry>NIS slave</entry> </row> <row> - <entry><hostid>basie</hostid></entry> - <entry><hostid role="ipaddr">10.0.0.4</hostid></entry> + <entry><systemitem>basie</systemitem></entry> + <entry><systemitem class="ipaddress">10.0.0.4</systemitem></entry> <entry>Faculty workstation</entry> </row> <row> - <entry><hostid>bird</hostid></entry> - <entry><hostid role="ipaddr">10.0.0.5</hostid></entry> + <entry><systemitem>bird</systemitem></entry> + <entry><systemitem class="ipaddress">10.0.0.5</systemitem></entry> <entry>Client machine</entry> </row> <row> - <entry><hostid>cli[1-11]</hostid></entry> - <entry><hostid role="ipaddr">10.0.0.[6-17]</hostid></entry> + <entry><systemitem>cli[1-11]</systemitem></entry> + <entry><systemitem class="ipaddress">10.0.0.[6-17]</systemitem></entry> <entry>Other client machines</entry> </row> </tbody> @@ -1476,8 +1429,7 @@ Exports list on foobar: <note> <para>Depending on your NIS setup, you may need to add - further entries. See the <link - linkend="network-nis-server-is-client">section about NIS + further entries. See the <link linkend="network-nis-server-is-client">section about NIS servers that are also NIS clients</link>, below, for details.</para> </note> @@ -1501,7 +1453,7 @@ Exports list on foobar: with one exception: the <filename>/etc/master.passwd</filename> file. This is for a good reason, you do not want to propagate passwords to - your <username>root</username> and other administrative + your <systemitem class="username">root</systemitem> and other administrative accounts to all the servers in the NIS domain. Therefore, before we initialize the NIS maps, you should:</para> @@ -1510,11 +1462,11 @@ Exports list on foobar: &prompt.root; <userinput>vi master.passwd</userinput></screen> <para>You should remove all entries regarding system - accounts (<username>bin</username>, - <username>tty</username>, <username>kmem</username>, - <username>games</username>, etc), as well as any accounts + accounts (<systemitem class="username">bin</systemitem>, + <systemitem class="username">tty</systemitem>, <systemitem class="username">kmem</systemitem>, + <systemitem class="username">games</systemitem>, etc), as well as any accounts that you do not want to be propagated to the NIS clients - (for example <username>root</username> and any other UID 0 + (for example <systemitem class="username">root</systemitem> and any other UID 0 (superuser) accounts).</para> <note><para>Make sure the @@ -1744,9 +1696,9 @@ nis_client_enable="YES"</programlisting> not imported via NIS) in your <filename>/etc/master.passwd</filename> and this account should also be a member of the group - <groupname>wheel</groupname>. If there is something + <systemitem class="groupname">wheel</systemitem>. If there is something wrong with NIS, this account can be used to log in - remotely, become <username>root</username>, and fix things.</para> + remotely, become <systemitem class="username">root</systemitem>, and fix things.</para> </note> </step> @@ -1849,7 +1801,7 @@ nis_client_enable="YES"</programlisting> <sect2> <title>Barring Some Users from Logging On</title> - <para>In our lab, there is a machine <hostid>basie</hostid> that + <para>In our lab, there is a machine <systemitem>basie</systemitem> that is supposed to be a faculty only workstation. We do not want to take this machine out of the NIS domain, yet the <filename>passwd</filename> file on the master NIS server @@ -1859,7 +1811,7 @@ nis_client_enable="YES"</programlisting> <para>There is a way to bar specific users from logging on to a machine, even if they are present in the NIS database. To do this, all you must do is add - <literal>-<replaceable>username</replaceable></literal> to the + <literal>-username</literal> to the end of the <filename>/etc/master.passwd</filename> file on the client machine, where <replaceable>username</replaceable> is the username of the user you wish to bar from logging in. @@ -1868,8 +1820,8 @@ nis_client_enable="YES"</programlisting> to <filename>/etc/master.passwd</filename>, as well as automatically rebuild the password database when you finish editing. For example, if we wanted to bar user - <username>bill</username> from logging on to - <hostid>basie</hostid> we would:</para> + <systemitem class="username">bill</systemitem> from logging on to + <systemitem>basie</systemitem> we would:</para> <screen>basie&prompt.root; <userinput>vipw</userinput> <userinput>[add -bill to the end, exit]</userinput> @@ -1899,18 +1851,14 @@ nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin basie&prompt.root;</screen> </sect2> - <sect2 id="network-netgroups"> - <sect2info> + <sect2 xml:id="network-netgroups"> + <info><title>Using Netgroups</title> <authorgroup> - <author> - <firstname>Udo</firstname> - <surname>Erdelhoff</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Udo</firstname><surname>Erdelhoff</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect2info> + </info> - <title>Using Netgroups</title> + <indexterm><primary>netgroups</primary></indexterm> <para>The method shown in the previous section works reasonably @@ -1954,22 +1902,22 @@ basie&prompt.root;</screen> <tbody> <row> - <entry><username>alpha</username>, <username>beta</username></entry> + <entry><systemitem class="username">alpha</systemitem>, <systemitem class="username">beta</systemitem></entry> <entry>Normal employees of the IT department</entry> </row> <row> - <entry><username>charlie</username>, <username>delta</username></entry> + <entry><systemitem class="username">charlie</systemitem>, <systemitem class="username">delta</systemitem></entry> <entry>The new apprentices of the IT department</entry> </row> <row> - <entry><username>echo</username>, <username>foxtrott</username>, <username>golf</username>, ...</entry> + <entry><systemitem class="username">echo</systemitem>, <systemitem class="username">foxtrott</systemitem>, <systemitem class="username">golf</systemitem>, ...</entry> <entry>Ordinary employees</entry> </row> <row> - <entry><username>able</username>, <username>baker</username>, ...</entry> + <entry><systemitem class="username">able</systemitem>, <systemitem class="username">baker</systemitem>, ...</entry> <entry>The current interns</entry> </row> </tbody> @@ -1990,9 +1938,9 @@ basie&prompt.root;</screen> <!-- Names taken from "Good Omens" by Neil Gaiman and Terry Pratchett. Many thanks for a brilliant book. --> - <entry><hostid>war</hostid>, <hostid>death</hostid>, - <hostid>famine</hostid>, - <hostid>pollution</hostid></entry> + <entry><systemitem>war</systemitem>, <systemitem>death</systemitem>, + <systemitem>famine</systemitem>, + <systemitem>pollution</systemitem></entry> <entry>Your most important servers. Only the IT employees are allowed to log onto these machines.</entry> @@ -2000,17 +1948,17 @@ basie&prompt.root;</screen> <row> <!-- gluttony was omitted because it was too fat --> - <entry><hostid>pride</hostid>, <hostid>greed</hostid>, - <hostid>envy</hostid>, <hostid>wrath</hostid>, - <hostid>lust</hostid>, <hostid>sloth</hostid></entry> + <entry><systemitem>pride</systemitem>, <systemitem>greed</systemitem>, + <systemitem>envy</systemitem>, <systemitem>wrath</systemitem>, + <systemitem>lust</systemitem>, <systemitem>sloth</systemitem></entry> <entry>Less important servers. All members of the IT department are allowed to login onto these machines.</entry> </row> <row> - <entry><hostid>one</hostid>, <hostid>two</hostid>, - <hostid>three</hostid>, <hostid>four</hostid>, + <entry><systemitem>one</systemitem>, <systemitem>two</systemitem>, + <systemitem>three</systemitem>, <systemitem>four</systemitem>, ...</entry> <entry>Ordinary workstations. Only the @@ -2019,7 +1967,7 @@ basie&prompt.root;</screen> </row> <row> - <entry><hostid>trashcan</hostid></entry> + <entry><systemitem>trashcan</systemitem></entry> <entry>A very old machine without any critical data. Even the intern is allowed to use this box.</entry> </row> @@ -2029,7 +1977,7 @@ basie&prompt.root;</screen> <para>If you tried to implement these restrictions by separately blocking each user, you would have to add one - <literal>-<replaceable>user</replaceable></literal> line to + <literal>-user</literal> line to each system's <filename>passwd</filename> for each user who is not allowed to login onto that system. If you forget just one entry, you could be in trouble. It may be feasible to do this @@ -2145,7 +2093,7 @@ ellington&prompt.user; <userinput>ypcat -k netgroup.byuser</userinput></screen> get the list of netgroups for a user.</para> <para>The client setup is quite simple. To configure the server - <hostid>war</hostid>, you only have to start + <systemitem>war</systemitem>, you only have to start &man.vipw.8; and replace the line</para> <programlisting>+:::::::::</programlisting> @@ -2156,14 +2104,14 @@ ellington&prompt.user; <userinput>ypcat -k netgroup.byuser</userinput></screen> <para>Now, only the data for the users defined in the netgroup <literal>IT_EMP</literal> is imported into - <hostid>war</hostid>'s password database and only + <systemitem>war</systemitem>'s password database and only these users are allowed to login.</para> <para>Unfortunately, this limitation also applies to the <literal>~</literal> function of the shell and all routines converting between user names and numerical user IDs. In other words, <command>cd - ~<replaceable>user</replaceable></command> will not work, + ~user</command> will not work, <command>ls -l</command> will show the numerical ID instead of the username and <command>find . -user joe -print</command> will fail with <errorname>No such user</errorname>. To fix @@ -2327,7 +2275,7 @@ TWO (,hotel,test-domain) maps</emphasis>. If you forget to do this, the new user will not be able to login anywhere except on the NIS master. For example, if we needed to add a new user - <username>jsmith</username> to the lab, we would:</para> + <systemitem class="username">jsmith</systemitem> to the lab, we would:</para> <screen>&prompt.root; <userinput>pw useradd jsmith</userinput> &prompt.root; <userinput>cd /var/yp</userinput> @@ -2379,7 +2327,7 @@ TWO (,hotel,test-domain) any such servers still in use today.</para> </sect2> - <sect2 id="network-nis-server-is-client"> + <sect2 xml:id="network-nis-server-is-client"> <title>NIS Servers That Are Also NIS Clients</title> <para> Care must be taken when running @@ -2438,7 +2386,7 @@ nis_client_flags="-S <replaceable>NIS domain</replaceable>,<replaceable>server</ <filename>/etc/login.conf</filename>, you will also need to rebuild the login capability database, which is achieved by running the following command as - <username>root</username>:</para> + <systemitem class="username">root</systemitem>:</para> <screen>&prompt.root; <userinput>cap_mkdb /etc/login.conf</userinput></screen> @@ -2469,17 +2417,13 @@ nis_client_flags="-S <replaceable>NIS domain</replaceable>,<replaceable>server</ </sect2> </sect1> - <sect1 id="network-dhcp"> - <sect1info> + <sect1 xml:id="network-dhcp"> + <info><title>Automatic Network Configuration (DHCP)</title> <authorgroup> - <author> - <firstname>Greg</firstname> - <surname>Sutter</surname> - <contrib>Written by </contrib> - </author> + <author><personname><firstname>Greg</firstname><surname>Sutter</surname></personname><contrib>Written by </contrib></author> </authorgroup> - </sect1info> - <title>Automatic Network Configuration (DHCP)</title> + </info> + <sect2> <title>What Is DHCP?</title> @@ -2510,8 +2454,7 @@ nis_client_flags="-S <replaceable>NIS domain</replaceable>,<replaceable>server</ server-side components of the ISC DHCP system. The client-side program, <command>dhclient</command>, comes integrated within FreeBSD, and the server-side portion is - available from the <filename - role="package">net/isc-dhcp3-server</filename> port. The + available from the <package>net/isc-dhcp3-server</package> port. The &man.dhclient.8;, &man.dhcp-options.5;, and &man.dhclient.conf.5; manual pages, in addition to the references below, are useful resources.</para> @@ -2568,26 +2511,25 @@ nis_client_flags="-S <replaceable>NIS domain</replaceable>,<replaceable>server</ </indexterm> <itemizedlist> <listitem> - <para>Make sure that the <devicename>bpf</devicename> + <para>Make sure that the <filename>bpf</filename> device is compiled into your kernel. To do this, add <literal>device bpf</literal> to your kernel configuration file, and rebuild the kernel. For more - information about building kernels, see <xref - linkend="kernelconfig"/>.</para> <para>The - <devicename>bpf</devicename> device is already part of + information about building kernels, see <xref linkend="kernelconfig"/>.</para> <para>The + <filename>bpf</filename> device is already part of the <filename>GENERIC</filename> kernel that is supplied with FreeBSD, so if you do not have a custom kernel, you should not need to create one in order to get DHCP working.</para> <note> <para>For those who are particularly security conscious, - you should be warned that <devicename>bpf</devicename> + you should be warned that <filename>bpf</filename> is also the device that allows packet sniffers to work correctly (although they still have to be run as - <username>root</username>). <devicename>bpf</devicename> + <systemitem class="username">root</systemitem>). <filename>bpf</filename> <emphasis>is</emphasis> required to use DHCP, but if you are very sensitive about security, you probably - should not add <devicename>bpf</devicename> to your + should not add <filename>bpf</filename> to your kernel in the expectation that at some point in the future you will be using DHCP.</para> </note> @@ -2620,8 +2562,7 @@ dhcp_flags=""</programlisting> <secondary>server</secondary> </indexterm> <para>The DHCP server, <application>dhcpd</application>, is included - as part of the <filename - role="package">net/isc-dhcp3-server</filename> port in the ports + as part of the <package>net/isc-dhcp3-server</package> port in the ports collection. This port contains the ISC DHCP server and documentation.</para> </sect2> @@ -2667,12 +2608,12 @@ dhcp_flags=""</programlisting> <title>Further Reading</title> <para>The DHCP protocol is fully described in - <ulink url="http://www.freesoft.org/CIE/RFC/2131/">RFC 2131</ulink>. + <link xlink:href="http://www.freesoft.org/CIE/RFC/2131/">RFC 2131</link>. An informational resource has also been set up at - <ulink url="http://www.dhcp.org/"></ulink>.</para> + <uri xlink:href="http://www.dhcp.org/">http://www.dhcp.org/</uri>.</para> </sect2> - <sect2 id="network-dhcp-server"> + <sect2 xml:id="network-dhcp-server"> <title>Installing and Configuring a DHCP Server</title> <sect3> @@ -2685,7 +2626,7 @@ dhcp_flags=""</programlisting> <para>The server is not provided as part of FreeBSD, and so you will need to install the - <filename role="package">net/isc-dhcp3-server</filename> + <package>net/isc-dhcp3-server</package> port to provide this service. See <xref linkend="ports"/> for more information on using the Ports Collection.</para> </sect3> @@ -2701,30 +2642,29 @@ dhcp_flags=""</programlisting> device is compiled into your kernel. To do this, add <literal>device bpf</literal> to your kernel configuration file, and rebuild the kernel. For more - information about building kernels, see <xref - linkend="kernelconfig"/>.</para> + information about building kernels, see <xref linkend="kernelconfig"/>.</para> - <para>The <devicename>bpf</devicename> device is already + <para>The <filename>bpf</filename> device is already part of the <filename>GENERIC</filename> kernel that is supplied with FreeBSD, so you do not need to create a custom kernel in order to get DHCP working.</para> <note> <para>Those who are particularly security conscious - should note that <devicename>bpf</devicename> + should note that <filename>bpf</filename> is also the device that allows packet sniffers to work correctly (although such programs still need privileged - access). <devicename>bpf</devicename> + access). <filename>bpf</filename> <emphasis>is</emphasis> required to use DHCP, but if you are very sensitive about security, you probably - should not include <devicename>bpf</devicename> in your + should not include <filename>bpf</filename> in your kernel purely because you expect to use DHCP at some point in the future.</para> </note> <para>The next thing that you will need to do is edit the sample <filename>dhcpd.conf</filename> which was installed by the - <filename role="package">net/isc-dhcp3-server</filename> port. + <package>net/isc-dhcp3-server</package> port. By default, this will be <filename>/usr/local/etc/dhcpd.conf.sample</filename>, and you should copy this to @@ -2742,22 +2682,22 @@ dhcp_flags=""</programlisting> comprised of declarations regarding subnets and hosts, and is perhaps most easily explained using an example :</para> - <programlisting>option domain-name "example.com";<co id="domain-name"/> -option domain-name-servers 192.168.4.100;<co id="domain-name-servers"/> -option subnet-mask 255.255.255.0;<co id="subnet-mask"/> + <programlisting>option domain-name "example.com";<co xml:id="domain-name"/> +option domain-name-servers 192.168.4.100;<co xml:id="domain-name-servers"/> +option subnet-mask 255.255.255.0;<co xml:id="subnet-mask"/> -default-lease-time 3600;<co id="default-lease-time"/> -max-lease-time 86400;<co id="max-lease-time"/> -ddns-update-style none;<co id="ddns-update-style"/> +default-lease-time 3600;<co xml:id="default-lease-time"/> +max-lease-time 86400;<co xml:id="max-lease-time"/> +ddns-update-style none;<co xml:id="ddns-update-style"/> subnet 192.168.4.0 netmask 255.255.255.0 { - range 192.168.4.129 192.168.4.254;<co id="range"/> - option routers 192.168.4.1;<co id="routers"/> + range 192.168.4.129 192.168.4.254;<co xml:id="range"/> + option routers 192.168.4.1;<co xml:id="routers"/> } host mailhost { - hardware ethernet 02:03:04:05:06:07;<co id="hardware"/> - fixed-address mailhost.example.com;<co id="fixed-address"/> + hardware ethernet 02:03:04:05:06:07;<co xml:id="hardware"/> + fixed-address mailhost.example.com;<co xml:id="fixed-address"/> }</programlisting> <calloutlist> @@ -2887,8 +2827,7 @@ dhcpd_ifaces="dc0"</programlisting> <para><application>dhcrelay</application> is used in advanced environments where one DHCP server forwards a request from a client to another DHCP server on a separate network. If you - require this functionality, then install the <filename - role="package">net/isc-dhcp3-relay</filename> port. The + require this functionality, then install the <package>net/isc-dhcp3-relay</package> port. The &man.dhcrelay.8; manual page provided with the port contains more detail.</para> </listitem> @@ -2899,27 +2838,17 @@ dhcpd_ifaces="dc0"</programlisting> </sect1> - <sect1 id="network-dns"> - <sect1info> + <sect1 xml:id="network-dns"> + <info><title>Domain Name System (<acronym>DNS</acronym>)</title> <authorgroup> - <author> - <firstname>Chern</firstname> - <surname>Lee</surname> - <contrib>Contributed by </contrib> - </author> - - <author> - <firstname>Tom</firstname> - <surname>Rhodes</surname> - </author> - - <author> - <firstname>Daniel</firstname> - <surname>Gerzo</surname> - </author> + <author><personname><firstname>Chern</firstname><surname>Lee</surname></personname><contrib>Contributed by </contrib></author> + + <author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname></author> + + <author><personname><firstname>Daniel</firstname><surname>Gerzo</surname></personname></author> </authorgroup> - </sect1info> - <title>Domain Name System (<acronym>DNS</acronym>)</title> + </info> + <sect2> <title>Overview</title> @@ -2930,10 +2859,9 @@ dhcpd_ifaces="dc0"</programlisting> of the <acronym>DNS</acronym> protocol. <acronym>DNS</acronym> is the protocol through which names are mapped to <acronym>IP</acronym> addresses, and vice versa. For example, a - query for <hostid role="fqdn">www.FreeBSD.org</hostid> will + query for <systemitem class="fqdomainname">www.FreeBSD.org</systemitem> will receive a reply with the <acronym>IP</acronym> address of The - &os; Project's web server, whereas, a query for <hostid - role="fqdn">ftp.FreeBSD.org</hostid> will return the + &os; Project's web server, whereas, a query for <systemitem class="fqdomainname">ftp.FreeBSD.org</systemitem> will return the <acronym>IP</acronym> address of the corresponding <acronym>FTP</acronym> machine. Likewise, the opposite can happen. A query for an <acronym>IP</acronym> address can @@ -2954,7 +2882,7 @@ dhcpd_ifaces="dc0"</programlisting> <para>Currently, BIND is maintained by the Internet Software Consortium - <ulink url="http://www.isc.org/"></ulink>.</para> + <uri xlink:href="http://www.isc.org/">http://www.isc.org/</uri>.</para> </sect2> <sect2> @@ -3038,35 +2966,34 @@ dhcpd_ifaces="dc0"</programlisting> <itemizedlist> <listitem> - <para><hostid>.</hostid> is the root zone.</para> + <para><systemitem>.</systemitem> is the root zone.</para> </listitem> <listitem> - <para><hostid>org.</hostid> is a Top Level Domain + <para><systemitem>org.</systemitem> is a Top Level Domain (<acronym>TLD</acronym>) under the root zone.</para> </listitem> <listitem> - <para><hostid role="domainname">example.org.</hostid> is a - zone under the <hostid>org.</hostid> + <para><systemitem class="fqdomainname">example.org.</systemitem> is a + zone under the <systemitem>org.</systemitem> <acronym>TLD</acronym>.</para> </listitem> <listitem> - <para><hostid>1.168.192.in-addr.arpa</hostid> is a zone + <para><systemitem>1.168.192.in-addr.arpa</systemitem> is a zone referencing all <acronym>IP</acronym> addresses which fall - under the <hostid role="ipaddr">192.168.1.*</hostid> + under the <systemitem class="ipaddress">192.168.1.*</systemitem> <acronym>IP</acronym> space.</para> </listitem> </itemizedlist> <para>As one can see, the more specific part of a hostname appears - to its left. For example, <hostid - role="domainname">example.org.</hostid> is more specific than - <hostid>org.</hostid>, as <hostid>org.</hostid> is more specific + to its left. For example, <systemitem class="fqdomainname">example.org.</systemitem> is more specific than + <systemitem>org.</systemitem>, as <systemitem>org.</systemitem> is more specific than the root zone. The layout of each part of a hostname is much like a file system: the - <filename class="directory">/dev</filename> directory falls + <filename>/dev</filename> directory falls within the root, and so on.</para> </sect2> @@ -3085,8 +3012,7 @@ dhcpd_ifaces="dc0"</programlisting> </listitem> <listitem> - <para>A domain, such as <hostid - role="domainname">example.org</hostid>, is registered and + <para>A domain, such as <systemitem class="fqdomainname">example.org</systemitem>, is registered and <acronym>IP</acronym> addresses need to be assigned to hostnames under it.</para> </listitem> @@ -3113,8 +3039,7 @@ dhcpd_ifaces="dc0"</programlisting> </listitem> </itemizedlist> - <para>When one queries for <hostid - role="fqdn">www.FreeBSD.org</hostid>, the resolver usually + <para>When one queries for <systemitem class="fqdomainname">www.FreeBSD.org</systemitem>, the resolver usually queries the uplink <acronym>ISP</acronym>'s name server, and retrieves the reply. With a local, caching <acronym>DNS</acronym> server, the query only has to be made @@ -3150,7 +3075,7 @@ dhcpd_ifaces="dc0"</programlisting> </row> <row> - <entry><filename class="directory">/etc/namedb</filename></entry> + <entry><filename>/etc/namedb</filename></entry> <entry>Directory where BIND zone information resides.</entry> </row> @@ -3163,11 +3088,8 @@ dhcpd_ifaces="dc0"</programlisting> </informaltable> <para>Depending on how a given zone is configured on the server, - the files related to that zone can be found in the <filename - class="directory">master</filename>, <filename - class="directory">slave</filename>, or <filename - class="directory">dynamic</filename> subdirectories of the - <filename class="directory">/etc/namedb</filename> directory. + the files related to that zone can be found in the <filename>master</filename>, <filename>slave</filename>, or <filename>dynamic</filename> subdirectories of the + <filename>/etc/namedb</filename> directory. These files contain the <acronym>DNS</acronym> information that will be given out by the name server in response to queries.</para> </sect2> @@ -3200,7 +3122,7 @@ dhcpd_ifaces="dc0"</programlisting> scope of this document. However, if you are interested in the startup options for <application>named</application> on &os;, take a look at the - <literal>named_<replaceable>*</replaceable></literal> flags in + <literal>named_*</literal> flags in <filename>/etc/defaults/rc.conf</filename> and consult the &man.rc.conf.5; manual page. The <xref linkend="configtuning-rcd"/> section is also a good read.</para> @@ -3215,7 +3137,7 @@ dhcpd_ifaces="dc0"</programlisting> <para>Configuration files for <application>named</application> currently reside in - <filename class="directory">/etc/namedb</filename> directory and + <filename>/etc/namedb</filename> directory and will need modification before use, unless all that is needed is a simple resolver. This is where most of the configuration will be performed.</para> @@ -3224,13 +3146,13 @@ dhcpd_ifaces="dc0"</programlisting> <title>Using <command>make-localhost</command></title> <para>To configure a master zone for the localhost visit the - <filename class="directory">/etc/namedb</filename> directory + <filename>/etc/namedb</filename> directory and run the following command:</para> <screen>&prompt.root; <userinput>sh make-localhost</userinput></screen> <para>If all went well, a new file should exist in the - <filename class="directory">master</filename> subdirectory. + <filename>master</filename> subdirectory. The filenames should be <filename>localhost.rev</filename> for the local domain name and <filename>localhost-v6.rev</filename> for <acronym>IPv6</acronym> configurations. As the default @@ -3293,7 +3215,7 @@ options { server, enabling this may be worthwhile.</para> <warning> - <para><hostid role="ipaddr">127.0.0.1</hostid> will + <para><systemitem class="ipaddress">127.0.0.1</systemitem> will <emphasis>not</emphasis> work here. Change this <acronym>IP</acronym> address to a name server at your uplink.</para> @@ -3393,7 +3315,7 @@ zone "1.168.192.in-addr.arpa" { to <filename>named.conf</filename>.</para> <para>For example, the simplest zone entry for - <hostid role="domainname">example.org</hostid> can look + <systemitem class="fqdomainname">example.org</systemitem> can look like:</para> <programlisting>zone "example.org" { @@ -3426,8 +3348,7 @@ zone "1.168.192.in-addr.arpa" { <secondary>zone files</secondary> </indexterm> - <para>An example master zone file for <hostid - role="domainname">example.org</hostid> (existing within + <para>An example master zone file for <systemitem class="fqdomainname">example.org</systemitem> (existing within <filename>/etc/namedb/master/example.org</filename>) is as follows:</para> @@ -3465,10 +3386,10 @@ www IN CNAME @</programlisting> exact hostname, whereas everything without a trailing <quote>.</quote> is referenced to the origin. For example, <literal>www</literal> is translated into - <literal>www.<replaceable>origin</replaceable></literal>. + <literal>www.origin</literal>. In our fictitious zone file, our origin is - <hostid>example.org.</hostid>, so <literal>www</literal> - would translate to <hostid>www.example.org.</hostid> + <systemitem>example.org.</systemitem>, so <literal>www</literal> + would translate to <systemitem>www.example.org.</systemitem> </para> <para> @@ -3535,14 +3456,14 @@ example.org. IN SOA ns1.example.org. admin.example.org. ( <variablelist> <varlistentry> - <term><hostid role="domainname">example.org.</hostid></term> + <term><systemitem class="fqdomainname">example.org.</systemitem></term> <listitem><para>the domain name, also the origin for this zone file.</para></listitem> </varlistentry> <varlistentry> - <term><hostid role="fqdn">ns1.example.org.</hostid></term> + <term><systemitem class="fqdomainname">ns1.example.org.</systemitem></term> <listitem><para>the primary/authoritative name server for this zone.</para></listitem> @@ -3592,26 +3513,26 @@ mail IN A 192.168.1.5</programlisting> <para> The A record indicates machine names. As seen above, - <hostid role="fqdn">ns1.example.org</hostid> would resolve - to <hostid role="ipaddr">192.168.1.2</hostid>. + <systemitem class="fqdomainname">ns1.example.org</systemitem> would resolve + to <systemitem class="ipaddress">192.168.1.2</systemitem>. </para> <programlisting> IN A 192.168.1.1</programlisting> <para>This line assigns IP address - <hostid role="ipaddr">192.168.1.1</hostid> to the current origin, - in this case <hostid role="domainname">example.org</hostid>.</para> + <systemitem class="ipaddress">192.168.1.1</systemitem> to the current origin, + in this case <systemitem class="fqdomainname">example.org</systemitem>.</para> <programlisting> www IN CNAME @</programlisting> <para> The canonical name record is usually used for giving aliases - to a machine. In the example, <hostid>www</hostid> is + to a machine. In the example, <systemitem>www</systemitem> is aliased to the <quote>master</quote> machine which name equals - to domain name <hostid role="domainname">example.org</hostid> - (<hostid role="ipaddr">192.168.1.1</hostid>). + to domain name <systemitem class="fqdomainname">example.org</systemitem> + (<systemitem class="ipaddress">192.168.1.1</systemitem>). CNAMEs can be used to provide alias hostnames, or round robin one hostname among multiple machines. @@ -3627,15 +3548,14 @@ www IN CNAME @</programlisting> <para> The MX record indicates which mail servers are responsible for handling incoming mail for the - zone. <hostid role="fqdn">mail.example.org</hostid> is the + zone. <systemitem class="fqdomainname">mail.example.org</systemitem> is the hostname of the mail server, and 10 being the priority of that mail server. </para> <para> One can have several mail servers, with priorities of 10, - 20 and so on. A mail server attempting to deliver to <hostid - role="domainname">example.org</hostid> would first try the + 20 and so on. A mail server attempting to deliver to <systemitem class="fqdomainname">example.org</systemitem> would first try the highest priority MX (the record with the lowest priority number), then the second highest, etc, until the mail can be properly delivered. @@ -3698,8 +3618,7 @@ www IN CNAME @</programlisting> place which could help to lure off possible <acronym>DNS</acronym> service attacks.</para> - <para>It is always good idea to read <ulink - url="http://www.cert.org/">CERT</ulink>'s security advisories + <para>It is always good idea to read <link xlink:href="http://www.cert.org/">CERT</link>'s security advisories and to subscribe to the &a.security-notifications; to stay up to date with the current Internet and &os; security issues.</para> @@ -3718,54 +3637,45 @@ www IN CNAME @</programlisting> <itemizedlist> <listitem> - <para><ulink - url="http://www.isc.org/products/BIND/">Official ISC BIND - Page</ulink></para> + <para><link xlink:href="http://www.isc.org/products/BIND/">Official ISC BIND + Page</link></para> </listitem> <listitem> - <para><ulink - url="http://www.isc.org/sw/guild/bf/">Official ISC BIND - Forum</ulink></para> + <para><link xlink:href="http://www.isc.org/sw/guild/bf/">Official ISC BIND + Forum</link></para> </listitem> <listitem> - <para><ulink - url="http://www.nominum.com/getOpenSourceResource.php?id=6"> - BIND FAQ</ulink></para> + <para><link xlink:href="http://www.nominum.com/getOpenSourceResource.php?id=6"> + BIND FAQ</link></para> </listitem> <listitem> - <para><ulink url="http://www.oreilly.com/catalog/dns5/">O'Reilly - DNS and BIND 5th Edition</ulink></para> + <para><link xlink:href="http://www.oreilly.com/catalog/dns5/">O'Reilly + DNS and BIND 5th Edition</link></para> </listitem> <listitem> - <para><ulink - url="ftp://ftp.isi.edu/in-notes/rfc1034.txt">RFC1034 - - Domain Names - Concepts and Facilities</ulink></para> + <para><link xlink:href="ftp://ftp.isi.edu/in-notes/rfc1034.txt">RFC1034 + - Domain Names - Concepts and Facilities</link></para> </listitem> <listitem> - <para><ulink - url="ftp://ftp.isi.edu/in-notes/rfc1035.txt">RFC1035 - - Domain Names - Implementation and Specification</ulink></para> + <para><link xlink:href="ftp://ftp.isi.edu/in-notes/rfc1035.txt">RFC1035 + - Domain Names - Implementation and Specification</link></para> </listitem> </itemizedlist> </sect2> </sect1> - <sect1 id="network-apache"> - <sect1info> + <sect1 xml:id="network-apache"> + <info><title>Apache HTTP Server</title> <authorgroup> - <author> - <firstname>Murray</firstname> - <surname>Stokely</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> - <title>Apache HTTP Server</title> + </info> + <indexterm><primary>web servers</primary> <secondary>setting up</secondary></indexterm> @@ -3780,9 +3690,7 @@ www IN CNAME @</programlisting> <application>Apache</application> software packages should be included on your FreeBSD installation media. If you did not install <application>Apache</application> when you first - installed FreeBSD, then you can install it from the <filename - role="package">www/apache13</filename> or <filename - role="package">www/apache20</filename> port.</para> + installed FreeBSD, then you can install it from the <package>www/apache13</package> or <package>www/apache20</package> port.</para> <para>Once <application>Apache</application> has been installed successfully, it must be configured.</para> @@ -3791,8 +3699,7 @@ www IN CNAME @</programlisting> <application>Apache HTTP Server</application> as that is the most widely used version for &os;. <application>Apache</application> 2.X introduces many new technologies but they are not discussed here. For more - information about <application>Apache</application> 2.X, please see <ulink - url="http://httpd.apache.org/"></ulink>.</para></note> + information about <application>Apache</application> 2.X, please see <uri xlink:href="http://httpd.apache.org/">http://httpd.apache.org/</uri>.</para></note> </sect2> @@ -3819,10 +3726,10 @@ www IN CNAME @</programlisting> <listitem> <para>This specifies the default directory hierarchy for the <application>Apache</application> installation. Binaries are stored in the - <filename class="directory">bin</filename> and - <filename class="directory">sbin</filename> subdirectories + <filename>bin</filename> and + <filename>sbin</filename> subdirectories of the server root, and configuration files are stored in - <filename class="directory">etc/apache</filename>.</para> + <filename>etc/apache</filename>.</para> </listitem> </varlistentry> @@ -3842,7 +3749,7 @@ www IN CNAME @</programlisting> <listitem> <para><literal>ServerName</literal> allows you to set a host name which is sent back to clients for your server if it is different - to the one that the host is configured with (i.e., use <hostid>www</hostid> + to the one that the host is configured with (i.e., use <systemitem>www</systemitem> instead of the host's real name).</para> </listitem> </varlistentry> @@ -3946,9 +3853,9 @@ Log file format --> <programlisting>NameVirtualHost *</programlisting> - <para>If your webserver was named <hostid role="fqdn">www.domain.tld</hostid> and + <para>If your webserver was named <systemitem class="fqdomainname">www.domain.tld</systemitem> and you wanted to setup a virtual domain for - <hostid role="fqdn">www.someotherdomain.tld</hostid> then you would add + <systemitem class="fqdomainname">www.someotherdomain.tld</systemitem> then you would add the following entries to <filename>httpd.conf</filename>:</para> @@ -3967,8 +3874,7 @@ DocumentRoot /www/someotherdomain.tld <para>For more information about setting up virtual hosts, please consult the official <application>Apache</application> - documentation at: <ulink - url="http://httpd.apache.org/docs/vhosts/"></ulink>.</para> + documentation at: <uri xlink:href="http://httpd.apache.org/docs/vhosts/">http://httpd.apache.org/docs/vhosts/</uri>.</para> </sect2> @@ -4001,10 +3907,9 @@ DocumentRoot /www/someotherdomain.tld <para>If you have not yet installed <application>Apache</application>, then a version of <application>Apache</application> - 1.3.X that includes <application>mod_ssl</application> may be installed with the <filename - role="package">www/apache13-modssl</filename> port. SSL + 1.3.X that includes <application>mod_ssl</application> may be installed with the <package>www/apache13-modssl</package> port. SSL support is also available for <application>Apache</application> 2.X in the - <filename role="package">www/apache20</filename> port, + <package>www/apache20</package> port, where it is enabled by default.</para> <!-- XXX add more information about configuring mod_ssl here. --> @@ -4047,24 +3952,20 @@ DocumentRoot /www/someotherdomain.tld <application>mod_perl</application> 2.0 only works with <application>Apache</application> 2. <application>mod_perl</application> 1.0 is available in - <filename role="package">www/mod_perl</filename> and a + <package>www/mod_perl</package> and a statically compiled version is available in - <filename role="package">www/apache13-modperl</filename>. + <package>www/apache13-modperl</package>. <application>mod_perl</application> 2.0 is avaliable in - <filename role="package">www/mod_perl2</filename>.</para> + <package>www/mod_perl2</package>.</para> </sect4> <sect4> - <sect4info> + <info><title>mod_php</title> <authorgroup> - <author> - <firstname>Tom</firstname> - <surname>Rhodes</surname> - <contrib>Written by </contrib> - </author> + <author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Written by </contrib></author> </authorgroup> - </sect4info> - <title>mod_php</title> + </info> + <indexterm> <primary>mod_php</primary> @@ -4082,7 +3983,7 @@ DocumentRoot /www/someotherdomain.tld <para>To gain support for <acronym>PHP</acronym>5 for the <application>Apache</application> web server, begin by installing the - <filename role="package">www/mod_php5</filename> + <package>www/mod_php5</package> port.</para> <para>This will install and configure the modules required @@ -4111,7 +4012,7 @@ DocumentRoot /www/someotherdomain.tld <para>The <acronym>PHP</acronym> support in &os; is extremely modular so the base install is very limited. It is very easy to add support using the - <filename role="package">lang/php5-extensions</filename> port. + <package>lang/php5-extensions</package> port. This port provides a menu driven interface to <acronym>PHP</acronym> extension installation. Alternatively, individual extensions can be installed using @@ -4120,7 +4021,7 @@ DocumentRoot /www/someotherdomain.tld <para>For instance, to add support for the <application>MySQL</application> database server to <acronym>PHP</acronym>5, simply install the - <filename role="package">databases/php5-mysql</filename> + <package>databases/php5-mysql</package> port.</para> <para>After installing an extension, the @@ -4133,17 +4034,13 @@ DocumentRoot /www/someotherdomain.tld </sect2> </sect1> - <sect1 id="network-ftp"> - <sect1info> + <sect1 xml:id="network-ftp"> + <info><title>File Transfer Protocol (FTP)</title> <authorgroup> - <author> - <firstname>Murray</firstname> - <surname>Stokely</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> - <title>File Transfer Protocol (FTP)</title> + </info> + <indexterm><primary>FTP servers</primary></indexterm> @@ -4151,12 +4048,10 @@ DocumentRoot /www/someotherdomain.tld <title>Overview</title> <para>The File Transfer Protocol (FTP) provides users with a - simple way to transfer files to and from an <acronym - role="File Transfer Protocol">FTP</acronym> server. &os; + simple way to transfer files to and from an <acronym role="File Transfer Protocol">FTP</acronym> server. &os; includes <acronym role="File Transfer Protocol">FTP</acronym> server software, <application>ftpd</application>, in the base - system. This makes setting up and administering an <acronym - role="File Transfer Protocol">FTP</acronym> server on FreeBSD + system. This makes setting up and administering an <acronym role="File Transfer Protocol">FTP</acronym> server on FreeBSD very straightforward.</para> </sect2> @@ -4188,14 +4083,14 @@ DocumentRoot /www/someotherdomain.tld <para>If you would like to enable anonymous FTP access to your server, then you must create a user named - <username>ftp</username> on your &os; system. Users will then + <systemitem class="username">ftp</systemitem> on your &os; system. Users will then be able to log on to your FTP server with a username of - <username>ftp</username> or <username>anonymous</username> and + <systemitem class="username">ftp</systemitem> or <systemitem class="username">anonymous</systemitem> and with any password (by convention an email address for the user should be used as the password). The FTP server will call &man.chroot.2; when an anonymous user logs in, to restrict access to only the home directory of the - <username>ftp</username> user.</para> + <systemitem class="username">ftp</systemitem> user.</para> <para>There are two text files that specify welcome messages to be displayed to FTP clients. The contents of the file @@ -4258,17 +4153,13 @@ DocumentRoot /www/someotherdomain.tld </sect2> </sect1> - <sect1 id="network-samba"> - <sect1info> + <sect1 xml:id="network-samba"> + <info><title>File and Print Services for µsoft.windows; clients (Samba)</title> <authorgroup> - <author> - <firstname>Murray</firstname> - <surname>Stokely</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> - <title>File and Print Services for µsoft.windows; clients (Samba)</title> + </info> + <indexterm><primary>Samba server</primary></indexterm> <indexterm><primary>Microsoft Windows</primary></indexterm> @@ -4293,8 +4184,7 @@ DocumentRoot /www/someotherdomain.tld <para><application>Samba</application> software packages should be included on your FreeBSD installation media. If you did not install <application>Samba</application> when you first - installed FreeBSD, then you can install it from the <filename - role="package">net/samba3</filename> port or package.</para> + installed FreeBSD, then you can install it from the <package>net/samba3</package> port or package.</para> <!-- mention LDAP, Active Directory, WinBIND, ACL, Quotas, PAM, .. --> @@ -4336,8 +4226,8 @@ DocumentRoot /www/someotherdomain.tld <para>Once <application>swat</application> has been enabled in <filename>inetd.conf</filename>, you can use a browser to - connect to <ulink url="http://localhost:901"></ulink>. You will - first have to log on with the system <username>root</username> account.</para> + connect to <uri xlink:href="http://localhost:901">http://localhost:901</uri>. You will + first have to log on with the system <systemitem class="username">root</systemitem> account.</para> <!-- XXX screenshots go here, loader is creating them --> @@ -4490,22 +4380,18 @@ Starting smbd.</screen> suite with functionality that allows broad integration with µsoft.windows; networks. For more information about functionality beyond the basic installation described here, - please see <ulink url="http://www.samba.org"></ulink>.</para> + please see <uri xlink:href="http://www.samba.org">http://www.samba.org</uri>.</para> </sect2> </sect1> - <sect1 id="network-ntp"> - <sect1info> + <sect1 xml:id="network-ntp"> + <info><title>Clock Synchronization with NTP</title> <authorgroup> - <author> - <firstname>Tom</firstname> - <surname>Hukins</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Tom</firstname><surname>Hukins</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </sect1info> - <title>Clock Synchronization with NTP</title> + </info> + <indexterm><primary>NTP</primary></indexterm> @@ -4530,8 +4416,7 @@ Starting smbd.</screen> <primary>NTP</primary> <secondary>ntpd</secondary> </indexterm> - <para>FreeBSD ships with the &man.ntpd.8; <acronym role="Network - Time Protocol">NTP</acronym> server which can be used to query + <para>FreeBSD ships with the &man.ntpd.8; <acronym role="Network Time Protocol">NTP</acronym> server which can be used to query other <acronym role="Network Time Protocol">NTP</acronym> servers to set the clock on your machine or provide time services to others.</para> @@ -4546,13 +4431,11 @@ Starting smbd.</screen> </indexterm> <para>In order to synchronize your clock, you will need to find - one or more <acronym role="Network Time - Protocol">NTP</acronym> servers to use. Your network + one or more <acronym role="Network Time Protocol">NTP</acronym> servers to use. Your network administrator or ISP may have set up an NTP server for this purpose—check their documentation to see if this is the - case. There is an <ulink - url="http://ntp.isc.org/bin/view/Servers/WebHome">online - list of publicly accessible NTP servers</ulink> which you can + case. There is an <link xlink:href="http://ntp.isc.org/bin/view/Servers/WebHome">online + list of publicly accessible NTP servers</link> which you can use to find an NTP server near to you. Make sure you are aware of the policy for any servers you choose, and ask for permission if required.</para> @@ -4618,8 +4501,7 @@ driftfile /var/db/ntp.drift</programlisting> <para>The <literal>server</literal> option specifies which servers are to be used, with one server listed on each line. If a server is specified with the <literal>prefer</literal> - argument, as with <hostid - role="fqdn">ntplocal.example.com</hostid>, that server is + argument, as with <systemitem class="fqdomainname">ntplocal.example.com</systemitem>, that server is preferred over other servers. A response from a preferred server will be discarded if it differs significantly from other servers' responses, otherwise it will be used without @@ -4663,9 +4545,8 @@ driftfile /var/db/ntp.drift</programlisting> <programlisting>restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap</programlisting> - <para>instead, where <hostid role="ipaddr">192.168.1.0</hostid> is - an IP address on your network and <hostid - role="netmask">255.255.255.0</hostid> is your network's + <para>instead, where <systemitem class="ipaddress">192.168.1.0</systemitem> is + an IP address on your network and <systemitem class="netmask">255.255.255.0</systemitem> is your network's netmask.</para> <para><filename>/etc/ntp.conf</filename> can contain multiple |