diff --git a/en_US.ISO8859-1/articles/committers-guide/Makefile b/en_US.ISO8859-1/articles/committers-guide/Makefile
index 64ddf4e497..f335b94357 100644
--- a/en_US.ISO8859-1/articles/committers-guide/Makefile
+++ b/en_US.ISO8859-1/articles/committers-guide/Makefile
@@ -1,19 +1,21 @@
#
# $FreeBSD$
#
# Article: The FreeBSD Committers Guide
MAINTAINER=jhb@FreeBSD.org
DOC?= article
FORMATS?= html
WITH_ARTICLE_TOC?= YES
INSTALL_COMPRESSED?= gz
INSTALL_ONLY_COMPRESSED?=
SRCS= article.sgml
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/articles/committers-guide/article.sgml b/en_US.ISO8859-1/articles/committers-guide/article.sgml
index cb71c471c2..d5d608b958 100644
--- a/en_US.ISO8859-1/articles/committers-guide/article.sgml
+++ b/en_US.ISO8859-1/articles/committers-guide/article.sgml
@@ -1,3165 +1,3165 @@
%man;
%freebsd;
%authors;
%teams;
%mailing-lists;
%trademarks;
%urls;
]>
Committer's GuideThe FreeBSD Documentation Project$FreeBSD$199920002001200220032004The FreeBSD Documentation Project
&tm-attrib.freebsd;
&tm-attrib.cvsup;
&tm-attrib.ibm;
&tm-attrib.intel;
&tm-attrib.sparc;
&tm-attrib.general;
This document provides information for the FreeBSD committer
community. All new committers should read this document before they
start, and existing committers are strongly encouraged to review it
from time to time.Administrative DetailsMain Repository Hostncvs.FreeBSD.orgLogin Methods&man.ssh.1;, protocol 2 onlyMain CVSROOTncvs.FreeBSD.org:/home/ncvs (although also see ).
Main &a.cvs;&a.peter; and &a.markm;, as well as &a.joe; for
ports/Mailing Lists&a.doc-developers;, &a.doc-committers;;
&a.ports-developers;, &a.ports-committers;;
&a.src-developers;, &a.src-committers;. (Each project
repository has its own -developers and -committers mailing
lists. Archives for these lists may be found in files
/home/mail/repository-name-developers-archive
and
/home/mail/repository-name-committers-archive
on the FreeBSD.org
cluster.)
Core Team monthly reports/home/core/public/monthly-report
on the FreeBSD.org cluster.
Noteworthy CVS TagsRELENG_4 (4.X-STABLE), HEAD (-CURRENT)It is required that you use &man.ssh.1; or &man.telnet.1;
with Kerberos 5 to connect to the project hosts. For
&man.ssh.1; only protocol 2 is allowed.
These are generally more secure than plain &man.telnet.1; or
&man.rlogin.1; since credential negotiation will always be
encrypted. All traffic is encrypted by default with &man.ssh.1;.
With utilities like &man.ssh-agent.1; and &man.scp.1; also
available, &man.ssh.1; is also far more convenient. If you do
not know anything about &man.ssh.1;, please see
.Commit Bit TypesThe FreeBSD CVS repository has a number of components which,
when combined, support the basic operating system source,
documentation, third party application ports infrastructure, and
various maintained utilities. When FreeBSD commit bits are
allocated, the areas of the tree where the bit may be used are
specified. Generally, the areas associated with a bit reflect who
authorized the allocation of the commit bit. Additional areas of
authority may be added at a later date: when this occurs, the
committer should follow normal commit bit allocation procedures for
that area of the tree, seeking approval from the appropriate entity
and possibly getting a mentor for that area for some period of time.
Committer TypeResponsibleTree Componentssrccore@src/, doc/ subject to appropriate reviewdocdoceng@doc/, www/, src/ documentationportsportmgr@ports/Commit bits allocated prior to the development of the notion of
areas of authority may be appropriate for use in many parts of the
tree. However, common sense dictates that a committer who has not
previously worked in an area of the tree seek review prior to
committing, seek approval from the appropriate responsible party,
and/or work with a mentor. Since the rules regarding code
maintenance differ by area of the tree, this is as much for the
benefit of the committer working in an area of less familiarity as
it is for others working on the tree.Committers are encouraged to seek review for their work as part
of the normal development process, regardless of the area of the
tree where the work is occurring.CVS OperationsIt is assumed that you are already familiar with the basic operation
of CVS.The &a.cvs; are the owners of the CVS repository and
are responsible for direct modification of it for the purposes of
cleanup or fixing some grievous abuse of CVS by a committer.
Should you cause some repository accident, say a bad cvs
import or cvs tag operation, mail the &a.cvs;
(or call one of them) and report the problem to one of them. The only
ones able to directly fiddle the repository bits on the repository hosts
are the repomeisters. To enforce this, there are no login shells
available on the repository machines, except to the repomeisters.The CVS tree is currently split into four distinct repositories,
namely doc, ports,
projects and src. These are
combined under a single CVSROOT when distributed
via CVSup for the convenience of our users.Note that the www module containing sources
for the FreeBSD website is
contained within the doc repository.The CVS repositories are hosted on the repository machines.
Currently, each of the repositories above reside on the same physical
machine, ncvs.FreeBSD.org, but to allow for
the possibility of placing each on a separate machine in the future,
there is a separate hostname for each that committers should use.
Additionally, each repository is stored in a separate directory. The
following table summarizes the situation.
&os; CVS Repositories, Hosts and DirectoriesRepositoryHostDirectorydocdcvs.FreeBSD.org/home/dcvsportspcvs.FreeBSD.org/home/pcvsprojectsprojcvs.FreeBSD.org/home/projcvssrcncvs.FreeBSD.org/home/ncvs
CVS operations are done remotely by setting the
CVSROOT environment variable to the appropriate host
and top-level directory (for example,
ncvs.FreeBSD.org:/home/ncvs),
the CVS_RSH variable to ssh, and then
doing the appropriate check-out/check-in operations. Many committers
define aliases which expand to the correct cvs
invocation for the appropriate repository. For example, a &man.tcsh.1;
user may add the following to their .cshrc for this
purpose:alias dcvs env CVS_RSH=ssh cvs -d user@dcvs.FreeBSD.org:/home/dcvs
alias pcvs env CVS_RSH=ssh cvs -d user@pcvs.FreeBSD.org:/home/pcvs
alias projcvs env CVS_RSH=ssh cvs -d user@projcvs.FreeBSD.org:/home/projcvs
alias scvs env CVS_RSH=ssh cvs -d user@ncvs.FreeBSD.org:/home/ncvsThis way they can do all CVS operations
locally and use Xcvs commit for committing
to the official CVS tree. If you wish to add
something which is wholly new (like contrib-ified
sources, etc), cvs import should be used.
Refer to the &man.cvs.1; manual page for usage.Please do not use
cvs checkout or
update with the official repository machine set
as the CVS Root for keeping your source tree up to date.
Remote CVS is not optimized for network distribution
and requires a big work/administrative overhead on the server side.
Please use our advanced cvsup distribution
method for obtaining the repository bits, and only do the actual
commit operation on the repository host.
We provide an extensive cvsup replication network for this purpose,
as well as give access to cvsup-master if you
really need to stay current to the latest changes.
cvsup-master has got the horsepower to deal with
this, the repository master server does not. &a.kuriyama; is in
charge of cvsup-master.
If you need to use CVS add and
delete operations in a manner that is
effectively a &man.mv.1; operation, then a repository
copy is in order rather than using CVS add and
delete. In a repository copy, a CVS Meister will copy the file(s)
to their new name and/or location and let you know when it is
done. The purpose of a repository copy is to preserve file
change history, or logs. We in the FreeBSD Project greatly
value the change history that CVS gives to the project.CVS reference information, tutorials, and FAQs can be found at:
.
The information in Karl Fogel's
chapters from Open Source Development with CVS is also very
useful.&a.des; also supplied the following mini primer for
CVS.Check out a module with the co or
checkout command.&prompt.user; cvs checkout shazamThis checks out a copy of the shazam module. If
there is no shazam module in the modules file, it looks for a
top-level directory named shazam instead.
Useful cvs checkout optionsDo not create empty directoriesCheck out a single level, no subdirectoriesCheck out revision, branch or tag
revCheck out the sources as they were on date
date
Practical FreeBSD examples:Check out the miscfs module,
which corresponds to src/sys/miscfs:&prompt.user; cvs co miscfsYou now have a directory named miscfs
with subdirectories CVS,
deadfs, devfs, and so
on. One of these (linprocfs) is
empty.Check out the same files, but with full path:&prompt.user; cvs co src/sys/miscfsYou now have a directory named src,
with subdirectories CVS and
sys. The src/sys directory has
subdirectories CVS and
miscfs, etc.Check out the same files, but prunes empty
directories:&prompt.user; cvs co -P miscfsYou now have a directory named
miscfs with subdirectories
CVS, deadfs,
devfs... but note that there is no
linprocfs subdirectory, because there
are no files in it.Check out the directory miscfs, but
none of the subdirectories:&prompt.user; cvs co -l miscfsYou now have a directory named miscfs
with just one subdirectory named
CVS.Check out the miscfs module as
it is in the 4.X branch:&prompt.user; cvs co -rRELENG_4 miscfsYou can modify the sources and commit along this
branch.Check out the miscfs module as
it was in 3.4-RELEASE.&prompt.user; cvs co -rRELENG_3_4_0_RELEASE miscfsYou will not be able to commit modifications, since
RELENG_3_4_0_RELEASE is a point in time, not a branch.Check out the miscfs module as it was
on Jan 15 2000.&prompt.user; cvs co -D'01/15/2000' miscfsYou will not be able to commit modifications.Check out the miscfs module as it was
one week ago.&prompt.user; cvs co -D'last week' miscfsYou will not be able to commit modifications.Note that cvs stores metadata in subdirectories named
CVS.Arguments to and
are sticky, which means cvs will remember them later, e.g.
when you do a cvs update.Check the status of checked-out files with the
status command.&prompt.user; cvs status shazamThis displays the status of the
file shazam or of every file in the
shazam directory. For every file, the
status is given as one of:Up-to-dateFile is up-to-date and unmodified.Needs PatchFile is unmodified, but there is a newer revision in
the repository.Locally ModifiedFile is up-to-date, but modified.Needs MergeFile is modified, and there is a newer revision in the
repository.File had conflicts on mergeThere were conflicts the last time this file was
updated, and they have not been resolved yet.You will also see the local revision and date,
the revision number of the newest applicable version
(newest applicable because if you have a
sticky date, tag or branch, it may not be the actual newest
revision), and any sticky tags, dates or options.Once you have checked something out, you can update it with the
update command.&prompt.user; cvs update shazamThis updates the file shazam or the
contents of the shazam directory to the
latest version along the branch you checked out. If you
checked out a point in time, does nothing
unless the tags have moved in the repository or some other weird
stuff is going on.Useful options, in addition to those listed above for
checkout:Check out any additional missing directories.Update to head of main branch.More magic (see below).If you checked out a module with or
, running cvs update
with a different or
argument or with will select a new branch,
revision or date. The option clears all
sticky tags, dates or revisions whereas
and set new ones.Theoretically, specifying HEAD as the
argument to will give you the same result
as , but that is just theory.The option is useful if:somebody has added subdirectories to the module
you have checked out after you checked it out.you checked out with , and later
change your mind and want to check out the subdirectories
as well.you deleted some subdirectories and want to check
them all back out.Watch the output of the cvs
update with care. The letter in front of
each filename indicates what was done with it:UThe file was updated without trouble.PThe file was updated without trouble (you will only see
this when working against a remote repository).MThe file had been modified, and was merged without
conflicts.CThe file had been modified, and was merged with
conflicts.Merging is what happens if you check out a copy of
some source code, modify it, then someone else commits a
change, and you run cvs update. CVS notices
that you have made local changes, and tries to merge your
changes with the changes between the version you originally
checked out and the one you updated to. If the changes are to
separate portions of the file, it will almost always work fine
(though the result might not be syntactically or semantically
correct).CVS will print an M in front of every locally modified
file even if there is no newer version in the repository, so
cvs update is handy for getting a summary
of what you have changed locally.If you get a C, then your changes
conflicted with the changes in the repository (the changes
were to the same lines, or neighboring lines, or you changed
the local file so much that cvs can not
figure out how to apply the repository's changes). You will have
to go through the file manually and resolve the conflicts;
they will be marked with rows of <,
= and > signs. For
every conflict, there will be a marker line with seven
< signs and the name of the file,
followed by a chunk of what your local file contained,
followed by a separator line with seven =
signs, followed by the corresponding chunk in the
repository version, followed by a marker line with seven
> signs and the revision number you
updated to.The option is slightly voodoo. It
updates the local file to the specified revision as if you
used , but it does not change the recorded
revision number or branch of the local file. It is not really
useful except when used twice, in which case it will merge the
changes between the two specified versions into the working
copy.For instance, say you commit a change to
shazam/shazam.c in &os.current; and later
want to MFC it. The change you want to MFC was revision
1.15:Check out the &os.stable; version of the
shazam module:&prompt.user; cvs co -rRELENG_4 shazamApply the changes between rev 1.14 and 1.15:&prompt.user; cvs update -j1.14 -j1.15 shazam/shazam.cYou will almost certainly get a conflict because
- of the $Id: article.sgml,v 1.197 2004-07-06 14:25:53 den Exp $ (or in FreeBSD's case,
+ of the $Id: article.sgml,v 1.198 2004-07-06 15:09:51 hrs Exp $ (or in FreeBSD's case,
$FreeBSD$)
lines, so you will have to edit the file to resolve the conflict
- (remove the marker lines and the second $Id: article.sgml,v 1.197 2004-07-06 14:25:53 den Exp $ line,
- leaving the original $Id: article.sgml,v 1.197 2004-07-06 14:25:53 den Exp $ line intact).
+ (remove the marker lines and the second $Id: article.sgml,v 1.198 2004-07-06 15:09:51 hrs Exp $ line,
+ leaving the original $Id: article.sgml,v 1.198 2004-07-06 15:09:51 hrs Exp $ line intact).
View differences between the local version and the
repository version with the diff
command.&prompt.user; cvs diff shazamshows you every modification you have made to the
shazam file or module.
Useful cvs diff optionsUses the unified diff format.Uses the context diff format.Shows missing or added files.
You always want to use , since
unified diffs are much easier to read than almost any other
diff format (in some circumstances, context diffs generated with
the option may be
better, but they are much bulkier). A unified diff consists of
a series of hunks. Each hunk begins with a line that starts
with two @ signs and specifies where in the
file the differences are and how many lines they span. This
is followed by a number of lines; some (preceded by a blank)
are context; some (preceded by a - sign)
are outtakes and some (preceded by a +) are
additions.You can also diff against a different version
than the one you checked out by specifying a version
with or as in
checkout or update,
or even view the diffs between two arbitrary versions
(without regard for what you have locally) by specifying
two versions with or
.View log entries with the log
command.&prompt.user; cvs log shazamIf shazam is a file, this will print a
header with information about this file, such
as where in the repository this file is stored, which revision is
the HEAD for this file, what branches this file
is in, and any tags that are valid for this file. Then, for each
revision of this file, a log message is printed. This includes
the date and time of the commit, who did the commit, how many lines
were added and/or deleted, and finally the log message that the
committer who did the change wrote.If shazam is a directory, then the log
information described above is printed for each file in the
directory in turn. Unless you give the to
log, the log for all subdirectories of
shazam is printed too, in a recursive
manner.Use the log command to view the history of
one or more files, as it is stored in the CVS repository. You can
even use it to view the log message of a specific revision, if you
add the to the
log command:&prompt.user; cvs log -r1.2 shazamThis will print only the log message for revision
1.2 of file shazam if it is
a file, or the log message for revision 1.2 of
each file under shazam if it is a
directory.See who did what with the annotate command.
This command shows you each line of the specified file or
files, along with which user most recently changed that
line.&prompt.user; cvs annotate shazamAdd new files with the add command.Create the file, cvs add it, then
cvs commit it.Similarly, you can add new directories by creating them
and then cvs adding them. Note that you
do not need to commit directories.Remove obsolete files with the remove command.Remove the file, then cvs rm it, then
cvs commit it.Commit with the commit or
checkin command.
Useful cvs commit optionsForce a commit of an unmodified file.Specify a commit message on the command line rather
than invoking an editor.
Our 32 bit reference platform is i386, and our 64 bit
reference platform is Sparc64. Major design work (including
major API and ABI changes) must prove itself on at least one
32 bit and at least one 64 bit platform, preferably the
primary reference platforms, before it may be committed
to the source tree.
The i386 and Sparc64 platforms were chosen due to being more
readily available to developers and as representatives of more
diverse processor and system designs - big vs little endian,
register file vs register stack, different DMA and cache
implementations, hardware page tables vs software TLB management
etc.While the Alpha is a 64 bit processor, it is a more
traditional processor design and does not provide as good a testbed
for many of the challenges that the other 64 bit platform ports
face. The ia64 platform has many of the same complications that
Sparc64 has, but is still limited in availability to
developers.We will continue to re-evaluate this policy as cost and
availability of the 64 bit platforms change.Developers should also be aware of our Tier Policy for
the long term support of hardware architectures. The rules
here are intended to provide guidance during the development
process, and are distinct from the requirements for features
and architectures listed in that section. The Tier rules for
feature support on architectures at release-time are more
strict than the rules for changes during the development
process.Other SuggestionsWhen committing documentation changes, use a spell checker
before committing. For all SGML docs, you should also
verify that your formatting directives are correct by running
make lint.For all on-line manual pages, run manck
(from ports) over the manual page to verify all of the cross
references and file references are correct and that the man
page has all of the appropriate MLINKs
installed.Do not mix style fixes with new functionality. A style
fix is any change which does not modify the functionality of
the code. Mixing the changes obfuscates the functionality
change when using cvs diff, which can hide
any new bugs. Do not include whitespace changes with content
changes in commits to doc/ or
www/. The extra clutter in the diffs
makes the translators' job much more difficult. Instead, make
any style or whitespace changes in separate commits that are
clearly labeled as such in the commit message.Deprecating FeaturesWhen it is necessary to remove functionality from software
in the base system the following guidelines should be followed
whenever possible:Mention is made in the manual page and possibly the
release notes that the option, utility, or interface is
deprecated. Use of the deprecated feature generates a
warning.The option, utility, or interface is preserved until
the next major (point zero) release.The option, utility, or interface is removed and no
longer documented. It is now obsolete. It is also
generally a good idea to note its removal in the release
notes.Support for Multiple ArchitecturesFreeBSD is a highly portable operating system intended to
function on many different types of hardware architectures.
Maintaining clean separation of Machine Dependent (MD) and Machine
Independent (MI) code, as well as minimizing MD code, is an important
part of our strategy to remain agile with regards to current
hardware trends. Each new hardware architecture supported by
FreeBSD adds substantially to the cost of code maintenance,
toolchain support, and release engineering. It also dramatically
increases the cost of effective testing of kernel changes. As such,
there is strong motivation to differentiate between classes of
support for various architectures while remaining strong in a few
key architectures that are seen as the FreeBSD "target audience".
Statement of General IntentThe FreeBSD Project targets "production quality commercial
off-the-shelf (COTS) workstation, server, and high-end embedded
systems". By retaining a focus on a narrow set of architectures
of interest in these environments, the FreeBSD Project is able
to maintain high levels of quality, stability, and performance,
as well as minimize the load on various support teams on the
project, such as the ports team, documentation team,
security officer, and release engineering teams. Diversity in
hardware support broadens the options for FreeBSD consumers by
offering new features and usage opportunities (such as support
for 64-bit CPUs, use in embedded environments, etc.), but these
benefits must always be carefully considered in terms of the real-world
maintenance cost associated with additional platform support.
The FreeBSD Project differentiates platform targets into
four tiers. Each tier includes a specification of the
requirements for an architecture to be in that tier,
as well as specifying the obligations of developers with
regards to the platform. In addition, a policy is defined
regarding the circumstances required to change the tier
of an architecture.Tier 1: Fully Supported ArchitecturesTier 1 platforms are fully supported by the security
officer, release engineering, and toolchain maintenance staff.
New features added to the operating system must be fully
functional across all Tier 1 architectures for every release
(features which are inherently architecture-specific, such as
support for hardware device drivers, may be exempt from this
requirement). In general, all Tier 1 platforms must have build
and tinderbox support either in the FreeBSD.org cluster, or
easily available for all developers.Tier 1 architectures are expected to be Production Quality
with respects to all aspects of the FreeBSD operating system,
including installation and development environments.Current Tier 1 platforms are i386, Sparc64, AMD64, and PC98.Tier 2: Developmental ArchitecturesTier 2 platforms are not supported by the security officer
and release engineering teams. At the discretion of the
toolchain maintainer, they may be supported in the toolchain. New
features added to FreeBSD should be feasible to implement on these
platforms, but an implementation is not required before the
feature may be added to the FreeBSD source tree. The
implementation of a Tier 2 architecture may be committed to the
main FreeBSD tree as long as it does not interfere with
production work on Tier 1 platforms, or substantially with other
Tier 2 platforms. Before a Tier 2 platform can be added to the
FreeBSD base source tree, the platform must be able to boot to at
least single-user mode on real world commodity hardware. Some
exceptions to these rules may be made for new hardware that is
under development by hardware vendors, but not yet available to
the project.Tier 2 architectures are usually systems targeted at Tier 1
support, but that are still under development. Architectures
reaching end of life may also be moved from Tier 1 status to Tier
2 status as the availability of resources to continue to maintain
the system in a Production Quality state diminishes.Current Tier 2 platforms are Alpha, PowerPC and ia64.Tier 3: Experimental ArchitecturesTier 3 platforms are not supported by the security officer
and release engineering teams. At the discretion of the toolchain
maintainer, they may be supported in the toolchain. Tier 3
platforms are architectures for which hardware is not or will not
be available to the project in the foreseeable future, for which
there are two or fewer active developers, that can not boot to at
least single-user mode on real hardware (or a simulator for new
hardware platforms), or which are considered legacy systems
unlikely to see broad future use. Tier 3 systems will not be
committed to the base source tree, although support for Tier 3
systems may be worked on in the FreeBSD Perforce Repository,
providing source control and easier change integration from the
main FreeBSD tree.Current Tier 3 platforms are &s390;.Tier 4: Unsupported ArchitecturesTier 4 systems are not supported in any form by the project.
All systems not otherwise classified into a support tier
are Tier 4 systems.Policy on Changing the Tier of an ArchitectureSystems may only be moved from one tier to another by
approval of the FreeBSD Core Team, which shall make that
decision in collaboration with the Security Officer, Release
Engineering, and toolchain maintenance teams.Ports Specific FAQAdding a New PortHow do I add a new port?First, please read the section about repository
copies.The easiest way to add a new port is to use the
addport script on
freefall. It will add a port from the
directory you specify, determining the category automatically
from the port Makefile.
It will also add an entry to the
CVSROOT/modules file and the port's
category Makefile. It was
written by &a.mharo; and &a.will;, but Will is the current
maintainer so please send questions/patches about
addport to him.Any other things I need to know when I add a new
port?Check the port, preferably to make sure it compiles
and packages correctly. This is the recommended
sequence:&prompt.root; make install
&prompt.root; make package
&prompt.root; make deinstall
&prompt.root; pkg_add package you built above
&prompt.root; make deinstall
&prompt.root; make reinstall
&prompt.root; make packageThe
Porters
Handbook contains more detailed
instructions.Use &man.portlint.1; to check the syntax of the port.
You do not necessarily have to eliminate all warnings but
make sure you have fixed the simple ones.If the port came from a submitter who has not
contributed to the project before, add that person's
name to the Additional
Contributors section of the FreeBSD Contributors
List.Close the PR if the port came in as a PR. To close
a PR, just do
edit-pr PR#
on freefall and change the
state from open
to closed. You will be asked to
enter a log message and then you are done.Repository CopiesWhen do we need a repository copy?When you want to add a port that is related to
any port that is already in the tree in a separate
directory, you have to do a repository copy.
Here related means
it is a different version or a slightly modified
version. Examples are
print/ghostscript* (different
versions) and x11-wm/windowmaker*
(English-only and internationalized version).Another example is when a port is moved from one
subdirectory to another, or when you want to change the
name of a directory because the author(s) renamed their
software even though it is a
descendant of a port already in a tree.When do we not need a
repository copy?When there is no history to preserve. If a port is
added into a wrong category and is moved immediately,
it suffices to simply cvs remove the
old one and addport the new
one.What do I need to do?File a PR in GNATS, listing the
reasons for the repository copy request. Assign it to
portmgr and set state to
repocopy. If &a.portmgr; approves it,
it will be reassigned to cvs. &a.cvs; will
do a repository copy from the old to the new location, and
reassign the PR back to you. Once everything is done, perform the
following:When a port has been repo copied:Upgrade the copied port to the new version (remember
to change the PORTNAME so there
are not duplicate ports with the same name).Add the new subdirectory to the
SUBDIR listing in the parent
directory Makefile. You can run make
checksubdirs in the parent directory to check
this.If the port changed categories, modify the
CATEGORIES line of the port's
Makefile accordinglyAdd the new module entry.Add an entry to
ports/MOVED.When removing a port:Perform a thorough check of the ports collection for
any dependencies on the old port location/name, and
update them. Running grep on
INDEX is not enough because some
ports have dependencies enabled by compile-time options.
A full grep -r of the ports
collection is recommended.Remove the old port, the old
SUBDIR entry and the old module
entry.Add an entry to
ports/MOVED.After repo moves (rename operations where
a port is copied and the old location is removed):Follow the same steps that are outlined in the
previous two entries, to activate the new location of
the port and remove the old one.Ports FreezeWhat is a ports freeze?Before a release, it is necessary to restrict
commits to the ports tree for a short period of time
while the packages and the release itself are being
built. This is to ensure consistency among the various
parts of the release, and is called the ports
freeze.How long is a ports freeze?Usually an hour or two.What does it mean to me?During the ports freeze, you are not allowed to
commit anything to the tree without explicit approval
from the ports manager. Explicit
approval here means either of the
following:You asked the ports manager and got a reply
saying, Go ahead and commit
it.The ports manager sent a mail to you or the
mailing lists during the ports freeze pointing out
that the port is broken and has to be fixed.Note that you do not have implicit permission to fix
a port during the freeze just because it is
broken.How do I know when the ports freeze starts?The ports manager will send out warning messages to
the &a.ports; and &a.committers;
announcing the start of the impending release, usually
two or three weeks in advance. The exact starting time
will not be determined until a few days before the
actual release. This is because the ports freeze has to
be synchronized with the release, and it is usually not
known until then when exactly the release will be
rolled.When the freeze starts, there will be another
announcement to the &a.committers;, of course.How do I know when the ports freeze ends?A few hours after the release, the ports manager
will send out a mail to the &a.ports; and &a.committers;
announcing the end of the ports freeze. Note that the
release being cut does not automatically end the freeze.
We have to make sure there will not be any last minute
snafus that result in an immediate re-rolling of the
release.Creating a New CategoryWhat is the procedure for creating a new category?A developer who wishes to propose a new category
should submit a detailed rationale for the new category,
including why existing categories are not sufficient,
and the list of ports proposed to move.Before submitting, keep in mind that there is a fair
amount of work involved from multiple parties; that the
changes affect everyone who wants to keep up-to-date with
the entire ports tree; and that such proposals tend to
attract controversy.What do I need to do?The procedure is a strict superset of the one to
repocopy individual ports (see above).File a PR in GNATS, listing the
reasons for the category request. Preferably, this should
also include patches for Makefiles for
the old ports, the Makefiles for their
old categories, and the VALID_CATEGORIES
definition in ports/Mk/bsd.port.mk.
Assign the PR to the &a.portmgr; (as portmgr).
If they approve it, it will be reassigned to &a.cvs; (as
cvs), who will do a repository copy from
the old to the new locations and reassign the PR back to you.
Once everything is done, perform the following steps:Upgrade each copied port's
Makefile. Do not connect the
new category to the build yet.To do this, you will need to:
Change the port's CATEGORIES
(this was the point of the exercise, remember?)
The new category should be listed
first. This will help to
ensure that the the PKGORIGIN
is correct.Run a make describe. Since
the top-level make index that
you will be running in a few steps is an iteration
of make describe over the entire
ports hierarchy, catching any errors here will
save you having to re-run that step later on.If you want to be really thorough, now might
be a good time to run &man.portlint.1;.Check that the PKGORIGINs are
correct. The ports system uses each port's
CATEGORIES entry to create
its PKGORIGIN, which is used to
connect installed packages to the port directory they
were built from. If this entry is wrong, common port
tools like &man.pkg.version.1; and
&man.portupgrade.1; fail.To do this, use the chkorigin.sh
tool, as follows: env
PORTSDIR=/path/to/ports
sh -e /path/to/ports/Tools/scripts/chkorigin.sh
. This will check every
port in the ports tree, even those not connected to the
build, so you can run it directly after the repocopy.
Hint: do not forget to look at the
PKGORIGINs of any slave ports of the
ports you just repocopied!On your own local system, test the proposed
changes: first, comment out the
SUBDIR entries in the old
ports' categories' Makefiles;
then enable building the new category in
ports/Makefile.
Run make checksubdirs in the
affected category directories to check the
SUBDIR entries. Next, in
the ports/
directory, run make index. This
can take over 40 minutes on even modern systems;
however, it is a necessary step to prevent problems
for other people.Once this is done, you can commit the
updated ports/Makefile to
connect the new category to the build and also
commit the Makefile changes
for the old category or categories.Change all the affected module entries in
CVSROOT-ports/modules.Add appropriate entries to
ports/MOVED.Update the instructions for &man.cvsup.1; by
modifying distrib/cvsup/sup/README
and adding the following files into
cvsup/sup/ports-categoryname:
list.cvs and
releases. (Note: these are
in the src, not the ports, repository).Submit a docs PR to add the new category to both the
Porter's Handbook and to
www/en/ports/categories.The procedure to update the ports web pages
+ url="&url.base;/ports/index.html">ports web pages
to reflect the new category is not yet defined.Only once all the above have been done, and
no one is any longer reporting problems with the
new ports, should the old ports be deleted from
their previous locations in the repository.Miscellaneous QuestionsHow do I know if my port is building correctly or
not?First, go check
.
There you will find error logs from the latest package
building runs on all supported platforms for the most
recent branches.However, just because the port does not show up there
does not mean it is building correctly. (One of the
dependencies may have failed, for instance.) Here are
the relevant directories on bento, so feel free to dig
around. /a/asami/portbuild/<arch>/<major_version>/errors error logs from latest <major_version> run on <arch>
/logs all logs from latest <major_version> run on <arch>
/packages packages from latest <major_version> run on <arch>
/bak/errors error logs from last complete <major_version> run on <arch>
/bak/logs all logs from last complete <major_version> run on <arch>
/bak/packages packages from last complete <major_version> run on <arch>
Basically, if the port shows up in
packages, or it is in
logs but not in
errors, it built fine. (The
errors directories are what you get
from the web page.)I added a new port. Do I need to add it to the
INDEX?No. The ports manager will regenerate the
INDEX and commit it for each
&os; release.Are there any other files I am not allowed to
touch?Any file directly under ports/, or
any file under a subdirectory that starts with an
uppercase letter (Mk/,
Tools/, etc.). In particular, the
ports manager is very protective of
ports/Mk/bsd.port*.mk so do not
commit changes to those files unless you want to face his
wra(i)th.What is the proper procedure for updating the checksum
for a port's distfile when the file changes without a
version change?When the checksum for a port's distfile is updated due
to the author updating the file without changing the port's
revision, the commit message should include a summary of
the relevant diffs between the original and new distfile to
ensure that the distfile has not been corrupted or
maliciously altered. If the current version of the port
has been in the ports tree for a while, a copy of the old
distfile will usually be available on the ftp servers;
otherwise the author or maintainer should be contacted to
find out why the distfile has changed.Perks of the JobUnfortunately, there are not many perks involved with being a
committer. Recognition as a competent software engineer is probably
the only thing that will be of benefit in the long run. However,
there are at least some perks:Direct access to cvsup-masterAs a committer, you may apply to &a.kuriyama; for direct access
to cvsup-master.FreeBSD.org,
providing the public key output from cvpasswd
yourusername@FreeBSD.org
freefall.FreeBSD.org. Please note: you must
specify freefall.FreeBSD.org on the
cvpasswd command line even though the
actual server is cvsup-master. Access to
cvsup-master should not be overused as it is
a busy machine.A Free 4-CD Set or DVD SubscriptionFreeBSD Mall,
Inc. offers a free subscription of the 4-CD set or
the DVD product to all FreeBSD committers. Information about how
to obtain your free media is mailed to
developers@FreeBSD.org following each major
release.Miscellaneous QuestionsWhy are trivial or cosmetic changes to files on a vendor
branch a bad idea?From now on, every new vendor release of that file will
need to have patches merged in by hand.From now on, every new vendor release of that file will
need to have patches verified by hand.The option does not work very well.
Ask &a.obrien; for horror stories.How do I add a new file to a CVS branch?To add a file onto a branch, simply checkout or update
to the branch you want to add to and then add the file using
cvs add as you normally would. For
example, if you wanted to MFC the file
src/sys/alpha/include/smp.h from HEAD
to RELENG_4 and it does not exist in RELENG_4 yet, you would
use the following steps:MFC'ing a New File&prompt.user; cd sys/alpha/include
&prompt.user; cvs update -rRELENG_4
cvs update: Updating .
U clockvar.h
U console.h
...
&prompt.user; cvs update -kk -Ap smp.h > smp.h
===================================================================
Checking out smp.h
RCS: /usr/cvs/src/sys/alpha/include/smp.h,v
VERS: 1.1
***************
&prompt.user; cvs add smp.h
cvs add: scheduling file `smp.h' for addition on branch `RELENG_4'
cvs add: use 'cvs commit' to add this file permanently
&prompt.user; cvs commitWhat meta information should I include in a
commit message?As well as including an informative message with each commit
you may need to include some additional information as
well.This information consists of one or more lines containing the
key word or phrase, a colon, tabs for formatting, and then the
additional information.The key words or phrases are:PR:The problem report (if any) which is affected
(typically, by being closed) by this commit.Submitted by:The name and e-mail address of the person that
submitted the fix; for committers, just the username on
the FreeBSD cluster.Reviewed by:The name and e-mail address of the person or people
that reviewed the change; for committers, just the
username on the FreeBSD cluster. If a patch was
submitted to a mailing list for review, and the review
was favorable, then just include the list name.Approved by:The name and e-mail address of the person or people
that approved the change; for committers, just the
username on the FreeBSD cluster. It is customary to get
prior approval for a commit if it is to an area of the
tree to which you do not usually commit. In addition,
during the run up to a new release all commits
must be approved by the release
engineering team. If these are your first commits then
you should have passed them past your mentor first, and
you should list your mentor, as in
``username-of-mentor(mentor)''.
Obtained from:The name of the project (if any) from which the code
was obtained.MFC after:If you wish to receive an e-mail reminder to
MFC at a later date, specify the
number of days, weeks, or months after which an
MFC is planned.Commit log for a commit based on a PRYou want to commit a change based on a PR submitted by John
Smith containing a patch. The end of the commit message should
look something like this....
PR: foo/12345
Submitted by: John Smith <John.Smith@example.com>Commit log for a commit needing reviewYou want to change the virtual memory system. You have
posted patches to the appropriate mailing list (in this case,
freebsd-arch) and the changes have been
approved....
Reviewed by: -archCommit log for a commit needing approvalYou want to commit a change to a section of the tree with a
MAINTAINER assigned. You have collaborated with the listed
MAINTAINER, who has told you to go ahead and commit....
Approved by: abcWhere abc is the account name of
the person who approved.Commit log for a commit bringing in code from
OpenBSDYou want to commit some code based on work done in the
OpenBSD project....
Obtained from: OpenBSDCommit log for a change to &os.current; with a planned
commit to &os.stable; to follow at a later date.You want to commit some code which will be merged from
&os.current; into the &os.stable; branch after two
weeks....
MFC after: 2 weeksWhere 2 is the number of days,
weeks, or months after which an MFC is
planned. The weeks option may be
day, days,
week, weeks,
month, months,
or may be left off (in which case, days will be assumed).In some cases you may need to combine some of these.Consider the situation where a user has submitted a PR
containing code from the NetBSD project. You are looking at the
PR, but it is not an area of the tree you normally work in, so
you have decided to get the change reviewed by the
arch mailing list. Since the change is
complex, you opt to MFC after one month to
allow adequate testing.The extra information to include in the commit would look
something likePR: foo/54321
Submitted by: John Smith <John.Smith@example.com>
Reviewed by: -arch
Obtained from: NetBSD
MFC after: 1 monthHow do I access people.FreeBSD.org to put up personal
or project information?people.FreeBSD.org is the
same as freefall.FreeBSD.org. Just create a
public_html directory. Anything you
place in that directory will automatically be visible
under .Where are the mailing list archives stored?The mailing lists are archived under /g/mail
which will show up as /hub/g/mail with &man.pwd.1;.
This location is accessible from any machine on the FreeBSD cluster.
diff --git a/en_US.ISO8859-1/articles/contributing/Makefile b/en_US.ISO8859-1/articles/contributing/Makefile
index d90bb3da17..1f5b5eb47b 100644
--- a/en_US.ISO8859-1/articles/contributing/Makefile
+++ b/en_US.ISO8859-1/articles/contributing/Makefile
@@ -1,17 +1,19 @@
#
# $FreeBSD$
#
# Article: Contributing to FreeBSD
DOC?= article
FORMATS?= html
WITH_ARTICLE_TOC?= YES
INSTALL_COMPRESSED?=gz
INSTALL_ONLY_COMPRESSED?=
SRCS= article.sgml
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/articles/contributing/article.sgml b/en_US.ISO8859-1/articles/contributing/article.sgml
index 77f2ca1d19..4b2878f2ef 100644
--- a/en_US.ISO8859-1/articles/contributing/article.sgml
+++ b/en_US.ISO8859-1/articles/contributing/article.sgml
@@ -1,564 +1,564 @@
%man;
%freebsd;
%newsgroups;
%authors;
%mailing-lists;
%trademarks;
%urls;
]>
Contributing to FreeBSD$FreeBSD$This article describes the different ways in which an
individual or organization may contribute to the FreeBSD
Project.JordanHubbardContributed by
&tm-attrib.freebsd;
&tm-attrib.ieee;
&tm-attrib.general;
contributingSo you want to contribute to FreeBSD? That is great! FreeBSD
relies on the contributions of its user base
to survive. Your contributions are not only appreciated, they are
vital to FreeBSD's continued growth.Contrary to what some people might have you believe, you do
not need to be a hot-shot programmer or a close personal friend of
the FreeBSD core team to have your contributions accepted. A
large and growing number of international contributors, of greatly
varying ages and areas of technical expertise, develop FreeBSD.
There is always more work to be done than there are people
available to do it, and more help is always appreciated.The FreeBSD project is responsible for an entire operating
system environment, rather than just a kernel or a few scattered
utilities. As such, our TODO lists span a
very wide range of tasks: from documentation, beta testing and
presentation, to the system installer and highly specialized types
of kernel development. People of any skill level, in almost any
area, can almost certainly help the project.Commercial entities engaged in FreeBSD-related enterprises are
also encouraged to contact us. Do you need a special extension to
make your product work? You will find us receptive to your
requests, given that they are not too outlandish. Are you working
on a value-added product? Please let us know! We may be able to
work cooperatively on some aspect of it. The free software world
is challenging many existing assumptions about how software is
developed, sold, and maintained, and we urge you to at least give
it a second look.What Is NeededThe following list of tasks and sub-projects represents
something of an amalgam of various TODO
lists and user requests.Ongoing Non-Programmer TasksMany people who are involved in FreeBSD are not
programmers. The Project includes documentation writers, Web
designers, and support people. All that these people need to
contribute is an investment of time and a willingness to
learn.Read through the FAQ and Handbook periodically. If
anything is badly explained, out of date or even just
completely wrong, let us know. Even better, send us a fix
(SGML is not difficult to learn, but there is no objection
to ASCII submissions).Help translate FreeBSD documentation into your native
language. If documentation already exists for your
language, you can help translate additional documents or
verify that the translations are up-to-date. First take a
look at the Translations
FAQ in the FreeBSD Documentation Project Primer.
You are not committing yourself to translating every
single FreeBSD document by doing this — as a
volunteer, you can do as much or as little translation as
you desire. Once someone begins translating, others
almost always join the effort. If you only have the time
or energy to translate one part of the documentation,
please translate the installation instructions.Read the &a.questions; and &ng.misc;
occasionally (or even regularly). It can be very
satisfying to share your expertise and help people solve
their problems; sometimes you may even learn something new
yourself! These forums can also be a source of ideas for
things to work on.Ongoing Programmer TasksMost of the tasks listed here require either a considerable
investment of time, or an in-depth knowledge of the FreeBSD
kernel, or both. However, there are also many useful tasks
which are suitable for weekend hackers.If you run FreeBSD-CURRENT and have a good Internet
connection, there is a machine current.FreeBSD.org which builds a
full release once a day—every now and again, try to
install the latest release from it and report any failures
in the process.Read the &a.bugs;. There might be a
problem you can comment constructively on or with patches
you can test. Or you could even try to fix one of the
problems yourself.If you know of any bug fixes which have been
successfully applied to -CURRENT but have not been merged
into -STABLE after a decent interval (normally a couple of
weeks), send the committer a polite reminder.Move contributed software to
src/contrib in the source
tree.Make sure code in src/contrib is
up to date.Build the source tree (or just part of it) with extra
warnings enabled and clean up the warnings.Fix warnings for ports which do deprecated things like
using gets() or including
malloc.h.If you have contributed any ports, send your patches
back to the original authors (this will make your life
easier when they bring out the next version).Get copies of formal standards like &posix;. You can
get some links about these standards at the FreeBSD
C99 & POSIX Standards Conformance Project web
site. Compare FreeBSD's behavior to that required by the
standard. If the behavior differs, particularly in subtle
or obscure corners of the specification, send in a PR
about it. If you are able, figure out how to fix it and
include a patch in the PR. If you think the standard is
wrong, ask the standards body to consider the
question.Suggest further tasks for this list!Work through the PR Databaseproblem reports databaseThe FreeBSD
PR list shows all the current active problem reports
and requests for enhancement that have been submitted by
FreeBSD users. The PR database includes both programmer and
non-programmer tasks. Look through the open PRs, and see if
anything there takes your interest. Some of these might be
very simple tasks that just need an extra pair of eyes to look
over them and confirm that the fix in the PR is a good one.
Others might be much more complex, or might not even have a
fix included at all.Start with the PRs that have not been assigned to anyone
else. If a PR is assigned to someone else, but it looks like
something you can handle, email the person it is assigned to
and ask if you can work on it—they might already have a
patch ready to be tested, or further ideas that you can
discuss with them.How to ContributeContributions to the system generally fall into one or more
of the following 5 categories:Bug Reports and General CommentaryAn idea or suggestion of general
technical interest should be mailed to the &a.hackers;.
Likewise, people with an interest in such things (and a
tolerance for a high volume of mail!) may
subscribe to the &a.hackers;.
See The
FreeBSD Handbook for more information about this and
other mailing lists.If you find a bug or are submitting a specific change,
please report it using the &man.send-pr.1; program or its
- WEB-based
+ WEB-based
equivalent. Try to fill-in each field of the bug
report. Unless they exceed 65KB, include any patches directly
in the report. If the patch is suitable to be applied to the
source tree put [PATCH] in the synopsis of
the report. When including patches, do
not use cut-and-paste because cut-and-paste turns
tabs into spaces and makes them unusable. Consider
compressing patches and using &man.uuencode.1; if they exceed
20KB.After filing a report, you should receive confirmation
along with a tracking number. Keep this tracking number so
that you can update us with details about the problem by
sending mail to FreeBSD-gnats-submit@FreeBSD.org. Use
the number as the message subject, e.g. "Re:
kern/3377". Additional information for any bug
report should be submitted this way.If you do not receive confirmation in a timely fashion (3
days to a week, depending on your email connection) or are,
for some reason, unable to use the &man.send-pr.1; command,
then you may ask someone to file it for you by sending mail to
the &a.bugs;.See also this
article on how to write good problem reports.Changes to the Documentationdocumentation submissionsChanges to the documentation are overseen by the &a.doc;.
Please look at the FreeBSD Documentation
Project Primer for complete instructions. Send
submissions and changes (even small ones are welcome!) using
&man.send-pr.1; as described in Bug Reports and General
Commentary.Changes to Existing Source CodeFreeBSD-CURRENTAn addition or change to the existing source code is a
somewhat trickier affair and depends a lot on how far out of
date you are with the current state of FreeBSD
development. There is a special on-going release of FreeBSD
known as FreeBSD-CURRENT which is made
available in a variety of ways for the convenience of
developers working actively on the system. See The FreeBSD
Handbook for more information about getting and using
FreeBSD-CURRENT.Working from older sources unfortunately means that your
changes may sometimes be too obsolete or too divergent for
easy re-integration into FreeBSD. Chances of this can be
minimized somewhat by subscribing to the &a.announce; and the
&a.current; lists, where discussions on the current state of
the system take place.Assuming that you can manage to secure fairly up-to-date sources
to base your changes on, the next step is to produce a set of diffs to
send to the FreeBSD maintainers. This is done with the &man.diff.1;
command.The preferred &man.diff.1; format for submitting patches
is the unified output format generated by diff
-u. However, for patches that substantially change a
region of code, a context output format diff generated by
diff -c may be more readable and thus
preferable.diffFor example:&prompt.user; diff -c oldfile newfile
or
&prompt.user; diff -c -r olddir newdir
would generate such a set of context diffs for the given
source file or directory hierarchy.Likewise,
&prompt.user; diff -u oldfile newfile
or
&prompt.user; diff -u -r olddir newdir
would do the same, except in the unified diff format.See the manual page for &man.diff.1; for more details.Once you have a set of diffs (which you may test with the
&man.patch.1; command), you should submit them for inclusion
with FreeBSD. Use the &man.send-pr.1; program as described in
Bug Reports and General
Commentary. Do not just send the
diffs to the &a.hackers; or they will get lost! We greatly
appreciate your submission (this is a volunteer project!);
because we are busy, we may not be able to address it
immediately, but it will remain in the PR database until we
do. Indicate your submission by including
[PATCH] in the synopsis of the
report.uuencodeIf you feel it appropriate (e.g. you have added, deleted,
or renamed files), bundle your changes into a
tar file and run the &man.uuencode.1;
program on it. Archives created with &man.shar.1; are also welcome.If your change is of a potentially sensitive nature,
e.g. you are unsure of copyright issues governing its further
distribution or you are simply not ready to release it without
a tighter review first, then you should send it to &a.core;
directly rather than submitting it with &man.send-pr.1;. The
&a.core; reaches a much smaller group of people who
do much of the day-to-day work on FreeBSD. Note that this
group is also very busy and so you should
only send mail to them where it is truly necessary.Please refer to &man.intro.9; and &man.style.9; for
some information on coding style. We would appreciate it if
you were at least aware of this information before submitting
code.New Code or Major Value-Added PackagesIn the case of a significant contribution of a large body
work, or the addition of an important new feature to FreeBSD,
it becomes almost always necessary to either send changes as
uuencoded tar files or upload them to a web or FTP site for
other people to access. If you do not have access to a web or
FTP site, ask on an appropriate FreeBSD mailing list for
someone to host the changes for you.When working with large amounts of code, the touchy
subject of copyrights also invariably comes up. Acceptable
copyrights for code included in FreeBSD are:BSD copyrightThe BSD copyright. This copyright is most preferred
due to its no strings attached nature and
general attractiveness to commercial enterprises. Far
from discouraging such commercial use, the FreeBSD Project
actively encourages such participation by commercial
interests who might eventually be inclined to invest
something of their own into FreeBSD.GPLGNU General Public LicenseGNU General Public LicenseThe GNU General Public License, or GPL.
This license is not quite as popular with us due to the
amount of extra effort demanded of anyone using the code
for commercial purposes, but given the sheer quantity of
GPL'd code we currently require (compiler, assembler, text
formatter, etc) it would be silly to refuse additional
contributions under this license. Code under the GPL also
goes into a different part of the tree, that being
/sys/gnu or
/usr/src/gnu, and is therefore easily
identifiable to anyone for whom the GPL presents a
problem.Contributions coming under any other type of copyright
must be carefully reviewed before their inclusion into FreeBSD
will be considered. Contributions for which particularly
restrictive commercial copyrights apply are generally
rejected, though the authors are always encouraged to make
such changes available through their own channels.To place a BSD-style copyright on your
work, include the following text at the very beginning of
every source code file you wish to protect, replacing the text
between the %% with the appropriate
information:Copyright (c) %%proper_years_here%%
%%your_name_here%%, %%your_state%% %%your_zip%%.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer as
the first lines of this file unmodified.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY %%your_name_here%% ``AS IS'' AND ANY EXPRESS OR
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL %%your_name_here%% BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
$Id$For your convenience, a copy of this text can be found in
/usr/share/examples/etc/bsd-style-copyright.Money, Hardware or Internet AccessWe are always very happy to accept donations to further
the cause of the FreeBSD Project and, in a volunteer effort
like ours, a little can go a long way! Donations of hardware
are also very important to expanding our list of supported
peripherals since we generally lack the funds to buy such
items ourselves.Donating FundsThe FreeBSD Foundation is a non-profit, tax-exempt
foundation established to further the goals of the FreeBSD
Project. As a 501(c)3 entity, the Foundation is generally
exempt from US federal income tax as well as Colorado State
income tax. Donations to a tax-exempt entity are often
deductible from taxable federal income.Donations may be sent in check form to:
The FreeBSD Foundation
7321 Brockway Dr.Boulder, CO80303USAThe FreeBSD Foundation is now able to accept donations
through the web with PayPal. To place a donation, please
visit the Foundation web
site.More information about the FreeBSD Foundation can be
found in The
FreeBSD Foundation -- an Introduction. To contact
the Foundation by email, write to
bod@FreeBSDFoundation.org.Donating HardwaredonationsThe FreeBSD Project happily accepts donations of
hardware that it can find good use for. If you are
interested in donating hardware, please contact the Donations Liaison
Office.Donating Internet AccessWe can always use new mirror sites for FTP, WWW or
cvsup. If you would like to be such a
mirror, please see the Mirroring FreeBSD
article for more information.
diff --git a/en_US.ISO8859-1/articles/contributors/Makefile b/en_US.ISO8859-1/articles/contributors/Makefile
index 0b24fd7f3b..23e6d0fff9 100644
--- a/en_US.ISO8859-1/articles/contributors/Makefile
+++ b/en_US.ISO8859-1/articles/contributors/Makefile
@@ -1,24 +1,26 @@
#
# $FreeBSD$
#
# Article: Contributors to FreeBSD
DOC?= article
FORMATS?= html
WITH_ARTICLE_TOC?= YES
INSTALL_COMPRESSED?=gz
INSTALL_ONLY_COMPRESSED?=
SRCS= article.sgml
SRCS+= contrib.ent
SRCS+= contrib.386bsd.sgml
SRCS+= contrib.additional.sgml
SRCS+= contrib.committers.sgml
SRCS+= contrib.core.sgml
SRCS+= contrib.corealumni.sgml
SRCS+= contrib.develalumni.sgml
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/articles/contributors/article.sgml b/en_US.ISO8859-1/articles/contributors/article.sgml
index 70886f2279..83514270bc 100644
--- a/en_US.ISO8859-1/articles/contributors/article.sgml
+++ b/en_US.ISO8859-1/articles/contributors/article.sgml
@@ -1,723 +1,723 @@
%man;
%authors;
%teams;
%mailing-lists;
%freebsd;
%trademarks;
%urls;
%contrib.ent;
]>
Contributors to FreeBSD$FreeBSD$
&tm-attrib.freebsd;
&tm-attrib.cvsup;
&tm-attrib.sun;
&tm-attrib.general;
This article lists individuals and organizations who have
made a contribution to FreeBSD.Donors GalleryThe FreeBSD Project is indebted to the following donors and would
like to publicly thank them here!Contributors to the central server
project:The following individuals and businesses made it possible for
the FreeBSD Project to build a new central server machine, which
has replaced freefall.FreeBSD.org at
one point, by donating the following items:&a.mbarkah; and his employer, Hemisphere Online,
donated a Pentium Pro (P6) 200MHz CPUASA
Computers donated a Tyan 1662
motherboard.Joe McGuckin joe@via.net of ViaNet Communications donated
a Kingston ethernet controller.Jack O'Neill jack@diamond.xtalwind.net
donated an NCR 53C875 SCSI controller
card.Ulf Zimmermann ulf@Alameda.net of Alameda Networks donated
128MB of memory, a 4 Gb disk
drive and the case.Direct funding:The following individuals and businesses have generously
contributed direct funding to the project:Annelise Anderson
ANDRSN@HOOVER.STANFORD.EDU&a.dillon;Blue Mountain
ArtsEpilogue Technology
Corporation&a.sef;Global Technology
Associates, IncDon Scott WildeGianmarco Giovannelli
gmarco@masternet.itJosef C. Grosch joeg@truenorth.orgRobert T. Morris&a.chuckr;Kenneth P. Stox ken@stox.sa.enteract.com of
Imaginary Landscape,
LLC.Dmitry S. Kohmanyuk dk@dog.farm.orgLaser5 of Japan
(a portion of the profits from sales of their various FreeBSD
CDROMs).Fuki Shuppan
Publishing Co. donated a portion of their profits from
Hajimete no FreeBSD (FreeBSD, Getting
started) to the FreeBSD and XFree86 projects.ASCII Corp.
donated a portion of their profits from several FreeBSD-related
books to the FreeBSD project.Yokogawa Electric
Corp has generously donated significant funding to the
FreeBSD project.BuffNETPacific
SolutionsSiemens AG
via Andre Albsmeier
andre.albsmeier@mchp.siemens.deChris Silva ras@interaccess.comHardware contributors:The following individuals and businesses have generously
contributed hardware for testing and device driver
development/support:BSDi for providing the Pentium P5-90 and
486/DX2-66 EISA/VL systems that are being used for our
development work, to say nothing of the network access and other
donations of hardware resources.Compaq
has donated a variety of Alpha systems to the FreeBSD
Project. Among the many generous donations are 4
AlphaStation DS10s, an AlphaServer DS20,
AlphaServer 2100s, an AlphaServer 4100, 8 500Mhz
Personal Workstations, 4 433Mhz Personal Workstations,
and more! These machines are used for release
engineering, package building, SMP development, and general
development on the Alpha architecture.TRW Financial Systems, Inc. provided 130 PCs, three 68 GB
file servers, twelve Ethernets, two routers and an ATM switch for
debugging the diskless code.Dermot McDonnell donated the Toshiba XM3401B CDROM drive
currently used in freefall.Chuck Robey chuckr@glue.umd.edu contributed
his floppy tape streamer for experimental work.Larry Altneu larry@ALR.COM, and &a.wilko;,
provided Wangtek and Archive QIC-02 tape drives in order to
improve the wt driver.Ernst Winter ewinter@lobo.muc.de contributed
a 2.88 MB floppy drive to the project. This will hopefully
increase the pressure for rewriting the floppy disk driver.
Tekram
Technologies sent one each of their DC-390, DC-390U
and DC-390F FAST and ULTRA SCSI host adapter cards for
regression testing of the NCR and AMD drivers with their cards.
They are also to be applauded for making driver sources for free
operating systems available from their FTP server .Larry M. Augustin contributed not only a
Symbios Sym8751S SCSI card, but also a set of data books,
including one about the forthcoming Sym53c895 chip with Ultra-2
and LVD support, and the latest programming manual with
information on how to safely use the advanced features of the
latest Symbios SCSI chips. Thanks a lot!Christoph Kukulies kuku@FreeBSD.org donated
an FX120 12 speed Mitsumi CDROM drive for IDE CDROM driver
development.Mike Tancsa mike@sentex.ca donated four various
ATM PCI cards in order to help increase support of these cards as
well as help support the development effort of the netatm ATM
stack.
Special contributors:BSDi (formerly Walnut Creek CDROM)
has donated almost more than we can say (see the 'About the FreeBSD Project'
section of the FreeBSD Handbook for more details).
In particular, we would like to thank them for the original
hardware used for freefall.FreeBSD.org, our primary
development machine, and for thud.FreeBSD.org, a testing and build
box. We are also indebted to them for funding various
contributors over the years and providing us with unrestricted
use of their T1 connection to the Internet.The interface
business GmbH, Dresden has been patiently supporting
&a.joerg; who has often preferred FreeBSD work over paid work, and
used to fall back to their (quite expensive) EUnet Internet
connection whenever his private connection became too slow or
flaky to work with it...Berkeley Software Design,
Inc. has contributed their DOS emulator code to the
remaining BSD world, which is used in the
doscmd command.The FreeBSD Core TeamThe FreeBSD core team constitutes the project's Board of
Directors, responsible for deciding the project's overall goals
and direction as well as managing specific
areas of the FreeBSD project landscape.(in alphabetical order by last name):
&contrib.core;
Other &os; TeamsThe &os; project delegates certain individuals to work
on various teams according to project needs. The following
list contains the current information on those individuals and
their designated areas:
&contrib.staff;
The FreeBSD DevelopersThese are the people who have commit privileges and do the
engineering work on the FreeBSD source tree. All core team members are
also developers.(in alphabetical order by last name):
&contrib.committers;
The FreeBSD Documentation Project
- The FreeBSD
+ The FreeBSD
Documentation Project is responsible for a number of different
services, each service being run by an individual and his
deputies (if any):Documentation Project Architect&a.nik;Handbook Editor&a.doc;FAQ Editor&a.doc;News Editor&a.jim;In the Press Editor&a.jkoshy;FreeBSD Really-Quick NewsLetter EditorChris Coleman chrisc@vmunix.comGallery Editor&a.phantom;Commercial Gallery Editor&a.josef;User Groups Editor&a.grog;FreeBSD &java; Project&a.patrick;LinuxDoc to DocBook conversion&a.nik;Who is Responsible for WhatDocumentation
+ url="&url.base;/docproj/index.html">Documentation
Project Manager&a.nik;CVSup Mirror Site Coordinator&a.cvsup-master;which includes:&a.kuriyama; (responsible),&a.jdp; (advisor)FTP/WWW Mirror Site Coordinator&a.mirror-admin;which includes:&a.kuriyama;,&a.kensmith;Localization&a.ache;Postmaster&a.dhw;,&a.jmb;Release
Coordination&a.re; headed by &a.murray;Public Relations & Corporate LiaisonSeat open
- Security
+ Security
Officers&a.security-officer; headed by &a.nectar;
- Source
+ Source
Repository ManagersPrincipal: &a.peter;Assistants: &a.markm;, &a.joe;Website Management&a.www;
- Ports
+ Ports
Manager&a.portmgr;which includes:&a.knu;,&a.kris;,&a.lioux;,&a.marcus;,&a.sobomax;,&a.steve;,&a.will;,&a.erwin; (secretary)Standards&a.wollman;XFree86 Project, Inc. Liaison&a.rich;
- GNATS
+ GNATS
Administrator&a.ceri;Bugmeister&a.ceri;
- Donations Liaison Office
+ Donations Liaison Office&a.donations;which includes:&a.mwlucas&a.nsayer&a.obrien&a.rwatson&a.trhodesCore Team Alumnicore teamThe following people were members of the FreeBSD core team during
the periods indicated. We thank them for their past efforts in the
service of the FreeBSD project.In rough chronological order:
&contrib.corealumni;
Development Team Alumnidevelopment teamThe following people were members of the FreeBSD development team
during the periods indicated. We thank them for their past efforts
in the service of the FreeBSD project.In rough chronological order:
&contrib.develalumni;
Derived Software ContributorsThis software was originally derived from William F. Jolitz's 386BSD
release 0.1, though almost none of the original 386BSD specific code
remains. This software has been essentially re-implemented from the
4.4BSD-Lite release provided by the Computer Science Research Group
(CSRG) at the University of California, Berkeley and associated academic
contributors.There are also portions of NetBSD and OpenBSD that have been
integrated into FreeBSD as well, and we would therefore like to thank
all the contributors to NetBSD and OpenBSD for their work.Additional FreeBSD Contributors(in alphabetical order by first name):
&contrib.additional;
386BSD Patch Kit Patch Contributors(in alphabetical order by first name):
&contrib.386bsd;
diff --git a/en_US.ISO8859-1/articles/explaining-bsd/Makefile b/en_US.ISO8859-1/articles/explaining-bsd/Makefile
index 42fe714c48..e0728a0215 100644
--- a/en_US.ISO8859-1/articles/explaining-bsd/Makefile
+++ b/en_US.ISO8859-1/articles/explaining-bsd/Makefile
@@ -1,19 +1,21 @@
#
# $FreeBSD$
#
# Article: Explaining BSD
MAINTAINER=grog@FreeBSD.org
DOC?= article
FORMATS?= html
WITH_ARTICLE_TOC?= YES
INSTALL_COMPRESSED?= gz
INSTALL_ONLY_COMPRESSED?=
SRCS= article.sgml
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/articles/explaining-bsd/article.sgml b/en_US.ISO8859-1/articles/explaining-bsd/article.sgml
index b8f3438f73..7baf91824e 100644
--- a/en_US.ISO8859-1/articles/explaining-bsd/article.sgml
+++ b/en_US.ISO8859-1/articles/explaining-bsd/article.sgml
@@ -1,567 +1,567 @@
%man;
%freebsd;
%trademarks;
%urls;
]>
Explaining BSDGregLeheygrog@FreeBSD.org
&tm-attrib.freebsd;
&tm-attrib.apple;
&tm-attrib.linux;
&tm-attrib.opengroup;
&tm-attrib.sun;
&tm-attrib.xfree86;
&tm-attrib.general;
In the open source world, the word Linux is almost
synonymous with Operating System, but it is not the only
open source &unix; operating system. According
to the Internet
Operating System Counter, as of April 1999 31.3% of the
world's network connected machines run Linux. 14.6% run BSD &unix;.
Some of the world's largest web operations, such as Yahoo!, run BSD. The world's
busiest FTP server, ftp.cdrom.com, uses BSD to
transfer 1.4 TB of data a day. Clearly this is not a niche
market: BSD is a well-kept secret.So what is the secret? Why is BSD not better known? This white
paper addresses these and other questions.Throughout this paper, differences between BSD and Linux will be
noted like this.What is BSD?BSD stands for Berkeley Software Distribution. It is
the name of distributions of source code from the University of
California, Berkeley, which were originally extensions to AT&T's
Research &unix; operating system. Several open source operating system
projects are based on a release of this source code known as
4.4BSD-Lite. In addition, they comprise a number of packages from other
Open Source projects, including notably the GNU project. The overall
operating system comprises:The BSD kernel, which handles process scheduling, memory
management, symmetric multi-processing (SMP), device drivers,
etc.Unlike the Linux kernel, there are several different
BSD kernels with differing capabilities.The C library, the base API for the system.The BSD C library is based on code from Berkeley, not
the GNU project.Utilities such as shells, file utilities, compilers and
linkers.Some of the utilities are derived from the GNU
project, others are not.The X Window system, which handles graphical display.The X Window system used in most versions of BSD is maintained
by a separate project, the
&xfree86; project.
This is the same code as Linux uses. BSD does not normally
specify a graphical desktop such as GNOME or KDE,
though these are available.Many other programs and utilities.What, a real &unix;?The BSD operating systems are not clones, but open source
derivatives of AT&T's Research &unix; operating system, which is also
the ancestor of the modern &unix; System V. This may surprise you. How
could that happen when AT&T has never released its code as open
source?It is true that AT&T &unix; is not open source, and in a copyright
sense BSD is very definitely not &unix;, but on the
other hand, AT&T has imported sources from other projects,
noticeably the Computer Sciences Research Group of the University of
California in Berkeley, CA. Starting in 1976, the CSRG started
releasing tapes of their software, calling them Berkeley
Software Distribution or BSD.Initial BSD releases consisted mainly of user programs, but that
changed dramatically when the CSRG landed a contract with the Defense
Advanced Projects Research Agency (DARPA) to upgrade the communications
protocols on their network, ARPANET. The new protocols were known as
the Internet Protocols, later
TCP/IP after the most important protocols. The
first widely distributed implementation was part of 4.2BSD, in
1982.In the course of the 1980s, a number of new workstation companies
sprang up. Many preferred to license &unix; rather than developing
operating systems for themselves. In particular, Sun Microsystems
licensed &unix; and implemented a version of 4.2BSD, which they called
&sunos;. When AT&T themselves were allowed to sell &unix; commercially,
they started with a somewhat bare-bones implementation called System
III, to be quickly followed by System V. The System V code base did not
include networking, so all implementations included additional software
from the BSD, including the TCP/IP software, but also utilities such as
the csh shell and the vi
editor. Collectively, these enhancements were known as the
Berkeley Extensions.The BSD tapes contained AT&T source code and thus required a
&unix; source license. By 1990, the CSRG's funding was running out, and
it faced closure. Some members of the group decided to release the BSD
code, which was Open Source, without the AT&T proprietary code.
This finally happened with the Networking Tape 2,
usually known as Net/2. Net/2 was not a complete
operating system: about 20% of the kernel code was missing. One of the
CSRG members, William F. Jolitz, wrote the remaining code and released
it in early 1992 as 386BSD. At the same time,
another group of ex-CSRG members formed a commercial company called
Berkeley Software Design Inc.
and released a beta version of an operating system called
BSD/386, which was based on
the same sources. The name of the operating system has since changed
to BSD/OS.386BSD never became a stable operating system. Instead, two other
projects split off from it in 1993:
NetBSD and
- FreeBSD. The two projects
+ FreeBSD. The two projects
originally diverged due to differences in patience waiting for
improvements to 386BSD: the NetBSD people started early in the year,
and the first version of FreeBSD was not ready until the end of the
year. In the meantime, the code base had diverged sufficiently to
make it difficult to merge. In addition, the projects had different
aims, as we will see below. In 1996, a further project,
OpenBSD, split off from
NetBSD.Why is BSD not better known?For a number of reasons, BSD is relatively unknown:The BSD developers are often more interested in polishing their
code than marketing it.Much of Linux's popularity is due to factors external to the
Linux projects, such as the press, and to companies formed to
provide Linux services. Until recently, the open source BSDs had no
such proponents.BSD developers tend to be more experienced than Linux
developers, and have less interest in making the system easy to use.
Newcomers tend to feel more comfortable with Linux.In 1992, AT&T sued
BSDI,
the vendor of BSD/386, alleging that the product contained
AT&T-copyrighted code. The case was settled out of court in
1994, but the spectre of the litigation continues to haunt people.
As recently as March 2000 an article published on the web claimed
that the court case had been recently settled.One detail that the lawsuit did clarify is the naming: in the
1980s, BSD was known as BSD &unix;. With the
elimination of the last vestige of AT&T code from BSD, it
also lost the right to the name &unix;. Thus you will see
references in book titles to the 4.3BSD &unix; operating
system and the 4.4BSD operating
system.There is a perception that the BSD projects are fragmented and
belligerent. The
Wall Street
Journal spoke of balkanization of the
BSD projects. Like the law suit, this perception bases mainly
on ancient history.Comparing BSD and LinuxSo what is really the difference between, say, Debian Linux and
FreeBSD? For the average user, the difference is surprisingly small:
Both are &unix; like operating systems. Both are developed by
non-commercial projects (this does not apply to many other Linux
distributions, of course). In the following section, we will look at BSD
and compare it to Linux. The description applies most closely to
FreeBSD, which accounts for an estimated 80% of the BSD installations,
but the differences from NetBSD and OpenBSD are small.Who owns BSD?No one person or corporation owns BSD. It is created and
distributed by a community of highly technical and committed
contributors all over the world. Some of the components of BSD are
Open Source projects managed by a different project maintainer.How is BSD developed and updated?The BSD kernels are developed and updated following the Open
Source development model. Each project maintains a publicly
accessible source tree under the
Concurrent Versions
System (CVS), which contains all source files for the
project, including documentation and other incidental files. CVS
allows users to check out (in other words, to
extract a copy of) any desired version of the system.A large number of developers worldwide contribute to improvements
to BSD. They are divided into three kinds:Contributors write code or documentation.
They are not permitted to commit (add code) directly to the source
tree. In order for their code to be included in the system, it
must be reviewed and checked in by a registered developer, known
as a committer.Committers are developers with write
access to the source tree. In order to become a committer, an
individual must show ability in the area in which he is
active.
It is at the individual committer's discretion whether he should
obtain authority before committing changes to the source tree. In
general, an experienced committer may make changes which are
obviously correct without obtaining consensus. For example, a
documentation project committer may correct typographical or
grammatical errors without review. On the other hand, developers
making far-reaching or complicated changes are expected to submit
their changes for review before committing them. In extreme
cases, a core team member with a function such as Principal
Architect may order that changes be removed from the tree, a
process known as backing out. All committers
receive mail describing each individual commit, so it is not
possible to commit secretly.The Core team. FreeBSD and
NetBSD each have a core team which manages the project. The
core teams developed in the course of the projects, and their role
is not always well-defined. It is not necessary to be a developer
in order to be a core team member, though it is normal. The rules
for the core team vary from one project to the other, but in
general they have more say in the direction of the project than
non-core team members have.This arrangement differs from Linux in a number of ways:No one person controls the content of the system. In
practice, this difference is overrated, since the Chief Architect
can require that code be backed out, and even in the Linux project
several people are permitted to make changes.On the other hand, there is a central
repository, a single place where you can find the entire operating
system sources, including all older versions.BSD projects maintain the entire Operating
System, not only the kernel. This distinction is only
marginally useful: neither BSD nor Linux is useful without
applications. The applications used under BSD are frequently the
same as the applications used under Linux.As a result of the formalized maintenance of a single CVS
source tree, BSD development is clear, and it is possible to
access any version of the system by release number or by date.
CVS also allows incremental updates to the system: for example,
the FreeBSD repository is updated about 100 times a day. Most of
these changes are small.BSD releasesEach BSD project provides the system in three different
releases. As with Linux, releases are assigned a
number such as 1.4.1 or 3.5. In addition, the version number has a
suffix indicating its purpose:The development version of the system is called
CURRENT. FreeBSD assigns a number to
CURRENT, for example FreeBSD 5.0-CURRENT. NetBSD uses a slightly
different naming scheme and appends a single-letter suffix which
indicates changes in the internal interfaces, for example NetBSD
1.4.3G. OpenBSD does not assign a number ("OpenBSD-current").
All new development on the system goes into this branch.At regular intervals, between two and four times a year, the
projects bring out a RELEASE version of the
system, which is available on CD-ROM and for free download from
FTP sites, for example OpenBSD 2.6-RELEASE or NetBSD 1.4-RELEASE.
The RELEASE version is intended for end users and is the normal
version of the system. NetBSD also provides patch
releases with a third digit, for example NetBSD
1.4.2.As bugs are found in a RELEASE version, they are fixed, and
the fixes are added to the CVS tree. In FreeBSD, the resultant
version is called the STABLE version, while in NetBSD and OpenBSD
it continues to be called the RELEASE version. Smaller new
features can also be added to this branch after a period of test
in the CURRENT branch.By contrast, Linux maintains two separate code trees:
the stable version and the development version. Stable versions
have an even minor version number, such as 2.0, 2.2 or 2.4.
Development versions have an odd minor version number, such as 2.1,
2.3 or 2.5. In each case, the number is followed by a further
number designating the exact release. In addition, each vendor adds
their own userland programs and utilities, so the name of the
distribution is also important. Each distribution vendor also
assigns version numbers to the distribution, so a complete
description might be something like TurboLinux 6.0 with kernel
2.2.14What versions of BSD are available?In contrast to the numerous Linux distributions, there are only
three open source BSDs. Each BSD project maintains its own source
tree and its own kernel. In practice, though, there appear to be
fewer divergences between the userland code of the projects than there
is in Linux.It is difficult to categorize the goals of each project: the
differences are very subjective. Basically,FreeBSD aims for high performance and ease of use by
end users, and is a favourite of web content providers. It runs
on PCs and Compaq's Alpha processors. The FreeBSD project has
significantly more users than the other projects.NetBSD aims for maximum portability: of course it runs
NetBSD. It runs on machines from palmtops to large
servers, and has even been used on NASA space missions. It is a
particularly good choice for running on old non-Intel
hardware.OpenBSD aims for security and code purity: it uses a
combination of the open source concept and rigorous code reviews
to create a system which is demonstrably correct, making it the
choice of security-conscious organizations such as banks, stock
exchanges and US Government departments. Like NetBSD, it runs on
a number of platforms.There are also two additional BSD &unix; operating systems which are not
open source, BSD/OS and Apple's &macos; X:BSD/OS is the oldest of the 4.4BSD derivatives. It
is not open source, though source code licenses are available at
relatively low cost. It resembles FreeBSD in many ways.&macos;
X is the latest version of the operating system for
Apple Computer Inc.'s
&macintosh; line. The BSD core of this operating
system, Darwin,
is available as a fully functional open source operating
system for x86 and PPC computers. The Aqua/Quartz
graphics system and many other proprietary aspects of
&macos; X remain closed-source, however. Several Darwin
developers are also FreeBSD committers, and
vice-versa.How does the BSD license differ from the GNU Public
license?Linux is available under the
GNU General Public
License (GPL), which is designed to eliminate closed
source software. In particular, any derivative work of a product
released under the GPL must also be supplied with source code if
requested. By contrast, the
BSD
license is less restrictive: binary-only distributions are
allowed. This is particularly attractive for embedded
applications.What else should I know?Since fewer applications are available for BSD than Linux, the BSD
developers created a Linux compatibility package, which allows Linux
programs to run under BSD. The package includes both kernel
modifications, in order to correctly perform Linux system calls, and
Linux compatibility files such as the C library. There is no
noticeable difference in execution speed between a Linux application
running on a Linux machine and a Linux application running on a BSD
machine of the same speed.The all from one supplier nature of BSD means that
upgrades are much easier to handle than is frequently the case with
Linux. BSD handles library version upgrades by providing
compatibility modules for earlier library versions, so it is possible
to run binaries which are several years old with no problems.Which should I use, BSD or Linux?What does this all mean in practice? Who should use BSD, who
should use Linux?This is a very difficult question to answer. Here are some
guidelines:If it ain't broke, don't fix it: If you already
use an open source operating system, and you are happy with it,
there is probably no good reason to change.BSD systems, in particular FreeBSD, can have notably higher
performance than Linux. But this is not across the board. In many
cases, there is little or no difference in performance. In some
cases, Linux may perform better than FreeBSD.In general, BSD systems have a better reputation for
reliability, mainly as a result of the more mature code
base.The BSD license may be more attractive than the GPL.BSD can execute Linux code, while Linux can not execute BSD
code. As a result, more software is available for BSD than for
Linux.Who provides support, service, and training for BSD?BSDi have always supported BSD/OS, and they have recently
announced support contracts for FreeBSD.In addition, each of the projects has a list of consultants for
hire:
- FreeBSD,
+ FreeBSD,
NetBSD,
and OpenBSD.
diff --git a/en_US.ISO8859-1/articles/mailing-list-faq/Makefile b/en_US.ISO8859-1/articles/mailing-list-faq/Makefile
index 707c98e490..09f7ccb2f7 100644
--- a/en_US.ISO8859-1/articles/mailing-list-faq/Makefile
+++ b/en_US.ISO8859-1/articles/mailing-list-faq/Makefile
@@ -1,24 +1,26 @@
#
# $FreeBSD$
#
# Article: Frequently Asked Questions About The FreeBSD Mailing Lists
DOC?= article
FORMATS?= html
INSTALL_COMPRESSED?=gz
INSTALL_ONLY_COMPRESSED?=
WITH_ARTICLE_TOC?=YES
#
# SRCS lists the individual SGML files that make up the document. Changes
# to any of these files will force a rebuild
#
# SGML content
SRCS= article.sgml
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/articles/mailing-list-faq/article.sgml b/en_US.ISO8859-1/articles/mailing-list-faq/article.sgml
index f57b2719ee..f8ce24f2c3 100644
--- a/en_US.ISO8859-1/articles/mailing-list-faq/article.sgml
+++ b/en_US.ISO8859-1/articles/mailing-list-faq/article.sgml
@@ -1,557 +1,557 @@
%man;
%freebsd;
%authors;
%teams;
%mailing-lists;
%trademarks;
%urls;
]>
Frequently Asked Questions About The &os; Mailing ListsThe &os; Documentation Project$FreeBSD$2004The &os; Documentation ProjectThis is the FAQ for the &os; mailing lists. If you are
interested in helping with this project, send email to the &a.doc;.
The latest version of this document is always available from the
&os;
World Wide Web server. It may also be downloaded as
one large HTML file with HTTP
or as plain text, PostScript, PDF, etc. from the &os; FTP
server. You may also want to Search the
+ url="&url.base;/search/index.html">Search the
FAQ.IntroductionAs is usual with FAQs, this document aims to cover the
most frequently asked questions concerning the &os; mailing
lists (and of course answer them!). Although originally intended
to reduce bandwidth and avoid the same old questions being asked
over and over again, FAQs have become recognized as valuable
information resources.This document attempts to represent a community consensus, and
as such it can never really be authoritative.
However, if you find technical errors within this document, or
have suggestions about items that should be added, plase either
submit a PR, or email the &a.doc;. Thanks.What is the purpose of the &os; mailing lists?The &os; mailing lists serve as the primary
communication channels for the &os; community, covering many
different topic areas and communities of interest.Who is the audience for the &os; mailing lists?This depends on charter of each individual list. Some
lists are more oriented to developers; some are more oriented
towards the &os; community as a whole. Please see this list
for the current summary.Are the &os; mailing lists open for anyone to participate?Again, this depends on charter of each individual list.
Please read the charter of a mailing list before you post to it,
and respect it when you post. This will help everyone to have
a better experience with the lists.If after reading the above lists, you still do not know
which mailing list to post a question to, you will probably
want to post to freebsd-questions (but see below, first).Also note that the mailing lists have traditionally
been open to postings from non-subscribers. This has
been a deliberate choice, to help make joining the &os;
community an easier process, and to encourage open sharing
of ideas. However, due to past abuse by some individuals,
certain lists now have a policy where postings from
non-subscribers must be manually screened to ensure that
they are appropriate.How can I subscribe?You can use
the Mailman web interface to subscribe to any
of the public lists.How can I unsubscribe?You can use the same interface as above; or,
you can follow the instructions that are at the
bottom of every mailing list message that is sent.Please do not send unsubscribe messages directly
to the public lists themselves. First, this will not
accomplish your goal, and second, it will irritate the
existing subscribers, and you will probably get flamed.
This is a classical mistake when using mailing lists;
please try to avoid it.Are archives available?Yes. Threaded archives are available
here.Are mailing lists available in a digest format?Yes. See
the Mailman web interface.Mailing List EtiquetteParticipation in the mailing lists, like participation
in any community, requires a common basis for communication.
Please make only appropriate postings, and follow common
rules of etiquette.What should I do before I post?You have already taken the most important step by
reading this document. However, if you are new to &os;,
you may first need to familiarize yourself with the
software, and all the social history around it, by
reading the numerous
- books
+ books
and
- articles
+ articles
that are available. Items of particular interest
include the
&os; Frequently Asked Questions (FAQ) document,
the
&os; Handbook,
and the articles
How to get best results from the FreeBSD-questions mailing list,
Explaining BSD,
and
&os; First Steps.It is always considered bad form to ask a question that is
already answered in the above documents. This is not because
the volunteers who work on this project are particularly mean
people, but after a certain number of times answering the same
questions over and over again, frustration begins to set in.
This is particularly true if there is an existing answer to the
question that is already available. Always keep in mind that
almost all of the work done on &os; is done by volunteers,
and that we are only human.What constitutes an inappropriate posting?Postings must be in accordance with the charter
of the mailing list.Personal attacks are discouraged. As good
net.citizens, we should try to hold ourselves to high
standards of behavior.Spam is not allowed, ever. The mailing lists are
actively processed to ban offenders to this rule.What is considered proper etiquette when posting
to the mailing lists?Please wrap lines at 75 characters, since not
everyone uses fancy GUI mail reading programs.Please respect that fact that bandwidth is not
infinite. Not everyone reads email through high-speed
connections, so if your posting involves something like
the content of config.log or an
extensive stack trace, please consider putting that
information up on a website somewhere and just provide
a URL to it. Remember, too, that these postings will
be archived indefinitely, so huge postings will simply
inflate the size of the archives long after their
purpose has expired.Format your message so that it is legible, and
PLEASE DO NOT SHOUT!!!!!. Do not underestimate the
effect that a poorly formatted mail message has, and not
just on the &os; mailing lists. Your mail message is
all that people see of you, and if it is poorly formatted,
badly spelled, full of errors, and/or has lots of exclamation
points, it will give people a poor impression of you.Please use an appropriate human language for a
particular mailing list. Many non-English mailing
lists are
-
+
available.For the ones that are not, we do appreciate that many
people do not speak English as their first language,
and we try to make allowances for that. It is considered
particularly poor form to criticize non-native speakers
for spelling or grammatical errors. &os; has an
excellent track record in this regard; please, help us
to uphold that tradition.Please use a standards-compliant Mail User Agent (MUA).
A lot of badly formatted messages come from
bad mailers
or badly configured mailers. The following mailers
are known to send out badly formatted messages without you
finding out about them:cc:Mail&eudora; (older versions)exmhµsoft; Exchangeµsoft; Internet Mailµsoft; &outlook;&netscape; (older versions)As you can see, the mailers in the Microsoft world
are frequent offenders. If at all possible, use a &unix;
mailer. If you must use a mailer under Microsoft
environments, make sure it is set up correctly. Try not
to use MIME: a lot of people use mailers
which do not get on very well with
MIME.Make sure your time and time zone are set correctly.
This may seem a little silly, since your message still
gets there, but many of the people on these mailing lists
get several hundred messages a day. They frequently sort
the incoming messages by subject and by date, and if your
message does not come before the first answer, they may
assume that they missed it and not bother to look.A lot of the information you need to supply is the
output of programs, such as &man.dmesg.8;, or console
messages, which usually appear in
/var/log/messages. Do not try to copy
this information by typing it in again; not only it is a
real pain, but you are bound to make a mistake. To send log
file contents, either make a copy of the file and use an
editor to trim the information to what is relevant, or cut
and paste into your message. For the output of programs
like dmesg, redirect the output to a
file and include that. For example,&prompt.user; dmesg > /tmp/dmesg.outThis redirects the information to the file
/tmp/dmesg.out.When using cut-and-paste, please be aware that some
such operations badly mangle their messages. This is of
particular concern when posting contents of
Makefiles, where tab
is a significant character. This is a very common,
and very annoying, problem with submissions to the
-
+
GNATS Problem Reports database.
Makefiles with tabs changed to either
spaces, or the annoying =3B escape
sequence, create a great deal of aggravation for
committers.What are the special etiquette consideration when replying
to an existing posting on the mailing lists?Please include relevant text from the original message.
Trim it to the minimum, but do not overdo it. It should
still be possible for somebody who did not read the original
message to understand what you are talking about. This is especially important for postings of the type
"yes, I see this too", where the initial posting was dozens
or hundreds of lines.Use some technique to identify which text came from
the original message, and which text you add. A common
convention is to prepend
> to the original
message. Leaving white space after the
> and leaving empty
lines between your text and the original text both make
the result more readable.Please ensure that the attributions of the text
you are quoting is correct. People can become offended
if you attribute words to them that they themselves did
not write.Please do not top post. By this, we
mean that if you are replying to a message, please put your
replies after the text that you copy in your reply.A: Because it reverses the logical flow of
conversation.Q: Why is top posting frowned upon?(Thanks to Randy Bush for the joke.)Recurring Topics On The Mailing ListsParticipation in the mailing lists, like participation
in any community, requires a common basis for communication.
Many of the mailing lists presuppose a knowledge of the
Project's history. In particular, there are certain topics
that seem to regularly occur to newcomers to the community.
It is the responsibility of each poster to ensure that
their postings do not fall into one of these categories.
By doing so, you will help the mailing lists to stay on-topic,
and probably save yourself being flamed in the process.The best method to avoid this is to familiarize yourself
with the
mailing list archives,
to help yourself understand the background of
what has gone before. In this, the
mailing list search interface
is invaluable. (If that method does not yield useful results,
please supplement it with a search with your favorite major
search engine).By familiarizing yourself with the archives, not only will
you learn what topics have been discussed before, but also how
discussion tends to proceed on that list, who the participants
are, and who the target audience is. These are always good things
to know before you post to any mailing list, not just a &os;
mailing list.There is no doubt that the archives are quite extensive, and
some questions recur more often than others, sometimes as followups
where the subject line no longer accurately reflects the new content.
Nevertheless, the burden is on you, the poster, to do your homework
to help avoid these recurring topics, and especially the dreaded
bikesheds.What Is A "Bikeshed"?Literally, a bikeshed is a small outdoor
shelter into which one may store one's two-wheeled form of
transportation. However, in &os; parlance, the word is a
derogatory term that refers to any oft-recurring discussion
about a particular subject; in particular, it is most often used
to refer to a topic which has never reached a consensus within
the &os; community, and instead remains controversial. (The
genesis of this term is explained in more detail
in this document). You simply must have a working
knowledge of this concept before posting to any &os; mailing
list.More generally, a bikeshed is a topic that will tend to
generate immediate meta-discussions and flames if you have
not read up on their past history.Please help us to keep the mailing lists as useful for as
many people as possible by avoiding bikesheds whenever you can.
Thanks.Acknowledgments&a.grog;Original author of most of the material on mailing
list etiquette, taken from the article on
How to get best results from the FreeBSD-questions mailing list.&a.linimon;Creation of the rough draft of this FAQ.
diff --git a/en_US.ISO8859-1/articles/new-users/article.sgml b/en_US.ISO8859-1/articles/new-users/article.sgml
index 8f9e6e549e..f818b5da45 100644
--- a/en_US.ISO8859-1/articles/new-users/article.sgml
+++ b/en_US.ISO8859-1/articles/new-users/article.sgml
@@ -1,1067 +1,1067 @@
%man;
%mailing-lists;
%freebsd;
%trademarks;
%urls;
]>
For People New to Both FreeBSD and &unix;AnneliseAndersonandrsn@andrsn.stanford.eduAugust 15, 1997
&tm-attrib.freebsd;
&tm-attrib.ibm;
&tm-attrib.microsoft;
&tm-attrib.netscape;
&tm-attrib.opengroup;
&tm-attrib.general;
Congratulations on installing FreeBSD! This introduction
is for people new to both FreeBSD and
&unix;—so it starts with basics. It assumes you are using
version 2.0.5 or later of &os; as distributed by
&os;.org, your system (for now) has a single user
(you)—and you are probably pretty good with DOS/&windows;
or &os2;.Logging in and Getting OutLog in (when you see login:) as a user you
created during installation or as root.
(Your FreeBSD installation will already have an account for
root; who can go anywhere and do anything, including deleting
essential files, so be careful!) The symbols &prompt.user; and
&prompt.root; in the following stand for the prompt (yours may
be different), with &prompt.user; indicating an ordinary user
and &prompt.root; indicating root.To log out (and get a new login: prompt)
type&prompt.root; exitas often as necessary. Yes, press enter
after commands, and remember that &unix; is
case-sensitive—exit, not
EXIT.To shut down the machine type&prompt.root; /sbin/shutdown -h nowOr to reboot type&prompt.root; /sbin/shutdown -r nowor&prompt.root; /sbin/rebootYou can also reboot with
CtrlAltDelete.
Give it a little time to do its work. This is equivalent to
/sbin/reboot in recent releases of FreeBSD
and is much, much better than hitting the reset button. You
do not want to have to reinstall this thing, do you?Adding A User with Root PrivilegesIf you did not create any users when you installed the system
and are thus logged in as root, you should probably create a
user now with&prompt.root; adduserThe first time you use adduser, it might ask for some
defaults to save. You might want to make the default shell
&man.csh.1; instead of &man.sh.1;, if it suggests
sh as the default. Otherwise just press
enter to accept each default. These defaults are saved in
/etc/adduser.conf, an editable file.Suppose you create a user jack with
full name Jack Benimble. Give jack a
password if security (even kids around who might pound on the
keyboard) is an issue. When it asks you if you want to invite
jack into other groups, type wheelLogin group is ``jack''. Invite jack into other groups: wheelThis will make it possible to log in as
jack and use the &man.su.1;
command to become root. Then you will not get scolded any more for
logging in as root.You can quit adduser any time by typing
CtrlC,
and at the end you will have a chance to approve your new user or
simply type n for no. You might want to create
a second new user so that when you edit jack's login
files, you will have a hot spare in case something goes
wrong.Once you have done this, use exit to get
back to a login prompt and log in as jack.
In general, it is a good idea to do as much work as possible as
an ordinary user who does not have the power—and
risk—of root.If you already created a user and you want the user to be
able to su to root, you can log in as root
and edit the file /etc/group, adding jack
to the first line (the group wheel). But
first you need to practice &man.vi.1;, the text editor—or
use the simpler text editor, &man.ee.1;, installed on recent
versions of FreeBSD.To delete a user, use the rmuser
command.Looking AroundLogged in as an ordinary user, look around and try out some
commands that will access the sources of help and information
within FreeBSD.Here are some commands and what they do:idTells you who you are!pwdShows you where you are—the current working
directory.lsLists the files in the current directory.ls Lists the files in the current directory with a
* after executables, a
/ after directories, and an
@ after symbolic links.ls Lists the files in long format—size, date,
permissions.ls Lists hidden dot files with the others.
If you are root, the dot files show up
without the switch.cdChanges directories. cd
.. backs up one level;
note the space after cd. cd
/usr/local goes there.
cd ~ goes to the
home directory of the person logged in—e.g.,
/usr/home/jack. Try cd
/cdrom, and then
ls, to find out if your CDROM is
mounted and working.view
filenameLets you look at a file (named
filename) without changing it.
Try view
/etc/fstab.
Type :q to quit.cat
filenameDisplays filename on
screen. If it is too long and you can see only the end of
it, press ScrollLock and use the
up-arrow to move backward; you can use
ScrollLock with manual pages too. Press
ScrollLock again to quit scrolling. You
might want to try cat on some of the
dot files in your home directory—cat
.cshrc, cat
.login, cat
.profile.You will notice aliases in .cshrc for
some of the ls commands (they are very
convenient). You can create other aliases by editing
.cshrc. You can make these aliases
available to all users on the system by putting them in the
system-wide csh configuration file,
/etc/csh.cshrc.Getting Help and InformationHere are some useful sources of help.
Text stands for something of your
choice that you type in—usually a command or
filename.apropos
textEverything containing string
text in the whatis
database.man
textThe manual page for text. The
major source of documentation for &unix; systems.
man ls will tell
you all the ways to use the ls command.
Press Enter to move through text,
CtrlB
to go back a page,
CtrlF
to go forward, q or
CtrlC
to quit.which
textTells you where in the user's path the command
text is found.locate
textAll the paths where the string
text is found.whatis
textTells you what the command
text does and its manual page.
Typing whatis * will tell you about all
the binaries in the current directory.whereis
textFinds the file text, giving
its full path.You might want to try using whatis on
some common useful commands like cat,
more, grep,
mv, find,
tar, chmod,
chown, date, and
script. more lets you
read a page at a time as it does in DOS, e.g., ls -l |
more or more
filename. The
* works as a wildcard—e.g., ls
w* will show you files beginning with
w.Are some of these not working very well? Both
&man.locate.1; and &man.whatis.1; depend
on a database that is rebuilt weekly. If your machine is not
going to be left on over the weekend (and running FreeBSD), you
might want to run the commands for daily, weekly, and monthly
maintenance now and then. Run them as root and, for now, give each one
time to finish before you start the next one.&prompt.root; periodic dailyoutput omitted
&prompt.root; periodic weeklyoutput omitted
&prompt.root; periodic monthlyoutput omittedIf you get tired of waiting, press
AltF2 to
get another virtual console, and log in
again. After all, it is a multi-user, multi-tasking system.
Nevertheless these commands will probably flash messages on your
screen while they are running; you can type
clear at the prompt to clear the screen.
Once they have run, you might want to look at
/var/mail/root and
/var/log/messages.Running such commands is part of system
administration—and as a single user of a &unix; system,
you are your own system administrator. Virtually everything you
need to be root to do is system administration. Such
responsibilities are not covered very well even in those big fat
books on &unix;, which seem to devote a lot of space to pulling
down menus in windows managers. You might want to get one of
the two leading books on systems administration, either Evi
Nemeth et.al.'s UNIX System Administration
Handbook (Prentice-Hall, 1995, ISBN
0-13-15051-7)—the second edition with the red cover; or
Æleen Frisch's Essential System
Administration (O'Reilly & Associates, 2002,
ISBN 0-596-00343-9). I used Nemeth.Editing TextTo configure your system, you need to edit text files. Most
of them will be in the /etc directory; and
you will need to su to root to be able to
change them. You can use the easy ee, but in
the long run the text editor vi is worth
learning. There is an excellent tutorial on vi in
/usr/src/contrib/nvi/docs/tutorial, if you
have the system sources installed.Before you edit a file, you should probably back it up.
Suppose you want to edit /etc/rc.conf. You
could just use cd /etc to get to the
/etc directory and do:&prompt.root; cp rc.conf rc.conf.origThis would copy rc.conf to
rc.conf.orig, and you could later copy
rc.conf.orig to
rc.conf to recover the original. But even
better would be moving (renaming) and then copying back:&prompt.root; mv rc.conf rc.conf.orig
&prompt.root; cp rc.conf.orig rc.confbecause the mv command preserves the
original date and owner of the file. You can now edit
rc.conf. If you want the original back,
you would then mv rc.conf rc.conf.myedit
(assuming you want to preserve your edited version) and
then&prompt.root; mv rc.conf.orig rc.confto put things back the way they were.To edit a file, type&prompt.root; vi filenameMove through the text with the arrow keys.
Esc (the escape key) puts vi
in command mode. Here are some commands:xdelete letter the cursor is ondddelete the entire line (even if it wraps on the
screen)iinsert text at the cursorainsert text after the cursorOnce you type i or a,
you can enter text. Esc puts you back in
command mode where you can type:wto write your changes to disk and continue
editing:wqto write and quit:q!to quit without saving changes/textto move the cursor to text;
/Enter (the enter key)
to find the next instance of
text.Gto go to the end of the filenGto go to line n in the
file, where n is a
numberCtrlLto redraw the screenCtrlb and
Ctrlfgo back and forward a screen, as they do with
more and view.Practice with vi in your home directory
by creating a new file with vi
filename and adding and
deleting text, saving the file, and calling it up again.
vi delivers some surprises because it is
really quite complex, and sometimes you will inadvertently issue a
command that will do something you do not expect. (Some people
actually like vi—it is more powerful
than DOS EDIT—find out about the :r
command.) Use Esc one or more times to be sure
you are in command mode and proceed from there when it gives you
trouble, save often with :w, and use
:q! to get out and start over (from your last
:w) when you need to.Now you can cd to
/etc, su to root, use
vi to edit the file
/etc/group, and add a user to wheel so the
user has root privileges. Just add a comma and the user's login
name to the end of the first line in the file, press
Esc, and use :wq to write
the file to disk and quit. Instantly effective. (You did not
put a space after the comma, did you?)Printing Files from DOSAt this point you probably do not have the printer working,
so here is a way to create a file from a manual page, move it to a
floppy, and then print it from DOS. Suppose you want to read
carefully about changing permissions on files (pretty
important). You can use man chmod to read
about it. The command&prompt.user; man chmod | col -b > chmod.txtwill remove formatting codes and send the manual page to the
chmod.txt file instead of showing it on
your screen. Now put a dos-formatted diskette in your floppy
drive a, su to root, and type&prompt.root; /sbin/mount -t msdos /dev/fd0 /mntto mount the floppy drive on
/mnt.Now (you no longer need to be root, and you can type
exit to get back to being user jack) you can
go to the directory where you created
chmod.txt and copy the file to the floppy
with:&prompt.user; cp chmod.txt /mntand use ls /mnt to get a directory
listing of /mnt, which should show the file
chmod.txt.You might especially want to make a file from
/sbin/dmesg by typing&prompt.user; /sbin/dmesg > dmesg.txtand copying dmesg.txt to the floppy.
/sbin/dmesg is the boot log record, and it is
useful to understand it because it shows what FreeBSD found when
it booted up. If you ask questions on the &a.questions; or on a USENET
group—like FreeBSD is not finding my tape drive,
what do I do?—people will want to know what
dmesg has to say.You can now unmount the floppy drive (as root) to get the
disk out with&prompt.root; /sbin/umount /mntand reboot to go to DOS. Copy these files to a DOS
directory, call them up with DOS EDIT, &windows; Notepad or
Wordpad, or a word processor, make a minor change so the file
has to be saved, and print as you normally would from DOS or
Windows. Hope it works! manual pages come out best if printed
with the DOS print command. (Copying files
from FreeBSD to a mounted DOS partition is in some cases still a
little risky.)Getting the printer printing from FreeBSD involves creating
an appropriate entry in /etc/printcap and
creating a matching spool directory in
/var/spool/output. If your printer is on
lpt0 (what DOS calls
LPT1), you may only need to go to
/var/spool/output and (as root) create the
directory lpd by typing: mkdir
lpd, if it does not already exist. Then the printer
should respond if it is turned on when the system is booted, and
lp or lpr should send a
file to the printer. Whether or not the file actually prints
depends on configuring it, which is covered in the FreeBSD
handbook.Other Useful Commandsdfshows file space and mounted systems.ps auxshows processes running. ps ax is a
narrower form.rm filenameremove filename.rm -R dirremoves a directory dir and all
subdirectories—careful!ls -Rlists files in the current directory and all
subdirectories; I used a variant, ls -AFR >
where.txt, to get a list of all the files in
/ and (separately)
/usr before I found better ways to
find files.passwdto change user's password (or root's password)man hiermanual page on the &unix; filesystemUse find to locate filename in
/usr or any of its subdirectories
with&prompt.user; find /usr -name "filename"You can use * as a wildcard in
"filename"
(which should be in quotes). If you tell
find to search in /
instead of /usr it will look for the
file(s) on all mounted filesystems, including the CDROM and the
DOS partition.An excellent book that explains &unix; commands and utilities
is Abrahams & Larson, Unix for the
Impatient (2nd ed., Addison-Wesley, 1996).
There is also a lot of &unix; information on the Internet.Next StepsYou should now have the tools you need to get around and
edit files, so you can get everything up and running. There is
a great deal of information in the FreeBSD handbook (which is
probably on your hard drive) and FreeBSD's web site. A
+ URL="&url.base;/index.html">FreeBSD's web site. A
wide variety of packages and ports are on the CDROM as well as
the web site. The handbook tells you more about how to use them
(get the package if it exists, with pkg_add
/cdrom/packages/All/packagename,
where packagename is the filename of
the package). The CDROM has lists of the packages and ports
with brief descriptions in
cdrom/packages/index,
cdrom/packages/index.txt, and
cdrom/ports/index, with fuller descriptions
in /cdrom/ports/*/*/pkg/DESCR, where the
*s represent subdirectories of kinds of
programs and program names respectively.If you find the handbook too sophisticated (what with
lndir and all) on installing ports from the
CDROM, here is what usually works:Find the port you want, say kermit.
There will be a directory for it on the CDROM. Copy the
subdirectory to /usr/local (a good place
for software you add that should be available to all users)
with:&prompt.root; cp -R /cdrom/ports/comm/kermit /usr/localThis should result in a
/usr/local/kermit subdirectory that has all
the files that the kermit subdirectory on the
CDROM has.Next, create the directory
/usr/ports/distfiles if it does not already
exist using mkdir. Now check
/cdrom/ports/distfiles for a file with a
name that indicates it is the port you want. Copy that file to
/usr/ports/distfiles; in recent versions
you can skip this step, as FreeBSD will do it for you. In the
case of kermit, there is no distfile.Then cd to the subdirectory of
/usr/local/kermit that has the file
Makefile. Type&prompt.root; make all installDuring this process the port will FTP to get any compressed
files it needs that it did not find on the CDROM or in
/usr/ports/distfiles. If you do not have
your network running yet and there was no file for the port in
/cdrom/ports/distfiles, you will have to
get the distfile using another machine and copy it to
/usr/ports/distfiles from a floppy or your
DOS partition. Read Makefile (with
cat or more or
view) to find out where to go (the master
distribution site) to get the file and what its name is. Its
name will be truncated when downloaded to DOS, and after you get
it into /usr/ports/distfiles you will have to
rename it (with the mv command) to its
original name so it can be found. (Use binary file transfers!)
Then go back to /usr/local/kermit, find the
directory with Makefile, and type
make all install.The other thing that happens when installing ports or
packages is that some other program is needed. If the
installation stops with a message can't find
unzip or whatever, you might need to install the
package or port for unzip before you continue.Once it is installed type rehash to make
FreeBSD reread the files in the path so it knows what is there.
(If you get a lot of path not found
messages when you use whereis or which, you
might want to make additions to the list of directories in the
path statement in .cshrc in your home
directory. The path statement in &unix; does the same kind of
work it does in DOS, except the current directory is not (by
default) in the path for security reasons; if the command you
want is in the directory you are in, you need to type
./ before the command to make it work; no
space after the slash.)You might want to get the most recent version of &netscape;
from their FTP site.
(&netscape; requires the X Window System.) There is now a FreeBSD
version, so look around carefully. Just use gunzip
filename and tar
xvf filename on it, move
the binary to /usr/local/bin or some other
place binaries are kept, rehash, and then put
the following lines in .cshrc in each
user's home directory or (easier) in
/etc/csh.cshrc, the system-wide
csh start-up file:setenv XKEYSYMDB /usr/X11R6/lib/X11/XKeysymDB
setenv XNLSPATH /usr/X11R6/lib/X11/nlsThis assumes that the file XKeysymDB
and the directory nls are in
/usr/X11R6/lib/X11; if they are not, find
them and put them there.If you originally got &netscape; as a port using the CDROM (or
FTP), do not replace /usr/local/bin/netscape
with the new netscape binary; this is just a shell script that
sets up the environment variables for you. Instead rename the
new binary to netscape.bin and replace the
old binary, which is
/usr/local/netscape/netscape.Your Working EnvironmentYour shell is the most important part of your working
environment. In DOS, the usual shell is command.com. The shell
is what interprets the commands you type on the command line,
and thus communicates with the rest of the operating system.
You can also write shell scripts, which are like DOS batch
files: a series of commands to be run without your
intervention.Two shells come installed with FreeBSD:
csh and sh.
csh is good for command-line work, but
scripts should be written with sh (or
bash). You can find out what shell you have
by typing echo $SHELL.The csh shell is okay, but
tcsh does everything csh
does and more. It allows you to recall commands with the arrow
keys and edit them. It has tab-key completion of filenames
(csh uses the Esc key), and
it lets you switch to the directory you were last in with
cd -. It is also much easier to alter your
prompt with tcsh. It makes life a lot
easier.Here are the three steps for installing a new shell:Install the shell as a port or a package, just as you
would any other port or package. Use
rehash and which tcsh
(assuming you are installing tcsh) to make
sure it got installed.As root, edit /etc/shells, adding a
line in the file for the new shell, in this case
/usr/local/bin/tcsh, and save the file.
(Some ports may do this for you.)Use the chsh command to change your
shell to tcsh permanently, or type
tcsh at the prompt to change your shell
without logging in again.It can be dangerous to change root's shell to something
other than sh or csh on
early versions of FreeBSD and many other versions of &unix;; you
may not have a working shell when the system puts you into
single user mode. The solution is to use su
-m to become root, which will give you the
tcsh as root, because the shell is part of
the environment. You can make this permanent by adding it to
your .tcshrc file as an alias with:alias su su -mWhen tcsh starts up, it will read the
/etc/csh.cshrc and
/etc/csh.login files, as does
csh. It will also read the
.login file in your home directory and the
.cshrc file as well, unless you provide a
.tcshrc file. This you can do by simply
copying .cshrc to
.tcshrc.Now that you have installed tcsh, you can
adjust your prompt. You can find the details in the manual page
for tcsh, but here is a line to put in your
.tcshrc that will tell you how many
commands you have typed, what time it is, and what directory you
are in. It also produces a > if you are an
ordinary user and a # if you are root, but
tsch will do that in any case:set prompt = "%h %t %~ %# "This should go in the same place as the existing set prompt
line if there is one, or under "if($?prompt) then" if not.
Comment out the old line; you can always switch back to it if
you prefer it. Do not forget the spaces and quotes. You can get
the .tcshrc reread by typing
source .tcshrc.You can get a listing of other environmental variables that
have been set by typing env at the prompt.
The result will show you your default editor, pager, and
terminal type, among possibly many others. A useful command if
you log in from a remote location and can not run a program
because the terminal is not capable is setenv TERM
vt100.OtherAs root, you can unmount the CDROM with
/sbin/umount /cdrom, take it out of the
drive, insert another one, and mount it with
/sbin/mount_cd9660 /dev/cd0a /cdrom assuming
cd0a is the device name for your CDROM
drive. The most recent versions of FreeBSD let you mount the
CDROM with just /sbin/mount /cdrom.Using the live filesystem—the second of FreeBSD's
CDROM disks—is useful if you have got limited space. What
is on the live filesystem varies from release to release. You
might try playing games from the CDROM. This involves using
lndir, which gets installed with the X Window
System, to tell the program(s) where to find the necessary
files, because they are in the /cdrom file
system instead of in /usr and its
subdirectories, which is where they are expected to be. Read
man lndir.Comments WelcomeIf you use this guide I would be interested in knowing where it
was unclear and what was left out that you think should be
included, and if it was helpful. My thanks to Eugene W. Stark,
professor of computer science at SUNY-Stony Brook, and John
Fieber for helpful comments.Annelise Anderson,
andrsn@andrsn.stanford.edu
diff --git a/en_US.ISO8859-1/books/arch-handbook/Makefile b/en_US.ISO8859-1/books/arch-handbook/Makefile
index c7d71bd2e0..3178825bd8 100644
--- a/en_US.ISO8859-1/books/arch-handbook/Makefile
+++ b/en_US.ISO8859-1/books/arch-handbook/Makefile
@@ -1,57 +1,59 @@
#
# $FreeBSD$
#
# Build the FreeBSD Architecture Handbook.
#
MAINTAINER=doc@FreeBSD.org
DOC?= book
FORMATS?= html-split
#HAS_INDEX= true
INSTALL_COMPRESSED?= gz
INSTALL_ONLY_COMPRESSED?=
#
# SRCS lists the individual SGML files that make up the document. Changes
# to any of these files will force a rebuild
#
# SGML content
SRCS= book.sgml
SRCS+= boot/chapter.sgml
SRCS+= driverbasics/chapter.sgml
SRCS+= isa/chapter.sgml
SRCS+= jail/chapter.sgml
SRCS+= kobj/chapter.sgml
SRCS+= locking/chapter.sgml
SRCS+= mac/chapter.sgml
SRCS+= newbus/chapter.sgml
SRCS+= pci/chapter.sgml
SRCS+= scsi/chapter.sgml
SRCS+= smp/chapter.sgml
SRCS+= sound/chapter.sgml
SRCS+= pccard/chapter.sgml
SRCS+= sysinit/chapter.sgml
SRCS+= usb/chapter.sgml
SRCS+= vm/chapter.sgml
# Images from the cross-document image library
IMAGES_LIB= callouts/1.png
IMAGES_LIB+= callouts/2.png
IMAGES_LIB+= callouts/3.png
IMAGES_LIB+= callouts/4.png
IMAGES_LIB+= callouts/5.png
IMAGES_LIB+= callouts/6.png
IMAGES_LIB+= callouts/7.png
IMAGES_LIB+= callouts/8.png
IMAGES_LIB+= callouts/9.png
IMAGES_LIB+= callouts/10.png
# Entities
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/books/arch-handbook/book.sgml b/en_US.ISO8859-1/books/arch-handbook/book.sgml
index 4212efc313..35d03ce0b1 100644
--- a/en_US.ISO8859-1/books/arch-handbook/book.sgml
+++ b/en_US.ISO8859-1/books/arch-handbook/book.sgml
@@ -1,215 +1,215 @@
%bookinfo;
%man;
%freebsd;
%chapters;
%mac-entities;
%authors
%mailing-lists;
%urls;
]>
&os; Architecture HandbookThe FreeBSD Documentation ProjectAugust 200020002001200220032004The FreeBSD Documentation Project
&bookinfo.trademarks;
&bookinfo.legalnotice;
Welcome to the &os; Architecture Handbook. This manual is a
work in progress and is the work of many
individuals. Many sections do not yet exist and some of those
that do exist need to be updated. If you are interested in
helping with this project, send email to the &a.doc;.The latest version of this document is always available
- from the FreeBSD World
+ from the FreeBSD World
Wide Web server. It may also be downloaded in a
variety of formats and compression options from the FreeBSD FTP
server or one of the numerous mirror
sites.Kernel
&chap.boot;
&chap.locking;
&chap.kobj;
&chap.jail;
&chap.sysinit;
&chap.mac;
&chap.vm;
&chap.smp;
* UFSUFS, FFS, Ext2FS, JFS, inodes, buffer cache, labeling,
locking, metadata, soft-updates, LFS, portalfs, procfs,
vnodes, memory sharing, memory objects, TLBs, caching* AFSAFS, NFS, SANs, etc.* SysconsSyscons, tty, PCVT, serial console, screen savers,
etc.* Compatibility Layers* LinuxLinux, SVR4, etc.Device Drivers
&chap.driverbasics;
&chap.isa;
&chap.pci;
&chap.scsi;
&chap.usb;
&chap.newbus;
&chap.snd;
&chap.pccard;
AppendicesMarshallKirkMcKusickKeithBosticMichaelJKarelsJohnSQuarterman1996Addison-Wesley Publishing Company,
Inc.0-201-54979-4Addison-Wesley Publishing Company, Inc.The Design and Implementation of the 4.4 BSD Operating System1-2
diff --git a/en_US.ISO8859-1/books/developers-handbook/Makefile b/en_US.ISO8859-1/books/developers-handbook/Makefile
index 7006d4949e..38b6465e31 100644
--- a/en_US.ISO8859-1/books/developers-handbook/Makefile
+++ b/en_US.ISO8859-1/books/developers-handbook/Makefile
@@ -1,43 +1,45 @@
#
# $FreeBSD$
#
# Build the FreeBSD Developers' Handbook.
#
MAINTAINER=doc@FreeBSD.org
DOC?= book
FORMATS?= html-split
HAS_INDEX= true
INSTALL_COMPRESSED?= gz
INSTALL_ONLY_COMPRESSED?=
# Images
IMAGES_EN= sockets/layers.eps sockets/sain.eps sockets/sainfill.eps sockets/sainlsb.eps sockets/sainmsb.eps sockets/sainserv.eps sockets/serv.eps sockets/serv2.eps sockets/slayers.eps
#
# SRCS lists the individual SGML files that make up the document. Changes
# to any of these files will force a rebuild
#
# SGML content
SRCS= book.sgml
SRCS+= dma/chapter.sgml
SRCS+= introduction/chapter.sgml
SRCS+= ipv6/chapter.sgml
SRCS+= kerneldebug/chapter.sgml
SRCS+= l10n/chapter.sgml
SRCS+= policies/chapter.sgml
SRCS+= secure/chapter.sgml
SRCS+= sockets/chapter.sgml
SRCS+= testing/chapter.sgml
SRCS+= tools/chapter.sgml
SRCS+= x86/chapter.sgml
# Entities
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/books/developers-handbook/book.sgml b/en_US.ISO8859-1/books/developers-handbook/book.sgml
index 4dccae6990..b12155cd3d 100644
--- a/en_US.ISO8859-1/books/developers-handbook/book.sgml
+++ b/en_US.ISO8859-1/books/developers-handbook/book.sgml
@@ -1,286 +1,286 @@
%bookinfo;
%man;
%freebsd;
%chapters;
%authors
%mailing-lists;
%trademarks;
%urls;
]>
FreeBSD Developers' HandbookThe FreeBSD Documentation ProjectAugust 200020002001200220032004The FreeBSD Documentation Project
&bookinfo.legalnotice;
&tm-attrib.freebsd;
&tm-attrib.apple;
&tm-attrib.ibm;
&tm-attrib.ieee;
&tm-attrib.intel;
&tm-attrib.linux;
&tm-attrib.microsoft;
&tm-attrib.opengroup;
&tm-attrib.sun;
&tm-attrib.general;
Welcome to the Developers' Handbook. This manual is a
work in progress and is the work of many
individuals. Many sections do not yet exist and some of those
that do exist need to be updated. If you are interested in
helping with this project, send email to the &a.doc;.The latest version of this document is always available
- from the FreeBSD World
+ from the FreeBSD World
Wide Web server. It may also be downloaded in a
variety of formats and compression options from the FreeBSD FTP
server or one of the numerous mirror
sites.Basics
&chap.introduction;
&chap.tools;
&chap.secure;
&chap.l10n;
&chap.policies;
&chap.testing;
Interprocess Communication* SignalsSignals, pipes, semaphores, message queues, shared memory,
ports, sockets, doors
&chap.sockets;
&chap.ipv6;
Kernel
&chap.dma;
&chap.kerneldebug;
* UFSUFS, FFS, Ext2FS, JFS, inodes, buffer cache, labeling,
locking, metadata, soft-updates, LFS, portalfs, procfs,
vnodes, memory sharing, memory objects, TLBs, caching* AFSAFS, NFS, SANs, etc.* SysconsSyscons, tty, PCVT, serial console, screen savers,
etc.* Compatibility Layers* LinuxLinux, SVR4, etc.Architectures
&chap.x86;
* AlphaExplanation of alignment errors, how to fix, how to
ignore.Example assembly language code for FreeBSD/alpha.AppendicesDaveAPattersonJohnLHennessy1998Morgan Kaufmann Publishers,
Inc.1-55860-428-6Morgan Kaufmann Publishers, Inc.Computer Organization and DesignThe Hardware / Software Interface1-2W.RichardStevens1993Addison Wesley Longman,
Inc.0-201-56317-7Addison Wesley Longman, Inc.Advanced Programming in the Unix Environment1-2MarshallKirkMcKusickKeithBosticMichaelJKarelsJohnSQuarterman1996Addison-Wesley Publishing Company,
Inc.0-201-54979-4Addison-Wesley Publishing Company, Inc.The Design and Implementation of the 4.4 BSD Operating System1-2AlephOnePhrack 49; "Smashing the Stack for Fun and Profit"ChrispinCowanCaltonPuDaveMaierStackGuard; Automatic Adaptive Detection and Prevention of
Buffer-Overflow AttacksToddMillerTheode Raadtstrlcpy and strlcat -- consistent, safe string copy and
concatenation.
diff --git a/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml b/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml
index 177b914a6e..333162834f 100644
--- a/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml
+++ b/en_US.ISO8859-1/books/developers-handbook/tools/chapter.sgml
@@ -1,2358 +1,2358 @@
JamesRaynardContributed by MurrayStokelyProgramming ToolsSynopsisThis chapter is an introduction to using some of the
programming tools supplied with FreeBSD, although much of it
will be applicable to many other versions of &unix;. It does
not attempt to describe coding in any
detail. Most of the chapter assumes little or no previous
programming knowledge, although it is hoped that most
programmers will find something of value in it.IntroductionFreeBSD offers an excellent development environment.
Compilers for C, C++, and Fortran and an assembler come with the
basic system, not to mention a Perl interpreter and classic &unix;
tools such as sed and awk.
If that is not enough, there are many more compilers and
interpreters in the Ports collection. FreeBSD is very
compatible with standards such as &posix; and
ANSI C, as well with its own BSD heritage, so
it is possible to write applications that will compile and run
with little or no modification on a wide range of
platforms.However, all this power can be rather overwhelming at first
if you have never written programs on a &unix; platform before.
This document aims to help you get up and running, without
getting too deeply into more advanced topics. The intention is
that this document should give you enough of the basics to be
able to make some sense of the documentation.Most of the document requires little or no knowledge of
programming, although it does assume a basic competence with
using &unix; and a willingness to learn!Introduction to ProgrammingA program is a set of instructions that tell the computer to
do various things; sometimes the instruction it has to perform
depends on what happened when it performed a previous
instruction. This section gives an overview of the two main
ways in which you can give these instructions, or
commands as they are usually called. One way
uses an interpreter, the other a
compiler. As human languages are too
difficult for a computer to understand in an unambiguous way,
commands are usually written in one or other languages specially
designed for the purpose.InterpretersWith an interpreter, the language comes as an environment,
where you type in commands at a prompt and the environment
executes them for you. For more complicated programs, you can
type the commands into a file and get the interpreter to load
the file and execute the commands in it. If anything goes
wrong, many interpreters will drop you into a debugger to help
you track down the problem.The advantage of this is that you can see the results of
your commands immediately, and mistakes can be corrected
readily. The biggest disadvantage comes when you want to
share your programs with someone. They must have the same
interpreter, or you must have some way of giving it to them,
and they need to understand how to use it. Also users may not
appreciate being thrown into a debugger if they press the
wrong key! From a performance point of view, interpreters can
use up a lot of memory, and generally do not generate code as
efficiently as compilers.In my opinion, interpreted languages are the best way to
start if you have not done any programming before. This kind
of environment is typically found with languages like Lisp,
Smalltalk, Perl and Basic. It could also be argued that the
&unix; shell (sh, csh) is itself an
interpreter, and many people do in fact write shell
scripts to help with various
housekeeping tasks on their machine. Indeed, part
of the original &unix; philosophy was to provide lots of small
utility programs that could be linked together in shell
scripts to perform useful tasks.Interpreters available with FreeBSDHere is a list of interpreters that are available as
FreeBSD
packages, with a brief discussion of some of the
more popular interpreted languages.To get one of these packages, all you need to do is to
click on the hotlink for the package, to download the package
and then install the package by running:&prompt.root; pkg_add package nameas root. Obviously, you will need to have a fully
functional FreeBSD 2.1.0 or later system for the package to
work!BASICShort for Beginner's All-purpose Symbolic
Instruction Code. Developed in the 1950s for teaching
University students to program and provided with every
self-respecting personal computer in the 1980s,
BASIC has been the first programming
language for many programmers. It is also the foundation
for Visual Basic.The Bywater
Basic Interpreter and the Phil
Cockroft's Basic Interpreter (formerly Rabbit
Basic) are available as FreeBSD
packages.LispA language that was developed in the late 1950s as
an alternative to the number-crunching
languages that were popular at the time. Instead of
being based on numbers, Lisp is based on lists; in fact
the name is short for List Processing.
Very popular in AI (Artificial Intelligence)
circles.Lisp is an extremely powerful and sophisticated
language, but can be rather large and unwieldy.Various implementations of Lisp that can run on &unix;
systems are available as packages for FreeBSD.
GNU Common Lisp,
CLISP
by Bruno Haible and Michael Stoll,
CMUCL
which includes a highly-optimizing compiler too, or
simpler Lisp implementations, like
SLisp
which implements most of the Common Lisp constructs in a
few hundred lines of C code.PerlVery popular with system administrators for writing
scripts; also often used on World Wide Web servers for
writing CGI scripts.Perl is available as a package
for all FreeBSD releases, and is installed as /usr/bin/perl in the
base system of 4.x releases.SchemeA dialect of Lisp that is rather more compact and
cleaner than Common Lisp. Popular in Universities as it
is simple enough to teach to undergraduates as a first
language, while it has a high enough level of
abstraction to be used in research work.FreeBSD has packages of the Elk
Scheme Interpreter, the MIT
Scheme Interpreter and the SCM
Scheme Interpreter.IconIcon is a high-level language with extensive
facilities for processing strings and structures.
A package
is available for FreeBSD.LogoLogo is a language that is easy to learn, and has
been used as an introductory programming language in
various courses. It is an excellent tool to work with
when teaching programming in small ages, as it makes the
creation of elaborate geometric shapes an easy task even
for very small children.A package is available for FreeBSD of Brian Harvey's LOGO
Interpreter.PythonPython is an Object-Oriented, interpreted language.
Its advocates argue that it is one of the best languages
to start programming with, since it is relatively easy
to start with, but is not limited in comparison to other
popular interpreted languages that are used for the
development of large, complex applications (Perl and
Tcl are two other languages that are popular for such tasks).A package of the latest version of Python for
FreeBSD is available
here.Tcl and TkTcl is an embeddable, interpreted language, that has
become widely used and became popular mostly because of its portability to many
platforms. It can be used both for quickly writing
small, prototype applications, or (when combined with
Tk, a GUI toolkit) fully-fledged, featureful
programs.Various versions of Tcl are available as packages
for FreeBSD. The latest version is, as of this writing,
Tcl
version 8.3.CompilersCompilers are rather different. First of all, you write
your code in a file (or files) using an editor. You then run
the compiler and see if it accepts your program. If it did
not compile, grit your teeth and go back to the editor; if it
did compile and gave you a program, you can run it either at a
shell command prompt or in a debugger to see if it works
properly.
If you run it in the shell, you may get a core
dump.Obviously, this is not quite as direct as using an
interpreter. However it allows you to do a lot of things
which are very difficult or even impossible with an
interpreter, such as writing code which interacts closely with
the operating system—or even writing your own operating
system! It is also useful if you need to write very efficient
code, as the compiler can take its time and optimize the code,
which would not be acceptable in an interpreter. Moreover,
distributing a program written for a compiler is usually more
straightforward than one written for an interpreter—you
can just give them a copy of the executable, assuming they
have the same operating system as you.Compiled languages include Pascal, C and C++. C and C++
are rather unforgiving languages, and best suited to more
experienced programmers; Pascal, on the other hand, was
designed as an educational language, and is quite a good
language to start with. FreeBSD does not include Pascal
support in the base system, but both GNU Pascal Compiler (GPC)
and the Free Pascal Compiler
are available in the ports collection as
lang/gpc and
lang/fpc.As the edit-compile-run-debug cycle is rather tedious when
using separate programs, many commercial compiler makers have
produced Integrated Development Environments
(IDEs for short). FreeBSD does not include
an IDE in the base system, but devel/kdevelop is
available in the ports tree and many use
Emacs for this purpose. Using
Emacs as an IDE is discussed in
.Compiling with ccThis section deals only with the GNU compiler for C and C++,
since that comes with the base FreeBSD system. It can be
invoked by either cc or gcc. The
details of producing a program with an interpreter vary
considerably between interpreters, and are usually well covered
in the documentation and on-line help for the
interpreter.Once you have written your masterpiece, the next step is to
convert it into something that will (hopefully!) run on FreeBSD.
This usually involves several steps, each of which is done by a
separate program.Pre-process your source code to remove comments and do
other tricks like expanding macros in C.Check the syntax of your code to see if you have obeyed
the rules of the language. If you have not, it will
complain!Convert the source code into assembly
language—this is very close to machine code, but still
understandable by humans. Allegedly.
To be strictly accurate, cc converts the
source code into its own, machine-independent
p-code instead of assembly language at
this stage.Convert the assembly language into machine
code—yep, we are talking bits and bytes, ones and
zeros here.Check that you have used things like functions and
global variables in a consistent way. For example, if you
have called a non-existent function, it will
complain.If you are trying to produce an executable from several
source code files, work out how to fit them all
together.Work out how to produce something that the system's
run-time loader will be able to load into memory and
run.Finally, write the executable on the filesystem.The word compiling is often used to refer to
just steps 1 to 4—the others are referred to as
linking. Sometimes step 1 is referred to as
pre-processing and steps 3-4 as
assembling.Fortunately, almost all this detail is hidden from you, as
cc is a front end that manages calling all these
programs with the right arguments for you; simply typing&prompt.user; cc foobar.cwill cause foobar.c to be compiled by all the
steps above. If you have more than one file to compile, just do
something like&prompt.user; cc foo.c bar.cNote that the syntax checking is just that—checking
the syntax. It will not check for any logical mistakes you may
have made, like putting the program into an infinite loop, or
using a bubble sort when you meant to use a binary
sort.
In case you did not know, a binary sort is an efficient
way of sorting things into order and a bubble sort
is not.There are lots and lots of options for cc, which
are all in the manual page. Here are a few of the most important
ones, with examples of how to use them.The output name of the file. If you do not use this
option, cc will produce an executable called
a.out.
The reasons for this are buried in the mists of
history.&prompt.user; cc foobar.cexecutable is a.out
&prompt.user; cc -o foobar foobar.cexecutable is foobarJust compile the file, do not link it. Useful for toy
programs where you just want to check the syntax, or if
you are using a Makefile.&prompt.user; cc -c foobar.cThis will produce an object file (not an
executable) called foobar.o. This
can be linked together with other object files into an
executable.Create a debug version of the executable. This makes
the compiler put information into the executable about
which line of which source file corresponds to which
function call. A debugger can use this information to show
the source code as you step through the program, which is
very useful; the disadvantage is that
all this extra information makes the program much bigger.
Normally, you compile with while you
are developing a program and then compile a release
version without when you are
satisfied it works properly.&prompt.user; cc -g foobar.cThis will produce a debug version of the
program.
Note, we did not use the flag
to specify the executable name, so we will get an
executable called a.out.
Producing a debug version called
foobar is left as an exercise for
the reader!Create an optimized version of the executable. The
compiler performs various clever tricks to try to produce
an executable that runs faster than normal. You can add a
number after the to specify a higher
level of optimization, but this often exposes bugs in the
compiler's optimizer. For instance, the version of
cc that comes with the 2.1.0 release of
FreeBSD is known to produce bad code with the
option in some circumstances.Optimization is usually only turned on when compiling
a release version.&prompt.user; cc -O -o foobar foobar.cThis will produce an optimized version of
foobar.The following three flags will force cc
to check that your code complies to the relevant international
standard, often referred to as the ANSI
standard, though strictly speaking it is an
ISO standard.Enable all the warnings which the authors of
cc believe are worthwhile. Despite the
name, it will not enable all the warnings
cc is capable of.Turn off most, but not all, of the
non-ANSI C features provided by
cc. Despite the name, it does not
guarantee strictly that your code will comply to the
standard.Turn off allcc's non-ANSI C
features.Without these flags, cc will allow you to
use some of its non-standard extensions to the standard. Some
of these are very useful, but will not work with other
compilers—in fact, one of the main aims of the standard is
to allow people to write code that will work with any compiler
on any system. This is known as portable
code.Generally, you should try to make your code as portable as
possible, as otherwise you may have to completely rewrite the
program later to get it to work somewhere else—and who
knows what you may be using in a few years time?&prompt.user; cc -Wall -ansi -pedantic -o foobar foobar.cThis will produce an executable foobar
after checking foobar.c for standard
compliance.Specify a function library to be used during when
linking.The most common example of this is when compiling a
program that uses some of the mathematical functions in C.
Unlike most other platforms, these are in a separate
library from the standard C one and you have to tell the
compiler to add it.The rule is that if the library is called
libsomething.a,
you give cc the argument
.
For example, the math library is
libm.a, so you give
cc the argument .
A common gotcha with the math library is
that it has to be the last library on the command
line.&prompt.user; cc -o foobar foobar.c -lmThis will link the math library functions into
foobar.If you are compiling C++ code, you need to add
, or if
you are using FreeBSD 2.2 or later, to the command line
argument to link the C++ library functions.
Alternatively, you can run c++ instead
of cc, which does this for you.
c++ can also be invoked as
g++ on FreeBSD.&prompt.user; cc -o foobar foobar.cc -lg++For FreeBSD 2.1.6 and earlier
&prompt.user; cc -o foobar foobar.cc -lstdc++For FreeBSD 2.2 and later
&prompt.user; c++ -o foobar foobar.ccEach of these will both produce an executable
foobar from the C++ source file
foobar.cc. Note that, on &unix;
systems, C++ source files traditionally end in
.C, .cxx or
.cc, rather than the
&ms-dos; style
.cpp (which was already used for
something else). gcc used to rely on
this to work out what kind of compiler to use on the
source file; however, this restriction no longer applies,
so you may now call your C++ files
.cpp with impunity!Common cc Queries and ProblemsI am trying to write a program which uses the
sin() function and I get an error
like this. What does it mean?/var/tmp/cc0143941.o: Undefined symbol `_sin' referenced from text segment
When using mathematical functions like
sin(), you have to tell
cc to link in the math library, like
so:&prompt.user; cc -o foobar foobar.c -lmAll right, I wrote this simple program to practice
using . All it does is raise 2.1 to
the power of 6.#include <stdio.h>
int main() {
float f;
f = pow(2.1, 6);
printf("2.1 ^ 6 = %f\n", f);
return 0;
}
and I compiled it as:&prompt.user; cc temp.c -lmlike you said I should, but I get this when I run
it:&prompt.user; ./a.out
2.1 ^ 6 = 1023.000000
This is not the right answer!
What is going on?When the compiler sees you call a function, it
checks if it has already seen a prototype for it. If it
has not, it assumes the function returns an
int, which is definitely not what you want
here.So how do I fix this?The prototypes for the mathematical functions are in
math.h. If you include this file,
the compiler will be able to find the prototype and it
will stop doing strange things to your
calculation!#include <math.h>
#include <stdio.h>
int main() {
...
After recompiling it as you did before, run
it:&prompt.user; ./a.out
2.1 ^ 6 = 85.766121
If you are using any of the mathematical functions,
always include
math.h and remember to link in the
math library.I compiled a file called
foobar.c and I cannot find an
executable called foobar. Where's
it gone?Remember, cc will call the
executable a.out unless you tell it
differently. Use the
option:&prompt.user; cc -o foobar foobar.cOK, I have an executable called
foobar, I can see it when I run
ls, but when I type in
foobar at the command prompt it tells
me there is no such file. Why can it not find
it?Unlike &ms-dos;, &unix; does not
look in the current directory when it is trying to find
out which executable you want it to run, unless you tell
it to. Either type ./foobar, which
means run the file called
foobar in the current
directory, or change your PATH
environment
variable so that it looks something likebin:/usr/bin:/usr/local/bin:.
The dot at the end means look in the current
directory if it is not in any of the
others.I called my executable test,
but nothing happens when I run it. What is going
on?Most &unix; systems have a program called
test in /usr/bin
and the shell is picking that one up before it gets to
checking the current directory. Either type:&prompt.user; ./testor choose a better name for your program!I compiled my program and it seemed to run all right
at first, then there was an error and it said something
about core dumped. What does that
mean?The name core dump dates back
to the very early days of &unix;, when the machines used
core memory for storing data. Basically, if the program
failed under certain conditions, the system would write
the contents of core memory to disk in a file called
core, which the programmer could
then pore over to find out what went wrong.Fascinating stuff, but what I am supposed to do
now?Use gdb to analyze the core (see
).When my program dumped core, it said something about
a segmentation fault. What is
that?This basically means that your program tried to
perform some sort of illegal operation on memory; &unix;
is designed to protect the operating system and other
programs from rogue programs.Common causes for this are:Trying to write to a NULL
pointer, egchar *foo = NULL;
strcpy(foo, "bang!");
Using a pointer that has not been initialized,
egchar *foo;
strcpy(foo, "bang!");
The pointer will have some random value that,
with luck, will point into an area of memory that
is not available to your program and the kernel will
kill your program before it can do any damage. If
you are unlucky, it will point somewhere inside your
own program and corrupt one of your data structures,
causing the program to fail mysteriously.Trying to access past the end of an array,
egint bar[20];
bar[27] = 6;
Trying to store something in read-only memory,
egchar *foo = "My string";
strcpy(foo, "bang!");
&unix; compilers often put string literals like
"My string" into read-only areas
of memory.Doing naughty things with
malloc() and
free(), egchar bar[80];
free(bar);
orchar *foo = malloc(27);
free(foo);
free(foo);
Making one of these mistakes will not always lead to
an error, but they are always bad practice. Some
systems and compilers are more tolerant than others,
which is why programs that ran well on one system can
crash when you try them on an another.Sometimes when I get a core dump it says
bus error. It says in my &unix;
book that this means a hardware problem, but the
computer still seems to be working. Is this
true?No, fortunately not (unless of course you really do
have a hardware problem…). This is usually
another way of saying that you accessed memory in a way
you should not have.This dumping core business sounds as though it could
be quite useful, if I can make it happen when I want to.
Can I do this, or do I have to wait until there is an
error?Yes, just go to another console or xterm, do&prompt.user; psto find out the process ID of your program, and
do&prompt.user; kill -ABRT pidwhere
pid is
the process ID you looked up.This is useful if your program has got stuck in an
infinite loop, for instance. If your program happens to
trap SIGABRT, there are several other
signals which have a similar effect.Alternatively, you can create a core dump from
inside your program, by calling the
abort() function. See the manual page
of &man.abort.3; to learn more.If you want to create a core dump from outside your
program, but do not want the process to terminate, you
can use the gcore program. See the
manual page of &man.gcore.1; for more information.MakeWhat is make?When you are working on a simple program with only one or
two source files, typing in&prompt.user; cc file1.c file2.cis not too bad, but it quickly becomes very tedious when
there are several files—and it can take a while to
compile, too.One way to get around this is to use object files and only
recompile the source file if the source code has changed. So
we could have something like:&prompt.user; cc file1.o file2.o … file37.c …if we had changed file37.c, but not any
of the others, since the last time we compiled. This may
speed up the compilation quite a bit, but does not solve the
typing problem.Or we could write a shell script to solve the typing
problem, but it would have to re-compile everything, making it
very inefficient on a large project.What happens if we have hundreds of source files lying
about? What if we are working in a team with other people who
forget to tell us when they have changed one of their source
files that we use?Perhaps we could put the two solutions together and write
something like a shell script that would contain some kind of
magic rule saying when a source file needs compiling. Now all
we need now is a program that can understand these rules, as
it is a bit too complicated for the shell.This program is called make. It reads
in a file, called a makefile, that
tells it how different files depend on each other, and works
out which files need to be re-compiled and which ones do not.
For example, a rule could say something like if
fromboz.o is older than
fromboz.c, that means someone must have
changed fromboz.c, so it needs to be
re-compiled. The makefile also has rules telling
make how to re-compile the source file,
making it a much more powerful tool.Makefiles are typically kept in the same directory as the
source they apply to, and can be called
makefile, Makefile
or MAKEFILE. Most programmers use the
name Makefile, as this puts it near the
top of a directory listing, where it can easily be
seen.
They do not use the MAKEFILE form
as block capitals are often used for documentation files
like README.Example of using makeHere is a very simple make file:foo: foo.c
cc -o foo foo.cIt consists of two lines, a dependency line and a creation
line.The dependency line here consists of the name of the
program (known as the target), followed
by a colon, then whitespace, then the name of the source file.
When make reads this line, it looks to see
if foo exists; if it exists, it compares
the time foo was last modified to the
time foo.c was last modified. If
foo does not exist, or is older than
foo.c, it then looks at the creation line
to find out what to do. In other words, this is the rule for
working out when foo.c needs to be
re-compiled.The creation line starts with a tab (press
the tab key) and then the command you would
type to create foo if you were doing it
at a command prompt. If foo is out of
date, or does not exist, make then executes
this command to create it. In other words, this is the rule
which tells make how to re-compile
foo.c.So, when you type make, it will
make sure that foo is up to date with
respect to your latest changes to foo.c.
This principle can be extended to
Makefiles with hundreds of
targets—in fact, on FreeBSD, it is possible to compile
the entire operating system just by typing make
world in the appropriate directory!Another useful property of makefiles is that the targets
do not have to be programs. For instance, we could have a make
file that looks like this:foo: foo.c
cc -o foo foo.c
install:
cp foo /home/meWe can tell make which target we want to make by
typing:&prompt.user; make targetmake will then only look at that target
and ignore any others. For example, if we type
make foo with the makefile above, make
will ignore the install target.If we just type make on its own,
make will always look at the first target and then stop
without looking at any others. So if we typed
make here, it will just go to the
foo target, re-compile
foo if necessary, and then stop without
going on to the install target.Notice that the install target does not
actually depend on anything! This means that the command on
the following line is always executed when we try to make that
target by typing make install. In this
case, it will copy foo into the user's
home directory. This is often used by application makefiles,
so that the application can be installed in the correct
directory when it has been correctly compiled.This is a slightly confusing subject to try to explain.
If you do not quite understand how make
works, the best thing to do is to write a simple program like
hello world and a make file like the one above
and experiment. Then progress to using more than one source
file, or having the source file include a header file. The
touch command is very useful here—it
changes the date on a file without you having to edit
it.Make and include-filesC code often starts with a list of files to include, for
example stdio.h. Some of these files are system-include
files, some of them are from the project you are now working
on:
#include <stdio.h>
#include "foo.h"
int main(....To make sure that this file is recompiled the moment
foo.h is changed, you have to add it in
your Makefile:foo: foo.c foo.hThe moment your project is getting bigger and you have
more and more own include-files to maintain, it will be a
pain to keep track of all include files and the files which
are depending on it. If you change an include-file but
forget to recompile all the files which are depending on
it, the results will be devastating. gcc
has an option to analyze your files and to produce a list
of include-files and their dependencies: .
If you add this to your Makefile:depend:
gcc -E -MM *.c > .dependand run make depend, the file
.depend will appear with a list of
object-files, C-files and the include-files:foo.o: foo.c foo.hIf you change foo.h, next time
you run make all files depending on
foo.h will be recompiled.Do not forget to run make depend each
time you add an include-file to one of your files.FreeBSD MakefilesMakefiles can be rather complicated to write. Fortunately,
BSD-based systems like FreeBSD come with some very powerful
ones as part of the system. One very good example of this is
the FreeBSD ports system. Here is the essential part of a
typical ports Makefile:MASTER_SITES= ftp://freefall.cdrom.com/pub/FreeBSD/LOCAL_PORTS/
DISTFILES= scheme-microcode+dist-7.3-freebsd.tgz
.include <bsd.port.mk>Now, if we go to the directory for this port and type
make, the following happens:A check is made to see if the source code for this
port is already on the system.If it is not, an FTP connection to the URL in
MASTER_SITES is set up to download the
source.The checksum for the source is calculated and compared
it with one for a known, good, copy of the source. This
is to make sure that the source was not corrupted while in
transit.Any changes required to make the source work on
FreeBSD are applied—this is known as
patching.Any special configuration needed for the source is
done. (Many &unix; program distributions try to work out
which version of &unix; they are being compiled on and which
optional &unix; features are present—this is where
they are given the information in the FreeBSD ports
scenario).The source code for the program is compiled. In
effect, we change to the directory where the source was
unpacked and do make—the
program's own make file has the necessary information to
build the program.We now have a compiled version of the program. If we
wish, we can test it now; when we feel confident about the
program, we can type make install.
This will cause the program and any supporting files it
needs to be copied into the correct location; an entry is
also made into a package database, so
that the port can easily be uninstalled later if we change
our mind about it.Now I think you will agree that is rather impressive for a
four line script!The secret lies in the last line, which tells
make to look in the system makefile called
bsd.port.mk. It is easy to overlook this
line, but this is where all the clever stuff comes
from—someone has written a makefile that tells
make to do all the things above (plus a
couple of other things I did not mention, including handling
any errors that may occur) and anyone can get access to that
just by putting a single line in their own make file!If you want to have a look at these system makefiles,
they are in /usr/share/mk, but it is
probably best to wait until you have had a bit of practice with
makefiles, as they are very complicated (and if you do look at
them, make sure you have a flask of strong coffee
handy!)More advanced uses of makeMake is a very powerful tool, and can
do much more than the simple example above shows.
Unfortunately, there are several different versions of
make, and they all differ considerably.
The best way to learn what they can do is probably to read the
documentation—hopefully this introduction will have
given you a base from which you can do this.The version of make that comes with FreeBSD is the
Berkeley make; there is a tutorial
for it in /usr/share/doc/psd/12.make. To
view it, do&prompt.user; zmore paper.ascii.gzin that directory.Many applications in the ports use GNU
make, which has a very good set of
info pages. If you have installed any of these
ports, GNU make will automatically
have been installed as gmake. It is also
available as a port and package in its own right.To view the info pages for GNU
make, you will have to edit the
dir file in the
/usr/local/info directory to add an entry
for it. This involves adding a line like * Make: (make). The GNU Make utility.to the file. Once you have done this, you can type
info and then select
make from the menu (or in
Emacs, do C-h
i).DebuggingThe DebuggerThe debugger that comes with FreeBSD is called
gdb (GNU
debugger). You start it up by typing&prompt.user; gdb prognamealthough most people prefer to run it inside
Emacs. You can do this by:M-x gdb RET progname RETUsing a debugger allows you to run the program under more
controlled circumstances. Typically, you can step through the
program a line at a time, inspect the value of variables,
change them, tell the debugger to run up to a certain point
and then stop, and so on. You can even attach to a program
that is already running, or load a core file to investigate why
the program crashed. It is even possible to debug the kernel,
though that is a little trickier than the user applications
we will be discussing in this section.gdb has quite good on-line help, as
well as a set of info pages, so this section will concentrate
on a few of the basic commands.Finally, if you find its text-based command-prompt style
off-putting, there is a graphical front-end for it (xxgdb) in the ports
+ URL="&url.base;/ports/devel.html">xxgdb) in the ports
collection.This section is intended to be an introduction to using
gdb and does not cover specialized topics
such as debugging the kernel.Running a program in the debuggerYou will need to have compiled the program with the
option to get the most out of using
gdb. It will work without, but you will only
see the name of the function you are in, instead of the source
code. If you see a line like:… (no debugging symbols found) …when gdb starts up, you will know that
the program was not compiled with the
option.At the gdb prompt, type
break main. This will tell the
debugger to skip over the preliminary set-up code in the
program and start at the beginning of your code. Now type
run to start the program—it will
start at the beginning of the set-up code and then get stopped
by the debugger when it calls main().
(If you have ever wondered where main()
gets called from, now you know!).You can now step through the program, a line at a time, by
pressing n. If you get to a function call,
you can step into it by pressing s. Once
you are in a function call, you can return from stepping into a
function call by pressing f. You can also
use up and down to take
a quick look at the caller.Here is a simple example of how to spot a mistake in a
program with gdb. This is our program
(with a deliberate mistake):#include <stdio.h>
int bazz(int anint);
main() {
int i;
printf("This is my program\n");
bazz(i);
return 0;
}
int bazz(int anint) {
printf("You gave me %d\n", anint);
return anint;
}This program sets i to be
5 and passes it to a function
bazz() which prints out the number we
gave it.When we compile and run the program we get&prompt.user; cc -g -o temp temp.c
&prompt.user; ./temp
This is my program
anint = 4231That was not what we expected! Time to see what is going
on!&prompt.user; gdb temp
GDB is free software and you are welcome to distribute copies of it
under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for details.
GDB 4.13 (i386-unknown-freebsd), Copyright 1994 Free Software Foundation, Inc.
(gdb) break mainSkip the set-up code
Breakpoint 1 at 0x160f: file temp.c, line 9. gdb puts breakpoint at main()
(gdb) runRun as far as main()
Starting program: /home/james/tmp/temp Program starts running
Breakpoint 1, main () at temp.c:9 gdb stops at main()
(gdb) nGo to next line
This is my program Program prints out
(gdb) sstep into bazz()
bazz (anint=4231) at temp.c:17 gdb displays stack frame
(gdb)Hang on a minute! How did anint get to be
4231? Did we not we set it to be
5 in main()? Let's
move up to main() and have a look.(gdb) upMove up call stack
#1 0x1625 in main () at temp.c:11 gdb displays stack frame
(gdb) p iShow us the value of i
$1 = 4231 gdb displays 4231Oh dear! Looking at the code, we forgot to initialize
i. We meant to put…
main() {
int i;
i = 5;
printf("This is my program\n");
…but we left the i=5; line out. As we
did not initialize i, it had whatever number
happened to be in that area of memory when the program ran,
which in this case happened to be
4231.gdb displays the stack frame every
time we go into or out of a function, even if we are using
up and down to move
around the call stack. This shows the name of the function
and the values of its arguments, which helps us keep track
of where we are and what is going on. (The stack is a
storage area where the program stores information about the
arguments passed to functions and where to go when it
returns from a function call).Examining a core fileA core file is basically a file which contains the
complete state of the process when it crashed. In the
good old days, programmers had to print out hex
listings of core files and sweat over machine code manuals,
but now life is a bit easier. Incidentally, under FreeBSD and
other 4.4BSD systems, a core file is called
progname.core instead of just
core, to make it clearer which program a
core file belongs to.To examine a core file, start up gdb in
the usual way. Instead of typing break or
run, type(gdb) core progname.coreIf you are not in the same directory as the core file,
you will have to do dir
/path/to/core/file first.You should see something like this:&prompt.user; gdb a.out
GDB is free software and you are welcome to distribute copies of it
under certain conditions; type "show copying" to see the conditions.
There is absolutely no warranty for GDB; type "show warranty" for details.
GDB 4.13 (i386-unknown-freebsd), Copyright 1994 Free Software Foundation, Inc.
(gdb) core a.out.core
Core was generated by `a.out'.
Program terminated with signal 11, Segmentation fault.
Cannot access memory at address 0x7020796d.
#0 0x164a in bazz (anint=0x5) at temp.c:17
(gdb)In this case, the program was called
a.out, so the core file is called
a.out.core. We can see that the program
crashed due to trying to access an area in memory that was not
available to it in a function called
bazz.Sometimes it is useful to be able to see how a function was
called, as the problem could have occurred a long way up the
call stack in a complex program. The bt
command causes gdb to print out a
back-trace of the call stack:(gdb) bt
#0 0x164a in bazz (anint=0x5) at temp.c:17
#1 0xefbfd888 in end ()
#2 0x162c in main () at temp.c:11
(gdb)The end() function is called when a
program crashes; in this case, the bazz()
function was called from main().Attaching to a running programOne of the neatest features about gdb
is that it can attach to a program that is already running. Of
course, that assumes you have sufficient permissions to do so.
A common problem is when you are stepping through a program
that forks, and you want to trace the child, but the debugger
will only let you trace the parent.What you do is start up another gdb,
use ps to find the process ID for the
child, and do(gdb) attach pidin gdb, and then debug as usual.That is all very well, you are probably
thinking, but by the time I have done that, the child
process will be over the hill and far away. Fear
not, gentle reader, here is how to do it (courtesy of the
gdb info pages):…
if ((pid = fork()) < 0) /* _Always_ check this */
error();
else if (pid == 0) { /* child */
int PauseMode = 1;
while (PauseMode)
sleep(10); /* Wait until someone attaches to us */
…
} else { /* parent */
…Now all you have to do is attach to the child, set
PauseMode to 0, and wait
for the sleep() call to return!Using Emacs as a Development EnvironmentEmacsUnfortunately, &unix; systems do not come with the kind of
everything-you-ever-wanted-and-lots-more-you-did-not-in-one-gigantic-package
integrated development environments that other systems
have.
Some powerful, free IDEs now exist, such as KDevelop
in the ports collection.
However, it is possible to set up your own environment. It
may not be as pretty, and it may not be quite as integrated,
but you can set it up the way you want it. And it is free.
And you have the source to it.The key to it all is Emacs. Now there are some people who
loathe it, but many who love it. If you are one of the former,
I am afraid this section will hold little of interest to you.
Also, you will need a fair amount of memory to run it—I would
recommend 8MB in text mode and 16MB in X as the bare minimum
to get reasonable performance.Emacs is basically a highly customizable
editor—indeed, it has been customized to the point where
it is more like an operating system than an editor! Many
developers and sysadmins do in fact spend practically all
their time working inside Emacs, leaving it only to log
out.It is impossible even to summarize everything Emacs can do
here, but here are some of the features of interest to
developers:Very powerful editor, allowing search-and-replace on
both strings and regular expressions (patterns), jumping
to start/end of block expression, etc, etc.Pull-down menus and online help.Language-dependent syntax highlighting and
indentation.Completely customizable.You can compile and debug programs within
Emacs.On a compilation error, you can jump to the offending
line of source code.Friendly-ish front-end to the info
program used for reading GNU hypertext documentation,
including the documentation on Emacs itself.Friendly front-end to gdb, allowing
you to look at the source code as you step through your
program.You can read Usenet news and mail while your program
is compiling.And doubtless many more that I have overlooked.Emacs can be installed on FreeBSD using the Emacs
+ URL="&url.base;/ports/editors.html">the Emacs
port.Once it is installed, start it up and do C-h
t to read an Emacs tutorial—that means
hold down the control key, press
h, let go of the control
key, and then press t. (Alternatively, you
can you use the mouse to select Emacs
Tutorial from the Help
menu).Although Emacs does have menus, it is well worth learning
the key bindings, as it is much quicker when you are editing
something to press a couple of keys than to try to find the
mouse and then click on the right place. And, when you are
talking to seasoned Emacs users, you will find they often
casually throw around expressions like M-x
replace-s RET foo RET bar RET so it is
useful to know what they mean. And in any case, Emacs has far
too many useful functions for them to all fit on the menu
bars.Fortunately, it is quite easy to pick up the key-bindings,
as they are displayed next to the menu item. My advice is to
use the menu item for, say, opening a file until you
understand how it works and feel confident with it, then try
doing C-x C-f. When you are happy with that, move on to
another menu command.If you can not remember what a particular combination of
keys does, select Describe Key from
the Help menu and type it in—Emacs
will tell you what it does. You can also use the
Command Apropos menu item to find
out all the commands which contain a particular word in them,
with the key binding next to it.By the way, the expression above means hold down the
Meta key, press x, release
the Meta key, type
replace-s (short for
replace-string—another feature of
Emacs is that you can abbreviate commands), press the
return key, type foo
(the string you want replaced), press the
return key, type bar (the string you want to
replace foo with) and press
return again. Emacs will then do the
search-and-replace operation you have just requested.If you are wondering what on earth the
Meta key is, it is a special key that many
&unix; workstations have. Unfortunately, PC's do not have one,
so it is usually the alt key (or if you are
unlucky, the escape key).Oh, and to get out of Emacs, do C-x C-c
(that means hold down the control key, press
x, press c and release the
control key). If you have any unsaved files
open, Emacs will ask you if you want to save them. (Ignore
the bit in the documentation where it says
C-z is the usual way to leave
Emacs—that leaves Emacs hanging around in the
background, and is only really useful if you are on a system
which does not have virtual terminals).Configuring EmacsEmacs does many wonderful things; some of them are built
in, some of them need to be configured.Instead of using a proprietary macro language for
configuration, Emacs uses a version of Lisp specially adapted
for editors, known as Emacs Lisp. Working with Emacs Lisp can
be quite helpful if you want to go on and learn something like
Common Lisp. Emacs Lisp has many features of Common Lisp,
although it is considerably smaller (and thus easier to
master).The best way to learn Emacs Lisp is to download the Emacs
TutorialHowever, there is no need to actually know any Lisp to get
started with configuring Emacs, as I have included a sample
.emacs file, which should be enough to
get you started. Just copy it into your home directory and
restart Emacs if it is already running; it will read the
commands from the file and (hopefully) give you a useful basic
setup.A sample .emacs fileUnfortunately, there is far too much here to explain it in
detail; however there are one or two points worth
mentioning.Everything beginning with a ; is a comment
and is ignored by Emacs.In the first line, the
-*- Emacs-Lisp -*- is so that
we can edit the .emacs file itself
within Emacs and get all the fancy features for editing
Emacs Lisp. Emacs usually tries to guess this based on
the filename, and may not get it right for
.emacs.The tab key is bound to an
indentation function in some modes, so when you press the
tab key, it will indent the current line of code. If you
want to put a tab character in whatever
you are writing, hold the control key down
while you are pressing the tab key.This file supports syntax highlighting for C, C++,
Perl, Lisp and Scheme, by guessing the language from the
filename.Emacs already has a pre-defined function called
next-error. In a compilation output
window, this allows you to move from one compilation error
to the next by doing M-n; we define a
complementary function,
previous-error, that allows you to go
to a previous error by doing M-p. The
nicest feature of all is that C-c C-c
will open up the source file in which the error occurred
and jump to the appropriate line.We enable Emacs's ability to act as a server, so that
if you are doing something outside Emacs and you want to
edit a file, you can just type in&prompt.user; emacsclient filenameand then you can edit the file in your
Emacs!
Many Emacs users set their EDITOR
environment to
emacsclient so this happens every
time they need to edit a file.A sample .emacs file;; -*-Emacs-Lisp-*-
;; This file is designed to be re-evaled; use the variable first-time
;; to avoid any problems with this.
(defvar first-time t
"Flag signifying this is the first time that .emacs has been evaled")
;; Meta
(global-set-key "\M- " 'set-mark-command)
(global-set-key "\M-\C-h" 'backward-kill-word)
(global-set-key "\M-\C-r" 'query-replace)
(global-set-key "\M-r" 'replace-string)
(global-set-key "\M-g" 'goto-line)
(global-set-key "\M-h" 'help-command)
;; Function keys
(global-set-key [f1] 'manual-entry)
(global-set-key [f2] 'info)
(global-set-key [f3] 'repeat-complex-command)
(global-set-key [f4] 'advertised-undo)
(global-set-key [f5] 'eval-current-buffer)
(global-set-key [f6] 'buffer-menu)
(global-set-key [f7] 'other-window)
(global-set-key [f8] 'find-file)
(global-set-key [f9] 'save-buffer)
(global-set-key [f10] 'next-error)
(global-set-key [f11] 'compile)
(global-set-key [f12] 'grep)
(global-set-key [C-f1] 'compile)
(global-set-key [C-f2] 'grep)
(global-set-key [C-f3] 'next-error)
(global-set-key [C-f4] 'previous-error)
(global-set-key [C-f5] 'display-faces)
(global-set-key [C-f8] 'dired)
(global-set-key [C-f10] 'kill-compilation)
;; Keypad bindings
(global-set-key [up] "\C-p")
(global-set-key [down] "\C-n")
(global-set-key [left] "\C-b")
(global-set-key [right] "\C-f")
(global-set-key [home] "\C-a")
(global-set-key [end] "\C-e")
(global-set-key [prior] "\M-v")
(global-set-key [next] "\C-v")
(global-set-key [C-up] "\M-\C-b")
(global-set-key [C-down] "\M-\C-f")
(global-set-key [C-left] "\M-b")
(global-set-key [C-right] "\M-f")
(global-set-key [C-home] "\M-<")
(global-set-key [C-end] "\M->")
(global-set-key [C-prior] "\M-<")
(global-set-key [C-next] "\M->")
;; Mouse
(global-set-key [mouse-3] 'imenu)
;; Misc
(global-set-key [C-tab] "\C-q\t") ; Control tab quotes a tab.
(setq backup-by-copying-when-mismatch t)
;; Treat 'y' or <CR> as yes, 'n' as no.
(fset 'yes-or-no-p 'y-or-n-p)
(define-key query-replace-map [return] 'act)
(define-key query-replace-map [?\C-m] 'act)
;; Load packages
(require 'desktop)
(require 'tar-mode)
;; Pretty diff mode
(autoload 'ediff-buffers "ediff" "Intelligent Emacs interface to diff" t)
(autoload 'ediff-files "ediff" "Intelligent Emacs interface to diff" t)
(autoload 'ediff-files-remote "ediff"
"Intelligent Emacs interface to diff")
(if first-time
(setq auto-mode-alist
(append '(("\\.cpp$" . c++-mode)
("\\.hpp$" . c++-mode)
("\\.lsp$" . lisp-mode)
("\\.scm$" . scheme-mode)
("\\.pl$" . perl-mode)
) auto-mode-alist)))
;; Auto font lock mode
(defvar font-lock-auto-mode-list
(list 'c-mode 'c++-mode 'c++-c-mode 'emacs-lisp-mode 'lisp-mode 'perl-mode 'scheme-mode)
"List of modes to always start in font-lock-mode")
(defvar font-lock-mode-keyword-alist
'((c++-c-mode . c-font-lock-keywords)
(perl-mode . perl-font-lock-keywords))
"Associations between modes and keywords")
(defun font-lock-auto-mode-select ()
"Automatically select font-lock-mode if the current major mode is in font-lock-auto-mode-list"
(if (memq major-mode font-lock-auto-mode-list)
(progn
(font-lock-mode t))
)
)
(global-set-key [M-f1] 'font-lock-fontify-buffer)
;; New dabbrev stuff
;(require 'new-dabbrev)
(setq dabbrev-always-check-other-buffers t)
(setq dabbrev-abbrev-char-regexp "\\sw\\|\\s_")
(add-hook 'emacs-lisp-mode-hook
'(lambda ()
(set (make-local-variable 'dabbrev-case-fold-search) nil)
(set (make-local-variable 'dabbrev-case-replace) nil)))
(add-hook 'c-mode-hook
'(lambda ()
(set (make-local-variable 'dabbrev-case-fold-search) nil)
(set (make-local-variable 'dabbrev-case-replace) nil)))
(add-hook 'text-mode-hook
'(lambda ()
(set (make-local-variable 'dabbrev-case-fold-search) t)
(set (make-local-variable 'dabbrev-case-replace) t)))
;; C++ and C mode...
(defun my-c++-mode-hook ()
(setq tab-width 4)
(define-key c++-mode-map "\C-m" 'reindent-then-newline-and-indent)
(define-key c++-mode-map "\C-ce" 'c-comment-edit)
(setq c++-auto-hungry-initial-state 'none)
(setq c++-delete-function 'backward-delete-char)
(setq c++-tab-always-indent t)
(setq c-indent-level 4)
(setq c-continued-statement-offset 4)
(setq c++-empty-arglist-indent 4))
(defun my-c-mode-hook ()
(setq tab-width 4)
(define-key c-mode-map "\C-m" 'reindent-then-newline-and-indent)
(define-key c-mode-map "\C-ce" 'c-comment-edit)
(setq c-auto-hungry-initial-state 'none)
(setq c-delete-function 'backward-delete-char)
(setq c-tab-always-indent t)
;; BSD-ish indentation style
(setq c-indent-level 4)
(setq c-continued-statement-offset 4)
(setq c-brace-offset -4)
(setq c-argdecl-indent 0)
(setq c-label-offset -4))
;; Perl mode
(defun my-perl-mode-hook ()
(setq tab-width 4)
(define-key c++-mode-map "\C-m" 'reindent-then-newline-and-indent)
(setq perl-indent-level 4)
(setq perl-continued-statement-offset 4))
;; Scheme mode...
(defun my-scheme-mode-hook ()
(define-key scheme-mode-map "\C-m" 'reindent-then-newline-and-indent))
;; Emacs-Lisp mode...
(defun my-lisp-mode-hook ()
(define-key lisp-mode-map "\C-m" 'reindent-then-newline-and-indent)
(define-key lisp-mode-map "\C-i" 'lisp-indent-line)
(define-key lisp-mode-map "\C-j" 'eval-print-last-sexp))
;; Add all of the hooks...
(add-hook 'c++-mode-hook 'my-c++-mode-hook)
(add-hook 'c-mode-hook 'my-c-mode-hook)
(add-hook 'scheme-mode-hook 'my-scheme-mode-hook)
(add-hook 'emacs-lisp-mode-hook 'my-lisp-mode-hook)
(add-hook 'lisp-mode-hook 'my-lisp-mode-hook)
(add-hook 'perl-mode-hook 'my-perl-mode-hook)
;; Complement to next-error
(defun previous-error (n)
"Visit previous compilation error message and corresponding source code."
(interactive "p")
(next-error (- n)))
;; Misc...
(transient-mark-mode 1)
(setq mark-even-if-inactive t)
(setq visible-bell nil)
(setq next-line-add-newlines nil)
(setq compile-command "make")
(setq suggest-key-bindings nil)
(put 'eval-expression 'disabled nil)
(put 'narrow-to-region 'disabled nil)
(put 'set-goal-column 'disabled nil)
(if (>= emacs-major-version 21)
(setq show-trailing-whitespace t))
;; Elisp archive searching
(autoload 'format-lisp-code-directory "lispdir" nil t)
(autoload 'lisp-dir-apropos "lispdir" nil t)
(autoload 'lisp-dir-retrieve "lispdir" nil t)
(autoload 'lisp-dir-verify "lispdir" nil t)
;; Font lock mode
(defun my-make-face (face color &optional bold)
"Create a face from a color and optionally make it bold"
(make-face face)
(copy-face 'default face)
(set-face-foreground face color)
(if bold (make-face-bold face))
)
(if (eq window-system 'x)
(progn
(my-make-face 'blue "blue")
(my-make-face 'red "red")
(my-make-face 'green "dark green")
(setq font-lock-comment-face 'blue)
(setq font-lock-string-face 'bold)
(setq font-lock-type-face 'bold)
(setq font-lock-keyword-face 'bold)
(setq font-lock-function-name-face 'red)
(setq font-lock-doc-string-face 'green)
(add-hook 'find-file-hooks 'font-lock-auto-mode-select)
(setq baud-rate 1000000)
(global-set-key "\C-cmm" 'menu-bar-mode)
(global-set-key "\C-cms" 'scroll-bar-mode)
(global-set-key [backspace] 'backward-delete-char)
; (global-set-key [delete] 'delete-char)
(standard-display-european t)
(load-library "iso-transl")))
;; X11 or PC using direct screen writes
(if window-system
(progn
;; (global-set-key [M-f1] 'hilit-repaint-command)
;; (global-set-key [M-f2] [?\C-u M-f1])
(setq hilit-mode-enable-list
'(not text-mode c-mode c++-mode emacs-lisp-mode lisp-mode
scheme-mode)
hilit-auto-highlight nil
hilit-auto-rehighlight 'visible
hilit-inhibit-hooks nil
hilit-inhibit-rebinding t)
(require 'hilit19)
(require 'paren))
(setq baud-rate 2400) ; For slow serial connections
)
;; TTY type terminal
(if (and (not window-system)
(not (equal system-type 'ms-dos)))
(progn
(if first-time
(progn
(keyboard-translate ?\C-h ?\C-?)
(keyboard-translate ?\C-? ?\C-h)))))
;; Under UNIX
(if (not (equal system-type 'ms-dos))
(progn
(if first-time
(server-start))))
;; Add any face changes here
(add-hook 'term-setup-hook 'my-term-setup-hook)
(defun my-term-setup-hook ()
(if (eq window-system 'pc)
(progn
;; (set-face-background 'default "red")
)))
;; Restore the "desktop" - do this as late as possible
(if first-time
(progn
(desktop-load-default)
(desktop-read)))
;; Indicate that this file has been read at least once
(setq first-time nil)
;; No need to debug anything now
(setq debug-on-error nil)
;; All done
(message "All done, %s%s" (user-login-name) ".")
Extending the Range of Languages Emacs UnderstandsNow, this is all very well if you only want to program in
the languages already catered for in the
.emacs file (C, C++, Perl, Lisp and
Scheme), but what happens if a new language called
whizbang comes out, full of exciting
features?The first thing to do is find out if whizbang comes with
any files that tell Emacs about the language. These usually
end in .el, short for Emacs
Lisp. For example, if whizbang is a FreeBSD port, we
can locate these files by doing&prompt.user; find /usr/ports/lang/whizbang -name "*.el" -printand install them by copying them into the Emacs site Lisp
directory. On FreeBSD 2.1.0-RELEASE, this is
/usr/local/share/emacs/site-lisp.So for example, if the output from the find command
was/usr/ports/lang/whizbang/work/misc/whizbang.elwe would do&prompt.root; cp /usr/ports/lang/whizbang/work/misc/whizbang.el /usr/local/share/emacs/site-lispNext, we need to decide what extension whizbang source
files have. Let's say for the sake of argument that they all
end in .wiz. We need to add an entry to
our .emacs file to make sure Emacs will
be able to use the information in
whizbang.el.Find the auto-mode-alist entry in
.emacs and add a line for whizbang, such
as:…
("\\.lsp$" . lisp-mode)
("\\.wiz$" . whizbang-mode)
("\\.scm$" . scheme-mode)
…This means that Emacs will automatically go into
whizbang-mode when you edit a file ending
in .wiz.Just below this, you will find the
font-lock-auto-mode-list entry. Add
whizbang-mode to it like so:;; Auto font lock mode
(defvar font-lock-auto-mode-list
(list 'c-mode 'c++-mode 'c++-c-mode 'emacs-lisp-mode 'whizbang-mode 'lisp-mode 'perl-mode 'scheme-mode)
"List of modes to always start in font-lock-mode")This means that Emacs will always enable
font-lock-mode (ie syntax highlighting)
when editing a .wiz file.And that is all that is needed. If there is anything else
you want done automatically when you open up a
.wiz file, you can add a
whizbang-mode hook (see
my-scheme-mode-hook for a simple example
that adds auto-indent).Further ReadingBrian Harvey and Matthew Wright
Simply Scheme
MIT 1994.
ISBN 0-262-08226-8Randall Schwartz
Learning Perl
O'Reilly 1993
ISBN 1-56592-042-2Patrick Henry Winston and Berthold Klaus Paul Horn
Lisp (3rd Edition)
Addison-Wesley 1989
ISBN 0-201-08319-1Brian W. Kernighan and Rob Pike
The Unix Programming Environment
Prentice-Hall 1984
ISBN 0-13-937681-XBrian W. Kernighan and Dennis M. Ritchie
The C Programming Language (2nd Edition)
Prentice-Hall 1988
ISBN 0-13-110362-8Bjarne Stroustrup
The C++ Programming Language
Addison-Wesley 1991
ISBN 0-201-53992-6W. Richard Stevens
Advanced Programming in the Unix Environment
Addison-Wesley 1992
ISBN 0-201-56317-7W. Richard Stevens
Unix Network Programming
Prentice-Hall 1990
ISBN 0-13-949876-1
diff --git a/en_US.ISO8859-1/books/faq/Makefile b/en_US.ISO8859-1/books/faq/Makefile
index 64c6799682..b7394a4876 100644
--- a/en_US.ISO8859-1/books/faq/Makefile
+++ b/en_US.ISO8859-1/books/faq/Makefile
@@ -1,28 +1,29 @@
#
# $FreeBSD$
#
# Build the FreeBSD FAQ
#
MAINTAINER=doc@FreeBSD.org
DOC?= book
FORMATS?= html-split html
INSTALL_COMPRESSED?= gz
INSTALL_ONLY_COMPRESSED?=
WITH_BIBLIOXREF_TITLE?=YES
#
# SRCS lists the individual SGML files that make up the document. Changes
# to any of these files will force a rebuild
#
# SGML content
SRCS= book.sgml
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/books/faq/book.sgml b/en_US.ISO8859-1/books/faq/book.sgml
index 61981801b4..072c2be3bb 100644
--- a/en_US.ISO8859-1/books/faq/book.sgml
+++ b/en_US.ISO8859-1/books/faq/book.sgml
@@ -1,12393 +1,12393 @@
%man;
%freebsd;
%authors;
%teams;
%bookinfo;
%mailing-lists;
%urls;
%trademarks;
]>
Frequently Asked Questions for FreeBSD 2.X, 3.X, 4.X and 5.XThe FreeBSD Documentation Project$FreeBSD$1995199619971998199920002001200220032004The FreeBSD Documentation Project
&bookinfo.legalnotice;
&tm-attrib.freebsd;
&tm-attrib.3com;
&tm-attrib.adobe;
&tm-attrib.creative;
&tm-attrib.cvsup;
&tm-attrib.ibm;
&tm-attrib.ieee;
&tm-attrib.intel;
&tm-attrib.iomega;
&tm-attrib.linux;
&tm-attrib.microsoft;
&tm-attrib.mips;
&tm-attrib.netscape;
&tm-attrib.opengroup;
&tm-attrib.oracle;
&tm-attrib.sgi;
&tm-attrib.sparc;
&tm-attrib.sun;
&tm-attrib.usrobotics;
&tm-attrib.xfree86;
&tm-attrib.general;
This is the FAQ for FreeBSD versions 2.X, 3.X, 4.X and 5.X.
All entries are assumed to be relevant to FreeBSD 2.0.5 and
later, unless otherwise noted. If you are interested in
helping with this project, send email to the &a.doc;. The
latest version of this document is always available from the
FreeBSD
World Wide Web server. It may also be downloaded as
one large HTML file with HTTP
or as plain text, &postscript;, PDF, etc. from the FreeBSD FTP
server. You may also want to Search the
+ URL="&url.base;/search/index.html">Search the
FAQ.IntroductionWelcome to the FreeBSD 2.X-5.X FAQ!As is usual with Usenet FAQs, this document aims to cover the
most frequently asked questions concerning the FreeBSD operating
system (and of course answer them!). Although originally intended
to reduce bandwidth and avoid the same old questions being asked
over and over again, FAQs have become recognized as valuable
information resources.Every effort has been made to make this FAQ as informative as
possible; if you have any suggestions as to how it may be improved,
please feel free to mail them to the &a.doc;.What is FreeBSD?Briefly, FreeBSD is a &unix; like operating system for
the &i386;, IA-64, PC-98, Alpha/AXP, and &ultrasparc; platforms
based on U.C. Berkeley's 4.4BSD-Lite
release, with some 4.4BSD-Lite2
enhancements. It is also based indirectly on William
Jolitz's port of U.C. Berkeley's Net/2 to
the &i386;, known as 386BSD, though very
little of the 386BSD code remains. A fuller description of
what FreeBSD is and how it can work for you may be found on
- the FreeBSD home
+ the FreeBSD home
page.FreeBSD is used by companies, Internet Service Providers,
researchers, computer professionals, students and home users
all over the world in their work, education and recreation.
See some of them in the FreeBSD
+ URL="&url.base;/gallery/index.html">FreeBSD
Gallery.For more detailed information on FreeBSD, please see the
FreeBSD
Handbook.What is the goal of the FreeBSD Project?The goal of the FreeBSD Project is to provide software
that may be used for any purpose and without strings attached.
Many of us have a significant investment in the code (and
project) and would certainly not mind a little financial
compensation now and then, but we definitely do not
insist on it. We believe that our first and foremost
mission is to provide code to any and all
comers, and for whatever purpose, so that the code gets the
widest possible use and provides the widest possible benefit.
This is, we believe, one of the most fundamental goals of Free
Software and one that we enthusiastically support.That code in our source tree which falls under the
GNU
General Public License (GPL) or GNU
Library General Public License (LGPL) comes with
slightly more strings attached, though at least on the
side of enforced access rather than the usual opposite.
Due to the additional complexities that can evolve in the
commercial use of GPL software, we do, however, endeavor
to replace such software with submissions under the more
relaxed
FreeBSD license whenever possible.Does the FreeBSD license have any restrictions?Yes. Those restrictions do not control how you use
the code, merely how you treat the FreeBSD Project itself.
If you have serious license concerns, read the actual
license. For the simply curious, the license can
be summarized like this.Do not claim that you wrote this.Do not sue us if it breaks.Can FreeBSD replace my current operating system?For most people, yes. But this question is not quite
that cut-and-dried.Most people do not actually use an operating system.
They use applications. The applications are what really
use the operating system. FreeBSD is designed to provide
a robust and full-featured environment for applications.
It supports a wide variety of web browsers, office suites,
email readers, graphics programs, programming
environments, network servers, and just about everything
else you might want. Most of these applications can be
managed through the Ports
Collection.If you need to use an application that is only
available on one operating system, you simply cannot
replace that operating system. Chances are there is a very
similar application on FreeBSD, however. If you want a
solid office or Internet server, a reliable workstation,
or just the ability to do your job without interruptions,
FreeBSD will almost certainly do everything you need.
Many computer users across the world, including both
novices and experienced &unix; administrators, use FreeBSD
as their only desktop operating system.If you are migrating to FreeBSD from some other &unix;
environment, you already know most of what you need to.
If your background is in graphic-driven operating systems
such as &windows; and older versions of &macos;, expect to
invest additional time learning the &unix; way of doing
things. This FAQ and the FreeBSD Handbook are
excellent places to start.Why is it called FreeBSD?It may be used free of charge, even by commercial
users.Full source for the operating system is freely
available, and the minimum possible restrictions have
been placed upon its use, distribution and incorporation
into other work (commercial or non-commercial).Anyone who has an improvement or bug fix is free
to submit their code and have it added to the source tree
(subject to one or two obvious provisions).It is worth pointing out that the word
free is being used in two ways here, one meaning
at no cost, the other meaning you can do
whatever you like. Apart from one or two things you
cannot do with the FreeBSD code, for
example pretending you wrote it, you can really do whatever you
like with it.What are the differences between FreeBSD and NetBSD, OpenBSD,
and other open source BSD operating systems?James Howard wrote a good explanation of the history
and differences between the various projects for DaemonNews,
called The
BSD Family Tree which goes a fair way to answering
this question.What is the latest version of FreeBSD?At this point in FreeBSD's development, there are two
parallel development branches; releases are being made from
both branches. The 4.X series of releases
is being made from the -STABLE branch
and the 5.X series of releases is being made from
-CURRENT.Version &rel.current;
is the latest release from the
-CURRENT branch; it was released in
&rel.current.date;. Version &rel2.current;
is the latest release from the
-STABLE branch; it was released in
&rel2.current.date;.Briefly, -STABLE is aimed at the
ISP, corporate user, or any user who wants stability and a
minimal number of changes compared to the new (and
possibly unstable) features of the latest
-CURRENT snapshot. Releases can come
from either branch, but -CURRENT
should only be used if you are prepared for its increased
volatility (relative to -STABLE, that
is).Releases are made every
few months. While many people stay more up-to-date with
the FreeBSD sources (see the questions on FreeBSD-CURRENT and FreeBSD-STABLE) than that, doing so
is more of a commitment, as the sources are a moving
target.More information on FreeBSD releases can be found on
the Release
Engineering page on the FreeBSD Web site.What is FreeBSD-CURRENT?FreeBSD-CURRENT
is the development version of the operating system, which
will in due course become the new &os.stable; branch.
This is expected to happen around 5.3-RELEASE. As such, it is
really only of interest to developers working on the
system and die-hard hobbyists. See the relevant
section in the handbook for details
on running -CURRENT.If you are not familiar with the operating system or are
not capable of identifying the difference between a real
problem and a temporary problem, you should not use
FreeBSD-CURRENT. This branch sometimes evolves quite quickly
and can be un-buildable for a number of days at a time.
People that use FreeBSD-CURRENT are expected to be able to
analyze any problems and only report them if they are deemed
to be mistakes rather than glitches. Questions
such as make world produces some error about
groups on the -CURRENT mailing list may be
treated with contempt.Every day, snapshot
+ URL="&url.base;/releases/snapshots.html">snapshot
releases are made based on the current state of the
-CURRENT and -STABLE branches. Distributions of the
occasional snapshot are made available. The goals
behind each snapshot release are:To test the latest version of the installation
software.To give people who would like to run -CURRENT or
-STABLE but who do not have the time or bandwidth to
follow it on a day-to-day basis an easy way of
bootstrapping it onto their systems.To preserve a fixed reference point for the code in
question, just in case we break something really badly
later. (Although CVS normally prevents anything horrible
like this happening :)To ensure that all new features and fixes in need
of testing have the greatest possible number of
potential testers.No claims are made that any -CURRENT snapshot can be
considered production quality for any purpose.
If you want to run a stable and fully tested system, you will
have to stick to full releases, or use the -STABLE
snapshots.Snapshot releases are directly available from
ftp://current.FreeBSD.org/pub/FreeBSD/snapshots/.
3-STABLE snapshots are no longer being produced.Snapshots are generated, on the average, daily for
all actively developed branches.What is the FreeBSD-STABLE concept?Back when FreeBSD 2.0.5 was released, FreeBSD
development branched in two. One branch was named -STABLE,
one -CURRENT.
FreeBSD-STABLE is intended for Internet Service Providers
and other commercial enterprises for whom sudden shifts or
experimental features are quite undesirable. It receives
only well-tested bug fixes and other small incremental
enhancements. FreeBSD-CURRENT, on the other hand, has
been one unbroken line since 2.0 was released, leading
towards 5.2.1-RELEASE (and beyond). At 5.3-RELEASE, the
5-STABLE branch is expected to be created, and
&os.current; will become 6-CURRENT. If a little ASCII art
would help, this is how it looks: 2.0
|
|
| [2.1-STABLE]
*BRANCH* 2.0.5 -> 2.1 -> 2.1.5 -> 2.1.6 -> 2.1.7.1 [2.1-STABLE ends]
| (Mar 1997)
|
|
| [2.2-STABLE]
*BRANCH* 2.2.1 -> 2.2.2-RELEASE -> 2.2.5 -> 2.2.6 -> 2.2.7 -> 2.2.8 [end]
| (Mar 1997) (Oct 97) (Apr 98) (Jul 98) (Dec 98)
|
|
3.0-SNAPs (started Q1 1997)
|
|
3.0-RELEASE (Oct 1998)
|
| [3.0-STABLE]
*BRANCH* 3.1-RELEASE (Feb 1999) -> 3.2 -> 3.3 -> 3.4 -> 3.5 -> 3.5.1
| (May 1999) (Sep 1999) (Dec 1999) (June 2000) (July 2000)
|
| [4.0-STABLE]
*BRANCH* 4.0 (Mar 2000) -> 4.1 -> 4.1.1 -> 4.2 -> 4.3 -> 4.4 -> ... later 4.X releases ...
|
| (July 2000) (Sep 2000) (Nov 2000)
5.0-RELEASE (Jan 2003)
|
|
5.1-RELEASE (Jun 2003)
|
|
5.2-RELEASE (Jan 2004)
|
|
5.2.1-RELEASE (Feb 2004)
|
\|/
+
[5-CURRENT continues]The 2.2-STABLE branch was retired with the release of 2.2.8.
The 3-STABLE branch has ended with the release of 3.5.1, the
final 3.X release. The only changes made to either of these
branches will be, for the most part, security-related bug
fixes.4-STABLE is the actively developed -STABLE branch.
The latest release on the 4-STABLE branch is
&rel2.current;-RELEASE, which was released in
&rel2.current.date;.The 5-CURRENT branch is slowly progressing toward the
creation of a 5-STABLE branch. See What is FreeBSD-CURRENT? for more
information on this branch.When are FreeBSD releases made?The &a.re; releases a new version of FreeBSD about every
four months, on average. Release dates are announced well in
advance, so that the people working on the system know
when their projects need to be finished and tested.
A testing period precedes each release, in order to ensure
that the addition of new features does not compromise the
stability of the release.
Many users regard this caution as one of the best things about
FreeBSD, even though waiting for all the latest goodies to reach
-STABLE can be a little frustrating.More information on the release engineering process
(including a schedule of upcoming releases) can be found
on the release
engineering pages on the FreeBSD Web site.For people who need or want a little more excitement,
binary snapshots are made daily as discussed above.Who is responsible for FreeBSD?The key decisions concerning the FreeBSD project, such
as the overall direction of the project and who is allowed
to add code to the source tree, are made by a core
team of 8 people. There is a much larger team of
more than 300 committers
who are authorized to make changes directly to the FreeBSD
source tree.However, most non-trivial changes are discussed in advance
in the mailing lists, and there
are no restrictions on who may take part in the
discussion.Where can I get FreeBSD?Every significant release of FreeBSD is available via
anonymous FTP from the
FreeBSD FTP site:For the current 3.X-STABLE release, 3.5.1-RELEASE,
see the 3.5.1-RELEASE
directory.The latest 5.X release, &rel.current;-RELEASE can be
found in the &rel.current;-RELEASE directory.The latest 4-STABLE release, &rel2.current;-RELEASE can be
found in the &rel2.current;-RELEASE directory.4.X
snapshots are usually made daily.
5.X Snapshot releases are made daily for the
-CURRENT branch, these being
of service purely to bleeding-edge testers and
developers.Information about obtaining FreeBSD on CD, DVD, and other
media can be found in the
Handbook.How do I set up a FreeBSD mirror?Information on setting up a FreeBSD mirror can be
found in the Mirroring
FreeBSD article.How do I access the Problem Report database?The Problem Report database of all user change requests
may be queried by using our web-based PR
query
interface. The &man.send-pr.1; command can
be used to submit problem reports and change requests via
electronic mail.The web-based problem report submission interface is
currently disabled due to persistent abuse.Before submitting a problem report, please read Writing
FreeBSD Problem Reports, an article on how to write
good problem reports.How do I become a FreeBSD Web mirror?There are multiple ways to mirror the Web pages.You can retrieve the formatted files from a
FreeBSD CVSup server using the application
net/cvsup. The file
/usr/share/examples/cvsup/www-supfile
contains an example CVSup configuration file for web
mirrors.You can download the web site source code from any
FreeBSD FTP server using your favorite ftp mirror
tool. Keep in mind that you have to build these
sources before publishing them. Start mirroring at
.What other sources of information are there?Please check the Documentation
list on the main FreeBSD web
site.Documentation and SupportWhat good books are there about FreeBSD?The project produces a wide range of documentation,
available online from this link: . The same
documents are available as packages, that you can easily
install on your FreeBSD system. More details on
documentation packages can be found in the next
paragraphs.In addition, the Bibliography at the end of this
FAQ, and the one in the Handbook reference other
recommended books.Is the documentation available in other formats, such as plain
text (ASCII), or &postscript;?Yes. The documentation is available in a number of
different formats and compression schemes on the FreeBSD
FTP site, in the /pub/FreeBSD/doc/
directory.The documentation is categorized in a number of different
ways. These include:The document's name, such as faq, or
handbook.The document's language and encoding. These are
based on the locale names you will find under
/usr/share/locale on your FreeBSD
system. The current languages and encodings that we
have for documentation are as follows:NameMeaningen_US.ISO8859-1US Englishde_DE.ISO8859-1Germanes_ES.ISO8859-1Spanishfr_FR.ISO8859-1Frenchja_JP.eucJPJapanese (EUC encoding)ru_RU.KOI8-RRussian (KOI8-R encoding)zh_TW.Big5Chinese (Big5 encoding)Some documents may not be available in all
languages.The document's format. We produce the documentation in a
number of different output formats. Each format has its own
advantages and disadvantages. Some formats are better suited
for online reading, while others are meant to be aesthetically
pleasing when printed on paper. Having the documentation
available in any of these formats ensures that our readers
will be able to read the parts they are interested in, either
on their monitor, or on paper after printing the documents.
The currently available formats are:FormatMeaninghtml-splitA collection of small, linked, HTML
files.htmlOne large HTML file containing the entire
documentpdbPalm Pilot database format, for use with the
iSilo
reader.pdfAdobe's Portable Document Formatps&postscript;rtfMicrosoft's Rich Text FormatPage numbers are not automatically
updated when loading this format into Word.
Press CTRLA,
CTRLEND,
F9 after loading the
document, to update the page numbers.txtPlain textThe compression and packaging scheme. There are three of
these currently in use.Where the format is
html-split, the files are
bundled up using &man.tar.1;. The resulting
.tar file is then compressed
using the compression schemes detailed in the next
point.All the other formats generate one file,
called
book.format
(i.e., book.pdb,
book.html, and so on).These files are then compressed using two
compression schemes.SchemeDescriptionzipThe Zip format. If you want to
uncompress this on FreeBSD you will need
to install the archivers/unzip
port first.bz2The BZip2 format. Less widespread
than Zip, but generally gives
smaller files. Install the archivers/bzip2
port to uncompress these files.So the &postscript; version of the Handbook,
compressed using BZip2 will be stored in a file
called book.ps.bz2 in the
handbook/ directory.After choosing the format and compression mechanism that you
want to download, you must then decide whether or not you want to
download the document as a FreeBSD
package.The advantage of downloading and installing the package is
that the documentation can then be managed using the normal
FreeBSD package management comments, such as &man.pkg.add.1; and
&man.pkg.delete.1;.If you decide to download and install the package then
you must know the filename to download. The
documentation-as-packages files are stored in a directory
called packages. Each package file
looks like
document-name.lang.encoding.format.tgz.For example, the FAQ, in English, formatted as PDF, is in the
package called
faq.en_US.ISO8859-1.pdf.tgz.Knowing this, you can use the following command to
install the English PDF FAQ package.&prompt.root; pkg_add ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/packages/faq.en_US.ISO8859-1.pdf.tgzHaving done that, you can use &man.pkg.info.1; to determine
where the file has been installed.&prompt.root; pkg_info -f faq.en_US.ISO8859-1.pdf
Information for faq.en_US.ISO8859-1.pdf:
Packing list:
Package name: faq.en_US.ISO8859-1.pdf
CWD to /usr/share/doc/en_US.ISO8859-1/books/faq
File: book.pdf
CWD to .
File: +COMMENT (ignored)
File: +DESC (ignored)As you can see, book.pdf will
have been installed into
/usr/share/doc/en_US.ISO8859-1/books/faq.If you do not want to use the packages then you will have to
download the compressed files yourself, uncompress them, and then
copy the appropriate documents into place.For example, the split HTML version of the FAQ,
compressed using &man.bzip2.1;, can be found in the
doc/en_US.ISO8859-1/books/faq/book.html-split.tar.bz2
file. To download and uncompress that file you would have
to do this.&prompt.root; fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/en_US.ISO8859-1/books/faq/book.html-split.tar.bz2
&prompt.root; bzip2 -d book.html-split.tar.bz2
&prompt.root; tar xvf book.html-split.tarYou will be left with a collection of
.html files. The main one is called
index.html, which will contain the
table of contents, introductory material, and links to the
other parts of the document. You can then copy or move
these to their final location as necessary.Where do I find info on the FreeBSD mailing lists?You can find full information in the Handbook
entry on mailing-lists.Where do I find the FreeBSD Y2K info?You can find full information in the FreeBSD Y2K page.
+ URL="&url.base;/y2kbug.html">FreeBSD Y2K page.
What FreeBSD news groups are available?You can find full information in the Handbook entry on
newsgroups.Are there FreeBSD IRC (Internet Relay Chat)
channels?Yes, most major IRC networks host a FreeBSD chat
channel:Channel #FreeBSD on
EFNet
is a FreeBSD forum, but do not go there for tech
support or try to get folks there to help you avoid
the pain of reading manual pages or doing your own research.
It is a chat channel, first and foremost, and topics there
are just as likely to involve sex, sports or nuclear
weapons as they are FreeBSD. You Have Been Warned!
Available at server irc.chat.org.Channel #FreeBSDhelp on
EFNet
is a channel dedicated to helping FreeBSD users. They
are much more sympathetic to questions than
#FreeBSD is.Channel #FreeBSD on
DALNET
is available at irc.dal.net in the
US and irc.eu.dal.net in Europe.Channel #FreeBSD on
UNDERNET
is available at us.undernet.org
in the US and eu.undernet.org in Europe.
Since it is a help channel, be prepared to read the
documents you are referred to.Channel #FreeBSD on HybNet. This channel
is a help channel. A list of servers
can be found on the HybNet web site.Each of these channels are distinct and are not
connected to each other. Their chat styles also differ,
so you may need to try each to find one suited to your
chat style. As with all types of IRC
traffic, if you are easily offended or cannot deal with
lots of young people (and more than a few older ones)
doing the verbal equivalent of jello wrestling, do not
even bother with it.Where can I get commercial FreeBSD training and support?DaemonNews provides commercial training and support for
FreeBSD. More information can be found at their
BSD Mall
site.FreeBSD Services Ltd provide commercial support for FreeBSD
in the UK (as well as selling FreeBSD on DVD). See their
web site
for more information.The FreeBSD Mall provides commercial FreeBSD support.
You can get more information at their web site.Any other organizations providing training and support should
contact the project in order to be listed here.NikClaytonnik@FreeBSD.orgInstallationWhich file do I download to get FreeBSD?Prior to release 3.1, you only needed one floppy image to
install FreeBSD, namely floppies/boot.flp.
However, since release 3.1 the Project has added out-of-the-box
support for a wide variety of hardware, which takes up more
space. For 3.X and later you need two floppy images:
floppies/kernel.flp and
floppies/mfsroot.flp. These images need to
be copied onto floppies by tools like
fdimage or &man.dd.1;.If you need to download the distributions yourself (for a
DOS filesystem install, for instance), below are some
recommendations for distributions to grab:bin/manpages/compat*/doc/src/ssys.*Full instructions on this procedure and a little bit more
about installation issues in general can be found in the
Handbook entry on
installing FreeBSD.What do I do if the floppy images does not fit on a single
floppy?A 3.5 inch (1.44MB) floppy can accommodate 1474560 bytes
of data. The boot image is exactly 1474560 bytes in size.Common mistakes when preparing the boot floppy are:Not downloading the floppy image in
binary mode when using
FTP.Some FTP clients default their transfer mode to
ascii and attempt to change any
end-of-line characters received to match the conventions
used by the client's system. This will almost invariably
corrupt the boot image. Check the size of the downloaded
boot image: if it is not exactly that
on the server, then the download process is suspect.To workaround: type binary at the
FTP command prompt after getting connected to the server
and before starting the download of the image.Using the DOS copy command (or
equivalent GUI tool) to transfer the boot image to
floppy.Programs like copy will not work as
the boot image has been created to be booted into directly.
The image has the complete content of the floppy, track for
track, and is not meant to be placed on the floppy as a
regular file. You have to transfer it to the floppy
raw, using the low-level tools (e.g.
fdimage or rawrite)
described in the installation guide to
FreeBSD.Where are the instructions for installing FreeBSD?Installation instructions can be found in the
Handbook entry on installing FreeBSD.What do I need in order to run FreeBSD?You will need a 386 or better PC, with 5 MB or more of RAM
and at least 60 MB of hard disk space. It can run with a low
end MDA graphics card but to run X11R6, a VGA or better video
card is needed.See also .I have only 4 MB of RAM. Can I install FreeBSD?FreeBSD 2.1.7 was the last version of FreeBSD that
could be installed on a 4MB system. FreeBSD 2.2 and later
needs at least 5MB to install on a new system.All versions of FreeBSD will run
in 4MB of RAM, they just cannot run the installation
program in 4MB. You can add extra memory for the install
process, if you like, and then after the system is up and
running, go back to 4MB. Or you could swap your disk into
a system which has >4MB, install onto the disk and then
swap it back.After the installation, if you build a custom kernel,
it will run in 4 MB. Someone has even successfully booted
with 2 MB, although the system was almost unusable.How can I make my own custom install floppy?Currently there is no way to just
make a custom install floppy. You have to cut a whole new
release, which will include your install floppy.To make a custom release, follow the instructions in the
Release
Engineering article.Can I have more than one operating system on my PC?Have a look at
the multi-OS page.Can &windows; 95/98 co-exist with FreeBSD?Install &windows; 95/98 first, after that FreeBSD.
FreeBSD's boot manager will then manage to boot Win95/98 and
FreeBSD. If you install &windows; 95/98 second, it will boorishly
overwrite your boot manager without even asking. If that
happens, see the next section.&windows; 95/98 killed my boot manager!
How do I get it back?You can reinstall the boot manager FreeBSD comes with in
one of three ways:Running DOS, go into the tools/ directory of your
FreeBSD distribution and look for
bootinst.exe. You run it like
so:...\TOOLS>bootinst.exe boot.binand the boot manager will be reinstalled.Boot the FreeBSD boot floppy again and go to the
Custom installation menu item. Choose Partition. Select the
drive which used to contain your boot manager (likely the
first one) and when you come to the partition editor for
it, as the very first thing (e.g. do not make any changes)
select (W)rite. This will ask for confirmation, say yes,
and when you get the Boot Manager selection prompt, be
sure to select Boot Manager. This will
re-write the boot manager to disk. Now quit out of the
installation menu and reboot off the hard disk as
normal.Boot the FreeBSD boot floppy (or CDROM) and choose the
Fixit menu item. Select either the Fixit
floppy or CDROM #2 (the live filesystem
option) as appropriate and enter the fixit shell. Then
execute the following command:Fixit#fdisk -B -b /boot/boot0 bootdevicesubstituting bootdevice for
your real
boot device such as ad0 (first IDE
disk), ad4 (first IDE disk on
auxiliary controller), da0 (first
SCSI disk), etc.My A, T, or X series IBM Thinkpad locks up when I first
booted up my FreeBSD installation. How can I solve this?A bug in early revisions of IBM's BIOS on these machines
mistakenly identifies the FreeBSD partition as a potential FAT
suspend-to-disk partition. When the BIOS tries to parse the
FreeBSD partition it hangs.According to IBMIn an e-mail from Keith
Frechette
kfrechet@us.ibm.com., the
following model/BIOS release numbers incorporate the fix.ModelBIOS revisionT20IYET49WW or laterT21KZET22WW or laterA20pIVET62WW or laterA20mIWET54WW or laterA21pKYET27WW or laterA21mKXET24WW or laterA21eKUET30WWIt has been reported that later IBM BIOS revisions may
have reintroduced the bug. This
message from Jacques Vidrine to the &a.mobile;
describes a procedure which may work if your newer IBM
laptop does not boot FreeBSD properly, and you can upgrade
or downgrade the BIOS.If you have an earlier BIOS, and upgrading is not an option a
workaround is to install FreeBSD, change the partition ID FreeBSD
uses, and install new boot blocks that can handle the different
partition ID.First, you will need to restore the machine to a state where
it can get through its self-test screen. Doing this requires
powering up the machine without letting it find a FreeBSD
partition on its primary disk. One way is to remove the hard disk
and temporarily move it to an older ThinkPad (such as a ThinkPad
600) or a desktop PC with an appropriate conversion cable. Once
it is there, you can delete the FreeBSD partition and move the hard
disk back. The ThinkPad should now be in a bootable state
again.With the machine functional again, you can use the workaround
procedure described here to get a working FreeBSD
installation.Download boot1 and
boot2 from .
Put these files somewhere you will be able to retrieve them
later.Install FreeBSD as normal on to the ThinkPad.
Do not use Dangerously
Dedicated mode. Do not
reboot when the install has finished.Either switch to the Emergency Holographic
Shell (ALTF4) or start a
fixit shell.Use &man.fdisk.8; to change the FreeBSD partition ID from
165 to 166 (this is the
type used by OpenBSD).Bring the boot1 and
boot2 files to the local
filesystem.Use &man.disklabel.8; to write boot1
and boot2 to your FreeBSD slice.&prompt.root; disklabel -B -b boot1 -s boot2 ad0snn is the number of the slice
where you installed FreeBSD.Reboot. At the boot prompt you will be given the option
of booting OpenBSD. This will actually
boot FreeBSD.Getting this to work in the case where you want to dual boot
OpenBSD and FreeBSD on the same laptop is left as an exercise for
the reader.Can I install on a disk with bad blocks?Prior to 3.0, FreeBSD included a utility known as
bad144, which automatically remapped bad
blocks. Because modern IDE drives perform this function
themselves, bad144 has been removed from the
FreeBSD source tree. If you wish to install FreeBSD 3.0 or
later, we strongly suggest you purchase a newer disk drive. If
you do not wish to do this, you must run FreeBSD 2.X.If you are seeing bad block errors with a modern IDE
drive, chances are the drive is going to die very soon (the
drive's internal remapping functions are no longer sufficient
to fix the bad blocks, which means the disk is heavily
corrupted); we suggest you buy a new hard drive.If you have a SCSI drive with bad blocks, see
this answer.I have just upgraded from 3.X to 4.X, and my first boot
failed with bad sector table not
supportedFreeBSD 3.X and earlier supported
bad144, which automatically remapped
bad blocks. FreeBSD 4.X and later do not support this, as
modern IDE drives include this functionality. See this question for
more information.To fix this after an upgrade, you need to physically
place the drive in a working system and use
&man.disklabel.8; as discussed in the following
questions.How do I tell if a drive has bad144
information on it before I try to upgrade to FreeBSD 4.0
and it fails?Use &man.disklabel.8; for this. disklabel -r
drive device will
give you the contents of your disk label. Look for a
flags field. If you see
flags: badsect, this drive is using
bad144. For example, the following drive has
bad144 enabled.:&prompt.root; disklabel -r wd0
# /dev/rwd0c:
type: ESDI
disk: wd0s1
label:
flags: badsect
bytes/sector: 512
sectors/track: 63How do I remove bad144 from my
pre-4.X system so I can upgrade safely?Use disklabel -e -rwd0 to edit the
disklabel in place. Just remove the word
badsect from the flags field, save, and
exit. The bad144 file will still take up some space on
your drive, but the disk itself will be usable.We still recommend you purchase a new disk if you have
a large number of bad blocks.Strange things happen when I boot the install floppy!
What is happening?If you are seeing things like the machine grinding to a halt
or spontaneously rebooting when you try to boot the install
floppy, here are three questions to ask yourself:-Did you use a new, freshly-formatted, error-free floppy
(preferably a brand-new one straight out of the box, as
opposed to the magazine cover disk that has been lying under
the bed for the last three years)?Did you download the floppy image in binary (or image)
mode? (do not be embarrassed, even the best of us have
accidentally downloaded a binary file in ASCII mode at
least once!)If you are using &windows; 95 or 98 did you run
fdimage or
rawrite in pure DOS mode? These
operating systems can interfere with programs that
write directly to hardware, which the disk creation
program does; even running it inside a DOS shell in
the GUI can cause this problem.There have also been reports of &netscape; causing problems
when downloading the boot floppy, so it is probably best to use
a different FTP client if you can.I booted from my ATAPI CDROM, but the install program
says no CDROM is found. Where did it go?The usual cause of this problem is a mis-configured CDROM
drive. Many PCs now ship with the CDROM as the slave device on
the secondary IDE controller, with no master device on that
controller. This is illegal according to the ATAPI specification,
but &windows; plays fast and loose with the specification, and the
BIOS ignores it when booting. This is why the BIOS was able to
see the CDROM to boot from it, but why FreeBSD cannot see it to
complete the install.Reconfigure your system so that the CDROM is either the
master device on the IDE controller it is attached to, or make
sure that it is the slave on an IDE controller that also has a
master device.Can I install on my laptop over PLIP (Parallel Line
IP)?Yes. Use a standard Laplink cable. If necessary, you
can check out the PLIP
section of the Handbook for details on parallel
port networking.If you are running FreeBSD 3.X or earlier, also look at
the Mobile
Computing page.Which geometry should I use for a disk drive?By the geometry of a disk, we mean
the number of cylinders, heads and sectors/track on a
disk. We will refer to this as C/H/S for
convenience. This is how the PC's BIOS works out which
area on a disk to read/write from.This causes a lot of confusion among new system
administrators. First of all, the
physical geometry of a SCSI drive is
totally irrelevant, as FreeBSD works in term of disk
blocks. In fact, there is no such thing as
the physical geometry, as the sector
density varies across the disk. What manufacturers claim
is the physical geometry is usually the
geometry that they have determined wastes the least
space. For IDE disks, FreeBSD does work in terms of C/H/S,
but all modern drives internally convert this into block
references.All that matters is the logical
geometry. This is the answer that the BIOS gets when it
asks the drive what is your geometry? It
then uses this geometry to access the disk. As FreeBSD
uses the BIOS when booting, it is very important to get
this right. In particular, if you have more than one
operating system on a disk, they must all agree on the
geometry. Otherwise you will have serious problems
booting!For SCSI disks, the geometry to use depends on whether
extended translation support is turned on in your
controller (this is often referred to as support for
DOS disks >1GB or something similar). If it is
turned off, then use N
cylinders, 64 heads and 32 sectors/track, where
N is the capacity of the disk in
MB. For example, a 2GB disk should pretend to have 2048
cylinders, 64 heads and 32 sectors/track.If it is turned on (it is often
supplied this way to get around certain limitations in
&ms-dos;) and the disk capacity is more than 1GB, use M
cylinders, 63 sectors per track (not
64), and 255 heads, where 'M' is the disk capacity in MB
divided by 7.844238 (!). So our example 2GB drive would
have 261 cylinders, 63 sectors per track and 255
heads.If you are not sure about this, or FreeBSD fails to
detect the geometry correctly during installation, the
simplest way around this is usually to create a small DOS
partition on the disk. The BIOS should then detect the
correct geometry, and you can always remove the DOS
partition in the partition editor if you do not want to
keep it. You might want to leave it around for
programming network cards and the like, however.Alternatively, there is a freely available utility
distributed with FreeBSD called
pfdisk.exe. You can find it in the
tools subdirectory on the FreeBSD
CDROM or on the various FreeBSD FTP sites. This program
can be used to work out what geometry the other operating
systems on the disk are using. You can then enter this
geometry in the partition editor.Are there any restrictions on how I divide the disk up?Yes. You must make sure that your root partition is below 1024
cylinders so the BIOS can boot the kernel from it. (Note that
this is a limitation in the PC's BIOS, not FreeBSD).For a SCSI drive, this will normally imply that the root
partition will be in the first 1024MB (or in the first 4096MB
if extended translation is turned on - see previous question).
For IDE, the corresponding figure is 504MB.Is FreeBSD compatible with any disk managers?FreeBSD recognizes the Ontrack Disk Manager and makes
allowances for it. Other disk managers are not supported.If you just want to use the disk with FreeBSD you do not
need a disk manager. Just configure the disk for as much space
as the BIOS can deal with (usually 504 megabytes), and FreeBSD
should figure out how much space you really have. If you are
using an old disk with an MFM controller, you may need to
explicitly tell FreeBSD how many cylinders to use.If you want to use the disk with FreeBSD and another
operating system, you may be able to do without a disk manager:
just make sure the FreeBSD boot partition and the slice for
the other operating system are in the first 1024 cylinders. If
you are reasonably careful, a 20 megabyte boot partition should
be plenty.When I boot FreeBSD I get Missing Operating
System. What is happening?This is classically a case of FreeBSD and DOS or some other
OS conflicting over their ideas of disk geometry. You will have to reinstall
FreeBSD, but obeying the instructions given above will almost
always get you going.Why can I not get past the boot manager's F?
prompt?This is another symptom of the problem described in the
preceding question. Your BIOS geometry and FreeBSD geometry
settings do not agree! If your controller or BIOS supports
cylinder translation (often marked as >1GB drive
support), try toggling its setting and reinstalling
FreeBSD.Do I need to install the complete sources?In general, no. However, we would strongly recommend that
you install, at a minimum, the base source
kit, which includes several of the files mentioned here, and
the sys (kernel) source kit, which includes
sources for the kernel. There is nothing in the system which
requires the presence of the sources to operate, however,
except for the kernel-configuration program &man.config.8;.
With the exception of the kernel sources, our build structure
is set up so that you can read-only mount the sources from
elsewhere via NFS and still be able to make new binaries
(due to the kernel-source restriction, we recommend that
you not mount this on /usr/src directly,
but rather in some other location with appropriate symbolic
links to duplicate the top-level structure of the source
tree).Having the sources on-line and knowing how to build a
system with them will make it much easier for you to upgrade
to future releases of FreeBSD.To actually select a subset of the sources, use the Custom
menu item when you are in the Distributions menu of the
system installation tool.Do I need to build a kernel?Building a new kernel was originally pretty much a required
step in a FreeBSD installation, but more recent releases have
benefited from the introduction of a much friendlier kernel
configuration tool. When at the FreeBSD boot prompt (boot:),
use the flag and you will be dropped into a
visual configuration screen which allows you to configure the
kernel's settings for most common ISA cards.It is still recommended that you eventually build a new
kernel containing just the drivers that you need, just to save a
bit of RAM, but it is no longer a strict requirement for most
systems.Should I use DES, Blowfish, or MD5 passwords and how
do I specify which form my users receive?The default password format on FreeBSD is to use
MD5-based passwords. These are
believed to be more secure than the traditional &unix;
password format, which used a scheme based on the
DES algorithm. DES passwords are
still available if you need to share your password file
with legacy operating systems which still use the less
secure password format (they are available if you choose
to install the crypto distribution in
sysinstall, or by installing the crypto sources if
building from source). Installing the crypto libraries
will also allow you to use the Blowfish password format,
which is more secure. Which password format to use for
new passwords is controlled by the
passwd_format login capability in
/etc/login.conf, which takes values
of des, blf (if these are
available) or md5. See the
&man.login.conf.5; manual page for more information about
login capabilities.Why does the boot floppy start, but hang at the
Probing Devices... screen?If you have a IDE &iomegazip; or &jaz; drive installed, remove it
and try again. The boot floppy can get confused by the drives.
After the system is installed you can reconnect the drive.
Hopefully this will be fixed in a later release.Why do I get a panic: can't mount root
error when rebooting the system after installation?This error comes from confusion between the boot block's
and the kernel's understanding of the disk devices. The error
usually manifests on two-disk IDE systems, with the hard disks
arranged as the master or single device on separate IDE
controllers, with FreeBSD installed on the secondary IDE
controller. The boot blocks think the system is installed on
wd1 (the second BIOS disk) while the kernel assigns the first
disk on the secondary controller device wd2. After the device
probing, the kernel tries to mount what the boot blocks think
is the boot disk, wd1, while it is really wd2, and
fails.To fix the problem, do one of the following:For FreeBSD 3.3 and later, reboot the system and hit
Enter at the Booting kernel
in 10 seconds; hit [Enter] to interrupt prompt.
This will drop you into the boot loader.Then type
set root_disk_unit="disk_number"
. disk_number
will be 0 if FreeBSD is installed on
the master drive on the first IDE controller,
1 if it is installed on the slave on
the first IDE controller, 2 if it is
installed on the master of the second IDE controller, and
3 if it is installed on the slave of
the second IDE controller.Then type boot, and your system
should boot correctly.To make this change permanent (ie so you do not
have to do this every time you reboot or turn on
your FreeBSD machine), put the line
root_disk_unit="disk_number"
in /boot/loader.conf.local
.If using FreeBSD 3.2 or earlier, at the Boot:
prompt, enter 1:wd(2,a)kernel and
press Enter. If the system starts,
then run the command echo "1:wd(2,a)kernel"
> /boot.config to make it the default
boot string.Move the FreeBSD disk onto the primary IDE controller,
so the hard disks are consecutive.Rebuild
your kernel, modify the wd configuration lines to
read:controller wdc0 at isa? port "IO_WD1" bio irq 14 vector wdintr
disk wd0 at wdc0 drive 0
# disk wd1 at wdc0 drive 1 # comment out this line
controller wdc1 at isa? port "IO_WD2" bio irq 15 vector wdintr
disk wd1 at wdc1 drive 0 # change from wd2 to wd1
disk wd2 at wdc1 drive 1 # change from wd3 to wd2Install the new kernel. If you moved your disks and
wish to restore the previous configuration, replace the
disks in the desired configuration and reboot. Your
system should boot successfully.What are the limits for memory?For memory, the limit is 4 gigabytes. If you plan to install
this much memory into a machine, you need to be careful. You will
probably want to use ECC memory and to reduce capacitive
loading use 9 chip memory modules versus 18 chip memory
modules.What are the limits for ffs filesystems?For ffs filesystems, the maximum theoretical limit is 8
terabytes (2G blocks), or 16TB for the default block size of
8K. In practice, there is a soft limit of 1 terabyte, but with
modifications filesystems with 4 terabytes are possible (and
exist).The maximum size of a single ffs file is approximately 1G
blocks, or 4TB with a block size of 4K.
Maximum file sizesfs block size2.2.7-stable3.0-currentworksshould work4K4T-14T-14T-1>4T8K>32G8T-1>32G32T-116K>128G16T-1>128G32T-132K>512G32T-1>512G64T-164K>2048G64T-1>2048G128T-1
When the fs block size is 4K, triple indirect blocks work
and everything should be limited by the maximum fs block number
that can be represented using triple indirect blocks (approx.
1K^3 + 1K^2 + 1K), but everything is limited by a (wrong) limit
of 1G-1 on fs block numbers. The limit on fs block numbers
should be 2G-1. There are some bugs for fs block numbers near
2G-1, but such block numbers are unreachable when the fs block
size is 4K.For block sizes of 8K and larger, everything should be
limited by the 2G-1 limit on fs block numbers, but is actually
limited by the 1G-1 limit on fs block numbers, except under
-STABLE triple indirect blocks are unreachable, so the limit is
the maximum fs block number that can be represented using
double indirect blocks (approx. (blocksize/4)^2 +
(blocksize/4)), and under -CURRENT exceeding this limit may
cause problems. Using the correct limit of 2G-1 blocks does
cause problems.Why do I get an error message,
archsw.readin.failed after compiling
and booting a new kernel?You can boot by specifying the kernel directly at the second
stage, pressing any key when the | shows up before loader is
started. More specifically, you have upgraded the source for
your kernel, and installed a new kernel builtin from them
without making world. This is not
supported. Make world.What are these security profiles?A security profile is a set of configuration
options that attempts to achieve the desired ratio of security
to convenience by enabling and disabling certain programs and
other settings. For full details, see the Security
Profile section of the Handbook's post-install
chapter.Hardware compatibilityGeneralI want to get a piece of hardware for my FreeBSD
system. Which model/brand/type is best?This is discussed continually on the FreeBSD mailing
lists. Since hardware changes so quickly, however, we
expect this. We still strongly
recommend that you read through the Hardware notes for &os;
&rel.current;
or
&rel2.current;
and search the mailing list
archives before asking about the latest and
greatest hardware. Chances are a discussion about the
type of hardware you are looking for took place just last
week.If you are looking for a laptop, check the
FreeBSD-mobile mailing list archives. Otherwise, you
probably want the archives for FreeBSD-questions, or
possibly a specific mailing list for a particular hardware
type.Architectures and processorsDoes FreeBSD support architectures other than the x86?Yes. FreeBSD currently runs on the Intel x86 and DEC (now
Compaq) Alpha architectures. As of FreeBSD 5.0, the
IA-64, AMD-64 and &sparc64; architectures are also supported.
Upcoming platforms are
&mips; and &powerpc;, join the &a.ppc; or the
&a.mips; respectively for more information about ongoing
work on these platforms. For general discussion on new
architectures, join the &a.platforms;.If your machine has a different architecture and you need
something right now, we suggest you look at NetBSD or OpenBSD.Does FreeBSD support Symmetric Multiprocessing
(SMP)?Yes. SMP is not enabled in the
GENERIC kernel, so you must recompile
your kernel to enable SMP. Take a look at
/sys/i386/conf/LINT to learn what
options to put in your kernel config file.I do not have a math co-processor - is that bad?This will only affect 386/486SX/486SLC owners - other
machines will have one built into the CPU.In general this will not cause any problems, but there are
circumstances where you will take a hit, either in performance
or accuracy of the math emulation code (see the section on FP emulation). In particular, drawing
arcs in X will be VERY slow. It is highly recommended that you
buy a math co-processor; it is well worth it.Some math co-processors are better than others. It
pains us to say it, but nobody ever got fired for buying
Intel. Unless you are sure it works with FreeBSD, beware of
clones.Hard drives, tape drives, and CD and DVD drivesWhat kind of hard drives does FreeBSD support?FreeBSD supports EIDE and SCSI drives (with a compatible
controller; see the next section), and all drives using the
original Western Digital interface (MFM, RLL,
ESDI, and of course IDE). A few ESDI controllers that use
proprietary interfaces may not work: stick to WD1002/3/6/7
interfaces and clones.Which SCSI controllers are supported?See the complete list in the Hardware Notes for &os;
&rel.current; or
&rel2.current;.What types of tape drives are supported?FreeBSD supports SCSI and QIC-36 (with a QIC-02 interface).
This includes 8-mm (aka Exabyte) and DAT drives.Some of the early 8-mm drives are not quite compatible
with SCSI-2, and may not work well with FreeBSD.Does FreeBSD support tape changers?FreeBSD supports SCSI changers using the &man.ch.4;
device and the &man.chio.1; command. The details of how you
actually control the changer can be found in the &man.chio.1;
manual page.If you are not using AMANDA
or some other product that already understands changers,
remember that they only know how to move a tape from one
point to another, so you need to keep track of which slot a
tape is in, and which slot the tape currently in the drive
needs to go back to.Which CDROM drives are supported by FreeBSD?Any SCSI drive connected to a supported controller is
supported.The following proprietary CDROM interfaces are also
supported:Mitsumi LU002 (8bit), LU005 (16bit) and FX001D
(16bit 2x Speed).Sony CDU 31/33ASound Blaster Non-SCSI CDROMMatsushita/Panasonic CDROMATAPI compatible IDE CDROMsAll non-SCSI cards are known to be extremely slow compared
to SCSI drives, and some ATAPI CDROMs may not work.The official FreeBSD CDROM ISO, and CDROMs from Daemon
News and FreeBSD Mall, support booting directly from the
CD.Which CD-RW drives are supported by FreeBSD?FreeBSD supports any ATAPI-compatible IDE CD-R or CD-RW
drive. For FreeBSD versions 4.0 and later, see the manual page for
&man.burncd.8;. For earlier FreeBSD versions, see the examples
in /usr/share/examples/atapi.FreeBSD also supports any SCSI CD-R or CD-RW drives.
Install and use the cdrecord command from the
ports or packages system, and make sure that you have the
pass device compiled in your
kernel.Does FreeBSD support &iomegazip; drives?FreeBSD supports SCSI and ATAPI (IDE) &iomegazip; drives out
of the box, of course. SCSI ZIP drives can only be set to
run at SCSI target IDs 5 or 6, but if your SCSI host
adapter's BIOS supports it you can even boot from it. It
is not clear which host adapters support booting from
targets other than 0 or 1, so you will have to consult
your adapter's documentation if you would like to use this
feature.FreeBSD also supports Parallel Port Zip Drives. Check
that your kernel contains the
scbus0,
da0,
ppbus0, and
vp0 drivers (the GENERIC kernel
contains everything except
vp0). With all these drivers
present, the Parallel Port drive should be available as
/dev/da0s4. Disks can be mounted
using mount /dev/da0s4 /mnt OR (for dos
disks) mount_msdos /dev/da0s4 /mnt as
appropriate.Also check out the FAQ on
removable drives later in this chapter, and the note on
formattingin the Administration
chapter.Does FreeBSD support &jaz;, EZ and other removable drives?Apart from the IDE version of the EZ drive, these are all
SCSI devices, so they should all look like SCSI disks to
FreeBSD, and the IDE EZ should look like an IDE drive.I am not sure how well FreeBSD supports
changing the media out while running. You will of course need
to dismount the drive before swapping media, and make sure that
any external units are powered on when you boot the system so
FreeBSD can see them.See this note on
formatting.Keyboards and miceDoes FreeBSD support my USB keyboard?FreeBSD 4.X and later supports USB keyboards
out-of-the-box. Preliminary USB device support appeared
in FreeBSD 3.1, but might not always work as of version
3.2. If you want to experiment with the USB keyboard
support in FreeBSD 3.X, follow the procedure described
below.Use a version of FreeBSD 3.X later than
3.2.Add the following lines to your kernel configuration
file, and rebuild the kernel.controller uhci0
controller ohci0
controller usb0
controller ukbd0
options KBD_INSTALL_CDEVGo to the /dev directory and create
device nodes as follows:&prompt.root; cd /dev
&prompt.root; ./MAKEDEV kbd0 kbd1Edit /etc/rc.conf and add the
following lines:usbd_enable="YES"
usbd_flags=""If you want to use a USB keyboard in FreeBSD 4.X or
later, you just need to enable USB support in
/etc/rc.conf.Once you have USB keyboard support enabled on your
system, the AT keyboard becomes
/dev/kbd0 and the USB keyboard
becomes /dev/kbd1, if both are
connected to the system. If there is the USB keyboard
only, it will be
/dev/ukbd0.If you want to use the USB keyboard in the console, you
have to explicitly tell the console driver to use the existing
USB keyboard. This can be done by running the following
command as a part of system initialization.&prompt.root; kbdcontrol -k /dev/kbd1 < /dev/ttyv0 > /dev/nullNote that if the USB keyboard is the only keyboard, it is
accessed as /dev/kbd0, thus, the command
should look like:&prompt.root; kbdcontrol -k /dev/kbd0 < /dev/ttyv0 > /dev/null/etc/rc.i386 is a good place to add the
above command.Once this is done, the USB keyboard should work in the X
environment as well without any special settings.Hot-plugging and unplugging of the USB keyboard may not
work quite right yet. We recommend connecting the keyboard
before starting the system and leaving it connected until the
system is shutdown to avoid troubles.See the &man.ukbd.4; manual page for more information.I have an unusual bus mouse. How do I set it up?FreeBSD supports the bus mouse and the InPort bus mouse
from such manufactures as Microsoft, Logitech and ATI. The bus
device driver is compiled in the GENERIC kernel by default in
FreeBSD versions 2.X, but not included in version 3.0 or later.
If you are building a custom kernel with the bus mouse driver,
make sure to add the following line to the kernel config
fileIn FreeBSD 3.0 or before, add:device mse0 at isa? port 0x23c tty irq5 vector mseintrIn FreeBSD 3.X, the line should be:device mse0 at isa? port 0x23c tty irq5And in FreeBSD 4.X and later, the line should read:device mse0 at isa? port 0x23c irq5Bus mice usually comes with dedicated interface cards.
These cards may allow you to set the port address and the IRQ
number other than shown above. Refer to the manual of your
mouse and the &man.mse.4; manual page for more information.How do I use my PS/2 (mouse port or
keyboard) mouse?The PS/2 mouse is supported out-of-the-box in all
recent versions of FreeBSD. The necessary device driver,
psm, is included in the GENERIC
kernel.If your custom kernel does not have this, add the
appropriate following line to your kernel configuration
file and compile a new kernel.In FreeBSD 3.0 or earlier, the line should be:device psm0 at isa? port "IO_KBD" conflicts tty irq 12 vector psmintrIn FreeBSD 3.1 or later, the line should be:device psm0 at isa? tty irq 12In FreeBSD 4.0 or later, the line should be:device psm0 at atkbdc? irq 12Once the kernel detects psm0
correctly at boot time, make sure that an entry for
psm0 exists in
/dev. You can do this by
typing:&prompt.root; cd /dev; sh MAKEDEV psm0when logged in as root.You can omit this step if you are running FreeBSD
5.0-RELEASE or newer with &man.devfs.5; enabled,
since the proper device nodes will be created automatically
under /dev.Is it possible to use a mouse in any way outside the X
Window system?If you are using the default console driver,
&man.syscons.4;, you can use a mouse pointer in text
consoles to cut & paste text. Run the mouse daemon,
&man.moused.8;, and turn on the mouse pointer in the
virtual console:&prompt.root; moused -p /dev/xxxx -t yyyy
&prompt.root; vidcontrol -m onWhere xxxx is the mouse
device name and yyyy is a
protocol type for the mouse. The mouse daemon can
automatically determine the protocol type of most
mice, except old serial mice. Specify the
auto protocol to invoke automatic
detection. If automatic detection does not work, see the
&man.moused.8; manual page for a list of supported
protocol types.If you have a PS/2 mouse, just add
moused_enable="YES" to
/etc/rc.conf to start the mouse
daemon at boot-time. Additionally, if you would like to
use the mouse daemon on all virtual terminals instead of
just the console, add allscreens_flags="-m
on" to /etc/rc.conf.When the mouse daemon is running, access to the mouse
must be coordinated between the mouse daemon and other
programs such as X Windows. Refer to the FAQ Why does my mouse not work with
X? for more details on this issue.How do I cut and paste text with a mouse in the text
console?Once you get the mouse daemon running (see the previous section), hold down the
button 1 (left button) and move the mouse to select a
region of text. Then, press the button 2 (middle button)
to paste it at the text cursor. Pressing button 3 (right
button) will extend the selected region of
text.If your mouse does not have a middle button, you may
wish to emulate one or remap buttons using mouse daemon
options. See the &man.moused.8; manual page for
details.Does FreeBSD support any USB mice?Preliminary USB device support was added to FreeBSD
3.1. It did not always work through early versions of
3.X. As of FreeBSD 4.0, USB devices should work out of
the box. If you want to experiment with the USB mouse
support under FreeBSD 3.X, follow the procedure described
below.Use FreeBSD 3.2 or later.Add the following lines to your kernel configuration
file, and rebuild the kernel.device uhci
device ohci
device usb
device umsIn versions of FreeBSD before 4.0, use this
instead:controller uhci0
controller ohci0
controller usb0
device ums0Go to the /dev directory and
create a device node as follows:&prompt.root; cd /dev
&prompt.root; ./MAKEDEV ums0You can omit this step if you are running FreeBSD
5.0-RELEASE or newer with &man.devfs.5; enabled,
since the proper device nodes will be created automatically
under /dev.Edit /etc/rc.conf and add the
following lines:moused_enable="YES"
moused_type="auto"
moused_port="/dev/ums0"
moused_flags=""
usbd_enable="YES"
usbd_flags=""See the previous section
for more detailed discussion on moused.In order to use the USB mouse in the X session, edit
XF86Config. If you are using &xfree86;
3.3.2 or later, be sure to have the following lines in the
Pointer section:Device "/dev/sysmouse"
Protocol "Auto"If you are using earlier versions of &xfree86;, be sure to
have the following lines in the Pointer
section:Device "/dev/sysmouse"
Protocol "SysMouse"Refer to another section
on the mouse support in the X environment.Hot-plugging and unplugging of the USB mouse may not work
quite right yet. It is a good idea connect the mouse before you
start the system and leave it connected until the system is
shutdown to avoid trouble.My mouse has a fancy wheel and buttons. Can I use them in
FreeBSD?The answer is, unfortunately, It depends.
These mice with additional features require specialized driver
in most cases. Unless the mouse device driver or the user
program has specific support for the mouse, it will act just
like a standard two, or three button mouse.For the possible usage of wheels in the X Window
environment, refer to that
section.How do I use the mouse/trackball/touchpad on my laptop?Please refer to the answer to
the previous question. Also check out the Mobile
Computing page.Networking and serial devicesWhich network cards does FreeBSD support?See the Hardware Notes supplied with each release of
FreeBSD for a more
complete list.Why is FreeBSD not finding my internal Plug & Play
modem?You will need to add the modem's PnP ID to the PnP ID
list in the serial driver. To enable Plug & Play support,
compile a new kernel with controller pnp0 in
the configuration file, then reboot the system. The kernel will
print the PnP IDs of all the devices it finds. Copy the PnP ID
from the modem to the table in
/sys/i386/isa/sio.c, at about line 2777.
Look for the string SUP1310 in the structure
siopnp_ids[] to find the table. Build the
kernel again, install, reboot, and your modem should be
found.You may have to manually configure the PnP devices using
the pnp command in the boot-time
configuration with a command likepnp 1 0 enable os irq0 3 drq0 0 port0 0x2f8to make the modem show.Does FreeBSD support software modems, such as Winmodems?FreeBSD supports many software modems via add-on
software. The comms/ltmdm port adds
support for modems based on the very popular Lucent LT
chipset. The comms/mwavem port
supports the modem in IBM Thinkpad 600 and 700
laptops.You cannot install FreeBSD via a software modem; this
software must be installed after the OS is
installed.Is there a native driver for the Broadcom 43xx cards?No, and there is not likely to be.Broadcom refuses to publically release programming
information for their wireless chipsets, most likely because
they use software controlled radios. In order to get FCC type
acceptance for their parts, they have to ensure that users
cannot arbitrarily set things like operating frequencies,
modulation parameters and power output. But without knowing
how to program the chipsets, it is nearly impossible to write
a driver.Which multi-port serial cards are supported by
FreeBSD?There is a list of these in the Miscellaneous
devices section of the handbook.Some unnamed clone cards have also been known to work,
especially those that claim to be AST compatible.Check the &man.sio.4; manual page to get more
information on configuring such cards.How do I get the boot: prompt to show on the serial
console?Build a kernel with
options COMCONSOLE.Create /boot.config and place
as the only text in the file.Unplug the keyboard from the system.See
/usr/src/sys/i386/boot/biosboot/README.serial
for information.Sound devicesWhich sound cards are supported by FreeBSD?FreeBSD supports the &soundblaster;, &soundblaster; Pro,
&soundblaster; 16, Pro Audio Spectrum 16, AdLib and Gravis
UltraSound sound cards. There is also limited support for
MPU-401 and compatible MIDI cards. Cards conforming to the
µsoft; Sound System specification are also supported through
the pcm driver.This is only for sound! This driver does not support
CDROMs, SCSI or joysticks on these cards, except for the
&soundblaster;. The &soundblaster; SCSI interface and some
non-SCSI CDROMs are supported, but you cannot boot off this
device.Workarounds for no sound from es1370 with pcm driver?You can run the following command every time the machine
booted up:&prompt.root; mixer pcm 100 vol 100 cd 100Other hardwareWhat other devices does FreeBSD support?See the Handbook
for the list of other devices supported.Does FreeBSD support power management on my laptop?FreeBSD supports APM on certain machines.
Please look in the LINT kernel config file,
searching for the APM keyword. Further
information can be found in &man.apm.4;.Why does my Micron system hang at boot time?Certain Micron motherboards have a non-conforming PCI BIOS
implementation that causes grief when FreeBSD boots because PCI
devices do not get configured at their reported addresses.Disable the Plug and Play Operating System
flag in the BIOS to work around this problem. More information
can be found at
http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html#micronThe boot floppy hangs on a system with an ASUS K7V
motherboard. How do I fix this?Go into the BIOS setup and disable the boot virus
protection.Why does my &tm.3com; PCI network card not work with my Micron
computer?Certain Micron motherboards have a non-conforming PCI BIOS
implementation that does not configure PCI devices at the
addresses reported. This causes grief when FreeBSD
boots.To work around this problem, disable the
Plug and Play Operating System flag in the
BIOS.More information on this problem is available at URL:
TroubleshootingWhat do I do when I have bad blocks on my hard drive?With SCSI drives, the drive should be capable of re-mapping
these automatically. However, many drives are shipped with
this feature disabled, for some mysterious reason...To enable this, you will need to edit the first device page
mode, which can be done on FreeBSD by giving the command
(as root)&prompt.root; camcontrol modepage sd0 -m 1 -e -P 3and changing the values of AWRE and ARRE from 0 to 1:-AWRE (Auto Write Reallocation Enbld): 1
ARRE (Auto Read Reallocation Enbld): 1The following paragraphs were submitted by Ted Mittelstaedt
tedm@toybox.placo.com:For IDE drives, any bad block is usually a sign of
potential trouble. All modern IDE drives come with internal
bad-block remapping turned on. All IDE hard drive manufacturers
today offer extensive warranties and will replace drives with
bad blocks on them.If you still want to attempt to rescue an IDE drive with
bad blocks, you can attempt to download the IDE drive
manufacturer's IDE diagnostic program, and run this against the
drive. Sometimes these programs can be set to force the drive
electronics to rescan the drive for bad blocks and lock them
out.For ESDI, RLL and MFM drives, bad blocks are a normal part
of the drive and are no sign of trouble, generally. With a PC,
the disk drive controller card and BIOS handle the task of
locking out bad sectors. This is fine for operating systems
like DOS that use BIOS code to access the disk. However,
FreeBSD's disk driver does not go through BIOS, therefore a
mechanism, bad144, exists that replaces this functionality.
bad144 only works with the wd driver (which means it is not
supported in FreeBSD 4.0), it is NOT able to be used with SCSI.
bad144 works by entering all bad sectors found into a special
file.One caveat with bad144 - the bad block special file is
placed on the last track of the disk. As this file may possibly
contain a listing for a bad sector that would occur near the
beginning of the disk, where the /kernel file might be located,
it therefore must be accessible to the bootstrap program that
uses BIOS calls to read the kernel file. This means that the
disk with bad144 used on it must not exceed 1024 cylinders, 16
heads, and 63 sectors. This places an effective limit of 500MB
on a disk that is mapped with bad144.To use bad144, simply set the Bad Block
scanning to ON in the FreeBSD fdisk screen during the initial
install. This works up through FreeBSD 2.2.7. The disk must
have less than 1024 cylinders. It is generally recommended that
the disk drive has been in operation for at least 4 hours prior
to this to allow for thermal expansion and track
wandering.If the disk has more than 1024 cylinders (such as a large
ESDI drive) the ESDI controller uses a special translation mode
to make it work under DOS. The wd driver understands about
these translation modes, IF you enter the
translated geometry with the set
geometry command in fdisk. You must also NOT use the
dangerously dedicated mode of creating the
FreeBSD partition, as this ignores the geometry. Also, even
though fdisk will use your overridden geometry, it still knows
the true size of the disk, and will attempt to create a too
large FreeBSD partition. If the disk geometry is changed to the
translated geometry, the partition MUST be manually created
with the number of blocks.A quick trick to use is to set up the large ESDI disk
with the ESDI controller, boot it with a DOS disk and
format it with a DOS partition. Then, boot the FreeBSD
install and in the fdisk screen, read off and write down
the blocksize and block numbers for the DOS
partition. Then, reset the geometry to the same that DOS
uses, delete the DOS partition, and create a
cooperative FreeBSD partition using the
blocksize you recorded earlier. Then, set the partition
bootable and turn on bad block scanning. During the actual
install, bad144 will run first, before any filesystems are
created (you can view this with an AltF2).
If it has any trouble creating the badsector file, you
have set too large a disk geometry - reboot the system and
start all over again (including repartitioning and
reformatting with DOS).If remapping is enabled and you are seeing bad blocks,
consider replacing the drive. The bad blocks will only get
worse as time goes on.Why does FreeBSD not recognize my Bustek 742a EISA
SCSI controller?This info is specific to the 742a but may also cover
other Buslogic cards. (Bustek = Buslogic)There are 2 general versions of the 742a
card. They are hardware revisions A-G, and revisions H -
onwards. The revision letter is located after the Assembly
number on the edge of the card. The 742a has 2 ROM chips on it,
one is the BIOS chip and the other is the Firmware chip.
FreeBSD does not care what version of BIOS chip you have but it
does care about what version of firmware chip. Buslogic will
send upgrade ROMs out if you call their tech support dept. The
BIOS and Firmware chips are shipped as a matched pair. You must
have the most current Firmware ROM in your adapter card for
your hardware revision.The REV A-G cards can only accept BIOS/Firmware sets up to
2.41/2.21. The REV H- up cards can accept the most current
BIOS/Firmware sets of 4.70/3.37. The difference between the
firmware sets is that the 3.37 firmware supports round
robin.The Buslogic cards also have a serial number on them. If
you have an old hardware revision card you can call the Buslogic
RMA department and give them the serial number and attempt to
exchange the card for a newer hardware revision. If the card is
young enough they will do so.FreeBSD 2.1 only supports Firmware revisions 2.21 onward.
If you have a Firmware revision older than this your card will
not be recognized as a Buslogic card. It may be recognized as
an &adaptec; 1540, however. The early Buslogic firmware contains
an AHA1540 emulation mode. This is not a good
thing for an EISA card, however.If you have an old hardware revision card and you obtain
the 2.21 firmware for it, you will need to check the position
of jumper W1 to B-C, the default is A-B.Why does FreeBSD not detect my HP Netserver's SCSI
controller?This is basically a known problem. The EISA on-board SCSI
controller in the HP Netserver machines occupies EISA slot
number 11, so all the true EISA slots are in
front of it. Alas, the address space for EISA slots >= 10
collides with the address space assigned to PCI, and FreeBSD's
auto-configuration currently cannot handle this situation very
well.So now, the best you can do is to pretend there is no
address range clash :), by bumping the kernel option
EISA_SLOTS to a value of 12. Configure and
compile a kernel, as described in the Handbook entry on
configuring the kernel.Of course, this does present you with a chicken-and-egg
problem when installing on such a machine. In order to work
around this problem, a special hack is available inside
UserConfig. Do not use the
visual interface, but the plain command-line
interface there. Simply typeeisa 12
quitat the prompt, and install your system as usual. While
it is recommended you compile and install a custom kernel
anyway.Hopefully, future versions will have a proper fix for
this problem.You cannot use a
dangerously dedicated disk
with an HP Netserver. See this
note for more info.I keep seeing messages like
ed1: timeout. What do these messages
mean?This is usually caused by an interrupt conflict (e.g.,
two boards using the same IRQ). FreeBSD prior to 2.0.5R used to
be tolerant of this, and the network driver would still
function in the presence of IRQ conflicts. However, with 2.0.5R
and later, IRQ conflicts are no longer tolerated. Boot with the
-c option and change the ed0/de0/... entry to match your
board.If you are using the BNC connector on your network card,
you may also see device timeouts because of bad termination. To
check this, attach a terminator directly to the NIC (with no
cable) and see if the error messages go away.Some NE2000 compatible cards will give this error if there
is no link on the UTP port or if the cable is disconnected.Why did my &tm.3com; 3C509 card stop working for no
apparent reason?This card has a bad habit of losing its configuration
information. Refresh your card's settings with the DOS
utility 3c5x9.exe.My parallel printer is ridiculously slow. What can I do?If the only problem is that the printer is terribly
slow, try changing your printer
port mode as discussed in the Printer
Setup section of the Handbook.Why do my programs occasionally die with
Signal 11 errors?Signal 11 errors are caused when your process has attempted
to access memory which the operating system has not granted it
access to. If something like this is happening at seemingly
random intervals then you need to start investigating things
very carefully.These problems can usually be attributed to either:If the problem is occurring only in a specific
application that you are developing yourself it is probably
a bug in your code.If it is a problem with part of the base FreeBSD system,
it may also be buggy code, but more often than not these
problems are found and fixed long before us general FAQ
readers get to use these bits of code (that is what -current
is for).In particular, a dead giveaway that this is
not a FreeBSD bug is if you see the
problem when you are compiling a program, but the activity
that the compiler is carrying out changes each
time.For example, suppose you are running make
buildworld, and the compile fails while trying to
compile ls.c into
ls.o. If you then run make
buildworld again, and the compile fails in the same
place then this is a broken build -- try updating your sources
and try again. If the compile fails elsewhere then this is
almost certainly hardware.What you should do:In the first case you can use a debugger e.g. gdb to find
the point in the program which is attempting to access a bogus
address and then fix it.In the second case you need to verify that it is not your
hardware at fault.Common causes of this include:Your hard disks might be overheating: Check the fans in
your case are still working, as your disk (and perhaps
other hardware might be overheating).The processor running is overheating: This might be
because the processor has been overclocked, or the fan on
the processor might have died. In either case you need to
ensure that you have hardware running at what it is
specified to run at, at least while trying to solve this
problem. i.e. Clock it back to the default settings.If you are overclocking then note that it is far cheaper
to have a slow system than a fried system that needs
replacing! Also the wider community is not often
sympathetic to problems on overclocked systems, whether you
believe it is safe or not.Dodgy memory: If you have multiple memory SIMMS/DIMMS
installed then pull them all out and try running the
machine with each SIMM or DIMM individually and narrow the
problem down to either the problematic DIMM/SIMM or perhaps
even a combination.Over-optimistic Motherboard settings: In your BIOS
settings, and some motherboard jumpers you have options to
set various timings, mostly the defaults will be
sufficient, but sometimes, setting the wait states on RAM
too low, or setting the RAM Speed: Turbo option, or
similar in the BIOS will cause strange behavior. A
possible idea is to set to BIOS defaults, but it might be
worth noting down your settings first!Unclean or insufficient power to the motherboard. If you
have any unused I/O boards, hard disks, or CDROMs in your
system, try temporarily removing them or disconnecting the
power cable from them, to see if your power supply can
manage a smaller load. Or try another power supply,
preferably one with a little more power (for instance, if
your current power supply is rated at 250 Watts try one
rated at 300 Watts).You should also read the SIG11 FAQ (listed below) which has
excellent explanations of all these problems, albeit from a
&linux; viewpoint. It also discusses how memory testing software
or hardware can still pass faulty memory.Finally, if none of this has helped it is possible that
you have just found a bug in FreeBSD, and you should follow the
instructions to send a problem report.There is an extensive FAQ on this at
the SIG11 problem FAQMy system crashes with either Fatal
trap 12: page fault in kernel mode, or
panic:, and spits out a
bunch of information. What should I do?The FreeBSD developers are very interested in these
errors, but need some more information than just the
error you see. Copy your full crash message. Then
consult the FAQ section on kernel panics,
build a debugging kernel, and get a backtrace. This
might sound difficult, but you do not need any
programming skills; you just have to follow the
instructions.Why does the screen go black and lose sync when I
boot?This is a known problem with the ATI Mach 64 video card.
The problem is that this card uses address
2e8, and the fourth serial port does too.
Due to a bug (feature?) in the &man.sio.4;
driver it will touch this port even if you do not have the
fourth serial port, and even if
you disable sio3 (the fourth port) which normally uses this
address.Until the bug has been fixed, you can use this
workaround:Enter at the boot prompt.
(This will put the kernel into configuration mode).Disable sio0,
sio1,
sio2 and
sio3 (all of them). This way
the sio driver does not get activated -> no
problems.Type exit to continue booting.If you want to be able to use your serial ports, you will
have to build a new kernel with the following modification: in
/usr/src/sys/i386/isa/sio.c find the one
occurrence of the string 0x2e8 and remove
that string and the preceding comma (keep the trailing comma).
Now follow the normal procedure of building a new
kernel.Even after applying these workarounds, you may still find
that the X Window System does not work properly. If this is the
case, make sure that the &xfree86; version you are using is at
least &xfree86; 3.3.3 or higher. This version and upwards has
built-in support for the Mach64 cards and even a dedicated X
server for those cards.Why does FreeBSD only use 64 MB of RAM when my system has
128 MB of RAM installed?Due to the manner in which FreeBSD gets the memory size
from the BIOS, it can only detect 16 bits worth of Kbytes in
size (65535 Kbytes = 64MB) (or less... some BIOSes peg the
memory size to 16M). If you have more than 64MB, FreeBSD will
attempt to detect it; however, the attempt may fail.To work around this problem, you need to use the kernel
option specified below. There is a way to get complete memory
information from the BIOS, but we do not have room in the
bootblocks to do it. Someday when lack of room in the
bootblocks is fixed, we will use the extended BIOS functions to
get the full memory information...but for now we are stuck with
the kernel option.options "MAXMEM=n"Where n is your memory in
Kilobytes. For a 128 MB machine, you would want to use
131072.Why does FreeBSD 2.0 panic with
kmem_map too small!?The message may also be
mb_map too small!The panic indicates that the system ran out of virtual
memory for network buffers (specifically, mbuf clusters). You
can increase the amount of VM available for mbuf clusters by
adding:options "NMBCLUSTERS=n"to your kernel config file, where
n is a number in the range
512-4096, depending on the number of concurrent TCP
connections you need to support. I would recommend trying
2048 - this should get rid of the panic completely. You
can monitor the number of mbuf clusters allocated/in use
on the system with netstat -m (see
&man.netstat.1;). The default value for NMBCLUSTERS is
512 + MAXUSERS * 16.Why do I get the error /kernel: proc: table
is full?The FreeBSD kernel will only allow a certain number of
processes to exist at one time. The number is based on
the MAXUSERS option in the kernel
configuration. MAXUSERS also affects
various other in-kernel limits, such as network buffers
(see this
earlier question). If your machine is heavily loaded, you
probably want to increase MAXUSERS.
This will increase these other system limits in addition
to the maximum number of processes.After FreeBSD 4.4, MAXUSERS became
a tunable value that could be set with
kern.maxusers in
/boot/loader.conf. In earlier
versions of FreeBSD, you need to adjust
MAXUSERS in your kernel
configuration.If your machine is lightly loaded, and you are simply
running a very large number of processes, you can adjust
this with the kern.maxproc sysctl. If
these processes are being run by a single user, you will
also need to adjust kern.maxprocperuid
to be one less than your new
kern.maxproc value. (It must be at
least one less because one system program, &man.init.8;,
must always be running.)To make a sysctl permanent across reboots, set this in
/etc/sysctl.conf in recent versions
of FreeBSD, or /etc/rc.local in older
versions.Why do I get an error reading CMAP
busy when rebooting with a new
kernel?The logic that attempts to detect an out of date
/var/db/kvm_*.db files sometimes fails
and using a mismatched file can sometimes lead to panics.If this happens, reboot single-user and do:&prompt.root; rm /var/db/kvm_*.dbWhat does the message ahc0: brkadrint,
Illegal Host Access at seqaddr 0x0
mean?This is a conflict with an Ultrastor SCSI Host Adapter.During the boot process enter the kernel configuration
menu and disable
uha0,
which is causing the problem.When I boot my system, I get the error
ahc0: illegal cable configuration.
My cabling is correct. What is going on?Your motherboard lacks the external logic to support
automatic termination. Switch your SCSI BIOS to specify
the correct termination for your configuration rather
than automatic termination. The AIC7XXX driver cannot
determine if the external logic for cable detection (and
thus auto-termination) is available. The driver simply
assumes that this support must exist if the configuration
contained in the serial EEPROM is set to "automatic
termination". Without the external cable detection logic
the driver will often configure termination incorrectly,
which can compromise the reliability of the SCSI
bus.Why does Sendmail give me an error reading
mail loops back to
myself?This is answered in the sendmail FAQ as follows:- * I'm getting "Local configuration error" messages, such as:
553 relay.domain.net config error: mail loops back to myself
554 <user@domain.net>... Local configuration error
How can I solve this problem?
You have asked mail to the domain (e.g., domain.net) to be
forwarded to a specific host (in this case, relay.domain.net)
by using an MX record, but the relay machine does not recognize
itself as domain.net. Add domain.net to /etc/mail/local-host-names
(if you are using FEATURE(use_cw_file)) or add "Cw domain.net"
to /etc/mail/sendmail.cf.
The current version of the sendmail
FAQ is no longer maintained with the sendmail release.
It is however regularly posted to comp.mail.sendmail,
comp.mail.misc, comp.mail.smail, comp.answers, and news.answers. You can also
receive a copy via email by sending a message to
mail-server@rtfm.mit.edu with the command
send usenet/news.answers/mail/sendmail-faq
as the body of the message.Why do full screen applications on remote machines
misbehave?The remote machine may be setting your terminal type
to something other than the cons25 terminal
type required by the FreeBSD console.There are a number of possible work-arounds for this
problem:After logging on to the remote machine, set your
TERM shell variable to ansi or
sco if the remote machine knows
about these terminal types.Use a VT100 emulator like
screen at the FreeBSD console.
screen offers you the ability
to run multiple concurrent sessions from one terminal,
and is a neat program in its own right. Each
screen window behaves like a
VT100 terminal, so the TERM variable at the remote end
should be set to vt100.Install the cons25 terminal
database entry on the remote machine. The way to do this
depends on the operating system on the remote machine.
The system administration manuals for the remote system
should be able to help you here.Fire up an X server at the FreeBSD end and login to
the remote machine using an X based terminal emulator
such as xterm or
rxvt. The TERM variable at the remote
host should be set to xterm or
vt100.Why does my machine print
calcru: negative time...?This can be caused by various hardware or software
ailments relating to interrupts. It may be due to bugs but can
also happen by nature of certain devices. Running TCP/IP over
the parallel port using a large MTU is one good way to provoke
this problem. Graphics accelerators can also get you here, in
which case you should check the interrupt setting of the card
first.A side effect of this problem are dying processes with the
message SIGXCPU exceeded cpu time limit.For FreeBSD 3.0 and later from Nov 29, 1998 forward: If the
problem cannot be fixed otherwise the solution is to set
this sysctl variable:&prompt.root; sysctl -w kern.timecounter.method=1The option of &man.sysctl.8; is
deprecated and silently ignored in &os; 4.4-RELEASE and all
newer versions. You can safely ommit it when setting options
with sysctl as shown above.This means a performance impact, but considering the cause
of this problem, you probably will not notice. If the problem
persists, keep the sysctl set to one and set the
NTIMECOUNTER option in your kernel to
increasingly large values. If by the time you have reached
NTIMECOUNTER=20 the problem is not solved,
interrupts are too hosed on your machine for reliable
time keeping.I see pcm0 not found or my
sound card is found as pcm1 but I
have device pcm0 in my kernel config
file. What is going on?This occurs in FreeBSD 3.X with PCI sound cards. The
pcm0 device is reserved
exclusively for ISA-based cards so, if you have a PCI
card, then you will see this error, and your card will
appear as pcm1.
You cannot remove the warning by simply changing
the line in the kernel config file to device
pcm1 as this will result in
pcm1 being reserved for ISA
cards and your PCI card being found as
pcm2 (along with the warning
pcm1 not found).
If you have a PCI sound card you will also have to make the
snd1 device rather than
snd0:&prompt.root; cd /dev
&prompt.root; ./MAKEDEV snd1You can omit this step if you are running FreeBSD
5.0-RELEASE or newer with &man.devfs.5; enabled,
since the proper device nodes will be created automatically
under /dev.This situation does not arise in FreeBSD 4.X as a lot
of work has been done to make it more
PnP-centric and the
pcm0 device is no longer reserved
exclusively for ISA cardsWhy is my PnP card no longer found (or found as
unknown) since upgrading to FreeBSD 4.X?FreeBSD 4.X is now much more PnP-centric
and this has had the side effect of some PnP devices (e.g. sound
cards and internal modems) not working even though they worked
under FreeBSD 3.X.The reasons for this behavior are explained by the following
e-mail, posted to the freebsd-questions mailing list by Peter
Wemm, in answer to a question about an internal modem that was
no longer found after an upgrade to FreeBSD 4.X (the comments
in [] have been added to clarify the
context.The contents of this quotation has been updated from
its original text.
The PNP bios preconfigured it [the modem] and left it
laying around in port space, so [in 3.X] the old-style ISA
probes found it there.Under 4.0, the ISA code is much more PnP-centric. It was
possible [in 3.X] for an ISA probe to find a
stray device and then for the PNP device id to
match and then fail due to resource conflicts. So, it
disables the programmable cards first so this double probing
cannot happen. It also means that it needs to know the PnP
id's for supported PnP hardware. Making this more user
tweakable is on the TODO list.
To get the device working again requires finding its PnP id
and adding it to the list that the ISA probes use to identify
PnP devices. This is obtained using &man.pnpinfo.8; to probe the
device, for example this is the output from &man.pnpinfo.8; for
an internal modem:&prompt.root; pnpinfo
Checking for Plug-n-Play devices...
Card assigned CSN #1
Vendor ID PMC2430 (0x3024a341), Serial Number 0xffffffff
PnP Version 1.0, Vendor Version 0
Device Description: Pace 56 Voice Internal Plug & Play Modem
Logical Device ID: PMC2430 0x3024a341 #0
Device supports I/O Range Check
TAG Start DF
I/O Range 0x3f8 .. 0x3f8, alignment 0x8, len 0x8
[16-bit addr]
IRQ: 4 - only one type (true/edge)[more TAG lines elided]TAG End DF
End Tag
Successfully got 31 resources, 1 logical fdevs
-- card select # 0x0001
CSN PMC2430 (0x3024a341), Serial Number 0xffffffff
Logical device #0
IO: 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8
IRQ 5 0
DMA 4 0
IO range check 0x00 activate 0x01The information you require is in the
Vendor ID line at the start of the output. The
hexadecimal number in parentheses (0x3024a341 in this example)
is the PnP id and the string immediately before this (PMC2430)
is a unique ASCII id.Alternatively, if &man.pnpinfo.8; does not list the card in
question, &man.pciconf.8; can be used instead. This is part of
the output from pciconf -vl for an onboard
sound chip:&prompt.root; pciconf -vl
chip1@pci0:31:5: class=0x040100 card=0x00931028 chip=0x24158086 rev=0x02 hdr=0x00
vendor = 'Intel Corporation'
device = '82801AA 8xx Chipset AC'97 Audio Controller'
class = multimedia
subclass = audioHere, you would use the chip value,
0x24158086.This information (Vendor ID or chip value) needs adding
to the file
/usr/src/sys/isa/sio.c.You should first make a backup of sio.c
just in case things go wrong. You will also need it to make the
patch to submit with your PR (you are going to submit a PR,
are you not?) then edit sio.c and search
for the linestatic struct isa_pnp_id sio_ids[] = {then scroll down to find the correct place to add the entry
for your device. The entries look like this, and are sorted on
the ASCII Vendor ID string which should be included in the
comment to the right of the line of code along with all (if it
will fit) or part of the Device Description
from the output of &man.pnpinfo.8;:{0x0f804f3f, NULL}, /* OZO800f - Zoom 2812 (56k Modem) */
{0x39804f3f, NULL}, /* OZO8039 - Zoom 56k flex */
{0x3024a341, NULL}, /* PMC2430 - Pace 56 Voice Internal Modem */
{0x1000eb49, NULL}, /* ROK0010 - Rockwell ? */
{0x5002734a, NULL}, /* RSS0250 - 5614Jx3(G) Internal Modem */Add the hexadecimal Vendor ID for your device in the
correct place, save the file, rebuild your kernel, and reboot.
Your device should now be found as an sio
device as it was under FreeBSD 3.XWhy do I get the error nlist failed when
running, for example, top or
systat?The problem is that the application you are trying to run is
looking for a specific kernel symbol, but, for whatever reason,
cannot find it; this error stems from one of two problems:Your kernel and userland are not synchronized (i.e., you
built a new kernel but did not do an
installworld, or vice versa), and
thus the symbol table is different from what the user
application thinks it is. If this is the case, simply
complete the upgrade process (see
/usr/src/UPDATING for the correct
sequence).You are not using /boot/loader to load
your kernel, but doing it directly from boot2 (see
&man.boot.8;). While there is nothing wrong with bypassing
/boot/loader, it generally does a better
job of making the kernel symbols available to user
applications.Why does it take so long to connect to my computer via
ssh or telnet?The symptom: there is a long delay between the time the TCP
connection is established and the time when the client software
asks for a password (or, in &man.telnet.1;'s case, when a login
prompt appears).The problem: more likely than not, the delay is caused by
the server software trying to resolve the client's IP address
into a hostname. Many servers, including the Telnet and SSH
servers that come with FreeBSD, do this in order to, among
other things, store the hostname in a log file for future
reference by the administrator.The remedy: if the problem occurs whenever you connect from
your computer (the client) to any server, the problem is with
the client; likewise, if the problem only occurs when someone
connects to your computer (the server) the problem is with the
server.If the problem is with the client, the only remedy is to
fix the DNS so the server can resolve it. If this is on a
local network, consider it a server problem and keep reading;
conversely, if this is on the global Internet, you will most
likely need to contact your ISP and ask them to fix it for
you.If the problem is with the server, and this is on a local
network, you need to configure the server to be able to resolve
address-to-hostname queries for your local address range. See
the &man.hosts.5; and &man.named.8; manual pages for more
information. If this is on the global Internet, the problem
may be that your server's resolver is not functioning
correctly. To check, try to look up another host--say,
www.yahoo.com. If it does not work, that is
your problem.What does stray IRQ mean?Stray IRQs are indications of hardware IRQ glitches,
mostly from hardware that removes its interrupt request in
the middle of the interrupt request acknowledge
cycle.One has three options for dealing with this:Live with the warnings. All except the first 5
per irq are suppressed anyway.Break the warnings by changing 5 to 0 in
isa_strayintr() so that all the
warnings are suppressed.Break the warnings by installing parallel port
hardware that uses irq 7 and the PPP driver for it (this
happens on most systems), and install an ide drive or
other hardware that uses irq 15 and a suitable driver
for it.Why does file: table is full show up
repeatedly in dmesg?
This error message indicates you have exhausted the number
of available file descriptors on your system. Please see
the kern.maxfiles
section of the Tuning
Kernel Limits section of the Handbook for a
discussion and solution.Why does the clock on my laptop keep incorrect time?Your laptop has two or more clocks, and FreeBSD has chosen to
use the wrong one.Run &man.dmesg.8;, and check for lines that contain
Timecounter. The last line printed is the one
that FreeBSD chose, and will almost certainly be
TSC.&prompt.root; dmesg | grep Timecounter
Timecounter "i8254" frequency 1193182 Hz
Timecounter "TSC" frequency 595573479 HzYou can confirm this by checking the
kern.timecounter.hardware
&man.sysctl.3;.&prompt.root; sysctl kern.timecounter.hardware
kern.timecounter.hardware: TSCThe BIOS may modify the TSC clock—perhaps to change the
speed of the processor when running from batteries, or going into
a power saving mode, but FreeBSD is unaware of these adjustments,
and appears to gain or lose time.In this example, the i8254 clock is also
available, and can be selected by writing its name to the
kern.timecounter.hardware
&man.sysctl.3;.&prompt.root; sysctl -w kern.timecounter.hardware=i8254
kern.timecounter.hardware: TSC -> i8254Your laptop should now start keeping more accurate
time.To have this change automatically run at boot time, add the
following line to /etc/sysctl.conf.kern.timecounter.hardware=i8254Why did my laptop fail to correctly probe PC cards?This problem is common on laptops that boot more than
one operating system. Some non-BSD operating systems
leave PC card hardware in an inconsistent state.
pccardd will detect the card as
"(null)""(null)" instead of its
actual model.You must remove all power from the PC card slot to
fully reset the hardware. Completely power off the
laptop. (Don't suspend it, don't let it go into standby;
the power needs to be completely off.) Wait a few
moments, and reboot. Your PC card should work now.Some laptop hardware lies when it claims to be off.
If the above does not work shut down, remove the battery,
wait a moment, replace the battery, and reboot.Why does FreeBSD's boot loader display
Read error and stop after the BIOS
screen?FreeBSD's boot loader is incorrectly recognizing the hard
drive's geometry. This must be manually set within fdisk when
creating or modifying FreeBSD's slice.
The correct drive geometry values can be found within the
machine's BIOS. Look for the number of cylinders, heads and
sectors for the particular drive.
Within &man.sysinstall.8;'s fdisk, hit
G to set the drive geometry.A dialog will pop up requesting the number of
cylinders, heads and sectors. Type the numbers found from
the BIOS separates by forward slashes.
5000 cylinders, 250 sectors and 60 sectors would be entered as
5000/250/60Press enter to set the values, and hit
W to write the new partition table to the
drive.
Another operating system destroyed my Boot Manager. How do I
get it back?
Enter &man.sysinstall.8; and choose Configure,
then Fdisk. Select the disk the Boot Manager resided on
with the space key. Press
W to write changes to the drive. A prompt
will appear asking which boot loader to install. Select this,
and it will be restored.
What does the error swap_pager: indefinite
wait buffer: mean?This means that a process is trying to page memory to
disk, and the page attempt has hung trying to access the
disk for more than 20 seconds. It might be caused by bad
blocks on the disk drive, disk wiring, cables, or any
other disk I/O-related hardware. If the drive itself is
actually bad, you will also see disk errors in
/var/log/messages and in the output
of dmesg. Otherwise, check your cables
and connections.What are UDMA ICRC errors, and how do I
fix them?The &man.ata.4; driver reports UDMA ICRC
errors when a DMA transfer to or from a drive is corrupted.
The driver will retry the operation a few times. Should
the retries fail, it will switch from DMA to the slower PIO
mode of communication with the device.The problem can be caused by many factors, although
perhaps the most common cause is faulty or incorrect
cabling. Check that the ATA cables are undamaged and rated
for the Ultra DMA mode in use. If you're using removable
drive trays, they must also be compatible. Be sure that
all connections are making good contact. Problems have
also been noticed when an old drive is installed on the
same ATA channel as an Ultra DMA 66 (or faster) drive.
Lastly, these errors can indicate that the drive is
failing. Most drive vendors provide testing software for
their drives, so test your drive, and, if necessary, back
up your data and replace it.The &man.atacontrol.8; utility can be used to show and
select the DMA or PIO modes used for each ATA device. In
particular, atacontrol mode
channel will show the
modes in use on a particular ATA channel, where the primary
channel is numbered 0, and so on.Commercial ApplicationsThis section is still very sparse, though we are hoping, of
course, that companies will add to it! :) The FreeBSD group has
no financial interest in any of the companies listed here but
simply lists them as a public service (and feels that commercial
interest in FreeBSD can have very positive effects on FreeBSD's
long-term viability). We encourage commercial software vendors to
send their entries here for inclusion. See the
+ URL="&url.base;/commercial/index.html">the
Vendors page for a longer list.Where can I get an Office Suite for FreeBSD?The
FreeBSD Mall offers a FreeBSD native version
of VistaSource
ApplixWare 5.ApplixWare is a rich full-featured, commercial
Office Suite for FreeBSD containing a word processor,
spreadsheet, presentation program, vector drawing
package, and other applications.
ApplixWare is offered as part of the FreeBSD Mall's BSD
Desktop Edition.The &linux; version of StarOffice
works flawlessly on FreeBSD. The easiest way to
install the &linux; version of StarOffice is through the
FreeBSD Ports
collection. Future versions of the
open-source OpenOffice
suite should work as well.Where can I get &motif; for FreeBSD?The Open Group has released the source code to &motif; 2.1.30.
You can install the open-motif package, or
compile it from ports. Refer to
the ports section of the
Handbook for more information on how to do this.
The Open &motif; distribution only allows redistribution
if it is running on an
open source operating system.In addition, there are commercial distributions of the &motif;
software available. These, however, are not for free, but their
license allows them to be used in closed-source software.
Contact Apps2go for the
least expensive ELF &motif; 2.1.20 distribution for FreeBSD
(either &i386; or Alpha).There are two distributions, the development
edition and the runtime edition (for
much less). These distributions includes:OSF/&motif; manager, xmbind, panner, wsm.Development kit with uil, mrm, xm, xmcxx, include
and Imake files.Static and dynamic ELF libraries (for use with
FreeBSD 3.0 and above).Demonstration applets.Be sure to specify that you want the FreeBSD version of
&motif; when ordering (do not forget to mention the architecture
you want too)! Versions for NetBSD and OpenBSD are also sold by
Apps2go. This is currently a FTP only
download.More info
Apps2go WWW pageorsales@apps2go.com or
support@apps2go.comorphone (817) 431 8775 or +1 817 431-8775Contact Metro Link
for an either ELF or a.out &motif; 2.1 distribution for
FreeBSD.This distribution includes:OSF/&motif; manager, xmbind, panner, wsm.Development kit with uil, mrm, xm, xmcxx, include
and Imake files.Static and dynamic libraries (specify ELF for use
with FreeBSD 3.0 and later; or a.out for use with FreeBSD
2.2.8 and earlier).Demonstration applets.Preformatted manual pages.Be sure to specify that you want the FreeBSD version
of &motif; when ordering! Versions for &linux; are also sold by
Metro Link. This is available on either a
CDROM or for FTP download.Contact Xi Graphics for an
a.out &motif; 2.0 distribution for FreeBSD.This distribution includes:OSF/&motif; manager, xmbind, panner, wsm.Development kit with uil, mrm, xm, xmcxx, include
and Imake files.Static and dynamic libraries (for use with FreeBSD
2.2.8 and earlier).Demonstration applets.Preformatted manual pages.Be sure to specify that you want the FreeBSD version
of &motif; when ordering! Versions for BSDI and &linux; are also
sold by Xi Graphics. This is currently a 4
diskette set... in the future this will change to a unified CD
distribution like their CDE.Where can I get CDE for FreeBSD?Xi Graphics used to sell CDE
for FreeBSD, but no longer do.KDE is an open
source X11 desktop which is similar to CDE in many respects.
You might also like the look and feel of xfce. KDE and xfce are both
- in the ports
+ in the ports
system.Are there any commercial high-performance X servers?Yes, Xi Graphics
and Metro Link
sell Accelerated-X product for FreeBSD and other Intel based
systems.The Metro Link offering is a high performance X Server
that offers easy configuration using the FreeBSD Package suite
of tools, support for multiple concurrent video boards and is
distributed in binary form only, in a convenient FTP download.
Not to mention the Metro Link offering is available at the very
reasonable price of $39. Metro Link also sells both ELF and a.out &motif; for
FreeBSD (see above).More info
Metro Link WWW pageorsales@metrolink.com
or tech@metrolink.comorphone (954) 938-0283 or +1 954 938-0283The Xi Graphics offering is a high performance X Server
that offers easy configuration, support for multiple concurrent
video boards and is distributed in binary form only, in a
unified diskette distribution for FreeBSD and &linux;. Xi
Graphics also offers a high performance X Server tailored for
laptop support.There is a free compatibility demo of
version 5.0 available.Xi Graphics also sells &motif; and CDE for FreeBSD (see
above).More info
Xi Graphics WWW pageorsales@xig.com
or support@xig.comorphone (800) 946 7433 or +1 303 298-7478.Are there any Database systems for FreeBSD?Yes! See the
+ URL="&url.base;/commercial/software_bycat.html#CATEGORY_DATABASE">
Commercial Vendors section of FreeBSD's Web site.Also see the
+ URL="&url.base;/ports/databases.html">
Databases section of the Ports collection.Can I run &oracle; on FreeBSD?Yes. The following pages tell you exactly how to set up
&linux;-&oracle; on FreeBSD:
http://www.scc.nl/~marcel/howto-oracle.html
http://www.lf.net/lf/pi/oracle/install-linux-oracle-on-freebsdUser ApplicationsSo, where are all the user applications?Please take a look at the ports page
+ URL="&url.base;/ports/index.html">the ports page
for info on software packages ported to FreeBSD. The list
currently tops &os.numports; and is growing daily, so come
back to check often or subscribe to the
freebsd-announce mailing list for periodic updates
on new entries.Most ports should work on the 4.X and 5.X branches.
Each time a FreeBSD release is made, a snapshot of the
ports tree at the time of release in also included in the
ports/ directory.We also support the concept of a
package, essentially no more than a gzipped
binary distribution with a little extra intelligence
embedded in it for doing whatever custom installation work
is required. A package can be installed and uninstalled
again easily without having to know the gory details of
which files it includes.Use the package installation menu in
/stand/sysinstall (under the
post-configuration menu item) or invoke the
&man.pkg.add.1; command on the specific package files you
are interested in installing. Package files can usually be
identified by their .tgz suffix and
CDROM distribution people will have a
packages/All directory on their CD
which contains such files. They can also be downloaded
over the net for various versions of FreeBSD at the
following locations:for 4.X-RELEASE/4-STABLE
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/for 5.X-CURRENT
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-currentor your nearest local mirror site.Note that all ports may not be available as packages since
new ones are constantly being added. It is always a good idea
to check back periodically to see which packages are available
at the ftp.FreeBSD.org
master site.Why does ghostscript give lots of errors with my
386/486SX?You do not have a math co-processor, right?
You will need to add the alternative math emulator to your
kernel; you do this by adding the following to your kernel
config file and it will be compiled in.options GPL_MATH_EMULATEYou will need to remove the
MATH_EMULATE option when you do
this.How do I configure INN (Internet News) for my machine?After installing the news/inn package or port, an
excellent place to start is Dave
Barr's INN Page where you will find the INN
FAQ.What version of µsoft; FrontPage should I get?Use the Port, Luke! A pre-patched version of Apache,
www/apache13-fp, is
available in the ports tree.Does FreeBSD support &java;?Yes. Please see
+ URL="&url.base;/java/index.html">
http://www.FreeBSD.org/java/.Why can I not build this port on my 3.X-STABLE machine?If you are running a FreeBSD version that lags
significantly behind -CURRENT or -STABLE, you may need a ports
- upgrade kit from
+ upgrade kit from
http://www.FreeBSD.org/ports/. If you are up to date,
then someone might have committed a change to the port which
works for -CURRENT but which broke the port for -STABLE. Please
submit a bug report on this with the
&man.send-pr.1; command, since the ports
collection is supposed to work for both the -CURRENT and
-STABLE branches.I just tried to build INDEX
using make index, and it failed.
Why?First, always make sure that you have a completely
up-to-date Ports Collection. Errors that affect building
INDEX from an up-to-date copy of the
Ports Collection are high-visibility and are thus almost
always fixed immediately.However, if you are up-to-date, perhaps you are seeing
another problem. make index has a
known bug in dealing with incomplete copies of the Ports
Collection. It assumes that you have a local copy of every
single port that every other port that you have a local copy
of depends on. To explain, if you have a copy of
foo/bar on your disk, and
foo/bar depends on
baz/quux, then you must also have
a copy of baz/quux on your disk, and
the ports baz/quux depends on, and
so on. Otherwise, make index has
insufficient information to create its dependency tree.This is particularly a problem for &os; users who
utilize &man.cvsup.1; to track the Ports Collection but
choose not to install certain categories by specifying
them in refuse. In theory, one
should be able to refuse categories, but in practice
there are too many ports that depend on ports in other
categories. Until someone comes up with a solution for
this problem, the general rule is is that if you want to
build INDEX, you must have a complete
copy of the Ports Collection.There are rare cases where INDEX
will not build due to odd cases involving
WITH_* or
WITHOUT_*
variables being set in make.conf. If
you suspect that this is the case, please try to make
INDEX with those Makevars turned off
before reporting it to &a.ports;.Where do I find ld.so?a.out applications like &netscape.navigator; require
a.out libraries. A version of FreeBSD built with ELF
libraries does not install them by default. You will get
complaints about not having
/usr/libexec/ld.so if this is the
case on your system. These libraries are available as an
add-on in the compat22 distribution. Use
&man.sysinstall.8; to install them. You can
also install them from the FreeBSD source code:&prompt.root; cd /usr/src/lib/compat/compat22
&prompt.root; make install cleanIf you want to install the latest compat22 libraries
whenever you run make world, edit
/etc/make.conf to include
COMPAT22=YES. Old compatibility
libraries change rarely, if ever, so this is not generally
needed.Also see the ERRATAs for 3.1-RELEASE and
3.2-RELEASE.I updated the sources, now how do I update my installed
ports?FreeBSD does not include a port upgrading tool, but it
does have some tools to make the upgrade process somewhat
easier. You can also install additional tools to simplify
port handling.The &man.pkg.version.1; command can generate a script
that will update installed ports to the latest version in
the ports tree.&prompt.root; pkg_version -c > /tmp/myscriptThe output script must be edited by
hand before you use it. Recent versions of
&man.pkg.version.1; force this by inserting an
&man.exit.1; at the beginning of the script.You should save the output of the script, as it will note
packages that depend on the one that has been updated. These
may or may not need to be updated as well. The usual case where
they need to be updated is that a shared library has changed
version numbers, so the ports that used that library need to be
rebuilt to use the new version.Beginning with FreeBSD 5.0 (and higher revisions),
&man.pkg.version.1; no longer supports the
option.If you have the disk space, you can use the
portupgrade tool to automate all of
this. portupgrade includes various
tools to simplify package handling. It is available under
sysutils/portupgrade.
Since it is written in Ruby,
portupgrade is an unlikely candidate for
integration with the main FreeBSD tree. That should not
stop anyone from using it, however.If your system is up full time, the &man.periodic.8; system
can be used to generate a weekly list of ports that might need
updating by setting
weekly_status_pkg_enable="YES" in
/etc/periodic.conf.Why is /bin/sh so minimal? Why does
FreeBSD not use bash or another shell?Because &posix; says that there shall be such a shell.The more complicated answer: many people need to write shell
scripts which will be portable across many systems. That is why
&posix; specifies the shell and utility commands in great detail.
Most scripts are written in Bourne shell, and because several
important programming interfaces (&man.make.1;, &man.system.3;,
&man.popen.3;, and analogues in higher-level scripting
languages like Perl and Tcl) are specified to use the Bourne
shell to interpret commands. Because the Bourne shell is so
often and widely used, it is important for it to be quick to
start, be deterministic in its behavior, and have a small
memory footprint.The existing implementation is our best effort at meeting as
many of these requirements simultaneously as we can. In order to
keep /bin/sh small, we have not provided many
of the convenience features that other shells have. That is why the
Ports Collection includes more featureful shells like bash, scsh,
tcsh, and zsh. (You can compare for yourself the memory
utilization of all these shells by looking at the
VSZ and RSS columns in a ps
-u listing.)Why do &netscape; and Opera take so long to
start?The usual answer is that DNS on your system is
misconfigured. Both &netscape; and Opera perform DNS checks
when starting up. The browser will not appear on your
desktop until the program either gets a response or
determines that the system has no network
connection.I updated parts of the Ports Collection using CVSup, and
now many ports fail to build with mysterious error messages!
What happened? Is the Ports Collection broken in some major
way?If you only update parts of the Ports Collection, using
one of its CVSup subcollections and not the
ports-all CVSup collection, you should
always update the
ports-base subcollection too! The reasons
are described in the
Handbook.How do I create audio CDs from my MIDI files?To create audio CDs from MIDI files, first
install audio/timidity++
from ports then install manually the GUS patches set by Eric
A. Welsh, available at .
After timidity++ has been installed properly, midi files may
be converted to wav's with the following command
line:&prompt.user; timidity -Ow -s 44100 -o /tmp/juke/01.wav 01.midThe wav files can then be converted to other formats
or burned onto audio CDs, as described in the FreeBSD
Handbook.Kernel ConfigurationI would like to customize my kernel. Is it difficult?Not at all! Check out the
kernel config section of the Handbook.We recommend that you make a dated snapshot of
your new /kernel called
/kernel.YYMMDD after you get it
working properly. Also back up your new
/modules directory to
/modules.YYMMDD. That way, if
you make a mistake the next time you play with your
configuration you can boot the backup kernel instead
of having to fall back to
kernel.GENERIC. This is
particularly important if you are now booting from a
controller that GENERIC does not support.My kernel compiles fail because
_hw_float is missing. How do I solve
this problem?Let me guess. You removed
npx0 (see &man.npx.4;)
from your kernel configuration file because you do not have a
math co-processor, right? Wrong! :-) The
npx0 is
MANDATORY. Even if you do not have a
mathematic co-processor, you must
include the npx0 device.Why is my kernel so big (over 10MB)?Chances are, you compiled your kernel in
debug mode. Kernels built in debug
mode contain many symbols that are used for debugging, thus
greatly increasing the size of the kernel. Note that if you
running a FreeBSD 3.0 or later system, there will be little
or no performance decrease from running a debug kernel,
and it is useful to keep one around in case of a system
panic.However, if you are running low on disk space, or
you simply do not want to run a debug kernel, make sure
that both of the following are true:You do not have a line in your kernel
configuration file that reads:makeoptions DEBUG=-gYou are not running &man.config.8; with
the option.Both of the above situations will cause your kernel to
be built in debug mode. As long as you make sure you follow
the steps above, you can build your kernel normally, and you
should notice a fairly large size decrease; most kernels
tend to be around 1.5MB to 2MB.Why do I get interrupt conflicts with multi-port serial
code?When I compile a kernel
with multi-port serial code, it tells me that only the first
port is probed and the rest skipped due to interrupt conflicts.
How do I fix this?The problem here is that
FreeBSD has code built-in to keep the kernel from getting
trashed due to hardware or software conflicts. The way to fix
this is to leave out the IRQ settings on all but one port. Here
is an example:#
# Multiport high-speed serial line - 16550 UARTS
#
device sio2 at isa? port 0x2a0 tty irq 5 flags 0x501 vector siointr
device sio3 at isa? port 0x2a8 tty flags 0x501 vector siointr
device sio4 at isa? port 0x2b0 tty flags 0x501 vector siointr
device sio5 at isa? port 0x2b8 tty flags 0x501 vector siointrWhy does every kernel I try to build fail to compile, even
GENERIC?There are a number of possible causes for this problem.
They are, in no particular order:You are not using the new make
buildkernel and make
installkernel targets, and your source tree is
different from the one used to build the currently running
system (e.g., you are compiling 4.3-RELEASE on a 4.0-RELEASE
system). If you are attempting an upgrade, please read the
/usr/src/UPDATING file, paying
particular attention to the COMMON ITEMS
section at the end.You are using the new make
buildkernel and make
installkernel targets, but you failed to assert
the completion of the make buildworld
target. The make buildkernel target
relies on files generated by the make
buildworld target to complete its job
correctly.Even if you are trying to build FreeBSD-STABLE, it is possible that
you fetched the source tree at a time when it was either
being modified, or broken for other reasons; only releases
are absolutely guaranteed to be buildable, although FreeBSD-STABLE builds fine the
majority of the time. If you have not already done so, try
re-fetching the source tree and see if the problem goes
away. Try using a different server in case the one you are
using is having problems.How can I verify which scheduler is in use on a
running system?Just type:
&prompt.root; sysctl kern.quantum
If you see
unknown oid 'kern.quantum'
it means that the current scheduler is SCHED_ULE, however,
if you see
kern.quantum: 100000
then the original scheduler SCHED_4BSD is the current selection.
What is 'kern.quantum'?kern.quantum is the maximum number of
ticks a process can run without being preempted. It is
specific to the 4BSD scheduler, so you can use its
presence or absence to determine which scheduler is in
use.
Disks, Filesystems, and Boot LoadersHow can I add my new hard disk to my FreeBSD system?See the Disk Formatting Tutorial at
www.FreeBSD.org.How do I move my system over to my huge new disk?The best way is to reinstall the OS on the new
disk, then move the user data over. This is highly
recommended if you have been tracking -STABLE for more
than one release, or have updated a release instead of
installing a new one. You can install booteasy on both
disks with &man.boot0cfg.8;, and dual boot them until
you are happy with the new configuration. Skip the
next paragraph to find out how to move the data after
doing this.Should you decide not to do a fresh install, you
need to partition and label the new disk with either
/stand/sysinstall, or &man.fdisk.8;
and &man.disklabel.8;. You should also install booteasy
on both disks with &man.boot0cfg.8;, so that you can
dual boot to the old or new system after the copying
is done. See the
formatting-media article for details on this
process.Now you have the new disk set up, and are ready
to move the data. Unfortunately, you cannot just blindly
copy the data. Things like device files (in
/dev), flags, and links tend to
screw that up. You need to use tools that understand
these things, which means &man.dump.8;.
Although it is suggested that you move the data in single user
mode, it is not required.You should never use anything but &man.dump.8; and
&man.restore.8; to move the root filesystem. The
&man.tar.1; command may work - then again, it may not.
You should also use &man.dump.8; and &man.restore.8;
if you are moving a single partition to another empty
partition. The sequence of steps to use dump to move
a partitions data to a new partition is:newfs the new partition.mount it on a temporary mount point.cd to that directory.dump the old partition, piping output to the
new one.For example, if you are going to move root to
/dev/ad1s1a, with
/mnt as the temporary mount point,
it is:&prompt.root; newfs /dev/ad1s1a
&prompt.root; mount /dev/ad1s1a /mnt
&prompt.root; cd /mnt
&prompt.root; dump 0af - / | restore xf -Rearranging your partitions with dump takes a bit more
work. To merge a partition like /var
into its parent, create the new partition large enough
for both, move the parent partition as described above,
then move the child partition into the empty directory
that the first move created:&prompt.root; newfs /dev/ad1s1a
&prompt.root; mount /dev/ad1s1a /mnt
&prompt.root; cd /mnt
&prompt.root; dump 0af - / | restore xf -
&prompt.root; cd var
&prompt.root; dump 0af - /var | restore xf -To split a directory from its parent, say putting
/var on its own partition when it was not
before, create both partitions, then mount the child partition
on the appropriate directory in the temporary mount point, then
move the old single partition:&prompt.root; newfs /dev/ad1s1a
&prompt.root; newfs /dev/ad1s1d
&prompt.root; mount /dev/ad1s1a /mnt
&prompt.root; mkdir /mnt/var
&prompt.root; mount /dev/ad1s1d /mnt/var
&prompt.root; cd /mnt
&prompt.root; dump 0af - / | restore xf -You might prefer &man.cpio.1;, &man.pax.1;,
&man.tar.1; to &man.dump.8; for user data. At the time of
this writing, these are known to lose file flag information,
so use them with caution.Will a dangerously dedicated disk endanger
my health?The installation procedure allows
you to chose two different methods in partitioning your
hard disk(s). The default way makes it compatible with other
operating systems on the same machine, by using fdisk table
entries (called slices in FreeBSD), with a
FreeBSD slice that employs partitions of its own. Optionally,
one can chose to install a boot-selector to switch between the
possible operating systems on the disk(s). The alternative uses
the entire disk for FreeBSD, and makes no attempt to be
compatible with other operating systems.So why it is called dangerous? A disk
in this mode does not contain what normal PC utilities
would consider a valid fdisk table. Depending on how well
they have been designed, they might complain at you once
they are getting in contact with such a disk, or even
worse, they might damage the BSD bootstrap without even
asking or notifying you. In addition, the
dangerously dedicated disk's layout is
known to confuse many BIOSes, including those from AWARD
(e.g. as found in HP Netserver and Micronics systems as
well as many others) and Symbios/NCR (for the popular
53C8xx range of SCSI controllers). This is not a complete
list, there are more. Symptoms of this confusion include
the read error message printed by
the FreeBSD bootstrap when it cannot find itself, as well
as system lockups when booting.Why have this mode at all then? It only saves a few kbytes
of disk space, and it can cause real problems for a new
installation. Dangerously dedicated mode's
origins lie in a desire to avoid one of the most common
problems plaguing new FreeBSD installers - matching the BIOS
geometry numbers for a disk to the disk
itself.Geometry is an outdated concept, but one
still at the heart of the PC's BIOS and its interaction with
disks. When the FreeBSD installer creates slices, it has to
record the location of these slices on the disk in a fashion
that corresponds with the way the BIOS expects to find them. If
it gets it wrong, you will not be able to boot.Dangerously dedicated mode tries to work
around this by making the problem simpler. In some cases, it
gets it right. But it is meant to be used as a last-ditch
alternative - there are better ways to solve the problem 99
times out of 100.So, how do you avoid the need for DD mode
when you are installing? Start by making a note of the geometry
that your BIOS claims to be using for your disks. You can
arrange to have the kernel print this as it boots by specifying
at the boot: prompt, or
using boot -v in the loader. Just before the
installer starts, the kernel will print a list of BIOS
geometries. Do not panic - wait for the installer to start and
then use scrollback to read the numbers. Typically the BIOS
disk units will be in the same order that FreeBSD lists your
disks, first IDE, then SCSI.When you are slicing up your disk, check that the disk
geometry displayed in the FDISK screen is correct (ie. it
matches the BIOS numbers); if it is wrong, use the
g key to fix it. You may have to do this if
there is absolutely nothing on the disk, or if the disk has been
moved from another system. Note that this is only an issue with
the disk that you are going to boot from; FreeBSD will sort
itself out just fine with any other disks you may have.Once you have got the BIOS and FreeBSD agreeing about the
geometry of the disk, your problems are almost guaranteed to be
over, and with no need for DD mode at all. If,
however, you are still greeted with the dreaded read
error message when you try to boot, it is time to cross
your fingers and go for it - there is nothing left to
lose.To return a dangerously dedicated disk
for normal PC use, there are basically two options. The first
is, you write enough NULL bytes over the MBR to make any
subsequent installation believe this to be a blank disk. You
can do this for example with&prompt.root; dd if=/dev/zero of=/dev/rda0 count=15Alternatively, the undocumented DOS
featureC:\>fdisk /mbrwill to install a new master boot record as well, thus
clobbering the BSD bootstrap.Which partitions can safely use Soft Updates? I have
heard that Soft Updates on / can cause
problems.Short answer: you can usually use Soft Updates safely
on all partitions.Long answer: There used to be some concern over using
Soft Updates on the root partition. Soft Updates has two
characteristics that caused this. First, a Soft Updates
partition has a small chance of losing data during a
system crash. (The partition will not be corrupted; the
data will simply be lost.) Also, Soft Updates can cause
temporary space shortages.When using Soft Updates, the kernel can take up to
thirty seconds to actually write changes to the physical
disk. If you delete a large file, the file still resides
on disk until the kernel actually performs the deletion.
This can cause a very simple race condition. Suppose you
delete one large file and immediately create another large
file. The first large file is not yet actually removed
from the physical disk, so the disk might not have enough
room for the second large file. You get an error that the
partition does not have enough space, although you know
perfectly well that you just released a large chunk of
space! When you try again mere seconds later, the file
creation works as you expect. This has left more than one
user scratching his head and doubting his sanity, the
FreeBSD filesystem, or both.If a system should crash after the kernel accepts a
chunk of data for writing to disk, but before that data is
actually written out, data could be lost or corrupted.
This risk is extremely small, but generally manageable.
Use of IDE write caching greatly increases this risk; it
is strongly recommended that you disable IDE write caching
when using Soft Updates.These issues affect all partitions using Soft Updates.
So, what does this mean for the root partition?Vital information on the root partition changes very
rarely. Files such as /kernel and
the contents of /etc only change
during system maintenance, or when users change their
passwords. If the system crashed during the
thirty-second window after such a change is made, it is
possible that data could be lost. This risk is negligible
for most applications, but you should be aware that it
exists. If your system cannot tolerate this much risk,
do not use Soft Updates on the root filesystem!/ is traditionally one of the
smallest partitions. By default, FreeBSD puts the
/tmp directory on
/. If you have a busy
/tmp, you might see intermittent
space problems. Symlinking /tmp to
/var/tmp will solve this
problem.What is inappropriate about my ccd?The symptom of this is:&prompt.root; ccdconfig -C
ccdconfig: ioctl (CCDIOCSET): /dev/ccd0c: Inappropriate file type or formatThis usually happens when you are trying to concatenate
the c partitions, which default to type
unused. The ccd driver requires the
underlying partition type to be FS_BSDFFS. Edit the disklabel
of the disks you are trying to concatenate and change the types
of partitions to 4.2BSD.Why can I not edit the disklabel on my ccd?The symptom of this is:&prompt.root; disklabel ccd0
(it prints something sensible here, so let us try to edit it)
&prompt.root; disklabel -e ccd0
(edit, save, quit)
disklabel: ioctl DIOCWDINFO: No disk label on disk;
use "disklabel -r" to install initial labelThis is because the disklabel returned by ccd is actually
a fake one that is not really on the disk.
You can solve this problem by writing it back explicitly,
as in:&prompt.root; disklabel ccd0 > /tmp/disklabel.tmp
&prompt.root; disklabel -Rr ccd0 /tmp/disklabel.tmp
&prompt.root; disklabel -e ccd0
(this will work now)Can I mount other foreign filesystems under FreeBSD?Digital UNIXUFS CDROMs can be mounted directly on FreeBSD.
Mounting disk partitions from Digital UNIX and other
systems that support UFS may be more complex, depending
on the details of the disk partitioning for the operating
system in question.&linux;FreeBSD supports ext2fs
partitions. See &man.mount.ext2fs.8; for more
information.&windowsnt;FreeBSD includes a read-only NTFS driver. For
more information, see &man.mount.ntfs.8;.
Any other information on this subject would be
appreciated.How do I mount a secondary DOS partition?The secondary DOS partitions are found after ALL the
primary partitions. For example, if you have an
E partition as the second DOS partition on
the second SCSI drive, you need to create the special files
for slice 5 in /dev,
then mount /dev/da1s5:&prompt.root; cd /dev
&prompt.root; sh MAKEDEV da1s5
&prompt.root; mount -t msdos /dev/da1s5 /dos/eYou can omit this step if you are running FreeBSD
5.0-RELEASE or newer with &man.devfs.5;
enabled.Is there a cryptographic filesystem for &os;?Yes; see the security/cfs port.How can I use the &windowsnt; loader to boot FreeBSD?The general idea is that you copy the first sector of your
native root FreeBSD partition into a file in the DOS/&windowsnt;
partition. Assuming you name that file something like
c:\bootsect.bsd (inspired by
c:\bootsect.dos), you can then edit the
c:\boot.ini file to come up with something
like this:[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows NT"
C:\BOOTSECT.BSD="FreeBSD"
C:\="DOS"If FreeBSD is installed on the same disk as the &windowsnt; boot
partition simply copy /boot/boot1 to
C:\BOOTSECT.BSD. However, if FreeBSD is
installed on a different disk /boot/boot1
will not work, /boot/boot0 is needed./boot/boot0 needs to be installed
using sysinstall by selecting the FreeBSD boot manager on
the screen which asks if you wish to use a boot
manager. This is because /boot/boot0
has the partition table area filled with NULL characters
but sysinstall copies the partition table before copying
/boot/boot0 to the MBR.Do not simply copy /boot/boot0
instead of /boot/boot1; you will
overwrite your partition table and render your computer
un-bootable!When the FreeBSD boot manager runs it records the last
OS booted by setting the active flag on the partition table
entry for that OS and then writes the whole 512-bytes of itself
back to the MBR so if you just copy
/boot/boot0 to
C:\BOOTSECT.BSD then it writes an empty
partition table, with the active flag set on one entry, to the
MBR.How do I boot FreeBSD and &linux; from LILO?If you have FreeBSD and &linux; on the same disk, just follow
LILO's installation instructions for booting a non-&linux;
operating system. Very briefly, these are:Boot &linux;, and add the following lines to
/etc/lilo.conf:other=/dev/hda2
table=/dev/hda
label=FreeBSD(the above assumes that your FreeBSD slice is known to
&linux; as /dev/hda2; tailor to
suit your setup). Then, run lilo as
root and you should be done.If FreeBSD resides on another disk, you need to add
loader=/boot/chain.b to the LILO entry.
For example:other=/dev/dab4
table=/dev/dab
loader=/boot/chain.b
label=FreeBSDIn some cases you may need to specify the BIOS drive number
to the FreeBSD boot loader to successfully boot off the second
disk. For example, if your FreeBSD SCSI disk is probed by BIOS
as BIOS disk 1, at the FreeBSD boot loader prompt you need to
specify:Boot: 1:da(0,a)/kernelOn FreeBSD 2.2.5 and later, you can configure
&man.boot.8;
to automatically do this for you at boot time.The
&linux;+FreeBSD mini-HOWTO is a good reference for
FreeBSD and &linux; interoperability issues.How do I boot FreeBSD and &linux; using BootEasy?Install LILO at the start of your &linux; boot partition
instead of in the Master Boot Record. You can then boot LILO
from BootEasy.If you are running &windows; 95 and &linux; this is recommended
anyway, to make it simpler to get &linux; booting again if you
should need to reinstall &windows; 95 (which is a Jealous
Operating System, and will bear no other Operating Systems in
the Master Boot Record).How do I change the boot prompt from ??? to
something more meaningful?You can not do that with the standard boot manager without
rewriting it. There are a number of other boot managers
in the sysutils ports category that
provide this functionality.I have a new removable drive, how do I use it?Whether it is a removable drive like a &iomegazip; or an EZ drive
(or even a floppy, if you want to use it that way), or a new
hard disk, once it is installed and recognized by the system,
and you have your cartridge/floppy/whatever slotted in, things
are pretty much the same for all devices.(this section is based on
Mark Mayo's ZIP FAQ)If it is a ZIP drive or a floppy, you have already got a DOS
filesystem on it, you can use a command like this:&prompt.root; mount -t msdos /dev/fd0c /floppyif it is a floppy, or this:&prompt.root; mount -t msdos /dev/da2s4 /zipfor a ZIP disk with the factory configuration.For other disks, see how they are laid out using
&man.fdisk.8; or
&man.sysinstall.8;.The rest of the examples will be for a ZIP drive on da2,
the third SCSI disk.Unless it is a floppy, or a removable you plan on sharing
with other people, it is probably a better idea to stick a BSD
filesystem on it. You will get long filename support, at least a
2X improvement in performance, and a lot more stability. First,
you need to redo the DOS-level partitions/filesystems. You can
either use &man.fdisk.8; or
/stand/sysinstall, or for a small drive
that you do not want to bother with multiple operating system
support on, just blow away the whole FAT partition table
(slices) and just use the BSD partitioning:&prompt.root; dd if=/dev/zero of=/dev/rda2 count=2
&prompt.root; disklabel -Brw da2 autoYou can use disklabel or
/stand/sysinstall to create multiple BSD
partitions. You will certainly want to do this if you are adding
swap space on a fixed disk, but it is probably irrelevant on a
removable drive like a ZIP.Finally, create a new filesystem, this one is on our ZIP
drive using the whole disk:&prompt.root; newfs /dev/rda2cand mount it:&prompt.root; mount /dev/da2c /zipand it is probably a good idea to add a line like this
to /etc/fstab (see &man.fstab.5;) so
you can just type mount /zip in the
future:/dev/da2c /zip ffs rw,noauto 0 0Why do I get Incorrect super block when
mounting a CDROM?You have to tell &man.mount.8; the type of the device
that you want to mount. This is described in the Handbook section on
optical media, specifically the section Using Data
CDs.Why do I get Device not
configured when mounting a CDROM?This generally means that there is no CDROM in the
CDROM drive, or the drive is not visible on the
bus. Please see the Using Data
CDs section of the Handbook for a detailed
discussion of this issue.Why do all non-English characters in filenames show up as
? on my CDs when mounted in FreeBSD?Your CDROM probably uses the Joliet
extension for storing information about files and
directories. This is discussed in the Handbook chapter on
creating and
using CDROMs, specifically the section on Using Data
CDROMs.I burned a CD under FreeBSD and now I can not read it
under any other operating system. Why?You most likely burned a raw file to your CD, rather
than creating an ISO 9660 filesystem. Take a look at the
Handbook
chapter on creating CDROMs, particularly the
section on burning raw
data CDs.How can I create an image of a data CD?This is discussed in the Handbook section on duplicating
data CDs. For more on working with CDROMs, see the
Creating CDs
Section in the Storage chapter in the
Handbook.Why can I not mount an audio
CD?If you try to mount an audio CD, you will get an error
like cd9660: /dev/acd0c: Invalid
argument. This is because
mount only works on filesystems. Audio
CDs do not have filesystems; they just have data. You
need a program that reads audio CDs, such as the
audio/xmcd port.How do I mount a multi-session CD?By default, &man.mount.8; will attempt to mount the
last data track (session) of a CD. If you would like to
load an earlier session, you must use the
command line argument. Please see
&man.mount.cd9660.8; for specific examples.How do I let ordinary users mount floppies, CDROMs and
other removable media?Ordinary users can be permitted to mount devices. Here is
how:As root set the sysctl variable
vfs.usermount to
1.&prompt.root; sysctl -w vfs.usermount=1As root assign the appropriate
permissions to the block device associated with the
removable media.For example, to allow users to mount the first floppy
drive, use:&prompt.root; chmod 666 /dev/fd0To allow users in the group
operator to mount the CDROM drive,
use:&prompt.root; chgrp operator /dev/cd0c
&prompt.root; chmod 640 /dev/cd0cFinally, add the line
vfs.usermount=1
to the file /etc/sysctl.conf so
that it is reset at system boot time.All users can now mount the floppy
/dev/fd0 onto a directory that they
own:&prompt.user; mkdir ~/my-mount-point
&prompt.user; mount -t msdos /dev/fd0 ~/my-mount-pointUsers in group operator can now
mount the CDROM /dev/cd0c onto a
directory that they own:&prompt.user; mkdir ~/my-mount-point
&prompt.user; mount -t cd9660 /dev/cd0c ~/my-mount-pointUnmounting the device is simple:&prompt.user; umount ~/my-mount-pointEnabling vfs.usermount, however,
has negative security implications. A better way to
access &ms-dos; formatted media is to use the mtools
package in the ports collection.The du and df
commands show different amounts of disk space available.
What is going on?You need to understand what du and
df really do. du
goes through the directory tree, measures how large each
file is, and presents the totals. df
just asks the filesystem how much space it has left. They
seem to be the same thing, but a file without a directory
entry will affect df but not
du.When a program is using a file, and you delete the
file, the file is not really removed from the filesystem
until the program stops using it. The file is immediately
deleted from the directory listing, however. You can see
this easily enough with a program such as
more. Assume you have a file large
enough that its presence affects the output of
du and df. (Since
disks can be so large today, this might be a
very large file!) If you delete this
file while using more on it,
more does not immediately choke and
complain that it cannot view the file. The entry is
simply removed from the directory so no other program or
user can access it. du shows that it
is gone — it has walked the directory tree and the file
is not listed. df shows that it is
still there, as the filesystem knows that
more is still using that space. Once
you end the more session,
du and df will
agree.Note that Soft Updates can delay the freeing of disk
space; you might need to wait up to 30 seconds for the
change to be visible!This situation is common on web servers. Many people
set up a FreeBSD web server and forget to rotate the log
files. The access log fills up /var.
The new administrator deletes the file, but the system
still complains that the partition is full. Stopping and
restarting the web server program would free the file,
allowing the system to release the disk space. To prevent
this from happening, set up &man.newsyslog.8;.How can I add more swap space?In the Configuration and
Tuning section of the Handbook, you will find a
section
describing how to do this.How is it possible for a partition to be more than 100%
full?A portion of each UFS partition (8%, by default) is
reserved for use by the operating system and the
root user.
&man.df.1; does not count that space when
calculating the Capacity column, so it can
exceed 100%. Also, you'll notice that the
Blocks column is always greater than the
sum of the Used and
Avail columns, usually by a factor of
8%.For more details, look up the option
in &man.tunefs.8;.System AdministrationWhere are the system start-up configuration files?The primary configuration file is
/etc/defaults/rc.conf (see
&man.rc.conf.5;) System startup scripts such as
/etc/rc and
/etc/rc.d (see &man.rc.8;) just
include this file. Do not edit this
file! Instead, if there is any entry in
/etc/defaults/rc.conf that you want
to change, you should copy the line into
/etc/rc.conf and change it
there.For example, if you wish to start named, the included
DNS server, all you need to do is:&prompt.root; echo named_enable="YES" >> /etc/rc.confTo start up local services, place shell scripts in the
/usr/local/etc/rc.d directory. These
shell scripts should be set executable, and end with a
.sh.How do I add a user easily?Use the &man.adduser.8; command, or the &man.pw.8;
command for more complicated situations.To remove the user, use the &man.rmuser.8; command or,
if necessary, &man.pw.8;.Why do I keep getting messages like root: not
found after editing my crontab file?This is normally caused by editing the system crontab
(/etc/crontab) and then using
&man.crontab.1; to install it:&prompt.root; crontab /etc/crontabThis is not the correct way to do things. The system
crontab has a different format to the per-user crontabs
which &man.crontab.1; updates (the &man.crontab.5; manual
page explains the differences in more detail).If this is what you did, the extra crontab is simply a
copy of /etc/crontab in the wrong
format it. Delete it with the command:&prompt.root; crontab -rNext time, when you edit
/etc/crontab, you should not do
anything to inform &man.cron.8; of the changes, since it
will notice them automatically.If you want something to be run once per day, week, or
month, it is probably better to add shell scripts
/usr/local/etc/periodic, and let the
&man.periodic.8; command run from the system cron schedule
it with the other periodic system tasks.The actual reason for the error is that the system
crontab has an extra field, specifying which user to run the
command as. In the default system crontab provided with
FreeBSD, this is root for all entries.
When this crontab is used as the root
user's crontab (which is not the
same as the system crontab), &man.cron.8; assumes the string
root is the first word of the command to
execute, but no such command exists.Why do I get the error, you are not in the correct
group to su root when I try to su to
root?This is a security feature. In order to su to
root (or any other account with superuser
privileges), you must be in the wheel
group. If this feature were not there, anybody with an account
on a system who also found out root's
password would be able to gain superuser level access to the
system. With this feature, this is not strictly true;
&man.su.1; will prevent them from even trying to enter the
password if they are not in wheel.To allow someone to su to root, simply
put them in the wheel group.I made a mistake in rc.conf,
or another startup file, and
now I cannot edit it because the filesystem is read-only.
What should I do?When you get the prompt to enter the shell
pathname, simply press ENTER, and run
mount / to re-mount the root filesystem in
read/write mode. You may also need to run mount -a -t
ufs to mount the filesystem where your favourite
editor is defined. If your favourite editor is on a network
filesystem, you will need to either configure the network
manually before you can mount network filesystems, or use an
editor which resides on a local filesystem, such as
&man.ed.1;.If you intend to use a full screen editor such
as &man.vi.1; or &man.emacs.1;, you may also need to
run export TERM=cons25 so that these
editors can load the correct data from the &man.termcap.5;
database.Once you have performed these steps, you can edit
/etc/rc.conf as you usually would
to fix the syntax error. The error message displayed
immediately after the kernel boot messages should tell you
the number of the line in the file which is at fault.Why am I having trouble setting up my printer?Please have a look at the Handbook entry on printing. It
should cover most of your problem. See the
Handbook entry on printing.Some printers require a host-based driver to do any
kind of printing. These so-called
WinPrinters are not natively supported by
FreeBSD. If your printer does not work in DOS or &windowsnt;
4.0, it is probably a WinPrinter. Your only hope of
getting one of these to work is to check if the print/pnm2ppa port supports
it.How can I correct the keyboard mappings for my system?Please see the Handbook section on using
localization, specifically the section on console
setup.Why do I get messages like: unknown: <PNP0303>
can't assign resources on boot?The following is an excerpt from a post to the
freebsd-current mailing list.
&a.wollman;, 24 April 2001The can't assign resources messages
indicate that the devices are legacy ISA devices for which a
non-PnP-aware driver is compiled into the kernel. These
include devices such as keyboard controllers, the
programmable interrupt controller chip, and several other
bits of standard infrastructure. The resources cannot be
assigned because there is already a driver using those
addresses.
Why can I not get user quotas to work properly?Do not turn on quotas on /,Put the quota file on the filesystem that the quotas
are to be enforced on. ie:FilesystemQuota file/usr/usr/admin/quotas/home/home/admin/quotas……Does FreeBSD support System V IPC primitives?Yes, FreeBSD supports System V-style IPC, including
shared memory, messages and semaphores. Versions of
FreeBSD later than 3.2 support System V IPC in the GENERIC
kernel. In earlier versions of FreeBSD, enable this
support by adding the following lines to your kernel
config.options SYSVSHM # enable shared memory
options SYSVSEM # enable for semaphores
options SYSVMSG # enable for messagingRecompile and install your kernel.What other mail-server software can I use, instead of
Sendmail?Sendmail is
the default mail-server software for FreeBSD, but you can
easily replace it with one of the other MTA (for instance,
an MTA installed from the ports).There are various alternative MTA's in the ports tree
already, with mail/exim, mail/postfix, mail/qmail, mail/zmailer, being some of the
most popular choices.Diversity is nice, and the fact that you have many
different mail-servers to chose from is considered a
good thing; therefore try to avoid
asking questions like Is Sendmail better than
Qmail? in the mailing lists. If you do feel like
asking, first check the mailing list archives. The
advantages and disadvantages of each and every one of the
available MTA's have already been discussed a few
times.I have forgotten the root password! What
do I do?Do not Panic! Simply restart the system, type
boot -s at the Boot: prompt (just
-s for FreeBSD releases before 3.2) to
enter Single User mode. At the question about the shell to use,
hit ENTER. You will be dropped to a &prompt.root; prompt. Enter
mount -u / to remount your root filesystem
read/write, then run mount -a to remount all
the filesystems. Run passwd root to change
the root password then run &man.exit.1; to
continue booting.How do I keep ControlAltDelete
from rebooting the system?If you are using syscons (the default console driver)
build and install a new kernel with the following
option.options SC_DISABLE_REBOOTin the configuration file. If you use the PCVT console
driver, use the following kernel configuration line
instead.options PCVT_CTRL_ALT_DELHow do I reformat DOS text files to &unix; ones?Simply use this perl command:&prompt.user; perl -i.bak -npe 's/\r\n/\n/g' file ...file is the file(s) to process. The modification is done
in-place, with the original file stored with a .bak
extension.Alternatively you can use the
&man.tr.1;
command:&prompt.user; tr -d '\r' < dos-text-file > unix-filedos-text-file is the file
containing DOS text while unix-file
will contain the converted output. This can be quite a bit
faster than using perl.How do I kill processes by name?Use &man.killall.1;.Why is su bugging me about not being in
root's ACL?The error comes from the Kerberos distributed
authentication system. The problem is not fatal but annoying.
You can either run su with the -K option, or uninstall
Kerberos as described in the next question.How do I uninstall Kerberos?To remove Kerberos from the system, reinstall the bin
distribution for the release you are running. If you have
the CDROM, you can mount the cd (we will assume on /cdrom)
and run&prompt.root; cd /cdrom/bin
&prompt.root; ./install.shAlternately, you can remove all
MAKE_KERBEROS options from
/etc/make.conf and rebuild
world.What happened to
/dev/MAKEDEV?FreeBSD 5.X uses the &man.devfs.8; device-on-demand
system. Device drivers automatically create new device
nodes as they are needed, obsoleting
/dev/MAKEDEV.If you are running FreeBSD 4.X or earlier and
/dev/MAKEDEV is missing, then you
really do have a problem. Grab a copy from the system
source code, probably in
/usr/src/etc/MAKEDEV.How do I add pseudoterminals to the system?If you have lots of telnet, ssh, X, or screen users,
you will probably run out of pseudoterminals. Here is how to
add more:Build and install a new kernel with the linepseudo-device pty 256in the configuration file.Run the commands&prompt.root; cd /dev
&prompt.root; sh MAKEDEV pty{1,2,3,4,5,6,7}to make 256 device nodes for the new terminals.Edit /etc/ttys and add lines
for each of the 256 terminals. They should match the form
of the existing entries, i.e. they look likettyqc none networkThe order of the letter designations is
tty[pqrsPQRS][0-9a-v], using a
regular expression. Reboot the system with the new kernel and you are
ready to go.Why can I not create the snd0 device?There is no snd device. The name
is used as a shorthand for the various devices that make up the
FreeBSD sound driver, such as mixer,
sequencer, and
dsp.To create these devices you should&prompt.root; cd /dev
&prompt.root; sh MAKEDEV snd0You can omit this step if you are running FreeBSD
5.0-RELEASE or newer with &man.devfs.5;
enabled.How do I re-read /etc/rc.conf and
re-start /etc/rc without a
reboot?Go into single user mode and then back to multi user
mode.On the console do:&prompt.root; shutdown now
(Note: without -r or -h)
&prompt.root; return
&prompt.root; exitI tried to update my system to the latest -STABLE, but
got -RC or -PRERELEASE! What is going on?Short answer: it is just a name. RC stands for
Release Candidate. It signifies that a
release is imminent. In FreeBSD, -PRERELEASE is typically
synonymous with the code freeze before a release. (For
some releases, the -BETA label was used in the same way as
-PRERELEASE.)Long answer: FreeBSD derives its releases from one of
two places. Major, dot-zero, releases, such as
3.0-RELEASE and 4.0-RELEASE, are branched from the head of
the development stream, commonly referred to as -CURRENT. Minor releases, such
as 3.1-RELEASE or 4.2-RELEASE, have been snapshots of the active
-STABLE branch. Starting with
4.3-RELEASE, each release also now has its own branch which can be
tracked by people requiring an extremely conservative rate
of development (typically only security advisories).When a release is about to be made, the branch from
which it will be derived from has to undergo a certain
process. Part of this process is a code freeze. When a
code freeze is initiated, the name of the branch is
changed to reflect that it is about to become a release.
For example, if the branch used to be called 4.5-STABLE,
its name will be changed to 4.6-PRERELEASE to signify the
code freeze and signify that extra pre-release testing
should be happening. Bug fixes can still be committed to
be part of the release. When the source code is in shape
for the release the name will be changed to 4.6-RC to
signify that a release is about to be made from it. Once
in the RC stage, only the most critical bugs found can be
fixed. Once the release (4.6-RELEASE in this example) and
release branch have been made, the branch will be renamed
to 4.6-STABLE.For more information on version numbers and the
various CVS branches, refer to the
Release
Engineering article.I tried to install a new kernel, and the chflags
failed. How do I get around this?Short answer: You are probably at security level
greater than 0. Reboot directly to single user mode to
install the kernel.Long answer: FreeBSD disallows changing system flags
at security levels greater than 0. You can check your
security level with the command:&prompt.root; sysctl kern.securelevelYou cannot lower the security level; you have to boot to
single mode to install the kernel, or change the security
level in /etc/rc.conf then reboot. See
the &man.init.8; manual page for details on securelevel, and see
/etc/defaults/rc.conf and the
&man.rc.conf.5; manual page for more information on
rc.conf.I cannot change the time on my system by more than one second!
How do I get around this?Short answer: You are probably at security level
greater than 1. Reboot directly to single user mode to
change the date.Long answer: FreeBSD disallows changing the time by
more that one second at security levels greater than 1. You
can check your security level with the command:&prompt.root; sysctl kern.securelevelYou cannot lower the security level; you have to boot
to single mode to change the date, or change the security
level in /etc/rc.conf then
reboot. See the &man.init.8; manual page for details on
securelevel, and see
/etc/defaults/rc.conf and the
&man.rc.conf.5; manual page for more information on
rc.conf.Why is rpc.statd using 256 megabytes of
memory?No, there is no memory leak, and it is not using 256 Mbytes
of memory. It simply likes to (i.e., always does) map an
obscene amount of memory into its address space for convenience.
There is nothing terribly wrong with this from a technical
standpoint; it just throws off things like &man.top.1; and
&man.ps.1;.&man.rpc.statd.8; maps its status file (resident on
/var) into its address space; to save
worrying about remapping it later when it needs to grow, it maps
it with a generous size. This is very evident from the source
code, where one can see that the length argument to &man.mmap.2;
is 0x10000000, or one sixteenth of the
address space on an IA32, or exactly 256MB.Why can I not unset the schg file
flag?You are running at an elevated (i.e., greater than 0)
securelevel. Lower the securelevel and try again. For more
information, see the FAQ entry on
securelevel and the &man.init.8; manual page.Why does SSH authentication through
.shosts not work by default in recent
versions of FreeBSD?The reason why .shosts
authentication does not work by default in more recent
versions of FreeBSD is because &man.ssh.1;
is not installed suid root by default. To
fix this, you can do one of the
following:As a permanent fix, set
ENABLE_SUID_SSH to true
in /etc/make.conf and rebuild ssh
(or run make world).As a temporary fix, change the mode on
/usr/bin/ssh to 4555
by running chmod 4555 /usr/bin/ssh as
root. Then add
ENABLE_SUID_SSH= true to
/etc/make.conf so the change takes
effect the next time make world is
run.What is vnlru?vnlru flushes and frees vnodes when
the system hits the kern.maxvnodes
limit. This kernel thread sits mostly idle, and only
activates if you have a huge amount of RAM and are
accessing tens of thousands of tiny files.What do the various memory states displayed by
top mean?Active: pages recently
statistically used.Inactive: pages
recently statistically unused.Cache: (most often)
pages that have percolated from inactive to a status
where they maintain their data, but can often be
immediately reused (either with their old association,
or reused with a new association.) There can be certain
immediate transition from active to 'cache' state if the
page is known to be clean (unmodified), but that
transition is a matter of policy, depending upon the
algorithm choice of the VM system
maintainer.Free: pages without
data content, and can be immediately used in certain
circumstances where cache pages might be ineligible.
Free pages can be reused at interrupt or process
state.Wired: pages that are
fixed into memory, usually for kernel purposes, but also
sometimes for special use in
processes.Pages are most often written to disk (sort of a VM
sync) when they are in the 'inactive' state, but 'active'
pages can also be synced (but requires the
availability of certain CPU features.) This depends upon
the CPU tracking of the 'modified' bit being available,
and in certain situations there can be an advantage for a
block of VM pages to be synced, whether they are active or
inactive. In most common cases, it is best to think of
the 'inactive' queue to be a queue of relatively unused
pages that might or might not be in the process of being
written to disk. 'Cached' pages are already 'synced', not
mapped, but available for immediate process use with their
old association or with a new association. Free pages are
available at interrupt level, but cached or free pages can
be used at process state for reuse. Cache pages aren't
adequately locked to be available at interrupt
level.There are some other flags (e.g. Busy flag or busy
count) that might modify some of the rules that I
described.How much free memory is available?There are a couple of kinds of free
memory. One kind is the amount of memory
immediately available without paging anything else out.
That is approximately the size of cache queue + size of
free queue (with a derating factor, depending upon system
tuning.) Another kind of free memory is
the total amount of VM space. That can
be complex, but is dependent upon the amount of swap space
and memory. Other kinds of free memory
descriptions are also possible, but it is relatively
useless to define these, but rather it is important to
make sure that the paging rate is kept low, and to avoid
running out of swap space.What is /var/empty? I can not
delete it!/var/empty is a directory that the
&man.sshd.8; program uses when performing privilege separation.
The /var/empty directory is empty, owned by
root and has the schg
flag set.Although it is not recommended to delete this directory, to
do so you will need to unset the schg flag
first. See the &man.chflags.1; manual page for more information
(and bear in mind the answer to
the question on unsetting the schg flag).
The X Window System and Virtual ConsolesWhat is the X Window System?The X Window System is the most widely available windowing system
capable of running on &unix; or &unix; like systems, including
&os;. X.org administers
the X protocol
standards. The current release of the specification
is 11.6, so you will often see references shortened to
X11R6 or even just X11.
Many implementations are available for different
architectures and operating systems. For instance, an
implementation of the server-side code is properly known
as an X server.Which X servers are available for &os;?In the past, if you wanted to run X on &os;, you were
basically restricted to running an X implementation called
&xfree86; which is maintained by
The XFree86 Project,
Inc. This software was installed by default on
&os; versions up until 4.10 and 5.2. Although X.org
itself maintained an implementation during that time
period, it was basically only provided as a reference
platform, as it had suffered greatly from bitrot over
the years.However, early in 2004, the XFree86 Project split
over issues including the pace of code changes, future
directions, and a licensing change. X.org updated its
source tree to the last &xfree86; release before the
licensing change (XFree86 version 4.3.99.903), incorporated
many changes that had previously been maintained separately,
and has released that software as X11R6.7.0. A separate but
related project,
freedesktop.org (or fd.o for short),
is working on rearchitecting the original &xfree86; code to
reflect modern graphics card technology (with the goal of
greatly increased performance) and modern software practices
(with the goal of incresed maintainability, and thus faster
releases as well as easier configuration). X.org intends to
incorporate the freedesktop.org changes in its future releases.The current technology roadmap for &os; includes
replacing &xfree86; with freedesktop.org as the default server sometime
later in 2004 under the assumption that the pace of its
development will more closely match that of &os; itself.
The &xfree86; ports
(x11/XFree86-4 and
subports) will remain in the ports collection and be supported
as developer interest permits.It is not currently
possible to mix-and-match pieces of each implementation;
work is under way to correct this problem.The following paragraphs refer to the existing
&xfree86; implementation, but most should also be applicable
to the freedesktop.org implementation as well. While the default
configuration filename for the freedesktop.org implementation is
xorg.conf, it will search for
XF86Config if it cannot find it.I want to run X, how do I go about it?The easiest way is to simply specify that you want to
run X during the installation process.Then read and follow the documentation on the
xf86config tool, which assists you in
configuring &xfree86; for your particular graphics
card/mouse/etc.You may also wish to investigate the Xaccel server.
See the section on Xi Graphics or
Metro Link for more details.I tried to run X, but I get an
KDENABIO failed (Operation not permitted)
error when I type startx. What do I do
now?Your system is probably running at a raised securelevel.
It is not possible to start X at a raised
securelevel. To see why, look at the &man.init.8; manual
page.So the question is what else you should do instead,
and you basically have two choices: set your securelevel
back down to zero (usually from /etc/rc.conf),
or run &man.xdm.1; at boot time (before the securelevel is
raised).See for more information about
running &man.xdm.1; at boot time.Why does my mouse not work with X?If you are using syscons (the default console driver),
you can configure FreeBSD to support a mouse pointer on each
virtual screen. In order to avoid conflicting with X, syscons
supports a virtual device called
/dev/sysmouse. All mouse events received
from the real mouse device are written to the sysmouse device
via moused. If you wish to use your mouse on one or more
virtual consoles, and use X, see
and set up
moused.Then edit /etc/XF86Config and make
sure you have the following lines.Section Pointer
Protocol "SysMouse"
Device "/dev/sysmouse"
.....The above example is for &xfree86; 3.3.2 or later. For
earlier versions, the Protocol should be
MouseSystems.Some people prefer to use
/dev/mouse under X. To make this
work, /dev/mouse should be linked
to /dev/sysmouse (see
&man.sysmouse.4;):&prompt.root; cd /dev
&prompt.root; rm -f mouse
&prompt.root; ln -s sysmouse mouseMy mouse has a fancy wheel. Can I use it in X?Yes. But you need to customize X client programs. See
Colas Nahaboo's web page
(http://www.inria.fr/koala/colas/mouse-wheel-scroll/)
.If you want to use the imwheel
program, just follow these simple steps.Translate the Wheel EventsThe imwheel program
works by translating mouse button 4 and mouse button 5
events into key events. Thus, you have to get the
mouse driver to translate mouse wheel events to button
4 and 5 events. There are two ways of doing this, the
first way is to have &man.moused.8; do the
translation. The second way is for the X server
itself to do the event translation.Using &man.moused.8; to Translate Wheel
EventsTo have &man.moused.8; perform the event
translations, simply add to
the command line used to start &man.moused.8;.
For example, if you normally start &man.moused.8;
via moused -p /dev/psm0 you
would start it by entering moused -p
/dev/psm0 -z 4 instead. If you start
&man.moused.8; automatically during bootup via
/etc/rc.conf, you can simply
add to the
moused_flags variable in
/etc/rc.conf.You now need to tell X that you have a 5
button mouse. To do this, simply add the line
Buttons 5 to the
Pointer section of
/etc/XF86Config. For
example, you might have the following
Pointer section in
/etc/XF86Config.Pointer Section for Wheeled
Mouse in &xfree86; 3.3.x series XF86Config with moused
TranslationSection "Pointer"
Protocol "SysMouse"
Device "/dev/sysmouse"
Buttons 5
EndSectionInputDevice Section for Wheeled
Mouse in &xfree86; 4.x series XF86Config with X Server
TranslationSection "InputDevice"
Identifier "Mouse1"
Driver "mouse"
Option "Protocol" "auto"
Option "Device" "/dev/sysmouse"
Option "Buttons" "5"
EndSection.emacs example for naive
page scrolling with Wheeled Mouse;; wheel mouse
(global-set-key [mouse-4] 'scroll-down)
(global-set-key [mouse-5] 'scroll-up)Using Your X Server to Translate the Wheel
EventsIf you are not running &man.moused.8;, or if
you do not want &man.moused.8; to translate your
wheel events, you can have the X server do the
event translation instead. This requires a couple
of modifications to your
/etc/XF86Config file. First,
you need to choose the proper protocol for your
mouse. Most wheeled mice use the
&intellimouse; protocol. However,
&xfree86; does support other protocols, such as
MouseManPlusPS/2 for the Logitech
MouseMan+ mice. Once you have chosen the protocol
you will use, you need to add a
Protocol line to the
Pointer section.Secondly, you need to tell the X server to
remap wheel scroll events to mouse buttons 4 and
5. This is done with the
ZAxisMapping option.For example, if you are not using
&man.moused.8;, and you have an &intellimouse;
attached to the PS/2 mouse port you would use
the following in
/etc/XF86Config.Pointer Section for Wheeled
Mouse in XF86Config with X
Server TranslationSection "Pointer"
Protocol "IntelliMouse"
Device "/dev/psm0"
ZAxisMapping 4 5
EndSectionInputDevice Section for Wheeled
Mouse in &xfree86; 4.x series XF86Config with X Server
TranslationSection "InputDevice"
Identifier "Mouse1"
Driver "mouse"
Option "Protocol" "auto"
Option "Device" "/dev/psm0"
Option "ZAxisMapping" "4 5"
EndSection.emacs example for naive
page scrolling with Wheeled Mouse;; wheel mouse
(global-set-key [mouse-4] 'scroll-down)
(global-set-key [mouse-5] 'scroll-up)Install imwheelNext, install imwheel
from the Ports collection. It can be found in the
x11 category. This program will
map the wheel events from your mouse into keyboard
events. For example, it might send Page
Up to a program when you scroll the wheel
forwards. Imwheel uses a
configuration file to map the wheel events to
key presses so that it can send different keys to
different applications. The default
imwheel configuration file
is installed in
/usr/X11R6/etc/imwheelrc. You
can copy it to ~/.imwheelrc and
then edit it if you wish to customize
imwheel's configuration.
The format of the configuration file is documented in
&man.imwheel.1;.Configure Emacs to Work
with Imwheel
(optional)If you use emacs or
XEmacs, then you need to
add a small section to your
~/.emacs file. For
emacs, add the
following:Emacs Configuration
for Imwheel;;; For imwheel
(setq imwheel-scroll-interval 3)
(defun imwheel-scroll-down-some-lines ()
(interactive)
(scroll-down imwheel-scroll-interval))
(defun imwheel-scroll-up-some-lines ()
(interactive)
(scroll-up imwheel-scroll-interval))
(global-set-key [?\M-\C-\)] 'imwheel-scroll-up-some-lines)
(global-set-key [?\M-\C-\(] 'imwheel-scroll-down-some-lines)
;;; end imwheel sectionFor XEmacs, add the
following to your ~/.emacs file
instead:XEmacs Configuration
for Imwheel;;; For imwheel
(mwheel-install)
(setq mwheel-follow-mouse t)
;;; end imwheel sectionRun ImwheelYou can just type imwheel
in an xterm to start it up once it is installed. It
will background itself and take effect immediately.
If you want to always use
imwheel, simply add it to
your .xinitrc or
.xsession file. You can safely
ignore any warnings imwheel
displays about PID files. Those warnings only apply
to the &linux; version of
imwheel.How do I use remote X displays?For security reasons, the default setting is to not allow a
machine to remotely open a window.To enable this feature, simply start
X with the optional
argument:&prompt.user; startx
-listen_tcpWhy do X Window menus and dialog boxes not work
right?Try turning off the Num Lock key.If your Num Lock key is on by default
at boot-time, you may add the following line in the
Keyboard section of the
XF86Config file.# Let the server do the NumLock processing. This should only be
# required when using pre-R6 clients
ServerNumLockWhat is a virtual console and how do I make more?Virtual consoles, put simply, enable you to have several
simultaneous sessions on the same machine without doing anything
complicated like setting up a network or running X.When the system starts, it will display a login prompt on
the monitor after displaying all the boot messages. You can
then type in your login name and password and start working (or
playing!) on the first virtual console.At some point, you will probably wish to start another
session, perhaps to look at documentation for a program
you are running or to read your mail while waiting for an
FTP transfer to finish. Just do AltF2
(hold down the Alt key and press the
F2 key), and you will find a login prompt
waiting for you on the second virtual
console! When you want to go back to the original
session, do AltF1.The default FreeBSD installation has three virtual
consoles enabled (8 starting with 3.3-RELEASE), and
AltF1,
AltF2,
and AltF3
will switch between these virtual consoles.To enable more of them, edit
/etc/ttys (see &man.ttys.5;)
and add entries for ttyv4
to ttyvc after the comment on
Virtual terminals:# Edit the existing entry for ttyv3 in /etc/ttys and change
# "off" to "on".
ttyv3 "/usr/libexec/getty Pc" cons25 on secure
ttyv4 "/usr/libexec/getty Pc" cons25 on secure
ttyv5 "/usr/libexec/getty Pc" cons25 on secure
ttyv6 "/usr/libexec/getty Pc" cons25 on secure
ttyv7 "/usr/libexec/getty Pc" cons25 on secure
ttyv8 "/usr/libexec/getty Pc" cons25 on secure
ttyv9 "/usr/libexec/getty Pc" cons25 on secure
ttyva "/usr/libexec/getty Pc" cons25 on secure
ttyvb "/usr/libexec/getty Pc" cons25 on secureUse as many or as few as you want. The more virtual
terminals you have, the more resources that are used; this
can be important if you have 8MB RAM or less. You may also
want to change the secure
to insecure.If you want to run an X server you
must leave at least one virtual
terminal unused (or turned off) for it to use. That is to
say that if you want to have a login prompt pop up for all
twelve of your Alt-function keys, you are out of luck - you
can only do this for eleven of them if you also want to run
an X server on the same machine.The easiest way to disable a console is by turning it off.
For example, if you had the full 12 terminal allocation
mentioned above and you wanted to run X, you would change
settings for virtual terminal 12 from:ttyvb "/usr/libexec/getty Pc" cons25 on secureto:ttyvb "/usr/libexec/getty Pc" cons25 off secureIf your keyboard has only ten function keys, you would
end up with:ttyv9 "/usr/libexec/getty Pc" cons25 off secure
ttyva "/usr/libexec/getty Pc" cons25 off secure
ttyvb "/usr/libexec/getty Pc" cons25 off secure(You could also just delete these lines.)Once you have edited /etc/ttys,
the next step is to make sure that you have enough virtual
terminal devices. The easiest way to do this is:&prompt.root; cd /dev
&prompt.root; sh MAKEDEV vty12On FreeBSD 5.X you do not have to create devices
manually if you are using DEVFS,
since the proper device nodes will be automatically
created under /dev.Next, the easiest (and cleanest) way to activate the
virtual consoles is to reboot. However, if you really do not
want to reboot, you can just shut down the X Window system
and execute (as root):&prompt.root; kill -HUP 1It is imperative that you completely shut down X Window if
it is running, before running this command. If you do not,
your system will probably appear to hang/lock up after
executing the kill command.How do I access the virtual consoles from X?Use CtrlAltFn to switch back to a virtual console.
CtrlAltF1 would return you to the first virtual console.Once you are back to a text console, you can then use
AltFn as normal to move between them.To return to the X session, you must switch to the
virtual console running X. If you invoked X from the
command line, (e.g., using startx) then
the X session will attach to the next unused virtual
console, not the text console from which it was invoked.
If you have eight active virtual terminals then X will be
running on the ninth, and you would use
AltF9 to return.How do I start XDM on boot?There are two schools of thought on how to start
xdm. One school starts xdm from
/etc/ttys (see &man.ttys.5;) using
the supplied example, while the other simply runs xdm from
rc.local (see &man.rc.8;) or from a
X.sh script in
/usr/local/etc/rc.d. Both are equally
valid, and one may work in situations where the other does
not. In both cases the result is the same: X will pop up
a graphical login: prompt.The ttys method has the advantage of documenting which
vty X will start on and passing the responsibility of
restarting the X server on logout to init. The rc.local
method makes it easy to kill xdm if there is a problem
starting the X server.If loaded from rc.local, xdm should
be started without any arguments (i.e., as a daemon). xdm must
start AFTER getty runs, or else getty and xdm will conflict,
locking out the console. The best way around this is to have
the script sleep 10 seconds or so then launch xdm.If you are to start xdm from
/etc/ttys, there still is a chance of
conflict between xdm and
&man.getty.8;. One way to avoid this is to add the
vt number in the
/usr/X11R6/lib/X11/xdm/Xservers
file.:0 local /usr/X11R6/bin/X vt4The above example will direct the X server to run in
/dev/ttyv3. Note the number is offset by
one. The X server counts the vty from one, whereas the FreeBSD
kernel numbers the vty from zero.Why do I get Couldn't open console
when I run xconsole?If you start X
with
startx, the permissions on
/dev/console will
not get changed, resulting in
things like
xterm -C and
xconsole not working.This is because of the way console permissions are set
by default. On a multi-user system, one does not necessarily
want just any user to be able to write on the system console.
For users who are logging directly onto a machine with a VTY,
the &man.fbtab.5;
file exists to solve such problems.In a nutshell, make sure an uncommented line of the
form/dev/ttyv0 0600 /dev/consoleis in /etc/fbtab (see
&man.fbtab.5;) and it will ensure that whomever logs in on
/dev/ttyv0 will own the
console.Before, I was able to run &xfree86; as a regular user. Why does
it now say that I must be root?All X servers need to be run as
root in order to get direct access to
your video hardware. Older versions of &xfree86; (<=
3.3.6) installed all bundled servers to be automatically
run as root (setuid to
root). This is obviously a security
hazard because X servers are large, complicated programs.
Newer versions of &xfree86; do not install the servers
setuid to root for just this
reason.Obviously, running an X server as the
root user is not acceptable, nor a
good idea security-wise. There are two ways to be able to
use X as a regular user. The first is to use
xdm or another display manager (e.g.,
kdm); the second is to use the
Xwrapper.xdm is a daemon that handles graphical
logins. It is usually started at boot time, and is responsible
for authenticating users and starting their sessions; it is
essentially the graphical counterpart of
&man.getty.8; and &man.login.1;. For
more information on xdm see
the &xfree86;
documentation, and the the FAQ
entry on it.Xwrapper is the X server wrapper; it is
a small utility to enable one to manually run an X server while
maintaining reasonable safety. It performs some sanity checks
on the command line arguments given, and if they pass, runs the
appropriate X server. If you do not want to run a display
manger for whatever reason, this is for you. If you have
installed the complete ports collection, you can find the port in
/usr/ports/x11/wrapper.Why does my PS/2 mouse misbehave under X?Your mouse and the mouse driver may have somewhat become
out of synchronization.
In rare cases the driver may erroneously report
synchronization problem and you may see the kernel
message:psmintr: out of sync (xxxx != yyyy)and notice that your mouse does not work properly.If this happens, disable the synchronization check code
by setting the driver flags for the PS/2 mouse driver to 0x100.
Enter UserConfig by giving the
option at the boot prompt:boot: -cThen, in the UserConfig command
line, type:UserConfig> flags psm0 0x100
UserConfig> quitWhy does my PS/2 mouse from MouseSystems not
work?There have been some reports that certain model of PS/2
mouse from MouseSystems works only if it is put into the
high resolution mode. Otherwise, the mouse
cursor may jump to the upper-left corner of the screen every
so often.Specify the flags 0x04 to the PS/2 mouse driver to put
the mouse into the high resolution mode. Enter
UserConfig by giving the
option at the boot prompt:boot: -cThen, in the UserConfig command line,
type:UserConfig> flags psm0 0x04
UserConfig> quitSee the previous section for another possible cause of mouse
problems.When building an X app, imake cannot
find Imake.tmpl. Where is it?Imake.tmpl is part of the Imake
package, a standard X application building tool.
Imake.tmpl, as well as several header
files that are required to build X apps, is contained in
the X prog distribution. You can install this from
sysinstall or manually from the X distribution
files.An X app I am building depends on &xfree86; 3.3.X, but I
have &xfree86; 4.X installed. What should I do?To tell the port build to link to the &xfree86; 4.X libraries,
add the following to /etc/make.conf, (if you
do not have this file, create it):XFREE86_VERSION= 4How do I reverse the mouse buttons?Run the command
xmodmap -e "pointer = 3 2 1" from your
.xinitrc or .xsession.How do I install a splash screen and where do I find
them?Just prior to the release of FreeBSD 3.1, a new
feature was added to allow the display of
splash screens during the boot
messages. The splash screens currently must be a 256 color
bitmap (*.BMP) or ZSoft PCX
(*.PCX) file. In addition, they must
have a resolution of 320x200 or less to work on standard
VGA adapters. If you compile VESA support into your
kernel, then you can use larger bitmaps up to 1024x768.
The actual VESA support can either be compiled directly
into the kernel with the VESA kernel
config option or by loading the VESA kld module during
bootup.To use a splash screen, you need to modify the startup
files that control the boot process for FreeBSD. The files for
this changed prior to the release of FreeBSD 3.2, so there are
now two ways of loading a splash screen:FreeBSD 3.1The first step is to find a bitmap version of your
splash screen. Release 3.1 only supports &windows; bitmap
splash screens. Once you have found your splash screen of
choice copy it to /boot/splash.bmp.
Next, you need to have a
/boot/loader.rc file that contains
the following lines:load kernel
load -t splash_image_data /boot/splash.bmp
load splash_bmp
autobootFreeBSD 3.2+In addition to adding support for PCX splash screens,
FreeBSD 3.2 includes a nicer way of configuring the boot
process. If you wish, you can use the method listed above
for FreeBSD 3.1. If you do and you want to use PCX,
replace splash_bmp with
splash_pcx. If, on the other hand, you
want to use the newer boot configuration, you need to
create a /boot/loader.rc file that
contains the following lines:include /boot/loader.4th
startand a /boot/loader.conf that
contains the following:splash_bmp_load="YES"
bitmap_load="YES"This assumes you are using
/boot/splash.bmp for your splash
screen. If you would rather use a PCX file, copy it to
/boot/splash.pcx, create a
/boot/loader.rc as instructed
above, and create a
/boot/loader.conf that
contains:splash_pcx_load="YES"
bitmap_load="YES"
bitmap_name="/boot/splash.pcx"Now all you need is a splash screen. For that you can
surf on over to the gallery at
.Can I use the &windows;
keys on my keyboard in X?Yes. All you need to do is use &man.xmodmap.1; to define
what function you wish them to perform.Assuming all &windows; keyboards
are standard then the keycodes for the 3 keys are115 - &windows; key, between
the left-hand Ctrl and Alt keys116 - &windows; key, to the
right of the AltGr key117 - Menu key, to the left of
the right-hand Ctrl keyTo have the left &windows; key print a comma,
try this.&prompt.root; xmodmap -e "keycode 115 = comma"You will probably have to re-start your window manager
to see the result.To have the &windows;
key-mappings enabled automatically every time you start X either
put the xmodmap commands in your
~/.xinitrc file or, preferably, create a file
~/.xmodmaprc and include the
xmodmap options, one per line, then add the
linexmodmap $HOME/.xmodmaprcto your ~/.xinitrc.For example, you could map the 3 keys to be
F13, F14, and
F15, respectively. This would make it
easy to map them to useful functions within applications
or your window manager, as demonstrated further
down.To do this put the following in
~/.xmodmaprc.keycode 115 = F13
keycode 116 = F14
keycode 117 = F15If you use fvwm2, for example, you
could map the keys so that F13 iconifies
(or de-iconifies) the window the cursor is in,
F14 brings the window the cursor is in to
the front or, if it is already at the front, pushes it to
the back, and F15 pops up the main
Workplace (application) menu even if the cursor is not on
the desktop, which is useful if you do not have any part
of the desktop visible (and the logo on the key matches
its functionality).The following entries in
~/.fvwmrc implement the
aforementioned setup:Key F13 FTIWS A Iconify
Key F14 FTIWS A RaiseLower
Key F15 A A Menu Workplace NopHow can I get 3D hardware acceleration for
&opengl;?The availability of 3D acceleration depends on the
version of &xfree86; you are using and the type of video chip
you have. If you have an NVIDIA chip, you can use the binary
drivers provided for FreeBSD 4.7 on the
Drivers section of their website. For other cards
with &xfree86;-4, including the Matrox G200/G400, ATI Rage
128/Radeon, and 3dfx Voodoo 3, 4, 5, and Banshee,
information on hardware acceleration is available on the
XFree86-4
Direct Rendering on FreeBSD page. Users of
&xfree86; version 3.3 can use the Utah-GLX port found in
graphics/utah-glx to
get limited accelerated &opengl; on the Matrox Gx00, ATI
Rage Pro, SiS 6326, i810, Savage, and older NVIDIA
chips.NetworkingWhere can I get information on
diskless booting?Diskless booting means that the FreeBSD
box is booted over a network, and reads the necessary files
from a server instead of its hard disk. For full details,
please read the
Handbook entry on diskless bootingCan a FreeBSD box be used as a dedicated network
router?Yes. Please see the Handbook entry on advanced
networking, specifically the section on routing
and gateways.Can I connect my &windows; box to the Internet via
FreeBSD?Typically, people who ask this question have two PC's
at home, one with FreeBSD and one with some version of
&windows; the idea is to use the FreeBSD box to connect to
the Internet and then be able to access the Internet from
the &windows; box through the FreeBSD box. This is really
just a special case of the previous question and works
perfectly well.If you're using dialup to connect to the Internet
user-mode &man.ppp.8; contains a
option. If you run &man.ppp.8; with the
option, set
gateway_enable to
YES in
/etc/rc.conf, and configure your
&windows; machine correctly, this should work fine. For more
information, please see the &man.ppp.8; manual page or the
Handbook entry on
user PPP.If you are using kernel-mode PPP or have an Ethernet
connection to the Internet, you need to use
&man.natd.8;. Please look at the natd section
of the Handbook for a tutorial.Does FreeBSD support SLIP and PPP?Yes. See the manual pages for &man.slattach.8;,
&man.sliplogin.8;, &man.ppp.8;, and &man.pppd.8;. &man.ppp.8;
and &man.pppd.8; provide support for both incoming and outgoing
connections, while &man.sliplogin.8; deals exclusively with
incoming connections, and &man.slattach.8; deals exclusively
with outgoing connections.For more information on how to use these, please see the
Handbook chapter on
PPP and SLIP.If you only have access to the Internet through a
shell account, you may want to have a look
at the net/slirp
package. It can provide you with (limited) access to
services such as ftp and http direct from your local
machine.Does FreeBSD support NAT or Masquerading?Yes. If you want to use NAT over a user PPP
connection, please see the Handbook entry on user
PPP. If you want to use NAT over some other sort
of network connection, please look at the natd section
of the Handbook.How do I connect two FreeBSD systems over a parallel line
using PLIP?Please see the PLIP
section of the Handbook.Why can I not create a /dev/ed0
device?Because they aren't necessary. In the Berkeley
networking framework, network interfaces are only directly
accessible by kernel code. Please see the
/etc/rc.network file and the manual
pages for the various network programs mentioned there for
more information. If this leaves you totally confused,
then you should pick up a book describing network
administration on another BSD-related operating system;
with few significant exceptions, administering networking
on FreeBSD is basically the same as on &sunos; 4.0 or
Ultrix.How can I set up Ethernet aliases?If the alias is on the same subnet as an address
already configured on the interface, then add
netmask 0xffffffff to your
&man.ifconfig.8; command-line, as in the following:&prompt.root; ifconfig ed0 alias 192.0.2.2 netmask 0xffffffffOtherwise, just specify the network address and
netmask as usual:&prompt.root; ifconfig ed0 alias 172.16.141.5 netmask 0xffffff00How do I get my 3C503 to use the other network
port?If you want to use the other ports, you will have to specify
an additional parameter on the
&man.ifconfig.8; command line. The default port is
link0. To use the AUI port instead of the
BNC one, use link2. These flags should be
specified using the ifconfig_* variables in
/etc/rc.conf (see &man.rc.conf.5;).Why am I having trouble with NFS and FreeBSD?Certain PC network cards are better than others (to put
it mildly) and can sometimes cause problems with network
intensive applications like NFS.See
the Handbook entry on NFS for more information on
this topic.Why can I not NFS-mount from a &linux; box?Some versions of the &linux; NFS code only accept mount
requests from a privileged port; try&prompt.root; mount -o -P linuxbox:/blah /mntWhy can I not NFS-mount from a Sun box?&sun; workstations running &sunos; 4.X only accept mount
requests from a privileged port; try&prompt.root; mount -o -P sunbox:/blah /mntWhy does mountd keep telling me it
can't change attributes and that I have a
bad exports list on my FreeBSD NFS
server?The most frequent problem is not understanding the
correct format of /etc/exports.
Please review &man.exports.5; and the NFS entry in the
Handbook, especially the section on configuring
NFS.Why am I having problems talking PPP to NeXTStep
machines?Try disabling the TCP extensions in
/etc/rc.conf (see &man.rc.conf.5;) by
changing the following variable to NO:tcp_extensions=NOXylogic's Annex boxes are also broken in this regard
and you must use the above change to connect through
them.How do I enable IP multicast support?FreeBSD supports multicast host operations by
default. If you want your box to run as a multicast
router, you need to recompile your kernel with the
MROUTING option and run
&man.mrouted.8;. FreeBSD will start &man.mrouted.8; at
boot time if the flag mrouted_enable is
set to "YES" in
/etc/rc.conf.MBONE tools are available in their own ports category,
mbone.
If you are looking for the conference tools
vic and vat, look
there!Which network cards are based on the DEC PCI
chipset?Here is a list compiled by Glen Foster
gfoster@driver.nsta.org,
with some more modern additions:
Network cards based on the DEC PCI chipsetVendorModelASUSPCI-L101-TBAcctonENI1203CogentEM960PCICompexENET32-PCID-LinkDE-530DaynaDP1203, DP2100DECDE435, DE450DanpexEN-9400P3JCISCondor JC1260LinksysEtherPCIMylexLNP101SMCEtherPower 10/100 (Model 9332)SMCEtherPower (Model 8432)TopWareTE-3500PZnyx (2.2.x)ZX312, ZX314, ZX342, ZX345, ZX346, ZX348Znyx (3.x)ZX345Q, ZX346Q, ZX348Q, ZX412Q, ZX414, ZX442, ZX444,
ZX474, ZX478, ZX212, ZX214 (10mbps/hd)
Why do I have to use the FQDN for hosts on my
site?You will probably find that the host is actually in a
different domain; for example, if you are in foo.example.org and
you wish to reach a host called mumble in the
example.org domain, you will
have to refer to it by the fully-qualified domain name, mumble.example.org, instead of just
mumble.Traditionally, this was allowed by BSD BIND resolvers.
However the current version of
bind (see &man.named.8;)
that ships with FreeBSD no longer provides default
abbreviations for non-fully qualified domain names other than
the domain you are in. So an unqualified host
mumble must either be found as mumble.foo.example.org, or it will be searched
for in the root domain.This is different from the previous behavior, where the
search continued across
mumble.example.org, and
mumble.edu. Have a look at
RFC 1535 for why this was considered bad practice, or even a
security hole.As a good workaround, you can place the linesearch foo.example.org example.orginstead of the previousdomain foo.example.orginto your /etc/resolv.conf file
(see &man.resolv.conf.5;). However, make sure that the
search order does not go beyond the boundary
between local and public administration, as RFC
1535 calls it.Why do I get an error, Permission
denied, for all networking operations?If you have compiled your kernel with the
IPFIREWALL option, you need to be aware
that the default policy is to deny all packets that are
not explicitly allowed.If you had unintentionally misconfigured your system
for firewalling, you can restore network operability by
typing the following while logged in as
root:&prompt.root; ipfw add 65534 allow all from any to anyYou can also set
firewall_type="open" in
/etc/rc.conf.For further information on configuring a FreeBSD
firewall, see the
Handbook section.How much overhead does IPFW incur?Please see the Handbook's Firewalls
section, specifically the section on IPFW
Overhead & Optimization.Why is my ipfwfwd rule
to redirect a service to another machine not working?Possibly because you want to do network address translation
(NAT) and not just forward packets. A fwd rule
does exactly what it says; it forwards packets. It does not
actually change the data inside the packet. Say we have a rule
like:01000 fwd 10.0.0.1 from any to foo 21When a packet with a destination address of
foo arrives at the machine with this
rule, the packet is forwarded to
10.0.0.1, but it still has the
destination address of foo! The
destination address of the packet is not
changed to 10.0.0.1. Most machines
would probably drop a packet that they receive with a
destination address that is not their own. Therefore, using a
fwd rule does not often work the way the user
expects. This behavior is a feature and not a bug.See the FAQ about
redirecting services, the &man.natd.8; manual, or one of
the several port redirecting utilities in the ports collection for a correct way to do
+ url="&url.base;/ports/index.html">ports collection for a correct way to do
this.How can I redirect service requests from one machine to
another?You can redirect FTP (and other service) request with
the socket package, available in the ports
tree in category sysutils. Simply replace the
service's command line to call socket instead, like so:ftp stream tcp nowait nobody /usr/local/bin/socket socket ftp.example.comftpwhere ftp.example.com and
ftp are the host and port to
redirect to, respectively.Where can I get a bandwidth management tool?There are three bandwidth management tools available for
FreeBSD. &man.dummynet.4; is integrated into FreeBSD (or more
specifically, &man.ipfw.4;); ALTQ
is available for free; Bandwidth Manager from Emerging Technologies is a
commercial product.Why do I get /dev/bpf0: device not
configured?You are running a program that requires the Berkeley
Packet Filter (&man.bpf.4;), but it is not in your kernel.
Add this to your kernel config file and build a new
kernel:pseudo-device bpf # Berkeley Packet FilterOn FreeBSD 4.X and earlier, you must also create the
device node. After rebooting, go to the
/dev directory and run:&prompt.root; sh MAKEDEV bpf0Please see the Handbook entry
on device nodes for more information on managing
devices.How do I mount a disk from a &windows; machine that is on my
network, like smbmount in &linux;?Use the SMBFS toolset. It
includes a set of kernel modifications and a set of
userland programs. The programs and information are
available as net/smbfs
in the ports collection, or in the base system as of
4.5-RELEASE and later.What are these messages about icmp-response
bandwidth limit 300/200 pps in my log
files?This is the kernel telling you that some activity is
provoking it to send more ICMP or TCP reset (RST)
responses than it thinks it should. ICMP responses are
often generated as a result of attempted connections to
unused UDP ports. TCP resets are generated as a result of
attempted connections to unopened TCP ports. Among
others, these are the kinds of activities which may cause
these messages:Brute-force denial of service (DoS) attacks (as
opposed to single-packet attacks which exploit a
specific vulnerability).Port scans which attempt to connect to a large
number of ports (as opposed to only trying a few
well-known ports).The first number in the message tells you how many
packets the kernel would have sent if the limit was not in
place, and the second number tells you the limit. You can
control the limit using the
net.inet.icmp.icmplim sysctl variable
like this, where 300 is the limit in
packets per second:&prompt.root; sysctl -w net.inet.icmp.icmplim=300If you do not want to see messages about this in your
log files, but you still want the kernel to do response
limiting, you can use the
net.inet.icmp.icmplim_output sysctl
variable to disable the output like this:&prompt.root; sysctl -w net.inet.icmp.icmplim_output=0Finally, if you want to disable response limiting, you
can set the net.inet.icmp.icmplim
sysctl variable (see above for an example) to
0. Disabling response limiting is
discouraged for the reasons listed above.What are these arp: unknown hardware
address format error messages?This means that some device on your local Ethernet is
using a MAC address in a format that FreeBSD does not
recognize. This is probably caused by someone
experimenting with an Ethernet card somewhere else on the
network. You will see this most commonly on cable modem
networks. It is harmless, and should not affect the
performance of your FreeBSD machine.I've just installed CVSup but trying to execute it
produces errors. What is wrong?First, see if the error message you are receiving is
like the one shown below./usr/libexec/ld-elf.so.1: Shared object "libXaw.so.6" not foundErrors like these are caused by installing the
net/cvsup port on a
machine which does not have the
&xfree86; suite. If you want to
use the GUI included with
CVSup you will need to install
&xfree86; now. Alternatively if
you just wish to use CVSup from
a command line you should delete the package previously
installed. Then install the net/cvsup-without-gui port. This
is covered in more detail in the CVSup
section of the Handbook.SecurityWhat is a sandbox?Sandbox is a security term. It can
mean two things:A process which is placed inside a set of virtual
walls that are designed to prevent someone who breaks
into the process from being able to break into the wider
system.The process is said to be able to
play inside the walls. That is,
nothing the process does in regards to executing code is
supposed to be able to breech the walls so you do not
have to do a detailed audit of its code to be able to
say certain things about its security.The walls might be a userid, for example. This is
the definition used in the security and named man
pages.Take the ntalk service, for
example (see /etc/inetd.conf). This service used to run
as userid root. Now it runs as userid
tty. The tty user
is a sandbox designed to make it more difficult for
someone who has successfully hacked into the system via
ntalk from being able to hack beyond that user id.A process which is placed inside a simulation of the
machine. This is more hard-core. Basically it means that
someone who is able to break into the process may believe
that he can break into the wider machine but is, in fact,
only breaking into a simulation of that machine and not
modifying any real data.The most common way to accomplish this is to build a
simulated environment in a subdirectory and then run the
processes in that directory chroot'd (i.e.
/ for that process is this
directory, not the real / of the
system).Another common use is to mount an underlying
filesystem read-only and then create a filesystem layer
on top of it that gives a process a seemingly writeable
view into that filesystem. The process may believe it is
able to write to those files, but only the process sees
the effects - other processes in the system do not,
necessarily.An attempt is made to make this sort of sandbox so
transparent that the user (or hacker) does not realize
that he is sitting in it.&unix; implements two core sandboxes. One is at the
process level, and one is at the userid level.Every &unix; process is completely firewalled off from every
other &unix; process. One process cannot modify the address
space of another. This is unlike &windows; where a process
can easily overwrite the address space of any other, leading
to a crash.A &unix; process is owned by a particular userid. If
the userid is not the root user, it
serves to firewall the process off from processes owned by
other users. The userid is also used to firewall off
on-disk data.What is securelevel?The securelevel is a security mechanism implemented in the
kernel. Basically, when the securelevel is positive, the
kernel restricts certain tasks; not even the superuser (i.e.,
root) is allowed to do them. At the time
of this writing, the securelevel mechanism is capable of, among
other things, limiting the ability to,unset certain file flags, such as
schg (the system immutable flag),write to kernel memory via
/dev/mem and
/dev/kmem,load kernel modules, andalter &man.ipfirewall.4; rules.To check the status of the securelevel on a running system,
simply execute the following command:&prompt.root; sysctl kern.securelevelThe output will contain the name of the &man.sysctl.8;
variable (in this case, kern.securelevel)
and a number. The latter is the current value of the
securelevel. If it is positive (i.e., greater than 0), at
least some of the securelevel's protections are enabled.You cannot lower the securelevel of a running system; being
able to do that would defeat its purpose. If you need to do a
task that requires that the securelevel be non-positive (e.g.,
an installworld or changing the date),
you will have to change the securelevel setting in
/etc/rc.conf (you want to look for the
kern_securelevel and
kern_securelevel_enable variables) and
reboot.For more information on securelevel and the specific things
all the levels do, please consult the &man.init.8; manual
page.Securelevel is not a silver bullet; it has many known
deficiencies. More often than not, it provides a false
sense of security.One of its biggest problems is that in order for it to
be at all effective, all files used in the boot process up
until the securelevel is set must be protected. If an
attacker can get the system to execute their code prior to
the securelevel being set (which happens quite late in the
boot process since some things the system must do at
start-up cannot be done at an elevated securelevel), its
protections are invalidated. While this task of protecting
all files used in the boot process is not technically
impossible, if it is achieved, system maintenance will
become a nightmare since one would have to take the system
down, at least to single-user mode, to modify a
configuration file.This point and others are often discussed on the
mailing lists, particularly the &a.security;. Please search
the archives here for an
+ url="&url.base;/search/index.html">here for an
extensive discussion. Some people are hopeful that
securelevel will soon go away in favor of a more
fine-grained mechanism, but things are still hazy in this
respect.Consider yourself warned.BIND (named) is listening on port 53 and
some other high-numbered port. What is going on?FreeBSD 3.0 and later use a version of BIND
that uses a random high-numbered port for outgoing queries. If
you want to use port 53 for outgoing queries, either to get
past a firewall or to make yourself feel better, you can try
the following in
/etc/namedb/named.conf:options {
query-source address * port 53;
};You can replace the * with a single IP
address if you want to tighten things further.Congratulations, by the way. It is good practice to read
your &man.sockstat.1; output and notice odd
things!Sendmail is listening on port 587 as well as the
standard port 25! What is going on?Recent versions of Sendmail support a
mail submission feature that runs over port 587. This is
not yet widely supported, but is growing in
popularity.What is this UID 0 toor account? Have I
been compromised?Do not worry. toor is an
alternative superuser account (toor is root
spelt backwards). Previously it was created when the
&man.bash.1; shell was installed but now it is created by
default. It is intended to be used with a non-standard shell so
you do not have to change root's default
shell. This is important as shells which are not part of the
base distribution (for example a shell installed from ports or
packages) are likely to be installed in
/usr/local/bin which, by default, resides
on a different filesystem. If root's shell
is located in /usr/local/bin and
/usr (or whatever filesystem contains
/usr/local/bin) is not mounted for some
reason, root will not be able to log in to
fix a problem (although if you reboot into single user mode
you will be prompted for the path to a shell).Some people use toor for
day-to-day root tasks with a
non-standard shell, leaving root,
with a standard shell, for single user mode or
emergencies. By default you cannot log in using
toor as it does not have a password,
so log in as root and set a password
for toor if you want to use
it.Why is suidperl not working
properly?For security reasons, suidperl is
installed without the suid bit by default. The system
administrator can enable suid behavior with the following
command.&prompt.root; chmod u+s /usr/bin/suidperlIf you want suidperl to be built
suid during upgrades from source, edit
/etc/make.conf and add
ENABLE_SUIDPERL=true before you run
make buildworld.PPPI cannot make &man.ppp.8; work. What am I doing wrong?You should first read the &man.ppp.8; manual page and
the
PPP section of the handbook. Enable logging with
the commandset log Phase Chat Connect Carrier lcp ipcp ccp commandThis command may be typed at the &man.ppp.8; command
prompt or it may be entered in the
/etc/ppp/ppp.conf configuration file
(the start of the default section is
the best place to put it). Make sure that
/etc/syslog.conf (see
&man.syslog.conf.5;) contains the lines!ppp
*.* /var/log/ppp.logand that the file /var/log/ppp.log
exists. You can now find out a lot about what is going on
from the log file. Do not worry if it does not all make sense.
If you need to get help from someone, it may make sense to
them.If your version of &man.ppp.8; does not understand the
set log command, you should download the
latest version. It will build on FreeBSD version
2.1.5 and higher.Why does &man.ppp.8; hang when I run it?This is usually because your hostname will not resolve.
The best way to fix this is to make sure that
/etc/hosts is consulted by your
resolver first by editing /etc/host.conf
and putting the hosts line first. Then,
simply put an entry in /etc/hosts for
your local machine. If you have no local network, change your
localhost line:127.0.0.1 foo.example.com foo localhostOtherwise, simply add another entry for your host.
Consult the relevant manual pages for more details.You should be able to successfully ping -c1
`hostname` when you are done.Why will &man.ppp.8; not dial in -auto
mode?First, check that you have got a default route. By
running netstat -rn (see
&man.netstat.1;), you should see two entries like
this:Destination Gateway Flags Refs Use Netif Expire
default 10.0.0.2 UGSc 0 0 tun0
10.0.0.2 10.0.0.1 UH 0 0 tun0This is assuming that you have used the addresses from the
handbook, the manual page or from the ppp.conf.sample file.
If you do not have a default route, it may be because you are
running an old version of &man.ppp.8;
that does not understand the word HISADDR
in the ppp.conf file. If your version of
&man.ppp.8; is from before FreeBSD
2.2.5, change theadd 0 0 HISADDRline to one sayingadd 0 0 10.0.0.2Another reason for the default route line being
missing is that you have mistakenly set up a default
router in your /etc/rc.conf (see
&man.rc.conf.5;) file (this file was called
/etc/sysconfig prior to release
2.2.2), and you have omitted the line sayingdelete ALLfrom ppp.conf. If this is the
case, go back to the Final
system configuration section of the
handbook.What does No route to host mean?This error is usually due to a missingMYADDR:
delete ALL
add 0 0 HISADDRsection in your /etc/ppp/ppp.linkup
file. This is only necessary if you have a dynamic IP address
or do not know the address of your gateway. If you are using
interactive mode, you can type the following after entering
packet mode (packet mode is
indicated by the capitalized PPP in the
prompt):delete ALL
add 0 0 HISADDRRefer to the
PPP and Dynamic IP addresses section of the handbook
for further details.Why does my connection drop after about 3 minutes?The default PPP timeout is 3 minutes. This can be
adjusted with the lineset timeout NNNwhere NNN is the number of
seconds of inactivity before the connection is closed. If
NNN is zero, the connection is never
closed due to a timeout. It is possible to put this command in
the ppp.conf file, or to type it at the
prompt in interactive mode. It is also possible to adjust it on
the fly while the line is active by connecting to
ppp's server socket using
&man.telnet.1; or &man.pppctl.8;.
Refer to the
&man.ppp.8; man
page for further details.Why does my connection drop under heavy load?If you have Link Quality Reporting (LQR) configured,
it is possible that too many LQR packets are lost between
your machine and the peer. Ppp deduces that the line must
therefore be bad, and disconnects. Prior to FreeBSD version
2.2.5, LQR was enabled by default. It is now disabled by
default. LQR can be disabled with the linedisable lqrWhy does my connection drop after a random amount of
time?Sometimes, on a noisy phone line or even on a line with
call waiting enabled, your modem may hang up because it
thinks (incorrectly) that it lost carrier.There is a setting on most modems for determining how
tolerant it should be to temporary losses of carrier. On a
USR &sportster; for example, this is measured by the S10
register in tenths of a second. To make your modem more
forgiving, you could add the following send-expect sequence
to your dial string:set dial "...... ATS10=10 OK ......"Refer to your modem manual for details.Why does my connection hang after a random amount of
time?Many people experience hung connections with no apparent
explanation. The first thing to establish is which side of
the link is hung.If you are using an external modem, you can simply try
using &man.ping.8; to see if the TD
light is flashing when you transmit data. If it flashes
(and the RD light does not), the
problem is with the remote end. If TD
does not flash, the problem is local. With an internal
modem, you will need to use the set
server command in your
ppp.conf file. When the hang occurs,
connect to &man.ppp.8; using &man.pppctl.8;. If your
network connection suddenly revives (PPP was revived due
to the activity on the diagnostic socket) or if you cannot
connect (assuming the set socket
command succeeded at startup time), the problem is
local. If you can connect and things are still hung,
enable local async logging with set log local
async and use &man.ping.8; from another window
or terminal to make use of the link. The async logging
will show you the data being transmitted and received on
the link. If data is going out and not coming back, the
problem is remote.Having established whether the problem is local or remote,
you now have two possibilities:If the problem is remote, read on entry .If the problem is local, read on entry .The remote end is not responding. What can I do?There is very little you can do about this. Most ISPs
will refuse to help if you are not running a Microsoft OS.
You can enable lqr in your
ppp.conf file, allowing &man.ppp.8; to detect
the remote failure and hang up, but this detection is
relatively slow and therefore not that useful. You may want to
avoid telling your ISP that you are running user-PPP...First, try disabling all local compression by adding the
following to your configuration:disable pred1 deflate deflate24 protocomp acfcomp shortseq vj
deny pred1 deflate deflate24 protocomp acfcomp shortseq vjThen reconnect to ensure that this makes no difference.
If things improve or if the problem is solved completely,
determine which setting makes the difference through trial
and error. This will provide good ammunition when you contact
your ISP (although it may make it apparent that you are not
running a Microsoft product).Before contacting your ISP, enable async logging
locally and wait until the connection hangs again. This
may use up quite a bit of disk space. The last data read
from the port may be of interest. It is usually ascii
data, and may even describe the problem (Memory
fault, core dumped?).If your ISP is helpful, they should be able to enable
logging on their end, then when the next link drop occurs,
they may be able to tell you why their side is having a
problem. Feel free to send the details to &a.brian;, or
even to ask your ISP to contact me directly.&man.ppp.8; has hung. What can I do?Your best bet here is to rebuild &man.ppp.8; by adding
CFLAGS+=-g and
STRIP= to the end of the Makefile, then
doing a make clean && make &&
make install. When &man.ppp.8; hangs, find the
&man.ppp.8; process id with ps ajxww | fgrep
ppp and run gdb ppp
PID. From the gdb
prompt, you can then use bt to get a
stack trace.Send the results to &a.brian;.Why does nothing happen after the Login OK!
message?Prior to FreeBSD version 2.2.5, once the link was
established, &man.ppp.8; would wait for the peer to
initiate the Line Control Protocol (LCP). Many ISPs will
not initiate negotiations and expect the client to do so.
To force &man.ppp.8; to initiate the LCP, use the
following line:set openmode activeIt usually does no harm if both sides initiate
negotiation, so openmode is now active by default.
However, the next section explains when it
does do some harm.I keep seeing errors about magic being the same. What does
it mean?Occasionally, just after connecting, you may see messages
in the log that say magic is the same.
Sometimes, these messages are harmless, and sometimes one side
or the other exits. Most PPP implementations cannot survive
this problem, and even if the link seems to come up, you will see
repeated configure requests and configure acknowledgments in
the log file until &man.ppp.8; eventually gives up and closes the
connection.This normally happens on server machines with slow
disks that are spawning a getty on the port, and executing
&man.ppp.8; from a login script or program after login. I
have also heard reports of it happening consistently when
using slirp. The reason is that in the time taken between
&man.getty.8; exiting and &man.ppp.8; starting, the
client-side &man.ppp.8; starts sending Line Control
Protocol (LCP) packets. Because ECHO is still switched on
for the port on the server, the client &man.ppp.8; sees
these packets reflect back.One part of the LCP negotiation is to establish a
magic number for each side of the link so that
reflections can be detected. The protocol
says that when the peer tries to negotiate the same magic
number, a NAK should be sent and a new magic number should
be chosen. During the period that the server port has
ECHO turned on, the client &man.ppp.8; sends LCP packets,
sees the same magic in the reflected packet and NAKs
it. It also sees the NAK reflect (which also means
&man.ppp.8; must change its magic). This produces a
potentially enormous number of magic number changes, all
of which are happily piling into the server's tty
buffer. As soon as &man.ppp.8; starts on the server, it is
flooded with magic number changes and almost immediately
decides it has tried enough to negotiate LCP and gives
up. Meanwhile, the client, who no longer sees the
reflections, becomes happy just in time to see a hangup
from the server.This can be avoided by allowing the peer to start
negotiating with the following line in your ppp.conf
file:set openmode passiveThis tells &man.ppp.8; to wait for the server to initiate LCP
negotiations. Some servers however may never initiate
negotiations. If this is the case, you can do something
like:set openmode active 3This tells &man.ppp.8; to be passive for 3 seconds, and then to
start sending LCP requests. If the peer starts sending
requests during this period, &man.ppp.8; will immediately respond
rather than waiting for the full 3 second period.LCP negotiations continue until the connection is
closed. What is wrong?There is currently an implementation mis-feature in
&man.ppp.8; where it does not associate
LCP, CCP & IPCP responses with their original requests. As
a result, if one PPP
implementation is more than 6 seconds slower than the other
side, the other side will send two additional LCP configuration
requests. This is fatal.Consider two implementations,
A and
B. A starts
sending LCP requests immediately after connecting and
B takes 7 seconds to start. When
B starts, A
has sent 3 LCP REQs. We are assuming the line has ECHO switched
off, otherwise we would see magic number problems as described in
the previous section. B sends a
REQ, then an ACK to the first of
A's REQs. This results in
A entering the OPENED
state and sending and ACK (the first) back to
B. In the meantime,
B sends back two more ACKs in response to
the two additional REQs sent by A
before B started up.
B then receives the first ACK from
A and enters the
OPENED state.
A receives the second ACK from
B and goes back to the
REQ-SENT state, sending another (forth) REQ
as per the RFC. It then receives the third ACK and enters the
OPENED state. In the meantime,
B receives the forth REQ from
A, resulting in it reverting to the
ACK-SENT state and sending
another (second) REQ and (forth) ACK as per the RFC.
A gets the REQ, goes into
REQ-SENT and sends another REQ. It
immediately receives the following ACK and enters
OPENED.This goes on until one side figures out that they are
getting nowhere and gives up.The best way to avoid this is to configure one side to be
passive - that is, make one side
wait for the other to start negotiating. This can be done
with theset openmode passivecommand. Care should be taken with this option. You
should also use theset stopped Ncommand to limit the amount of time that
&man.ppp.8; waits for the peer to begin
negotiations. Alternatively, theset openmode active Ncommand (where N is the
number of seconds to wait before starting negotiations) can be
used. Check the manual page for details.Why does &man.ppp.8; lock up shortly after connection?Prior to version 2.2.5 of FreeBSD, it was possible that
your link was disabled shortly after connection due to
&man.ppp.8; mis-handling Predictor1
compression negotiation. This would only happen if both sides
tried to negotiate different Compression Control Protocols
(CCP). This problem is now corrected, but if you are still
running an old version of &man.ppp.8;
the problem can be circumvented with the linedisable pred1Why does &man.ppp.8; lock up when I shell out to test
it?When you execute the shell or
! command, &man.ppp.8; executes a
shell (or if you have passed any arguments,
&man.ppp.8; will execute those arguments). Ppp will
wait for the command to complete before continuing. If you
attempt to use the PPP link while running the command, the link
will appear to have frozen. This is because
&man.ppp.8; is waiting for the command to
complete.If you wish to execute commands like this, use the
!bg command instead. This will execute
the given command in the background, and &man.ppp.8; can
continue to service the link.Why does &man.ppp.8; over a null-modem cable never exit?There is no way for &man.ppp.8; to
automatically determine that a direct connection has been
dropped. This is due to the lines that are used in a
null-modem serial cable. When using this sort of connection,
LQR should always be enabled with the lineenable lqrLQR is accepted by default if negotiated by the peer.Why does &man.ppp.8; dial for no reason in -auto mode?If &man.ppp.8; is dialing unexpectedly, you must
determine the cause, and set up Dial filters (dfilters) to
prevent such dialing.To determine the cause, use the following line:set log +tcp/ipThis will log all traffic through the connection. The
next time the line comes up unexpectedly, you will see the
reason logged with a convenient timestamp next to
it.You can now disable dialing under these circumstances.
Usually, this sort of problem arises due to DNS lookups.
To prevent DNS lookups from establishing a connection
(this will not prevent &man.ppp.8;
from passing the packets through an established
connection), use the following:set dfilter 1 deny udp src eq 53
set dfilter 2 deny udp dst eq 53
set dfilter 3 permit 0/0 0/0This is not always suitable, as it will effectively
break your demand-dial capabilities - most programs will
need a DNS lookup before doing any other network related
things.In the DNS case, you should try to determine what is
actually trying to resolve a host name. A lot of the
time, &man.sendmail.8; is the culprit. You should make
sure that you tell sendmail not to do any DNS lookups in
its configuration file. See the section on using email with a
dialup connection in the FreeBSD Handbook for
details on how to create your own configuration file and
what should go into it. You may also want to add the
following line to your .mc
file:define(`confDELIVERY_MODE', `d')dnlThis will make sendmail queue everything until the
queue is run (usually, sendmail is invoked with
, telling it to run the queue
every 30 minutes) or until a sendmail
-q is done (perhaps from your ppp.linkup
file).What do these CCP errors mean?I keep seeing the following errors in my log file:CCP: CcpSendConfigReq
CCP: Received Terminate Ack (1) state = Req-Sent (6)This is because &man.ppp.8; is trying to negotiate Predictor1
compression, and the peer does not want to negotiate any
compression at all. The messages are harmless, but if you
wish to remove them, you can disable Predictor1 compression
locally too:disable pred1Why does &man.ppp.8; not log my connection speed?In order to log all lines of your modem
conversation, you must enable the
following:set log +connectThis will make &man.ppp.8; log
everything up until the last requested expect
string.If you wish to see your connect speed and are using PAP
or CHAP (and therefore do not have anything to
chat after the CONNECT in the dial script - no
set login script), you must make sure that
you instruct &man.ppp.8; to expect the whole CONNECT
line, something like this:set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 4 \
\"\" ATZ OK-ATZ-OK ATDT\\T TIMEOUT 60 CONNECT \\c \\n"Here, we get our CONNECT, send nothing, then expect a
line-feed, forcing &man.ppp.8; to read
the whole CONNECT response.Why does &man.ppp.8; ignore the \ character
in my chat script?Ppp parses each line in your config files so that it can
interpret strings such as
set phone "123 456 789" correctly and
realize that the number is actually only
one argument. In order to specify a
" character, you must escape it
using a backslash (\).When the chat interpreter parses each argument, it
re-interprets the argument in order to find any special
escape sequences such as \P or
\T (see the manual page). As a result of this
double-parsing, you must remember to use the correct number of
escapes.If you wish to actually send a \
character to (say) your modem, you would need something
like:set dial "\"\" ATZ OK-ATZ-OK AT\\\\X OK"resulting in the following sequence:ATZ
OK
AT\X
OKorset phone 1234567
set dial "\"\" ATZ OK ATDT\\T"resulting in the following sequence:ATZ
OK
ATDT1234567Why does &man.ppp.8; get a seg-fault, but I see no
ppp.core file?Ppp (or any other program for that matter) should
never dump core. Because &man.ppp.8; runs with an
effective user id of 0, the operating system will not
write &man.ppp.8;'s core image to disk before terminating
it. If, however &man.ppp.8; is actually terminating due
to a segmentation violation or some other signal that
normally causes core to be dumped,
and you are sure you are using the
latest version (see the start of this section), then you
should do the following:&prompt.user; tar xfz ppp-*.src.tar.gz
&prompt.user; cd ppp*/ppp
&prompt.user; echo STRIP= >>Makefile
&prompt.user; echo CFLAGS+=-g >>Makefile
&prompt.user; make clean all
&prompt.user; su
&prompt.root; make install
&prompt.root; chmod 555 /usr/sbin/pppYou will now have a debuggable version of &man.ppp.8;
installed. You will have to be root
to run &man.ppp.8; as all of its privileges have been
revoked. When you start &man.ppp.8;, take a careful note
of what your current directory was at the time.Now, if and when &man.ppp.8; receives the segmentation
violation, it will dump a core file called
ppp.core. You should then do the
following:&prompt.user; su
&prompt.root; gdb /usr/sbin/ppp ppp.core(gdb)bt
.....
(gdb)f 0
....
(gdb)i args
....
(gdb)l
.....All of this information should be given alongside your
question, making it possible to diagnose the problem.If you are familiar with gdb, you may wish to find out some
other bits and pieces such as what actually caused the dump and
the addresses & values of the relevant variables.Why does the process that forces a dial in auto mode never
connect?This was a known problem with
&man.ppp.8; set up to negotiate a
dynamic local IP number with the peer in auto mode. It is
fixed in the latest version - search the manual page for
iface.The problem was that when that initial program calls
&man.connect.2;, the IP number of the tun interface is assigned
to the socket endpoint. The kernel creates the first outgoing
packet and writes it to the tun device.
&man.ppp.8; then reads the packet and
establishes a connection. If, as a result of
&man.ppp.8;'s dynamic IP assignment, the
interface address is changed, the original socket endpoint will
be invalid. Any subsequent packets sent to the peer will
usually be dropped. Even if they are not, any responses will
not route back to the originating machine as the IP number is
no longer owned by that machine.There are several theoretical ways to approach this
problem. It would be nicest if the peer would re-assign the
same IP number if possible :-)
The current version of &man.ppp.8; does
this, but most other implementations do not.The easiest method from our side would be to never
change the tun interface IP number, but instead to change
all outgoing packets so that the source IP number is
changed from the interface IP to the negotiated IP on the
fly. This is essentially what the
iface-alias option in the latest
version of &man.ppp.8; is doing (with the help of
&man.libalias.3; and &man.ppp.8;'s
switch) - it is maintaining all previous interface
addresses and NATing them to the last negotiated
address.Another alternative (and probably the most reliable) would
be to implement a system call that changes all bound sockets
from one IP to another. &man.ppp.8; would
use this call to modify the sockets of all existing programs
when a new IP number is negotiated. The same system call could
be used by dhcp clients when they are forced to re-bind() their
sockets.Yet another possibility is to allow an interface to be
brought up without an IP number. Outgoing packets would be
given an IP number of 255.255.255.255 up until the first
SIOCAIFADDR ioctl is done. This would result in fully binding
the socket. It would be up to &man.ppp.8;
to change the source IP number, but only if it is set to
255.255.255.255, and only the IP number and IP checksum would
need to change. This, however is a bit of a hack as the kernel
would be sending bad packets to an improperly configured
interface, on the assumption that some other mechanism is
capable of fixing things retrospectively.Why do most games not work with the -nat switch?The reason games and the like do not work when libalias
is in use is that the machine on the outside will try to open a
connection or send (unsolicited) UDP packets to the machine on
the inside. The NAT software does not know that it should send
these packets to the interior machine.To make things work, make sure that the only thing
running is the software that you are having problems with, then
either run tcpdump on the tun interface of the gateway or
enable &man.ppp.8; tcp/ip logging (set log +tcp/ip)
on the gateway.When you start the offending software, you should see
packets passing through the gateway machine. When
something comes back from the outside, it will be dropped
(that is the problem). Note the port number of these
packets then shut down the offending software. Do this a
few times to see if the port numbers are consistent. If
they are, then the following line in the relevant section
of /etc/ppp/ppp.conf will make the
software functional:nat port protointernalmachine:portportwhere proto is either
tcp or udp,
internalmachine is the machine that
you want the packets to be sent to and
port is the destination port number
of the packets.You will not be able to use the software on other machines
without changing the above command, and running the software
on two internal machines at the same time is out of the question
- after all, the outside world is seeing your entire internal
network as being just a single machine.If the port numbers are not consistent, there are three
more options:Submit support in libalias. Examples of
special cases can be found in
/usr/src/lib/libalias/alias_*.c
(alias_ftp.c is a good
prototype). This usually involves reading certain
recognised outgoing packets, identifying the
instruction that tells the outside machine to initiate
a connection back to the internal machine on a
specific (random) port and setting up a
route in the alias table so that the
subsequent packets know where to go.This is the most difficult solution, but it is the
best and will make the software work with multiple
machines.Use a proxy. The application may support socks5
for example, or (as in the cvsup case)
may have a passive option that avoids
ever requesting that the peer open connections back to
the local machine.Redirect everything to the internal machine using
nat addr. This is the
sledge-hammer approach.Has anybody made a list of useful port numbers?Not yet, but this is intended to grow into such a list
(if any interest is shown). In each example,
internal should be replaced with
the IP number of the machine playing the game.Asheron's Callnat port udp
internal
:65000 65000Manually change the port number within the game to
65000. If you have got a number of machines that you wish
to play on assign a unique port number for each (i.e.
65001, 65002, etc) and add a nat port
line for each one.Half Lifenat port udp
internal:27005
27015PCAnywhere 8.0nat port udp
internal:5632
5632nat port tcp
internal:5631
5631Quakenat port udp
internal:6112
6112Alternatively, you may want to take a look at
www.battle.net for Quake proxy support.Quake 2nat port udp
internal:27901
27910nat port udp
internal:60021
60021nat port udp
internal:60040
60040Red Alertnat port udp
internal:8675
8675nat port udp
internal:5009
5009What are FCS errors?FCS stands for Frame
Check Sequence.
Each PPP packet has a checksum attached to ensure that the
data being received is the data being sent. If the FCS of
an incoming packet is incorrect, the packet is dropped and
the HDLC FCS count is increased. The HDLC error values
can be displayed using the show hdlc
command.If your link is bad (or if your serial driver is dropping
packets), you will see the occasional FCS error. This is not
usually worth worrying about although it does slow down the
compression protocols substantially. If you have an external
modem, make sure your cable is properly shielded from
interference - this may eradicate the problem.If your link freezes as soon as you have connected and you
see a large number of FCS errors, this may be because your link
is not 8 bit clean. Make sure your modem is not using software
flow control (XON/XOFF). If your datalink
must use software flow control, use the
command set accmap 0x000a0000 to tell
&man.ppp.8; to escape the ^Q and
^S characters.Another reason for seeing too many FCS errors may be
that the remote end has stopped talking
PPP. You may want to enable
async logging at this point to
determine if the incoming data is actually a login or
shell prompt. If you have a shell prompt at the remote
end, it is possible to terminate &man.ppp.8; without
dropping the line by using the close
lcp command (a following term
command will reconnect you to the shell on the remote
machine.If nothing in your log file indicates why the link might
have been terminated, you should ask the remote administrator
(your ISP?) why the session was terminated.Why do &macos; and &windows; 98 connections freeze when
running PPPoE on the gateway?Thanks to Michael Wozniak
mwozniak@netcom.ca for figuring this out and
Dan Flemming danflemming@mac.com for the Mac
solution:This is due to what is called a Black Hole
router. &macos; and &windows; 98 (and maybe other Microsoft OSs)
send TCP packets with a requested segment size too big to fit
into a PPPoE frame (MTU is 1500 by default for Ethernet)
and have the do not
fragment bit set (default of TCP) and the Telco router
is not sending ICMP must fragment back to the
www site you are trying to load. (Alternatively, the router is
sending the ICMP packet correctly, but the firewall at the www
site is dropping it.) When the www server is sending
you frames that do not fit into the PPPoE pipe the Telco router
drops them on the floor and your page does not load (some
pages/graphics do as they are smaller than a MSS.) This seems
to be the default of most Telco PPPoE configurations (if only
they knew how to program a router... sigh...)One fix is to use regedit on your 95/98 boxes to add the
following registry entry...HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\NetTrans\0000\MaxMTUIt should be a string with a value
1436, as some ADSL routers are reported to
be unable to deal with packets larger than this. This
registry key has been changed to
Tcpip\Parameters\Interfaces\ID for
adapter\MTU in &windows; 2000 and
becomes a DWORD.Refer to the Microsoft Knowledge Base documents Q158474
- Windows TCPIP Registry Entries and Q120642
- TCPIP & NBT Configuration Parameters for &windowsnt;
for more information on changing &windows; MTU to
work with a NAT router.Another regedit possibility under &windows; 2000 is to
set the
Tcpip\Parameters\Interfaces\ID for
adapter\EnablePMTUBHDetect DWORD
to 1 as mentioned in the Microsoft document 120642
mentioned above.Unfortunately, &macos; does not provide an interface for
changing TCP/IP settings. However, there is commercial software
available, such as OTAdvancedTuner (OT for OpenTransport, the
&macos; TCP/IP stack) by Sustainable Softworks,
that will allow users to customize TCP/IP settings. &macos; NAT
users should select ip_interface_MTU from
the drop-down menu, enter 1450 instead of
1500 in the box, click the box next to
Save as Auto Configure, and click
Make Active.The latest version of &man.ppp.8;
(2.3 or greater) has an enable tcpmssfixup
command that will automatically adjust the MSS to an appropriate
value. This facility is enabled by default. If you are stuck
with an older version of &man.ppp.8;, you
may want to look at the tcpmssd
port.None of this helps - I am desperate! What can I do?If all else fails, send as much information as you can,
including your config files, how you are starting
&man.ppp.8;, the relevant parts of your
log file and the output of the netstat -rn
command (before and after connecting) to the &a.questions; or
the
comp.unix.bsd.freebsd.misc news group, and someone
should point you in the right direction.Serial CommunicationsThis section answers common questions about serial
communications with FreeBSD. PPP and SLIP are covered in the
Networking section.How do I tell if FreeBSD found my serial ports?As the FreeBSD kernel boots, it will probe for the serial
ports in your system for which the kernel was configured.
You can either watch your system closely for the messages it
prints or run the command&prompt.user; dmesg | grep sioafter your system is up and running.Here is some example output from the above command:sio0 at 0x3f8-0x3ff irq 4 on isa
sio0: type 16550A
sio1 at 0x2f8-0x2ff irq 3 on isa
sio1: type 16550AThis shows two serial ports. The first is on irq 4, is
using port address 0x3f8, and has a
16550A-type UART chip. The second uses the same kind of chip
but is on irq 3 and is at port address 0x2f8.
Internal modem cards are treated just like serial ports---except
that they always have a modem attached to the
port.The GENERIC kernel includes support
for two serial ports using the same irq and port address
settings in the above example. If these settings are not
right for your system, or if you have added modem cards or have
more serial ports than your kernel is configured for, just
reconfigure your kernel. See section
about building a kernel for
more details.How do I tell if FreeBSD found my modem cards?Refer to the answer to the previous question.How do I access the serial ports on FreeBSD?The third serial port, sio2
(see &man.sio.4;, known as COM3 in DOS), is on
/dev/cuaa2 for dial-out devices,
and on /dev/ttyd2 for dial-in
devices. What is the difference between these two classes
of devices?You use
ttydX
for dial-ins. When opening
/dev/ttydX
in blocking mode, a process will wait for the
corresponding
cuaaX
device to become inactive, and then wait for the carrier
detect line to go active. When you open the
cuaaX
device, it makes sure the serial port is not already in
use by the
ttydX
device. If the port is available, it steals
it from the
ttydX
device. Also, the
cuaaX
device does not care about carrier detect. With this
scheme and an auto-answer modem, you can have remote users
log in and you can still dial out with the same modem and
the system will take care of all the conflicts.How do I enable support for a multiport serial
card?Again, the section on kernel configuration provides
information about configuring your kernel. For a multiport
serial card, place an &man.sio.4; line for each serial
port on the card in the kernel configuration file. But
place the irq and vector specifiers on only one of the
entries. All of the ports on the card should share one
irq. For consistency, use the last serial port to specify
the irq. Also, specify the
COM_MULTIPORT option.The following example is for an AST 4-port serial card on
irq 7:options "COM_MULTIPORT"
device sio4 at isa? port 0x2a0 tty flags 0x781
device sio5 at isa? port 0x2a8 tty flags 0x781
device sio6 at isa? port 0x2b0 tty flags 0x781
device sio7 at isa? port 0x2b8 tty flags 0x781 irq 7 vector siointrThe flags indicate that the master port has minor number 7
(0x700), diagnostics enabled during probe
(0x080), and all the ports share an irq
(0x001).Can FreeBSD handle multiport serial cards sharing
irqs?Not yet. You will have to use a different irq for each
card.Can I set the default serial parameters for a
port?The
ttydX
(or
cuaaX)
device is the regular device you will want to open for
your applications. When a process opens the device, it
will have a default set of terminal I/O settings. You can
see these settings with the command&prompt.root; stty -a -f /dev/ttyd1When you change the settings to this device, the settings
are in effect until the device is closed. When it is reopened,
it goes back to the default set. To make changes to the
default set, you can open and adjust the settings of the
initial state device. For example, to turn on
CLOCAL mode, 8 bits, and
XON/XOFF flow control by default for
ttyd5, do:&prompt.root; stty -f /dev/ttyid5 clocal cs8 ixon ixoffA good place to do this is in
/etc/rc.serial. Now, an application
will have these settings by default when it opens
ttyd5. It can still change these
settings to its liking, though.You can also prevent certain settings from being
changed by an application by making adjustments to the
lock state device. For example, to lock
the speed of ttyd5 to 57600 bps,
do&prompt.root; stty -f /dev/ttyld5 57600Now, an application that opens
ttyd5 and tries to change the
speed of the port will be stuck with 57600 bps.Naturally, you should make the initial state and lock
state devices writable only by
root. The &man.MAKEDEV.8; script does
NOT do this when it creates the
device entries.How can I enable dialup logins on my modem?So you want to become an Internet service provider, eh?
First, you will need one or more modems that can auto-answer.
Your modem will need to assert carrier-detect when it detects a
carrier and not assert it all the time. It will need to hang up
the phone and reset itself when the data terminal ready
(DTR) line goes from on to off. It should
probably use RTS/CTS flow control or no
local flow control at all. Finally, it must use a constant
speed between the computer and itself, but (to be nice to your
callers) it should negotiate a speed between itself and the
remote modem.For many Hayes command-set--compatible modems, this
command will make these settings and store them in
nonvolatile memory:AT &C1 &D3 &K3 &Q6 S0=1 &WSee the section on sending AT
commands below for information on how to make these
settings without resorting to an &ms-dos; terminal program.Next, make an entry in /etc/ttys
(see &man.ttys.5;) for the modem. This file lists all the
ports on which the operating system will await logins.
Add a line that looks something like this:ttyd1 "/usr/libexec/getty std.57600" dialup on insecureThis line indicates that the second serial port
(/dev/ttyd1) has a modem
connected running at 57600 bps and no parity
(std.57600, which comes from the file
/etc/gettytab, see &man.gettytab.5;).
The terminal type for this port is
dialup. The port is
on and is
insecure---meaning
root logins on the port are not
allowed. For dialin ports like this one, use the
ttydX
entry.It is common practice to use dialup
as the terminal type. Many users set up in their
.profile or
.login files a prompt for the actual
terminal type if the starting type is dialup. The example
shows the port as insecure. To become
root on this port, you have to login
as a regular user, then &man.su.1; to become
root. If you use
secure then root
can login in directly.After making modifications to
/etc/ttys, you need to send a hangup
or HUP signal to the &man.init.8;
process:&prompt.root; kill -HUP 1This forces the &man.init.8; process to reread
/etc/ttys. The init process will
then start getty processes on all on
ports. You can find out if logins are available for your
port by typing&prompt.user; ps -ax | grep '[t]tyd1'You should see something like:747 ?? I 0:00.04 /usr/libexec/getty std.57600 ttyd1How can I connect a dumb terminal to my FreeBSD
box?If you are using another computer as a terminal into your
FreeBSD system, get a null modem cable to go between the two
serial ports. If you are using an actual terminal, see its
accompanying instructions.Then, modify /etc/ttys (see
&man.ttys.5;), like above. For example, if you are
hooking up a WYSE-50 terminal to the fifth serial port,
use an entry like this:ttyd4 "/usr/libexec/getty std.38400" wyse50 on secureThis example shows that the port on
/dev/ttyd4 has a wyse50 terminal
connected at 38400 bps with no parity
(std.38400 from
/etc/gettytab, see &man.gettytab.5;)
and root logins are allowed
(secure).Why can I not run tip or
cu?On your system, the programs &man.tip.1; and
&man.cu.1; are probably executable only by
uucp and group
dialer. You can use the group
dialer to control who has access to
your modem or remote systems. Just add yourself to group
dialer.Alternatively, you can let everyone on your system run
&man.tip.1; and &man.cu.1; by typing:&prompt.root; chmod 4511 /usr/bin/cu
&prompt.root; chmod 4511 /usr/bin/tipMy stock Hayes modem is not supported---what
can I do?Actually, the manual page for &man.tip.1; is out of
date. There is a generic Hayes dialer already built in.
Just use at=hayes in your
/etc/remote (see &man.remote.5;)
file.The Hayes driver is not smart enough to recognize some of
the advanced features of newer modems---messages like
BUSY, NO DIALTONE, or
CONNECT 115200 will just confuse it. You
should turn those messages off when you use &man.tip.1;
(using ATX0&W).Also, the dial timeout for &man.tip.1; is 60
seconds. Your modem should use something less, or else tip
will think there is a communication problem. Try
ATS7=45&W.Actually, as shipped &man.tip.1; does not yet
support it fully. The solution is to edit the file
tipconf.h in the directory
/usr/src/usr.bin/tip/tip. Obviously you
need the source distribution to do this.Edit the line #define HAYES 0
to #define HAYES 1. Then
make and make install.
Everything works nicely after that.How am I expected to enter these AT commands?Make what is called a direct entry in
your /etc/remote file (see
&man.remote.5;). For example, if your modem is hooked up
to the first serial port,
/dev/cuaa0, then put in the
following line:cuaa0:dv=/dev/cuaa0:br#19200:pa=noneUse the highest bps rate your modem supports in the br
capability. Then, type tip
cuaa0 (see &man.tip.1;)
and you will be connected to your modem.If there is no /dev/cuaa0 on your
system, do this:&prompt.root; cd /dev
&prompt.root; sh MAKEDEV cuaa0Or use cu as root with the
following command:&prompt.root; cu -lline -sspeedwith line being the serial
port (e.g. /dev/cuaa0) and
speed being the speed
(e.g.57600). When you are done
entering the AT commands hit ~. to
exit.Why does the <@> sign for the pn
capability not work?The <@> sign in the phone
number capability tells tip to look in
/etc/phones for a phone number. But
the <@> sign is also a special
character in capability files like
/etc/remote. Escape it with a
backslash:pn=\@How can I dial a phone number on the command
line?Put what is called a generic entry in
your /etc/remote file (see
&man.remote.5;). For example:tip115200|Dial any phone number at 115200 bps:\
:dv=/dev/cuaa0:br#115200:at=hayes:pa=none:du:
tip57600|Dial any phone number at 57600 bps:\
:dv=/dev/cuaa0:br#57600:at=hayes:pa=none:du:Then you can do something like tip -115200
5551234. If you prefer &man.cu.1; over
&man.tip.1;, use a generic cu entry:cu115200|Use cu to dial any number at 115200bps:\
:dv=/dev/cuaa1:br#57600:at=hayes:pa=none:du:and type cu 5551234 -s 115200.Do I have to type in the bps rate every time I do
that?Put in an entry for tip1200 or
cu1200, but go ahead and use whatever
bps rate is appropriate with the br capability.
&man.tip.1; thinks a good default is 1200 bps which is why
it looks for a tip1200 entry. You do
not have to use 1200 bps, though.How can I more easily access a number of hosts through a
terminal server?Rather than waiting until you are connected and typing
CONNECT host
each time, use tip's cm capability. For
example, these entries in
/etc/remote (see &man.remote.5;):pain|pain.deep13.com|Forrester's machine:\
:cm=CONNECT pain\n:tc=deep13:
muffin|muffin.deep13.com|Frank's machine:\
:cm=CONNECT muffin\n:tc=deep13:
deep13:Gizmonics Institute terminal server:\
:dv=/dev/cuaa2:br#38400:at=hayes:du:pa=none:pn=5551234:will let you type tip pain or
tip muffin to connect to the hosts
pain or muffin; and
tip deep13 to get to the terminal
server.Can tip try more than one line for each site?This is often a problem where a university has several
modem lines and several thousand students trying to use
them...Make an entry for your university in
/etc/remote (see &man.remote.5;) and
use <\@> for the
pn capability:big-university:\
:pn=\@:tc=dialout
dialout:\
:dv=/dev/cuaa3:br#9600:at=courier:du:pa=none:Then, list the phone numbers for the university in
/etc/phones (see &man.phones.5;):big-university 5551111
big-university 5551112
big-university 5551113
big-university 5551114&man.tip.1;
will try each one in the listed order, then give
up. If you want to keep retrying, run &man.tip.1;
in a while loop.Why do I have to hit CTRLP
twice to send CTRLP
once?CTRLP
is the default force character, used to
tell &man.tip.1; that the next character is literal data.
You can set the force character to any other character
with the ~s escape, which means
set a variable.Type ~sforce=single-char
followed by a newline.
single-char is any single
character. If you leave out
single-char, then the force
character is the nul character, which you can get by
typing CTRL2
or CTRLSPACE.
A pretty good value for
single-char is SHIFTCTRL6,
which I have seen only used on some terminal
servers.You can have the force character be whatever you want
by specifying the following in your
$HOME/.tiprc file:force=single-charWhy is everything I type suddenly in UPPER CASE?You must have pressed CTRLA,
&man.tip.1; raise character, specially
designed for people with broken Caps Lock
keys. Use ~s as above and set the
variable raisechar to something reasonable.
In fact, you can set it to the same as the force
character, if you never expect to use either of these
features.Here is a sample .tiprc file perfect for Emacs users
who need to type CTRL2
and CTRLA
a lot:force=^^
raisechar=^^The ^^ is SHIFTCTRL6.How can I do file transfers with
tip?If you are talking to another &unix; system, you can
send and receive files with ~p (put)
and ~t (take). These commands run
&man.cat.1; and &man.echo.1; on the remote system to
accept and send files. The syntax is:~p <local-file> [<remote-file>]
~t <remote-file> [<local-file>]There is no error checking, so you probably should use
another protocol, like zmodem.How can I run zmodem with
tip?First, install one of the zmodem programs from the
ports collection (such as one of the two from the comms
category, lrzsz or
rzsz.To receive files, start the sending program on the
remote end. Then, press enter and type ~C
rz (or ~C lrz if you
installed lrzsz) to begin
receiving them locally.To send files, start the receiving program on the
remote end. Then, press enter and type ~C sz
files (or ~C
lsz files) to send
them to the remote system.Miscellaneous QuestionsFreeBSD uses far more swap space than &linux;. Why?FreeBSD only appears to use more swap than &linux;. In
actual fact, it does not. The main difference between FreeBSD
and &linux; in this regard is that FreeBSD will proactively move
entirely idle, unused pages of main memory into swap in order
to make more main memory available for active use. &linux; tends
to only move pages to swap as a last resort. The perceived
heavier use of swap is balanced by the more efficient use of
main memory.Note that while FreeBSD is proactive in this regard, it
does not arbitrarily decide to swap pages when the system is
truly idle. Thus you will not find your system all paged
out when you get up in the morning after leaving it idle
overnight.Why does top show very little free
memory even when I have very few programs running?The simple answer is that free memory is wasted
memory. Any memory that your programs do not actively
allocate is used within the FreeBSD kernel as disk
cache. The values shown by &man.top.1; labeled as
Inact, Cache, and
Buf are all cached data at different
aging levels. This cached data means the system does
not have to access a slow disk again for data it has
accessed recently, thus increasing overall performance.
In general, a low value shown for Free
memory in &man.top.1; is good, provided it is not
very low.Why will chmod not change the
permissions on symlinks?Symlinks do not have permissions, and by default,
&man.chmod.1; will not follow symlinks to change the
permissions on the target file. So if you have a file,
foo, and a symlink to that file,
bar, then this command will always
succeed.&prompt.user; chmod g-w barHowever, the permissions on foo will
not have changed.You have to use either or
together with the
option to make this work. See the &man.chmod.1; and
&man.symlink.7; manual pages for more info.The option does a
RECURSIVE &man.chmod.1;. Be
careful about specifying directories or symlinks to
directories to &man.chmod.1;. If you want to change
the permissions of a directory referenced by a
symlink, use &man.chmod.1; without any options and
follow the symlink with a trailing slash
(/). For example, if
foo is a symlink to directory
bar, and you want to change the
permissions of foo (actually
bar), you would do something
like:&prompt.user; chmod 555 foo/With the trailing slash, &man.chmod.1; will follow
the symlink, foo, to change the
permissions of the directory,
bar.Can I run DOS binaries under FreeBSD?Yes, you can use the integrated
doscmd DOS emulation program to
run a subset of DOS commands.If doscmd will not suffice,
the add-on utility emulators/pcemu emulates an 8088 and
enough BIOS services to run many DOS text mode
applications. It requires the X Window System.What do I need to do to translate a FreeBSD document into
my native language?See the
Translation FAQ in the FreeBSD Documentation Project
Primer.Why does my email to any address at FreeBSD.org bounce?The FreeBSD.org mail system implements some of the
stricter Postfix checks on incoming mail and rejects mail that is
either misconfigured or is potential spam. Your mail
might bounce for one of the following reasons:The email is being sent from a known spam
domain or IP block.The FreeBSD mail servers reject email from known
spam sources. If you have service through a company
or domain who generates or relays spam, please switch
to a service provider who does not.The body of the email only contains HTML.Mail should be sent in plain text only. Please
configure your mail user agent to send plain
text.The mailer at FreeBSD.org cannot resolve the IP
address of the connecting host back to a symbolic
name.Working reverse DNS is a standard requirement for
accepting mail from a host. Set up reverse DNS for
your mail server's IP address. Many home services
(DSL, cable, dialup, etc.) will not give you this
option. In this case, relay your email through your
service provider's mail server.The hostname given in the EHLO/HELO part of the SMTP
exchange cannot be resolved to an IP address.A fully qualified, resolvable host name is necessary
in this part of the SMTP dialogue before mail will be
accepted. If you do not have a host name that is registered
in the DNS, then you should use your service provider's mail
server to relay your mail.Your message had a message ID ending with the string
localhost.Some mail user agents generate bad message IDs which will
not be accepted. You will need to persuade your mail user
agent to generate a valid message ID or else configure your
mail transfer agent to rewrite them.Where can I find a free FreeBSD account?While FreeBSD does not provide open access to any of their
servers, others do provide open access &unix; systems. The
charge varies and limited services may be available.Arbornet,
Inc, also known as M-Net, has been providing open
access to &unix; systems since 1983. Starting on an Altos
running System III, the site switched to BSD/OS in 1991. In
June of 2000, the site switched again to FreeBSD. M-Net can be
accessed via telnet and SSH and provides basic access to the
entire FreeBSD software suite. However, network access is
limited to members and patrons who donate to the system, which
is run as a non-profit organization. M-Net also provides an
bulletin board system and interactive chat.Grex provides a
site very similar to M-Net including the same bulletin board
and interactive chat software. However, the machine is a &sun;
4M and is running &sunos;.What is sup, and how do I use
it?
SUP stands for Software Update Protocol, and was
developed by CMU for keeping their development trees in sync.
We used it to keep remote sites in sync with our central
development sources.SUP is not bandwidth friendly, and has been retired.
The current recommended method to keep your sources up to
date is
CVSupWhat is the cute little red guy's name?He does not have one, and is just called the BSD
daemon. If you insist upon using a name, call him
beastie. Note that beastie
is pronounced BSD.You can learn more about the BSD daemon on his home
page.Can I use the BSD daemon image?Perhaps. The BSD daemon is copyrighted by Marshall
Kirk McKusick. You will want to check his Statement
on the Use of the BSD Daemon Figure for detailed
usage terms.In summary, you are free to use the image in a tasteful
manner, for personal use, so long as appropriate credit is
given. If you want to use him commercially, you must
contact Kirk McKusick. More details are available on the
BSD
Daemon's home page.Do you have any BSD daemon images I could use?You will find eps and Xfig drawings under
/usr/share/examples/BSD_daemon/.What does MFC mean?MFC is an acronym for Merged From -CURRENT.
It is used in the CVS logs to denote when a change was
migrated from the CURRENT to the STABLE branches.What does BSD mean?It stands for something in a secret language that only
members can know. It does not translate literally but it is ok
to tell you that BSD's translation is something between,
Formula-1 Racing Team, Penguins are
tasty snacks, and We have a better sense of
humor than &linux;. :-)Seriously, BSD is an acronym for Berkeley
Software Distribution, which is the name the
Berkeley CSRG (Computer Systems Research
Group) chose for their &unix; distribution way back when.What does POLA mean?Principle of Least Astonishment. It means that as
FreeBSD evolves, changes visible to the user should be
kept as unsurprising as possible. For example,
arbitrarily rearranging system startup variables in
/etc/defaults/rc.conf violates POLA.
Developers consider POLA when contemplating user-visible
system changes.What is a repo-copy?A repo-copy (which is a short form of repository
copy) refers to the direct copying of files within
the CVS repository.Without a repo-copy, if a file needed to be copied or
moved to another place in the repository, the committer would
run cvs add to put the file in its new
location, and then cvs rm on the old file
if the old copy was being removed.The disadvantage of this method is that the history
(i.e. the entries in the CVS logs) of the file would not be
copied to the new location. As the FreeBSD Project considers
this history very useful, a repository copy is often used
instead. This is a process where one of the repository meisters
will copy the files directly within the repository, rather than
using the &man.cvs.1; program.Why should I care what color the bikeshed is?The really, really short answer is that you should not.
The somewhat longer answer is that just because you are
capable of building a bikeshed does not mean you should stop
others from building one just because you do not like the
color they plan to paint it. This is a metaphor indicating
that you need not argue about every little feature just
because you know enough to do so. Some people have
commented that the amount of noise generated by a change is
inversely proportional to the complexity of the
change.The longer and more complete answer is that after a very
long argument about whether &man.sleep.1; should take
fractional second arguments, &a.phk; posted a long
message entitled A bike
shed (any colour will do) on greener grass....
The appropriate portions of that message are quoted
below.
&a.phk; on freebsd-hackers, October
2, 1999What is it about this bike shed? Some
of you have asked me.It is a long story, or rather it is an old story, but
it is quite short actually. C. Northcote Parkinson wrote
a book in the early 1960s, called Parkinson's
Law, which contains a lot of insight into the
dynamics of management.[snip a bit of commentary on the book]In the specific example involving the bike shed, the
other vital component is an atomic power-plant, I guess
that illustrates the age of the book.Parkinson shows how you can go into the board of
directors and get approval for building a multi-million or
even billion dollar atomic power plant, but if you want to
build a bike shed you will be tangled up in endless
discussions.Parkinson explains that this is because an atomic
plant is so vast, so expensive and so complicated that
people cannot grasp it, and rather than try, they fall
back on the assumption that somebody else checked all the
details before it got this far. Richard P. Feynmann
gives a couple of interesting, and very much to the point,
examples relating to Los Alamos in his books.A bike shed on the other hand. Anyone can build one
of those over a weekend, and still have time to watch the
game on TV. So no matter how well prepared, no matter how
reasonable you are with your proposal, somebody will seize
the chance to show that he is doing his job, that he is
paying attention, that he is
here.In Denmark we call it setting your
fingerprint. It is about personal pride and
prestige, it is about being able to point somewhere and
say There! I did that.
It is a strong trait in politicians, but present in most
people given the chance. Just think about footsteps in
wet cement.
The FreeBSD FunniesHow cool is FreeBSD?Q. Has anyone done any temperature testing while
running FreeBSD? I know &linux; runs cooler than DOS, but have
never seen a mention of FreeBSD. It seems to run really
hot.A. No, but we have done numerous taste tests on
blindfolded volunteers who have also had 250 micrograms of
LSD-25 administered beforehand. 35% of the volunteers said that
FreeBSD tasted sort of orange, whereas &linux; tasted like purple
haze. Neither group mentioned any significant variances in
temperature. We eventually had to throw the
results of this survey out entirely anyway when we found that
too many volunteers were wandering out of the room during the
tests, thus skewing the results. We think most of the volunteers
are at Apple now, working on their new scratch and
sniff GUI. It is a funny old business we are in!Seriously, both FreeBSD and &linux; use the
HLT (halt) instruction when the system is
idle thus lowering its energy consumption and therefore the
heat it generates. Also if you have APM (advanced power
management) configured, then FreeBSD can also put the CPU into
a low power mode.Who is scratching in my memory banks??Q. Is there anything odd that FreeBSD
does when compiling the kernel which would cause the memory to
make a scratchy sound? When compiling (and for a brief moment
after recognizing the floppy drive upon startup, as well), a
strange scratchy sound emanates from what appears to be the
memory banks.A. Yes! You will see frequent references to
daemons in the BSD documentation, and what most
people do not know is that this refers to genuine, non-corporeal
entities that now possess your computer. The scratchy sound
coming from your memory is actually high-pitched whispering
exchanged among the daemons as they best decide how to deal
with various system administration tasks.If the noise gets to you, a good
fdisk /mbr from DOS will get rid of them,
but do not be surprised if they react adversely and try to stop
you. In fact, if at any point during the exercise you hear the
satanic voice of Bill Gates coming from the built-in speaker,
take off running and do not ever look back! Freed from the
counterbalancing influence of the BSD daemons, the twin demons
of DOS and &windows; are often able to re-assert total control
over your machine to the eternal damnation of your soul.
Now that you know, given a choice you would probably prefer to get
used to the scratchy noises, no?How many FreeBSD hackers does it take to change a
lightbulb?One thousand, one hundred and sixty-nine:Twenty-three to complain to -CURRENT about the lights
being out;Four to claim that it is a configuration problem, and
that such matters really belong on -questions;Three to submit PRs about it, one of which is misfiled
under doc and consists only of it's dark;One to commit an untested lightbulb which breaks
buildworld, then back it out five minutes later;Eight to flame the PR originators for not including
patches in their PRs;Five to complain about buildworld being broken;Thirty-one to answer that it works for them, and they
must have cvsupped at a bad time;One to post a patch for a new lightbulb to -hackers;One to complain that he had patches for this three years
ago, but when he sent them to -CURRENT they were just ignored,
and he has had bad experiences with the PR system; besides,
the proposed new lightbulb is non-reflexive;Thirty-seven to scream that lightbulbs do not belong in
the base system, that committers have no right to do things
like this without consulting the Community, and WHAT IS
-CORE DOING ABOUT IT!?Two hundred to complain about the color of the bicycle
shed;Three to point out that the patch breaks &man.style.9;;Seventeen to complain that the proposed new lightbulb is
under GPL;Five hundred and eighty-six to engage in a flame war
about the comparative advantages of the GPL, the BSD
license, the MIT license, the NPL, and the personal hygiene
of unnamed FSF founders;Seven to move various portions of the thread to -chat
and -advocacy;One to commit the suggested lightbulb, even though it
shines dimmer than the old one;Two to back it out with a furious flame of a commit
message, arguing that FreeBSD is better off in the dark than
with a dim lightbulb;Forty-six to argue vociferously about the backing out
of the dim lightbulb and demanding a statement from
-core;Eleven to request a smaller lightbulb so it will fit
their Tamagotchi if we ever decide to port FreeBSD to that
platform;Seventy-three to complain about the SNR on -hackers and
-chat and unsubscribe in protest;Thirteen to post unsubscribe,
How do I unsubscribe?, or Please
remove me from the list, followed by the usual
footer;One to commit a working lightbulb while everybody is too
busy flaming everybody else to notice;Thirty-one to point out that the new lightbulb would shine
0.364% brighter if compiled with TenDRA (although it will have
to be reshaped into a cube), and that FreeBSD should therefore
switch to TenDRA instead of GCC;One to complain that the new lightbulb lacks
fairings;Nine (including the PR originators) to ask
what is MFC?;Fifty-seven to complain about the lights being out two
weeks after the bulb has been changed.&a.nik; adds:I was laughing quite hard at
this.And then I thought, Hang on,
shouldn't there be '1 to document it.' in that list
somewhere?And then I was enlightened :-)Where does data written to /dev/null
go?It goes into a special data sink in the CPU where it
is converted to heat which is vented through the heatsink
/ fan assembly. This is why CPU cooling is increasingly
important; as people get used to faster processors, they
become careless with their data and more and more of it
ends up in /dev/null, overheating
their CPUs. If you delete /dev/null
(which effectively disables the CPU data sink) your CPU
may run cooler but your system will quickly become
constipated with all that excess data and start to behave
erratically. If you have a fast network connection you
can cool down your CPU by reading data out of
/dev/random and sending it off
somewhere; however you run the risk of overheating your
network connection and / or angering
your ISP, as most of the data will end up getting
converted to heat by their equipment, but they generally
have good cooling, so if you do not overdo it you should be
OK.Paul Robinson adds:There are other methods. As every good sysadmin knows,
it is part of standard practise to send data to the screen
of interesting variety to keep all the pixies that make up
your picture happy. Screen pixies (commonly mis-typed or
re-named as 'pixels') are categorised by the type of hat
they wear (red, green or blue) and will hide or appear
(thereby showing the colour of their hat) whenever they
receive a little piece of food. Video cards turn data into
pixie-food, and then send them to the pixies - the more
expensive the card, the better the food, so the better
behaved the pixies are. They also need constant stimulation
- this is why screen savers exist.To take your suggestions further, you could just throw
the random data to console, thereby letting the pixies
consume it. This causes no heat to be produced at all,
keeps the pixies happy and gets rid of your data quite
quickly, even if it does make things look a bit messy on
your screen.Incidentally, as an ex-admin of a large ISP who
experienced many problems attempting to maintain a stable
temperature in a server room, I would strongly discourage
people sending the data they do not want out to the
network. The fairies who do the packet switching and
routing get annoyed by it as well.Advanced TopicsHow can I learn more about FreeBSD's internals?At this time, there is no book on FreeBSD-specific OS
internals. Much general &unix; knowledge is directly
applicable to FreeBSD, however. Additionally, there are
BSD-specific books that are still relevant.For a list, please check the Handbook's Operating
System Internals Bibliography.How can I contribute to FreeBSD?Please see the article on Contributing
to FreeBSD for specific advice on how to do this.
Assistance is more than welcome!What are SNAPs and RELEASEs?There are currently three active/semi-active branches
in the FreeBSD CVS
Repository. (Earlier branches are only changed
very rarely, which is why there are only three active
branches of development):RELENG_3 AKA
3.X-STABLERELENG_4 AKA
4-STABLEHEAD AKA
-CURRENT AKA
5.X-CURRENTHEAD is not an actual branch tag,
like the other two; it is simply a symbolic constant for
the current, non-branched development
stream which we simply refer to as
-CURRENT.Right now, -CURRENT is the 5.X development
stream and the 4-STABLE branch,
RELENG_4, forked off from
-CURRENT in Mar 2000.How do I make my own custom release?Please see the
Release Engineering article.Why does make world clobber my existing
installed binaries?Yes, this is the general idea; as its name might suggest,
make world rebuilds every system binary from
scratch, so you can be certain of having a clean and consistent
environment at the end (which is why it takes so long).If the environment variable DESTDIR
is defined while running make world or
make install, the newly-created binaries
will be deposited in a directory tree identical to the
installed one, rooted at ${DESTDIR}.
Some random combination of shared libraries modifications and
program rebuilds can cause this to fail in make
world however.Why isn't cvsup.FreeBSD.org a round robin DNS entry to
share the load amongst the various CVSup servers?While CVSup mirrors update from the master CVSup
server hourly, this update might happen at any time during
the hour. This means that some servers have newer code
than others, even though all servers have code that is
less than an hour old. If cvsup.FreeBSD.org was a round
robin DNS entry that simply redirected users to a random
CVSup server, running CVSup twice in a row could download
code older than the code already on the system.Why does my system say (bus speed
defaulted) when it boots?The Adaptec 1542 SCSI host adapters allow the user to
configure their bus access speed in software. Previous versions
of the 1542 driver tried to determine the fastest usable speed
and set the adapter to that. We found that this breaks some
users' systems, so you now have to define the
TUNE_1542 kernel configuration option in order
to have this take place. Using it on those systems where it
works may make your disks run faster, but on those systems
where it does not, your data could be corrupted.Can I follow -CURRENT with limited Internet access?Yes, you can do this without
downloading the whole source tree by using the CTM facility.How did you split the distribution into 240k files?Newer BSD based systems have a
option to &man.split.1; that allows them to split files on arbitrary
byte boundaries.Here is an example from
/usr/src/Makefile.bin-tarball:
(cd ${DISTDIR}; \
tar cf - . \
gzip --no-name -9 -c | \
split -b 240640 - \
${RELEASEDIR}/tarballs/bindist/bin_tgz.)I have written a kernel extension, who do I send it
to?Please take a look at the article on Contributing
to FreeBSD to learn how to submit code.And thanks for the thought!How are Plug N Play ISA cards detected and
initialized?By: Frank Durda IV
uhclem@nemesis.lonestar.orgIn a nutshell, there a few I/O ports that all of the
PnP boards respond to when the host asks if anyone is out
there. So when the PnP probe routine starts, it asks if there
are any PnP boards present, and all the PnP boards respond with
their model # to a I/O read of the same port, so the probe
routine gets a wired-OR yes to that question. At
least one bit will be on in that reply. Then the probe code is
able to cause boards with board model IDs (assigned by
Microsoft/Intel) lower than X to go off-line. It
then looks to see if any boards are still responding to the
query. If the answer was 0, then there are
no boards with IDs above X. Now probe asks if there are any
boards below X. If so, probe knows there are
boards with a model numbers below X. Probe then asks for boards
greater than X-(limit/4) to go off-line. If repeats the query.
By repeating this semi-binary search of IDs-in-range enough
times, the probing code will eventually identify all PnP boards
present in a given machine with a number of iterations that is
much lower than what 2^64 would take.The IDs are two 32-bit fields (hence 2ˆ64) + 8 bit
checksum. The first 32 bits are a vendor identifier. They never
come out and say it, but it appears to be assumed that
different types of boards from the same vendor could have
different 32-bit vendor ids. The idea of needing 32 bits just
for unique manufacturers is a bit excessive.The lower 32 bits are a serial #, Ethernet address,
something that makes this one board unique. The vendor must
never produce a second board that has the same lower 32 bits
unless the upper 32 bits are also different. So you can have
multiple boards of the same type in the machine and the full 64
bits will still be unique.The 32 bit groups can never be all zero. This allows the
wired-OR to show non-zero bits during the initial binary
search.Once the system has identified all the board IDs present,
it will reactivate each board, one at a time (via the same I/O
ports), and find out what resources the given board needs, what
interrupt choices are available, etc. A scan is made over all
the boards to collect this information.This info is then combined with info from any ECU files
on the hard disk or wired into the MLB BIOS. The ECU and BIOS
PnP support for hardware on the MLB is usually synthetic, and
the peripherals do not really do genuine PnP. However by
examining the BIOS info plus the ECU info, the probe routines
can cause the devices that are PnP to avoid those devices the
probe code cannot relocate.Then the PnP devices are visited once more and given
their I/O, DMA, IRQ and Memory-map address assignments. The
devices will then appear at those locations and remain there
until the next reboot, although there is nothing that says you
cannot move them around whenever you want.There is a lot of oversimplification above, but you
should get the general idea.Microsoft took over some of the primary printer status
ports to do PnP, on the logic that no boards decoded those
addresses for the opposing I/O cycles. I found a genuine IBM
printer board that did decode writes of the status port during
the early PnP proposal review period, but MS said
tough. So they do a write to the printer status
port for setting addresses, plus that use that address +
0x800, and a third I/O port for reading that
can be located anywhere between 0x200 and
0x3ff.Can you assign a major number for a device driver I have
written?&os.current; after February 2003 has a facility for
dynamically and automatically allocating major numbers for
device drivers at runtime. This mechanism is highly
preferred to the older procedure of statically allocating
device numbers. Some comments on this subject can be
found in src/sys/conf/majors.If you are forced for some reason to use a static
major number, the procedure for obtaining one depends on
whether or not you plan on making the driver publicly
available. If you do, then please send us a copy of the
driver source code, plus the appropriate modifications to
files.i386, a sample configuration
file entry, and the appropriate &man.MAKEDEV.8; code to
create any special files your device uses. If you do not,
or are unable to because of licensing restrictions, then
character major number 32 and block major number 8 have
been reserved specifically for this purpose; please use
them. In any case, we would appreciate hearing about your
driver on the &a.hackers;.What about alternative layout policies for
directories?In answer to the question of alternative layout policies
for directories, the scheme that is currently in use is
unchanged from what I wrote in 1983. I wrote that policy for
the original fast filesystem, and never revisited it. It works
well at keeping cylinder groups from filling up. As several of
you have noted, it works poorly for find. Most filesystems are
created from archives that were created by a depth first search
(aka ftw). These directories end up being striped across the
cylinder groups thus creating a worst possible scenario for
future depth first searches. If one knew the total number of
directories to be created, the solution would be to create
(total / fs_ncg) per cylinder group before moving on.
Obviously, one would have to create some heuristic to guess at
this number. Even using a small fixed number like say 10 would
make an order of magnitude improvement. To differentiate
restores from normal operation (when the current algorithm is
probably more sensible), you could use the clustering of up to
10 if they were all done within a ten second window. Anyway, my
conclusion is that this is an area ripe for
experimentation.Kirk McKusick, September 1998How can I make the most of the data I see when my kernel
panics?[This section was extracted from a mail
written by &a.wpaul; on the freebsd-current
mailing list by &a.des;, who
fixed a few typos and added the bracketed comments]
From: Bill Paul <wpaul@skynet.ctr.columbia.edu>
Subject: Re: the fs fun never stops
To: Ben Rosengart
Date: Sun, 20 Sep 1998 15:22:50 -0400 (EDT)
Cc: current@FreeBSD.orgBen Rosengart posted the following
panic message]> Fatal trap 12: page fault while in kernel mode
> fault virtual address = 0x40
> fault code = supervisor read, page not present
> instruction pointer = 0x8:0xf014a7e5
^^^^^^^^^^
> stack pointer = 0x10:0xf4ed6f24
> frame pointer = 0x10:0xf4ed6f28
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, def32 1, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 80 (mount)
> interrupt mask =
> trap number = 12
> panic: page fault[When] you see a message like this, it is not enough to just
reproduce it and send it in. The instruction pointer value that
I highlighted up there is important; unfortunately, it is also
configuration dependent. In other words, the value varies
depending on the exact kernel image that you are using. If
you are using a GENERIC kernel image from one of the snapshots,
then it is possible for somebody else to track down the
offending function, but if you are running a custom kernel then
only you can tell us where the fault
occurred.What you should do is this:Write down the instruction pointer value. Note that
the 0x8: part at the beginning is not
significant in this case: it is the
0xf0xxxxxx part that we want.When the system reboots, do the following:
&prompt.user; nm -n /kernel.that.caused.the.panic | grep f0xxxxxx
where f0xxxxxx is the instruction
pointer value. The odds are you will not get an exact
match since the symbols in the kernel symbol table are
for the entry points of functions and the instruction
pointer address will be somewhere inside a function, not
at the start. If you do not get an exact match, omit the
last digit from the instruction pointer value and try
again, i.e.:
&prompt.user; nm -n /kernel.that.caused.the.panic | grep f0xxxxx
If that does not yield any results, chop off another
digit. Repeat until you get some sort of output. The
result will be a possible list of functions which caused
the panic. This is a less than exact mechanism for
tracking down the point of failure, but it is better than
nothing.I see people constantly show panic messages like this
but rarely do I see someone take the time to match up the
instruction pointer with a function in the kernel symbol
table.The best way to track down the cause of a panic is by
capturing a crash dump, then using &man.gdb.1; to generate
a stack trace on the crash dump.In any case, the method I normally use is this:Set up a kernel config file, optionally adding
options DDB if you think you need
the kernel debugger for something. (I use this mainly
for setting breakpoints if I suspect an infinite loop
condition of some kind.)Use config -g
KERNELCONFIG to set
up the build directory.cd /sys/compile/
KERNELCONFIG; make
Wait for kernel to finish compiling.make installrebootThe &man.make.1; process will have built two kernels.
kernel and
kernel.debug.
kernel was installed as
/kernel, while
kernel.debug can be used as the
source of debugging symbols for &man.gdb.1;.To make sure you capture a crash dump, you need edit
/etc/rc.conf and set
dumpdev to point to your swap
partition. This will cause the &man.rc.8; scripts to use
the &man.dumpon.8; command to enable crash dumps. You can
also run &man.dumpon.8; manually. After a panic, the
crash dump can be recovered using &man.savecore.8;; if
dumpdev is set in
/etc/rc.conf, the &man.rc.8; scripts
will run &man.savecore.8; automatically and put the crash
dump in /var/crash.FreeBSD crash dumps are usually the same size as the
physical RAM size of your machine. That is, if you have
64MB of RAM, you will get a 64MB crash dump. Therefore you
must make sure there is enough space in
/var/crash to hold the dump.
Alternatively, you run &man.savecore.8;
manually and have it recover the crash dump to another
directory where you have more room. It is possible to limit
the size of the crash dump by using options
MAXMEM=(foo) to set the amount of memory the
kernel will use to something a little more sensible. For
example, if you have 128MB of RAM, you can limit the
kernel's memory usage to 16MB so that your crash dump size
will be 16MB instead of 128MB.Once you have recovered the crash dump, you can get a
stack trace with &man.gdb.1; as follows:&prompt.user; gdb -k /sys/compile/KERNELCONFIG/kernel.debug /var/crash/vmcore.0(gdb)whereNote that there may be several screens worth of
information; ideally you should use
&man.script.1; to capture all of them. Using the
unstripped kernel image with all the debug symbols should show
the exact line of kernel source code where the panic occurred.
Usually you have to read the stack trace from the bottom up in
order to trace the exact sequence of events that lead to the
crash. You can also use &man.gdb.1; to print out
the contents of various variables or structures in order to
examine the system state at the time of the crash.Now, if you are really insane and have a second computer,
you can also configure &man.gdb.1; to do remote
debugging such that you can use &man.gdb.1; on
one system to debug the kernel on another system, including
setting breakpoints, single-stepping through the kernel code,
just like you can do with a normal user-mode program. I have not
played with this yet as I do not often have the chance to set up
two machines side by side for debugging purposes.[Bill adds: "I forgot to mention one thing: if
you have DDB enabled and the kernel drops into the debugger,
you can force a panic (and a crash dump) just by typing 'panic'
at the ddb prompt. It may stop in the debugger again during the
panic phase. If it does, type 'continue' and it will finish the
crash dump." -ed]Why has dlsym() stopped working for ELF executables?The ELF toolchain does not, by default, make the symbols
defined in an executable visible to the dynamic linker.
Consequently dlsym() searches on handles
obtained from calls to dlopen(NULL,
flags) will fail to find such symbols.If you want to search, using
dlsym(), for symbols present in the
main executable of a process, you need to link the
executable using the
option to the ELF linker (&man.ld.1;).How can I increase or reduce the kernel address space?By default, the kernel address space is 256 MB on
FreeBSD 3.X and 1 GB on FreeBSD 4.X. If you run a
network-intensive server (e.g. a large FTP or HTTP server),
you might find that 256 MB is not enough.So how do you increase the address space? There are two
aspects to this. First, you need to tell the kernel to reserve
a larger portion of the address space for itself. Second, since
the kernel is loaded at the top of the address space, you need
to lower the load address so it does not bump its head against
the ceiling.The first goal is achieved by increasing the value of
NKPDE in
src/sys/i386/include/pmap.h. Here is what
it looks like for a 1 GB address space:#ifndef NKPDE
#ifdef SMP
#define NKPDE 254 /* addressable number of page tables/pde's */
#else
#define NKPDE 255 /* addressable number of page tables/pde's */
#endif /* SMP */
#endifTo find the correct value of NKPDE,
divide the desired address space size (in megabytes) by four,
then subtract one for UP and two for SMP.To achieve the second goal, you need to compute the
correct load address: simply subtract the address space size
(in bytes) from 0x100100000; the result is 0xc0100000 for a 1
GB address space. Set LOAD_ADDRESS in
src/sys/i386/conf/Makefile.i386 to that
value; then set the location counter in the beginning of the
section listing in
src/sys/i386/conf/kernel.script to the
same value, as follows:OUTPUT_FORMAT("elf32-i386", "elf32-i386", "elf32-i386")
OUTPUT_ARCH(i386)
ENTRY(btext)
SEARCH_DIR(/usr/lib); SEARCH_DIR(/usr/obj/elf/home/src/tmp/usr/i386-unknown-freebsdelf/lib);
SECTIONS
{
/* Read-only sections, merged into text segment: */
. = 0xc0100000 + SIZEOF_HEADERS;
.interp : { *(.interp) }Then reconfig and rebuild your kernel. You will
probably have problems with &man.ps.1; &man.top.1; and the
like; make world should take care of it
(or a manual rebuild of libkvm,
&man.ps.1; and &man.top.1; after copying the patched
pmap.h to
/usr/include/vm/.NOTE: the size of the kernel address space must be a
multiple of four megabytes.[&a.dg; adds: I think the kernel address space
needs to be a power of two, but I am not certain about that. The
old(er) boot code used to monkey with the high order address bits
and I think expected at least 256MB
granularity.]Acknowledgments
FreeBSD Core TeamIf you see a problem with this FAQ, or wish to submit an
entry, please mail the &a.doc;. We appreciate your feedback,
and cannot make this a better FAQ without your help!
&a.jkh;Occasional fits of FAQ-reshuffling and updating.&a.dwhite;Services above and beyond the call of duty on
freebsd-questions&a.joerg;Services above and beyond the call of duty on
Usenet&a.wollman;Networking and formattingJim LoweMulticast information&a.pds;FreeBSD FAQ typing machine slaveyThe FreeBSD TeamKvetching, moaning, submitting dataAnd to any others we have forgotten, apologies and heartfelt
thanks!
&bibliography;
diff --git a/en_US.ISO8859-1/books/fdp-primer/Makefile b/en_US.ISO8859-1/books/fdp-primer/Makefile
index 6e734106a9..ecc7ebc217 100644
--- a/en_US.ISO8859-1/books/fdp-primer/Makefile
+++ b/en_US.ISO8859-1/books/fdp-primer/Makefile
@@ -1,50 +1,51 @@
#
# $FreeBSD$
#
# Build the FreeBSD Documentation Project Primer.
#
MAINTAINER=doc@FreeBSD.org
DOC?= book
FORMATS?= html-split html
INSTALL_COMPRESSED?= gz
INSTALL_ONLY_COMPRESSED?=
#
# SRCS lists the individual SGML files that make up the document. Changes
# to any of these files will force a rebuild
#
# SGML content
SRCS= book.sgml
SRCS+= overview/chapter.sgml
SRCS+= psgml-mode/chapter.sgml
SRCS+= see-also/chapter.sgml
SRCS+= sgml-markup/chapter.sgml
SRCS+= sgml-primer/chapter.sgml
SRCS+= stylesheets/chapter.sgml
SRCS+= structure/chapter.sgml
SRCS+= doc-build/chapter.sgml
SRCS+= the-website/chapter.sgml
SRCS+= tools/chapter.sgml
SRCS+= translations/chapter.sgml
SRCS+= writing-style/chapter.sgml
SRCS+= examples/appendix.sgml
# Images from the cross-document image library
IMAGES_LIB= callouts/1.png
IMAGES_LIB+= callouts/2.png
IMAGES_LIB+= callouts/3.png
IMAGES_LIB+= callouts/4.png
IMAGES_LIB+= callouts/5.png
# Entities
SRCS+= chapters.ent
-DOC_PREFIX?= ${.CURDIR}/../../..
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
diff --git a/en_US.ISO8859-1/books/fdp-primer/overview/chapter.sgml b/en_US.ISO8859-1/books/fdp-primer/overview/chapter.sgml
index 8674617514..92e08ff762 100644
--- a/en_US.ISO8859-1/books/fdp-primer/overview/chapter.sgml
+++ b/en_US.ISO8859-1/books/fdp-primer/overview/chapter.sgml
@@ -1,300 +1,300 @@
OverviewWelcome to the FreeBSD Documentation Project. Good quality
documentation is very important to the success of FreeBSD, and the
FreeBSD Documentation Project (FDP) is how a lot of that documentation
is produced. Your contributions are very valuable.This document's main purpose is to clearly explain how
the FDP is organized, how to write and submit
documentation to the FDP, and how to
effectively use the tools available to you when writing
documentation.Membership
Everyone is welcome to join the FDP. There is no minimum
membership requirement, no quota of documentation you need to
produce per month. All you need to do is subscribe to the
&a.doc;.After you have finished reading this document you should:Know which documentation is maintained by the FDP.Be able to read and understand the SGML source code for the
documentation maintained by the FDP.Be able to make changes to the documentation.Be able to submit your changes back for review and eventual
inclusion in the FreeBSD documentation.The FreeBSD Documentation SetThe FDP is responsible for four categories of FreeBSD
documentation.Manual pagesThe English language system manual pages are not written by
the FDP, as they are part of the base system. However, the FDP can
(and has) re-worded parts of existing manual pages to make them
clearer, or to correct inaccuracies.The translation teams are responsible for translating the
system manual pages into different languages. These translations
are kept within the FDP.FAQThe FAQ aims to address (in short question and answer format)
questions that are asked, or should be asked, on the various
mailing lists and newsgroups devoted to FreeBSD. The format does
not permit long and comprehensive answers.HandbookThe Handbook aims to be the comprehensive on-line resource and
reference for FreeBSD users.Web siteThis is the main FreeBSD presence on the World Wide Web,
visible at http://www.FreeBSD.org/
+ url="&url.base;/index.html">http://www.FreeBSD.org/
and many mirrors around the world. The web site is many people's
first exposure to FreeBSD.These four groups of documentation are all available in the
FreeBSD CVS tree. This means that the logs of changes to these
files are visible to anyone, and anyone can use a program such as
CVSup or
CTM to keep local copies of
this documentation.In addition, many people have written tutorials or other web
sites relating to FreeBSD. Some of these are stored in the CVS
repository as well (where the author has agreed to this). In
other cases the author has decided to keep his documentation
separate from the main FreeBSD repository. The FDP endeavours to
provide links to as much of this documentation as
possible.Before you startThis document assumes that you already know:How to maintain an up-to-date local copy of the FreeBSD
documentation by maintaining a local copy of the
FreeBSD CVS repository (using CVS
and either CVSup or
CTM) or by using
CVSup to download just a
checked-out copy.How to download and install new software using either the
FreeBSD Ports system or &man.pkg.add.1;.Quick StartIf you just want to get going, and feel confident you can pick
things up as you go along, follow these instructions.Install the textproc/docproj
meta-port.&prompt.root; cd /usr/ports/textproc/docproj
&prompt.root; make JADETEX=no installGet a local copy of the FreeBSD doc tree.
Either use CVSup in checkout mode to do this, or
get a full copy of the CVS repository locally.If you have the CVS repository locally then as a minimum you
will need to checkout the doc/share, and
doc/en_US.ISO8859-1/share
directories.&prompt.user; cvs checkout doc/share
&prompt.user; cvs checkout doc/en_US.ISO8859-1/shareIf you have plenty of disk space then you could check out
everything.&prompt.user; cvs checkout docIf you are preparing a change to an existing book or article,
check it out of the repository as necessary. If you are planning on
contributing a new book or article then use an existing one as a
guide.For example, if you want to contribute a new article about
setting up a VPN between FreeBSD and Windows 2000 you might do the
following.Check out the articles
directory.&prompt.user; cvs checkout doc/en_US.ISO8859-1/articlesCopy an existing article to use as a template. In this
case, you have decided that your new article belongs in a
directory called vpn-w2k.&prompt.user; cd doc/en_US.ISO8859-1/articles
&prompt.user; cp -r committers-guide vpn-w2kIf you wanted to edit an existing document, such as the FAQ,
which is in doc/en_US.ISO8859-1/books/faq you
would check it out of the repository like this.&prompt.user; cvs checkout doc/en_US.ISO8859-1/books/faqEdit the .sgml files using your editor of
choice.Test the markup using the lint
target. This will quickly find any errors in the document
without actually performing the time-consuming
transformation.&prompt.user; make lintWhen you are ready to actually build the document, you
may specify a single format or a list of formats in the
FORMATS variable. Currently,
html, html-split,
txt, ps,
pdf, and rtf are
supported. The most up to date list of supported formats is
listed at the top of the
doc/share/mk/doc.docbook.mk file. Make
sure to use quotes around the list of formats when you build
more than one format with a single command.For example, to convert the document to
html only, you would use:&prompt.user; make FORMATS=htmlBut when you want to convert the document to both
html and txt format,
you could use either two separate &man.make.1; runs,
with:&prompt.user; make FORMATS=html
&prompt.user; make FORMATS=txtor, you can do it in one command:&prompt.user; make FORMATS="html txt"Submit your changes using &man.send-pr.1;.
diff --git a/en_US.ISO8859-1/books/fdp-primer/see-also/chapter.sgml b/en_US.ISO8859-1/books/fdp-primer/see-also/chapter.sgml
index 0ecf44a66c..074ae66502 100644
--- a/en_US.ISO8859-1/books/fdp-primer/see-also/chapter.sgml
+++ b/en_US.ISO8859-1/books/fdp-primer/see-also/chapter.sgml
@@ -1,134 +1,134 @@
See AlsoThis document is deliberately not an exhaustive discussion of SGML,
the DTDs listed, and the FreeBSD Documentation Project. For more
information about these, you are encouraged to see the following web
sites.The FreeBSD Documentation Project
- The FreeBSD
+ The FreeBSD
Documentation Project web pagesThe FreeBSD HandbookSGMLThe SGML/XML web
page, a comprehensive SGML resourceGentle introduction to SGMLHTMLThe World Wide Web
ConsortiumThe HTML 4.0
specificationDocBookThe DocBook
Technical Committee, maintainers of the DocBook DTDDocBook: The Definitive
Guide, the online documentation for the DocBook
DTD.The DocBook Open
Repository contains DSSSL stylesheets and other resources
for people using DocBook.The Linux Documentation ProjectThe Linux Documentation
Project web pages
diff --git a/en_US.ISO8859-1/books/fdp-primer/sgml-markup/chapter.sgml b/en_US.ISO8859-1/books/fdp-primer/sgml-markup/chapter.sgml
index 37daa09b95..844e3d610f 100644
--- a/en_US.ISO8859-1/books/fdp-primer/sgml-markup/chapter.sgml
+++ b/en_US.ISO8859-1/books/fdp-primer/sgml-markup/chapter.sgml
@@ -1,2692 +1,2692 @@
SGML MarkupThis chapter describes the two markup languages you will encounter
when you contribute to the FreeBSD documentation project. Each section
describes the markup language, and details the markup that you are likely
to want to use, or that is already in use.These markup languages contain a large number of elements, and it can
be confusing sometimes to know which element to use for a particular
situation. This section goes through the elements you are most likely to
need, and gives examples of how you would use them.This is not an exhaustive list of elements, since
that would just reiterate the documentation for each language. The aim of
this section is to list those elements more likely to be useful to you.
If you have a question about how best to markup a particular piece of
content, please post it to the &a.doc;.Inline vs. blockIn the remainder of this document, when describing elements,
inline means that the element can occur within a
block element, and does not cause a line break. A
block element, by comparison, will cause a line
break (and other processing) when it is encountered.HTMLHTML, the HyperText Markup Language, is the markup language of
choice on the World Wide Web. More information can be found at
<URL:>.HTML is used to markup pages on the FreeBSD web site. It should not
(generally) be used to mark up other documentation,
since DocBook offers a
far richer set of elements to choose from. Consequently, you will
normally only encounter HTML pages if you are writing for the web
site.HTML has gone through a number of versions, 1, 2, 3.0, 3.2, and the
latest, 4.0 (available in both strict and
loose variants).The HTML DTDs are available from the ports collection in the
textproc/html port. They are automatically
installed as part of the textproc/docproj
port.Formal Public Identifier (FPI)There are a number of HTML FPIs, depending upon the version (also
known as the level) of HTML that you want to declare your document to
be compliant with.The majority of HTML documents on the FreeBSD web site comply with
the loose version of HTML 4.0.PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"Sectional elementsAn HTML document is normally split into two sections. The first
section, called the head, contains
meta-information about the document, such as its title, the name of
the author, the parent document, and so on. The second section, the
body, contains the content that will be displayed
to the user.These sections are indicated with head and
body elements respectively. These elements are
contained within the top-level html element.Normal HTML document structure<html>
<head>
<title>The document's title</title>
</head>
<body>
…
</body>
</html>Block elementsHeadingsHTML allows you to denote headings in your document, at up to
six different levels.The largest and most prominent heading is h1,
then h2, continuing down to
h6.The element's content is the text of the heading.h1, h2, etc.Use:First section
This is the heading for the first section
This is the heading for the first sub-section
This is the heading for the second section
]]>Generally, an HTML page should have one first level heading
(h1). This can contain many second level
headings (h2), which can in turn contain many
third level headings. Each
hn element should have
the same element, but one further up the hierarchy, preceding it.
Leaving gaps in the numbering is to be avoided.Bad ordering of
hn elementsUse:First section
Sub-section
]]>ParagraphsHTML supports a single paragraph element,
p.pUse:This is a paragraph. It can contain just about any
other element.
]]>
Block quotationsA block quotation is an extended quotation from another document
that should not appear within the current paragraph.blockquoteUse:A small excerpt from the US Constitution:
We the People of the United States, in Order to form
a more perfect Union, establish Justice, insure domestic
Tranquility, provide for the common defence, promote the general
Welfare, and secure the Blessings of Liberty to ourselves and our
Posterity, do ordain and establish this Constitution for the
United States of America.
]]>ListsYou can present the user with three types of lists, ordered,
unordered, and definition.Typically, each entry in an ordered list will be numbered, while
each entry in an unordered list will be preceded by a bullet point.
Definition lists are composed of two sections for each entry. The
first section is the term being defined, and the second section is
the definition of the term.Ordered lists are indicated by the ol
element, unordered lists by the ul element, and
definition lists by the dl element.Ordered and unordered lists contain listitems, indicated by the
li element. A listitem can contain textual
content, or it may be further wrapped in one or more
p elements.Definition lists contain definition terms
(dt) and definition descriptions
(dd). A definition term can only contain inline
elements. A definition description can contain other block
elements.ul and olUse:An unordered list. Listitems will probably be
preceded by bullets.
First item
Second item
Third item
An ordered list, with list items consisting of multiple
paragraphs. Each item (note: not each paragraph) will be
numbered.
This is the first item. It only has one paragraph.
This is the first paragraph of the second item.
This is the second paragraph of the second item.
This is the first and only paragraph of the third
item.
]]>Definition lists with dlUse:
Term 1
Paragraph 1 of definition 1.
Paragraph 2 of definition 1.
Term 2
Paragraph 1 of definition 2.
Term 3
Paragraph 1 of definition 3. Note that the <p>
element is not required in the single paragraph case.
]]>Pre-formatted textYou can indicate that text should be shown to the user exactly
as it is in the file. Typically, this means that the text is shown
in a fixed font, multiple spaces are not merged into one, and line
breaks in the text are significant.In order to do this, wrap the content in the
pre element.preYou could use pre to mark up an e-mail
message; From: nik@FreeBSD.org
To: freebsd-doc@FreeBSD.org
Subject: New documentation available
There is a new copy of my primer for contributors to the FreeBSD
Documentation Project available at
Comments appreciated.
N]]>TablesMost text-mode browsers (such as Lynx) do not render tables
particularly effectively. If you are relying on the tabular
display of your content, you should consider using alternative
markup to prevent confusion.Mark up tabular information using the table
element. A table consists of one or more table rows
(tr), each containing one or more cells of table
data (td). Each cell can contain other block
elements, such as paragraphs or lists. It can also contain another
table (this nesting can repeat indefinitely). If the cell only
contains one paragraph then you do not need to include the
p element.Simple use of tableUse:This is a simple 2x2 table.
Top left cell
Top right cell
Bottom left cell
Bottom right cell
]]>A cell can span multiple rows and columns. To indicate this,
add the rowspan and/or colspan
attributes, with values indicating the number of rows of columns
that should be spanned.Using rowspanUse:One tall thin cell on the left, two short cells next to
it on the right.
Long and thin
Top cell
Bottom cell
]]>Using colspanUse:One long cell on top, two short cells below it.
Top cell
Bottom left cell
Bottom right cell
]]>Using rowspan and
colspan togetherUse:On a 3x3 grid, the top left block is a 2x2 set of
cells merged into one. The other cells are normal.
Top left large cell
Top right cell
Middle right cell
Bottom left cell
Bottom middle cell
Bottom right cell
]]>In-line elementsEmphasising informationYou have two levels of emphasis available in HTML,
em and strong.
em is for a normal level of emphasis and
strong indicates stronger emphasis.Typically, em is rendered in italic and
strong is rendered in bold. This is not always
the case, however, and you should not rely on it.em and strongUse:This has been emphasised, while
this has been strongly emphasised.]]>Bold and italicsBecause HTML includes presentational markup, you can also
indicate that particular content should be rendered in bold or
italic. The elements are b and
i respectively.b and iThis is in bold, while this is
in italics.]]>Indicating fixed pitch textIf you have content that should be rendered in a fixed pitch
(typewriter) typeface, use tt (for
teletype).ttUse:This document was originally written by
Nik Clayton, who can be reached by e-mail as
nik@FreeBSD.org.]]>Content sizeYou can indicate that content should be shown in a larger or
smaller font. There are three ways of doing this.Use big and small
around the content you wish to change size. These tags can be
nested, so <big><big>This is much
bigger</big></big> is possible.Use font with the size
attribute set to +1 or -1
respectively. This has the same effect as using
big or small. However,
the use of this approach is deprecated.Use font with the size
attribute set to a number between 1 and 7. The default font size
is 3. This approach is deprecated.big, small, and
fontThe following fragments all do the same thing.This text is slightly smaller. But
this text is slightly bigger.
This text is slightly smaller. But
this text is slightly bigger
This text is slightly smaller. But
this text is slightly bigger.
]]>
LinksLinks are also in-line elements.Linking to other documents on the WWWIn order to include a link to another document on the WWW you
must know the URL of the document you want to link to.The link is indicated with a, and the
href attribute contains the URL of the target
document. The content of the element becomes the link, and is
normally indicated to the user in some way (underlining, change of
color, different mouse cursor when over the link, and so
on).Using <a href="...">Use:More information is available at the
FreeBSD web site.]]>These links will take the user to the top of the chosen
document.Linking to other parts of documentsLinking to a point within another document (or within the same
document) requires that the document author include anchors that you
can link to.Anchors are indicated with a and the
name attribute instead of
href.Using <a name="...">Use:This paragraph can be referenced
in other links with the name para1.]]>To link to a named part of a document, write a normal link to
that document, but include the name of the anchor after a
# symbol.Linking to a named part of another documentAssume that the para1 example resides in a
document called foo.html.More information can be found in the
first paragraph of
foo.html.]]>If you are linking to a named anchor within the same document
then you can omit the document's URL, and just include the name of
the anchor (with the preceding #).Linking to a named part of the same documentAssume that the para1 example resides in
this documentMore information can be found in the
first paragraph of this
document.]]>DocBookDocBook was originally developed by HaL Computer Systems and O'Reilly
& Associates to be a DTD for writing technical documentation
A short history can be found under
http://www.oasis-open.org/committees/docbook/intro.shtml.
. Since 1998 it is maintained by the
DocBook Technical Committee. As such, and unlike LinuxDoc
and HTML, DocBook is very heavily oriented towards markup that
describes what something is, rather than describing
how it should be presented.formal vs. informalSome elements may exist in two forms, formal
and informal. Typically, the formal version of
the element will consist of a title followed by the informal
version of the element. The informal version will not have a
title.The DocBook DTD is available from the ports collection in the
textproc/docbook port. It is automatically
installed as part of the textproc/docproj
port.FreeBSD extensionsThe FreeBSD Documentation Project has extended the DocBook DTD by
adding some new elements. These elements serve to make some of the
markup more precise.Where a FreeBSD specific element is listed below it is clearly
marked.Throughout the rest of this document, the term
DocBook is used to mean the FreeBSD extended DocBook
DTD.There is nothing about these extensions that is FreeBSD
specific, it was just felt that they were useful enhancements for
this particular project. Should anyone from any of the other *nix
camps (NetBSD, OpenBSD, Linux, …) be interested in
collaborating on a standard DocBook extension set, please get in
touch with &a.doceng;.The FreeBSD extensions are not (currently) in the ports
collection. They are stored in the FreeBSD CVS tree, as doc/share/sgml/freebsd.dtd.Formal Public Identifier (FPI)In compliance with the DocBook guidelines for writing FPIs for
DocBook customisations, the FPI for the FreeBSD extended DocBook DTD
is;PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN"Document structureDocBook allows you to structure your documentation in several
ways. In the FreeBSD Documentation Project we are using two primary
types of DocBook document: the book and the article.A book is organized into chapters. This is a
mandatory requirement. There may be parts between
the book and the chapter to provide another layer of organisation.
The Handbook is arranged in this way.A chapter may (or may not) contain one or more sections. These
are indicated with the sect1 element. If a section
contains another section then use the sect2
element, and so on, up to sect5.Chapters and sections contain the remainder of the content.An article is simpler than a book, and does not use chapters.
Instead, the content of an article is organized into one or more
sections, using the same sect1 (and
sect2 and so on) elements that are used in
books.Obviously, you should consider the nature of the documentation you
are writing in order to decide whether it is best marked up as a book
or an article. Articles are well suited to information that does not
need to be broken down into several chapters, and that is, relatively
speaking, quite short, at up to 20-25 pages of content. Books are
best suited to information that can be broken up into several
chapters, possibly with appendices and similar content as well.
- The FreeBSD
+ The FreeBSD
tutorials are all marked up as articles, while this
document, the FreeBSD
FAQ, and the FreeBSD Handbook are
all marked up as books.Starting a bookThe content of the book is contained within the
book element. As well as containing structural
markup, this element can contain elements that include additional
information about the book. This is either meta-information, used
for reference purposes, or additional content used to produce a
title page.This additional information should be contained within
bookinfo.Boilerplate book with
bookinfo<book>
<bookinfo>
<title>Your title here</title>
<author>
<firstname>Your first name</firstname>
<surname>Your surname</surname>
<affiliation>
<address><email>Your e-mail address</email></address>
</affiliation>
</author>
<copyright>
<year>1998</year>
<holder role="mailto:your e-mail address">Your name</holder>
</copyright>
<releaseinfo>$FreeBSD$</releaseinfo>
<abstract>
<para>Include an abstract of the book's contents here.</para>
</abstract>
</bookinfo>
…
</book>Starting an articleThe content of the article is contained within the
article element. As well as containing
structural markup, this element can contain elements that include
additional information about the article. This is either
meta-information, used for reference purposes, or additional content
used to produce a title page.This additional information should be contained within
articleinfo.Boilerplate article with
articleinfo<article>
<articleinfo>
<title>Your title here</title>
<author>
<firstname>Your first name</firstname>
<surname>Your surname</surname>
<affiliation>
<address><email>Your e-mail address</email></address>
</affiliation>
</author>
<copyright>
<year>1998</year>
<holder role="mailto:your e-mail address">Your name</holder>
</copyright>
<releaseinfo>$FreeBSD$</releaseinfo>
<abstract>
<para>Include an abstract of the article's contents here.</para>
</abstract>
</articleinfo>
…
</article>Indicating chaptersUse chapter to mark up your chapters. Each
chapter has a mandatory title. Articles do not
contain chapters, they are reserved for books.A simple chapterThe chapter's title
...
]]>A chapter cannot be empty; it must contain elements in addition
to title. If you need to include an empty
chapter then just use an empty paragraph.Empty chaptersThis is an empty chapter
]]>Sections below chaptersIn books, chapters may (but do not need to) be broken up into
sections, subsections, and so on. In articles, sections are the
main structural element, and each article must contain at least one
section. Use the
sectn element. The
n indicates the section number, which
identifies the section level.The first sectn is
sect1. You can have one or more of these in a
chapter. They can contain one or more sect2
elements, and so on, down to sect5.Sections in chaptersA sample chapterSome text in the chapter.First section (1.1)
…
Second section (1.2)First sub-section (1.2.1)First sub-sub-section (1.2.1.1)
…
Second sub-section (1.2.2)
…
]]>This example includes section numbers in the section titles.
You should not do this in your documents. Adding the section
numbers is carried out by the stylesheets (of which more
later), and you do not need to manage them yourself.Subdividing using partsYou can introduce another layer of organisation between
book and chapter with one or
more parts. This cannot be done in an
article.IntroductionOverview
...
What is FreeBSD?
...
History
...
]]>Block elementsParagraphsDocBook supports three types of paragraphs:
formalpara, para, and
simpara.Most of the time you will only need to use
para. formalpara includes a
title element, and simpara
disallows some elements from within para. Stick
with para.paraUse:This is a paragraph. It can contain just about any
other element. ]]>Appearance:This is a paragraph. It can contain just about any other
element.Block quotationsA block quotation is an extended quotation from another document
that should not appear within the current paragraph. You will
probably only need it infrequently.Blockquotes can optionally contain a title and an attribution
(or they can be left untitled and unattributed).blockquoteUse:A small excerpt from the US Constitution;
Preamble to the Constitution of the United StatesCopied from a web site somewhereWe the People of the United States, in Order to form a more perfect
Union, establish Justice, insure domestic Tranquility, provide for the
common defence, promote the general Welfare, and secure the Blessings
of Liberty to ourselves and our Posterity, do ordain and establish this
Constitution for the United States of America.
]]>Appearance:
Preamble to the Constitution of the United StatesCopied from a web site somewhereWe the People of the United States, in Order to form a more
perfect Union, establish Justice, insure domestic Tranquility,
provide for the common defence, promote the general Welfare, and
secure the Blessings of Liberty to ourselves and our Posterity,
do ordain and establish this Constitution for the United States
of America.
Tips, notes, warnings, cautions, important information and
sidebars.You may need to include extra information separate from the
main body of the text. Typically this is meta
information that the user should be aware of.Depending on the nature of the information, one of
tip, note,
warning, caution, and
important should be used. Alternatively, if the
information is related to the main text but is not one of the above,
use sidebar.The circumstances in which to choose one of these elements over
another is unclear. The DocBook documentation suggests;A Note is for information that should be heeded by all
readers.An Important element is a variation on Note.A Caution is for information regarding possible data loss
or software damage.A Warning is for information regarding possible hardware
damage or injury to life or limb.warningUse:Installing FreeBSD may make you want to delete Windows from your
hard disk.
]]>Installing FreeBSD may make you want to delete Windows from
your hard disk.Lists and proceduresYou will often need to list pieces of information to the user,
or present them with a number of steps that must be carried out in
order to accomplish a particular goal.In order to do this, use itemizedlist,
orderedlist, or
procedureThere are other types of
list element in DocBook, but we are not concerned with those at
the moment.itemizedlist and
orderedlist are similar to their counterparts in
HTML, ul and ol. Each one
consists of one or more listitem elements, and
each listitem contains one or more block
elements. The listitem elements are analogous to
HTML's li tags. However, unlike HTML, they are
required.procedure is slightly different. It consists
of steps, which may in turn consists of more
steps or substeps. Each
step contains block elements.itemizedlist,
orderedlist, and
procedureUse:This is the first itemized item.This is the second itemized item.This is the first ordered item.This is the second ordered item.Do this.Then do this.And now do this.]]>Appearance:This is the first itemized item.This is the second itemized item.This is the first ordered item.This is the second ordered item.Do this.Then do this.And now do this.Showing file samplesIf you want to show a fragment of a file (or perhaps a complete
file) to the user, wrap it in the programlisting
element.White space and line breaks within
programlistingare
significant. In particular, this means that the opening tag should
appear on the same line as the first line of the output, and the
closing tag should appear on the same line as the last line of the
output, otherwise spurious blank lines may be included.programlistingUse:When you have finished, your program should look like
this;
#include <stdio.h>
int
main(void)
{
printf("hello, world\n");
}]]>Notice how the angle brackets in the
#include line need to be referenced by their
entities instead of being included literally.Appearance:When you have finished, your program should look like
this;#include <stdio.h>
int
main(void)
{
printf("hello, world\n");
}CalloutsA callout is a mechanism for referring back to an earlier piece
of text or specific position within an earlier example without
linking to it within the text.To do this, mark areas of interest in your example
(programlisting,
literallayout, or whatever) with the
co element. Each element must have a unique
id assigned to it. After the example include a
calloutlist that refers back to the example and
provides additional commentary.co and
calloutlistWhen you have finished, your program should look like
this;
#include <stdio.h>
int
main(void)
{
printf("hello, world\n");
}Includes the standard IO header file.Specifies that main() returns an
int.The printf() call that writes
hello, world to standard output.]]>Appearance:When you have finished, your program should look like
this;#include <stdio.h>
int
main(void)
{
printf("hello, world\n");
}Includes the standard IO header file.Specifies that main() returns an
int.The printf() call that writes
hello, world to standard output.TablesUnlike HTML, you do not need to use tables for layout purposes,
as the stylesheet handles those issues for you. Instead, just use
tables for marking up tabular data.In general terms (and see the DocBook documentation for more
detail) a table (which can be either formal or informal) consists of
a table element. This contains at least one
tgroup element, which specifies (as an attribute)
the number of columns in this table group. Within the tablegroup
you can then have one thead element, which
contains elements for the table headings (column headings), and one
tbody which contains the body of the
table.Both tgroup and thead
contain row elements, which in turn contain
entry elements. Each entry
element specifies one cell in the table.informaltableUse:This is column head 1This is column head 2Row 1, column 1Row 1, column 2Row 2, column 1Row 2, column 2
]]>Appearance:This is column head 1This is column head 2Row 1, column 1Row 1, column 2Row 2, column 1Row 2, column 2If you do not want a border around the table the
frame attribute can be added to the
informaltable element with a value of
none (i.e., <informaltable
frame="none">).Tables where frame="none"Appearance:This is column head 1This is column head 2Row 1, column 1Row 1, column 2Row 2, column 1Row 2, column 2Examples for the user to followA lot of the time you need to show examples for the user to
follow. Typically, these will consist of dialogs with the computer;
the user types in a command, the user gets a response back, they
type in another command, and so on.A number of distinct elements and entities come into play
here.screenEverything the user sees in this example will be on the
computer screen, so the next element is
screen.Within screen, white space is
significant.prompt,
&prompt.root; and
&prompt.user;Some of the things the user will be seeing on the screen
are prompts from the computer (either from the operating system, command
shell, or application). These should be marked up using
prompt.As a special case, the two shell prompts for the normal
user and the root user have been provided as entities. Every
time you want to indicate the user is at a shell prompt, use
one of &prompt.root; and
&prompt.user; as necessary. They do
not need to be inside prompt.&prompt.root; and
&prompt.user; are FreeBSD
extensions to DocBook, and are not part of the original
DTD.userinputWhen displaying text that the user should type in, wrap it
in userinput tags. It will probably be
displayed differently to the user.screen, prompt, and
userinputUse:&prompt.user; ls -1
foo1
foo2
foo3
&prompt.user; ls -1 | grep foo2
foo2
&prompt.user; suPassword:
&prompt.root; cat foo2
This is the file called 'foo2']]>Appearance:&prompt.user; ls -1
foo1
foo2
foo3
&prompt.user; ls -1 | grep foo2
foo2
&prompt.user; suPassword:
&prompt.root; cat foo2
This is the file called 'foo2'Even though we are displaying the contents of the file
foo2, it is not marked
up as programlisting. Reserve
programlisting for showing fragments of files
outside the context of user actions.In-line elementsEmphasising informationWhen you want to emphasise a particular word or phrase, use
emphasis. This may be presented as italic, or
bold, or might be spoken differently with a text-to-speech
system.There is no way to change the presentation of the emphasis
within your document, no equivalent of HTML's b
and i. If the information you are presenting is
important then consider presenting it in
important rather than
emphasis.emphasisUse:FreeBSD is without doubt the
premiere Unix like operating system for the Intel architecture.]]>Appearance:FreeBSD is without doubt the premiere Unix
like operating system for the Intel architecture.QuotationsTo quote text from another document or source, or to denote
a phrase that is used figuratively, use quote.
Within a quote tag, you may use most of the
markup tags available for normal text.QuotationsUse:However, make sure that the search does not go beyond the
boundary between local and public administration,
as RFC 1535 calls it.]]>Appearance:However, make sure that the search does not go beyond the
boundary between local and public administration,
as RFC 1535 calls it.Keys, mouse buttons, and combinationsTo refer to a specific key on the keyboard, use
keycap. To refer to a mouse button, use
mousebutton. And to refer to combinations of key
presses or mouse clicks, wrap them all in
keycombo.keycombo has an attribute called
action, which may be one of
click, double-click,
other, press,
seq, or simul. The last two
values denote whether the keys or buttons should be pressed in
sequence, or simultaneously.The stylesheets automatically add any connecting symbols, such
as +, between the key names, when wrapped in
keycombo.Keys, mouse buttons, and combinationsUse:To switch to the second virtual terminal, press
AltF1.
To exit vi without saving your work, type
Esc:q!.My window manager is configured so that
Altright mouse button is used to move windows.]]>Appearance:To switch to the second virtual terminal, press
AltF1.To exit vi without saving your work, type
Esc:q!.My window manager is configured so that
Altright mouse button is used to move windows.Applications, commands, options, and citesYou will frequently want to refer to both applications and
commands when writing for the Handbook. The distinction between
them is simple: an application is the name for a suite (or possibly
just 1) of programs that fulfil a particular task. A command is the
name of a program that the user can run.In addition, you will occasionally need to list one or more of
the options that a command might take.Finally, you will often want to list a command with its manual
section number, in the command(number) format so
common in Unix manuals.Mark up application names with
application.When you want to list a command with its manual section number
(which should be most of the time) the DocBook element is
citerefentry. This will contain a further two
elements, refentrytitle and
manvolnum. The content of
refentrytitle is the name of the command, and the
content of manvolnum is the manual page
section.This can be cumbersome to write, and so a series of general entities
have been created to make this easier. Each entity takes the form
&man.manual-page.manual-section;.The file that contains these entities is in
doc/share/sgml/man-refs.ent, and can be
referred to using this FPI:PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN"Therefore, the introduction to your documentation will probably
look like this:<!DOCTYPE book PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN">
%man;
…
]>Use command when you want to include a
command name in-line but present it as something the
user should type in.Use option to mark up a command's
options.When referring to the same command multiple times in
close proximity it is preferred to use the
&man.command.section;
notation to markup the first reference and use
command to markup subsequent references.
This makes the generated output, especially HTML, appear
visually better.This can be confusing, and sometimes the choice is not always
clear. Hopefully this example makes it clearer.Applications, commands, and options.Use:Sendmail is the most
widely used Unix mail application.
Sendmail includes the
sendmail8, &man.mailq.8;, and &man.newaliases.8;
programs.One of the command line parameters to sendmail8, , will display the current
status of messages in the mail queue. Check this on the command
line by running sendmail -bp.]]>Appearance:Sendmail is the most widely used
Unix mail application.Sendmail includes the
sendmail8, mailq8, and newaliases8 programs.One of the command line parameters to sendmail8, , will display the current
status of messages in the mail queue. Check this on the command
line by running sendmail -bp.Notice how the
&man.command.section; notation is easier to follow.Files, directories, extensionsWhenever you wish to refer to the name of a file, a directory,
or a file extension, use filename.filenameUse:The SGML source for the Handbook in English can be
found in /usr/doc/en/handbook/. The first
file is called handbook.sgml in that
directory. You should also see a Makefile
and a number of files with a .ent
extension.]]>Appearance:The SGML source for the Handbook in English can be found in
/usr/doc/en/handbook/. The first file is
called handbook.sgml in that directory. You
should also see a Makefile and a number of
files with a .ent extension.The name of portsFreeBSD extensionThese elements are part of the FreeBSD extension to DocBook,
and do not exist in the original DocBook DTD.You might need to include the name of a program from the
FreeBSD Ports Collection in the documentation. Use the
filename tag with the role
attribute set to package to identify these.
Since ports
can be installed in any number of locations, only include
the category and the port name; do not include
/usr/ports.filename tag with
package roleUse:Install the net/ethereal port to view network traffic.]]>Appearance:Install the net/ethereal
port to view network traffic.DevicesFreeBSD extensionThese elements are part of the FreeBSD extension to DocBook,
and do not exist in the original DocBook DTD.When referring to devices you have two choices. You can either
refer to the device as it appears in /dev, or
you can use the name of the device as it appears in the kernel. For
this latter course, use devicename.Sometimes you will not have a choice. Some devices, such as
networking cards, do not have entries in /dev,
or the entries are markedly different from those entries.devicenameUse:sio is used for serial
communication in FreeBSD. sio manifests
through a number of entries in /dev, including
/dev/ttyd0 and /dev/cuaa0.
By contrast, the networking devices, such as
ed0 do not appear in /dev.In MS-DOS, the first floppy drive is referred to as
a:. In FreeBSD it is
/dev/fd0.]]>Appearance:sio is used for serial communication
in FreeBSD. sio manifests through a
number of entries in /dev, including
/dev/ttyd0 and
/dev/cuaa0.By contrast, the networking devices, such as
ed0 do not appear in
/dev.In MS-DOS, the first floppy drive is referred to as
a:. In FreeBSD it is
/dev/fd0.Hosts, domains, IP addresses, and so forthFreeBSD extensionThese elements are part of the FreeBSD extension to DocBook,
and do not exist in the original DocBook DTD.You can markup identification information for networked
computers (hosts) in several ways, depending on the nature of the
information. All of them use hostid as the
element, with the role attribute selecting the
type of the marked up information.No role attribute, or
role="hostname"With no role attribute (i.e.,
hostid.../hostid) the
marked up information is the simple hostname, such as
freefall or wcarchive.
You can explicitly specify this with
role="hostname".role="domainname"The text is a domain name, such as
FreeBSD.org or
ngo.org.uk. There is no hostname
component.role="fqdn"The text is a Fully Qualified Domain Name, with both
hostname and domain name parts.role="ipaddr"The text is an IP address, probably expressed as a dotted
quad.role="ip6addr"The text is an IPv6 address.role="netmask"The text is a network mask, which might be expressed as a
dotted quad, a hexadecimal string, or as a
/ followed by a number.role="mac"The text is an Ethernet MAC address, expressed as a series
of 2 digit hexadecimal numbers separated by colons.hostid and rolesUse:The local machine can always be referred to by the
name localhost, which will have the IP address
127.0.0.1.
The FreeBSD.org domain
contains a number of different hosts, including
freefall.FreeBSD.org and
bento.FreeBSD.org.When adding an IP alias to an interface (using
ifconfig) always use a
netmask of 255.255.255.255
(which can also be expressed as 0xffffffff.The MAC address uniquely identifies every network card
in existence. A typical MAC address looks like 08:00:20:87:ef:d0.]]>Appearance:The local machine can always be referred to by the name
localhost, which will have the IP address 127.0.0.1.The FreeBSD.org domain
contains a number of different hosts, including freefall.FreeBSD.org and bento.FreeBSD.org.When adding an IP alias to an interface (using
ifconfig) always use a
netmask of 255.255.255.255 (which
can also be expressed as 0xffffffff.The MAC address uniquely identifies every network card in
existence. A typical MAC address looks like 08:00:20:87:ef:d0.UsernamesFreeBSD extensionThese elements are part of the FreeBSD extension to DocBook,
and do not exist in the original DocBook DTD.When you need to refer to a specific username, such as
root or bin, use
username.usernameUse:To carry out most system administration functions you
will need to be root.]]>Appearance:To carry out most system administration functions you will
need to be root.Describing MakefilesFreeBSD extensionThese elements are part of the FreeBSD extension to DocBook,
and do not exist in the original DocBook DTD.Two elements exist to describe parts of
Makefiles, maketarget and
makevar.maketarget identifies a build target exported
by a Makefile that can be given as a parameter
to make. makevar identifies a
variable that can be set (in the environment, on the
make command line, or within the
Makefile) to influence the process.maketarget and
makevarUse:Two common targets in a Makefile
are all and clean.
Typically, invoking all will rebuild the
application, and invoking clean will remove
the temporary files (.o for example) created by
the build process.clean may be controlled by a number of
variables, including CLOBBER and
RECURSE.]]>Appearance:Two common targets in a Makefile are
all and
clean.Typically, invoking all will rebuild
the application, and invoking clean will
remove the temporary files (.o for example)
created by the build process.clean may be controlled by a number
of variables, including CLOBBER and
RECURSE.Literal textYou will often need to include literal text in the
Handbook. This is text that is excerpted from another file, or
which should be copied from the Handbook into another file
verbatim.Some of the time, programlisting will be
sufficient to denote this text. programlisting
is not always appropriate, particularly when you want to include a
portion of a file in-line with the rest of the
paragraph.On these occasions, use literal.literalUse:The maxusers 10 line in the kernel
configuration file determines the size of many system tables, and is
a rough guide to how many simultaneous logins the system will
support.]]>Appearance:The maxusers 10 line in the kernel
configuration file determines the size of many system tables, and
is a rough guide to how many simultaneous logins the system will
support.Showing items that the user must fill
inThere will often be times when you want to show the user what to
do, or refer to a file, or command line, or similar, where the user
cannot simply copy the examples that you provide, but must instead
include some information themselves.replaceable is designed for this eventuality.
Use it inside other elements to indicate parts
of that element's content that the user must replace.replaceableUse:&prompt.user; man command
]]>Appearance:&prompt.user; man commandreplaceable can be used in many different
elements, including literal. This example also
shows that replaceable should only be wrapped
around the content that the user is meant to
provide. The other content should be left alone.Use:The maxusers n
line in the kernel configuration file determines the size of many system
tables, and is a rough guide to how many simultaneous logins the system will
support.
For a desktop workstation, 32 is a good value
for n.]]>Appearance:The maxusers n
line in the kernel configuration file determines the size of many
system tables, and is a rough guide to how many simultaneous
logins the system will support.For a desktop workstation, 32 is a good
value for n.Quoting system errorsYou might want to show errors generated by FreeBSD.
Mark these with errorname. This
indicates the exact error that appears.errornameUse:Panic: cannot mount root ]]>
Appearance:Panic: cannot mount rootImagesImage support in the documentation is currently extremely
experimental. I think the mechanisms described here are unlikely to
change, but that is not guaranteed.You will also need to install the
graphics/ImageMagick port, which is used to
convert between the different image formats. This is a big port,
and most of it is not required. However, while we are working on the
Makefiles and other infrastructure it makes
things easier. This port is not in the
textproc/docproj meta port, you must install it
by hand.The best example of what follows in practice is the
doc/en_US.ISO8859-1/articles/vm-design/ document.
If you are unsure of the description that follows, take a look at the
files in that directory to see how everything hangs together.
Experiment with creating different formatted versions of the
document to see how the image markup appears in the formatted
output.Image formatsWe currently support two formats for images. The format you
should use will depend on the nature of your image.For images that are primarily vector based, such as network
diagrams, time lines, and similar, use Encapsulated Postscript, and
make sure that your images have the .eps
extension.For bitmaps, such as screen captures, use the Portable Network
Graphic format, and make sure that your images have the
.png extension.These are the only formats in which images
should be committed to the CVS repository.Use the right format for the right image. It is to be expected
that your documentation will have a mix of EPS and PNG images. The
Makefiles ensure that the correct format image
is chosen depending on the output format that you use for your
documentation. Do not commit the same image to the
repository in two different formats.It is anticipated that the Documentation Project will switch to
using the Scalable Vector Graphic (SVG) format for vector images.
However, the current state of SVG capable editing tools makes this
impractical.MarkupThe markup for an image is relatively simple. First, markup a
mediaobject. The mediaobject
can contain other, more specific objects. We are concerned with
two, the imageobject and the
textobject.You should include one imageobject, and two
textobject elements. The
imageobject will point to the name of the image
file that will be used (without the extension). The
textobject elements contain information that will
be presented to the user as well as, or instead of, the
image.There are two circumstances where this can happen.When the reader is viewing the documentation in HTML. In
this case, each image will need to have associated alternate
text to show the user, typically whilst the image is loading, or
if they hover the mouse pointer over the image.When the reader is viewing the documentation in plain text.
In this case, each image should have an ASCII art equivalent to
show the user.An example will probably make things easier to understand.
Suppose you have an image, called fig1, that
you want to include in the document. This image is of a rectangle
with an A inside it. The markup for this would be as
follows.<mediaobject>
<imageobject>
<imagedata fileref="fig1">
</imageobject>
<textobject>
<literallayout class="monospaced">+---------------+
| A |
+---------------+</literallayout>
</textobject>
<textobject>
<phrase>A picture</phrase>
</textobject>
</mediaobject>Include an imagedata element inside the
imageobject element. The
fileref attribute should contain the filename
of the image to include, without the extension. The stylesheets
will work out which extension should be added to the filename
automatically.The first textobject should contain a
literallayout element, where the
class attribute is set to
monospaced. This is your opportunity to
demonstrate your ASCII art skills. This content will be used if
the document is converted to plain text.Notice how the first and last lines of the content of the
literallayout element butt up next to the
element's tags. This ensures no extraneous white space is
included.The second textobject should contain a
single phrase element. The contents of this
will become the alt attribute for the image
when this document is converted to HTML.Makefile entriesYour images must be listed in the
Makefile in the IMAGES
variable. This variable should contain the name of all your
source images. For example, if you have
created three figures, fig1.eps,
fig2.png, fig3.png, then
your Makefile should have lines like this in
it.…
IMAGES= fig1.eps fig2.png fig3.png
…or…
IMAGES= fig1.eps
IMAGES+= fig2.png
IMAGES+= fig3.png
…Again, the Makefile will work out the
complete list of images it needs to build your source document, you
only need to list the image files you
provided.Images and chapters in subdirectoriesYou must be careful when you separate your documentation into
smaller files (see ) in
different directories.Suppose you have a book with three chapters, and the chapters
are stored in their own directories, called
chapter1/chapter.sgml,
chapter2/chapter.sgml, and
chapter3/chapter.sgml. If each chapter has
images associated with it, I suggest you place those images in each
chapter's subdirectory (chapter1/,
chapter2/, and
chapter3/).However, if you do this you must include the directory names in
the IMAGES variable in the
Makefile, and you must
include the directory name in the imagedata
element in your document.For example, if you have chapter1/fig1.png,
then chapter1/chapter.sgml should
contain<mediaobject>
<imageobject>
<imagedata fileref="chapter1/fig1">
</imageobject>
…
</mediaobject>The directory name must be included in the
fileref attributeThe Makefile must contain…
IMAGES= chapter1/fig1.png
…Then everything should just work.LinksLinks are also in-line elements.Linking to other parts of the same documentLinking within the same document requires you to specify
where you are linking from (i.e., the text the user will click, or
otherwise indicate, as the source of the link) and where you are
linking to (the link's destination).Each element within DocBook has an attribute called
id. You can place text in this attribute to
uniquely name the element it is attached to.This value will be used when you specify the link
source.Normally, you will only be linking to chapters or sections, so
you would add the id attribute to these
elements.id on chapters and sectionsIntroductionThis is the introduction. It contains a subsection,
which is identified as well.Sub-sect 1This is the subsection.
]]>Obviously, you should use more descriptive values. The values
must be unique within the document (i.e., not just the file, but the
document the file might be included in as well). Notice how the
id for the subsection is constructed by appending
text to the id of the chapter. This helps to
ensure that they are unique.If you want to allow the user to jump into a specific portion of
the document (possibly in the middle of a paragraph or an example),
use anchor. This element has no content, but
takes an id attribute.anchorThis paragraph has an embedded
link target in it. It will not show up in
the document.]]>When you want to provide the user with a link they can activate
(probably by clicking) to go to a section of the document that has
an id attribute, you can use either
xref or link.Both of these elements have a linkend
attribute. The value of this attribute should be the value that you
have used in a id attribute (it does not matter
if that value has not yet occurred in your document; this will work
for forward links as well as backward links).If you use xref then you have no control over
the text of the link. It will be generated for you.Using xrefAssume that this fragment appears somewhere in a document that
includes the id example;More information can be found
in .
More specific information can be found
in .]]>The text of the link will be generated automatically, and will
look like (emphasised text indicates the text
that will be the link);
More information can be found in Chapter
One.More specific information can be found in the
section called Sub-sect 1.
Notice how the text from the link is derived from the section
title or the chapter number.This means that you cannot use
xref to link to an id
attribute on an anchor element. The
anchor has no content, so the
xref cannot generate the text for the
link.If you want to control the text of the link then use
link. This element wraps content, and the
content will be used for the link.Using linkAssume that this fragment appears somewhere in a document that
includes the id example.More information can be found in
the first chapter.
More specific information can be found in
this section.]]>This will generate the following
(emphasised text indicates the text that will
be the link);
More information can be found in the first
chapter.More specific information can be found in
this section.
That last one is a bad example. Never use words like
this or here as the source for the
link. The reader will need to hunt around the surrounding context
to see where the link is actually taking them.You can use link to
include a link to an id on an
anchor element, since the
link content defines the text that will be used
for the link.Linking to documents on the WWWLinking to external documents is much simpler, as long as you
know the URL of the document you want to link to. Use
ulink. The url attribute is
the URL of the page that the link points to, and the content of the
element is the text that will be displayed for the user to
activate.ulinkUse:Of course, you could stop reading this document and
- go to the FreeBSD
+ go to the FreeBSD
home page instead.]]>Appearance:Of course, you could stop reading this document and go to the
- FreeBSD home page
+ FreeBSD home page
instead.
diff --git a/en_US.ISO8859-1/books/handbook/Makefile b/en_US.ISO8859-1/books/handbook/Makefile
index 3c05afe442..8c074385d8 100644
--- a/en_US.ISO8859-1/books/handbook/Makefile
+++ b/en_US.ISO8859-1/books/handbook/Makefile
@@ -1,253 +1,254 @@
#
# $FreeBSD$
#
# Build the FreeBSD Handbook.
#
# ------------------------------------------------------------------------
#
# Handbook-specific variables
#
# WITH_PGPKEYS The print version of the handbook only prints PGP
# fingerprints by default. If you would like for the
# entire key to be displayed, then set this variable.
# This option has no affect on the HTML formats.
#
# Handbook-specific targets
#
# pgpkeyring This target will read the contents of
# pgpkeys/chapter.sgml and will extract all of
# the pgpkeys to standard out. This output can then
# be redirected into a file and distributed as a
# public keyring of FreeBSD developers that can
# easily be imported into PGP/GPG.
#
# ------------------------------------------------------------------------
MAINTAINER= doc@FreeBSD.org
DOC?= book
FORMATS?= html-split
HAS_INDEX= true
WITH_GLOSSARY?=
INSTALL_COMPRESSED?= gz
INSTALL_ONLY_COMPRESSED?=
IMAGES_EN = advanced-networking/isdn-bus.eps
IMAGES_EN+= advanced-networking/isdn-twisted-pair.eps
IMAGES_EN+= advanced-networking/natd.eps
IMAGES_EN+= advanced-networking/net-routing.pic
IMAGES_EN+= install/adduser1.scr
IMAGES_EN+= install/adduser2.scr
IMAGES_EN+= install/adduser3.scr
IMAGES_EN+= install/boot-mgr.scr
IMAGES_EN+= install/console-saver1.scr
IMAGES_EN+= install/console-saver2.scr
IMAGES_EN+= install/console-saver3.scr
IMAGES_EN+= install/console-saver4.scr
IMAGES_EN+= install/desktop.scr
IMAGES_EN+= install/disklabel-auto.scr
IMAGES_EN+= install/disklabel-ed1.scr
IMAGES_EN+= install/disklabel-ed2.scr
IMAGES_EN+= install/disklabel-fs.scr
IMAGES_EN+= install/disklabel-root1.scr
IMAGES_EN+= install/disklabel-root2.scr
IMAGES_EN+= install/disklabel-root3.scr
IMAGES_EN+= install/disk-layout.eps
IMAGES_EN+= install/dist-set.scr
IMAGES_EN+= install/dist-set2.scr
IMAGES_EN+= install/docmenu1.scr
IMAGES_EN+= install/ed0-conf.scr
IMAGES_EN+= install/ed0-conf2.scr
IMAGES_EN+= install/edit-inetd-conf.scr
IMAGES_EN+= install/fdisk-drive1.scr
IMAGES_EN+= install/fdisk-drive2.scr
IMAGES_EN+= install/fdisk-edit1.scr
IMAGES_EN+= install/fdisk-edit2.scr
IMAGES_EN+= install/ftp-anon1.scr
IMAGES_EN+= install/ftp-anon2.scr
IMAGES_EN+= install/hdwrconf.scr
IMAGES_EN+= install/keymap.scr
IMAGES_EN+= install/main1.scr
IMAGES_EN+= install/mainexit.scr
IMAGES_EN+= install/main-std.scr
IMAGES_EN+= install/main-options.scr
IMAGES_EN+= install/main-doc.scr
IMAGES_EN+= install/main-keymap.scr
IMAGES_EN+= install/media.scr
IMAGES_EN+= install/mouse1.scr
IMAGES_EN+= install/mouse2.scr
IMAGES_EN+= install/mouse3.scr
IMAGES_EN+= install/mouse4.scr
IMAGES_EN+= install/mouse5.scr
IMAGES_EN+= install/mouse6.scr
IMAGES_EN+= install/mta-main.scr
IMAGES_EN+= install/net-config-menu1.scr
IMAGES_EN+= install/net-config-menu2.scr
IMAGES_EN+= install/nfs-server-edit.scr
IMAGES_EN+= install/ntp-config.scr
IMAGES_EN+= install/options.scr
IMAGES_EN+= install/pkg-cat.scr
IMAGES_EN+= install/pkg-confirm.scr
IMAGES_EN+= install/pkg-install.scr
IMAGES_EN+= install/pkg-sel.scr
IMAGES_EN+= install/probstart.scr
IMAGES_EN+= install/routed.scr
IMAGES_EN+= install/security.scr
IMAGES_EN+= install/sysinstall-exit.scr
IMAGES_EN+= install/timezone1.scr
IMAGES_EN+= install/timezone2.scr
IMAGES_EN+= install/timezone3.scr
IMAGES_EN+= install/userconfig.scr
IMAGES_EN+= install/userconfig2.scr
IMAGES_EN+= install/xf86setup.scr
IMAGES_EN+= mail/mutt1.scr
IMAGES_EN+= mail/mutt2.scr
IMAGES_EN+= mail/mutt3.scr
IMAGES_EN+= mail/pine1.scr
IMAGES_EN+= mail/pine2.scr
IMAGES_EN+= mail/pine3.scr
IMAGES_EN+= mail/pine4.scr
IMAGES_EN+= mail/pine5.scr
IMAGES_EN+= install/example-dir1.eps
IMAGES_EN+= install/example-dir2.eps
IMAGES_EN+= install/example-dir3.eps
IMAGES_EN+= install/example-dir4.eps
IMAGES_EN+= install/example-dir5.eps
IMAGES_EN+= security/ipsec-network.pic
IMAGES_EN+= security/ipsec-crypt-pkt.pic
IMAGES_EN+= security/ipsec-encap-pkt.pic
IMAGES_EN+= security/ipsec-out-pkt.pic
IMAGES_EN+= vinum/vinum-concat.pic
IMAGES_EN+= vinum/vinum-mirrored-vol.pic
IMAGES_EN+= vinum/vinum-raid10-vol.pic
IMAGES_EN+= vinum/vinum-raid5-org.pic
IMAGES_EN+= vinum/vinum-simple-vol.pic
IMAGES_EN+= vinum/vinum-striped-vol.pic
IMAGES_EN+= vinum/vinum-striped.pic
# Images from the cross-document image library
IMAGES_LIB= callouts/1.png
IMAGES_LIB+= callouts/2.png
IMAGES_LIB+= callouts/3.png
IMAGES_LIB+= callouts/4.png
IMAGES_LIB+= callouts/5.png
IMAGES_LIB+= callouts/6.png
IMAGES_LIB+= callouts/7.png
IMAGES_LIB+= callouts/8.png
IMAGES_LIB+= callouts/9.png
IMAGES_LIB+= callouts/10.png
#
# SRCS lists the individual SGML files that make up the document. Changes
# to any of these files will force a rebuild
#
# SGML content
SRCS+= book.sgml
SRCS+= advanced-networking/chapter.sgml
SRCS+= basics/chapter.sgml
SRCS+= bibliography/chapter.sgml
SRCS+= config/chapter.sgml
SRCS+= boot/chapter.sgml
SRCS+= cutting-edge/chapter.sgml
SRCS+= disks/chapter.sgml
SRCS+= eresources/chapter.sgml
SRCS+= install/chapter.sgml
SRCS+= introduction/chapter.sgml
SRCS+= kernelconfig/chapter.sgml
SRCS+= l10n/chapter.sgml
SRCS+= linuxemu/chapter.sgml
SRCS+= mac/chapter.sgml
SRCS+= mail/chapter.sgml
SRCS+= mirrors/chapter.sgml
SRCS+= multimedia/chapter.sgml
SRCS+= desktop/chapter.sgml
SRCS+= pgpkeys/chapter.sgml
SRCS+= ppp-and-slip/chapter.sgml
SRCS+= printing/chapter.sgml
SRCS+= security/chapter.sgml
SRCS+= serialcomms/chapter.sgml
SRCS+= users/chapter.sgml
SRCS+= vinum/chapter.sgml
SRCS+= x11/chapter.sgml
SRCS+= ports/chapter.sgml
SRCS+= preface/preface.sgml
SRCS+= colophon.sgml
# Entities
SRCS+= chapters.ent
SYMLINKS= ${DESTDIR} index.html handbook.html
# Turn on all the chapters.
CHAPTERS?= ${SRCS:M*chapter.sgml}
SGMLFLAGS+= ${CHAPTERS:S/\/chapter.sgml//:S/^/-i chap./}
.if defined(WITH_GLOSSARY) && !empty(WITH_GLOSSARY)
SGMLFLAGS+= -i chap.freebsd-glossary
.endif
# XXX The Handbook build currently overflows some internal, hardcoded
# limits in pdftex. Until we split the Handbook up, build the PDF
# version using ps2pdf instead of pdftex.
PS2PDF?= ${PREFIX}/bin/ps2pdf
book.tex-pdf:
${TOUCH} book.tex-pdf
book.pdf: book.ps
${PS2PDF} book.ps book.pdf
pgpkeyring: pgpkeys/chapter.sgml
@${JADE} -V nochunks ${JADEOPTS} -d ${DSLPGP} -t sgml ${MASTERDOC}
#
# Handbook-specific variables
#
.if defined(WITH_PGPKEYS)
JADEFLAGS+= -V withpgpkeys
.endif
-DOC_PREFIX?= ${.CURDIR}/../../..
-
.for p in ftp cvsup
SRCS+= mirrors.sgml.${p}.inc
CLEANFILES+= mirrors.sgml.${p}.inc
CLEANFILES+= mirrors.sgml.${p}.inc.tmp
.endfor
SRCS+= eresources.sgml.www.inc
CLEANFILES+= eresources.sgml.www.inc
CLEANFILES+= eresources.sgml.www.inc.tmp
+URL_RELPREFIX?= ../../../..
+DOC_PREFIX?= ${.CURDIR}/../../..
+
.include "${DOC_PREFIX}/share/mk/doc.project.mk"
.for p in ftp cvsup
mirrors.sgml.${p}.inc: ${XML_MIRRORS} ${XSL_MIRRORS}
${XSLTPROC} ${XSLTPROCOPTS} \
-o $@.tmp \
--param 'type' "'$p'" \
--param 'proto' "'$p'" \
--param 'target' "'handbook/mirrors/chapter.sgml'" \
${XSL_MIRRORS} ${XML_MIRRORS}
${SED} -e 's,<\([^ >]*\)\([^>]*\)/>,<\1\2>\1>,;s,,,'\
< $@.tmp > $@ || (${RM} -f $@ && false)
${RM} -f $@.tmp
.endfor
eresources.sgml.www.inc: ${XML_MIRRORS} ${XSL_MIRRORS}
${XSLTPROC} ${XSLTPROCOPTS} \
-o $@.tmp \
--param 'type' "'www'" \
--param 'proto' "'http'" \
--param 'target' "'handbook/eresources/chapter.sgml'" \
${XSL_MIRRORS} ${XML_MIRRORS}
${SED} -e 's,<\([^ >]*\)\([^>]*\)/>,<\1\2>\1>,;s,,,'\
< $@.tmp > $@ || (${RM} -f $@ && false)
${RM} -f $@.tmp
diff --git a/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml b/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
index 743f181d16..187087e124 100644
--- a/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.sgml
@@ -1,8135 +1,8135 @@
Advanced NetworkingSynopsisThis chapter will cover some of the more frequently used network
services on &unix; systems. We will cover how to define, set up, test and
maintain all of the network services that FreeBSD utilizes. In addition,
there have been example configuration files included throughout this
chapter for you to benefit from.After reading this chapter, you will know:The basics of gateways and routes.How to set up IEEE 802.11 and &bluetooth; devices.How to make FreeBSD act as a bridge.How to set up a network filesystem.How to set up network booting on a diskless machine.How to set up a network information server for sharing user
accounts.How to set up automatic network settings using DHCP.How to set up a domain name server.How to synchronize the time and date, and set up a
time server, with the NTP protocol.How to set up network address translation.How to manage the inetd daemon.How to connect two computers via PLIP.How to set up IPv6 on a FreeBSD machine.How to configure ATM under &os; 5.X.Before reading this chapter, you should:Understand the basics of the /etc/rc scripts.Be familiar with basic network terminology.CoranthGryphonContributed by Gateways and RoutesroutinggatewaysubnetFor one machine to be able to find another over a network,
there must be a mechanism in place to describe how to get from
one to the other. This is called
routing. A route is a
defined pair of addresses: a destination and a
gateway. The pair indicates that if you are
trying to get to this destination,
communicate through this gateway. There
are three types of destinations: individual hosts, subnets, and
default. The default route is
used if none of the other routes apply. We will talk a little
bit more about default routes later on. There are also three
types of gateways: individual hosts, interfaces (also called
links), and Ethernet hardware addresses (MAC
addresses).
An ExampleTo illustrate different aspects of routing, we will use the
following example from netstat:&prompt.user; netstat -r
Routing tables
Destination Gateway Flags Refs Use Netif Expire
default outside-gw UGSc 37 418 ppp0
localhost localhost UH 0 181 lo0
test0 0:e0:b5:36:cf:4f UHLW 5 63288 ed0 77
10.20.30.255 link#1 UHLW 1 2421
example.com link#1 UC 0 0
host1 0:e0:a8:37:8:1e UHLW 3 4601 lo0
host2 0:e0:a8:37:8:1e UHLW 0 5 lo0 =>
host2.example.com link#1 UC 0 0
224 link#1 UC 0 0default routeThe first two lines specify the default route (which we
will cover in the next
section) and the localhost route.loopback deviceThe interface (Netif column) that this
routing table specifies to use for
localhost is lo0,
also known as the loopback device. This says to keep all
traffic for this destination internal, rather than sending it
out over the LAN, since it will only end up back where it
started.EthernetMAC addressThe next thing that stands out are the addresses beginning
with 0:e0:. These are Ethernet
hardware addresses, which are also known as MAC addresses.
FreeBSD will automatically identify any hosts
(test0 in the example) on the local Ethernet
and add a route for that host, directly to it over the
Ethernet interface, ed0. There is
also a timeout (Expire column) associated
with this type of route, which is used if we fail to hear from
the host in a specific amount of time. When this happens, the
route to this host will be automatically deleted. These hosts
are identified using a mechanism known as RIP (Routing
Information Protocol), which figures out routes to local hosts
based upon a shortest path determination.subnetFreeBSD will also add subnet routes for the local subnet (10.20.30.255 is the broadcast address for the
subnet 10.20.30, and example.com is the domain name associated
with that subnet). The designation link#1 refers
to the first Ethernet card in the machine. You will notice no
additional interface is specified for those.Both of these groups (local network hosts and local subnets) have
their routes automatically configured by a daemon called
routed. If this is not run, then only
routes which are statically defined (i.e. entered explicitly) will
exist.The host1 line refers to our host, which it
knows by Ethernet address. Since we are the sending host, FreeBSD
knows to use the loopback interface (lo0)
rather than sending it out over the Ethernet interface.The two host2 lines are an example of
what happens when we use an &man.ifconfig.8; alias (see the
section on Ethernet for reasons why we would do this). The
=> symbol after the
lo0 interface says that not only are
we using the loopback (since this address also refers to the
local host), but specifically it is an alias. Such routes
only show up on the host that supports the alias; all other
hosts on the local network will simply have a
link#1 line for such routes.The final line (destination subnet 224) deals
with multicasting, which will be covered in another section.Finally, various attributes of each route can be seen in
the Flags column. Below is a short table
of some of these flags and their meanings:UUp: The route is active.HHost: The route destination is a single host.GGateway: Send anything for this destination on to this
remote system, which will figure out from there where to send
it.SStatic: This route was configured manually, not
automatically generated by the system.CClone: Generates a new route based upon this route for
machines we connect to. This type of route is normally used
for local networks.WWasCloned: Indicated a route that was auto-configured
based upon a local area network (Clone) route.LLink: Route involves references to Ethernet
hardware.Default Routesdefault routeWhen the local system needs to make a connection to a remote host,
it checks the routing table to determine if a known path exists. If
the remote host falls into a subnet that we know how to reach (Cloned
routes), then the system checks to see if it can connect along that
interface.If all known paths fail, the system has one last option: the
default route. This route is a special type of gateway
route (usually the only one present in the system), and is always
marked with a c in the flags field. For hosts on a
local area network, this gateway is set to whatever machine has a
direct connection to the outside world (whether via PPP link,
DSL, cable modem, T1, or another network interface).If you are configuring the default route for a machine which
itself is functioning as the gateway to the outside world, then the
default route will be the gateway machine at your Internet Service
Provider's (ISP) site.Let us look at an example of default routes. This is a common
configuration:
[Local2] <--ether--> [Local1] <--PPP--> [ISP-Serv] <--ether--> [T1-GW]
The hosts Local1 and
Local2 are at your site.
Local1 is connected to an ISP via a dial up
PPP connection. This PPP server computer is connected through
a local area network to another gateway computer through an
external interface to the ISPs Internet feed.The default routes for each of your machines will be:HostDefault GatewayInterfaceLocal2Local1EthernetLocal1T1-GWPPPA common question is Why (or how) would we set
the T1-GW to be the default gateway for
Local1, rather than the ISP server it is
connected to?.Remember, since the PPP interface is using an address on the ISP's
local network for your side of the connection, routes for any other
machines on the ISP's local network will be automatically generated.
Hence, you will already know how to reach the T1-GW
machine, so there is no need for the intermediate step
of sending traffic to the ISP server.It is common to use the address X.X.X.1 as the gateway address for your local
network. So (using the same example), if your local class-C address
space was 10.20.30 and your ISP was
using 10.9.9 then the default routes
would be:HostDefault RouteLocal2 (10.20.30.2)Local1 (10.20.30.1)Local1 (10.20.30.1, 10.9.9.30)T1-GW (10.9.9.1)You can easily define the default route via the
/etc/rc.conf file. In our example, on the
Local2 machine, we added the following line
in /etc/rc.conf:defaultrouter="10.20.30.1"It is also possible to do it directly from the command
line with the &man.route.8; command:&prompt.root; route add default 10.20.30.1For more informations on manual manipulation of network
routing tables, consult &man.route.8; manual page.Dual Homed Hostsdual homed hostsThere is one other type of configuration that we should cover, and
that is a host that sits on two different networks. Technically, any
machine functioning as a gateway (in the example above, using a PPP
connection) counts as a dual-homed host. But the term is really only
used to refer to a machine that sits on two local-area
networks.In one case, the machine has two Ethernet cards, each
having an address on the separate subnets. Alternately, the
machine may only have one Ethernet card, and be using
&man.ifconfig.8; aliasing. The former is used if two
physically separate Ethernet networks are in use, the latter
if there is one physical network segment, but two logically
separate subnets.Either way, routing tables are set up so that each subnet knows
that this machine is the defined gateway (inbound route) to the other
subnet. This configuration, with the machine acting as a router
between the two subnets, is often used when we need to implement
packet filtering or firewall security in either or both
directions.If you want this machine to actually forward packets
between the two interfaces, you need to tell FreeBSD to enable
this ability. See the next section for more details on how
to do this.Building a RouterrouterA network router is simply a system that forwards packets
from one interface to another. Internet standards and good
engineering practice prevent the FreeBSD Project from enabling
this by default in FreeBSD. You can enable this feature by
changing the following variable to YES in
&man.rc.conf.5;:gateway_enable=YES # Set to YES if this host will be a gatewayThis option will set the &man.sysctl.8; variable
net.inet.ip.forwarding to
1. If you should need to stop routing
temporarily, you can reset this to 0 temporarily.Your new router will need routes to know where to send the
traffic. If your network is simple enough you can use static
routes. FreeBSD also comes with the standard BSD routing
daemon &man.routed.8;, which speaks RIP (both version 1 and
version 2) and IRDP. Support for BGP v4, OSPF v2, and other
sophisticated routing protocols is available with the
net/zebra package.
Commercial products such as &gated; are also available for more
complex network routing solutions.BGPRIPOSPFEven when FreeBSD is configured in this way, it does not
completely comply with the Internet standard requirements for
routers. It comes close enough for ordinary use,
however.AlHoangContributed by Setting Up Static RoutesManual ConfigurationLet us assume we have a network as follows:
INTERNET
| (10.0.0.1/24) Default Router to Internet
|
|Interface xl0
|10.0.0.10/24
+------+
| | RouterA
| | (FreeBSD gateway)
+------+
| Interface xl1
| 192.168.1.1/24
|
+--------------------------------+
Internal Net 1 | 192.168.1.2/24
|
+------+
| | RouterB
| |
+------+
| 192.168.2.1/24
|
Internal Net 2
In this scenario, RouterA is our &os;
machine that is acting as a router to the rest of the
Internet. It has a default route set to 10.0.0.1 which allows it to connect
with the outside world. We will assume that
RouterB is already configured properly and
knows how to get wherever it needs to go. (This is simple
in this picture. Just add a default route on
RouterB using 192.168.1.1 as the gateway.)If we look at the routing table for
RouterA we would see something like the
following:&prompt.user; netstat -nr
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 10.0.0.1 UGS 0 49378 xl0
127.0.0.1 127.0.0.1 UH 0 6 lo0
10.0.0/24 link#1 UC 0 0 xl0
192.168.1/24 link#2 UC 0 0 xl1With the current routing table RouterA
will not be able to reach our Internal Net 2. It does not
have a route for 192.168.2.0/24. One way to alleviate
this is to manually add the route. The following command
would add the Internal Net 2 network to
RouterA's routing table using 192.168.1.2 as the next hop:&prompt.root; route add -net 192.168.2.0/24 192.168.1.2Now RouterA can reach any hosts on the
192.168.2.0/24
network.Persistent ConfigurationThe above example is perfect for configuring a static
route on a running system. However, one problem is that the
routing information will not persist if you reboot your &os;
machine. The way to handle the addition of a static route
is to put it in your /etc/rc.conf
file:# Add Internal Net 2 as a static route
static_routes="internalnet2"
route_internalnet2="-net 192.168.2.0/24 192.168.1.2"The static_routes configuration
variable is a list of strings seperated by a space. Each
string references to a route name. In our above example we
only have one string in static_routes.
This string is internalnet2. We
then add a configuration variable called
route_internalnet2
where we put all of the configuration parameters we would
give to the &man.route.8; command. For our example above we
would have used the command:&prompt.root; route add -net 192.168.2.0/24 192.168.1.2so we need "-net 192.168.2.0/24 192.168.1.2".As said above, we can have more than one string in
static_routes. This allows us to
create multiple static routes. The following lines shows
an example of adding static routes for the 192.168.0.0/24 and 192.168.1.0/24 networks on an imaginary
router:static_routes="net1 net2"
route_net1="-net 192.168.0.0/24 192.168.0.1"
route_net2="-net 192.168.1.0/24 192.168.1.1"Routing Propagationrouting propagationWe have already talked about how we define our routes to the
outside world, but not about how the outside world finds us.We already know that routing tables can be set up so that all
traffic for a particular address space (in our examples, a class-C
subnet) can be sent to a particular host on that network, which will
forward the packets inbound.When you get an address space assigned to your site, your service
provider will set up their routing tables so that all traffic for your
subnet will be sent down your PPP link to your site. But how do sites
across the country know to send to your ISP?There is a system (much like the distributed DNS information) that
keeps track of all assigned address-spaces, and defines their point of
connection to the Internet Backbone. The Backbone are
the main trunk lines that carry Internet traffic across the country,
and around the world. Each backbone machine has a copy of a master
set of tables, which direct traffic for a particular network to a
specific backbone carrier, and from there down the chain of service
providers until it reaches your network.It is the task of your service provider to advertise to the
backbone sites that they are the point of connection (and thus the
path inward) for your site. This is known as route
propagation.TroubleshootingtracerouteSometimes, there is a problem with routing propagation, and some
sites are unable to connect to you. Perhaps the most useful command
for trying to figure out where routing is breaking down is the
&man.traceroute.8; command. It is equally useful if you cannot seem
to make a connection to a remote machine (i.e. &man.ping.8;
fails).The &man.traceroute.8; command is run with the name of the remote
host you are trying to connect to. It will show the gateway hosts
along the path of the attempt, eventually either reaching the target
host, or terminating because of a lack of connection.For more information, see the manual page for
&man.traceroute.8;.Multicast Routingmulticastoptions MROUTINGFreeBSD supports both multicast applications and multicast
routing natively. Multicast applications do not require any
special configuration of FreeBSD; applications will generally
run out of the box. Multicast routing
requires that support be compiled into the kernel:options MROUTINGIn addition, the multicast routing daemon, &man.mrouted.8;
must be configured to set up tunnels and DVMRP via
/etc/mrouted.conf. More details on
multicast configuration may be found in the manual page for
&man.mrouted.8;.EricAndersonWritten by Wireless Networkingwireless networking802.11wireless networkingIntroductionIt can be very useful to be able to use a computer without the
annoyance of having a network cable attached at all times. FreeBSD can
be used as a wireless client, and even as a wireless access
point.Wireless Modes of OperationThere are two different ways to configure 802.11 wireless devices:
BSS and IBSS.BSS ModeBSS mode is the mode that typically is used. BSS mode is
also called infrastructure mode. In this mode, a number of
wireless access points are connected to a wired network. Each
wireless network has its own name. This name is called the
SSID of the network.Wireless clients connect to these wireless access
points. The IEEE 802.11 standard defines the protocol that
wireless networks use to connect. A wireless client can be
tied to a specific network, when a SSID is set. A wireless
client can also attach to any network by not explicitly
setting a SSID.IBSS ModeIBSS mode, also called ad-hoc mode, is designed for point
to point connections. There are actually two types of ad-hoc
mode. One is IBSS mode, also called ad-hoc or IEEE ad-hoc
mode. This mode is defined by the IEEE 802.11 standards.
The second is called demo ad-hoc mode or Lucent ad-hoc mode
(and sometimes, confusingly, ad-hoc mode). This is the old,
pre-802.11 ad-hoc mode and should only be used for legacy
installations. We will not cover either of the ad-hoc modes
further.Infrastructure ModeAccess PointsAccess points are wireless networking devices that allow
one or more wireless clients to use the device as a central
hub. When using an access point, all clients communicate
through the access point. Multiple access points are often
used to cover a complete area such as a house, business, or
park with a wireless network.Access points typically have multiple network
connections: the wireless card, and one or more wired Ethernet
adapters for connection to the rest of the network.
Access points can either be purchased prebuilt, or you
can build your own with FreeBSD and a supported wireless card.
Several vendors make wireless access points and wireless cards
with various features.Building a FreeBSD Access Pointwireless networkingaccess pointRequirementsIn order to set up a wireless access point with
FreeBSD, you need to have a compatible wireless card.
Currently, only cards with the Prism chipset are
supported. You will also need a wired network card that is
supported by FreeBSD (this should not be difficult to find,
FreeBSD supports a lot of different devices). For this
guide, we will assume you want to &man.bridge.4; all traffic
between the wireless device and the network attached to the
wired network card.The hostap functionality that FreeBSD uses to implement
the access point works best with certain versions of
firmware. Prism 2 cards should use firmware version 1.3.4
or newer. Prism 2.5 and Prism 3 cards should use firmware
1.4.9. Older versions of the firmware way or may not
function correctly. At this time, the only way to update
cards is with &windows; firmware update utilities available
from your card's manufacturer.Setting It UpFirst, make sure your system can see the wireless card:&prompt.root; ifconfig -a
wi0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::202:2dff:fe2d:c938%wi0 prefixlen 64 scopeid 0x7
inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255
ether 00:09:2d:2d:c9:50
media: IEEE 802.11 Wireless Ethernet autoselect (DS/2Mbps)
status: no carrier
ssid ""
stationname "FreeBSD Wireless node"
channel 10 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1Do not worry about the details now, just make sure it shows you
something to indicate you have a wireless card installed.
If you have trouble seeing the wireless interface, and you
are using a PC Card, you may want to check out
&man.pccardc.8; and &man.pccardd.8; manual pages for more
information.Next, you will need to load a module in order to get
the bridging part of FreeBSD ready for the access point.
To load the &man.bridge.4; module, simply run the
following command:&prompt.root; kldload bridgeIt should not have produced any errors when loading the
module. If it did, you may need to compile the
&man.bridge.4; code into your kernel. The Bridging section of this handbook
should be able to help you accomplish that task.Now that you have the bridging stuff done, we need to
tell the FreeBSD kernel which interfaces to bridge together.
We do that by using &man.sysctl.8;:&prompt.root; sysctl net.link.ether.bridge=1
&prompt.root; sysctl net.link.ether.bridge_cfg="wi0,xl0"
&prompt.root; sysctl net.inet.ip.forwarding=1On &os; 5.2-RELEASE and later, you have to use
instead the following options:&prompt.root; sysctl net.link.ether.bridge.enable=1
&prompt.root; sysctl net.link.ether.bridge.config="wi0,xl0"
&prompt.root; sysctl net.inet.ip.forwarding=1Now it is time for the wireless card setup.
The following command will set the card into an access point:
&prompt.root; ifconfig wi0 ssid my_net channel 11 media DS/11Mbps mediaopt hostap up stationname "FreeBSD AP"The &man.ifconfig.8; line brings the
wi0 interface up, sets its SSID to
my_net, and sets the station name to
FreeBSD AP. The sets the card into 11Mbps mode and is
needed for any to take effect.
The option places the
interface into access point mode. The option sets the 802.11b channel to use. The
&man.wicontrol.8; manual page has valid channel options for
your regulatory domain.
Now you should have a complete functioning access point
up and running. You are encouraged to read
&man.wicontrol.8;, &man.ifconfig.8;, and &man.wi.4; for
further information.
It is also suggested that you read the section on encryption that follows.Status InformationOnce the access point is configured and operational,
operators will want to see the clients that are associated
with the access point. At any time, the operator may type:&prompt.root; wicontrol -l
1 station:
00:09:b7:7b:9d:16 asid=04c0, flags=3<ASSOC,AUTH>, caps=1<ESS>, rates=f<1M,2M,5.5M,11M>, sig=38/15
This shows that there is one station associated, along
with its parameters. The signal indicated should be used
as a relative indication of strength only. Its
translation to dBm or other units varies between different
firmware revisions.ClientsA wireless client is a system that accesses an access
point or another client directly. Typically, wireless clients only have one network device,
the wireless networking card.There are a few different ways to configure a wireless
client. These are based on the different wireless modes,
generally BSS (infrastructure mode, which requires an access
point), and IBSS (ad-hoc, or peer-to-peer mode). In our
example, we will use the most popular of the two, BSS mode, to
talk to an access point.RequirementsThere is only one real requirement for setting up FreeBSD as a wireless client.
You will need a wireless card that is supported by FreeBSD.Setting Up a Wireless FreeBSD ClientYou will need to know a few things about the wireless
network you are joining before you start. In this example, we
are joining a network that has a name of
my_net, and encryption turned off.In this example, we are not using encryption, which
is a dangerous situation. In the next section, you will learn
how to turn on encryption, why it is important to do so,
and why some encryption technologies still do not completely
protect you.Make sure your card is recognized by FreeBSD:&prompt.root; ifconfig -a
wi0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::202:2dff:fe2d:c938%wi0 prefixlen 64 scopeid 0x7
inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255
ether 00:09:2d:2d:c9:50
media: IEEE 802.11 Wireless Ethernet autoselect (DS/2Mbps)
status: no carrier
ssid ""
stationname "FreeBSD Wireless node"
channel 10 authmode OPEN powersavemode OFF powersavesleep 100
wepmode OFF weptxkey 1Now, we can set the card to the correct settings for our
network:&prompt.root; ifconfig wi0 inet 192.168.0.20 netmask 255.255.255.0 ssid my_netReplace 192.168.0.20 and
255.255.255.0 with a valid IP
address and netmask on your wired network. Remember, our
access point is bridging the data between the wireless
network, and the wired network, so it will appear to the other
devices on your network that you are on the wired network just
as they are.Once you have done that, you should be able to ping hosts
on the wired network just as if you were connected using a
standard wired connection.If you are experiencing problems with your wireless
connection, check to make sure that your are associated
(connected) to the access point:&prompt.root; ifconfig wi0should return some information, and you should see:status: associatedIf it does not show associated, then you may be out of
range of the access point, have encryption on, or
possibly have a configuration problem.Encryptionwireless networkingencryptionEncryption on a wireless network is important because you
no longer have the ability to keep the network contained in a
well protected area. Your wireless data will be broadcast
across your entire neighborhood, so anyone who cares to read it
can. This is where encryption comes in. By encrypting the
data that is sent over the airwaves, you make it much more
difficult for any interested party to grab your data right out
of the air. The two most common ways to encrypt the data between your
client and the access point are WEP, and &man.ipsec.4;.WEPWEPWEP is an abbreviation for Wired Equivalency Protocol.
WEP is an attempt to make wireless networks as safe and secure
as a wired network. Unfortunately, it has been cracked, and is
fairly trivial to break. This also means it is not something
to rely on when it comes to encrypting sensitive data. It is better than nothing, so use the following to turn on
WEP on your new FreeBSD access point:&prompt.root; ifconfig wi0 inet up ssid my_net wepmode on wepkey 0x1234567890 media DS/11Mbps mediaopt hostapAnd you can turn on WEP on a client with this command:&prompt.root; ifconfig wi0 inet 192.168.0.20 netmask 255.255.255.0 ssid my_net wepmode on wepkey 0x1234567890Note that you should replace the 0x1234567890 with a more unique key.IPsec&man.ipsec.4; is a much more robust and powerful tool for
encrypting data across a network. This is definitely the
preferred way to encrypt data over a wireless network. You can
read more about &man.ipsec.4; security and how to implement it
in the IPsec section of this
handbook.ToolsThere are a small number of tools available for use in
debugging and setting up your wireless network, and here we will
attempt to describe some of them and what they do.The bsd-airtools PackageThe bsd-airtools package is a
complete toolset that includes wireless auditing tools for WEP
key cracking, access point detection, etc.The bsd-airtools utilities can be
installed from the net/bsd-airtools port. Information on
installing ports can be found in of this
handbook.The program dstumbler is the packaged
tool that allows for access point discovery and signal to noise
ratio graphing. If you are having a hard time getting your
access point up and running, dstumbler may
help you get started.To test your wireless network security, you may choose to
use dweputils (dwepcrack,
dwepdump and dwepkeygen)
to help you determine if WEP is the right solution to your
wireless security needs.The wicontrol, ancontrol and raycontrol UtilitiesThese are the tools you can use to control how your wireless
card behaves on the wireless network. In the examples above, we
have chosen to use &man.wicontrol.8;, since our wireless card is
a wi0 interface. If you had a Cisco
wireless device, it would come up as
an0, and therefore you would use
&man.ancontrol.8;.The ifconfig CommandifconfigThe &man.ifconfig.8; command can be used to do many of the same options
as &man.wicontrol.8;, however it does lack a few options. Check
&man.ifconfig.8; for command line parameters and options.Supported CardsAccess PointsThe only cards that are currently supported for BSS (as an
access point) mode are devices based on the Prism 2, 2.5, or 3
chipsets. For a complete list, look at &man.wi.4;.ClientsAlmost all 802.11b wireless cards are currently supported
under FreeBSD. Most cards based on Prism, Spectrum24, Hermes,
Aironet, and Raylink will work as a wireless network card in
IBSS (ad-hoc, peer-to-peer, and BSS) mode.PavLucistnikWritten by pav@oook.czBluetoothBluetoothIntroductionBluetooth is a wireless technology for creating personal networks
operating in the 2.4 GHz unlicensed band, with a range of 10 meters.
Networks are usually formed ad-hoc from portable devices such as
cellular phones, handhelds and laptops. Unlike the other popular
wireless technology, Wi-Fi, Bluetooth offers higher level service
profiles, e.g. FTP-like file servers, file pushing, voice transport,
serial line emulation, and more.The Bluetooth stack in &os; is implemented using the Netgraph
framework (see &man.netgraph.4;). A broad variety of Bluetooth USB
dongles is supported by the &man.ng.ubt.4; driver. The Broadcom BCM2033
chip based Bluetooth devices are supported via the &man.ubtbcmfw.4; and
&man.ng.ubt.4; drivers. The 3Com Bluetooth PC Card 3CRWB60-A is
supported by the &man.ng.bt3c.4; driver. Serial and UART based
Bluetooth devices are supported via &man.sio.4;, &man.ng.h4.4;
and &man.hcseriald.8;. This chapter describes the use of the USB
Bluetooth dongle. Bluetooth support is available in &os; 5.0 and newer
systems.Plugging in the DeviceBy default Bluetooth device drivers are available as kernel modules.
Before attaching a device, you will need to load the driver into the
kernel.&prompt.root; kldload ng_ubtIf the Bluetooth device is present in the system during system
startup, load the module from
/boot/loader.conf.ng_ubt_load="YES"Plug in your USB dongle. The output similar to the following will
appear on the console (or in syslog).ubt0: vendor 0x0a12 product 0x0001, rev 1.10/5.25, addr 2
ubt0: Interface 0 endpoints: interrupt=0x81, bulk-in=0x82, bulk-out=0x2
ubt0: Interface 1 (alt.config 5) endpoints: isoc-in=0x83, isoc-out=0x3,
wMaxPacketSize=49, nframes=6, buffer size=294Copy
/usr/share/examples/netgraph/bluetooth/rc.bluetooth
into some convenient place, like /etc/rc.bluetooth.
This script is used to start and stop the Bluetooth stack. It is a good
idea to stop the stack before unplugging the device, but it is not
(usually) fatal. When starting the stack, you will receive output similar
to the following:&prompt.root; /etc/rc.bluetooth start ubt0
BD_ADDR: 00:02:72:00:d4:1a
Features: 0xff 0xff 0xf 00 00 00 00 00
<3-Slot> <5-Slot> <Encryption> <Slot offset>
<Timing accuracy> <Switch> <Hold mode> <Sniff mode>
<Park mode> <RSSI> <Channel quality> <SCO link>
<HV2 packets> <HV3 packets> <u-law log> <A-law log> <CVSD>
<Paging scheme> <Power control> <Transparent SCO data>
Max. ACL packet size: 192 bytes
Number of ACL packets: 8
Max. SCO packet size: 64 bytes
Number of SCO packets: 8HCIHost Controller Interface (HCI)Host Controller Interface (HCI) provides a command interface to the
baseband controller and link manager, and access to hardware status and
control registers. This interface provides a uniform method of accessing
the Bluetooth baseband capabilities. HCI layer on the Host exchanges
data and commands with the HCI firmware on the Bluetooth hardware.
The Host Controller Transport Layer (i.e. physical bus) driver provides
both HCI layers with the ability to exchange information with each
other.A single Netgraph node of type hci is
created for a single Bluetooth device. The HCI node is normally
connected to the Bluetooth device driver node (downstream) and
the L2CAP node (upstream). All HCI operations must be performed
on the HCI node and not on the device driver node. Default name
for the HCI node is devicehci.
For more details refer to the &man.ng.hci.4; man page.One of the most common tasks is discovery of Bluetooth devices in
RF proximity. This operation is called inquiry.
Inquiry and other HCI realated operations are done with the
&man.hccontrol.8; utility. The example below shows how to find out
which Bluetooth devices are in range. You should receive the list of
devices in a few seconds. Note that a remote device will only answer
the inquiry if it put into discoverable
mode.&prompt.user; hccontrol -n ubt0hci inquiry
Inquiry result, num_responses=1
Inquiry result #0
BD_ADDR: 00:80:37:29:19:a4
Page Scan Rep. Mode: 0x1
Page Scan Period Mode: 00
Page Scan Mode: 00
Class: 52:02:04
Clock offset: 0x78ef
Inquiry complete. Status: No error [00]BD_ADDR is unique address of a Bluetooth
device, similar to MAC addresses of a network card. This address
is needed for further communication with a device. It is possible
to assign human readable name to a BD_ADDR.
The /etc/bluetooth/hosts file contains information
regarding the known Bluetooth hosts. The following example shows how
to obtain human readable name that was assigned to the remote
device.&prompt.user; hccontrol -n ubt0hci remote_name_request 00:80:37:29:19:a4
BD_ADDR: 00:80:37:29:19:a4
Name: Pav's T39If you perform an inquiry on a remote Bluetooth device, it will
find your computer as your.host.name (ubt0). The name
assigned to the local device can be changed at any time.The Bluetooth system provides a point-to-point connection (only two
Bluetooth units involved), or a point-to-multipoint connection. In the
point-to-multipoint connection the connection is shared among several
Bluetooth devices. The following example shows how to obtain the list
of active baseband connections for the local device.&prompt.user; hccontrol -n ubt0hci read_connection_list
Remote BD_ADDR Handle Type Mode Role Encrypt Pending Queue State
00:80:37:29:19:a4 41 ACL 0 MAST NONE 0 0 OPENA connection handle is useful when termination
of the baseband connection is required. Note, that it is normally not
required to do it by hand. The stack will automatically terminate
inactive baseband connections.&prompt.root; hccontrol -n ubt0hci disconnect 41
Connection handle: 41
Reason: Connection terminated by local host [0x16]Refer to hccontrol help for a complete listing
of available HCI commands. Most of the HCI commands do not require
superuser privileges.L2CAPLogical Link Control and Adaptation Protocol (L2CAP)Logical Link Control and Adaptation Protocol (L2CAP) provides
connection-oriented and connectionless data services to upper layer
protocols with protocol multiplexing capability and segmentation and
reassembly operation. L2CAP permits higher level protocols and
applications to transmit and receive L2CAP data packets up to 64
kilobytes in length.L2CAP is based around the concept of channels.
Channel is a logical connection on top of baseband connection. Each
channel is bound to a single protocol in a many-to-one fashion. Multiple
channels can be bound to the same protocol, but a channel cannot be
bound to multiple protocols. Each L2CAP packet received on a channel is
directed to the appropriate higher level protocol. Multiple channels
can share the same baseband connection.A single Netgraph node of type l2cap is
created for a single Bluetooth device. The L2CAP node is normally
connected to the Bluetooth HCI node (downstream) and Bluetooth sockets
nodes (upstream). Default name for the L2CAP node is
devicel2cap. For more details refer to the
&man.ng.l2cap.4; man page.A useful command is &man.l2ping.8;, which can be used to ping
other devices. Some Bluetooth implementations might not return all of
the data sent to them, so 0 bytes in the following
example is normal.&prompt.root; l2ping -a 00:80:37:29:19:a4
0 bytes from 0:80:37:29:19:a4 seq_no=0 time=48.633 ms result=0
0 bytes from 0:80:37:29:19:a4 seq_no=1 time=37.551 ms result=0
0 bytes from 0:80:37:29:19:a4 seq_no=2 time=28.324 ms result=0
0 bytes from 0:80:37:29:19:a4 seq_no=3 time=46.150 ms result=0The &man.l2control.8; utility is used to perform various operations
on L2CAP nodes. This example shows how to obtain the list of logical
connections (channels) and the list of baseband connections for the
local device.&prompt.user; l2control -a 00:02:72:00:d4:1a read_channel_list
L2CAP channels:
Remote BD_ADDR SCID/ DCID PSM IMTU/ OMTU State
00:07:e0:00:0b:ca 66/ 64 3 132/ 672 OPEN
&prompt.user; l2control -a 00:02:72:00:d4:1a read_connection_list
L2CAP connections:
Remote BD_ADDR Handle Flags Pending State
00:07:e0:00:0b:ca 41 O 0 OPENAnother diagnostic tool is &man.btsockstat.1;. It does a job
similar to as &man.netstat.1; does, but for Bluetooth network-related
data structures. The example below shows the same logical connection as
&man.l2control.8; above.&prompt.user; btsockstat
Active L2CAP sockets
PCB Recv-Q Send-Q Local address/PSM Foreign address CID State
c2afe900 0 0 00:02:72:00:d4:1a/3 00:07:e0:00:0b:ca 66 OPEN
Active RFCOMM sessions
L2PCB PCB Flag MTU Out-Q DLCs State
c2afe900 c2b53380 1 127 0 Yes OPEN
Active RFCOMM sockets
PCB Recv-Q Send-Q Local address Foreign address Chan DLCI State
c2e8bc80 0 250 00:02:72:00:d4:1a 00:07:e0:00:0b:ca 3 6 OPENRFCOMMRFCOMM ProtocolThe RFCOMM protocol provides emulation of serial ports over the
L2CAP protocol. The protocol is based on the ETSI standard TS 07.10.
RFCOMM is a simple transport protocol, with additional provisions for
emulating the 9 circuits of RS-232 (EIATIA-232-E) serial ports. The
RFCOMM protocol supports up to 60 simultaneous connections (RFCOMM
channels) between two Bluetooth devices.For the purposes of RFCOMM, a complete communication path involves
two applications running on different devices (the communication
endpoints) with a communication segment between them. RFCOMM is intended
to cover applications that make use of the serial ports of the devices
in which they reside. The communication segment is a Bluetooth link from
one device to another (direct connect).RFCOMM is only concerned with the connection between the devices in
the direct connect case, or between the device and a modem in the
network case. RFCOMM can support other configurations, such as modules
that communicate via Bluetooth wireless technology on one side and
provide a wired interface on the other side.In &os; the RFCOMM protocol is implemented at the Bluetooth sockets
layer.pairingPairing of DevicesBy default, Bluetooth communication is not authenticated, and any
device can talk to any other device. A Bluetooth device (for example,
cellular phone) may choose to require authentication to provide a
particular service (for example, Dial-Up service). Bluetooth
authentication is normally done with PIN codes.
A PIN code is an ASCII string up to 16 characters in length. User is
required to enter the same PIN code on both devices. Once user has
entered the PIN code, both devices will generate a
link key. After that the link key can be stored
either in the devices themselves or in a persistent storage. Next time
both devices will use previously generated link key. The described
above procedure is called pairing. Note that if
the link key is lost by any device then pairing must be repeated.The &man.hcsecd.8; daemon is responsible for handling of all
Bluetooth authentication requests. The default configuration file is
/etc/bluetooth/hcsecd.conf. An example section for
a cellular phone with the PIN code arbitrarily set to
1234 is shown below.device {
bdaddr 00:80:37:29:19:a4;
name "Pav's T39";
key nokey;
pin "1234";
}There is no limitation on PIN codes (except length). Some devices
(for example Bluetooth headsets) may have a fixed PIN code built in.
The switch forces the &man.hcsecd.8; daemon to stay
in the foreground, so it is easy to see what is happening. Set the
remote device to receive pairing and initiate the Bluetooth connection
to the remote device. The remote device should say that pairing was
accepted, and request the PIN code. Enter the same PIN code as you
have in hcsecd.conf. Now your PC and the remote
device are paired. Alternatively, you can initiate pairing on the remote
device. Below in the sample hcsecd output.hcsecd[16484]: Got Link_Key_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4
hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', link key doesn't exist
hcsecd[16484]: Sending Link_Key_Negative_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4
hcsecd[16484]: Got PIN_Code_Request event from 'ubt0hci', remote bdaddr 0:80:37:29:19:a4
hcsecd[16484]: Found matching entry, remote bdaddr 0:80:37:29:19:a4, name 'Pav's T39', PIN code exists
hcsecd[16484]: Sending PIN_Code_Reply to 'ubt0hci' for remote bdaddr 0:80:37:29:19:a4SDPService Discovery Protocol (SDP)The Service Discovery Protocol (SDP) provides the means for client
applications to discover the existence of services provided by server
applications as well as the attributes of those services. The attributes
of a service include the type or class of service offered and the
mechanism or protocol information needed to utilize the service.SDP involves communication between a SDP server and a SDP client.
The server maintains a list of service records that describe the
characteristics of services associated with the server. Each service
record contains information about a single service. A client may
retrieve information from a service record maintained by the SDP server
by issuing a SDP request. If the client, or an application associated
with the client, decides to use a service, it must open a separate
connection to the service provider in order to utilize the service.
SDP provides a mechanism for discovering services and their attributes,
but it does not provide a mechanism for utilizing those services.Normally, a SDP client searches for services based on some desired
characteristics of the services. However, there are times when it is
desirable to discover which types of services are described by an SDP
server's service records without any a priori information about the
services. This process of looking for any offered services is called
browsing.The Bluetooth SDP server &man.sdpd.8; and command line client
&man.sdpcontrol.8; are included in the standard &os; installation.
The following example shows how to perform a SDP browse query.&prompt.user; sdpcontrol -a 00:01:03:fc:6e:ec browse
Record Handle: 00000000
Service Class ID List:
Service Discovery Server (0x1000)
Protocol Descriptor List:
L2CAP (0x0100)
Protocol specific parameter #1: u/int/uuid16 1
Protocol specific parameter #2: u/int/uuid16 1
Record Handle: 0x00000001
Service Class ID List:
Browse Group Descriptor (0x1001)
Record Handle: 0x00000002
Service Class ID List:
LAN Access Using PPP (0x1102)
Protocol Descriptor List:
L2CAP (0x0100)
RFCOMM (0x0003)
Protocol specific parameter #1: u/int8/bool 1
Bluetooth Profile Descriptor List:
LAN Access Using PPP (0x1102) ver. 1.0
... and so on. Note that each service has a list of attributes
(RFCOMM channel for example). Depending on the service you might need to
make a note of some of the attributes. Some Bluetooth implementations do
not support service browsing and may return an empty list. In this case
it is possible to search for the specific service. The example below
shows how to search for the OBEX Object Push (OPUSH) service.&prompt.user; sdpcontrol -a 00:01:03:fc:6e:ec search OPUSHOffering services on &os; to Bluetooth clients is done with the
&man.sdpd.8; server.&prompt.root; sdpdThe local server application that wants to provide Bluetooth
service to the remote clients will register service with the local
SDP daemon. The example of such application is &man.rfcomm.pppd.8;.
Once started it will register Bluetooth LAN service with the local
SDP daemon.The list of services registered with the local SDP server can be
obtained by issuing SDP browse query via local control channel.&prompt.root; sdpcontrol -l browseDial-Up Networking (DUN) and Network Access with PPP (LAN)
ProfilesThe Dial-Up Networking (DUN) profile is mostly used with modems
and cellular phones. The scenarios covered by this profile are the
following:use of a cellular phone or modem by a computer as
a wireless modem for connecting to a dial-up internet access server,
or using other dial-up services;use of a cellular phone or modem by a computer to
receive data calls.Network Access with PPP (LAN) profile can be used in the following
situations:LAN access for a single Bluetooth device;
LAN access for multiple Bluetooth devices;
PC to PC (using PPP networking over serial cable
emulation).In &os; both profiles are implemented with &man.ppp.8; and
&man.rfcomm.pppd.8; - a wrapper that converts RFCOMM Bluetooth
connection into something PPP can operate with. Before any profile
can be used, a new PPP label in the /etc/ppp/ppp.conf
must be created. Consult &man.rfcomm.pppd.8; manual page for examples.
In the following example &man.rfcomm.pppd.8; will be used to open
RFCOMM connection to remote device with BD_ADDR 00:80:37:29:19:a4 on
DUN RFCOMM channel. The actual RFCOMM channel number will be obtained
from the remote device via SDP. It is possible to specify RFCOMM channel
by hand, and in this case &man.rfcomm.pppd.8; will not perform SDP
query. Use &man.sdpcontrol.8; to find out RFCOMM
channel on the remote device.&prompt.root; rfcomm_pppd -a 00:80:37:29:19:a4 -c -C dun -l rfcomm-dialupIn order to provide Network Access with PPP (LAN) service the
&man.sdpd.8; server must be running. A new entry for LAN clients must
be created in the /etc/ppp/ppp.conf file. Consult
&man.rfcomm.pppd.8; manual page for examples. Finally, start RFCOMM PPP
server on valid RFCOMM channel number. The RFCOMM PPP server will
automatically register Bluetooth LAN service with the local SDP daemon.
The example below shows how to start RFCOMM PPP server.&prompt.root; rfcomm_pppd -s -C 7 -l rfcomm-serverOBEXOBEX Object Push (OPUSH) ProfileOBEX is a widely used protocol for simple file transfers between
mobile devices. Its main use is in infrared communication, where it is
used for generic file transfers between notebooks or Palm handhelds,
and for sending business cards or calendar entries between cellular
phones and other devices with PIM applications.The OBEX server and client are implemented as a third-party package
obexapp, which is available as
comms/obexapp port.OBEX client is used to push and/or pull objects from the OBEX server.
An object can, for example, be a business card or an appointment.
The OBEX client can obtain RFCOMM channel number from the remote device
via SDP. This can be done by specifying service name instead of RFCOMM
channel number. Supported service names are: IrMC, FTRN and OPUSH.
It is possible to specify RFCOMM channel as a number. Below is an
example of an OBEX session, where device information object is pulled
from the cellular phone, and a new object (business card) is pushed
into the phone's directory.&prompt.user; obexapp -a 00:80:37:29:19:a4 -C IrMC
obex> get
get: remote file> telecom/devinfo.txt
get: local file> devinfo-t39.txt
Success, response: OK, Success (0x20)
obex> put
put: local file> new.vcf
put: remote file> new.vcf
Success, response: OK, Success (0x20)
obex> di
Success, response: OK, Success (0x20)In order to provide OBEX Object Push service,
&man.sdpd.8; server must be running. A root folder, where all incoming
objects will be stored, must be created. The default path to the root
folder is /var/spool/obex. Finally, start OBEX
server on valid RFCOMM channel number. The OBEX server will
automatically register OBEX Object Push service with the local SDP
daemon. The example below shows how to start OBEX server.&prompt.root; obexapp -s -C 10Serial Port (SP) ProfileThe Serial Port (SP) profile allows Bluetooth devices to perform
RS232 (or similar) serial cable emulation. The scenario covered by this
profile deals with legacy applications using Bluetooth as a cable
replacement, through a virtual serial port abstraction.The &man.rfcomm.sppd.1; utility implements the Serial Port profile.
A pseudo tty is used as a virtual serial port abstraction. The example
below shows how to connect to a remote device Serial Port service.
Note that you do not have to specify a RFCOMM channel -
&man.rfcomm.sppd.1; can obtain it from the remote device via SDP.
If you would like to override this, specify a RFCOMM channel on the
command line.&prompt.root; rfcomm_sppd -a 00:07:E0:00:0B:CA -t /dev/ttyp6
rfcomm_sppd[94692]: Starting on /dev/ttyp6...Once connected, the pseudo tty can be used as serial port.&prompt.root; cu -l ttyp6TroubleshootingA remote device cannot connectSome older Bluetooth devices do not support role switching.
By default, when &os; is accepting a new connection, it tries to
perform a role switch and become master. Devices, which do not
support this will not be able to connect. Note that role switching is
performed when a new connection is being established, so it is not
possible to ask the remote device if it does support role switching.
There is a HCI option to disable role switching on the local
side.&prompt.root; hccontrol -n ubt0hci write_node_role_switch 0Something is going wrong, can I see what exactly is happening?Yes, you can. Use the hcidump-1.5
third-party package that can be downloaded from
here.
The hcidump utility is similar to
&man.tcpdump.1;. It can be used to display the content of the Bluetooth
packets on the terminal and to dump the Bluetooth packets to a
file.StevePetersonWritten by BridgingIntroductionIP subnetbridgeIt is sometimes useful to divide one physical network
(such as an Ethernet segment) into two separate network
segments without having to create IP subnets and use a router
to connect the segments together. A device that connects two
networks together in this fashion is called a
bridge. A FreeBSD system with two network
interface cards can act as a bridge.The bridge works by learning the MAC layer addresses
(Ethernet addresses) of the devices on each of its network interfaces.
It forwards traffic between two networks only when its source and
destination are on different networks.In many respects, a bridge is like an Ethernet switch with very
few ports.Situations Where Bridging Is AppropriateThere are two common situations in which a bridge is used
today.High Traffic on a SegmentSituation one is where your physical network segment is
overloaded with traffic, but you do not want for whatever reason to
subnet the network and interconnect the subnets with a
router.Let us consider an example of a newspaper where the Editorial and
Production departments are on the same subnetwork. The Editorial
users all use server A for file service, and the Production users
are on server B. An Ethernet network is used to connect all users together,
and high loads on the network are slowing things down.If the Editorial users could be segregated on one
network segment and the Production users on another, the two
network segments could be connected with a bridge. Only the
network traffic destined for interfaces on the
other side of the bridge would be sent to the
other network, reducing congestion on each network
segment.Filtering/Traffic Shaping Firewallfirewallnetwork address translationThe second common situation is where firewall functionality is
needed without network address translation (NAT).An example is a small company that is connected via DSL
or ISDN to their ISP. They have a 13 globally-accessible IP
addresses from their ISP and have 10 PCs on their network.
In this situation, using a router-based firewall is
difficult because of subnetting issues.routerDSLISDNA bridge-based firewall can be configured and dropped into the
path just downstream of their DSL/ISDN router without any IP
numbering issues.Configuring a BridgeNetwork Interface Card SelectionA bridge requires at least two network cards to function.
Unfortunately, not all network interface cards as of FreeBSD 4.0
support bridging. Read &man.bridge.4; for details on the cards that
are supported.Install and test the two network cards before continuing.Kernel Configuration Changeskernel optionsoptions BRIDGETo enable kernel support for bridging, add the:options BRIDGEstatement to your kernel configuration file, and rebuild your
kernel.Firewall SupportfirewallIf you are planning to use the bridge as a firewall, you
will need to add the IPFIREWALL option as
well. Read for general
information on configuring the bridge as a firewall.If you need to allow non-IP packets (such as ARP) to flow
through the bridge, there is a firewall option that
must be set. This option is
IPFIREWALL_DEFAULT_TO_ACCEPT. Note that this
changes the default rule for the firewall to accept any packet.
Make sure you know how this changes the meaning of your ruleset
before you set it.Traffic Shaping SupportIf you want to use the bridge as a traffic shaper, you will need
to add the DUMMYNET option to your kernel
configuration. Read &man.dummynet.4; for further
information.Enabling the BridgeAdd the line:net.link.ether.bridge=1to /etc/sysctl.conf to enable the bridge at
runtime, and the line:net.link.ether.bridge_cfg=if1,if2to enable bridging on the specified interfaces (replace
if1 and
if2 with the names of your two
network interfaces). If you want the bridged packets to be
filtered by &man.ipfw.8;, you should add:net.link.ether.bridge_ipfw=1as well.For &os; 5.2-RELEASE and later, use instead the following
lines:net.link.ether.bridge.enable=1
net.link.ether.bridge.config=if1,if2
net.link.ether.bridge.ipfw=1Other InformationIf you want to be able to &man.ssh.1; into the bridge from the network,
it is correct to assign one of the network cards an IP address. The
consensus is that assigning both cards an address is a bad
idea.If you have multiple bridges on your network, there cannot be more
than one path between any two workstations. Technically, this means
that there is no support for spanning tree link management.A bridge can add latency to your &man.ping.8; times, especially for
traffic from one segment to another.TomRhodesReorganized and enhanced by BillSwingleWritten by NFSNFSAmong the many different filesystems that FreeBSD supports is
the Network File System, also known as NFS.
NFS allows a system to share directories and files
with others over a network. By using NFS, users and
programs can access files on remote systems almost as if they were local
files.Some of the most notable benefits that
NFS can provide are:Local workstations use less disk space because
commonly used data can be stored on a single machine and still
remain accessible to others over the network.There is no need for users to have separate home directories
on every network machine. Home directories could be set up on the
NFS server and made available throughout
the network.Storage devices such as floppy disks, CDROM drives, and
ZIP drives can be used by other machines on the network.
This may reduce the number of removable media drives
throughout the network.How NFS WorksNFS consists of at least two main parts:
a server and one or more clients. The client remotely accesses
the data that is stored
on the server machine. In order for this to function properly a few
processes have to be configured and running.In &os; 5.X, the portmap utility
has been replaced with the rpcbind utility. Thus,
in &os; 5.X the user is required to replace every instance of
portmap with rpcbind
in the forthcoming examples.The server has to be running the following daemons:NFSserverportmapmountdnfsdDaemonDescriptionnfsdThe NFS daemon which services requests from
the NFS clients.mountdThe NFS mount daemon which carries out
the requests that &man.nfsd.8; passes on to it.portmap The portmapper daemon
allows NFS clients to discover which port the NFS server
is using.The client can also run a daemon, known as
nfsiod. The
nfsiod daemon services the requests
from the NFS server. This is optional, and
improves performance, but is not required for normal and
correct operation. See the &man.nfsiod.8; manual page for
more information.
Configuring NFSNFSconfigurationNFS configuration is a relatively
straightforward process. The processes that need to be
running can all start at boot time with a few modifications to
your /etc/rc.conf file.On the NFS server, make sure that the
following options are configured in the
/etc/rc.conf file:portmap_enable="YES"
nfs_server_enable="YES"
mountd_flags="-r"mountd runs automatically whenever the
NFS server is enabled.On the client, make sure this option is present in
/etc/rc.conf:nfs_client_enable="YES"The /etc/exports file specifies which
filesystems NFS should export (sometimes
referred to as share). Each line in
/etc/exports specifies a filesystem to be
exported and which machines have access to that filesystem.
Along with what machines have access to that filesystem,
access options may also be specified. There are many such
options that can be used in this file but only a few will be
mentioned here. You can easily discover other options by
reading over the &man.exports.5; manual page.Here are a few example /etc/exports
entries:NFSexport examplesThe following examples give an idea of how to export filesystems,
although the settings may be different depending on
your environment and network configuration.
For instance, to export the /cdrom directory to
three example machines that have the same domain name as the server
(hence the lack of a domain name for each) or have entries in your
/etc/hosts file. The
flag makes the exported filesystem read-only. With this flag, the
remote system will not be able to write any changes to the
exported filesystem./cdrom -ro host1 host2 host3The following line exports /home to
three hosts by IP address. This is a useful setup if you have
a private network without a DNS server
configured. Optionally the /etc/hosts
file could be configured for internal hostnames; please review
&man.hosts.5; for more information. The
flag allows the subdirectories to be
mount points. In other words, it will not mount the
subdirectories but permit the client to mount only the
directories that are required or needed./home -alldirs 10.0.0.2 10.0.0.3 10.0.0.4The following line exports /a so that
two clients from different domains may access the filesystem.
The flag allows the
root user on the remote system to write
data on the exported filesystem as root.
If the -maproot=root flag is not specified,
then even if a user has root access on
the remote system, he will not be able to modify files on
the exported filesystem./a -maproot=root host.example.com box.example.orgIn order for a client to access an exported filesystem,
the client must have permission to do so. Make sure the
client is listed in your /etc/exports
file.In /etc/exports, each line represents
the export information for one filesystem to one host. A
remote host can only be specified once per filesystem, and may
only have one default entry. For example, assume that
/usr is a single filesystem. The
following /etc/exports would be
invalid:/usr/src client
/usr/ports clientOne filesystem, /usr, has two lines
specifying exports to the same host, client.
The correct format for this situation is:/usr/src /usr/ports clientThe properties of one filesystem exported to a given host
must all occur on one line. Lines without a client specified
are treated as a single host. This limits how you can export
filesystems, but for most people this is not an issue.The following is an example of a valid export list, where
/usr and /exports
are local filesystems:# Export src and ports to client01 and client02, but only
# client01 has root privileges on it
/usr/src /usr/ports -maproot=root client01
/usr/src /usr/ports client02
# The client machines have root and can mount anywhere
# on /exports. Anyone in the world can mount /exports/obj read-only
/exports -alldirs -maproot=root client01 client02
/exports/obj -roYou must restart
mountd whenever you modify
/etc/exports so the changes can take effect.
This can be accomplished by sending the HUP signal
to the mountd process:&prompt.root; kill -HUP `cat /var/run/mountd.pid`Alternatively, a reboot will make FreeBSD set everything
up properly. A reboot is not necessary though.
Executing the following commands as root
should start everything up.On the NFS server:&prompt.root; portmap
&prompt.root; nfsd -u -t -n 4
&prompt.root; mountd -rOn the NFS client:&prompt.root; nfsiod -n 4Now everything should be ready to actually mount a remote file
system. In these examples the
server's name will be server and the client's
name will be client. If you only want to
temporarily mount a remote filesystem or would rather test the
configuration, just execute a command like this as root on the
client:NFSmounting&prompt.root; mount server:/home /mntThis will mount the /home directory
on the server at /mnt on the client. If
everything is set up correctly you should be able to enter
/mnt on the client and see all the files
that are on the server.If you want to automatically mount a remote filesystem
each time the computer boots, add the filesystem to the
/etc/fstab file. Here is an example:server:/home /mnt nfs rw 0 0The &man.fstab.5; manual page lists all the available options.Practical UsesNFS has many practical uses. Some of the more common
ones are listed below:NFSusesSet several machines to share a CDROM or other media
among them. This is cheaper and often a more convenient
method to install software on multiple machines.On large networks, it might be more convenient to
configure a central NFS server in which
to store all the user home directories. These home
directories can then be exported to the network so that
users would always have the same home directory,
regardless of which workstation they log in to.Several machines could have a common
/usr/ports/distfiles directory. That
way, when you need to install a port on several machines,
you can quickly access the source without downloading it
on each machine.WylieStilwellContributed by ChernLeeRewritten by Automatic Mounts with amdamdautomatic mounter daemon&man.amd.8; (the automatic mounter daemon)
automatically mounts a
remote filesystem whenever a file or directory within that
filesystem is accessed. Filesystems that are inactive for a
period of time will also be automatically unmounted by
amd. Using
amd provides a simple alternative
to permanent mounts, as permanent mounts are usually listed in
/etc/fstab.amd operates by attaching
itself as an NFS server to the /host and
/net directories. When a file is accessed
within one of these directories, amd
looks up the corresponding remote mount and automatically mounts
it. /net is used to mount an exported
filesystem from an IP address, while /host
is used to mount an export from a remote hostname.An access to a file within
/host/foobar/usr would tell
amd to attempt to mount the
/usr export on the host
foobar.Mounting an Export with amdYou can view the available mounts of a remote host with
the showmount command. For example, to
view the mounts of a host named foobar, you
can use:&prompt.user; showmount -e foobar
Exports list on foobar:
/usr 10.10.10.0
/a 10.10.10.0
&prompt.user; cd /host/foobar/usrAs seen in the example, the showmount shows
/usr as an export. When changing directories to
/host/foobar/usr, amd
attempts to resolve the hostname foobar and
automatically mount the desired export.amd can be started by the
startup scripts by placing the following lines in
/etc/rc.conf:amd_enable="YES"Additionally, custom flags can be passed to
amd from the
amd_flags option. By default,
amd_flags is set to:amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map"The /etc/amd.map file defines the
default options that exports are mounted with. The
/etc/amd.conf file defines some of the more
advanced features of amd.Consult the &man.amd.8; and &man.amd.conf.5; manual pages for more
information.JohnLindContributed by Problems Integrating with Other SystemsCertain Ethernet adapters for ISA PC systems have limitations
which can lead to serious network problems, particularly with NFS.
This difficulty is not specific to FreeBSD, but FreeBSD systems
are affected by it.The problem nearly always occurs when (FreeBSD) PC systems are
networked with high-performance workstations, such as those made
by Silicon Graphics, Inc., and Sun Microsystems, Inc. The NFS
mount will work fine, and some operations may succeed, but
suddenly the server will seem to become unresponsive to the
client, even though requests to and from other systems continue to
be processed. This happens to the client system, whether the
client is the FreeBSD system or the workstation. On many systems,
there is no way to shut down the client gracefully once this
problem has manifested itself. The only solution is often to
reset the client, because the NFS situation cannot be
resolved.Though the correct solution is to get a higher
performance and capacity Ethernet adapter for the FreeBSD system,
there is a simple workaround that will allow satisfactory
operation. If the FreeBSD system is the
server, include the option
on the mount from the client. If the
FreeBSD system is the client, then mount the
NFS filesystem with the option . These
options may be specified using the fourth field of the
fstab entry on the client for automatic
mounts, or by using the parameter of the &man.mount.8;
command for manual mounts.It should be noted that there is a different problem,
sometimes mistaken for this one, when the NFS servers and clients
are on different networks. If that is the case, make
certain that your routers are routing the
necessary UDP information, or you will not get anywhere, no matter
what else you are doing.In the following examples, fastws is the host
(interface) name of a high-performance workstation, and
freebox is the host (interface) name of a FreeBSD
system with a lower-performance Ethernet adapter. Also,
/sharedfs will be the exported NFS
filesystem (see &man.exports.5;), and
/project will be the mount point on the
client for the exported filesystem. In all cases, note that
additional options, such as or
and may be desirable in
your application.Examples for the FreeBSD system (freebox) as
the client in /etc/fstab on freebox:fastws:/sharedfs /project nfs rw,-r=1024 0 0As a manual mount command on freebox:&prompt.root; mount -t nfs -o -r=1024 fastws:/sharedfs /projectExamples for the FreeBSD system as the server in
/etc/fstab on fastws:freebox:/sharedfs /project nfs rw,-w=1024 0 0As a manual mount command on fastws:&prompt.root; mount -t nfs -o -w=1024 freebox:/sharedfs /projectNearly any 16-bit Ethernet adapter will allow operation
without the above restrictions on the read or write size.For anyone who cares, here is what happens when the failure
occurs, which also explains why it is unrecoverable. NFS
typically works with a block size of 8 K (though it
may do fragments of smaller sizes). Since the maximum Ethernet
packet is around 1500 bytes, the NFS block gets
split into multiple Ethernet packets, even though it is still a
single unit to the upper-level code, and must be received,
assembled, and acknowledged as a unit. The
high-performance workstations can pump out the packets which
comprise the NFS unit one right after the other, just as close
together as the standard allows. On the smaller, lower capacity
cards, the later packets overrun the earlier packets of the same
unit before they can be transferred to the host and the unit as a
whole cannot be reconstructed or acknowledged. As a result, the
workstation will time out and try again, but it will try again
with the entire 8 K unit, and the process will be repeated, ad
infinitum.By keeping the unit size below the Ethernet packet size
limitation, we ensure that any complete Ethernet packet received
can be acknowledged individually, avoiding the deadlock
situation.Overruns may still occur when a high-performance workstations
is slamming data out to a PC system, but with the better cards,
such overruns are not guaranteed on NFS units. When
an overrun occurs, the units affected will be retransmitted, and
there will be a fair chance that they will be received, assembled,
and acknowledged.Jean-FrançoisDockèsUpdated by AlexDupreReorganized and enhanced by Diskless Operationdiskless workstationdiskless operationA FreeBSD machine can boot over the network and operate without a
local disk, using filesystems mounted from an NFS server. No system
modification is necessary, beyond standard configuration files.
Such a system is relatively easy to set up because all the necessary elements
are readily available:There are at least two possible methods to load the kernel over
the network:PXE: The &intel; Preboot Execution
Environment system is a form of smart boot ROM built into some
networking cards or motherboards. See &man.pxeboot.8; for more
details.The etherboot
port (net/etherboot) produces
ROM-able code to boot kernels over the network. The
code can be either burnt into a boot PROM on a network
card, or loaded from a local floppy (or hard) disk
drive, or from a running &ms-dos; system. Many network
cards are supported.A sample script
(/usr/share/examples/diskless/clone_root) eases
the creation and maintenance of the workstation's root filesystem
on the server. The script will probably require a little
customization but it will get you started very quickly.Standard system startup files exist in /etc
to detect and support a diskless system startup.Swapping, if needed, can be done either to an NFS file or to
a local disk.There are many ways to set up diskless workstations. Many
elements are involved, and most can be customized to suit local
taste. The following will describe variations on the setup of a complete system,
emphasizing simplicity and compatibility with the
standard FreeBSD startup scripts. The system described has the
following characteristics:The diskless workstations use a shared
read-only root filesystem, and a shared
read-only /usr.The root filesystem is a copy of a
standard FreeBSD root (typically the server's), with some
configuration files overridden by ones specific to diskless
operation or, possibly, to the workstation they belong to.The parts of the root which have to be
writable are overlaid with &man.mfs.8; (&os; 4.X) or &man.md.4; (&os; 5.X) filesystems. Any changes
will be lost when the system reboots.The kernel is transferred and loaded either with
etherboot or PXE
as some situations may mandate the use of either method.As described, this system is insecure. It should
live in a protected area of a network, and be untrusted by
other hosts.All the information in this section has been tested
using &os; releases 4.9-RELEASE and 5.2.1-RELEASE. The text is
primarily structured for 4.X usage. Notes have been inserted where
appropriate to indicate 5.X changes.Background InformationSetting up diskless workstations is both relatively
straightforward and prone to errors. These are sometimes
difficult to diagnose for a number of reasons. For example:Compile time options may determine different behaviours at
runtime.Error messages are often cryptic or totally absent.In this context, having some knowledge of the background
mechanisms involved is very useful to solve the problems that
may arise.Several operations need to be performed for a successful
bootstrap:The machine needs to obtain initial parameters such as its IP
address, executable filename, server name, root path. This is
done using the DHCP or BOOTP protocols.
DHCP is a compatible extension of BOOTP, and
uses the same port numbers and basic packet format.It is possible to configure a system to use only BOOTP.
The &man.bootpd.8; server program is included in the base &os;
system.However, DHCP has a number of advantages
over BOOTP (nicer configuration files, possibility of using
PXE, plus many others not directly related to
diskless operation), and we will describe mainly a
DHCP configuration, with equivalent exemples
using &man.bootpd.8; when possible. The sample configuration will
use the ISC DHCP software package
(release 3.0.1.r12 was installed on the test server).The machine needs to transfer one or several programs to local
memory. Either TFTP or NFS
are used. The choice between TFTP and
NFS is a compile time option in several places.
A common source of error is to specify filenames for the wrong
protocol: TFTP typically transfers all files from
a single directory on the server, and would expect filenames
relative to this directory. NFS needs absolute
file paths.The possible intermediate bootstrap programs and the kernel
need to be initialized and executed. There are several important
variations in this area:PXE will load &man.pxeboot.8;, which is
a modified version of the &os; third stage loader. The
&man.loader.8; will obtain most parameters necessary to system
startup, and leave them in the kernel environment before
transferring control. It is possible to use a
GENERIC kernel in this case.etherboot, will directly
load the kernel, with less preparation. You will need to
build a kernel with specific options.PXE and etherboot
work equally well with 4.X systems. Because 5.X kernels
normally let the &man.loader.8; do more work for them,
PXE is preferred for 5.X systems.If your BIOS and network cards support
PXE, you should probably use it. However,
it is still possible to start a 5.X system with
etherboot.Finally, the machine needs to access its filesystems.
NFS is used in all cases.See also &man.diskless.8; manual page.Setup InstructionsConfiguration Using ISC DHCPDHCPdiskless operationThe ISC DHCP server can answer
both BOOTP and DHCP requests.As of release 4.9, ISC DHCP
3.0 is not part of the base
system. You will first need to install the
net/isc-dhcp3-server port or the
corresponding package. Please refer to
for general information about ports and packages.Once ISC DHCP is installed, it
needs a configuration file to run, (normally named
/usr/local/etc/dhcpd.conf). Here follows
a commented example, where host margaux
uses etherboot and host
corbieres uses PXE:
default-lease-time 600;
max-lease-time 7200;
authoritative;
option domain-name "example.com";
option domain-name-servers 192.168.4.1;
option routers 192.168.4.1;
subnet 192.168.4.0 netmask 255.255.255.0 {
use-host-decl-names on;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.4.255;
host margaux {
hardware ethernet 01:23:45:67:89:ab;
fixed-address margaux.example.com;
next-server 192.168.4.4;
filename "/data/misc/kernel.diskless";
option root-path "192.168.4.4:/data/misc/diskless";
}
host corbieres {
hardware ethernet 00:02:b3:27:62:df;
fixed-address corbieres.example.com;
next-server 192.168.4.4;
filename "pxeboot";
option root-path "192.168.4.4:/data/misc/diskless";
}
}
This option tells
dhcpd to send the value in the
host declarations as the hostname for the
diskless host. An alternate way would be to add an
option host-name
margaux inside the
host declarations.The
next-server directive designates
the TFTP or NFS server to
use for loading loader or kernel file (the default is to use
the same host as the
DHCP server).The
filename directive defines the file that
etherboot or PXE
will load for the next execution step. It must be specified
according to the transfer method used.
etherboot can be compiled to use
NFS or TFTP. The &os;
port configures NFS by default.
PXE uses TFTP, which is
why a relative filename is used here (this may depend on the
TFTP server configuration, but would be
fairly typical). Also, PXE loads
pxeboot, not the kernel. There are other
interesting possibilities, like loading
pxeboot from a &os; CD-ROM
/boot directory (as
&man.pxeboot.8; can load a GENERIC kernel,
this makes it possible to use PXE to boot
from a remote CD-ROM).The
root-path option defines the path to
the root filesystem, in usual NFS notation.
When using PXE, it is possible to leave off
the host's IP as long as you do not enable the kernel option
BOOTP. The NFS server will then be
the same as the TFTP one.Configuration Using BOOTPBOOTPdiskless operationHere follows an equivalent bootpd
configuration (reduced to one client). This would be found in
/etc/bootptab.Please note that etherboot
must be compiled with the non-default option
NO_DHCP_SUPPORT in order to use BOOTP,
and that PXE needs DHCP. The only
obvious advantage of bootpd is
that it exists in the base system.
.def100:\
:hn:ht=1:sa=192.168.4.4:vm=rfc1048:\
:sm=255.255.255.0:\
:ds=192.168.4.1:\
:gw=192.168.4.1:\
:hd="/tftpboot":\
:bf="/kernel.diskless":\
:rp="192.168.4.4:/data/misc/diskless":
margaux:ha=0123456789ab:tc=.def100
Preparing a Boot Program with
EtherbootEtherbootEtherboot's Web
site contains
extensive documentation mainly intended for Linux
systems, but nonetheless containing useful information. The
following will just outline how you would use
etherboot on a FreeBSD
system.You must first install the net/etherboot package or port.
The etherboot port can normally
be found in /usr/ports/net/etherboot.
If the ports tree is installed on your system, just typing
make in this directory should take care
of everything. Else refer to for
information about ports and packages.You can change the etherboot
configuration (i.e. to use TFTP instead of
NFS) by editing the Config
file in the etherboot source
directory.For our setup, we shall use a boot floppy. For other methods
(PROM, or &ms-dos; program), please refer to the
etherboot documentation.To make a boot floppy, insert a floppy in the drive on the
machine where you installed etherboot,
then change your current directory to the src
directory in the etherboot tree and
type:
&prompt.root; gmake bin32/devicetype.fd0devicetype depends on the type of
the Ethernet card in the diskless workstation. Refer to the
NIC file in the same directory to determine the
right devicetype.Booting with PXEBy default, the &man.pxeboot.8; loader loads the kernel via
NFS. It can be compiled to use
TFTP instead by specifying the
LOADER_TFTP_SUPPORT option in
/etc/make.conf. See the comments in
/etc/defaults/make.conf (or
/usr/share/examples/etc/make.conf for 5.X
systems) for instructions.There are two other undocumented make.conf
options which may be useful for setting up a serial console diskless
machine: BOOT_PXELDR_PROBE_KEYBOARD, and
BOOT_PXELDR_ALWAYS_SERIAL (the latter only exists
on &os; 5.X).To use PXE when the machine starts, you will
usually need to select the Boot from network
option in your BIOS setup, or type a function key
during the PC initialization.Configuring the TFTP and NFS ServersTFTPdiskless operationNFSdiskless operationIf you are using PXE or
etherboot configured to use
TFTP, you need to enable
tftpd on the file server:Create a directory from which tftpd
will serve the files, e.g. /tftpboot.Add this line to your
/etc/inetd.conf:tftp dgram udp wait root /usr/libexec/tftpd tftpd -l -s /tftpbootIt appears that at least some PXE versions want
the TCP version of TFTP. In this case, add a second line,
replacing dgram udp with stream
tcp.Tell inetd to reread its configuration
file:&prompt.root; kill -HUP `cat /var/run/inetd.pid`You can place the tftpboot
directory anywhere on the server. Make sure that the
location is set in both inetd.conf and
dhcpd.conf.In all cases, you also need to enable NFS and export the
appropriate filesystem on the NFS server.Add this to /etc/rc.conf:nfs_server_enable="YES"Export the filesystem where the diskless root directory
is located by adding the following to
/etc/exports (adjust the volume mount
point and replace margaux corbieres
with the names of the diskless workstations):/data/misc -alldirs -ro margaux corbieresTell mountd to reread its configuration
file. If you actually needed to enable NFS in
/etc/rc.conf
at the first step, you probably want to reboot instead.&prompt.root; kill -HUP `cat /var/run/mountd.pid`Building a Diskless Kerneldiskless operationkernel configurationIf using etherboot, you need to
create a kernel configuration file for the diskless client
with the following options (in addition to the usual ones):
options BOOTP # Use BOOTP to obtain IP address/hostname
options BOOTP_NFSROOT # NFS mount root filesystem using BOOTP info
You may also want to use BOOTP_NFSV3,
BOOT_COMPAT and BOOTP_WIRED_TO
(refer to LINT in 4.X or
NOTES on 5.X).These option names are historical and slightly misleading as
they actually enable indifferent use of DHCP and
BOOTP inside the kernel (it is also possible to force strict BOOTP
or DHCP use).Build the kernel (see ),
and copy it to the place specified
in dhcpd.conf.When using PXE, building a kernel with the
above options is not strictly necessary (though suggested).
Enabling them will cause more DHCP requests to be
issued during kernel startup, with a small risk of inconsistency
between the new values and those retrieved by &man.pxeboot.8; in some
special cases. The advantage of using them is that the host name
will be set as a side effect. Otherwise you will need to set the
host name by another method, for example in a client-specific
rc.conf file.In order to be loadable with
etherboot, a 5.X kernel needs to have
the device hints compiled in. You would typically set the
following option in the configuration file (see the
NOTES configuration comments file):hints "GENERIC.hints"Preparing the Root Filesystemroot file systemdiskless operationYou need to create a root filesystem for the diskless
workstations, in the location listed as
root-path in
dhcpd.conf. The following sections describe
two ways to do it.Using the clone_root ScriptThis is the quickest way to create a root filesystem, but
currently it is only supported on &os; 4.X. This shell script
is located at
/usr/share/examples/diskless/clone_root
and needs customization, at least to adjust
the place where the filesystem will be created (the
DEST variable).Refer to the comments at the top of the script for
instructions. They explain how the base filesystem is built,
and how files may be selectively overridden by versions specific
to diskless operation, to a subnetwork, or to an individual
workstation. They also give examples for the diskless
/etc/fstab and
/etc/rc.conf files.The README files in
/usr/share/examples/diskless contain a lot
of interesting background information, but, together with the
other examples in the diskless directory,
they actually document a configuration method which is distinct
from the one used by clone_root and
the system startup scripts in
/etc, which is a little
confusing. Use them for reference only, except if you prefer
the method that they describe, in which case you will need
customized rc scripts.Using the Standard make world
ProcedureThis method can be applied to either &os; 4.X or 5.X and
will install a complete virgin system (not only the root filesystem)
into DESTDIR.
All you have to do is simply execute the following script:#!/bin/sh
export DESTDIR=/data/misc/diskless
mkdir -p ${DESTDIR}
cd /usr/src; make world && make kernel
cd /usr/src/etc; make distributionOnce done, you may need to customize your
/etc/rc.conf and
/etc/fstab placed into
DESTDIR according to your needs.Configuring SwapIf needed, a swap file located on the server can be
accessed via NFS. One of the methods commonly
used to do this has been discontinued in release 5.X.NFS Swap with &os; 4.XThe swap file location and size can be specified with
BOOTP/DHCP &os;-specific options 128 and 129.
Examples of configuration files for
ISC DHCP 3.0 or
bootpd follow:Add the following lines to
dhcpd.conf:
# Global section
option swap-path code 128 = string;
option swap-size code 129 = integer 32;
host margaux {
... # Standard lines, see above
option swap-path "192.168.4.4:/netswapvolume/netswap";
option swap-size 64000;
}
swap-path is the path to a directory
where swap files will be located. Each file will be named
swap.client-ip.Older versions of dhcpd used a syntax of
option option-128 "..., which is no
longer supported./etc/bootptab would use the
following syntax instead:T128="192.168.4.4:/netswapvolume/netswap":T129=0000fa00In /etc/bootptab, the swap
size must be expressed in hexadecimal format.On the NFS swap file server, create the swap
file(s)
&prompt.root; mkdir /netswapvolume/netswap
&prompt.root; cd /netswapvolume/netswap
&prompt.root; dd if=/dev/zero bs=1024 count=64000 of=swap.192.168.4.6
&prompt.root; chmod 0600 swap.192.168.4.6192.168.4.6 is the IP address
for the diskless client.On the NFS swap file server, add the following line to
/etc/exports:/netswapvolume -maproot=0:10 -alldirs margaux corbieresThen tell mountd to reread the
exports file, as above.NFS Swap with &os 5.XThe kernel does not support enabling NFS
swap at boot time. Swap must be enabled by the startup scripts,
by mounting a writeable file system and creating and enabling a
swap file. To create a swap file of appropriate size, you can do
like this:&prompt.root; dd if=/dev/zero of=/path/to/swapfile bs=1k count=1 oseek=100000To enable it you have to add the following line to your
rc.conf:swapfile=/path/to/swapfileMiscellaneous IssuesRunning with a Read-only /usrdiskless operation/usr read-onlyIf the diskless workstation is configured to run X, you
will have to adjust the xdm configuration file, which puts
the error log on /usr by default.Using a Non-FreeBSD ServerWhen the server for the root filesystem is not running FreeBSD,
you will have to create the root filesystem on a
FreeBSD machine, then copy it to its destination, using
tar or cpio.In this situation, there are sometimes
problems with the special files in /dev,
due to differing major/minor integer sizes. A solution to this
problem is to export a directory from the non-FreeBSD server,
mount this directory onto a FreeBSD machine, and run
MAKEDEV on the FreeBSD machine
to create the correct device entries (FreeBSD 5.0 and later
use &man.devfs.5; to allocate device nodes transparently for
the user, running MAKEDEV on these
versions is pointless).ISDNISDNA good resource for information on ISDN technology and hardware is
Dan Kegel's ISDN
Page.A quick simple road map to ISDN follows:If you live in Europe you might want to investigate the ISDN card
section.If you are planning to use ISDN primarily to connect to the
Internet with an Internet Provider on a dial-up non-dedicated basis,
you might look into Terminal Adapters. This will give you the
most flexibility, with the fewest problems, if you change
providers.If you are connecting two LANs together, or connecting to the
Internet with a dedicated ISDN connection, you might consider
the stand alone router/bridge option.Cost is a significant factor in determining what solution you will
choose. The following options are listed from least expensive to most
expensive.HellmuthMichaelisContributed by ISDN CardsISDNcardsFreeBSD's ISDN implementation supports only the DSS1/Q.931
(or Euro-ISDN) standard using passive cards. Starting with
FreeBSD 4.4, some active cards are supported where the firmware
also supports other signaling protocols; this also includes the
first supported Primary Rate (PRI) ISDN card.The isdn4bsd software allows you to connect
to other ISDN routers using either IP over raw HDLC or by using
synchronous PPP: either by using kernel PPP with isppp, a
modified &man.sppp.4; driver, or by using userland &man.ppp.8;. By using
userland &man.ppp.8;, channel bonding of two or more ISDN
B-channels is possible. A telephone answering machine
application is also available as well as many utilities such as
a software 300 Baud modem.Some growing number of PC ISDN cards are supported under
FreeBSD and the reports show that it is successfully used all
over Europe and in many other parts of the world.The passive ISDN cards supported are mostly the ones with
the Infineon (formerly Siemens) ISAC/HSCX/IPAC ISDN chipsets,
but also ISDN cards with chips from Cologne Chip (ISA bus only),
PCI cards with Winbond W6692 chips, some cards with the
Tiger300/320/ISAC chipset combinations and some vendor specific
chipset based cards such as the AVM Fritz!Card PCI V.1.0 and the
AVM Fritz!Card PnP.Currently the active supported ISDN cards are the AVM B1
(ISA and PCI) BRI cards and the AVM T1 PCI PRI cards.For documentation on isdn4bsd,
have a look at /usr/share/examples/isdn/
directory on your FreeBSD system or at the homepage of
isdn4bsd which also has pointers to hints, erratas and
much more documentation such as the isdn4bsd
handbook.In case you are interested in adding support for a
different ISDN protocol, a currently unsupported ISDN PC card or
otherwise enhancing isdn4bsd, please
get in touch with &a.hm;.For questions regarding the installation, configuration
and troubleshooting isdn4bsd, a
&a.isdn.name; mailing list is available.ISDN Terminal AdaptersTerminal adapters (TA), are to ISDN what modems are to regular
phone lines.modemMost TA's use the standard Hayes modem AT command set, and can be
used as a drop in replacement for a modem.A TA will operate basically the same as a modem except connection
and throughput speeds will be much faster than your old modem. You
will need to configure PPP exactly the same
as for a modem setup. Make sure you set your serial speed as high as
possible.PPPThe main advantage of using a TA to connect to an Internet
Provider is that you can do Dynamic PPP. As IP address space becomes
more and more scarce, most providers are not willing to provide you
with a static IP anymore. Most stand-alone routers are not able to
accommodate dynamic IP allocation.TA's completely rely on the PPP daemon that you are running for
their features and stability of connection. This allows you to
upgrade easily from using a modem to ISDN on a FreeBSD machine, if you
already have PPP set up. However, at the same time any problems you
experienced with the PPP program and are going to persist.If you want maximum stability, use the kernel PPP option, not the userland PPP.The following TA's are known to work with FreeBSD:Motorola BitSurfer and Bitsurfer ProAdtranMost other TA's will probably work as well, TA vendors try to make
sure their product can accept most of the standard modem AT command
set.The real problem with external TA's is that, like modems,
you need a good serial card in your computer.You should read the FreeBSD Serial
Hardware tutorial for a detailed understanding of
serial devices, and the differences between asynchronous and
synchronous serial ports.A TA running off a standard PC serial port (asynchronous) limits
you to 115.2 Kbs, even though you have a 128 Kbs connection.
To fully utilize the 128 Kbs that ISDN is capable of,
you must move the TA to a synchronous serial card.Do not be fooled into buying an internal TA and thinking you have
avoided the synchronous/asynchronous issue. Internal TA's simply have
a standard PC serial port chip built into them. All this will do is
save you having to buy another serial cable and find another empty
electrical socket.A synchronous card with a TA is at least as fast as a stand-alone
router, and with a simple 386 FreeBSD box driving it, probably more
flexible.The choice of synchronous card/TA v.s. stand-alone router is largely a
religious issue. There has been some discussion of this in
the mailing lists. We suggest you search the archives for
+ url="&url.base;/search/index.html">archives for
the complete discussion.Stand-alone ISDN Bridges/RoutersISDNstand-alone bridges/routersISDN bridges or routers are not at all specific to FreeBSD
or any other operating system. For a more complete
description of routing and bridging technology, please refer
to a networking reference book.In the context of this section, the terms router and bridge will
be used interchangeably.As the cost of low end ISDN routers/bridges comes down, it
will likely become a more and more popular choice. An ISDN
router is a small box that plugs directly into your local
Ethernet network, and manages its own connection to the other
bridge/router. It has built in software to communicate via
PPP and other popular protocols.A router will allow you much faster throughput than a
standard TA, since it will be using a full synchronous ISDN
connection.The main problem with ISDN routers and bridges is that
interoperability between manufacturers can still be a problem.
If you are planning to connect to an Internet provider, you
should discuss your needs with them.If you are planning to connect two LAN segments together,
such as your home LAN to the office LAN, this is the simplest
lowest
maintenance solution. Since you are buying the equipment for
both sides of the connection you can be assured that the link
will work.For example to connect a home computer or branch office
network to a head office network the following setup could be
used:Branch Office or Home Network10 base 2Network uses a bus based topology with 10 base 2
Ethernet (thinnet). Connect router to network cable with
AUI/10BT transceiver, if necessary.---Sun workstation
|
---FreeBSD box
|
---Windows 95
|
Stand-alone router
|
ISDN BRI line10 Base 2 EthernetIf your home/branch office is only one computer you can use a
twisted pair crossover cable to connect to the stand-alone router
directly.Head Office or Other LAN10 base TNetwork uses a star topology with 10 base T Ethernet
(Twisted Pair). -------Novell Server
| H |
| ---Sun
| |
| U ---FreeBSD
| |
| ---Windows 95
| B |
|___---Stand-alone router
|
ISDN BRI lineISDN Network DiagramOne large advantage of most routers/bridges is that they allow you
to have 2 separate independent PPP connections to
2 separate sites at the same time. This is not
supported on most TA's, except for specific (usually expensive) models
that
have two serial ports. Do not confuse this with channel bonding, MPP,
etc.This can be a very useful feature if, for example, you
have an dedicated ISDN connection at your office and would
like to tap into it, but do not want to get another ISDN line
at work. A router at the office location can manage a
dedicated B channel connection (64 Kbps) to the Internet
and use the other B channel for a separate data connection.
The second B channel can be used for dial-in, dial-out or
dynamically bonding (MPP, etc.) with the first B channel for
more bandwidth.IPX/SPXAn Ethernet bridge will also allow you to transmit more than just
IP traffic. You can also send IPX/SPX or whatever other protocols you
use.BillSwingleWritten by EricOgrenEnhanced by UdoErdelhoffNIS/YPWhat Is It?NISSolarisHP-UXAIXLinuxNetBSDOpenBSDNIS, which stands for Network Information Services, was
developed by Sun Microsystems to centralize administration of &unix;
(originally &sunos;) systems. It has now essentially become an
industry standard; all major &unix; like systems (&solaris;, HP-UX, &aix;, Linux,
NetBSD, OpenBSD, FreeBSD, etc) support NIS.yellow pagesNISNIS was formerly known as Yellow Pages, but because of
trademark issues, Sun changed the name. The old term (and yp) is
still often seen and used.NISdomainsIt is a RPC-based client/server system that allows a group
of machines within an NIS domain to share a common set of
configuration files. This permits a system administrator to set
up NIS client systems with only minimal configuration data and
add, remove or modify configuration data from a single
location.Windows NTIt is similar to the &windowsnt; domain system; although the
internal implementation of the two are not at all similar,
the basic functionality can be compared.Terms/Processes You Should KnowThere are several terms and several important user processes
that you will come across when
attempting to implement NIS on FreeBSD, whether you are trying to
create an NIS server or act as an NIS client:portmapTermDescriptionNIS domainnameAn NIS master server and all of its clients
(including its slave servers) have a NIS
domainname. Similar to an &windowsnt; domain name, the NIS
domainname does not have anything to do with DNS.portmapMust be running in order to enable RPC (Remote
Procedure Call, a network protocol used by NIS). If
portmap is not running, it will be
impossible to run an NIS server, or to act as an NIS
client.ypbindBinds an NIS client to its NIS
server. It will take the NIS domainname from the
system, and using RPC, connect to the
server. ypbind is the core of
client-server communication in an NIS environment; if
ypbind dies on a client machine, it
will not be able to access the NIS server.ypservShould only be running on NIS servers; this is the NIS
server process itself. If &man.ypserv.8; dies, then the
server will no longer be able to respond to NIS requests
(hopefully, there is a slave server to take over for
it). There are some implementations of NIS (but not the
FreeBSD one), that do not try to reconnect to another
server if the server it used before dies. Often, the
only thing that helps in this case is to restart the
server process (or even the whole server) or the
ypbind process on the client.
rpc.yppasswddAnother process that should only be running on
NIS master servers; this is a daemon that will allow NIS
clients to change their NIS passwords. If this daemon
is not running, users will have to login to the NIS
master server and change their passwords there.How Does It Work?There are three types of hosts in an NIS environment: master
servers, slave servers, and clients. Servers act as a central
repository for host configuration information. Master servers
hold the authoritative copy of this information, while slave
servers mirror this information for redundancy. Clients rely on
the servers to provide this information to them.Information in many files can be shared in this manner. The
master.passwd, group,
and hosts files are commonly shared via NIS.
Whenever a process on a client needs information that would
normally be found in these files locally, it makes a query to the
NIS server that it is bound to instead.Machine TypesNISmaster serverA NIS master server.
This server, analogous to a &windowsnt;
primary domain controller, maintains the files used by all
of the NIS clients. The passwd,
group, and other various files used by the
NIS clients live on the master server.It is possible for one machine to be an NIS
master server for more than one NIS domain. However, this will
not be covered in this introduction, which assumes a relatively
small-scale NIS environment.NISslave serverNIS slave servers.
Similar to the &windowsnt; backup domain
controllers, NIS slave servers maintain copies of the NIS
master's data files. NIS slave servers provide the redundancy,
which is needed in important environments. They also help
to balance the load of the master server: NIS Clients always
attach to the NIS server whose response they get first, and
this includes slave-server-replies.NISclientNIS clients. NIS clients, like most
&windowsnt; workstations, authenticate against the NIS server (or the &windowsnt;
domain controller in the &windowsnt; workstations case) to log on.Using NIS/YPThis section will deal with setting up a sample NIS
environment.This section assumes that you are running FreeBSD 3.3
or later. The instructions given here will
probably work for any version of FreeBSD greater
than 3.0, but there are no guarantees that this is
true.PlanningLet us assume that you are the administrator of a small
university lab. This lab, which consists of 15 FreeBSD machines,
currently has no centralized point of administration; each machine
has its own /etc/passwd and
/etc/master.passwd. These files are kept in
sync with each other only through manual intervention;
currently, when you add a user to the lab, you must run
adduser on all 15 machines.
Clearly, this has to change, so you have decided to convert the
lab to use NIS, using two of the machines as servers.Therefore, the configuration of the lab now looks something
like:Machine nameIP addressMachine roleellington10.0.0.2NIS mastercoltrane10.0.0.3NIS slavebasie10.0.0.4Faculty workstationbird10.0.0.5Client machinecli[1-11]10.0.0.[6-17]Other client machinesIf you are setting up a NIS scheme for the first time, it
is a good idea to think through how you want to go about it. No
matter what the size of your network, there are a few decisions
that need to be made.Choosing a NIS Domain NameNISdomainnameThis might not be the domainname that you
are used to. It is more accurately called the
NIS domainname. When a client broadcasts its
requests for info, it includes the name of the NIS domain
that it is part of. This is how multiple servers on one
network can tell which server should answer which request.
Think of the NIS domainname as the name for a group of hosts
that are related in some way.Some organizations choose to use their Internet
domainname for their NIS domainname. This is not
recommended as it can cause confusion when trying to debug
network problems. The NIS domainname should be unique
within your network and it is helpful if it describes the
group of machines it represents. For example, the Art
department at Acme Inc. might be in the
acme-art NIS domain. For this example,
assume you have chosen the name
test-domain.SunOSHowever, some operating systems (notably &sunos;) use their
NIS domain name as their Internet domain name.
If one or more machines on your network have this restriction,
you must use the Internet domain name as
your NIS domain name.Physical Server RequirementsThere are several things to keep in mind when choosing a
machine to use as a NIS server. One of the unfortunate things
about NIS is the level of dependency the clients have on the
server. If a client cannot contact the server for its NIS
domain, very often the machine becomes unusable. The lack of
user and group information causes most systems to temporarily
freeze up. With this in mind you should make sure to choose a
machine that will not be prone to being rebooted regularly, or
one that might be used for development. The NIS server should
ideally be a stand alone machine whose sole purpose in life is
to be an NIS server. If you have a network that is not very
heavily used, it is acceptable to put the NIS server on a
machine running other services, just keep in mind that if the
NIS server becomes unavailable, it will affect
all of your NIS clients adversely.NIS Servers The canonical copies of all NIS information are stored on
a single machine called the NIS master server. The databases
used to store the information are called NIS maps. In FreeBSD,
these maps are stored in
/var/yp/[domainname] where
[domainname] is the name of the NIS domain
being served. A single NIS server can support several domains
at once, therefore it is possible to have several such
directories, one for each supported domain. Each domain will
have its own independent set of maps.NIS master and slave servers handle all NIS requests with
the ypserv daemon. ypserv
is responsible for receiving incoming requests from NIS clients,
translating the requested domain and map name to a path to the
corresponding database file and transmitting data from the
database back to the client.Setting Up a NIS Master ServerNISserver configurationSetting up a master NIS server can be relatively straight
forward, depending on your needs. FreeBSD comes with support
for NIS out-of-the-box. All you need is to add the following
lines to /etc/rc.conf, and FreeBSD will
do the rest for you.nisdomainname="test-domain"
This line will set the NIS domainname to
test-domain
upon network setup (e.g. after reboot).nis_server_enable="YES"
This will tell FreeBSD to start up the NIS server processes
when the networking is next brought up.nis_yppasswdd_enable="YES"
This will enable the rpc.yppasswdd
daemon which, as mentioned above, will allow users to
change their NIS password from a client machine.Depending on your NIS setup, you may need to add
further entries. See the section about NIS servers
that are also NIS clients, below, for
details.Now, all you have to do is to run the command
/etc/netstart as superuser. It will
set up everything for you, using the values you defined in
/etc/rc.conf.Initializing the NIS MapsNISmapsThe NIS maps are database files,
that are kept in the /var/yp directory.
They are generated from configuration files in the
/etc directory of the NIS master, with one
exception: the /etc/master.passwd file.
This is for a good reason, you do not want to propagate
passwords to your root and other
administrative accounts to all the servers in the NIS domain.
Therefore, before we initialize the NIS maps, you should:&prompt.root; cp /etc/master.passwd /var/yp/master.passwd
&prompt.root; cd /var/yp
&prompt.root; vi master.passwdYou should remove all entries regarding system accounts
(bin, tty,
kmem, games, etc), as
well as any accounts that you do not want to be propagated to the
NIS clients (for example root and any other
UID 0 (superuser) accounts).Make sure the
/var/yp/master.passwd is neither group
nor world readable (mode 600)! Use the
chmod command, if appropriate.Tru64 UNIXWhen you have finished, it is time to initialize the NIS
maps! FreeBSD includes a script named
ypinit to do this for you
(see its manual page for more information). Note that this
script is available on most &unix; Operating Systems, but not on all.
On Digital UNIX/Compaq Tru64 UNIX it is called
ypsetup.
Because we are generating maps for an NIS master, we are
going to pass the option to
ypinit.
To generate the NIS maps, assuming you already performed
the steps above, run:ellington&prompt.root; ypinit -m test-domain
Server Type: MASTER Domain: test-domain
Creating an YP server will require that you answer a few questions.
Questions will all be asked at the beginning of the procedure.
Do you want this procedure to quit on non-fatal errors? [y/n: n] n
Ok, please remember to go back and redo manually whatever fails.
If you don't, something might not work.
At this point, we have to construct a list of this domains YP servers.
rod.darktech.org is already known as master server.
Please continue to add any slave servers, one per line. When you are
done with the list, type a <control D>.
master server : ellington
next host to add: coltrane
next host to add: ^D
The current list of NIS servers looks like this:
ellington
coltrane
Is this correct? [y/n: y] y
[..output from map generation..]
NIS Map update completed.
ellington has been setup as an YP master server without any errors.ypinit should have created
/var/yp/Makefile from
/var/yp/Makefile.dist.
When created, this file assumes that you are operating
in a single server NIS environment with only FreeBSD
machines. Since test-domain has
a slave server as well, you must edit
/var/yp/Makefile:ellington&prompt.root; vi /var/yp/MakefileYou should comment out the line that saysNOPUSH = "True"(if it is not commented out already).Setting up a NIS Slave ServerNISslave serverSetting up an NIS slave server is even more simple than
setting up the master. Log on to the slave server and edit the
file /etc/rc.conf as you did before.
The only difference is that we now must use the
option when running ypinit.
The option requires the name of the NIS
master be passed to it as well, so our command line looks
like:coltrane&prompt.root; ypinit -s ellington test-domain
Server Type: SLAVE Domain: test-domain Master: ellington
Creating an YP server will require that you answer a few questions.
Questions will all be asked at the beginning of the procedure.
Do you want this procedure to quit on non-fatal errors? [y/n: n] n
Ok, please remember to go back and redo manually whatever fails.
If you don't, something might not work.
There will be no further questions. The remainder of the procedure
should take a few minutes, to copy the databases from ellington.
Transferring netgroup...
ypxfr: Exiting: Map successfully transferred
Transferring netgroup.byuser...
ypxfr: Exiting: Map successfully transferred
Transferring netgroup.byhost...
ypxfr: Exiting: Map successfully transferred
Transferring master.passwd.byuid...
ypxfr: Exiting: Map successfully transferred
Transferring passwd.byuid...
ypxfr: Exiting: Map successfully transferred
Transferring passwd.byname...
ypxfr: Exiting: Map successfully transferred
Transferring group.bygid...
ypxfr: Exiting: Map successfully transferred
Transferring group.byname...
ypxfr: Exiting: Map successfully transferred
Transferring services.byname...
ypxfr: Exiting: Map successfully transferred
Transferring rpc.bynumber...
ypxfr: Exiting: Map successfully transferred
Transferring rpc.byname...
ypxfr: Exiting: Map successfully transferred
Transferring protocols.byname...
ypxfr: Exiting: Map successfully transferred
Transferring master.passwd.byname...
ypxfr: Exiting: Map successfully transferred
Transferring networks.byname...
ypxfr: Exiting: Map successfully transferred
Transferring networks.byaddr...
ypxfr: Exiting: Map successfully transferred
Transferring netid.byname...
ypxfr: Exiting: Map successfully transferred
Transferring hosts.byaddr...
ypxfr: Exiting: Map successfully transferred
Transferring protocols.bynumber...
ypxfr: Exiting: Map successfully transferred
Transferring ypservers...
ypxfr: Exiting: Map successfully transferred
Transferring hosts.byname...
ypxfr: Exiting: Map successfully transferred
coltrane has been setup as an YP slave server without any errors.
Don't forget to update map ypservers on ellington.You should now have a directory called
/var/yp/test-domain. Copies of the NIS
master server's maps should be in this directory. You will
need to make sure that these stay updated. The following
/etc/crontab entries on your slave
servers should do the job:20 * * * * root /usr/libexec/ypxfr passwd.byname
21 * * * * root /usr/libexec/ypxfr passwd.byuidThese two lines force the slave to sync its maps with
the maps on the master server. Although these entries are
not mandatory, since the master server attempts to ensure
any changes to its NIS maps are communicated to its slaves
and because password information is vital to systems
depending on the server, it is a good idea to force the
updates. This is more important on busy networks where map
updates might not always complete.Now, run the command /etc/netstart on the
slave server as well, which again starts the NIS server.NIS Clients An NIS client establishes what is called a binding to a
particular NIS server using the
ypbind daemon.
ypbind checks the system's default
domain (as set by the domainname command),
and begins broadcasting RPC requests on the local network.
These requests specify the name of the domain for which
ypbind is attempting to establish a binding.
If a server that has been configured to serve the requested
domain receives one of the broadcasts, it will respond to
ypbind, which will record the server's
address. If there are several servers available (a master and
several slaves, for example), ypbind will
use the address of the first one to respond. From that point
on, the client system will direct all of its NIS requests to
that server. ypbind will
occasionally ping the server to make sure it is
still up and running. If it fails to receive a reply to one of
its pings within a reasonable amount of time,
ypbind will mark the domain as unbound and
begin broadcasting again in the hopes of locating another
server.Setting Up a NIS ClientNISclient configurationSetting up a FreeBSD machine to be a NIS client is fairly
straightforward.Edit the file /etc/rc.conf and
add the following lines in order to set the NIS domainname
and start ypbind upon network
startup:nisdomainname="test-domain"
nis_client_enable="YES"To import all possible password entries from the NIS
server, remove all user accounts from your
/etc/master.passwd file and use
vipw to add the following line to
the end of the file:+:::::::::This line will afford anyone with a valid account in
the NIS server's password maps an account. There are
many ways to configure your NIS client by changing this
line. See the netgroups
section below for more information.
For more detailed reading see O'Reilly's book on
Managing NFS and NIS.You should keep at least one local account (i.e.
not imported via NIS) in your
/etc/master.passwd and this
account should also be a member of the group
wheel. If there is something
wrong with NIS, this account can be used to log in
remotely, become root, and fix things.To import all possible group entries from the NIS
server, add this line to your
/etc/group file:+:*::After completing these steps, you should be able to run
ypcat passwd and see the NIS server's
passwd map.NIS SecurityIn general, any remote user can issue an RPC to
&man.ypserv.8; and retrieve the contents of your NIS maps,
provided the remote user knows your domainname. To prevent
such unauthorized transactions, &man.ypserv.8; supports a
feature called securenets which can be used to restrict access
to a given set of hosts. At startup, &man.ypserv.8; will
attempt to load the securenets information from a file called
/var/yp/securenets.This path varies depending on the path specified with the
option. This file contains entries that
consist of a network specification and a network mask separated
by white space. Lines starting with # are
considered to be comments. A sample securenets file might look
like this:# allow connections from local host -- mandatory
127.0.0.1 255.255.255.255
# allow connections from any host
# on the 192.168.128.0 network
192.168.128.0 255.255.255.0
# allow connections from any host
# between 10.0.0.0 to 10.0.15.255
# this includes the machines in the testlab
10.0.0.0 255.255.240.0If &man.ypserv.8; receives a request from an address that
matches one of these rules, it will process the request
normally. If the address fails to match a rule, the request
will be ignored and a warning message will be logged. If the
/var/yp/securenets file does not exist,
ypserv will allow connections from any
host.The ypserv program also has support for Wietse
Venema's
tcpwrapper package. This allows the
administrator to use the tcpwrapper configuration
files for access control instead of
/var/yp/securenets.While both of these access control mechanisms provide some
security, they, like the privileged port test, are
vulnerable to IP spoofing attacks. All
NIS-related traffic should be blocked at your firewall.Servers using /var/yp/securenets
may fail to serve legitimate NIS clients with archaic TCP/IP
implementations. Some of these implementations set all
host bits to zero when doing broadcasts and/or fail to
observe the subnet mask when calculating the broadcast
address. While some of these problems can be fixed by
changing the client configuration, other problems may force
the retirement of the client systems in question or the
abandonment of /var/yp/securenets.Using /var/yp/securenets on a
server with such an archaic implementation of TCP/IP is a
really bad idea and will lead to loss of NIS functionality
for large parts of your network.tcpwrapperThe use of the tcpwrapper
package increases the latency of your NIS server. The
additional delay may be long enough to cause timeouts in
client programs, especially in busy networks or with slow
NIS servers. If one or more of your client systems
suffers from these symptoms, you should convert the client
systems in question into NIS slave servers and force them
to bind to themselves.Barring Some Users from Logging OnIn our lab, there is a machine basie that is
supposed to be a faculty only workstation. We do not want to take this
machine out of the NIS domain, yet the passwd
file on the master NIS server contains accounts for both faculty and
students. What can we do?There is a way to bar specific users from logging on to a
machine, even if they are present in the NIS database. To do this,
all you must do is add
-username to the end of
the /etc/master.passwd file on the client
machine, where username is the username of
the user you wish to bar from logging in. This should preferably be
done using vipw, since vipw
will sanity check your changes to
/etc/master.passwd, as well as
automatically rebuild the password database when you
finish editing. For example, if we wanted to bar user
bill from logging on to basie
we would:basie&prompt.root; vipw[add -bill to the end, exit]
vipw: rebuilding the database...
vipw: done
basie&prompt.root; cat /etc/master.passwd
root:[password]:0:0::0:0:The super-user:/root:/bin/csh
toor:[password]:0:0::0:0:The other super-user:/root:/bin/sh
daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin
operator:*:2:5::0:0:System &:/:/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/usr/games:/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/libexec/uucp/uucico
xten:*:67:67::0:0:X-10 daemon:/usr/local/xten:/sbin/nologin
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin
+:::::::::
-bill
basie&prompt.root;UdoErdelhoffContributed by Using NetgroupsnetgroupsThe method shown in the previous section works reasonably
well if you need special rules for a very small number of
users and/or machines. On larger networks, you
will forget to bar some users from logging
onto sensitive machines, or you may even have to modify each
machine separately, thus losing the main benefit of NIS:
centralized administration.The NIS developers' solution for this problem is called
netgroups. Their purpose and semantics
can be compared to the normal groups used by &unix; file
systems. The main differences are the lack of a numeric ID
and the ability to define a netgroup by including both user
accounts and other netgroups.Netgroups were developed to handle large, complex networks
with hundreds of users and machines. On one hand, this is
a Good Thing if you are forced to deal with such a situation.
On the other hand, this complexity makes it almost impossible to
explain netgroups with really simple examples. The example
used in the remainder of this section demonstrates this
problem.Let us assume that your successful introduction of NIS in
your laboratory caught your superiors' interest. Your next
job is to extend your NIS domain to cover some of the other
machines on campus. The two tables contain the names of the
new users and new machines as well as brief descriptions of
them.User Name(s)Descriptionalpha, betaNormal employees of the IT departmentcharlie, deltaThe new apprentices of the IT departmentecho, foxtrott, golf, ...Ordinary employeesable, baker, ...The current internsMachine Name(s)Descriptionwar, death, famine, pollutionYour most important servers. Only the IT
employees are allowed to log onto these
machines.pride, greed, envy, wrath, lust, slothLess important servers. All members of the IT
department are allowed to login onto these machines.one, two, three, four, ...Ordinary workstations. Only the
real employees are allowed to use
these machines.trashcanA very old machine without any critical data.
Even the intern is allowed to use this box.If you tried to implement these restrictions by separately
blocking each user, you would have to add one
-user line to each system's
passwd
for each user who is not allowed to login onto that system.
If you forget just one entry, you could be in trouble. It may
be feasible to do this correctly during the initial setup,
however you will eventually forget to add
the lines for new users during day-to-day operations. After
all, Murphy was an optimist.Handling this situation with netgroups offers several
advantages. Each user need not be handled separately;
you assign a user to one or more netgroups and allow or forbid
logins for all members of the netgroup. If you add a new
machine, you will only have to define login restrictions for
netgroups. If a new user is added, you will only have to add
the user to one or more netgroups. Those changes are
independent of each other: no more for each combination
of user and machine do... If your NIS setup is planned
carefully, you will only have to modify exactly one central
configuration file to grant or deny access to machines.The first step is the initialization of the NIS map
netgroup. FreeBSD's &man.ypinit.8; does not create this map by
default, but its NIS implementation will support it once it has
been created. To create an empty map, simply typeellington&prompt.root; vi /var/yp/netgroupand start adding content. For our example, we need at
least four netgroups: IT employees, IT apprentices, normal
employees and interns.IT_EMP (,alpha,test-domain) (,beta,test-domain)
IT_APP (,charlie,test-domain) (,delta,test-domain)
USERS (,echo,test-domain) (,foxtrott,test-domain) \
(,golf,test-domain)
INTERNS (,able,test-domain) (,baker,test-domain)IT_EMP, IT_APP etc.
are the names of the netgroups. Each bracketed group adds
one or more user accounts to it. The three fields inside a
group are:The name of the host(s) where the following items are
valid. If you do not specify a hostname, the entry is
valid on all hosts. If you do specify a hostname, you
will enter a realm of darkness, horror and utter confusion.The name of the account that belongs to this
netgroup.The NIS domain for the account. You can import
accounts from other NIS domains into your netgroup if you
are one of the unlucky fellows with more than one NIS
domain.Each of these fields can contain wildcards. See
&man.netgroup.5; for details.netgroupsNetgroup names longer than 8 characters should not be
used, especially if you have machines running other
operating systems within your NIS domain. The names are
case sensitive; using capital letters for your netgroup
names is an easy way to distinguish between user, machine
and netgroup names.Some NIS clients (other than FreeBSD) cannot handle
netgroups with a large number of entries. For example, some
older versions of &sunos; start to cause trouble if a netgroup
contains more than 15 entries. You can
circumvent this limit by creating several sub-netgroups with
15 users or less and a real netgroup that consists of the
sub-netgroups:BIGGRP1 (,joe1,domain) (,joe2,domain) (,joe3,domain) [...]
BIGGRP2 (,joe16,domain) (,joe17,domain) [...]
BIGGRP3 (,joe31,domain) (,joe32,domain)
BIGGROUP BIGGRP1 BIGGRP2 BIGGRP3You can repeat this process if you need more than 225
users within a single netgroup.Activating and distributing your new NIS map is
easy:ellington&prompt.root; cd /var/yp
ellington&prompt.root; makeThis will generate the three NIS maps
netgroup,
netgroup.byhost and
netgroup.byuser. Use &man.ypcat.1; to
check if your new NIS maps are available:ellington&prompt.user; ypcat -k netgroup
ellington&prompt.user; ypcat -k netgroup.byhost
ellington&prompt.user; ypcat -k netgroup.byuserThe output of the first command should resemble the
contents of /var/yp/netgroup. The second
command will not produce output if you have not specified
host-specific netgroups. The third command can be used to
get the list of netgroups for a user.The client setup is quite simple. To configure the server
war, you only have to start
&man.vipw.8; and replace the line+:::::::::with+@IT_EMP:::::::::Now, only the data for the users defined in the netgroup
IT_EMP is imported into
war's password database and only
these users are allowed to login.Unfortunately, this limitation also applies to the ~
function of the shell and all routines converting between user
names and numerical user IDs. In other words,
cd ~user will not work,
ls -l will show the numerical ID instead of
the username and find . -user joe -print will
fail with No such user. To fix this, you will
have to import all user entries without allowing them
to login onto your servers.This can be achieved by adding another line to
/etc/master.passwd. This line should
contain:+:::::::::/sbin/nologin, meaning
Import all entries but replace the shell with
/sbin/nologin in the imported
entries. You can replace any field
in the passwd entry by placing a default value in your
/etc/master.passwd.Make sure that the line
+:::::::::/sbin/nologin is placed after
+@IT_EMP:::::::::. Otherwise, all user
accounts imported from NIS will have /sbin/nologin as their
login shell.After this change, you will only have to change one NIS
map if a new employee joins the IT department. You could use
a similar approach for the less important servers by replacing
the old +::::::::: in their local version
of /etc/master.passwd with something like
this:+@IT_EMP:::::::::
+@IT_APP:::::::::
+:::::::::/sbin/nologinThe corresponding lines for the normal workstations
could be:+@IT_EMP:::::::::
+@USERS:::::::::
+:::::::::/sbin/nologinAnd everything would be fine until there is a policy
change a few weeks later: The IT department starts hiring
interns. The IT interns are allowed to use the normal
workstations and the less important servers; and the IT
apprentices are allowed to login onto the main servers. You
add a new netgroup IT_INTERN, add the new IT interns to this
netgroup and start to change the configuration on each and every
machine... As the old saying goes: Errors in
centralized planning lead to global mess.NIS' ability to create netgroups from other netgroups can
be used to prevent situations like these. One possibility
is the creation of role-based netgroups. For example, you
could create a netgroup called
BIGSRV to define the login
restrictions for the important servers, another netgroup
called SMALLSRV for the less
important servers and a third netgroup called
USERBOX for the normal
workstations. Each of these netgroups contains the netgroups
that are allowed to login onto these machines. The new
entries for your NIS map netgroup should look like this:BIGSRV IT_EMP IT_APP
SMALLSRV IT_EMP IT_APP ITINTERN
USERBOX IT_EMP ITINTERN USERSThis method of defining login restrictions works
reasonably well if you can define groups of machines with
identical restrictions. Unfortunately, this is the exception
and not the rule. Most of the time, you will need the ability
to define login restrictions on a per-machine basis.Machine-specific netgroup definitions are the other
possibility to deal with the policy change outlined above. In
this scenario, the /etc/master.passwd of
each box contains two lines starting with +.
The first of them adds a netgroup with the accounts allowed to
login onto this machine, the second one adds all other
accounts with /sbin/nologin as shell. It
is a good idea to use the ALL-CAPS version of the machine name
as the name of the netgroup. In other words, the lines should
look like this:+@BOXNAME:::::::::
+:::::::::/sbin/nologinOnce you have completed this task for all your machines,
you will not have to modify the local versions of
/etc/master.passwd ever again. All
further changes can be handled by modifying the NIS map. Here
is an example of a possible netgroup map for this
scenario with some additional goodies:# Define groups of users first
IT_EMP (,alpha,test-domain) (,beta,test-domain)
IT_APP (,charlie,test-domain) (,delta,test-domain)
DEPT1 (,echo,test-domain) (,foxtrott,test-domain)
DEPT2 (,golf,test-domain) (,hotel,test-domain)
DEPT3 (,india,test-domain) (,juliet,test-domain)
ITINTERN (,kilo,test-domain) (,lima,test-domain)
D_INTERNS (,able,test-domain) (,baker,test-domain)
#
# Now, define some groups based on roles
USERS DEPT1 DEPT2 DEPT3
BIGSRV IT_EMP IT_APP
SMALLSRV IT_EMP IT_APP ITINTERN
USERBOX IT_EMP ITINTERN USERS
#
# And a groups for a special tasks
# Allow echo and golf to access our anti-virus-machine
SECURITY IT_EMP (,echo,test-domain) (,golf,test-domain)
#
# machine-based netgroups
# Our main servers
WAR BIGSRV
FAMINE BIGSRV
# User india needs access to this server
POLLUTION BIGSRV (,india,test-domain)
#
# This one is really important and needs more access restrictions
DEATH IT_EMP
#
# The anti-virus-machine mentioned above
ONE SECURITY
#
# Restrict a machine to a single user
TWO (,hotel,test-domain)
# [...more groups to follow]If you are using some kind of database to manage your user
accounts, you should be able to create the first part of the
map with your database's report tools. This way, new users
will automatically have access to the boxes.One last word of caution: It may not always be advisable
to use machine-based netgroups. If you are deploying a couple of
dozen or even hundreds of identical machines for student labs,
you should use role-based netgroups instead of machine-based
netgroups to keep the size of the NIS map within reasonable
limits.Important Things to RememberThere are still a couple of things that you will need to do
differently now that you are in an NIS environment.Every time you wish to add a user to the lab, you
must add it to the master NIS server only,
and you must remember to rebuild the NIS
maps. If you forget to do this, the new user will
not be able to login anywhere except on the NIS master.
For example, if we needed to add a new user
jsmith to the lab, we would:&prompt.root; pw useradd jsmith
&prompt.root; cd /var/yp
&prompt.root; make test-domainYou could also run adduser jsmith instead
of pw useradd jsmith.Keep the administration accounts out of the NIS
maps. You do not want to be propagating administrative
accounts and passwords to machines that will have users that
should not have access to those accounts.Keep the NIS master and slave
secure, and minimize their downtime.
If somebody either hacks or simply turns off
these machines, they have effectively rendered many people without
the ability to login to the lab.This is the chief weakness of any centralized administration
system. If you do
not protect your NIS servers, you will have a lot of angry
users!NIS v1 Compatibility FreeBSD's ypserv has some support
for serving NIS v1 clients. FreeBSD's NIS implementation only
uses the NIS v2 protocol, however other implementations include
support for the v1 protocol for backwards compatibility with older
systems. The ypbind daemons supplied
with these systems will try to establish a binding to an NIS v1
server even though they may never actually need it (and they may
persist in broadcasting in search of one even after they receive a
response from a v2 server). Note that while support for normal
client calls is provided, this version of ypserv does not handle
v1 map transfer requests; consequently, it cannot be used as a
master or slave in conjunction with older NIS servers that only
support the v1 protocol. Fortunately, there probably are not any
such servers still in use today.NIS Servers That Are Also NIS Clients Care must be taken when running ypserv in a multi-server
domain where the server machines are also NIS clients. It is
generally a good idea to force the servers to bind to themselves
rather than allowing them to broadcast bind requests and possibly
become bound to each other. Strange failure modes can result if
one server goes down and others are dependent upon it.
Eventually all the clients will time out and attempt to bind to
other servers, but the delay involved can be considerable and the
failure mode is still present since the servers might bind to each
other all over again.You can force a host to bind to a particular server by running
ypbind with the
flag. If you do not want to do this manually each time you
reboot your NIS server, you can add the following lines to
your /etc/rc.conf:nis_client_enable="YES" # run client stuff as well
nis_client_flags="-S NIS domain,server"See &man.ypbind.8; for further information.Password FormatsNISpassword formatsOne of the most common issues that people run into when trying
to implement NIS is password format compatibility. If your NIS
server is using DES encrypted passwords, it will only support
clients that are also using DES. For example, if you have
&solaris; NIS clients in your network, then you will almost certainly
need to use DES encrypted passwords.To check which format your servers
and clients are using, look at /etc/login.conf.
If the host is configured to use DES encrypted passwords, then the
default class will contain an entry like this:default:\
:passwd_format=des:\
:copyright=/etc/COPYRIGHT:\
[Further entries elided]Other possible values for the passwd_format
capability include blf and md5
(for Blowfish and MD5 encrypted passwords, respectively).If you have made changes to /etc/login.conf,
you will also need to rebuild the login capability database, which is
achieved by running the following command as root:&prompt.root; cap_mkdb /etc/login.confThe format of passwords already in
/etc/master.passwd will not be updated until
a user changes his password for the first time after
the login capability database is rebuilt.Next, in order to ensure that passwords are encrypted with the
format that you have chosen, you should also check that the
crypt_default in /etc/auth.conf
gives precedence to your chosen password format. To do this, place
the format that you have chosen first in the list. For example, when
using DES encrypted passwords, the entry would be:crypt_default = des blf md5Having followed the above steps on each of the &os; based NIS
servers and clients, you can be sure that they all agree on which
password format is used within your network.
If you have trouble authenticating on an NIS client, this
is a pretty good place to start looking for possible problems.
Remember: if you want to deploy an NIS server for a heterogenous
network, you will probably have to use DES on all systems
because it is the lowest common standard.GregSutterWritten by DHCPWhat Is DHCP?Dynamic Host Configuration ProtocolDHCPInternet Software Consortium (ISC)DHCP, the Dynamic Host Configuration Protocol, describes
the means by which a system can connect to a network and obtain the
necessary information for communication upon that network. FreeBSD
uses the ISC (Internet Software Consortium) DHCP implementation, so
all implementation-specific information here is for use with the ISC
distribution.What This Section CoversThis section describes both the client-side and server-side
components of the ISC DHCP system. The client-side program,
dhclient, comes integrated within FreeBSD, and
the server-side portion is available from the
net/isc-dhcp3-server port. The
&man.dhclient.8;, &man.dhcp-options.5;, and &man.dhclient.conf.5;
manual pages, in addition to the references below, are useful
resources.How It WorksUDPWhen dhclient, the DHCP client, is
executed on the client machine, it begins broadcasting
requests for configuration information. By default, these
requests are on UDP port 68. The server replies on UDP 67,
giving the client an IP address and other relevant network
information such as netmask, router, and DNS servers. All of
this information comes in the form of a DHCP
lease and is only valid for a certain time
(configured by the DHCP server maintainer). In this manner,
stale IP addresses for clients no longer connected to the
network can be automatically reclaimed.DHCP clients can obtain a great deal of information from
the server. An exhaustive list may be found in
&man.dhcp-options.5;.FreeBSD IntegrationFreeBSD fully integrates the ISC DHCP client,
dhclient. DHCP client support is provided
within both the installer and the base system, obviating the need
for detailed knowledge of network configurations on any network
that runs a DHCP server. dhclient has been
included in all FreeBSD distributions since 3.2.sysinstallDHCP is supported by
sysinstall. When configuring a
network interface within sysinstall, the first question
asked is: Do you want to try DHCP configuration of
this interface?. Answering affirmatively will execute
dhclient, and if successful, will fill in
the network configuration information automatically.There are two things you must do to have your system use
DHCP upon startup:DHCPrequirementsMake sure that the bpf
device is compiled into your kernel. To do this, add
device bpf (pseudo-device bpf under &os; 4.X) to your kernel
configuration file, and rebuild the kernel. For more
information about building kernels, see .The bpf device is already
part of the GENERIC kernel that is
supplied with FreeBSD, so if you do not have a custom
kernel, you should not need to create one in order to get
DHCP working.For those who are particularly security conscious,
you should be warned that bpf
is also the device that allows packet sniffers to work
correctly (although they still have to be run as
root). bpfis required to use DHCP, but if
you are very sensitive about security, you probably
should not add bpf to your
kernel in the expectation that at some point in the
future you will be using DHCP.Edit your /etc/rc.conf to
include the following:ifconfig_fxp0="DHCP"Be sure to replace fxp0 with the
designation for the interface that you wish to dynamically
configure, as described in
.If you are using a different location for
dhclient, or if you wish to pass additional
flags to dhclient, also include the
following (editing as necessary):dhcp_program="/sbin/dhclient"
dhcp_flags=""DHCPserverThe DHCP server, dhcpd, is included
as part of the net/isc-dhcp3-server port in the ports
collection. This port contains the ISC DHCP server and
documentation.FilesDHCPconfiguration files/etc/dhclient.confdhclient requires a configuration file,
/etc/dhclient.conf. Typically the file
contains only comments, the defaults being reasonably sane. This
configuration file is described by the &man.dhclient.conf.5;
manual page./sbin/dhclientdhclient is statically linked and
resides in /sbin. The &man.dhclient.8;
manual page gives more information about
dhclient./sbin/dhclient-scriptdhclient-script is the FreeBSD-specific
DHCP client configuration script. It is described in
&man.dhclient-script.8;, but should not need any user
modification to function properly./var/db/dhclient.leasesThe DHCP client keeps a database of valid leases in this
file, which is written as a log. &man.dhclient.leases.5;
gives a slightly longer description.Further ReadingThe DHCP protocol is fully described in
RFC 2131.
An informational resource has also been set up at
dhcp.org.Installing and Configuring a DHCP ServerWhat This Section CoversThis section provides information on how to configure
a FreeBSD system to act as a DHCP server using the ISC
(Internet Software Consortium) implementation of the DHCP
suite.The server portion of the suite is not provided as part of
FreeBSD, and so you will need to install the
net/isc-dhcp3-server
port to provide this service. See for
more information on using the ports collection.DHCP Server InstallationDHCPinstallationIn order to configure your FreeBSD system as a DHCP server,
you will need to ensure that the &man.bpf.4;
device is compiled into your kernel. To do this, add
device bpf (pseudo-device bpf under &os; 4.X) to your kernel
configuration file, and rebuild the kernel. For more
information about building kernels, see .The bpf device is already
part of the GENERIC kernel that is
supplied with FreeBSD, so you do not need to create a custom
kernel in order to get DHCP working.Those who are particularly security conscious
should note that bpf
is also the device that allows packet sniffers to work
correctly (although such programs still need privileged
access). bpfis required to use DHCP, but if
you are very sensitive about security, you probably
should not include bpf in your
kernel purely because you expect to use DHCP at some
point in the future.The next thing that you will need to do is edit the sample
dhcpd.conf which was installed by the
net/isc-dhcp3-server port.
By default, this will be
/usr/local/etc/dhcpd.conf.sample, and you
should copy this to
/usr/local/etc/dhcpd.conf before proceeding
to make changes.Configuring the DHCP ServerDHCPdhcpd.confdhcpd.conf is
comprised of declarations regarding subnets and hosts, and is
perhaps most easily explained using an example :option domain-name "example.com";
option domain-name-servers 192.168.4.100;
option subnet-mask 255.255.255.0;
default-lease-time 3600;
max-lease-time 86400;
ddns-update-style none;
subnet 192.168.4.0 netmask 255.255.255.0 {
range 192.168.4.129 192.168.4.254;
option routers 192.168.4.1;
}
host mailhost {
hardware ethernet 02:03:04:05:06:07;
fixed-address mailhost.example.com;
}This option specifies the domain that will be provided
to clients as the default search domain. See
&man.resolv.conf.5; for more information on what this
means.This option specifies a comma separated list of DNS
servers that the client should use.The netmask that will be provided to clients.A client may request a specific length of time that a
lease will be valid. Otherwise the server will assign
a lease with this expiry value (in seconds).This is the maximum length of time that the server will
lease for. Should a client request a longer lease, a lease
will be issued, although it will only be valid for
max-lease-time seconds.This option specifies whether the DHCP server should
attempt to update DNS when a lease is accepted or released.
In the ISC implementation, this option is
required.This denotes which IP addresses should be used in
the pool reserved for allocating to clients. IP
addresses between, and including, the ones stated are
handed out to clients.Declares the default gateway that will be provided to
clients.The hardware MAC address of a host (so that the DHCP server
can recognize a host when it makes a request).Specifies that the host should always be given the same
IP address. Note that using a hostname is correct here, since the DHCP
server will resolve the hostname itself before returning the
lease information.Once you have finished writing your
dhcpd.conf, you can proceed to start the
server by issuing the following command:&prompt.root; /usr/local/etc/rc.d/isc-dhcpd.sh startShould you need to make changes to the configuration of your
server in the future, it is important to note that sending a
SIGHUP signal to
dhcpd does not
result in the configuration being reloaded, as it does with most
daemons. You will need to send a SIGTERM
signal to stop the process, and then restart it using the command
above.FilesDHCPconfiguration files/usr/local/sbin/dhcpddhcpd is statically linked and
resides in /usr/local/sbin. The
&man.dhcpd.8; manual page installed with the
port gives more information about
dhcpd./usr/local/etc/dhcpd.confdhcpd requires a configuration
file, /usr/local/etc/dhcpd.conf before it
will start providing service to clients. This file needs to
contain all the information that should be provided to clients
that are being serviced, along with information regarding the
operation of the server. This configuration file is described
by the &man.dhcpd.conf.5; manual page installed
by the port./var/db/dhcpd.leasesThe DHCP server keeps a database of leases it has issued
in this file, which is written as a log. The manual page
&man.dhcpd.leases.5;, installed by the port
gives a slightly longer description./usr/local/sbin/dhcrelaydhcrelay is used in advanced
environments where one DHCP server forwards a request from a
client to another DHCP server on a separate network. If you
require this functionality, then install the net/isc-dhcp3-server port. The
&man.dhcrelay.8; manual page provided with the
port contains more detail.ChernLeeContributed by DNSOverviewBINDFreeBSD utilizes, by default, a version of BIND (Berkeley
Internet Name Domain), which is the most common implementation of the
DNS protocol. DNS is the protocol through which names are mapped to
IP addresses, and vice versa. For example, a query for
www.FreeBSD.org
will receive a reply with the IP address of The FreeBSD Project's
web server, whereas, a query for ftp.FreeBSD.org
will return the IP
address of the corresponding FTP machine. Likewise, the opposite can
happen. A query for an IP address can resolve its hostname. It is
not necessary to run a name server to perform DNS lookups on a system.
DNSDNS is coordinated across the Internet through a somewhat
complex system of authoritative root name servers, and other
smaller-scale name servers who host and cache individual domain
information.
This document refers to BIND 8.x, as it is the stable version
used in FreeBSD. BIND 9.x in FreeBSD can be installed through
the net/bind9 port.
RFC1034 and RFC1035 dictate the DNS protocol.
Currently, BIND is maintained by the
Internet Software Consortium (www.isc.org).
TerminologyTo understand this document, some terms related to DNS must be
understood.TermDefinitionForward DNSMapping of hostnames to IP addressesOriginRefers to the domain covered in a particular zone
filenamed, BIND, name serverCommon names for the BIND name server package within
FreeBSDresolverResolverA system process through which a
machine queries a name server for zone informationreverse DNSReverse DNSThe opposite of forward DNS; mapping of IP addresses to
hostnamesroot zoneRoot zoneThe beginning of the Internet zone hierarchy.
All zones fall under the root zone, similar to how
all files in a file system fall under the root directory.ZoneAn individual domain, subdomain, or portion of the DNS administered by
the same authorityzonesexamplesExamples of zones:
. is the root zoneorg. is a zone under the root zoneexample.org is a zone under the
org. zonefoo.example.org. is a subdomain, a
zone under the example.org. zone1.2.3.in-addr.arpa is a zone referencing
all IP addresses which fall under the 3.2.1.* IP space.
As one can see, the more specific part of a hostname appears to
its left. For example, example.org. is more
specific than org., as org. is
more specific than the root zone. The layout of each part of
a hostname is much like a filesystem: the /dev
directory falls within the root, and so on.Reasons to Run a Name ServerName servers usually come in two forms: an authoritative
name server, and a caching name server.An authoritative name server is needed when:one wants to serve DNS information to the
world, replying authoritatively to queries.a domain, such as example.org, is
registered and IP addresses need to be assigned to hostnames
under it.an IP address block requires reverse DNS entries (IP to
hostname).a backup name server, called a slave, must reply to queries
when the primary is down or inaccessible.A caching name server is needed when:a local DNS server may cache and respond more quickly
than querying an outside name server.a reduction in overall network traffic is desired (DNS
traffic has been measured to account for 5% or more of total
Internet traffic).When one queries for www.FreeBSD.org, the
resolver usually queries the uplink ISP's name server, and retrieves
the reply. With a local, caching DNS server, the query only has to
be made once to the outside world by the caching DNS server. Every
additional query will not have to look to the outside of the local
network, since the information is cached locally.How It WorksIn FreeBSD, the BIND daemon is called
named for obvious reasons.FileDescriptionnamedthe BIND daemonndcname daemon control program/etc/namedbdirectory where BIND zone information resides/etc/namedb/named.confdaemon configuration file
Zone files are usually contained within the
/etc/namedb
directory, and contain the DNS zone information
served by the name server.
Starting BINDBINDstarting
Since BIND is installed by default, configuring it all is
relatively simple.
To ensure the named daemon is started at boot, put the following
modifications in /etc/rc.conf:
named_enable="YES"To start the daemon manually (after configuring it)&prompt.root; ndc startConfiguration FilesBINDconfiguration filesUsing make-localhostBe sure to:
&prompt.root; cd /etc/namedb
&prompt.root; sh make-localhostto properly create the local reverse DNS zone file in
/etc/namedb/localhost.rev.
/etc/namedb/named.conf// $FreeBSD$
//
// Refer to the named(8) manual page for details. If you are ever going
// to setup a primary server, make sure you've understood the hairy
// details of how DNS is working. Even with simple mistakes, you can
// break connectivity for affected parties, or cause huge amount of
// useless Internet traffic.
options {
directory "/etc/namedb";
// In addition to the "forwarders" clause, you can force your name
// server to never initiate queries of its own, but always ask its
// forwarders only, by enabling the following line:
//
// forward only;
// If you've got a DNS server around at your upstream provider, enter
// its IP address here, and enable the line below. This will make you
// benefit from its cache, thus reduce overall DNS traffic in the
Internet.
/*
forwarders {
127.0.0.1;
};
*/
Just as the comment says, to benefit from an uplink's cache,
forwarders can be enabled here. Under normal
circumstances, a name server will recursively query the Internet
looking at certain name servers until it finds the answer it is
looking for. Having this enabled will have it query the uplink's
name server (or name server provided) first, taking advantage of
its cache. If the uplink name server in question is a heavily
trafficked, fast name server, enabling this may be worthwhile.
127.0.0.1
will not work here.
Change this IP address to a name server at your uplink. /*
* If there is a firewall between you and name servers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
/*
* If running in a sandbox, you may have to specify a different
* location for the dumpfile.
*/
// dump-file "s/named_dump.db";
};
// Note: the following will be supported in a future release.
/*
host { any; } {
topology {
127.0.0.0/8;
};
};
*/
// Setting up secondaries is way easier and the rough picture for this
// is explained below.
//
// If you enable a local name server, don't forget to enter 127.0.0.1
// into your /etc/resolv.conf so this server will be queried first.
// Also, make sure to enable it in /etc/rc.conf.
zone "." {
type hint;
file "named.root";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "localhost.rev";
};
zone
"0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT" {
type master;
file "localhost.rev";
};
// NB: Do not use the IP addresses below, they are faked, and only
// serve demonstration/documentation purposes!
//
// Example secondary config entries. It can be convenient to become
// a secondary at least for the zone where your own domain is in. Ask
// your network administrator for the IP address of the responsible
// primary.
//
// Never forget to include the reverse lookup (IN-ADDR.ARPA) zone!
// (This is the first bytes of the respective IP address, in reverse
// order, with ".IN-ADDR.ARPA" appended.)
//
// Before starting to setup a primary zone, better make sure you fully
// understand how DNS and BIND works, however. There are sometimes
// unobvious pitfalls. Setting up a secondary is comparably simpler.
//
// NB: Don't blindly enable the examples below. :-) Use actual names
// and addresses instead.
//
// NOTE!!! FreeBSD runs bind in a sandbox (see named_flags in rc.conf).
// The directory containing the secondary zones must be write accessible
// to bind. The following sequence is suggested:
//
// mkdir /etc/namedb/s
// chown bind:bind /etc/namedb/s
// chmod 750 /etc/namedb/sFor more information on running BIND in a sandbox, see
Running named in a sandbox.
/*
zone "example.com" {
type slave;
file "s/example.com.bak";
masters {
192.168.1.1;
};
};
zone "0.168.192.in-addr.arpa" {
type slave;
file "s/0.168.192.in-addr.arpa.bak";
masters {
192.168.1.1;
};
};
*/In named.conf, these are examples of slave
entries for a forward and reverse zone.For each new zone served, a new zone entry must be added to
named.confFor example, the simplest zone entry for
example.org can look like:zone "example.org" {
type master;
file "example.org";
};The zone is a master, as indicated by the
statement, holding its zone information in
/etc/namedb/example.org indicated by
the statement.zone "example.org" {
type slave;
file "example.org";
};In the slave case, the zone information is transferred from
the master name server for the particular zone, and saved in the
file specified. If and when the master server dies or is
unreachable, the slave name server will have the transferred
zone information and will be able to serve it.Zone Files
An example master zone file for example.org
(existing within /etc/namedb/example.org)
is as follows:
$TTL 3600
example.org. IN SOA ns1.example.org. admin.example.org. (
5 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ) ; Minimum TTL
; DNS Servers
@ IN NS ns1.example.org.
@ IN NS ns2.example.org.
; Machine Names
localhost IN A 127.0.0.1
ns1 IN A 3.2.1.2
ns2 IN A 3.2.1.3
mail IN A 3.2.1.10
@ IN A 3.2.1.30
; Aliases
www IN CNAME @
; MX Record
@ IN MX 10 mail.example.org.
Note that every hostname ending in a . is an
exact hostname, whereas everything without a trailing
. is referenced to the origin. For example,
www is translated into www +
origin. In our fictitious zone file, our origin
is example.org., so
www would translate to
www.example.org.
The format of a zone file follows:
recordname IN recordtype valueDNSrecords
The most commonly used DNS records:
SOAstart of zone authorityNSan authoritative name serverAA host addressCNAMEthe canonical name for an aliasMXmail exchangerPTRa domain name pointer (used in reverse DNS)
example.org. IN SOA ns1.example.org. admin.example.org. (
5 ; Serial
10800 ; Refresh after 3 hours
3600 ; Retry after 1 hour
604800 ; Expire after 1 week
86400 ) ; Minimum TTL of 1 dayexample.org.the domain name, also the origin for this
zone file.ns1.example.org.the primary/authoritative name server for this
zoneadmin.example.org.the responsible person for this zone,
email address with @
replaced. (admin@example.org becomes
admin.example.org)5the serial number of the file. this
must be incremented each time the zone file is modified.
Nowadays, many admins prefer a
yyyymmddrr format for the serial
number. 2001041002 would mean last modified 04/10/2001,
the latter 02 being the second time the zone file has
been modified this day. The serial number is important
as it alerts slave name servers for a zone when it is
updated.
@ IN NS ns1.example.org.
This is an NS entry. Every name server that is going to reply
authoritatively for the zone must have one of these entries.
The @ as seen here could have been
example.org.
The @ translates to the origin.
localhost IN A 127.0.0.1
ns1 IN A 3.2.1.2
ns2 IN A 3.2.1.3
mail IN A 3.2.1.10
@ IN A 3.2.1.30
The A record indicates machine names. As seen above,
ns1.example.org would resolve to
3.2.1.2. Again,
the origin symbol, @, is
used here, thus meaning example.org
would resolve to 3.2.1.30.
www IN CNAME @
The canonical name record is usually used for giving aliases
to a machine. In the example, www is
aliased to the machine addressed to the origin, or
example.org
(3.2.1.30).
CNAMEs can be used to provide alias
hostnames, or round robin one hostname among multiple
machines.
MX record
@ IN MX 10 mail.example.org.
The MX record indicates which mail
servers are responsible for handling incoming mail for the
zone. mail.example.org is the
hostname of the mail server, and 10 being the priority of
that mail server.
One can have several mail servers, with priorities of 3, 2,
1. A mail server attempting to deliver to example.org would first try the
highest priority MX, then the second highest, etc, until the
mail can be properly delivered.
For in-addr.arpa zone files (reverse DNS), the same format is
used, except with PTR entries instead of
A or CNAME.
$TTL 3600
1.2.3.in-addr.arpa. IN SOA ns1.example.org. admin.example.org. (
5 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
3600 ) ; Minimum
@ IN NS ns1.example.org.
@ IN NS ns2.example.org.
2 IN PTR ns1.example.org.
3 IN PTR ns2.example.org.
10 IN PTR mail.example.org.
30 IN PTR example.org.
This file gives the proper IP address to hostname mappings of our above
fictitious domain.
Caching Name ServerBINDcaching name server
A caching name server is a name server that is not
authoritative for any zones. It simply asks queries of its own,
and remembers them for later use. To set one up, just configure
the name server as usual, omitting any inclusions of zones.
Running named in a SandboxBINDrunning in a sandboxchrootFor added security you may want to run &man.named.8; as an
unprivileged user, and configure it to &man.chroot.8; into a
sandbox directory. This makes everything outside of the sandbox
inaccessible to the named daemon. Should
named be compromised, this will help to
reduce the damage that can be caused. By default, FreeBSD has a user
and a group called bind, intended for this
use.Various people would recommend that instead of configuring
named to chroot, you
should run named inside a &man.jail.8;.
This section does not attempt to cover this situation.Since named will not be able to
access anything outside of the sandbox (such as shared
libraries, log sockets, and so on), there are a number of steps
that need to be followed in order to allow
named to function correctly. In the
following checklist, it is assumed that the path to the sandbox
is /etc/namedb and that you have made no
prior modifications to the contents of this directory. Perform
the following steps as root.Create all directories that named
expects to see:&prompt.root; cd /etc/namedb
&prompt.root; mkdir -p bin dev etc var/tmp var/run master slave
&prompt.root; chown bind:bind slave var/*named only needs write access to
these directories, so that is all we give it.Rearrange and create basic zone and configuration files:&prompt.root; cp /etc/localtime etc
&prompt.root; mv named.conf etc && ln -sf etc/named.conf
&prompt.root; mv named.root master
&prompt.root; sh make-localhost && mv localhost.rev localhost-v6.rev master
&prompt.root; cat > master/named.localhost
$ORIGIN localhost.
$TTL 6h
@ IN SOA localhost. postmaster.localhost. (
1 ; serial
3600 ; refresh
1800 ; retry
604800 ; expiration
3600 ) ; minimum
IN NS localhost.
IN A 127.0.0.1
^DThis allows named to log the
correct time to &man.syslogd.8;If you are running a version of &os; prior to 4.9-RELEASE, build a statically linked copy of
named-xfer, and copy it into the sandbox:&prompt.root; cd /usr/src/lib/libisc
&prompt.root; make cleandir && make cleandir && make depend && make all
&prompt.root; cd /usr/src/lib/libbind
&prompt.root; make cleandir && make cleandir && make depend && make all
&prompt.root; cd /usr/src/libexec/named-xfer
&prompt.root; make cleandir && make cleandir && make depend && make NOSHARED=yes all
&prompt.root; cp named-xfer /etc/namedb/bin && chmod 555 /etc/namedb/bin/named-xferAfter your statically linked
named-xfer is installed some cleaning up
is required, to avoid leaving stale copies of libraries or
programs in your source tree:&prompt.root; cd /usr/src/lib/libisc
&prompt.root; make cleandir
&prompt.root; cd /usr/src/lib/libbind
&prompt.root; make cleandir
&prompt.root; cd /usr/src/libexec/named-xfer
&prompt.root; make cleandirThis step has been reported to fail occasionally. If this
happens to you, then issue the command:&prompt.root; cd /usr/src && make cleandir && make cleandirand delete your /usr/obj tree:&prompt.root; rm -fr /usr/obj && mkdir /usr/objThis will clean out any cruft from your
source tree, and retrying the steps above should then work.If you are running &os; version 4.9-RELEASE or later, then
the copy of named-xfer in
/usr/libexec is statically linked by default,
and you can simply use &man.cp.1; to copy it into your sandbox.Make a dev/null that
named can see and write to:&prompt.root; cd /etc/namedb/dev && mknod null c 2 2
&prompt.root; chmod 666 nullSymlink /var/run/ndc to
/etc/namedb/var/run/ndc:&prompt.root; ln -sf /etc/namedb/var/run/ndc /var/run/ndcThis simply avoids having to specify the
option to &man.ndc.8; every time you
run it. Since the contents of /var/run are deleted on boot,
if this is something that you find useful you
may wish to add this command to root's crontab, making use
of the option. See
&man.crontab.5; for more information regarding
this.Configure &man.syslogd.8; to create an extra
log socket that
named can write to. To do this,
add -l /etc/namedb/dev/log to the
syslogd_flags variable in
/etc/rc.conf.Arrange to have named start
and chroot itself to the sandbox by
adding the following to
/etc/rc.conf:named_enable="YES"
named_flags="-u bind -g bind -t /etc/namedb /etc/named.conf"Note that the configuration file
/etc/named.conf is denoted by a full
pathname relative to the sandbox, i.e. in
the line above, the file referred to is actually
/etc/namedb/etc/named.conf.The next step is to edit
/etc/namedb/etc/named.conf so that
named knows which zones to load and
where to find them on the disk. There follows a commented
example (anything not specifically commented here is no
different from the setup for a DNS server not running in a
sandbox):options {
directory "/";
named-xfer "/bin/named-xfer";
version ""; // Don't reveal BIND version
query-source address * port 53;
};
// ndc control socket
controls {
unix "/var/run/ndc" perm 0600 owner 0 group 0;
};
// Zones follow:
zone "localhost" IN {
type master;
file "master/named.localhost";
allow-transfer { localhost; };
notify no;
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "master/localhost.rev";
allow-transfer { localhost; };
notify no;
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.int" {
type master;
file "master/localhost-v6.rev";
allow-transfer { localhost; };
notify no;
};
zone "." IN {
type hint;
file "master/named.root";
};
zone "private.example.net" in {
type master;
file "master/private.example.net.db";
allow-transfer { 192.168.10.0/24; };
};
zone "10.168.192.in-addr.arpa" in {
type slave;
masters { 192.168.10.2; };
file "slave/192.168.10.db";
};The
directory statement is specified as
/, since all files that
named needs are within this
directory (recall that this is equivalent to a
normal user's
/etc/namedb.Specifies the full path
to the named-xfer binary (from
named's frame of reference). This
is necessary since named is
compiled to look for named-xfer in
/usr/libexec by default.Specifies the filename (relative
to the directory statement above) where
named can find the zonefile for this
zone.Specifies the filename
(relative to the directory statement above)
where named should write a copy of
the zonefile for this zone after successfully transferring it
from the master server. This is why we needed to change the
ownership of the directory slave to
bind in the setup stages above.After completing the steps above, either reboot your
server or restart &man.syslogd.8; and start &man.named.8;, making
sure to use the new options specified in
syslogd_flags and
named_flags. You should now be running a
sandboxed copy of named!SecurityAlthough BIND is the most common implementation of DNS,
there is always the issue of security. Possible and
exploitable security holes are sometimes found.
It is a good idea to subscribe to CERT and
freebsd-security-notifications
to stay up to date with the current Internet and FreeBSD security
issues.
If a problem arises, keeping sources up to date and having a
fresh build of named would not hurt.Further Reading
BIND/named manual pages: &man.ndc.8; &man.named.8; &man.named.conf.5;
Official ISC Bind
Page
BIND FAQO'Reilly
DNS and BIND 4th EditionRFC1034
- Domain Names - Concepts and FacilitiesRFC1035
- Domain Names - Implementation and SpecificationTomHukinsContributed by NTPNTPOverviewOver time, a computer's clock is prone to drift. As time
passes, the computer's clock becomes less accurate. NTP
(Network Time Protocol) is one way to ensure your clock is
right.Many Internet services rely on, or greatly benefit from,
computers' clocks being accurate. For example, a Web server
may receive requests to send a file if it has modified since a
certain time. Services such as &man.cron.8; run commands at a
given time. If the clock is inaccurate, these commands may
not run when expected.NTPntpdFreeBSD ships with the &man.ntpd.8; NTP server which can
be used to query other NTP servers to set the clock on your
machine or provide time services to others.Choosing Appropriate NTP ServersNTPchoosing serversIn order to synchronize your clock, you will need to find
one or more NTP servers to use. Your network administrator or
ISP may have set up an NTP server for this purpose—check
their documentation to see if this is the case. There is a
list of
publicly accessible NTP servers which you can use to
find an NTP server near to you. Make sure you are aware of
the policy for any servers you choose, and ask for permission
if required.Choosing several unconnected NTP servers is a good idea in
case one of the servers you are using becomes unreachable or
its clock is unreliable. &man.ntpd.8; uses the responses it
receives from other servers intelligently—it will favor
unreliable servers less than reliable ones.Configuring Your MachineNTPconfigurationBasic ConfigurationntpdateIf you only wish to synchronize your clock when the
machine boots up, you can use &man.ntpdate.8;. This may be
appropriate for some desktop machines which are frequently
rebooted and only require infrequent synchronization, but
most machines should run &man.ntpd.8;.Using &man.ntpdate.8; at boot time is also a good idea
for machines that run &man.ntpd.8;. The &man.ntpd.8; program changes the
clock gradually, whereas &man.ntpdate.8; sets the clock, no
matter how great the difference between a machine's current
clock setting and the correct time.To enable &man.ntpdate.8; at boot time, add
ntpdate_enable="YES" to
/etc/rc.conf. You will also need to
specify all servers you wish to synchronize with and any
flags to be passed to &man.ntpdate.8; in
ntpdate_flags.NTPntp.confGeneral ConfigurationNTP is configured by the
/etc/ntp.conf file in the format
described in &man.ntp.conf.5;. Here is a simple
example:server ntplocal.example.com prefer
server timeserver.example.org
server ntp2a.example.net
driftfile /var/db/ntp.driftThe server option specifies which
servers are to be used, with one server listed on each line.
If a server is specified with the prefer
argument, as with ntplocal.example.com, that server is
preferred over other servers. A response from a preferred
server will be discarded if it differs significantly from
other servers' responses, otherwise it will be used without
any consideration to other responses. The
prefer argument is normally used for NTP
servers that are known to be highly accurate, such as those
with special time monitoring hardware.The driftfile option specifies which
file is used to store the system clock's frequency offset.
The &man.ntpd.8; program uses this to automatically compensate for the
clock's natural drift, allowing it to maintain a reasonably
correct setting even if it is cut off from all external time
sources for a period of time.The driftfile option specifies which
file is used to store information about previous responses
from the NTP servers you are using. This file contains
internal information for NTP. It should not be modified by
any other process.Controlling Access to Your ServerBy default, your NTP server will be accessible to all
hosts on the Internet. The restrict
option in /etc/ntp.conf allows you to control which
machines can access your server.If you want to deny all machines from accessing your NTP
server, add the following line to
/etc/ntp.conf:restrict default ignoreIf you only want to
allow machines within your own network to synchronize their
clocks with your server, but ensure they are not allowed to
configure the server or used as peers to synchronize
against, addrestrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrapinstead, where 192.168.1.0 is
an IP address on your network and 255.255.255.0 is your network's
netmask./etc/ntp.conf can contain multiple
restrict options. For more details, see
the Access Control Support subsection of
&man.ntp.conf.5;.Running the NTP ServerTo ensure the NTP server is started at boot time, add the
line xntpd_enable="YES" to
/etc/rc.conf. If you wish to pass
additional flags to &man.ntpd.8;, edit the
xntpd_flags parameter in
/etc/rc.conf.To start the server without rebooting your machine, run
ntpd being sure to specify any additional
parameters from xntpd_flags in
/etc/rc.conf. For example:&prompt.root; ntpd -p /var/run/ntpd.pidUnder &os; 5.X, various options in
/etc/rc.conf have been renamed. Thus,
you have to replace every instance of xntpd
with ntpd in the options above.Using ntpd with a Temporary Internet
ConnectionThe &man.ntpd.8; program does not need a permanent
connection to the Internet to function properly. However, if
you have a temporary connection that is configured to dial out
on demand, it is a good idea to prevent NTP traffic from
triggering a dial out or keeping the connection alive. If you
are using user PPP, you can use filter
directives in /etc/ppp/ppp.conf. For
example: set filter dial 0 deny udp src eq 123
# Prevent NTP traffic from initiating dial out
set filter dial 1 permit 0 0
set filter alive 0 deny udp src eq 123
# Prevent incoming NTP traffic from keeping the connection open
set filter alive 1 deny udp dst eq 123
# Prevent outgoing NTP traffic from keeping the connection open
set filter alive 2 permit 0/0 0/0For more details see the PACKET
FILTERING section in &man.ppp.8; and the examples in
/usr/share/examples/ppp/.Some Internet access providers block low-numbered ports,
preventing NTP from functioning since replies never
reach your machine.Further InformationDocumentation for the NTP server can be found in
/usr/share/doc/ntp/ in HTML
format.ChernLeeContributed by Network Address TranslationOverviewnatdFreeBSD's Network Address Translation daemon, commonly known as
&man.natd.8; is a daemon that accepts incoming raw IP packets,
changes the source to the local machine and re-injects these packets
back into the outgoing IP packet stream. &man.natd.8; does this by changing
the source IP address and port such that when data is received back,
it is able to determine the original location of the data and forward
it back to its original requester.Internet connection sharingIP masqueradingThe most common use of NAT is to perform what is commonly known as
Internet Connection Sharing.SetupDue to the diminishing IP space in IPv4, and the increased number
of users on high-speed consumer lines such as cable or DSL, people are
increasingly in need of an Internet Connection Sharing solution. The
ability to connect several computers online through one connection and
IP address makes &man.natd.8; a reasonable choice.Most commonly, a user has a machine connected to a cable or DSL
line with one IP address and wishes to use this one connected computer to
provide Internet access to several more over a LAN.To do this, the FreeBSD machine on the Internet must act as a
gateway. This gateway machine must have two NICs—one for connecting
to the Internet router, the other connecting to a LAN. All the
machines on the LAN are connected through a hub or switch. _______ __________ ________
| | | | | |
| Hub |-----| Client B |-----| Router |----- Internet
|_______| |__________| |________|
|
____|_____
| |
| Client A |
|__________|Network LayoutA setup like this is commonly used to share an Internet
connection. One of the LAN machines is
connected to the Internet. The rest of the machines access
the Internet through that gateway
machine.kernelconfigurationConfigurationThe following options must be in the kernel configuration
file:options IPFIREWALL
options IPDIVERTAdditionally, at choice, the following may also be suitable:options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSEThe following must be in /etc/rc.conf:gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
natd_enable="YES"
natd_interface="fxp0"
natd_flags=""gateway_enable="YES"Sets up the machine to act as a gateway. Running
sysctl net.inet.ip.forwarding=1
would have the same effect.firewall_enable="YES"Enables the firewall rules in
/etc/rc.firewall at boot.firewall_type="OPEN"This specifies a predefined firewall ruleset that
allows anything in. See
/etc/rc.firewall for additional
types.natd_interface="fxp0"Indicates which interface to forward packets through
(the interface connected to the Internet).natd_flags=""Any additional configuration options passed to
&man.natd.8; on boot.Having the previous options defined in
/etc/rc.conf would run
natd -interface fxp0 at boot. This can also
be run manually.It is also possible to use a configuration file for
&man.natd.8; when there are too many options to pass. In this
case, the configuration file must be defined by adding the
following line to /etc/rc.conf:natd_flags="-f /etc/natd.conf"The /etc/natd.conf file will
contain a list of configuration options, one per line. For
example the next section case would use the following
file:redirect_port tcp 192.168.0.2:6667 6667
redirect_port tcp 192.168.0.3:80 80For more information about the configuration file,
consult the &man.natd.8; manual page about the
option.Each machine and interface behind the LAN should be
assigned IP address numbers in the private network space as
defined by RFC 1918
and have a default gateway of the natd machine's internal IP
address.For example, client A and
B behind the LAN have IP addresses of 192.168.0.2 and 192.168.0.3, while the natd machine's
LAN interface has an IP address of 192.168.0.1. Client A
and B's default gateway must be set to that
of the natd machine, 192.168.0.1. The natd machine's
external, or Internet interface does not require any special
modification for &man.natd.8; to work.Port RedirectionThe drawback with &man.natd.8; is that the LAN clients are not accessible
from the Internet. Clients on the LAN can make outgoing connections to
the world but cannot receive incoming ones. This presents a problem
if trying to run Internet services on one of the LAN client machines.
A simple way around this is to redirect selected Internet ports on the
natd machine to a LAN client.
For example, an IRC server runs on client A, and a web server runs
on client B. For this to work properly, connections received on ports
6667 (IRC) and 80 (web) must be redirected to the respective machines.
The must be passed to
&man.natd.8; with the proper options. The syntax is as follows: -redirect_port proto targetIP:targetPORT[-targetPORT]
[aliasIP:]aliasPORT[-aliasPORT]
[remoteIP[:remotePORT[-remotePORT]]]In the above example, the argument should be: -redirect_port tcp 192.168.0.2:6667 6667
-redirect_port tcp 192.168.0.3:80 80
This will redirect the proper tcp ports to the
LAN client machines.
The argument can be used to indicate port
ranges over individual ports. For example, tcp
192.168.0.2:2000-3000 2000-3000 would redirect
all connections received on ports 2000 to 3000 to ports 2000
to 3000 on client A.These options can be used when directly running
&man.natd.8;, placed within the
natd_flags="" option in
/etc/rc.conf,
or passed via a configuration file.For further configuration options, consult &man.natd.8;Address Redirectionaddress redirectionAddress redirection is useful if several IP addresses are
available, yet they must be on one machine. With this,
&man.natd.8; can assign each LAN client its own external IP address.
&man.natd.8; then rewrites outgoing packets from the LAN clients
with the proper external IP address and redirects
all traffic incoming on that particular IP address back to
the specific LAN client. This is also known as static NAT.
For example, the IP addresses 128.1.1.1,
128.1.1.2, and
128.1.1.3 belong to the natd gateway
machine. 128.1.1.1 can be used
as the natd gateway machine's external IP address, while
128.1.1.2 and
128.1.1.3 are forwarded back to LAN
clients A and B.The syntax is as follows:-redirect_address localIP publicIPlocalIPThe internal IP address of the LAN client.publicIPThe external IP address corresponding to the LAN client.In the example, this argument would read:-redirect_address 192.168.0.2 128.1.1.2
-redirect_address 192.168.0.3 128.1.1.3Like , these arguments are also placed within
the natd_flags="" option of /etc/rc.conf, or passed via a configuration file. With address
redirection, there is no need for port redirection since all data
received on a particular IP address is redirected.The external IP addresses on the natd machine must be active and aliased
to the external interface. Look at &man.rc.conf.5; to do so.ChernLeeContributed by The inetdSuper-ServerOverview&man.inetd.8; is referred to as the Internet
Super-Server because it manages connections for several
daemons. Programs that provide network service are commonly
known as daemons. inetd serves as a
managing server for other daemons. When a connection is
received by inetd, it determines
which daemon the connection is destined for, spawns the
particular daemon and delegates the socket to it. Running one
instance of inetd reduces the overall
system load as compared to running each daemon individually in
stand-alone mode.Primarily, inetd is used to
spawn other daemons, but several trivial protocols are handled
directly, such as chargen,
auth, and
daytime.This section will cover the basics in configuring
inetd through its command-line
options and its configuration file,
/etc/inetd.conf.Settingsinetd is initialized through
the /etc/rc.conf system. The
inetd_enable option is set to
NO by default, but is often times turned on by
sysinstall with the medium security
profile. Placing:
inetd_enable="YES" or
inetd_enable="NO" into
/etc/rc.conf can enable or disable
inetd starting at boot time.Additionally, different command-line options can be passed
to inetd via the
inetd_flags option.Command-Line Optionsinetd synopsis:-dTurn on debugging.-lTurn on logging of successful connections.-wTurn on TCP Wrapping for external services (on by
default).-WTurn on TCP Wrapping for internal services which are
built into inetd (on by
default).-c maximumSpecify the default maximum number of simultaneous
invocations of each service; the default is unlimited.
May be overridden on a per-service basis with the
parameter.-C rateSpecify the default maximum number of times a
service can be invoked from a single IP address in one
minute; the default is unlimited. May be overridden on a
per-service basis with the
parameter.-R rateSpecify the maximum number of times a service can be
invoked in one minute; the default is 256. A rate of 0
allows an unlimited number of invocations.-aSpecify one specific IP address to bind to.
Alternatively, a hostname can be specified, in which case
the IPv4 or IPv6 address which corresponds to that
hostname is used. Usually a hostname is specified when
inetd is run inside a
&man.jail.8;, in which case the hostname corresponds to
the &man.jail.8; environment.When hostname specification is used and both IPv4
and IPv6 bindings are desired, one entry with the
appropriate protocol type for each binding is required for
each service in /etc/inetd.conf. For
example, a TCP-based service would need two entries, one
using tcp4 for the protocol and the other using
tcp6.-pSpecify an alternate file in which to store the
process ID.These options can be passed to
inetd using the
inetd_flags option in
/etc/rc.conf. By default,
inetd_flags is set to -wW,
which turns on TCP wrapping for
inetd's internal and external
services. For novice users, these parameters usually do not need
to be modified or even entered in
/etc/rc.conf.An external service is a daemon outside of
inetd, which is invoked when a
connection is received for it. On the other hand, an internal
service is one that inetd has the
facility of offering within itself.inetd.confConfiguration of inetd is
controlled through the /etc/inetd.conf
file.When a modification is made to
/etc/inetd.conf,
inetd can be forced to re-read its
configuration file by sending a HangUP signal to the
inetd process as shown:Sending inetd a HangUP Signal&prompt.root; kill -HUP `cat /var/run/inetd.pid`Each line of the configuration file specifies an
individual daemon. Comments in the file are preceded by a
#. The format of
/etc/inetd.conf is as follows:service-name
socket-type
protocol
{wait|nowait}[/max-child[/max-connections-per-ip-per-minute]]
user[:group][/login-class]
server-program
server-program-argumentsAn example entry for the ftpd daemon
using IPv4:ftp stream tcp nowait root /usr/libexec/ftpd ftpd -lservice-nameThis is the service name of the particular daemon.
It must correspond to a service listed in
/etc/services. This determines which
port inetd must listen to. If
a new service is being created, it must be placed in
/etc/services
first.socket-typeEither stream,
dgram, raw, or
seqpacket. stream
must be used for connection-based, TCP daemons, while
dgram is used for daemons utilizing the
UDP transport protocol.protocolOne of the following:ProtocolExplanationtcp, tcp4TCP IPv4udp, udp4UDP IPv4tcp6TCP IPv6udp6UDP IPv6tcp46Both TCP IPv4 and v6udp46Both UDP IPv4 and v6{wait|nowait}[/max-child[/max-connections-per-ip-per-minute]] indicates whether the
daemon invoked from inetd is
able to handle its own socket or not.
socket types must use the
option, while stream socket daemons, which are usually
multi-threaded, should use .
usually hands off multiple sockets
to a single daemon, while spawns a
child daemon for each new socket.The maximum number of child daemons
inetd may spawn can be set using
the option. If a limit of ten
instances of a particular daemon is needed, a
/10 would be placed after
.In addition to , another
option limiting the maximum connections from a single
place to a particular daemon can be enabled.
does
just this. A value of ten here would limit any particular
IP address connecting to a particular service to ten
attempts per minute. This is useful to prevent
intentional or unintentional resource consumption and
Denial of Service (DoS) attacks to a machine.In this field, or
is mandatory.
and
are
optional.A stream-type multi-threaded daemon without any
or
limits
would simply be: nowait.The same daemon with a maximum limit of ten daemons
would read: nowait/10.Additionally, the same setup with a limit of twenty
connections per IP address per minute and a maximum
total limit of ten child daemons would read:
nowait/10/20.These options are all utilized by the default
settings of the fingerd daemon,
as seen here:finger stream tcp nowait/3/10 nobody /usr/libexec/fingerd fingerd -suserThis is the username that the particular daemon
should run as. Most commonly, daemons run as the
root user. For security purposes, it is
common to find some servers running as the
daemon user, or the least privileged
nobody user.server-programThe full path of the daemon to be executed when a
connection is received. If the daemon is a service
provided by inetd internally,
then should be
used.server-program-argumentsThis works in conjunction with
by specifying the
arguments, starting with argv[0], passed to the daemon on
invocation. If mydaemon -d is
the command line, mydaemon -d would be
the value of .
Again, if the daemon is an internal service, use
here.SecurityDepending on the security profile chosen at install, many
of inetd's daemons may be enabled by
default. If there is no apparent need for a particular daemon,
disable it! Place a # in front of the daemon in
question, and send a hangup signal
to inetd.
Some daemons, such as fingerd, may
not be desired at all because they provide an attacker with too
much information.Some daemons are not security-conscious and have long, or
non-existent timeouts for connection attempts. This allows an
attacker to slowly send connections to a particular daemon, thus
saturating available resources. It may be a good idea to place
and
limitations on certain daemons.By default, TCP wrapping is turned on. Consult the
&man.hosts.access.5; manual page for more information on placing
TCP restrictions on various inetd
invoked daemons.Miscellaneousdaytime,
time,
echo,
discard,
chargen, and
auth are all internally provided
services of inetd.The auth service provides identity
(ident, identd) network services, and is configurable to a certain
degree.Consult the &man.inetd.8; manual page for more in-depth
information.Parallel Line IP (PLIP)PLIPParallel Line IPPLIP lets us run TCP/IP between parallel ports. It is
useful on machines without network cards, or to install on
laptops. In this section, we will discuss:Creating a parallel (laplink) cable.Connecting two computers with PLIP.Creating a Parallel CableYou can purchase a parallel cable at most computer supply
stores. If you cannot do that, or you just want to know how
it is done, the following table shows how to make one out of a normal parallel
printer cable.
Setting Up PLIPFirst, you have to get a laplink cable.
Then, confirm that both computers have a kernel with &man.lpt.4; driver
support:&prompt.root; grep lp /var/run/dmesg.boot
lpt0: <Printer> on ppbus0
lpt0: Interrupt-driven portThe parallel port must be an interrupt driven port, under
&os; 4.X, you should have a line similar to the
following in your kernel configuration file:device ppc0 at isa? irq 7Under &os; 5.X, the
/boot/device.hints file should contain the
following lines:hint.ppc.0.at="isa"
hint.ppc.0.irq="7"Then check if the kernel configuration file has a
device plip line or if the
plip.ko kernel module is loaded. In both
cases the parallel networking interface should appear when you
directly use the &man.ifconfig.8; command. Under
&os; 4.X like this:&prompt.root; ifconfig lp0
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500and for &os; 5.X:&prompt.root; ifconfig plip0
plip0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500The device name used for parallel interface is
different between &os; 4.X
(lpX)
and &os; 5.X
(plipX).Plug in the laplink cable into the parallel interface on
both computers.Configure the network interface parameters on both
sites as root. For example, if you want connect
the host host1 running &os; 4.X with host2 running &os; 5.X: host1 <-----> host2
IP Address 10.0.0.1 10.0.0.2Configure the interface on host1 by doing:&prompt.root; ifconfig lp0 10.0.0.1 10.0.0.2Configure the interface on host2 by doing:&prompt.root; ifconfig plip0 10.0.0.2 10.0.0.1You now should have a working connection. Please read the
manual pages &man.lp.4; and &man.lpt.4; for more details.You should also add both hosts to
/etc/hosts:127.0.0.1 localhost.my.domain localhost
10.0.0.1 host1.my.domain host1
10.0.0.2 host2.my.domainTo confirm the connection works, go to each host and ping
the other. For example, on host1:&prompt.root; ifconfig lp0
lp0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.0.1 --> 10.0.0.2 netmask 0xff000000
&prompt.root; netstat -r
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
host2 host1 UH 0 0 lp0
&prompt.root; ping -c 4 host2
PING host2 (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: icmp_seq=0 ttl=255 time=2.774 ms
64 bytes from 10.0.0.2: icmp_seq=1 ttl=255 time=2.530 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=255 time=2.556 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=255 time=2.714 ms
--- host2 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 msAaronKaplanOriginally Written by TomRhodesRestructured and Added by BradDavisExtended by IPv6IPv6 (also know as IPng IP next generation) is
the new version of the well known IP protocol (also know as
IPv4). Like the other current *BSD systems,
FreeBSD includes the KAME IPv6 reference implementation.
So your FreeBSD system comes with all you will need to experiment with IPv6.
This section focuses on getting IPv6 configured and running.In the early 1990s, people became aware of the rapidly
diminishing address space of IPv4. Given the expansion rate of the
Internet there were two major concerns:Running out of addresses. Today this is not so much of a concern
anymore since private address spaces
(10.0.0.0/8,
192.168.0.0/24,
etc.) and Network Address Translation (NAT) are
being employed.Router table entries were getting too large. This is
still a concern today.IPv6 deals with these and many other issues:128 bit address space. In other words theoretically there are
340,282,366,920,938,463,463,374,607,431,768,211,456 addresses
available. This means there are approximately
6.67 * 10^27 IPv6 addresses per square meter on our planet.Routers will only store network aggregation addresses in their routing
tables thus reducing the average space of a routing table to 8192
entries.There are also lots of other useful features of IPv6 such as:Address autoconfiguration (RFC2462)Anycast addresses (one-out-of many)Mandatory multicast addressesIPsec (IP security)Simplified header structureMobile IPIPv6-to-IPv4 transition mechanismsFor more information see:IPv6 overview at playground.sun.comKAME.net6bone.netBackground on IPv6 AddressesThere are different types of IPv6 addresses: Unicast, Anycast and
Multicast.Unicast addresses are the well known addresses. A packet sent
to a unicast address arrives exactly at the interface belonging to
the address.Anycast addresses are syntactically indistinguishable from unicast
addresses but they address a group of interfaces. The packet destined for
an anycast address will arrive at the nearest (in router metric)
interface. Anycast addresses may only be used by routers.Multicast addresses identify a group of interfaces. A packet destined
for a multicast address will arrive at all interfaces belonging to the
multicast group.The IPv4 broadcast address (usually xxx.xxx.xxx.255) is expressed
by multicast addresses in IPv6.
Reserved IPv6 addressesIPv6 addressPrefixlength (Bits)DescriptionNotes::128 bitsunspecifiedcf. 0.0.0.0 in
IPv4::1128 bitsloopback addresscf. 127.0.0.1 in
IPv4::00:xx:xx:xx:xx96 bitsembedded IPv4The lower 32 bits are the IPv4 address. Also
called IPv4 compatible IPv6
address::ff:xx:xx:xx:xx96 bitsIPv4 mapped IPv6 addressThe lower 32 bits are the IPv4 address.
For hosts which do not support IPv6.fe80:: - feb::10 bitslink-localcf. loopback address in IPv4fec0:: - fef::10 bitssite-localff::8 bitsmulticast001 (base
2)3 bitsglobal unicastAll global unicast addresses are assigned from
this pool. The first 3 bits are
001.
Reading IPv6 AddressesThe canonical form is represented as: x:x:x:x:x:x:x:x, each
x being a 16 Bit hex value. For example
FEBC:A574:382B:23C1:AA49:4592:4EFE:9982Often an address will have long substrings of all zeros
therefore one such substring per address can be abbreviated by ::.
Also up to three leading 0s per hexquad can be omitted.
For example fe80::1
corresponds to the canonical form
fe80:0000:0000:0000:0000:0000:0000:0001.A third form is to write the last 32 Bit part in the
well known (decimal) IPv4 style with dots .
as separators. For example
2002::10.0.0.1
corresponds to the (hexadecimal) canonical representation
2002:0000:0000:0000:0000:0000:0a00:0001
which in turn is equivalent to
writing 2002::a00:1.By now the reader should be able to understand the following:&prompt.root; ifconfigrl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.0.10 netmask 0xffffff00 broadcast 10.0.0.255
inet6 fe80::200:21ff:fe03:8e1%rl0 prefixlen 64 scopeid 0x1
ether 00:00:21:03:08:e1
media: Ethernet autoselect (100baseTX )
status: activefe80::200:21ff:fe03:8e1%rl0
is an auto configured link-local address. It is generated from the MAC
address as part of the auto configuration.For further information on the structure of IPv6 addresses
see RFC3513.Getting ConnectedCurrently there are four ways to connect to other IPv6 hosts and networks:Join the experimental 6boneGetting an IPv6 network from your upstream provider. Talk to your
Internet provider for instructions.Tunnel via 6-to-4 (RFC3068)Use the net/freenet6 port if you are on a dial-up connection.Here we will talk on how to connect to the 6bone since it currently seems
to be the most popular way.First take a look at the 6bone site and find a 6bone connection nearest to
you. Write to the responsible person and with a little bit of luck you
will be given instructions on how to set up your connection. Usually this
involves setting up a GRE (gif) tunnel.Here is a typical example on setting up a &man.gif.4; tunnel:&prompt.root; ifconfig gif0 create
&prompt.root; ifconfig gif0
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
&prompt.root; ifconfig gif0 tunnel MY_IPv4_ADDRHIS_IPv4_ADDR
&prompt.root; ifconfig gif0 inet6 alias MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDRReplace the capitalized words by the information you received from the
upstream 6bone node.This establishes the tunnel. Check if the tunnel is working by &man.ping6.8;
'ing ff02::1%gif0. You should receive two ping replies.In case you are intrigued by the address ff02:1%gif0, this is a
multicast address. %gif0 states that the multicast address at network
interface gif0 is to be used. Since we ping a multicast address the
other endpoint of the tunnel should reply as well.By now setting up a route to your 6bone uplink should be rather
straightforward:&prompt.root; route add -inet6 default -interface gif0
&prompt.root; ping6 -n MY_UPLINK&prompt.root; traceroute6 www.jp.FreeBSD.org
(3ffe:505:2008:1:2a0:24ff:fe57:e561) from 3ffe:8060:100::40:2, 30 hops max, 12 byte packets
1 atnet-meta6 14.147 ms 15.499 ms 24.319 ms
2 6bone-gw2-ATNET-NT.ipv6.tilab.com 103.408 ms 95.072 ms *
3 3ffe:1831:0:ffff::4 138.645 ms 134.437 ms 144.257 ms
4 3ffe:1810:0:6:290:27ff:fe79:7677 282.975 ms 278.666 ms 292.811 ms
5 3ffe:1800:0:ff00::4 400.131 ms 396.324 ms 394.769 ms
6 3ffe:1800:0:3:290:27ff:fe14:cdee 394.712 ms 397.19 ms 394.102 msThis output will differ from machine to machine. By now you should be
able to reach the IPv6 site www.kame.net
and see the dancing tortoise — that is if you have a IPv6 enabled browser such as
www/mozilla, Konqueror,
which is part of x11/kdebase3,
or www/epiphany.DNS in the IPv6 WorldThere used to be two types of DNS records for IPv6. The IETF
has declared A6 records obsolete. AAAA records are the standard
now.Using AAAA records is straightforward. Assign your hostname to the new
IPv6 address you just received by adding:MYHOSTNAME AAAA MYIPv6ADDRTo your primary zone DNS file. In case you do not serve your own
DNS zones ask your DNS provider.
Current versions of bind (version 8.3 and 9)
and dns/djbdns (with the IPv6 patch)
support AAAA records.Applying the needed changes to /etc/rc.confIPv6 Client SettingsThese settings will help you configure a machine that will be on
your LAN and act as a client, not a router. To have &man.rtsol.8;
autoconfigure your interface on boot all you need to add is:ipv6_enable="YES"To statically assign an IP address such as
2001:471:1f11:251:290:27ff:fee0:2093, to your
fxp0 interface, add:ipv6_ifconfig_fxp0="2001:471:1f11:251:290:27ff:fee0:2093"To assign a default router of
2001:471:1f11:251::1
add the following to /etc/rc.conf:ipv6_defaultrouter="2001:471:1f11:251::1"IPv6 Router/Gateway SettingsThis will help you take the directions that your Tunnel provider,
such as the 6bone, has
given you and convert it into settings that will persist through reboots.
To restore your tunnel on startup use something like the following in
/etc/rc.conf:List the Generic Tunneling interfaces that will be configured, for
example: gif0gif_interfaces="gif0"To configure the interface with a local endpoint of:
MY_IPv4_ADDR to a remote endpoint of:
REMOTE_IPv4_ADDR.gif_config_gif0="MY_IPv4_ADDR REMOTE_IPv4_ADDR"To apply the IPv6 address you have been assigned for use as your
IPv6 tunnel endpoint, add:ipv6_ifconfig_gif0="MY_ASSIGNED_IPv6_TUNNEL_ENDPOINT_ADDR"Then all you have to do is set the default route for IPv6. This is
the other side of the IPv6 Tunnel.ipv6_defaultrouter="MY_IPv6_REMOTE_TUNNEL_ENDPOINT_ADDR"Router Advertisement and Host Auto ConfigurationThis section will help you setup &man.rtadvd.8; to advertise the
IPv6 default route.To enable &man.rtadvd.8; you'll need the following in your
/etc/rc.conf:rtadvd_enable="YES"It is important that you specify the interface on which to do
IPv6 router solicitation. For example to tell &man.rtadvd.8; to use
fxp0:rtadvd_interfaces="fxp0"Now we must create the config file,
/etc/rtadvd.conf. Here is an example:fxp0:\
:addrs#1:addr="2001:471:1f11:246::":prefixlen#64:tc=ether:Replace fxp0 with the interface you
are going to be using.Next, replace 2001:471:1f11:246::
with the prefix of your allocation.If you are dedicated a /64 subnet
you won't need to change anything else. Otherwise, you will need to
change the prefixlen# to the correct value.HartiBrandtContributed by ATM on &os; 5.XConfiguring classical IP over ATM (PVCs)Classical IP over ATM (CLIP) is the
simplest method to use ATM with IP. It can be used with
switched connections (SVCs) and with permanent connections
(PVCs). This section describes how to set up a network based
on PVCs.Fully meshed configurationsThe first method to set up a CLIP with
PVCs is to connect each machine to each other machine in the
network via a dedicated PVC. While this is simple to
configure it tends to become impractical for a larger number
of machines. The example supposes that we have four
machines in the network, each connected to the ATM network
with an ATM adapter card. The first step is the planning of
the IP addresses and the ATM connections between the
machines. We use the following:HostIP AdresshostA192.168.173.1hostB192.168.173.2hostC192.168.173.3hostD192.168.173.4To build a fully meshed net we need one ATM connection
between each pair of machines:MachinesVPI.VCI couplehostA - hostB0.100hostA - hostC0.101hostA - hostD0.102hostB - hostC0.103hostB - hostD0.104hostC - hostD0.105The VPI and VCI values at each end of the connection may
of course differ, but for simplicity we assume that they are
the same. Next we need to configure the ATM interfaces on
each host:hostA&prompt.root; ifconfig hatm0 192.168.173.1 up
hostB&prompt.root; ifconfig hatm0 192.168.173.2 up
hostC&prompt.root; ifconfig hatm0 192.168.173.3 up
hostD&prompt.root; ifconfig hatm0 192.168.173.4 upassuming that the ATM interface is
hatm0 on all hosts. Now the PVCs
need to be configured on hostA (we assume that
they are already configured on the ATM switches, you need to
consult the manual for the switch on how to do this).hostA&prompt.root; atmconfig natm add 192.168.173.2 hatm0 0 100 llc/snap ubr
hostA&prompt.root; atmconfig natm add 192.168.173.3 hatm0 0 101 llc/snap ubr
hostA&prompt.root; atmconfig natm add 192.168.173.4 hatm0 0 102 llc/snap ubr
hostB&prompt.root; atmconfig natm add 192.168.173.1 hatm0 0 100 llc/snap ubr
hostB&prompt.root; atmconfig natm add 192.168.173.3 hatm0 0 103 llc/snap ubr
hostB&prompt.root; atmconfig natm add 192.168.173.4 hatm0 0 104 llc/snap ubr
hostC&prompt.root; atmconfig natm add 192.168.173.1 hatm0 0 101 llc/snap ubr
hostC&prompt.root; atmconfig natm add 192.168.173.2 hatm0 0 103 llc/snap ubr
hostC&prompt.root; atmconfig natm add 192.168.173.4 hatm0 0 105 llc/snap ubr
hostD&prompt.root; atmconfig natm add 192.168.173.1 hatm0 0 102 llc/snap ubr
hostD&prompt.root; atmconfig natm add 192.168.173.2 hatm0 0 104 llc/snap ubr
hostD&prompt.root; atmconfig natm add 192.168.173.3 hatm0 0 105 llc/snap ubrOf course other traffic contracts than UBR can be used
given the ATM adapter supports those. In this case the name
of the traffic contract is followed by the parameters of the
traffic. Help for the &man.atmconfig.8; tool can be
obtained with:&prompt.root; atmconfig help natm addor in the &man.atmconfig.8; manual page.The same configuration can also be done via
/etc/rc.conf.
For hostA this would look like:network_interfaces="lo0 hatm0"
ifconfig_hatm0="inet 192.168.173.1 up"
natm_static_routes="hostB hostC hostD"
route_hostB="192.168.173.2 hatm0 0 100 llc/snap ubr"
route_hostC="192.168.173.3 hatm0 0 101 llc/snap ubr"
route_hostD="192.168.173.4 hatm0 0 102 llc/snap ubr"The current state of all CLIP routes
can be obtained with:hostA&prompt.root; atmconfig natm show
diff --git a/en_US.ISO8859-1/books/handbook/book.sgml b/en_US.ISO8859-1/books/handbook/book.sgml
index 5bbbcaa102..123dcdbbcb 100644
--- a/en_US.ISO8859-1/books/handbook/book.sgml
+++ b/en_US.ISO8859-1/books/handbook/book.sgml
@@ -1,258 +1,258 @@
%man;
%bookinfo;
%freebsd;
%chapters;
%authors;
%teams;
%mailing-lists;
%newsgroups;
%trademarks;
%txtfiles;
%urls;
%pgpkeys;
]>
FreeBSD HandbookThe FreeBSD Documentation ProjectFebruary 19991995199619971998199920002001200220032004The FreeBSD Documentation Project
&bookinfo.legalnotice;
&tm-attrib.freebsd;
&tm-attrib.3com;
&tm-attrib.3ware;
&tm-attrib.arm;
&tm-attrib.adaptec;
&tm-attrib.adobe;
&tm-attrib.apple;
&tm-attrib.corel;
&tm-attrib.creative;
&tm-attrib.cvsup;
&tm-attrib.heidelberger;
&tm-attrib.ibm;
&tm-attrib.ieee;
&tm-attrib.intel;
&tm-attrib.intuit;
&tm-attrib.linux;
&tm-attrib.lsilogic;
&tm-attrib.m-systems;
&tm-attrib.macromedia;
&tm-attrib.microsoft;
&tm-attrib.netscape;
&tm-attrib.nexthop;
&tm-attrib.opengroup;
&tm-attrib.oracle;
&tm-attrib.powerquest;
&tm-attrib.realnetworks;
&tm-attrib.redhat;
&tm-attrib.sap;
&tm-attrib.sun;
&tm-attrib.symantec;
&tm-attrib.themathworks;
&tm-attrib.thomson;
&tm-attrib.usrobotics;
&tm-attrib.vmware;
&tm-attrib.waterloomaple;
&tm-attrib.wolframresearch;
&tm-attrib.xfree86;
&tm-attrib.xiph;
&tm-attrib.general;
Welcome to FreeBSD! This handbook covers the installation and day
to day use of FreeBSD &rel2.current;-RELEASE
and FreeBSD &rel.current;-RELEASE.
This manual is a work in progress and is the work
of many individuals. Many sections do not yet exist and some of those
that do exist need to be updated. If you are interested in helping
with this project, send email to the &a.doc;. The latest version of
this document is always available from the FreeBSD web site.
It may also be downloaded in a variety of formats and compression
options from the FreeBSD FTP
server or one of the numerous mirror sites. If you would prefer
to have a hard copy of the handbook, you can purchase one at the
FreeBSD Mall. You
may also want to search the
+ url="&url.base;/search/index.html">search the
handbook.
&chap.preface;
Getting StartedThis part of the FreeBSD Handbook is for users and
administrators who are new to FreeBSD. These chapters:Introduce you to FreeBSD.Guide you through the installation process.Teach you &unix; basics and fundamentals.Show you how to install the wealth of third party
applications available for FreeBSD.Introduce you to X, the &unix; windowing system, and
detail how to configure a desktop environment that makes you
more productive.We have tried to keep the number of forward references in
the text to a minimum so that you can read this section of the
Handbook from front to back with the minimum page flipping
required.System AdministrationThe remaining chapters of the FreeBSD Handbook cover all
aspects of FreeBSD system administration. Each chapter
starts by describing what you will learn as a result of reading
the chapter, and also details what you are expected to know
before tackling the material.These chapters are designed to be read when
you need the information. You do not have to read them in any
particular order, nor do you need to read all of them before you
can begin using FreeBSD.Appendices
&chap.colophon;
diff --git a/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.sgml b/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.sgml
index 445b9608b3..e0c83ca21b 100644
--- a/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.sgml
@@ -1,1826 +1,1826 @@
JimMockRestructured, reorganized, and parts updated by JordanHubbardOriginal work by Poul-HenningKampJohnPolstraNikClaytonThe Cutting EdgeSynopsis&os; is under constant development between releases. For
people who want to be on the cutting edge, there are several easy
mechanisms for keeping your system in sync with the latest
developments. Be warned—the cutting edge is not for everyone!
This chapter will help you decide if you want to track the
development system, or stick with one of the released
versions.After reading this chapter, you will know:The difference between the two development
branches: &os.stable; and &os.current;.How to keep your system up to date with
CVSup,
CVS, or
CTM.How to rebuild and reinstall the entire base
system with make world.Before reading this chapter, you should:Properly set up your network connection ().Know how to install additional third-party
software ().&os.current; vs. &os.stable;-CURRENT-STABLEThere are two development branches to FreeBSD: &os.current; and
&os.stable;. This section will explain a bit about each and describe
how to keep your system up-to-date with each respective tree.
&os.current; will be discussed first, then &os.stable;.Staying Current with &os;As you read this, keep in mind that &os.current; is the
bleeding edge of &os; development.
&os.current; users are expected to have a high degree of
technical skill, and should be capable of solving difficult
system problems on their own. If you are new to &os;, think
twice before installing it. What Is &os.current;?snapshot&os.current; is the latest working sources for &os;.
This includes work in progress, experimental changes, and
transitional mechanisms that might or might not be present
in the next official release of the software. While many
&os; developers compile the &os.current; source code daily,
there are periods of time when the sources are not
buildable. These problems are resolved as expeditiously as
possible, but whether or not &os.current; brings disaster or
greatly desired functionality can be a matter of which exact
moment you grabbed the source code in!Who Needs &os.current;?&os.current; is made available for 3 primary
interest groups:Members of the &os; group who are actively working
on some part of the source tree and for whom keeping
current is an absolute
requirement.Members of the &os; group who are active testers,
willing to spend time solving problems in order to
ensure that &os.current; remains as sane as possible.
These are also people who wish to make topical
suggestions on changes and the general direction of
&os;, and submit patches to implement them.Those who merely wish to keep an eye on things, or
to use the current sources for reference purposes
(e.g. for reading, not running).
These people also make the occasional comment or
contribute code.What Is &os.current; Not?A fast-track to getting pre-release bits because you
heard there is some cool new feature in there and you
want to be the first on your block to have it. Being
the first on the block to get the new feature means that
you're the first on the block to get the new
bugs.A quick way of getting bug fixes. Any given version
of &os.current; is just as likely to introduce new bugs
as to fix existing ones.In any way officially supported. We
do our best to help people genuinely in one of the 3
legitimate &os.current; groups, but we
simply do not have the time to
provide tech support. This is not because we are mean
and nasty people who do not like helping people out (we
would not even be doing &os; if we were). We simply
cannot answer hundreds messages a day
and work on FreeBSD! Given the
choice between improving &os; and answering lots of
questions on experimental code, the developers opt for
the former.Using &os.current;-CURRENTusingJoin the &a.current.name; and the &a.cvsall.name; lists. This is not
just a good idea, it is essential. If
you are not on the &a.current.name; list,
you will not see the comments that people are
making about the current state of the system and thus will
probably end up stumbling over a lot of problems that others
have already found and solved. Even more importantly, you
will miss out on important bulletins which may be critical
to your system's continued health.The &a.cvsall.name; list will allow you to see the
commit log entry for each change as it is made along with
any pertinent information on possible side-effects.To join these lists, or one of the others available
go to &a.mailman.lists.link; and click on the list that
you wish to subscribe to. Instructions on the rest of
the procedure are available there.Grab the sources from a &os; mirror
site. You can do this in one of two ways:cvsupcron-CURRENTSyncing with CVSupUse the cvsup program
with the supfile named standard-supfile
available from /usr/share/examples/cvsup.
This is the most recommended
method, since it allows you to grab the entire
collection once and then only what has changed from then
on. Many people run cvsup from
cron and keep their
sources up-to-date automatically. You have to
customize the sample supfile above, and configure
cvsup for your environment.-CURRENTSyncing with CTMUse the CTM facility. If you
have very bad connectivity (high price connections or
only email access) CTM is an option.
However, it is a lot of hassle and can give you broken files.
This leads to it being rarely used, which again increases
the chance of it not working for fairly long periods of
time. We recommend using
CVSup
for anybody with a 9600 bps modem or faster connection.
If you are grabbing the sources to run, and not just
look at, then grab all of &os.current;, not
just selected portions. The reason for this is that various
parts of the source depend on updates elsewhere, and trying
to compile just a subset is almost guaranteed to get you
into trouble.-CURRENTcompilingBefore compiling &os.current;, read the
Makefile in /usr/src
carefully. You should at least install a new kernel and rebuild the world the first time through
as part of the upgrading process. Reading the &a.current;
and /usr/src/UPDATING will keep you up-to-date on other bootstrapping procedures
that sometimes become necessary as we move toward the next
release.Be active! If you are running &os.current;, we want
to know what you have to say about it, especially if you
have suggestions for enhancements or bug fixes. Suggestions
with accompanying code are received most
enthusiastically!Staying Stable with &os;What Is &os.stable;?-STABLE&os.stable; is our development branch from which major releases
are made. Changes go into this branch at a different pace, and
with the general assumption that they have first gone into
&os.current; for testing. This is still
a development branch, however, and this means that at any given time,
the sources for &os.stable; may or may not be suitable for any
particular purpose. It is simply another engineering development
track, not a resource for end-users.Who Needs &os.stable;?If you are interested in tracking or contributing to the
FreeBSD development process, especially as it relates to the
next point release of FreeBSD, then you should
consider following &os.stable;.While it is true that security fixes also go into the
&os.stable; branch, you do not need to
track &os.stable; to do this. Every security advisory for
FreeBSD explains how to fix the problem for the releases it
affects
That is not quite true. We can not continue to
support old releases of FreeBSD forever, although we do
support them for many years. For a complete description
of the current security policy for old releases of
FreeBSD, please see http://www.FreeBSD.org/security/.
+ url="&url.base;/security/index.html">http://www.FreeBSD.org/security/.
, and tracking an entire development branch just
for security reasons is likely to bring in a lot of unwanted
changes as well.
Although we endeavor to ensure that the &os.stable; branch
compiles and runs at all times, this cannot be guaranteed. In
addition, while code is developed in &os.current; before including
it in &os.stable;, more people run &os.stable; than &os.current;, so
it is inevitable that bugs and corner cases will sometimes be found
in &os.stable; that were not apparent in &os.current;.For these reasons, we do not recommend that
you blindly track &os.stable;, and it is particularly important that
you do not update any production servers to &os.stable; without
first thoroughly testing the code in your development
environment.If you do not have the resources to do this then we recommend
that you run the most recent release of FreeBSD, and use the binary
update mechanism to move from release to release.Using &os.stable;-STABLEusingJoin the &a.stable.name; list. This will keep you informed of
build-dependencies that may appear in &os.stable;
or any other issues requiring
special attention. Developers will also make announcements
in this mailing list when they are contemplating some
controversial fix or update, giving the users a chance to
respond if they have any issues to raise concerning the
proposed change.The &a.cvsall.name; list will allow you to see the
commit log entry for each change as it is made along with
any pertinent information on possible side-effects.To join these lists, or one of the others available
go to &a.mailman.lists.link; and click on the list that
you wish to subscribe to. Instructions on the rest of
the procedure are available there.If you are installing a new system and want it to be as
stable as possible, you can simply grab the latest dated
branch snapshot from
and install it like any other release. Or you can
install the most recent &os.stable; release from the
mirror sites and follow
the instructions below to upgrade your system to the
most up to date &os.stable; source code.If you are already running a previous release of &os;
and wish to upgrade via sources then you can easily do so
from &os; mirror site. This can
be done in one of two ways:cvsupcron-STABLEsyncing with CVSupUse the cvsup program
with the supfile named stable-supfile
from the directory
/usr/share/examples/cvsup.
This is the most recommended
method, since it allows you to grab the entire
collection once and then only what has changed from then
on. Many people run cvsup from
cron to keep their
sources up-to-date automatically. You have to
customize the sample supfile above,
and configure cvsup for your
environment.-STABLEsyncing with CTMUse the CTM facility. If
you do not have a fast and inexpensive connection to
the Internet, this is the method you should consider
using.
Essentially, if you need rapid on-demand access to the
source and communications bandwidth is not a consideration,
use cvsup or ftp.
Otherwise, use CTM.-STABLEcompilingBefore compiling &os.stable;, read the
Makefile in /usr/src
carefully. You should at least install a new kernel and rebuild the world the first time through
as part of the upgrading process. Reading the &a.stable; and /usr/src/UPDATING will
keep you up-to-date on other bootstrapping procedures that
sometimes become necessary as we move toward the next
release.Synchronizing Your SourceThere are various ways of using an Internet (or email)
connection to stay up-to-date with any given area of the &os;
project sources, or all areas, depending on what interests you. The
primary services we offer are Anonymous
CVS, CVSup, and CTM.While it is possible to update only parts of your source tree,
the only supported update procedure is to update the entire tree
and recompile both userland (i.e., all the programs that run in
user space, such as those in /bin and
/sbin) and kernel sources. Updating only part
of your source tree, only the kernel, or only userland will often
result in problems. These problems may range from compile errors
to kernel panics or data corruption.anonymous CVSAnonymous CVS and
CVSup use the pull
model of updating sources. In the case of
CVSup the user (or a
cron script) invokes
the cvsup program, and it interacts with a
cvsupd server somewhere to bring your files
up-to-date. The updates you receive are up-to-the-minute and you
get them when, and only when, you want them. You can easily
restrict your updates to the specific files or directories that are
of interest to you. Updates are generated on the fly by the server,
according to what you have and what you want to have.
Anonymous CVS is quite a bit more
simplistic than CVSup in that it is just an extension to
CVS which allows it to pull changes
directly from a remote CVS repository.
CVSup can do this far more efficiently,
but Anonymous CVS is easier to
use.CTMCTM, on the other hand, does not
interactively compare the sources you have with those on the master
archive or otherwise pull them across. Instead, a script which
identifies changes in files since its previous run is executed
several times a day on the master CTM machine, any detected changes
being compressed, stamped with a sequence-number and encoded for
transmission over email (in printable ASCII only). Once received,
these CTM deltas can then be handed to the
&man.ctm.rmail.1; utility which will automatically decode, verify
and apply the changes to the user's copy of the sources. This
process is far more efficient than CVSup,
and places less strain on our server resources since it is a
push rather than a pull
model.There are other trade-offs, of course. If you inadvertently
wipe out portions of your archive, CVSup
will detect and rebuild the damaged portions for you.
CTM will not do this, and if you wipe some
portion of your source tree out (and do not have it backed up) then
you will have to start from scratch (from the most recent CVS
base delta) and rebuild it all with CTM or, with
Anonymous CVS, simply delete the bad bits and resync.Using make worldmake worldOnce you have synchronized your local source tree against a
particular version of &os; (&os.stable;, &os.current;, and so on)
you can then use the source
tree to rebuild the system.Take a BackupIt cannot be stressed enough how important it is to take a
backup of your system before you do this.
While rebuilding the world is (as long as you follow these
instructions) an easy task to do, there will inevitably be times
when you make mistakes, or when mistakes made by others in the
source tree render your system unbootable.Make sure you have taken a backup. And have a fixit floppy to
hand. You will probably never have to use it, but it is better to be
safe than sorry!Subscribe to the Right Mailing Listmailing listThe &os.stable; and &os.current; branches are, by their
nature, in development. People that
contribute to &os; are human, and mistakes occasionally
happen.Sometimes these mistakes can be quite harmless, just causing
your system to print a new diagnostic warning. Or the change may
be catastrophic, and render your system unbootable or destroy your
file systems (or worse).If problems like these occur, a heads up is
posted to the appropriate mailing list, explaining the nature of
the problem and which systems it affects. And an all
clear announcement is posted when the problem has been
solved.If you try to track &os.stable; or &os.current; and do
not read the &a.stable; or the
&a.current; respectively, then you are
asking for trouble.The Canonical Way to Update Your SystemTo update your system, you should use the following
procedure:&prompt.root; make buildworld
&prompt.root; make buildkernel
&prompt.root; make installkernel
&prompt.root; rebootYou should boot in single user mode (using
boot -s from loader prompt for
example). Then run:&prompt.root; mergemaster -p
&prompt.root; make installworld
&prompt.root; mergemaster
&prompt.root; rebootRead Further ExplanationsThe sequence described above is only a short resume to
help you getting started. You should however read the
following sections to clearly understand each step, especially
if you want to use a custom kernel configuration.Read /usr/src/UPDATINGBefore you do anything else, read
/usr/src/UPDATING (or the equivalent file
wherever you have a copy of the source code). This file should
contain important information about problems you might encounter, or
specify the order in which you might have to run certain commands.
If UPDATING contradicts something you read here,
UPDATING takes precedence.Reading UPDATING is not an acceptable
substitute for subscribing to the correct mailing list, as described
previously. The two requirements are complementary, not
exclusive.Check /etc/make.confmake.confExamine the files
/usr/share/examples/etc/make.conf
(called /etc/defaults/make.conf in &os; 4.X) and
/etc/make.conf. The first contains some
default defines – most of which are commented out. To
make use of them when you rebuild your system from source, add
them to /etc/make.conf. Keep in mind that
anything you add to /etc/make.conf is also
used every time you run make, so it is a good
idea to set them to something sensible for your system.A typical user will probably want to copy the
CFLAGS and
NOPROFILE lines found in
/usr/share/examples/etc/make.conf
(or in /etc/defaults/make.conf on &os; 4.X) to
/etc/make.conf and uncomment them.Examine the other definitions (COPTFLAGS,
NOPORTDOCS and so
on) and decide if they are relevant to you.Update the Files in /etcThe /etc directory contains a large part
of your system's configuration information, as well as scripts
that are run at system startup. Some of these scripts change from
version to version of FreeBSD.Some of the configuration files are also used in the day to
day running of the system. In particular,
/etc/group.There have been occasions when the installation part of
make world has expected certain usernames or groups
to exist. When performing an upgrade it is likely that these
users or groups did not exist. This caused problems when upgrading.A recent example of this is when the
smmsp user was added. Users had the
installation process fail for them when
&man.mtree.8; was trying to create
/var/spool/clientmqueue.The solution is to examine
/usr/src/etc/group and compare its list of
groups with your own. If there are any groups in the new file that
are not in your file then copy them over. Similarly, you should
rename any groups in /etc/group which have
the same GID but a different name to those in
/usr/src/etc/group.Since 4.6-RELEASE you can run &man.mergemaster.8; in
pre-buildworld mode by providing the option.
This will compare only those files that are essential for the success
of buildworld or
installworld. If your old version of
mergemaster does not support ,
use the new version in the source tree when running for the first
time:&prompt.root; cd /usr/src/usr.sbin/mergemaster
&prompt.root; ./mergemaster.sh -pIf you are feeling particularly paranoid, you can check your
system to see which files are owned by the group you are
renaming or deleting:&prompt.root; find / -group GID -printwill show all files owned by group
GID (which can be either a group name
or a numeric group ID).Drop to Single User Modesingle-user modeYou may want to compile the system in single user mode. Apart
from the obvious benefit of making things go slightly faster,
reinstalling the system will touch a lot of important system
files, all the standard system binaries, libraries, include files
and so on. Changing these on a running system (particularly if
you have active users on the system at the time) is asking for
trouble.multi-user modeAnother method is to compile the system in multi-user mode, and
then drop into single user mode for the installation. If you would
like to do it this way, simply hold off on the following steps until
the build has completed. You can postpone dropping to single user
mode until you have to installkernel or
installworld.As the superuser, you can execute:&prompt.root; shutdown nowfrom a running system, which will drop it to single user
mode.Alternatively, reboot the system, and at the boot prompt,
enter the flag. The system will then boot
single user. At the shell prompt you should then run:&prompt.root; fsck -p
&prompt.root; mount -u /
&prompt.root; mount -a -t ufs
&prompt.root; swapon -aThis checks the file systems, remounts /
read/write, mounts all the other UFS file systems referenced in
/etc/fstab and then turns swapping on.If your CMOS clock is set to local time and not to GMT
(this is true if the output of the &man.date.1; command
does not show the correct time and zone),
you may also need to run the following command:&prompt.root; adjkerntz -iThis will make sure that your local time-zone settings
get set up correctly — without this, you may later run into some
problems.
Remove /usr/objAs parts of the system are rebuilt they are placed in
directories which (by default) go under
/usr/obj. The directories shadow those under
/usr/src.You can speed up the make world process, and
possibly save yourself some dependency headaches by removing this
directory as well.Some files below /usr/obj may have the
immutable flag set (see &man.chflags.1; for more information)
which must be removed first.&prompt.root; cd /usr/obj
&prompt.root; chflags -R noschg *
&prompt.root; rm -rf *Recompile the SourceSaving the OutputIt is a good idea to save the output you get from running
&man.make.1; to another file. If something goes wrong you will
have a copy of the error message. While this might not help you
in diagnosing what has gone wrong, it can help others if you post
your problem to one of the &os; mailing lists.The easiest way to do this is to use the &man.script.1;
command, with a parameter that specifies the name of the file to
save all output to. You would do this immediately before
rebuilding the world, and then type exit
when the process has finished.&prompt.root; script /var/tmp/mw.out
Script started, output file is /var/tmp/mw.out
&prompt.root; make TARGET… compile, compile, compile …
&prompt.root; exit
Script done, …If you do this, do not save the output
in /tmp. This directory may be cleared
next time you reboot. A better place to store it is in
/var/tmp (as in the previous example) or
in root's home directory.Compile the Base SystemYou must be in the /usr/src
directory:&prompt.root; cd /usr/src(unless, of course, your source code is elsewhere, in which
case change to that directory instead).makeTo rebuild the world you use the &man.make.1; command. This
command reads instructions from the Makefile,
which describes how the programs that comprise &os; should be
rebuilt, the order in which they should be built, and so on.The general format of the command line you will type is as
follows:&prompt.root; make -x -DVARIABLEtargetIn this example,
is an option that you would pass to &man.make.1;. See the
&man.make.1; manual page for an example of the options you can
pass.
passes a variable to the Makefile. The
behavior of the Makefile is controlled by
these variables. These are the same variables as are set in
/etc/make.conf, and this provides another
way of setting them.&prompt.root; make -DNOPROFILE targetis another way of specifying that profiled libraries should
not be built, and corresponds with theNOPROFILE= true # Avoid compiling profiled librariesline in /etc/make.conf.target tells &man.make.1; what
you want to do. Each Makefile defines a
number of different targets, and your choice of
target determines what happens.Some targets are listed in the
Makefile, but are not meant for you to run.
Instead, they are used by the build process to break out the
steps necessary to rebuild the system into a number of
sub-steps.Most of the time you will not need to pass any parameters to
&man.make.1;, and so your command like will look like
this:&prompt.root; make targetBeginning with version 2.2.5 of &os; (actually, it was
first created on the &os.current; branch, and then retrofitted to
&os.stable; midway between 2.2.2 and 2.2.5) the
world target has been split in
two: buildworld and
installworld.As the names imply, buildworld
builds a complete new tree under /usr/obj,
and installworld installs this tree on
the current machine.This is very useful for 2 reasons. First, it allows you
to do the build safe in the knowledge that no components of
your running system will be affected. The build is
self hosted. Because of this, you can safely
run buildworld on a machine running
in multi-user mode with no fear of ill-effects. It is still
recommended that you run the
installworld part in single user
mode, though.Secondly, it allows you to use NFS mounts to upgrade
multiple machines on your network. If you have three machines,
A, B and C that you want to upgrade, run make
buildworld and make installworld on
A. B and C should then NFS mount /usr/src
and /usr/obj from A, and you can then run
make installworld to install the results of
the build on B and C.Although the world target still exists,
you are strongly encouraged not to use it.Run&prompt.root; make buildworldIt is now possible to specify a option to
make which will cause it to spawn several
simultaneous processes. This is most useful on multi-CPU machines.
However, since much of the compiling process is IO bound rather
than CPU bound it is also useful on single CPU machines.On a typical single-CPU machine you would run:&prompt.root; make -j4 buildworld&man.make.1; will then have up to 4 processes running at any one
time. Empirical evidence posted to the mailing lists shows this
generally gives the best performance benefit.If you have a multi-CPU machine and you are using an SMP
configured kernel try values between 6 and 10 and see how they speed
things up.Be aware that this is still somewhat experimental, and commits
to the source tree may occasionally break this feature. If the
world fails to compile using this parameter try again without it
before you report any problems.Timingsmake worldtimingsMany factors influence the build time, but currently a 500 MHz
&pentium; III with 128 MB of RAM takes about 2 hours to build
the &os.stable; tree, with no tricks or shortcuts used during the
process. A &os.current; tree will take somewhat longer.Compile and Install a New KernelkernelcompilingTo take full advantage of your new system you should recompile the
kernel. This is practically a necessity, as certain memory structures
may have changed, and programs like &man.ps.1; and &man.top.1; will
fail to work until the kernel and source code versions are the
same.The simplest, safest way to do this is to build and install a
kernel based on GENERIC. While
GENERIC may not have all the necessary devices
for your system, it should contain everything necessary to boot your
system back to single user mode. This is a good test that the new
system works properly. After booting from
GENERIC and verifying that your system works you
can then build a new kernel based on your normal kernel configuration
file.On modern versions of FreeBSD it is important to build world before building a
new kernel.If you want to build a custom kernel, and already have a configuration
file, just use KERNCONF=MYKERNEL
like this:&prompt.root; cd /usr/src
&prompt.root; make buildkernel KERNCONF=MYKERNEL
&prompt.root; make installkernel KERNCONF=MYKERNELIn FreeBSD 4.2 and older you must replace
KERNCONF= with KERNEL=.
4.2-STABLE that was fetched before Feb 2nd, 2001 does not
recognize KERNCONF=.Note that if you have raised kern.securelevel
above 1 and you have set either the
noschg or similar flags to your kernel binary, you
might find it necessary to drop into single user mode to use
installkernel. Otherwise you should be able
to run both these commands from multi user mode without
problems. See &man.init.8; for details about
kern.securelevel and &man.chflags.1; for details
about the various file flags.If you are upgrading to a version of &os; below 4.0 you should
use the old kernel build procedure. However, it is recommended
that you use the new version of &man.config.8;, using a command line
like this.&prompt.root; /usr/obj/usr/src/usr.sbin/config/config KERNELNAMEReboot into Single User Modesingle-user modeYou should reboot into single user mode to test the new kernel
works. Do this by following the instructions in
.Install the New System BinariesIf you were building a version of &os; recent enough to have
used make buildworld then you should now use
installworld to install the new system
binaries.Run&prompt.root; cd /usr/src
&prompt.root; make installworldIf you specified variables on the make
buildworld command line, you must specify the same
variables in the make installworld command
line. This does not necessarily hold true for other options;
for example, must never be used with
installworld.For example, if you ran:&prompt.root; make -DNOPROFILE buildworldyou must install the results with:&prompt.root; make -DNOPROFILE installworldotherwise it would try to install profiled libraries that
had not been built during the make buildworld
phase.Update Files Not Updated by make worldRemaking the world will not update certain directories (in
particular, /etc, /var and
/usr) with new or changed configuration files.The simplest way to update these files is to use
&man.mergemaster.8;, though it is possible to do it manually
if you would prefer to do that. Regardless of which way you
choose, be sure to make a backup of /etc in
case anything goes wrong.TomRhodesContributed by mergemastermergemasterThe &man.mergemaster.8; utility is a Bourne script that will
aid you in determining the differences between your configuration files
in /etc, and the configuration files in
the source tree /usr/src/etc. This is
the recommended solution for keeping the system configuration files up to date
with those located in the source tree.mergemaster was integrated into the FreeBSD base
system between 3.3-RELEASE and 3.4-RELEASE, which means it is
present in all -STABLE and -CURRENT systems since 3.3.To begin simply type mergemaster at your prompt, and
watch it start going. mergemaster will then build a
temporary root environment, from / down, and populate
it with various system configuration files. Those files are then compared
to the ones currently installed in your system. At this point, files that
differ will be shown in &man.diff.1; format, with the sign
representing added or modified lines, and representing
lines that will be either removed completely, or replaced with a new line.
See the &man.diff.1; manual page for more information about the &man.diff.1;
syntax and how file differences are shown.&man.mergemaster.8; will then show you each file that displays variances,
and at this point you will have the option of either deleting the new file (referred
to as the temporary file), installing the temporary file in its unmodified state,
merging the temporary file with the currently installed file, or viewing the
&man.diff.1; results again.Choosing to delete the temporary file will tell &man.mergemaster.8; that we
wish to keep our current file unchanged, and to delete the new version.
This option is not recommended, unless you see no
reason to change the current file. You can get help at any time by
typing ? at the &man.mergemaster.8; prompt. If the user
chooses to skip a file, it will be presented again after all other files
have been dealt with.Choosing to install the unmodified temporary file will replace the
current file with the new one. For most unmodified files, this is the best
option.Choosing to merge the file will present you with a text editor,
and the contents of both files. You can now merge them by
reviewing both files side by side on the screen, and choosing parts from
both to create a finished product. When the files are compared side by side,
the l key will select the left contents and the
r key will select contents from your right.
The final output will be a file consisting of both parts, which can then be
installed. This option is customarily used for files where settings have been
modified by the user.Choosing to view the &man.diff.1; results again will show you the file differences
just like &man.mergemaster.8; did before prompting you for an option.After &man.mergemaster.8; is done with the system files you will be
prompted for other options. &man.mergemaster.8; may ask if you want to rebuild
the password file and/or run &man.MAKEDEV.8; if you run a FreeBSD version prior to 5.0, and will finish up with an option to
remove left-over temporary files.Manual UpdateIf you wish to do the update manually, however,
you cannot just copy over the files from
/usr/src/etc to /etc and
have it work. Some of these files must be installed
first. This is because the /usr/src/etc
directory is not a copy of what your
/etc directory should look like. In addition,
there are files that should be in /etc that are
not in /usr/src/etc.If you are using &man.mergemaster.8; (as recommended),
you can skip forward to the next
section.The simplest way to do this by hand is to install the
files into a new directory, and then work through them looking
for differences.Backup Your Existing /etcAlthough, in theory, nothing is going to touch this directory
automatically, it is always better to be sure. So copy your
existing /etc directory somewhere safe.
Something like:&prompt.root; cp -Rp /etc /etc.old does a recursive copy,
preserves times, ownerships on files and suchlike.You need to build a dummy set of directories to install the new
/etc and other files into.
/var/tmp/root is a reasonable choice, and
there are a number of subdirectories required under this as
well.&prompt.root; mkdir /var/tmp/root
&prompt.root; cd /usr/src/etc
&prompt.root; make DESTDIR=/var/tmp/root distrib-dirs distributionThis will build the necessary directory structure and install the
files. A lot of the subdirectories that have been created under
/var/tmp/root are empty and should be deleted.
The simplest way to do this is to:&prompt.root; cd /var/tmp/root
&prompt.root; find -d . -type d | xargs rmdir 2>/dev/nullThis will remove all empty directories. (Standard error is
redirected to /dev/null to prevent the warnings
about the directories that are not empty.)/var/tmp/root now contains all the files that
should be placed in appropriate locations below
/. You now have to go through each of these
files, determining how they differ with your existing files.Note that some of the files that will have been installed in
/var/tmp/root have a leading .. At the
time of writing the only files like this are shell startup files in
/var/tmp/root/ and
/var/tmp/root/root/, although there may be others
(depending on when you are reading this). Make sure you use
ls -a to catch them.The simplest way to do this is to use &man.diff.1; to compare the
two files:&prompt.root; diff /etc/shells /var/tmp/root/etc/shellsThis will show you the differences between your
/etc/shells file and the new
/var/tmp/root/etc/shells file. Use these to decide whether to
merge in changes that you have made or whether to copy over your old
file.Name the New Root Directory
(/var/tmp/root) with a Time Stamp, so You Can
Easily Compare Differences Between VersionsFrequently rebuilding the world means that you have to update
/etc frequently as well, which can be a bit of
a chore.You can speed this process up by keeping a copy of the last set
of changed files that you merged into /etc.
The following procedure gives one idea of how to do this.Make the world as normal. When you want to update
/etc and the other directories, give the
target directory a name based on the current date. If you were
doing this on the 14th of February 1998 you could do the
following:&prompt.root; mkdir /var/tmp/root-19980214
&prompt.root; cd /usr/src/etc
&prompt.root; make DESTDIR=/var/tmp/root-19980214 \
distrib-dirs distributionMerge in the changes from this directory as outlined
above.Do not remove the
/var/tmp/root-19980214 directory when you
have finished.When you have downloaded the latest version of the source
and remade it, follow step 1. This will give you a new
directory, which might be called
/var/tmp/root-19980221 (if you wait a week
between doing updates).You can now see the differences that have been made in the
intervening week using &man.diff.1; to create a recursive diff
between the two directories:&prompt.root; cd /var/tmp
&prompt.root; diff -r root-19980214 root-19980221Typically, this will be a much smaller set of differences
than those between
/var/tmp/root-19980221/etc and
/etc. Because the set of differences is
smaller, it is easier to migrate those changes across into your
/etc directory.You can now remove the older of the two
/var/tmp/root-* directories:&prompt.root; rm -rf /var/tmp/root-19980214Repeat this process every time you need to merge in changes
to /etc.You can use &man.date.1; to automate the generation of the
directory names:&prompt.root; mkdir /var/tmp/root-`date "+%Y%m%d"`Update /devDEVFSIf you are running FreeBSD 5.0 or later you can safely
skip this section. These versions use &man.devfs.5; to
allocate device nodes transparently for the user.In most cases, the &man.mergemaster.8; tool will realize when
it is necessary to update the device nodes, and offer to complete it
automatically. These instructions tell how to update the device
nodes manually.For safety's sake, this is a multi-step process.Copy /var/tmp/root/dev/MAKEDEV to
/dev:&prompt.root; cp /var/tmp/root/dev/MAKEDEV /devMAKEDEVIf you used &man.mergemaster.8; to
update /etc, then your
MAKEDEV script should have been updated
already, though it cannot hurt to check (with &man.diff.1;)
and copy it manually if necessary.Now, take a snapshot of your current
/dev. This snapshot needs to contain the
permissions, ownerships, major and minor numbers of each filename,
but it should not contain the time stamps. The easiest way to do
this is to use &man.awk.1; to strip out some of the
information:&prompt.root; cd /dev
&prompt.root; ls -l | awk '{print $1, $2, $3, $4, $5, $6, $NF}' > /var/tmp/dev.outRemake all the device nodes:&prompt.root; sh MAKEDEV allWrite another snapshot of the directory, this time to
/var/tmp/dev2.out. Now look through these
two files for any device node that you missed creating. There should
not be any, but it is better to be safe than sorry.&prompt.root; diff /var/tmp/dev.out /var/tmp/dev2.outYou are most likely to notice disk slice discrepancies which
will involve commands such as:&prompt.root; sh MAKEDEV sd0s1to recreate the slice entries. Your precise circumstances may
vary.Update /standThis step is included only for completeness. It can safely be
omitted. If you are using FreeBSD 5.2 or later, the
/rescue directory is automatically updated
for the user with current, statically compiled binaries during
make installworld, thus obsoleting the need
to update /stand.For the sake of completeness, you may want to update the files in
/stand as well. These files consist of hard
links to the /stand/sysinstall binary. This
binary should be statically linked, so that it can work when no other
file systems (and in particular /usr) have been
mounted.&prompt.root; cd /usr/src/release/sysinstall
&prompt.root; make all installRebootingYou are now done. After you have verified that everything appears
to be in the right place you can reboot the system. A simple
&man.shutdown.8; should do it:&prompt.root; shutdown -r nowFinishedYou should now have successfully upgraded your &os; system.
Congratulations.If things went slightly wrong, it is easy to rebuild a particular
piece of the system. For example, if you accidentally deleted
/etc/magic as part of the upgrade or merge of
/etc, the &man.file.1; command will stop working.
In this case, the fix would be to run:&prompt.root; cd /usr/src/usr.bin/file
&prompt.root; make all installQuestionsDo I need to re-make the world for every change?There is no easy answer to this one, as it depends on the
nature of the change. For example, if you just ran CVSup, and
it has shown the following files as being updated:src/games/cribbage/instr.csrc/games/sail/pl_main.csrc/release/sysinstall/config.csrc/release/sysinstall/media.csrc/share/mk/bsd.port.mkit probably is not worth rebuilding the entire world.
You could just go to the appropriate sub-directories and
make all install, and that's about it. But
if something major changed, for example
src/lib/libc/stdlib then you should either
re-make the world, or at least those parts of it that are
statically linked (as well as anything else you might have added
that is statically linked).At the end of the day, it is your call. You might be happy
re-making the world every fortnight say, and let changes
accumulate over that fortnight. Or you might want to re-make
just those things that have changed, and be confident you can
spot all the dependencies.And, of course, this all depends on how often you want to
upgrade, and whether you are tracking &os.stable; or
&os.current;.My compile failed with lots of signal 11 (or other signal
number) errors. What has happened?signal 11This is normally indicative of hardware problems.
(Re)making the world is an effective way to stress test your
hardware, and will frequently throw up memory problems. These
normally manifest themselves as the compiler mysteriously dying
on receipt of strange signals.A sure indicator of this is if you can restart the make and
it dies at a different point in the process.In this instance there is little you can do except start
swapping around the components in your machine to determine
which one is failing.Can I remove /usr/obj when I have
finished?The short answer is yes./usr/obj contains all the object files
that were produced during the compilation phase. Normally, one
of the first steps in the make world process is to
remove this directory and start afresh. In this case, keeping
/usr/obj around after you have finished
makes little sense, and will free up a large chunk of disk space
(currently about 340 MB).However, if you know what you are doing you can have
make world skip this step. This will make subsequent
builds run much faster, since most of sources will not need to
be recompiled. The flip side of this is that subtle dependency
problems can creep in, causing your build to fail in odd ways.
This frequently generates noise on the &os; mailing lists,
when one person complains that their build has failed, not
realizing that it is because they have tried to cut
corners.Can interrupted builds be resumed?This depends on how far through the process you got before
you found a problem.In general (and this is not a hard and
fast rule) the make world process builds new
copies of essential tools (such as &man.gcc.1;, and
&man.make.1;) and the system libraries. These tools and
libraries are then installed. The new tools and libraries are
then used to rebuild themselves, and are installed again. The
entire system (now including regular user programs, such as
&man.ls.1; or &man.grep.1;) is then rebuilt with the new
system files.If you are at the last stage, and you know it (because you
have looked through the output that you were storing) then you
can (fairly safely) do:… fix the problem …
&prompt.root; cd /usr/src
&prompt.root; make -DNOCLEAN allThis will not undo the work of the previous
make world.If you see the message:--------------------------------------------------------------
Building everything..
--------------------------------------------------------------in the make world output then it is
probably fairly safe to do so.If you do not see that message, or you are not sure, then it
is always better to be safe than sorry, and restart the build
from scratch.How can I speed up making the world?Run in single user mode.Put the /usr/src and
/usr/obj directories on separate
file systems held on separate disks. If possible, put these
disks on separate disk controllers.Better still, put these file systems across multiple
disks using the &man.ccd.4; (concatenated disk
driver) device.Turn off profiling (set NOPROFILE=true in
/etc/make.conf). You almost certainly
do not need it.Also in /etc/make.conf, set
CFLAGS to something like . The optimization is much
slower, and the optimization difference between
and is normally
negligible. lets the compiler use
pipes rather than temporary files for communication, which
saves disk access (at the expense of memory).Pass the option to &man.make.1; to
run multiple processes in parallel. This usually helps
regardless of whether you have a single or a multi processor
machine.The file system holding
/usr/src can be mounted (or remounted)
with the option. This prevents the
file system from recording the file access time. You probably
do not need this information anyway.&prompt.root; mount -u -o noatime /usr/srcThe example assumes /usr/src is
on its own file system. If it is not (if it is a part of
/usr for example) then you will
need to use that file system mount point, and not
/usr/src.The file system holding /usr/obj can
be mounted (or remounted) with the
option. This causes disk writes to happen asynchronously.
In other words, the write completes immediately, and the
data is written to the disk a few seconds later. This
allows writes to be clustered together, and can be a
dramatic performance boost.Keep in mind that this option makes your file system
more fragile. With this option there is an increased
chance that, should power fail, the file system will be in
an unrecoverable state when the machine restarts.If /usr/obj is the only thing on
this file system then it is not a problem. If you have
other, valuable data on the same file system then ensure
your backups are fresh before you enable this
option.&prompt.root; mount -u -o async /usr/objAs above, if /usr/obj is not on
its own file system, replace it in the example with the
name of the appropriate mount point.What do I do if something goes wrong?Make absolutely sure your environment has no
extraneous cruft from earlier builds. This is simple
enough.&prompt.root; chflags -R noschg /usr/obj/usr
&prompt.root; rm -rf /usr/obj/usr
&prompt.root; cd /usr/src
&prompt.root; make cleandir
&prompt.root; make cleandirYes, make cleandir really should
be run twice.Then restart the whole process, starting
with make buildworld.If you still have problems, send the error and the
output of uname -a to &a.questions;.
Be prepared to answer other questions about your
setup!MikeMeyerContributed by Tracking for Multiple MachinesNFSinstalling multiple machinesIf you have multiple machines that you want to track the
same source tree, then having all of them download sources and
rebuild everything seems like a waste of resources: disk space,
network bandwidth, and CPU cycles. It is, and the solution is
to have one machine do most of the work, while the rest of the
machines mount that work via NFS. This section outlines a
method of doing so.PreliminariesFirst, identify a set of machines that is going to run
the same set of binaries, which we will call a
build set. Each machine can have a
custom kernel, but they will be running the same userland
binaries. From that set, choose a machine to be the
build machine. It is going to be the
machine that the world and kernel are built on. Ideally, it
should be a fast machine that has sufficient spare CPU to
run make world. You will also want to
choose a machine to be the test
machine, which will test software updates before they
are put into production. This must be a
machine that you can afford to have down for an extended
period of time. It can be the build machine, but need not be.All the machines in this build set need to mount
/usr/obj and
/usr/src from the same machine, and at
the same point. Ideally, those are on two different drives
on the build machine, but they can be NFS mounted on that machine
as well. If you have multiple build sets,
/usr/src should be on one build machine, and
NFS mounted on the rest.Finally make sure that
/etc/make.conf on all the machines in
the build set agrees with the build machine. That means that
the build machine must build all the parts of the base
system that any machine in the build set is going to
install. Also, each build machine should have its kernel
name set with KERNCONF in
/etc/make.conf, and the build machine
should list them all in KERNCONF, listing
its own kernel first. The build machine must have the kernel
configuration files for each machine in
/usr/src/sys/arch/conf
if it is going to build their kernels.The Base SystemNow that all that is done, you are ready to build
everything. Build the kernel and world as described in on the build machine,
but do not install anything. After the build has finished, go
to the test machine, and install the kernel you just
built. If this machine mounts /usr/src
and /usr/obj via NFS, when you reboot
to single user you will need to enable the network and mount
them. The easiest way to do this is to boot to multi-user,
then run shutdown now to go to single user
mode. Once there, you can install the new kernel and world and run
mergemaster just as you normally would. When
done, reboot to return to normal multi-user operations for this
machine.After you are certain that everything on the test
machine is working properly, use the same procedure to
install the new software on each of the other machines in
the build set.PortsThe same ideas can be used for the ports tree. The first
critical step is mounting /usr/ports from
the same machine to all the machines in the build set. You can
then set up /etc/make.conf properly to share
distfiles. You should set DISTDIR to a
common shared directory that is writable by whichever user
root is mapped to by your NFS mounts. Each
machine should set WRKDIRPREFIX to a
local build directory. Finally, if you are going to be
building and distributing packages, you should set
PACKAGES to a directory similar to
DISTDIR.
diff --git a/en_US.ISO8859-1/books/handbook/eresources/chapter.sgml b/en_US.ISO8859-1/books/handbook/eresources/chapter.sgml
index 77a2b3bdc4..4560ad47a9 100644
--- a/en_US.ISO8859-1/books/handbook/eresources/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/eresources/chapter.sgml
@@ -1,1601 +1,1601 @@
Resources on the InternetThe rapid pace of FreeBSD progress makes print media impractical as a
means of following the latest developments. Electronic resources are the
best, if not often the only, way stay informed of the latest advances.
Since FreeBSD is a volunteer effort, the user community itself also
generally serves as a technical support department of sorts,
with electronic mail and USENET news being the most effective way of
reaching that community.The most important points of contact with the FreeBSD user community
are outlined below. If you are aware of other resources not mentioned
here, please send them to the &a.doc; so that they may also be
included.Mailing ListsThough many of the FreeBSD development members read USENET, we
cannot always guarantee that we will get to your questions in a timely
fashion (or at all) if you post them only to one of the
comp.unix.bsd.freebsd.* groups. By addressing your
questions to the appropriate mailing list you will reach both us and a
concentrated FreeBSD audience, invariably assuring a better (or at least
faster) response.The charters for the various lists are given at the bottom of this
document. Please read the charter before joining or sending
mail to any list. Most of our list subscribers now receive
many hundreds of FreeBSD related messages every day, and by setting down
charters and rules for proper use we are striving to keep the
signal-to-noise ratio of the lists high. To do less would see the
mailing lists ultimately fail as an effective communications medium for
the project.Archives are kept for all of the mailing lists and can be searched
- using the FreeBSD World
+ using the FreeBSD World
Wide Web server. The keyword searchable archive offers an
excellent way of finding answers to frequently asked questions and
should be consulted before posting a question.List SummaryGeneral lists: The following are general
lists which anyone is free (and encouraged) to join:ListPurpose&a.cvsall.name;Changes made to the FreeBSD source tree&a.advocacy.name;FreeBSD Evangelism&a.announce.name;Important events and project milestones&a.arch.name;Architecture and design discussions&a.bugbusters.name;Discussions pertaining to the maintenance of the FreeBSD
problem report database and related tools&a.bugs.name;Bug reports&a.chat.name;Non-technical items related to the FreeBSD
community&a.config.name;Development of FreeBSD installation and configuration tools&a.current.name;Discussion concerning the use of
&os.current;&a.isp.name;Issues for Internet Service Providers using
FreeBSD&a.jobs.name;FreeBSD employment and consulting
opportunities&a.newbies.name;New FreeBSD users activities and discussions&a.policy.name;FreeBSD Core team policy decisions. Low volume, and
read-only&a.questions.name;User questions and technical support&a.security-notifications.name;Security notifications&a.stable.name;Discussion concerning the use of
&os.stable;&a.test.name;Where to send your test messages instead of one of
the actual listsTechnical lists: The following lists are for
technical discussion. You should read the charter for each list
carefully before joining or sending mail to one as there are firm
guidelines for their use and content.ListPurpose&a.acpi.name;ACPI and power management development&a.afs.name;Porting AFS to FreeBSD&a.aic7xxx.name;Developing drivers for the &adaptec; AIC 7xxx&a.alpha.name;Porting FreeBSD to the Alpha&a.amd64.name;Porting FreeBSD to AMD64 systems&a.arm.name;Porting FreeBSD to &arm; processors&a.atm.name;Using ATM networking with FreeBSD&a.audit.name;Source code audit project&a.binup.name;Design and development of the binary update system&a.cluster.name;Using FreeBSD in a clustered environment&a.cvsweb.name;CVSweb maintenance&a.database.name;Discussing database use and development under
FreeBSD&a.doc.name;Creating FreeBSD related documents&a.emulation.name;Emulation of other systems such as
Linux/DOS/&windows;&a.firewire.name;FreeBSD &firewire; (iLink, IEEE 1394) technical
discussion&a.fs.name;File systems&a.geom.name;GEOM-specific discussions and implementations&a.gnome.name;Porting GNOME and GNOME applications&a.hackers.name;General technical discussion&a.hardware.name;General discussion of hardware for running
FreeBSD&a.i18n.name;FreeBSD Internationalization&a.ia32.name;FreeBSD on the IA-32 (&intel; x86) platform&a.ia64.name;Porting FreeBSD to Intel's upcoming IA64 systems&a.ipfw.name;Technical discussion concerning the redesign of the IP
firewall code&a.isdn.name;ISDN developers&a.java.name;&java; developers and people porting &jdk;s to
FreeBSD&a.kde.name;Porting KDE and KDE applications&a.lfs.name;Porting LFS to FreeBSD&a.libh.name;The second generation installation and package
system&a.mips.name;Porting FreeBSD to &mips;&a.mobile.name;Discussions about mobile computing&a.mozilla.name;Porting Mozilla to FreeBSD&a.multimedia.name;Multimedia applications&a.newbus.name;Technical discussions about bus architecture&a.net.name;Networking discussion and TCP/IP source code&a.openoffice.name;Porting OpenOffice.org and
&staroffice; to FreeBSD&a.performance.name;Performance tuning questions for high
performance/load installations&a.perl.name;Maintenance of a number of
perl-related ports&a.platforms.name;Concerning ports to non-Intel architecture
platforms&a.ports.name;Discussion of the ports collection&a.ports-bugs.name;Discussion of the ports bugs/PRs&a.ppc.name;Porting FreeBSD to the &powerpc;&a.qa.name;Discussion of Quality Assurance, usually pending a release&a.realtime.name;Development of realtime extensions to FreeBSD&a.scsi.name;The SCSI subsystem&a.security.name;Security issues affecting FreeBSD&a.small.name;Using FreeBSD in embedded applications&a.smp.name;Design discussions for [A]Symmetric
MultiProcessing&a.sparc.name;Porting FreeBSD to &sparc; based systems&a.standards.name;FreeBSD's conformance to the C99 and the &posix;
standards&a.threads.name;Threading in FreeBSD&a.testing.name;FreeBSD Performance and Stability Tests&a.tokenring.name;Support Token Ring in FreeBSD&a.x11.name;Maintenance and support of X11 on FreeBSDLimited lists: The following lists are for
more specialized (and demanding) audiences and are probably not of
interest to the general public. It is also a good idea to establish a
presence in the technical lists before joining one of these limited
lists so that you will understand the communications etiquette involved.ListPurpose&a.hubs.name;People running mirror sites (infrastructural
support)&a.usergroups.name;User group coordination&a.vendors.name;Vendors pre-release coordination&a.www.name;
- Maintainers of www.FreeBSD.org
+ Maintainers of www.FreeBSD.orgDigest lists: All of the above lists
are available in a digest format. Once subscribed to a list,
you can change your digest options in your account options
section.CVS lists: The following lists are for people
interested in seeing the log messages for changes to various areas of
the source tree. They are Read-Only lists and
should not have mail sent to them.ListSource areaArea Description (source for)&a.cvsall.name;/usr/(CVSROOT|doc|ports|projects|src)All changes to any place in the tree (superset of other cvs commit lists)&a.cvs-doc.name;/usr/(doc|www)All changes to the doc and www trees&a.cvs-ports.name;/usr/portsAll changes to the ports tree&a.cvs-projects.name;/usr/projectsAll changes to the projects tree&a.cvs-src.name;/usr/srcAll changes to the src treeHow to SubscribeTo subscribe to a list, click on the list name above or
go to &a.mailman.lists.link;
and click on the list that you are interested in. The list
page should contain all of the necessary subscription
instructions.To actually post to a given list you simply send mail to
<listname@FreeBSD.org>. It will then
be redistributed to mailing list members world-wide.To unsubscribe yourself from a list, click on the URL
found at the bottom of every email received from the list. It
is also possible to send an email to
freebsd-[listname]-unsubscribe@FreeBSD.org to unsubscribe
yourself.Again, we would like to request that you keep discussion in the
technical mailing lists on a technical track. If you are only
interested in important announcements then it is suggested that
you join the &a.announce;, which is intended only for infrequent
traffic.List ChartersAll FreeBSD mailing lists have certain basic
rules which must be adhered to by anyone using them. Failure to comply
with these guidelines will result in two (2) written warnings from the
FreeBSD Postmaster postmaster@FreeBSD.org, after which,
on a third offense, the poster will removed from all FreeBSD mailing
lists and filtered from further posting to them. We regret that such
rules and measures are necessary at all, but today's Internet is a
pretty harsh environment, it would seem, and many fail to appreciate
just how fragile some of its mechanisms are.Rules of the road:The topic of any posting should adhere to the basic charter of
the list it is posted to, e.g. if the list is about technical
issues then your posting should contain technical discussion.
Ongoing irrelevant chatter or flaming only detracts from the value
of the mailing list for everyone on it and will not be tolerated.
For free-form discussion on no particular topic, the &a.chat;
is freely available and should be used instead.No posting should be made to more than 2 mailing lists, and
only to 2 when a clear and obvious need to post to both lists
exists. For most lists, there is already a great deal of
subscriber overlap and except for the most esoteric mixes (say
-stable & -scsi), there really is no reason to post to more
than one list at a time. If a message is sent to you in such a
way that multiple mailing lists appear on the
Cc line then the Cc
line should also be trimmed before sending it out again.
You are still responsible for your
own cross-postings, no matter who the originator might have
been.Personal attacks and profanity (in the context of an argument)
are not allowed, and that includes users and developers alike.
Gross breaches of netiquette, like excerpting or reposting private
mail when permission to do so was not and would not be
forthcoming, are frowned upon but not specifically enforced.
However, there are also very few cases where
such content would fit within the charter of a list and it would
therefore probably rate a warning (or ban) on that basis
alone.Advertising of non-FreeBSD related products or services is
strictly prohibited and will result in an immediate ban if it is
clear that the offender is advertising by spam.Individual list charters:&a.acpi.name;ACPI and power management
development&a.afs.name;Andrew File SystemThis list is for discussion on porting and using AFS from
CMU/Transarc&a.announce.name;Important events / milestonesThis is the mailing list for people interested only in
occasional announcements of significant FreeBSD events. This
includes announcements about snapshots and other releases. It
contains announcements of new FreeBSD capabilities. It may
contain calls for volunteers etc. This is a low volume, strictly
moderated mailing list.&a.arch.name;Architecture and design
discussionsThis list is for discussion of the FreeBSD
architecture. Messages will mostly be kept strictly
technical in nature. Examples of suitable topics
are:How to re-vamp the build system to have several
customized builds running at the same time.What needs to be fixed with VFS to make Heidemann layers
work.How do we change the device driver interface to be able
to use the same drivers cleanly on many buses and
architectures.How to write a network driver.&a.audit.name;Source code audit projectThis is the mailing list for the FreeBSD source code
audit project. Although this was originally intended for
security-related changes, its charter has been expanded to
review any code changes.This list is very heavy on patches, and is probably of no
interest to the average FreeBSD user. Security discussions
not related to a particular code change are held on
freebsd-security. Conversely, all developers are encouraged
to send their patches here for review, especially if they
touch a part of the system where a bug may adversely affect
the integrity of the system.&a.binup.name;FreeBSD Binary Update ProjectThis list exists to provide discussion for the binary
update system, or binup.
Design issues, implementation details,
patches, bug reports, status reports, feature requests, commit
logs, and all other things related to
binup are fair game.&a.bugbusters.name;Coordination of the Problem Report handling effortThe purpose of this list is to serve as a coordination and
discussion forum for the Bugmeister, his Bugbusters, and any other
parties who have a genuine interest in the PR database. This list
is not for discussions about specific bugs, patches or PRs.&a.bugs.name;Bug reportsThis is the mailing list for reporting bugs in FreeBSD.
Whenever possible, bugs should be submitted using the
&man.send-pr.1;
command or the WEB
+ url="&url.base;/send-pr.html">WEB
interface to it.&a.chat.name;Non technical items related to the FreeBSD
communityThis list contains the overflow from the other lists about
non-technical, social information. It includes discussion about
whether Jordan looks like a toon ferret or not, whether or not
to type in capitals, who is drinking too much coffee, where the
best beer is brewed, who is brewing beer in their basement, and
so on. Occasional announcements of important events (such as
upcoming parties, weddings, births, new jobs, etc) can be made
to the technical lists, but the follow ups should be directed to
this -chat list.&a.core.name;FreeBSD core teamThis is an internal mailing list for use by the core
members. Messages can be sent to it when a serious
FreeBSD-related matter requires arbitration or high-level
scrutiny.&a.current.name;Discussions about the use of
&os.current;This is the mailing list for users of &os.current;. It
includes warnings about new features coming out in -CURRENT that
will affect the users, and instructions on steps that must be
taken to remain -CURRENT. Anyone running CURRENT
must subscribe to this list. This is a technical mailing list
for which strictly technical content is expected.&a.cvsweb.name;FreeBSD CVSweb ProjectTechnical discussions about use, development and maintenance
of FreeBSD-CVSweb.&a.doc.name;Documentation projectThis mailing list is for the discussion of issues and
projects related to the creation of documentation for FreeBSD.
The members of this mailing list are collectively referred to as
The FreeBSD Documentation Project. It is an open
list; feel free to join and contribute!&a.firewire.name;&firewire; (iLink, IEEE 1394)This is a mailing list for discussion of the design
and implementation of a &firewire; (aka IEEE 1394 aka
iLink) subsystem for FreeBSD. Relevant topics
specifically include the standards, bus devices and
their protocols, adapter boards/cards/chips sets, and
the architecture and implementation of code for their
proper support.&a.fs.name;File systemsDiscussions concerning FreeBSD file systems. This is a
technical mailing list for which strictly technical content is
expected.&a.geom.name;GEOMDiscussions specific to GEOM and related implementations.
This is a technical mailing list for which strictly technical
content is expected.&a.gnome.name;GNOMEDiscussions concerning The GNOME Desktop Environment for
FreeBSD systems. This is a technical mailing list for
which strictly technical content is expected.&a.ipfw.name;IP FirewallThis is the forum for technical discussions concerning the
redesign of the IP firewall code in FreeBSD. This is a
technical mailing list for which strictly technical content is
expected.&a.ia64.name;Porting FreeBSD to IA64This is a technical mailing list for individuals
actively working on porting FreeBSD to the IA-64 platform
from Intel, to bring up problems or discuss alternative
solutions. Individuals interested in following the
technical discussion are also welcome.&a.isdn.name;ISDN CommunicationsThis is the mailing list for people discussing the
development of ISDN support for FreeBSD.&a.java.name;&java; DevelopmentThis is the mailing list for people discussing the
development of significant &java; applications for FreeBSD and the
porting and maintenance of &jdk;s.&a.jobs.name;Jobs offered and soughtThis is a forum for posting employment notices and
resumes specifically related to &os;, e.g. if you're
seeking &os;-related employment or have a job involving
&os; to advertise then this is the right place. This is
not a mailing list for general
employment issues since adequate forums for that
already exist elsewhere.Note that this list, like other FreeBSD.org mailing
lists, is distributed worldwide. Thus, you need to be
clear about location and the extent to which
telecommuting or assistance with relocation is
available.Email should use open formats only —
preferably plain text, but basic Portable Document
Format (PDF), HTML, and a few others
are acceptable to many readers. Closed formats such as
µsoft; Word (.doc) will be
rejected by the mailing list server.&a.kde.name;KDEDiscussions concerning KDE on
FreeBSD systems. This is a technical mailing list for
which strictly technical content is expected.&a.hackers.name;Technical discussionsThis is a forum for technical discussions related to
FreeBSD. This is the primary technical mailing list. It is for
individuals actively working on FreeBSD, to bring up problems or
discuss alternative solutions. Individuals interested in
following the technical discussion are also welcome. This is a
technical mailing list for which strictly technical content is
expected.&a.hardware.name;General discussion of FreeBSD
hardwareGeneral discussion about the types of hardware that FreeBSD
runs on, various problems and suggestions concerning what to buy
or avoid.&a.hubs.name;Mirror sitesAnnouncements and discussion for people who run FreeBSD
mirror sites.&a.isp.name;Issues for Internet Service
ProvidersThis mailing list is for discussing topics relevant to
Internet Service Providers (ISPs) using FreeBSD. This is a
technical mailing list for which strictly technical content is
expected.&a.newbies.name;Newbies activities discussionWe cover any of the activities of newbies that are not
already dealt with elsewhere, including: independent learning
and problem solving techniques, finding and using resources and
asking for help elsewhere, how to use mailing lists and which
lists to use, general chat, making mistakes, boasting, sharing
ideas, stories, moral (but not technical) support, and taking an
active part in the FreeBSD community. We take our problems and
support questions to freebsd-questions, and use freebsd-newbies
to meet others who are doing the same things that we do as
newbies.&a.openoffice.name;OpenOffice.orgDiscussions concerning the porting and maintenance
of OpenOffice.org and
&staroffice;.&a.performance.name;Discussions about tuning or speeding up FreeBSDThis mailing list exists to provide a place for
hackers, administrators, and/or concerned parties to
discuss performance related topics pertaining to
FreeBSD. Acceptable topics includes talking about
FreeBSD installations that are either under high load,
are experiencing performance problems, or are pushing
the limits of FreeBSD. Concerned parties that are
willing to work toward improving the performance of
FreeBSD are highly encouraged to subscribe to this list.
This is a highly technical list ideally suited for
experienced FreeBSD users, hackers, or administrators
interested in keeping FreeBSD fast, robust, and
scalable. This list is not a question-and-answer list
that replaces reading through documentation, but it is a
place to make contributions or inquire about unanswered
performance related topics.&a.platforms.name;Porting to Non Intel platformsCross-platform FreeBSD issues, general discussion and
proposals for non Intel FreeBSD ports. This is a technical
mailing list for which strictly technical content is
expected.&a.policy.name;Core team policy decisionsThis is a low volume, read-only mailing list for FreeBSD
Core Team Policy decisions.&a.ports.name;Discussion of
portsDiscussions concerning FreeBSD's ports
collection (/usr/ports), ports infrastructure, and
general ports coordination efforts. This is a technical mailing list
for which strictly technical content is expected.&a.ports-bugs.name;Discussion of
ports bugsDiscussions concerning problem reports for FreeBSD's ports
collection (/usr/ports), proposed
ports, or modifications to ports. This is a technical mailing list
for which strictly technical content is expected.&a.questions.name;User questionsThis is the mailing list for questions about FreeBSD. You
should not send how to questions to the technical
lists unless you consider the question to be pretty
technical.&a.scsi.name;SCSI subsystemThis is the mailing list for people working on the SCSI
subsystem for FreeBSD. This is a technical mailing list for
which strictly technical content is expected.&a.security.name;Security issuesFreeBSD computer security issues (DES, Kerberos, known
security holes and fixes, etc). This is a technical mailing
list for which strictly technical discussion is expected. Note
that this is not a question-and-answer list, but that
contributions (BOTH question AND answer) to the FAQ are
welcome.&a.security-notifications.name;Security NotificationsNotifications of FreeBSD security problems and
fixes. This is not a discussion list. The discussion
list is FreeBSD-security.&a.small.name;Using FreeBSD in embedded
applicationsThis list discusses topics related to unusually small and
embedded FreeBSD installations. This is a technical mailing
list for which strictly technical content is expected.&a.stable.name;Discussions about the use of
&os.stable;This is the mailing list for users of &os.stable;. It
includes warnings about new features coming out in -STABLE that
will affect the users, and instructions on steps that must be
taken to remain -STABLE. Anyone running STABLE
should subscribe to this list. This is a technical mailing list
for which strictly technical content is expected.&a.standards.name;C99 & POSIX ConformanceThis is a forum for technical discussions related to
FreeBSD Conformance to the C99 and the POSIX standards.&a.usergroups.name;User Group Coordination ListThis is the mailing list for the coordinators from each of
the local area Users Groups to discuss matters with each other
and a designated individual from the Core Team. This mail list
should be limited to meeting synopsis and coordination of
projects that span User Groups.&a.vendors.name;VendorsCoordination discussions between The FreeBSD Project and
Vendors of software and hardware for FreeBSD.Filtering on the Mailing ListsThe &os; mailing lists are filtered in multiple ways to
avoid the distribution of spam, viruses, and other unwanted emails.
The filtering actions described in this section do not include all
those used to protect the mailing lists.Only certain types of attachments are allowed on the
mailing lists. All attachments with a MIME content type not
found in the list below will be stripped before an email is
distributed on the mailing lists.application/octet-streamapplication/pdfapplication/pgp-signatureapplication/x-pkcs7-signaturemessage/rfc822multipart/alternativemultipart/relatedmultipart/signedtext/htmltext/plaintext/x-difftext/x-patchSome of the mailing lists might allow attachments of
other MIME content types, but the above list should be
applicable for most of the mailing lists.If an email contains both an HTML and a plain text version,
the HTML version will be removed. If an email contains only an
HTML version, it will be converted to plain text.Usenet NewsgroupsIn addition to two FreeBSD specific newsgroups, there are many
others in which FreeBSD is discussed or are otherwise relevant to
FreeBSD users. Keyword
searchable archives are available for some of these newsgroups
from courtesy of Warren Toomey wkt@cs.adfa.edu.au.BSD Specific Newsgroupscomp.unix.bsd.freebsd.announcecomp.unix.bsd.freebsd.miscde.comp.os.unix.bsd (German)fr.comp.os.bsd (French)it.comp.os.freebsd (Italian)Other &unix; Newsgroups of Interestcomp.unixcomp.unix.questionscomp.unix.admincomp.unix.programmercomp.unix.shellcomp.unix.user-friendlycomp.security.unixcomp.sources.unixcomp.unix.advocacycomp.unix.misccomp.bugs.4bsdcomp.bugs.4bsd.ucb-fixescomp.unix.bsdX Window Systemcomp.windows.x.i386unixcomp.windows.xcomp.windows.x.appscomp.windows.x.announcecomp.windows.x.intrinsicscomp.windows.x.motifcomp.windows.x.pexcomp.emulators.ms-windows.wineWorld Wide Web Servers
&chap.eresources.www.inc;
Email AddressesThe following user groups provide FreeBSD related email addresses
for their members. The listed administrator reserves the right to
revoke the address if it is abused in any way.DomainFacilitiesUser GroupAdministratorukug.uk.FreeBSD.orgForwarding onlyfreebsd-users@uk.FreeBSD.orgLee Johnston
lee@uk.FreeBSD.orgShell AccountsThe following user groups provide shell accounts for people who are
actively supporting the FreeBSD project. The listed administrator
reserves the right to cancel the account if it is abused in any
way.HostAccessFacilitiesAdministratorstorm.uk.FreeBSD.orgSSH onlyRead-only cvs, personal web space, email&a.brian;dogma.freebsd-uk.eu.orgTelnet/FTP/SSHEmail, Web space, Anonymous FTPLee Johnston
lee@uk.FreeBSD.org
diff --git a/en_US.ISO8859-1/books/handbook/install/chapter.sgml b/en_US.ISO8859-1/books/handbook/install/chapter.sgml
index 354bf2bd0b..25ee3669a7 100644
--- a/en_US.ISO8859-1/books/handbook/install/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/install/chapter.sgml
@@ -1,5571 +1,5571 @@
JimMockRestructured, reorganized, and parts
rewritten by RandyPrattThe sysinstall walkthrough, screenshots, and general
copy by Installing FreeBSDSynopsisinstallationFreeBSD is provided with a text-based, easy to use installation
program called sysinstall. This is the
default installation program for FreeBSD, although vendors are free to
provide their own installation suite if they wish. This chapter
describes how to use sysinstall to install
FreeBSD.After reading this chapter, you will know:How to create the FreeBSD installation disks.How FreeBSD refers to, and subdivides, your hard disks.How to start sysinstall.The questions sysinstall will ask
you, what they mean, and how to answer them.Before reading this chapter, you should:Read the supported hardware list that shipped with the version
of FreeBSD you are installing, and verify that your hardware is
supported.In general, these installation instructions are written
for &i386; (PC compatible) architecture
computers. Where applicable, instructions specific to other
platforms (for example, Alpha) will be listed. Although this
guide is kept as up to date as possible, you may find minor
differences between the installer and what is shown here. It is
suggested that you use this chapter as a general guide rather
than a literal installation manual.Pre-installation TasksInventory Your ComputerBefore installing FreeBSD you should attempt to inventory the
components in your computer. The FreeBSD installation routines will
show you the components (hard disks, network cards, CDROM drives, and
so forth) with their model number and manufacturer. FreeBSD will also
attempt to determine the correct configuration for these devices,
which includes information about IRQ and IO port usage. Due to the
vagaries of PC hardware this process is not always completely
successful, and you may need to correct FreeBSD's determination of
your configuration.If you already have another operating system installed, such as
&windows; or Linux, it is a good idea to use the facilities provided
by those operating systems to see how your hardware is already
configured. If you are not sure what settings an expansion
card is using, you may find it printed on the card itself. Popular IRQ
numbers are 3, 5, and 7, and IO port addresses are normally written as
hexadecimal numbers, such as 0x330.We recommend you print or write down this information before
installing FreeBSD. It may help to use a table, like this:
Sample Device InventoryDevice NameIRQIO port(s)NotesFirst hard diskN/AN/A40 GB, made by Seagate, first IDE masterCDROMN/AN/AFirst IDE slaveSecond hard diskN/AN/A20 GB, made by IBM, second IDE masterFirst IDE controller140x1f0Network cardN/AN/A&intel; 10/100ModemN/AN/A&tm.3com; 56K faxmodem, on COM1…
Backup Your DataIf the computer you will be installing FreeBSD on contains
valuable data, then ensure you have it backed up, and that you have
tested the backups before installing FreeBSD. The FreeBSD
installation routine will prompt you before writing any
data to your disk, but once that process has started it cannot be
undone.Decide Where to Install FreeBSDIf you want FreeBSD to use your entire hard disk, then there is nothing
more to concern yourself with at this point — you can skip this
section.However, if you need FreeBSD to co-exist with other operating
systems then you need to have a rough understanding of how data is
laid out on the disk, and how this affects you.Disk Layouts for the &i386;A PC disk can be divided into discrete chunks. These chunks are
called partitions. By design, the PC only
supports four partitions per disk. These partitions are called
primary partitions. To work around this
limitation and allow more than four partitions, a new partition type
was created, the extended partition. A disk
may contain only one extended partition. Special partitions, called
logical partitions, can be created inside this
extended partition.Each partition has a partition ID, which is
a number used to identify the type of data on the partition. FreeBSD
partitions have the partition ID of 165.In general, each operating system that you use will identify
partitions in a particular way. For example, DOS, and its
descendants, like &windows;, assign each primary and logical partition a
drive letter, starting with
C:.FreeBSD must be installed into a primary partition. FreeBSD can
keep all its data, including any files that you create, on this one
partition. However, if you have multiple disks, then you can create a
FreeBSD partition on all, or some, of them. When you install FreeBSD,
you must have one partition available. This might be a blank
partition that you have prepared, or it might be an existing partition
that contains data that you no longer care about.If you are already using all the partitions on all your disks, then
you will have to free one of them for FreeBSD using the tools
provided by the other operating systems you use (e.g.,
fdisk on DOS or &windows;).If you have a spare partition then you can use that. However, you
may need to shrink one or more of your existing partitions
first.A minimal installation of FreeBSD takes as little as 100 MB of disk
space. However, that is a very minimal install,
leaving almost no space for your own files. A more realistic minimum
is 250 MB without a graphical environment, and 350 MB or more if you
want a graphical user interface. If you intend to install a lot of
third party software as well, then you will need more space.You can use a commercial tool such as &partitionmagic;
to resize your partitions to make space for
FreeBSD. The tools directory on the CDROM
contains two free software tools which can carry out this task, namely
FIPS and
PResizer. Documentation for both
of these is available in the same directory.
FIPS,
PResizer, and
&partitionmagic; can resize
FAT16 and FAT32
partitions — used in &ms-dos; through &windows; ME.
&partitionmagic; is the only known
application that can resize NTFS.Incorrect use of these tools can delete the data on your disk.
Be sure that you have recent, working backups before using
them.Using an Existing Partition UnchangedSuppose that you have a computer with a single 4 GB disk that
already has a version of &windows; installed, and you have split the
disk into two drive letters, C: and
D:, each of which is 2 GB in size. You have
1 GB of data on C:, and 0.5 GB of data on
D:.This means that your disk has two partitions on it, one per
drive letter. You can copy all your existing data from
D: to C:, which
will free up the second partition, ready for FreeBSD.Shrinking an Existing PartitionSuppose that you have a computer with a single 4 GB disk that
already has a version of &windows; installed. When you installed
&windows; you created one large partition, giving you a
C: drive that is 4 GB in size. You are
currently using 1.5 GB of space, and want FreeBSD to have 2 GB of
space.In order to install FreeBSD you will need to either:Backup your &windows; data, and then reinstall &windows;,
asking for a 2 GB partition at install time.Use one of the tools such as &partitionmagic;,
described above, to shrink your &windows;
partition.Disk Layouts for the AlphaAlphaYou will need a dedicated disk for FreeBSD on the
Alpha. It is not possible to share a disk with another
operating system at this time. Depending on the specific
Alpha machine you have, this disk can either be a SCSI disk
or an IDE disk, as long as your machine is capable of
booting from it.Following the conventions of the Digital / Compaq
manuals all SRM input is shown in uppercase. SRM is case
insensitive.To find the names and types of disks in your machine, use
the SHOW DEVICE command from the SRM
console prompt:>>>SHOW DEVICE
dka0.0.0.4.0 DKA0 TOSHIBA CD-ROM XM-57 3476
dkc0.0.0.1009.0 DKC0 RZ1BB-BS 0658
dkc100.1.0.1009.0 DKC100 SEAGATE ST34501W 0015
dva0.0.0.0.1 DVA0
ewa0.0.0.3.0 EWA0 00-00-F8-75-6D-01
pkc0.7.0.1009.0 PKC0 SCSI Bus ID 7 5.27
pqa0.0.0.4.0 PQA0 PCI EIDE
pqb0.0.1.4.0 PQB0 PCI EIDEThis example is from a Digital Personal Workstation
433au and shows three disks attached to the machine. The
first is a CDROM drive called DKA0 and
the other two are disks and are called
DKC0 and
DKC100 respectively.Disks with names of the form DKx
are SCSI disks. For example DKA100
refers to a SCSI disk with SCSI target ID 1 on the first SCSI bus (A),
whereas DKC300 refers to a SCSI disk
with SCSI ID 3 on the third SCSI bus (C). Devicename
PKx refers to the SCSI host bus adapter. As
seen in the SHOW DEVICE output SCSI
CDROM drives are treated as any other SCSI hard disk drive.IDE disks have names similar to DQx,
while PQx is the associated IDE
controller.Collect Your Network Configuration DetailsIf you intend to connect to a network as part of your FreeBSD
installation (for example, if you will be installing from an FTP
site or an
NFS server), then you need to know your network configuration. You
will be prompted for this information during the installation so that
FreeBSD can connect to the network to complete the install.Connecting to an Ethernet Network or Cable/DSL ModemIf you connect to an Ethernet network, or you have an Internet
connection using an Ethernet adapter via cable or DSL, then you will need the following
information:IP addressIP address of the default gatewayHostnameDNS server IP addressesSubnet MaskIf you do not know this information, then ask your system
administrator or service provider. They may say that this
information is assigned automatically, using
DHCP. If so, make a note of this.Connecting Using a ModemIf you dial up to an ISP using a regular modem then you can
still install FreeBSD over the Internet, it will just take a very
long time.You will need to know:The phone number to dial for your ISPThe COM: port your modem is connected toThe username and password for your ISP accountCheck for FreeBSD ErrataAlthough the FreeBSD project strives to ensure that each release
of FreeBSD is as stable as possible, bugs do occasionally creep into
the process. On very rare occasions those bugs affect the
installation process. As these problems are discovered and fixed, they
are noted in the FreeBSD Errata, which is found on the FreeBSD web site. You
should check the errata before installing to make sure that there are
no late-breaking problems which you should be aware of.Information about all the releases, including the errata for each
release, can be found on the
release
+ url="&url.base;/releases/index.html">release
information section of the
FreeBSD web site.
+ url="&url.base;/index.html">FreeBSD web site.
Obtain the FreeBSD Installation FilesThe FreeBSD installation process can install FreeBSD from files
located in the any of the following places:Local MediaA CDROM or DVDA DOS partition on the same computerA SCSI or QIC tapeFloppy disksNetworkAn FTP site, going through a firewall, or using an HTTP proxy,
as necessaryAn NFS serverA dedicated parallel or serial connectionIf you have purchased FreeBSD on CD or DVD then you already have
everything you need, and should proceed to the next section
().If you have not obtained the FreeBSD installation files you should
skip ahead to which explains how
to prepare to install FreeBSD from any of the above. After reading
that section, you should come back here, and read on to
.Prepare the Boot MediaThe FreeBSD installation process is started by booting your
computer into the FreeBSD installer—it is not a program you run
within another operating system. Your computer normally boots using
the operating system installed on your hard disk, but it can also be
configured to use a bootable floppy disk.
Most modern computers can also
boot from a CDROM in the CDROM drive.If you have FreeBSD on CDROM or DVD (either one you purchased
or you prepared yourself), and your computer allows you to boot from
the CDROM or DVD (typically a BIOS option called Boot
Order or similar), then you can skip this section. The
FreeBSD CDROM and DVD images are bootable and can be used to install
FreeBSD without any other special preparation.To create boot floppy images, follow these steps:Acquire the Boot Floppy ImagesThe boot disks are available on your installation media
in the floppies/ directory, and
can also be downloaded from the floppies directory, ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/<arch>/<version>-RELEASE/floppies/.
Replace <arch> and
<version>
with the architecture and the version number
which you want to install, respectively.
For example, the boot floppy images for
&os; &rel.current;-RELEASE for &i386; are available
from .The floppy images have a .flp extension.
The floppies/ directory contains a number of
different images, and the ones you will need to use depends on the
version of FreeBSD you are installing, and in some cases, the
hardware you are installing to. In most cases you will just need
two files, kern.flp and
mfsroot.flp. Additional device drivers may
be necessary for some systems. These drivers are provided
on the drivers.flp image. Check
README.TXT in the same directory for the
most up to date information about these floppy images.Your FTP program must use binary mode
to download these disk images. Some web browsers have been
known to use text (or
ASCII) mode, which will be apparent if you
cannot boot from the disks.Prepare the Floppy DisksYou must prepare one floppy disk per image file you had to
download. It is imperative that these disks are free from
defects. The easiest way to test this is to format the disks
for yourself. Do not trust pre-formatted floppies. The format
utility in &windows; will not tell about the presence of
bad blocks, it simply marks them as bad
and ignores them. It is advised that you use brand new
floppies if choosing this installation route.If you try to install FreeBSD and the installation
program crashes, freezes, or otherwise misbehaves, one of
the first things to suspect is the floppies. Try writing
the floppy image files to new disks and try
again.Write the Image Files to the Floppy DisksThe .flp files are
not regular files you copy to the disk.
They are images of the complete contents of the
disk. This means that you cannot simply
copy files from one disk to another.
Instead, you must use specific tools to write the
images directly to the disk.DOSIf you are creating the floppies on a computer running
&ms-dos;/&windows;, then we provide a tool to do
this called fdimage.If you are using the floppies from the CDROM, and your
CDROM is the E: drive, then you would
run this:E:\>tools\fdimage floppies\kern.flp A:Repeat this command for each .flp
file, replacing the floppy disk each time, being sure to label
the disks with the name of the file that you copied to them.
Adjust the command line as necessary, depending on where you have
placed the .flp files. If you do not have
the CDROM, then fdimage can be downloaded from
the tools
directory on the FreeBSD FTP site.If you are writing the floppies on a &unix; system (such as
another FreeBSD system) you can use the &man.dd.1; command to
write the image files directly to disk. On FreeBSD, you would
run:&prompt.root; dd if=kern.flp of=/dev/fd0On FreeBSD, /dev/fd0 refers to the
first floppy disk (the A: drive).
/dev/fd1 would be the
B: drive, and so on. Other &unix;
variants might have different names for the floppy disk
devices, and you will need to check the documentation for the
system as necessary.You are now ready to start installing FreeBSD.Starting the InstallationBy default, the installation will not make any changes to your
disk(s) until you see the following message:Last Chance: Are you SURE you want continue the installation?
If you're running this on a disk with data you wish to save then WE
STRONGLY ENCOURAGE YOU TO MAKE PROPER BACKUPS before proceeding!
We can take no responsibility for lost disk contents!The install can be exited at any time prior to the final
warning without changing the contents of the hard drive. If you are
concerned that you have configured something incorrectly you can just
turn the computer off before this point, and no damage will be
done.BootingBooting for the &i386;Start with your computer turned off.Turn on the computer. As it starts it should display an
option to enter the system set up menu, or BIOS, commonly reached
by keys like F2, F10,
Del, or
AltS. Use whichever keystroke is indicated on screen. In
some cases your computer may display a graphic while it starts.
Typically, pressing Esc will dismiss the graphic
and allow you to see the necessary messages.Find the setting that controls which devices the system boots
from. This is usually labeled as the Boot Order
and commonly shown as a list of devices, such as
Floppy, CDROM,
First Hard Disk, and so on.If you needed to prepare boot floppies, then make sure that the
floppy disk is selected. If you are booting from the CDROM then
make sure that that is selected instead. In case of doubt, you
should consult the manual that came with your computer, and/or its
motherboard.Make the change, then save and exit. The computer should now
restart.If you needed to prepare boot floppies, as described in
, then one of them will be the
first boot disc, probably the one containing
kern.flp. Put this disc in your floppy
drive.If you are booting from CDROM, then you will need to turn on
the computer, and insert the CDROM at the first
opportunity.If your computer starts up as normal and loads your existing
operating system, then either:The disks were not inserted early enough in the boot
process. Leave them in, and try restarting your
computer.The BIOS changes earlier did not work correctly. You
should redo that step until you get the right option.Your particular BIOS does not support booting from
the desired media.FreeBSD will start to boot. If you are booting from CDROM you
will see a display similar to this (version information omitted):Verifying DMI Pool Data ........
Boot from ATAPI CD-ROM :
1. FD 2.88MB System Type-(00)
Uncompressing ... done
BTX loader 1.00 BTX version is 1.01
Console: internal video/keyboard
BIOS drive A: is disk0
BIOS drive B: is disk1
BIOS drive C: is disk2
BIOS drive D: is disk3
BIOS 639kB/261120kB available memory
FreeBSD/i386 bootstrap loader, Revision 0.8
/kernel text=0x277391 data=0x3268c+0x332a8 |
|
Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 9 seconds... _If you are booting from floppy disc, you will see a display
similar to this (version information omitted):Verifying DMI Pool Data ........
BTX loader 1.00 BTX version is 1.01
Console: internal video/keyboard
BIOS drive A: is disk0
BIOS drive C: is disk1
BIOS 639kB/261120kB available memory
FreeBSD/i386 bootstrap loader, Revision 0.8
/kernel text=0x277391 data=0x3268c+0x332a8 |
Please insert MFS root floppy and press enter:Follow these instructions by removing the
kern.flp disc, insert the
mfsroot.flp disc, and press
Enter.Whether you booted from floppy or CDROM, the
boot process will then get to this point:Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 9 seconds... _Either wait ten seconds, or press Enter. This
will then launch the kernel configuration menu.Booting for the AlphaAlphaStart with your computer turned off.Turn on the computer and wait for a boot monitor
prompt.If you needed to prepare boot floppies, as described in
then one of them will be the
first boot disc, probably the one containing
kern.flp. Put this disc in your floppy
drive and type the following command to boot the disk
(substituting the name of your floppy drive if
necessary):>>>BOOT DVA0 -FLAGS '' -FILE ''If you are booting from CDROM, insert the CDROM into
the drive and type the following command to start the
installation (substituting the name of the appropriate
CDROM drive if necessary):>>>BOOT DKA0 -FLAGS '' -FILE ''FreeBSD will start to boot. If you are booting from a
floppy disc, at some point you will see the message:Please insert MFS root floppy and press enter:Follow these instructions by removing the
kern.flp disc, insert the
mfsroot.flp disc, and press
Enter.Whether you booted from floppy or CDROM, the
boot process will then get to this point:Hit [Enter] to boot immediately, or any other key for command prompt.
Booting [kernel] in 9 seconds... _Either wait ten seconds, or press Enter. This
will then launch the kernel configuration menu.Kernel ConfigurationFrom FreeBSD versions 5.0 and later, userconfig has been deprecated
in favor of the new &man.device.hints.5; method. For more information
on &man.device.hints.5; please visit The kernel is the core of the operating
system. It is responsible for many things, including access to all
the devices you may have on your system, such as hard disks, network
cards, sound cards, and so on. Each piece of hardware supported by
the FreeBSD kernel has a driver associated with it. Each driver has a
two or three letter name, such as sa for the
SCSI sequential access driver, or sio for the
Serial I/O driver (which manages COM ports).When the kernel starts, each driver checks the system to see
whether or not the hardware it supports exists on your system. If it
does, then the driver configures the hardware and makes it available
to the rest of the kernel.This checking is commonly referred to as device
probing. Unfortunately, it is not always possible to do
this in a safe way. Some hardware drivers do not co-exist well,
and probing for one piece of hardware can sometimes leave
another in an inconsistent state. This is a basic
limitation of the PC design.Many older devices are called ISA devices—as opposed
to PCI devices. The ISA specification requires each device to have
some information hard coded into it, typically the Interrupt Request
Line number (IRQ) and IO port address that the driver uses. This
information is commonly set by using physical
jumpers on the card, or by using a DOS based
utility.This was often a source of problems, because it was not possible
to have two devices that shared the same IRQ or port address.Newer devices follow the PCI specification, which does not require
this, as the devices are supposed to cooperate with the BIOS, and are
told which IRQ and IO port addresses to use.If you have any ISA devices in your computer then FreeBSD's
driver for that device will need to be configured with the IRQ and
port address that you have set the card to. This is why carrying out
an inventory of your hardware (see ) can be useful.Unfortunately, the default IRQs and memory ports used by some
drivers clash. This is because some ISA devices are shipped with IRQs
or memory ports that clash. The defaults in FreeBSD's drivers are
deliberately set to mirror the manufacturer's defaults, so that, out
of the box, as many devices as possible will work.This is almost never an issue when running FreeBSD day-to-day.
Your computer will not normally contain two pieces of hardware that
clash, because one of them would not work (irrespective of the
operating system you are using).It becomes an issue when you are installing FreeBSD for the first
time because the kernel used to carry out the install has to contain
as many drivers as possible, so that many different hardware
configurations can be supported. This means that some of
those drivers will have conflicting configurations. The devices are
probed in a strict order, and if you own a device that is probed late
in the process, but conflicted with an earlier probe, then your
hardware might not function or be probed correctly when you install
FreeBSD.Because of this, the first thing you have the opportunity to do
when installing FreeBSD is look at the list of drivers that are
configured into the kernel, and either disable some of them, if you
do not own that device, or confirm (and alter) the driver's
configuration if you do own the device but the defaults are
wrong.This probably sounds much more complicated than it actually
is. shows the first kernel
configuration menu. We recommend that you choose the
Start kernel configuration in full-screen visual
mode option, as it presents the easiest interface for
the new user.The kernel configuration screen ()
is then divided into four sections:A collapsible list of all the drivers that are currently
marked as active, subdivided into groups such as
Storage, and Network. Each
driver is shown as a description, its two or three letter driver
name, and the IRQ and memory port used by that driver. In
addition, if an active driver conflicts with another active driver
then CONF is shown next to the driver name.
This section also shows the total number of conflicting drivers
that are currently active.Drivers that have been marked inactive. They remain in the
kernel, but they will not probe for their device when the kernel
starts. These are subdivided into groups in the same way as the
active driver list.More detail about the currently selected driver, including its
IRQ and memory port address.Information about the keystrokes that are valid at this point
in time.Do not worry if any conflicts are listed,
it is to be expected; all the drivers are enabled, and
as has already been explained, some of them will conflict with one
another.You now have to work through the list of drivers, resolving the
conflicts.Resolving Driver ConflictsPress X. This will completely expand the
list of drivers, so you can see all of them. You will need to use
the arrow keys to scroll back and forth through the active driver
list. shows the result of
pressing X. Disable all the drivers for devices that you do not have. To
disable a driver, highlight it with the arrow keys and press
Del. The driver will be moved to the
Inactive Drivers list.If you inadvertently disable a device that you need then press
Tab to switch to the Inactive
Drivers list, select the driver that you disabled, and
press Enter to move it back to the active
list.Do not disable sc0. This controls
the screen, and you will need this unless you are installing
over a serial cable.Only disable atkbd0 if you are
using a USB keyboard. If you have a normal keyboard then you
must keep atkbd0.If there are no conflicts listed then you can skip this step.
Otherwise, the remaining conflicts need to be examined. If they
do not have the indication of an allowed conflict
in the message area, then either the IRQ/address for device probe
will need to be changed, or the IRQ/address
on the hardware will need to be changed.To change the driver's configuration for IRQ and IO port
address, select the device and press Enter. The
cursor will move to the third section of the screen, and you can
change the values. You should enter the values for IRQ and port
address that you discovered when you made your hardware inventory.
Press Q to finish editing the device's
configuration and return to the active driver list.If you are not sure what these figures should be then you can
try using -1. Some FreeBSD drivers can safely
probe the hardware to discover what the correct value should be,
and a value of -1 configures them to do
this.The procedure for changing the address on the hardware varies
from device to device. For some devices you may need to
physically remove the card from your computer and adjust jumper
settings or DIP switches. Other cards may have come with a DOS
floppy that contains the programs used to reconfigure the card.
In any case, you should refer to the documentation that came with
the device. This will obviously entail restarting your computer,
so you will need to boot back into the FreeBSD installation
routine when you have reconfigured the card.When all the conflicts have been resolved the screen will look
similar to .As you can see, the active driver list is now much smaller,
with only drivers for the hardware that actually exists being
listed.You can now save these changes, and move on to the next step
of the install. Press Q to quit the device
configuration interface. This message will appear:Save these parameters before exiting? ([Y]es/[N]o/[C]ancel)Answer Y to save the parameters to memory
(it will be saved to disk if you finish the install) and the
probing will start. After displaying the probe results in white
on black text sysinstall will start
and display its main menu
().Reviewing the Device Probe ResultsThe last few hundred lines that have been displayed on screen are
stored and can be reviewed.To review the buffer, press Scroll Lock. This
turns on scrolling in the display. You can then use the arrow keys, or
PageUp and PageDown to view the
results. Press Scroll Lock again to stop
scrolling.Do this now, to review the text that scrolled off the screen when
the kernel was carrying out the device probes. You will see text
similar to , although the precise
text will differ depending on the devices that you have in your
computer.Check the probe results carefully to make sure that FreeBSD found
all the devices you expected. If a device was not found, then it will
not be listed. If the device's driver required configuring
with the IRQ and port address then you should check that you entered
them correctly.If you need to make changes to the UserConfig device probing,
it is easy to exit the sysinstall program
and start over again. It is also a good way to become more familiar
with the process.Use the arrow keys to select
Exit Install from the Main
Install Screen menu. The following message will display: User Confirmation Requested
Are you sure you wish to exit? The system will reboot
(be sure to remove any floppies from the drives).
[ Yes ] NoThe install program will start again if the CDROM is left
in the drive and [Yes] is selected.If you are booting from floppies it will be necessary to remove
the mfsroot.flp floppy and replace it with
kern.flp before rebooting.Introducing SysinstallThe sysinstall utility is the installation
application provided by the FreeBSD Project. It is console based and is
divided into a number of menus and screens that you can use to
configure and control the installation process.The sysinstall menu system is controlled
by the arrow keys, Enter, Space, and
other keys. A detailed description of these keys and what they do is
contained in sysinstall's usage
information.To review this information, ensure that the
Usage entry is highlighted and that the
[Select] button is selected, as shown in , then press Enter.The instructions for using the menu system will be displayed. After
reviewing them, press Enter to return to the Main
Menu.Selecting the Documentation MenuFrom the Main Menu, select Doc with
the arrow keys and
press Enter.This will display the Documentation Menu.It is important to read the documents provided.To view a document, select it with the arrow keys and
press Enter. When finished reading a document,
pressing Enter will return to the Documentation
Menu.To return to the Main Installation Menu, select
Exit with the
arrow keys and press Enter.Selecting the Keymap MenuTo change the keyboard mapping, use the arrow keys to select
Keymap from the menu and press
Enter. This is only required if you are
using a non-standard or non-US keyboard.A different keyboard mapping may be chosen by selecting the
menu item using up/down arrow keys and pressing Space.
Pressing Space again will unselect the item.
When finished, choose the &gui.ok; using the arrow keys and press
Enter.Only a partial list is shown in this screen representation.
Selecting &gui.cancel; by pressing Tab will use the default
keymap and return to the Main Install Menu.Installation Options ScreenSelect Options and press
Enter.The default values are usually fine for most users and do
not need to be changed. The release name will vary according
to the version being installed.The description of the selected item will appear at the
bottom of the screen highlighted in blue. Notice that one of the
options is Use Defaults to reset all
values to startup defaults.Press F1 to read the help screen about the
various options.Pressing Q will return to the Main Install
menu.Begin a Standard InstallationThe Standard installation is the
option recommended for those new to &unix; or FreeBSD. Use the arrow
keys to select Standard and
then press Enter to start the installation.Allocating Disk SpaceYour first task is to allocate disk space for FreeBSD, and label
that space so that sysinstall can prepare
it. In order to do this you need to know how FreeBSD expects to find
information on the disk.BIOS Drive NumberingBefore you install and configure FreeBSD on your system, there is an
important subject that you should be aware of, especially if you have
multiple hard drives.DOSMicrosoft WindowsIn a PC running a BIOS-dependent operating system such as
&ms-dos; or µsoft.windows;, the BIOS is able to abstract the
normal disk drive order, and
the operating system goes along with the change. This allows the user
to boot from a disk drive other than the so-called primary
master. This is especially convenient for some users who have
found that the simplest and cheapest way to keep a system backup is to
buy an identical second hard drive, and perform routine copies of the
first drive to the second drive using
Ghost or XCOPY
. Then, if the
first drive fails, or is attacked by a virus, or is scribbled upon by an
operating system defect, he can easily recover by instructing the BIOS
to logically swap the drives. It is like switching the cables on the
drives, but without having to open the case.SCSIBIOSMore expensive systems with SCSI controllers often include BIOS
extensions which allow the SCSI drives to be re-ordered in a similar
fashion for up to seven drives.A user who is accustomed to taking advantage of these features may
become surprised when the results with FreeBSD are not as expected.
FreeBSD does not use the BIOS, and does not know the logical BIOS
drive mapping. This can lead to very perplexing situations,
especially when drives are physically identical in geometry, and have
also been made as data clones of one another.When using FreeBSD, always restore the BIOS to natural drive
numbering before installing FreeBSD, and then leave it that way. If you
need to switch drives around, then do so, but do it the hard way, and
open the case and move the jumpers and cables.An Illustration from the Files of Bill and Fred's Exceptional
Adventures:Bill breaks-down an older Wintel box to make another FreeBSD box
for Fred. Bill installs a single SCSI drive as SCSI unit zero and
installs FreeBSD on it.Fred begins using the system, but after several days notices that
the older SCSI drive is reporting numerous soft errors and reports
this fact to Bill.After several more days, Bill decides it is time to address the
situation, so he grabs an identical SCSI drive from the disk drive
archive in the back room. An initial surface scan
indicates that
this drive is functioning well, so Bill installs this drive as SCSI
unit four and makes an image copy from drive zero to drive four. Now
that the new drive is installed and functioning nicely, Bill decides
that it is a good idea to start using it, so he uses features in the
SCSI BIOS to re-order the disk drives so that the system boots from
SCSI unit four. FreeBSD boots and runs just fine.Fred continues his work for several days, and soon Bill and Fred
decide that it is time for a new adventure -- time to upgrade to a
newer version of FreeBSD. Bill removes SCSI unit zero because it was
a bit flaky and replaces it with another identical disk drive from
the archive. Bill then installs the new version of
FreeBSD onto the new SCSI unit zero using Fred's magic Internet FTP
floppies. The installation goes well.Fred uses the new version of FreeBSD for a few days, and certifies
that it is good enough for use in the engineering department. It is
time to copy all of his work from the old version. So Fred mounts
SCSI unit four (the latest copy of the older FreeBSD version). Fred
is dismayed to find that none of his precious work is present on SCSI
unit four.Where did the data go?When Bill made an image copy of the original SCSI unit zero onto
SCSI unit four, unit four became the new clone.
When Bill re-ordered the SCSI BIOS so that he could boot from
SCSI unit four, he was only fooling himself.
FreeBSD was still running on SCSI unit zero.
Making this kind of BIOS change will cause some or all of the Boot and
Loader code to be fetched from the selected BIOS drive, but when the
FreeBSD kernel drivers take-over, the BIOS drive numbering will be
ignored, and FreeBSD will transition back to normal drive numbering.
In the illustration at hand, the system continued to operate on the
original SCSI unit zero, and all of Fred's data was there, not on SCSI
unit four. The fact that the system appeared to be running on SCSI
unit four was simply an artifact of human expectations.We are delighted to mention that no data bytes were killed or
harmed in any way by our discovery of this phenomenon. The older SCSI
unit zero was retrieved from the bone pile, and all of Fred's work was
returned to him, (and now Bill knows that he can count as high as
zero).Although SCSI drives were used in this illustration, the concepts
apply equally to IDE drives.Creating Slices Using FDiskNo changes you make at this point will be written to the disk.
If you think you have made a mistake and want to start again you can
use the menus to exit sysinstall and try
again or press U to use the Undo option.
If you get confused and can not see how to exit you can
always turn your computer off.After choosing to begin a standard installation in
sysinstall you will be shown this
message: Message
In the next menu, you will need to set up a DOS-style ("fdisk")
partitioning scheme for your hard disk. If you simply wish to devote
all disk space to FreeBSD (overwriting anything else that might be on
the disk(s) selected) then use the (A)ll command to select the default
partitioning scheme followed by a (Q)uit. If you wish to allocate only
free space to FreeBSD, move to a partition marked "unused" and use the
(C)reate command.
[ OK ]
[ Press enter or space ]Press Enter as instructed. You will then be
shown a list of all the hard drives that the kernel found when it
carried out the device probes.
shows an example from a
system with two IDE disks. They have been called
ad0 and ad2.You might be wondering why ad1 is not
listed here. Why has it been missed?Consider what would happen if you had two IDE hard disks, one
as the master on the first IDE controller, and one as the master on
the second IDE controller. If FreeBSD numbered these as it found
them, as ad0 and
ad1 then everything would work.But if you then added a third disk, as the slave device on the
first IDE controller, it would now be ad1,
and the previous ad1 would become
ad2. Because device names (such as
ad1s1a) are used to find filesystems, you
may suddenly discover that some of your filesystems no longer
appear correctly, and you would need to change your FreeBSD
configuration.To work around this, the kernel can be configured to name IDE
disks based on where they are, and not the order in which they were
found. With this scheme the master disk on the second IDE
controller will always be
ad2, even if there are no
ad0 or ad1
devices.This configuration is the default for the FreeBSD kernel, which
is why this display shows ad0 and
ad2. The machine on which this screenshot
was taken had IDE disks on both master channels of the IDE
controllers, and no disks on the slave channels.You should select the disk on which you want to install FreeBSD,
and then press &gui.ok;.
FDisk will start, with a display similar to
that shown in .The FDisk display is broken into three
sections.The first section, covering the first two lines of the display,
shows details about the currently selected disk, including its FreeBSD
name, the disk geometry, and the total size of the disk.The second section shows the slices that are currently on the
disk, where they start and end, how large they are, the name FreeBSD
gives them, and their description and sub-type. This example shows two
small unused slices, which are artifacts of disk layout schemes on the
PC. It also shows one large FAT slice, which almost certainly appears
as C: in &ms-dos; / &windows;, and an extended
slice, which may contain other drive letters for &ms-dos; / &windows;.The third section shows the commands that are available in
FDisk.What you do now will depend on how you want to slice up your
disk.If you want to use FreeBSD for the entire disk (which will delete
all the other data on this disk when you confirm that you want
sysinstall to continue later in the
installation process) then you can press A, which
corresponds to the Use Entire Disk option.
The existing slices will be removed, and replaced with a small area
flagged as unused (again, an artifact of PC disk
layout), and then one large slice for FreeBSD. If you do this, then
you should select the newly created FreeBSD slice using the arrow
keys, and press S to mark the slice as being
bootable. The screen will then look very similar to
. Note the
A in the Flags column, which
indicates that this slice is active, and will be
booted from.If you will be deleting an existing slice to make space for
FreeBSD then you should select the slice using the arrow keys, and
then press D. You can then press C,
and be prompted for size of slice you want to create. Enter the
appropriate figure and press Enter. The default
value in this box represents the largest possible slice you can
make, which could be the largest contiguous block of unallocated
space or the size of the entire hard disk.If you have already made space for FreeBSD (perhaps by using a
tool such as &partitionmagic;) then you can
press C to create a new slice. Again, you will be
prompted for the size of slice you would like to create.When finished, press Q. Your changes will be
saved in sysinstall, but will not yet be
written to disk.Install a Boot ManagerYou now have the option to install a boot manager. In general,
you should choose to install the FreeBSD boot manager if:You have more than one drive, and have installed FreeBSD onto
a drive other than the first one.You have installed FreeBSD alongside another operating system
on the same disk, and you want to choose whether to start FreeBSD
or the other operating system when you start the computer.If FreeBSD is going to be the only operating system on
this machine, installed on the first hard disk, then the
Standard boot manager will suffice.
Choose None if you are using a
third-party boot manager capable of booting FreeBSD.Make your choice and press Enter.The help screen, reached by pressing F1,
discusses the problems that can be encountered when trying to share
the hard disk between operating systems.Creating Slices on Another DriveIf there is more than one drive, it will return to the
Select Drives screen after the boot manager selection. If you wish to
install FreeBSD on to more than one disk, then you can select another
disk here and repeat the slice process using
FDisk.If you are installing FreeBSD on a drive other than your
first, then the FreeBSD boot manager needs to be installed on
both drives.The Tab key toggles between the last drive
selected, &gui.ok;, and
&gui.cancel;.Press the Tab once to toggle to the
&gui.ok;, then
press Enter
to continue with the installation.Creating Partitions Using
DisklabelYou must now create some partitions inside each slice that you
have just created. Remember that each partition is lettered, from
a through to h, and that
partitions b, c, and
d have conventional meanings that you should adhere
to.Certain applications can benefit from particular partition
schemes, especially if you are laying out partitions across more than
one disk. However, for this, your first FreeBSD installation, you do
not need to give too much thought to how you partition the disk. It
is more important that you install FreeBSD and start learning how to
use it. You can always re-install FreeBSD to change your partition
scheme when you are more familiar with the operating system.This scheme features four partitions—one for swap space, and
three for filesystems.
Partition Layout for First DiskPartitionFilesystemSizeDescriptiona/100 MBThis is the root filesystem. Every other filesystem
will be mounted somewhere under this one. 100 MB is a
reasonable size for this filesystem. You will not be storing
too much data on it, as a regular FreeBSD install will put
about 40 MB of data here. The remaining space is for temporary
data, and also leaves expansion space if future versions of
FreeBSD need more space in /.bN/A2-3 x RAMThe system's swap space is kept on this partition.
Choosing the right amount of swap space can be a bit of an
art. A good rule of thumb is that your swap
space should be two or three times as much as the
available physical memory (RAM).
You should also have at least 64 MB of swap, so if you have
less than 32 MB of RAM in your computer then set the swap
amount to 64 MB.
If you have more than one disk then you can put swap
space on each disk. FreeBSD will then use each disk for
swap, which effectively speeds up the act of swapping. In
this case, calculate the total amount of swap you need
(e.g., 128 MB), and then divide this by the number of disks
you have (e.g., two disks) to give the amount of swap you
should put on each disk, in this example, 64 MB of swap per
disk.e/var50 MBThe /var directory contains
files that are constantly varying;
log files, and other administrative files. Many
of these files are read-from or written-to extensively during
FreeBSD's day-to-day running. Putting these files on another
filesystem allows FreeBSD to optimize the access of these
files without affecting other files in other directories that
do not have the same access pattern.f/usrRest of diskAll your other files will typically be stored in
/usr and its subdirectories.
If you will be installing FreeBSD on to more than one disk then
you must also create partitions in the other slices that you
configured. The easiest way to do this is to create two partitions on
each disk, one for the swap space, and one for a filesystem.
Partition Layout for Subsequent DisksPartitionFilesystemSizeDescriptionbN/ASee descriptionAs already discussed, you can split swap space across
each disk. Even though the a partition is
free, convention dictates that swap space stays on the
b partition.e/disknRest of diskThe rest of the disk is taken up with one big partition.
This could easily be put on the a
partition, instead of the e partition.
However, convention says that the a
partition on a slice is reserved for the filesystem that will
be the root (/) filesystem. You do not
have to follow this convention, but
sysinstall does, so following it
yourself makes the installation slightly cleaner. You can
choose to mount this filesystem anywhere; this example
suggests that you mount them as directories
/diskn, where
n is a number that changes for each
disk. But you can use another scheme if you prefer.
Having chosen your partition layout you can now create it using
sysinstall. You will see this
message: Message
Now, you need to create BSD partitions inside of the fdisk
partition(s) just created. If you have a reasonable amount of disk
space (200MB or more) and don't have any special requirements, simply
use the (A)uto command to allocate space automatically. If you have
more specific needs or just don't care for the layout chosen by
(A)uto, press F1 for more information on manual layout.
[ OK ]
[ Press enter or space ]Press Enter to start the FreeBSD partition
editor, called Disklabel. shows the display when you first
start Disklabel. The display is divided in
to three sections.The first few lines show the name of the disk you are currently
working on, and the slice that contains the partitions you are
creating (at this point Disklabel calls
this the Partition name rather than slice name).
This display also shows the amount of free space within the slice;
that is, space that was set aside in the slice, but that has not yet
been assigned to a partition.The middle of the display shows the partitions that have been
created, the name of the filesystem that each partition contains,
their size, and some options pertaining to the creation of the
filesystem.The bottom third of the screen shows the keystrokes that are valid
in Disklabel.Disklabel can automatically create
partitions for you and assign them default sizes. Try this now, by
Pressing A. You will see a display similar to that
shown in . Depending on the size of
the disk you are using, the defaults may or may not be appropriate.
This does not matter, as you do not have to accept the
defaults.Beginning with FreeBSD 4.5, the default partitioning assigns
the /tmp directory its own partition instead
of being part of the / partition. This
helps avoid filling the / partition with
temporary files.If you choose to not use the default partitions and wish to
replace them with your
own, use the arrow keys to select the first partition, and press
D to delete it. Repeat this to delete all the
suggested partitions.To create the first partition (a, mounted as
/ — root), make sure the proper disk slice at the top of
the screen is selected and press C. A dialog box
will appear prompting you for the size of the new partition (as shown
in ). You can enter the size as
the number of disk blocks you want to use, or as a
number followed by either M for megabytes,
G for gigabytes, or C for
cylinders.Beginning with FreeBSD 5.X, users can: select
UFS2 using the Custom Newfs
(Z) option, create labels with
Auto Defaults and modify them with the Custom Newfs option or
add during the regular creation period.
Do not forget to add for SoftUpdates if you use the Custom Newfs
option!The default size shown will create a partition that takes up the
rest of the slice. If you are using the partition sizes described
in the earlier example, then delete the existing figure using
Backspace, and then type in
64M, as shown in
. Then press
&gui.ok;.Having chosen the partition's size you will then be asked whether
this partition will contain a filesystem or swap space. The dialog
box is shown in . This first
partition will contain a filesystem, so check that
FS is selected and press
Enter.Finally, because you are creating a filesystem, you must tell
Disklabel where the filesystem is to be
mounted. The dialog box is shown in
. The root filesystem's mount
point is /, so type /, and
then press Enter.The display will then update to show you the newly created
partition. You should repeat this procedure for the other
partitions. When you create the swap partition, you will not be
prompted for the filesystem mount point, as swap partitions are never
mounted. When you create the final partition,
/usr, you can leave the suggested size as is, to
use the rest of the slice.Your final FreeBSD DiskLabel Editor screen will appear similar to
, although your values chosen may
be different. Press Q to finish.Choosing What to InstallSelect the Distribution SetDeciding which distribution set to install will depend largely
on the intended use of the system and the amount of disk space
available. The predefined options range from installing the
smallest possible configuration to everything. Those who are
new to &unix; and/or FreeBSD should almost certainly select one
of these canned options. Customizing a distribution set is
typically for the more experienced user.Press F1 for more information on the
distribution set options and what they contain. When finished
reviewing the help, pressing Enter will return
to the Select Distributions Menu.If a graphical user interface is desired then a distribution
set that is preceded by an X should be
chosen. The configuration of &xfree86; and selection of a default
desktop is part of the post-installation steps.The default version of &xfree86; that is installed depends on the
version of the FreeBSD that you are installing. For FreeBSD versions
prior to 4.6, &xfree86; 3.X is installed. For FreeBSD 4.6 and later,
&xfree86; 4.X is the default.You should check to see whether your video card is supported at the
&xfree86; web site. If
your video card
is not supported under the default version that FreeBSD will install,
you should select a distribution without X for installation. After
installation, install and configure the appropriate version of
&xfree86; using the ports collection.If compiling a custom kernel is anticipated, select an option
which includes the source code. For more information on why a
custom kernel should be built or how to build a custom kernel, see
.Obviously, the most versatile system is one that includes
everything. If there is adequate disk space, select
All as shown in
by using the arrow keys and
press Enter. If there is a concern about disk
space consider using an option that is more suitable for the
situation.
Do not fret over the perfect choice, as other distributions can be
added after installation.Installing the Ports CollectionAfter selecting the desired distribution, an opportunity to
install the FreeBSD Ports Collection is presented. The ports
collection is an easy and convenient way to install software.
The ports collection does not contain the source code necessary
to compile the software. Instead, it is a collection of files which
automates the downloading, compiling and installation
of third-party software packages.
discusses how to use the ports
collection.The installation program does not check to see if you have
adequate space. Select this option only if you have
adequate hard disk space. As of FreeBSD &rel.current;, the FreeBSD
Ports Collection takes up about &ports.size; of disk space.
You can safely assume a larger value for more recent versions
of FreeBSD. User Confirmation Requested
Would you like to install the FreeBSD ports collection?
This will give you ready access to over &os.numports; ported software packages,
at a cost of around &ports.size; of disk space when "clean" and possibly much
more than that if a lot of the distribution tarballs are loaded
(unless you have the extra CDs from a FreeBSD CD/DVD distribution
available and can mount it on /cdrom, in which case this is far less
of a problem).
The ports collection is a very valuable resource and well worth having
on your /usr partition, so it is advisable to say Yes to this option.
For more information on the ports collection & the latest ports,
visit:
http://www.FreeBSD.org/ports
[ Yes ] NoSelect [ Yes ] with the arrow keys to
install the ports collection or [ No ] to
skip this option. Press Enter to continue.
The Choose Distributions menu will redisplay.If satisfied with the options, select
Exit with the arrow keys, ensure that
&gui.ok; is highlighted, and pressing
Enter to continue.Choosing Your Installation MediaIf Installing from a CDROM or DVD, use the arrow keys to highlight
Install from a FreeBSD CD/DVD. Ensure
that &gui.ok; is highlighted, then press
Enter to proceed with the installation.For other methods of installation, select the appropriate
option and follow the instructions.Press F1 to display the Online Help for
installation media. Press Enter to return
to the media selection menu.FTP Installation ModesinstallationnetworkFTPThere are three FTP installation modes you can choose from:
active FTP, passive FTP, or via a HTTP proxy.FTP Active: Install from an FTP
serverThis option will make all FTP transfers
use Active
mode. This will not work through firewalls, but will
often work with older FTP servers that do not support
passive mode. If your connection hangs with passive
mode (the default), try active!FTP Passive: Install from an FTP server through a
firewallFTPpassive modeThis option instructs sysinstall to use
Passive mode for all FTP operations.
This allows the user to pass through firewalls
that do not allow incoming connections on random TCP ports.
FTP via a HTTP proxy: Install from an FTP server
through a http proxyFTPvia a HTTP proxyThis option instructs sysinstall to use the HTTP
protocol (like a web browser) to connect to a proxy
for all FTP operations. The proxy will translate
the requests and send them to the FTP server.
This allows the user to pass through firewalls
that do not allow FTP at all, but offer a HTTP
proxy.
In this case, you have to specify the proxy in
addition to the FTP server.For a proxy FTP server, you should usually give the name of the
server you really want as a part of the username, after an
@ sign. The proxy server then fakes
the real server. For example, assuming you want to install from
ftp.FreeBSD.org, using the proxy FTP
server foo.example.com, listening on port
1024.In this case, you go to the options menu, set the FTP username
to ftp@ftp.FreeBSD.org, and the password to your
email address. As your installation media, you specify FTP (or
passive FTP, if the proxy supports it), and the URL
ftp://foo.example.com:1234/pub/FreeBSD.Since /pub/FreeBSD from
ftp.FreeBSD.org is proxied under
foo.example.com, you are able to install
from that machine (which will fetch the files
from ftp.FreeBSD.org as your
installation requests them).Committing to the InstallationThe installation can now proceed if desired. This is also
the last chance for aborting the installation to prevent changes
to the hard drive. User Confirmation Requested
Last Chance! Are you SURE you want to continue the installation?
If you're running this on a disk with data you wish to save then WE
STRONGLY ENCOURAGE YOU TO MAKE PROPER BACKUPS before proceeding!
We can take no responsibility for lost disk contents!
[ Yes ] NoSelect [ Yes ] and press
Enter to proceed.The installation time will vary according to the distribution
chosen, installation media, and the speed of the computer.
There will be a series of
messages displayed indicating the status.The installation is complete when the following message is
displayed: Message
Congratulations! You now have FreeBSD installed on your system.
We will now move on to the final configuration questions.
For any option you do not wish to configure, simply select No.
If you wish to re-enter this utility after the system is up, you may
do so by typing: /stand/sysinstall .
[ OK ]
[ Press enter to continue ]Press Enter to proceed with post-installation
configurations.Selecting [ No ] and pressing
Enter will abort
the installation so no changes will be made to your system. The
following message will appear: Message
Installation complete with some errors. You may wish to scroll
through the debugging messages on VTY1 with the scroll-lock feature.
You can also choose "No" at the next prompt and go back into the
installation menus to retry whichever operations have failed.
[ OK ]This message is generated because nothing was installed.
Pressing Enter will return to the
Main Installation Menu to exit the installation.Post-installationConfiguration of various options follows the successful
installation. An option can be configured by re-entering the
configuration options before booting the new FreeBSD
system or after installation using
/stand/sysinstall and selecting
Configure.Network Device ConfigurationIf you previously configured PPP for an FTP install, this screen
will not display and can be configured later as described
above.For detailed information on Local Area Networks and
configuring FreeBSD as a gateway/router refer to the
Advanced Networking
chapter. User Confirmation Requested
Would you like to configure any Ethernet or SLIP/PPP network devices?
[ Yes ] NoTo configure a network device, select
[ Yes ] and press Enter.
Otherwise, select [ No ] to continue.Select the interface to be configured with the arrow keys and press
Enter. User Confirmation Requested
Do you want to try IPv6 configuration of the interface?
Yes [ No ]In this private local area network, the current Internet
type protocol (IPv4) was sufficient and [ No ]
was selected with the arrow keys and Enter
pressed.If you are connected to an existing IPv6 network
with an RA server, then choose
[ Yes ] and press Enter.
It will take several seconds to scan for RA servers. User Confirmation Requested
Do you want to try DHCP configuration of the interface?
Yes [ No ]If DHCP (Dynamic Host Configuration Protocol) is not required
select [ No ] with the arrow keys and press
Enter.Selecting [ Yes ] will execute
dhclient, and if successful, will fill
in the network configuration information automatically. Refer to
for more information.The following Network Configuration screen shows the
configuration of the Ethernet device for a system that will act
as the gateway for a Local Area Network.Use Tab to select the information fields and
fill in appropriate information:HostThe fully-qualified hostname, such as k6-2.example.com in
this case.DomainThe name of the domain that your machine is
in, such as example.com for this case.IPv4 GatewayIP address of host forwarding packets to non-local
destinations. You must fill this in if the machine is a node
on the network. Leave this field blank
if the machine is the gateway to the Internet for the
network. The IPv4 Gateway is also known as the default
gateway or default route.Name serverIP address of your local DNS server. There is no local
DNS server on this private local area network so the IP
address of the provider's DNS server
(208.163.10.2) was used.IPv4 addressThe IP address to be used for this interface was
192.168.0.1NetmaskThe address block being used for this local area
network is a Class C block
(192.168.0.0 -
192.168.255.255).
The default netmask is for a Class C network
(255.255.255.0).Extra options to ifconfigAny interface-specific options to ifconfig
you would like to add. There were none in this case.Use Tab to select &gui.ok;
when finished and press Enter. User Confirmation Requested
Would you like to Bring Up the ed0 interface right now?
[ Yes ] NoChoosing [ Yes ] and pressing
Enter will bring
the machine up on the network and be ready for use. However,
this does not accomplish much during installation, since
the machine still needs to be rebooted.Configure Gateway User Confirmation Requested
Do you want this machine to function as a network gateway?
[ Yes ] NoIf the machine will be acting as the gateway for a local area
network and forwarding packets between other machines then select
[ Yes ] and press Enter.
If the machine is a node on a network then
select [ No ] and press
Enter to continue.Configure Internet Services User Confirmation Requested
Do you want to configure inetd and the network services that it provides?
Yes [ No ]If [ No ] is selected, various services
such telnetd will not be enabled. This
means that remote users will not be able to
telnet into this machine. Local users
will be still be able to access remote machines with
telnet.These services can be enabled after installation by editing
/etc/inetd.conf with your favorite text editor.
See for more information.Select [ Yes ] if you wish to
configure these services during install. An additional
confirmation will display: User Confirmation Requested
The Internet Super Server (inetd) allows a number of simple Internet
services to be enabled, including finger, ftp and telnetd. Enabling
these services may increase risk of security problems by increasing
the exposure of your system.
With this in mind, do you wish to enable inetd?
[ Yes ] NoSelect [ Yes ] to continue. User Confirmation Requested
inetd(8) relies on its configuration file, /etc/inetd.conf, to determine
which of its Internet services will be available. The default FreeBSD
inetd.conf(5) leaves all services disabled by default, so they must be
specifically enabled in the configuration file before they will
function, even once inetd(8) is enabled. Note that services for
IPv6 must be separately enabled from IPv4 services.
Select [Yes] now to invoke an editor on /etc/inetd.conf, or [No] to
use the current settings.
[ Yes ] NoSelecting [ Yes ] will allow adding
services by deleting the # at the beginning
of a line.After adding the desired services, pressing Esc
will display a menu which will allow exiting and saving
the changes.Anonymous FTP User Confirmation Requested
Do you want to have anonymous FTP access to this machine?
Yes [ No ]Deny Anonymous FTPSelecting the default [ No ] and pressing
Enter will still allow users who have accounts
with passwords to use FTP to access the machine.Allow Anonymous FTPAnyone can access your machine if you elect to allow
anonymous FTP connections. The security implications should be
considered before enabling this option. For more information
about security see .To allow anonymous FTP, use the arrow keys to select
[ Yes ] and press Enter.
The following screen (or similar) will display:Pressing F1 will display the help:This screen allows you to configure the anonymous FTP user.
The following configuration values are editable:
UID: The user ID you wish to assign to the anonymous FTP user.
All files uploaded will be owned by this ID.
Group: Which group you wish the anonymous FTP user to be in.
Comment: String describing this user in /etc/passwd
FTP Root Directory:
Where files available for anonymous FTP will be kept.
Upload subdirectory:
Where files uploaded by anonymous FTP users will go.The ftp root directory will be put in /var
by default. If you do not have enough room there for the
anticipated FTP needs, the /usr directory
could be used by setting the FTP Root Directory to
/usr/ftp.When you are satisfied with the values, press
Enter to continue. User Confirmation Requested
Create a welcome message file for anonymous FTP users?
[ Yes ] NoIf you select [ Yes ] and press
Enter, an editor will automatically start
allowing you to edit the message.This is a text editor called ee. Use the
instructions to change the message or change the message later
using a text editor of your choice. Note the file name/location
at the bottom of the editor screen.Press Esc and a pop-up menu will default
to a) leave editor. Press
Enter to exit and continue. Press
Enter again to save changes if you made
any.Configure Network File SystemNetwork File System (NFS) allows sharing of files across a
network. A machine can be configured as a server, a client, or
both. Refer to for a more information.NFS Server User Confirmation Requested
Do you want to configure this machine as an NFS server?
Yes [ No ]If there is no need for a Network File System server,
select [ No ] and press
Enter.If [ Yes ] is chosen, a message will
pop-up indicating that the exports file must be
created. Message
Operating as an NFS server means that you must first configure an
/etc/exports file to indicate which hosts are allowed certain kinds of
access to your local filesystems.
Press [Enter] now to invoke an editor on /etc/exports
[ OK ]Press Enter to continue. A text editor will
start allowing the exports file to be created
and edited.Use the instructions to add the actual exported filesystems
now or later using a text editor of your choice. Note the
file name/location at the bottom of the editor screen.Press Esc and a pop-up menu will default to
a) leave editor. Press
Enter to exit and continue.NFS ClientThe NFS client allows your machine to access NFS servers. User Confirmation Requested
Do you want to configure this machine as an NFS client?
Yes [ No ]With the arrow keys, select [ Yes ]
or [ No ] as appropriate and
press Enter.Security ProfileA security profile is a set of
configuration options that attempts to achieve the desired
ratio of security to convenience by enabling and disabling
certain programs and other settings. The more severe the
security profile, the fewer programs will be enabled by
default. This is one of the basic principles of security: do
not run anything except what you must.Please note that the security profile is just a default
setting. All programs can be enabled and disabled after you
have installed FreeBSD by editing or adding the appropriate
line(s) to /etc/rc.conf. For more
information, please see the &man.rc.conf.5; manual
page.The following table describes what each of the security
profiles does. The columns are the choices you have for a
security profile, and the rows are the program or feature that
the profile enables or disables.
Possible Security ProfilesExtremeModerate&man.sendmail.8;NOYES&man.sshd.8;NOYES&man.portmap.8;NOMAYBE
The portmapper is enabled if the machine has
been configured as an NFS client or server earlier
in the installation.NFS serverNOYES&man.securelevel.8;YES
If you choose a security profile that sets the
securelevel to Extreme or
High, you must be aware of the
implications. Please read the &man.init.8;
manual page and pay particular attention to the
meanings of the security levels, or you may have
significant trouble later!NO
User Confirmation Requested
Do you want to select a default security profile for this host (select
No for "medium" security)?
[ Yes ] NoSelecting [ No ] and pressing
Enter will set the security profile to medium.Selecting [ Yes ] and pressing
Enter will allow selecting a different security
profile.Press F1 to display the help. Press
Enter to return to selection menu.Use the arrow keys to choose Medium
unless your are sure that another level is required for your needs.
With &gui.ok; highlighted, press
Enter.An appropriate confirmation message will display depending on
which security setting was chosen. Message
Moderate security settings have been selected.
Sendmail and SSHd have been enabled, securelevels are
disabled, and NFS server setting have been left intact.
PLEASE NOTE that this still does not save you from having
to properly secure your system in other ways or exercise
due diligence in your administration, this simply picks
a standard set of out-of-box defaults to start with.
To change any of these settings later, edit /etc/rc.conf
[OK] Message
Extreme security settings have been selected.
Sendmail, SSHd, and NFS services have been disabled, and
securelevels have been enabled.
PLEASE NOTE that this still does not save you from having
to properly secure your system in other ways or exercise
due diligence in your administration, this simply picks
a more secure set of out-of-box defaults to start with.
To change any of these settings later, edit /etc/rc.conf
[OK]Press Enter to continue with the
post-installation configuration.The security profile is not a silver bullet! Even if
you use the extreme setting, you need to keep up with
security issues by reading an appropriate mailing
list, using good passwords and passphrases, and
generally adhering to good security practices. It simply
sets up the desired security to convenience ratio out of the
box.System Console SettingsThere are several options available to customize the system
console. User Confirmation Requested
Would you like to customize your system console settings?
[ Yes ] NoTo view and configure the options, select
[ Yes ] and press
Enter.A commonly used option is the screen saver. Use the arrow keys
to select Saver and then press
Enter.Select the desired screen saver using the arrow keys
and then press Enter. The System Console
Configuration menu will redisplay.The default time interval is 300 seconds. To change the time
interval, select Saver again. At the
Screen Saver Options menu, select Timeout
using the arrow keys and press Enter. A pop-up
menu will appear:The value can be changed, then select &gui.ok;
and press Enter to return to the System Console
Configuration menu.Selecting Exit and pressing
Enter will continue with the post-installation
configurations.Setting the Time ZoneSetting the time zone for your machine will allow it to
automatically correct for any regional time changes and perform
other time zone related functions properly.The example shown is for a machine located in the Eastern
time zone of the United States. Your selections will vary according
to your geographical location. User Confirmation Requested
Would you like to set this machine's time zone now?
[ Yes ] NoSelect [ Yes ] and press
Enter to set the time zone. User Confirmation Requested
Is this machine's CMOS clock set to UTC? If it is set to local time
or you don't know, please choose NO here!
Yes [ No ]Select [ Yes ]
or [ No ] according to how the machine's
clock is configured and press Enter.The appropriate region is selected using the arrow keys
and then pressing Enter.Select the appropriate country using the arrow keys
and press Enter.The appropriate time zone is selected using the arrow
keys and pressing Enter. Confirmation
Does the abbreviation 'EDT' look reasonable?
[ Yes ] NoConfirm the abbreviation for the time zone is correct.
If it looks okay, press Enter to continue with
the post-installation configuration.Linux Compatibility User Confirmation Requested
Would you like to enable Linux binary compatibility?
[ Yes ] NoSelecting [ Yes ] and pressing
Enter will allow
running Linux software on FreeBSD. The install will add
the appropriate packages for Linux compatibility.If installing by FTP, the machine will need to be connected to
the Internet. Sometimes a remote ftp site will not have all the
distributions like the Linux binary compatibility. This can
be installed later if necessary.Mouse SettingsThis option will allow you to cut and paste text in the
console and user programs with a 3-button mouse. If using a 2-button
mouse, refer to manual page, &man.moused.8;, after installation for
details on emulating the 3-button style. This example depicts a
non-USB mouse configuration (such as a PS/2 or COM port mouse): User Confirmation Requested
Does this system have a non-USB mouse attached to it?
[ Yes ] No Select [ Yes ] for a non-USB mouse or
[ No ] for a USB mouse and press
Enter.Use the arrow keys to select Type and
press Enter.The mouse used in this example is a PS/2 type, so the default
Auto was appropriate. To change protocol,
use the arrow keys to select another option. Ensure that &gui.ok; is
highlighted and press Enter to exit this menu.Use the arrow keys to select Port and
press Enter.This system had a PS/2 mouse, so the default
PS/2 was appropriate. To change the port,
use the arrow keys and then press Enter.Last, use the arrow keys to select
Enable, and press
Enter to enable and test the mouse
daemon.Move the mouse around the screen and verify the cursor
shown responds properly. If it does, select
[ Yes ] and press Enter. If
not, the mouse has not been configured correctly — select
[ No ] and try using different configuration
options.Select Exit with the arrow keys
and press Enter to return to continue with the
post-installation configuration.Configure Additional Network ServicesConfiguring network services can be a daunting
task for new users if they lack previous
knowledge in this area. Networking, including the Internet,
is critical to all modern operating systems including &os;;
as a result, it is very useful to have some understanding
&os;'s extensive networking capabilities. Doing this
during the installation will ensure users have some
understanding of the various services available to them.Network services are programs that accept input from
anywhere on the network. Every effort is made to make sure
these programs will not do anything harmful.
Unfortunately, programmers are not perfect and through time
there have been cases where bugs in network services have been
exploited by attackers to do bad things. It is important that
you only enable the network services you know that you need. If
in doubt it is best if you do not enable a network service until
you find out that you do need it. You can always enable it
later by re-running sysinstall or by
using the features provided by the
/etc/rc.conf file.Selecting the Networking option will display
a menu similar to the one below:The first option, Interfaces, was previously covered during
the , thus this option can
safely be ignored.Selecting the AMD option adds
support for the BSD automatic mount utility.
This is usually used in conjunction with the
NFS protocol (see below)
for automatically mounting remote file systems.
No special configuration is required here.Next in line is the AMD Flags
option. When selected, a menu will pop up for you
to enter specific AMD flags.
The menu already contains a set of default options:-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.mapThe -a option sets the default mount
location which is specified here as
/.amd_mnt. The -l
option specifies the default log file;
however, when syslogd is used all log
activity will be sent to the system log daemon. The
/host directory is used
to mount an exported file system from a remote
host, while /net
directory is used to mount an exported file system from an
IP address. The
/etc/amd.map file defines the default
options for AMD exports.The Anon FTP option permits anonymous
FTP connections. Select this option to
make this machine an anonymous FTP server.
Be aware of the security risks involved with this option.
Another menu will be displayed to explain the security risks
and configuration in depth.The Gateway configuration menu will set
the machine up to be a gateway as explained previously. This
can be used to unset the Gateway option if you accidentally
selected it during the installation process.The Inetd option can be used to configure
or completely disable the &man.inetd.8; daemon as discussed
above.The Mail option is used to configure the system's
default MTA or Mail Transfer Agent.
Selecting this option will bring up the following menu:Here you are offered a choice as to which
MTA to install
and set as the default. An MTA is nothing
more than a mail server which delivers email to users on the
system or the Internet.Selecting Sendmail will install
the popular sendmail server which
is the &os; default. The Sendmail local option
will set sendmail to be the default
MTA, but disable its ability to receive
incoming email from the Internet. The other options here,
Postfix and
Exim act similar to
Sendmail. They both deliver
email; however, some users prefer these alternatives to the
sendmail
MTA.After selecting an MTA, or choosing
not to select an MTA, the network configuration menu will appear
with the next option being NFS client.The NFS client option will
configure the system to communicate with a server via
NFS. An NFS server
makes file systems available to other machines on the
network via the NFS protocol. If this is
a stand alone machine, this option can remain unselected.
The system may require more configuration later; see
for more
information about client and server configuration.Below that option is the NFS server
option, permitting you to set the system up as an
NFS server. This adds the required
information to start up the RPC remote
procedure call services. RPC is used to
coordinate connections between hosts and programs.Next in line is the Ntpdate option,
which deals with time synchronization. When selected, a menu
like the one below shows up:From this menu, select the server which is the closest
to your location. Selecting a close one will make the time
synchronization more accurate as a server further from your
location may have more connection latency.The next option is the PCNFSD selection.
This option will install the
net/pcnfsd package from
the ports collection. This is a useful utility which provides
NFS authentication services for systems which
are unable to provide their own, such as Microsoft's
&ms-dos; operating system.Now you must scroll down a bit to see the other
options:The &man.rpcbind.8;, &man.rpc.statd.8;, and
&man.rpc.lockd.8; utilities are all used for Remote Procedure
Calls (RPC).
The rpcbind utility manages communication
between NFS servers and clients, and is
required for NFS servers to operate
correctly. The rpc.statd daemon interacts
with the rpc.statd daemon on other hosts to
provide status monitoring. The reported status is usually held
in the /var/db/statd.status file. The
next option listed here is the rpc.lockd
option, which, when selected, will provide file locking
services. This is usually used with
rpc.statd to monitor what hosts are
requesting locks and how frequently they request them.
While these last two options are marvelous for debugging, they
are not required for NFS servers and clients
to operate correctly.As you progress down the list the next item here is
Routed, which is the routing daemon. The
&man.routed.8; utility manages network routing tables,
discovers multicast routers, and supplies a copy of the routing
tables to any physically connected host on the network upon
request. This is mainly used for machines which act as a
gateway for the local network (see the &man.icmp.4; and
&man.udp.4; manual pages). When selected, a menu will be
presented requesting the default location of the utility.
The default location is already defined for you and can be
selected with the Enter key. You will then
be presented with yet another menu, this time asking for the
flags you wish to pass on to routed. The
default is -q and it should already appear
on the screen.Next in line is the Rwhod option which,
when selected, will start the &man.rwhod.8; daemon
during system initialization. The rwhod
utility broadcasts system messages across the network
periodically, or collects them when in consumer
mode. More information can be found in the &man.ruptime.1; and
&man.rwho.1; manual pages.The next to the last option in the list is for the
&man.sshd.8; daemon. This is the secure shell server for
OpenSSH and it is highly recommended
over the standard telnet and
FTP servers. The sshd
server is used to create a secure connection from one host to
another by using encrypted connections.Finally there is the TCP Extensions
option. This enables the TCP Extensions
defined in RFC 1323 and
RFC 1644. While on many hosts this can
speed up connections, it can also cause some connections to be
dropped. It is not recommended for servers, but may be
beneficial for stand alone machines.Now that you have configured the network services, you can
scroll up to the very top item which is Exit
and continue on to the next configuration section.Configure X ServerIn order to use a graphical user interface such as
KDE, GNOME,
or others, the X server will need to be configured.In order to run &xfree86; as a
non root user you will need to
have x11/wrapper installed.
This is installed by default beginning with FreeBSD 4.7. For
earlier versions this can be added
from the Package Selection menu.To see whether your video card is supported, check the
&xfree86; web site. User Confirmation Requested
Would you like to configure your X server at this time?
[ Yes ] NoIt is necessary to know your monitor specifications and
video card information. Equipment damage can occur if settings
are incorrect. If you do not have this information, select
[ No ] and perform the configuration
after installation when you have the information using
/stand/sysinstall, selecting
Configure and then
XFree86. Improper configuration
of the X server at this time can leave the machine in a
frozen state. It is often advised to configure the X server
once the installation has completed.
If you have graphics card and monitor information, select
[ Yes ] and press Enter
to proceed with configuring the X server.There are several ways to configure the X server.
Use the arrow keys to select one of the methods and press
Enter. Be sure to read all instructions
carefully.The xf86cfg and
xf86cfg -textmode methods may make the screen
go dark and take a few seconds to start. Be patient.The following will illustrate the use of the
xf86config configuration tool. The
configuration choices you make will depend on the hardware in the
system so your choices will probably be different than those
shown: Message
You have configured and been running the mouse daemon.
Choose "/dev/sysmouse" as the mouse port and "SysMouse" or
"MouseSystems" as the mouse protocol in the X configuration utility.
[ OK ]
[ Press enter to continue ]This indicates that the mouse daemon previously configured has been
detected.
Press Enter to continue.Starting xf86config will display
a brief introduction:This program will create a basic XF86Config file, based on menu selections you
make.
The XF86Config file usually resides in /usr/X11R6/etc/X11 or /etc/X11. A sample
XF86Config file is supplied with XFree86; it is configured for a standard
VGA card and monitor with 640x480 resolution. This program will ask for a
pathname when it is ready to write the file.
You can either take the sample XF86Config as a base and edit it for your
configuration, or let this program produce a base XF86Config file for your
configuration and fine-tune it.
Before continuing with this program, make sure you know what video card
you have, and preferably also the chipset it uses and the amount of video
memory on your video card. SuperProbe may be able to help with this.
Press enter to continue, or ctrl-c to abort.Pressing Enter will start the mouse
configuration. Be sure to follow the instructions and use
Mouse Systems as the mouse protocol and
/dev/sysmouse as the mouse port even if
using a PS/2 mouse is shown as an illustration.First specify a mouse protocol type. Choose one from the following list:
1. Microsoft compatible (2-button protocol)
2. Mouse Systems (3-button protocol) & FreeBSD moused protocol
3. Bus Mouse
4. PS/2 Mouse
5. Logitech Mouse (serial, old type, Logitech protocol)
6. Logitech MouseMan (Microsoft compatible)
7. MM Series
8. MM HitTablet
9. Microsoft IntelliMouse
If you have a two-button mouse, it is most likely of type 1, and if you have
a three-button mouse, it can probably support both protocol 1 and 2. There are
two main varieties of the latter type: mice with a switch to select the
protocol, and mice that default to 1 and require a button to be held at
boot-time to select protocol 2. Some mice can be convinced to do 2 by sending
a special sequence to the serial port (see the ClearDTR/ClearRTS options).
Enter a protocol number: 2
You have selected a Mouse Systems protocol mouse. If your mouse is normally
in Microsoft-compatible mode, enabling the ClearDTR and ClearRTS options
may cause it to switch to Mouse Systems mode when the server starts.
Please answer the following question with either 'y' or 'n'.
Do you want to enable ClearDTR and ClearRTS? n
You have selected a three-button mouse protocol. It is recommended that you
do not enable Emulate3Buttons, unless the third button doesn't work.
Please answer the following question with either 'y' or 'n'.
Do you want to enable Emulate3Buttons? y
Now give the full device name that the mouse is connected to, for example
/dev/tty00. Just pressing enter will use the default, /dev/mouse.
On FreeBSD, the default is /dev/sysmouse.
Mouse device: /dev/sysmouseThe keyboard is the next item to be configured. A generic
101-key model is shown for illustration. Any name may be used
for the variant or simply press Enter to accept
the default value.Please select one of the following keyboard types that is the better
description of your keyboard. If nothing really matches,
choose 1 (Generic 101-key PC)
1 Generic 101-key PC
2 Generic 102-key (Intl) PC
3 Generic 104-key PC
4 Generic 105-key (Intl) PC
5 Dell 101-key PC
6 Everex STEPnote
7 Keytronic FlexPro
8 Microsoft Natural
9 Northgate OmniKey 101
10 Winbook Model XP5
11 Japanese 106-key
12 PC-98xx Series
13 Brazilian ABNT2
14 HP Internet
15 Logitech iTouch
16 Logitech Cordless Desktop Pro
17 Logitech Internet Keyboard
18 Logitech Internet Navigator Keyboard
19 Compaq Internet
20 Microsoft Natural Pro
21 Genius Comfy KB-16M
22 IBM Rapid Access
23 IBM Rapid Access II
24 Chicony Internet Keyboard
25 Dell Internet Keyboard
Enter a number to choose the keyboard.
1
Please select the layout corresponding to your keyboard
1 U.S. English
2 U.S. English w/ ISO9995-3
3 U.S. English w/ deadkeys
4 Albanian
5 Arabic
6 Armenian
7 Azerbaidjani
8 Belarusian
9 Belgian
10 Bengali
11 Brazilian
12 Bulgarian
13 Burmese
14 Canadian
15 Croatian
16 Czech
17 Czech (qwerty)
18 Danish
Enter a number to choose the country.
Press enter for the next page
1
Please enter a variant name for 'us' layout. Or just press enter
for default variant
us
Please answer the following question with either 'y' or 'n'.
Do you want to select additional XKB options (group switcher,
group indicator, etc.)? nNext, we proceed to the configuration for the monitor. Do not
exceed the ratings of your monitor. Damage could occur. If you
have any doubts, do the configuration after you have the
information.Now we want to set the specifications of the monitor. The two critical
parameters are the vertical refresh rate, which is the rate at which the
whole screen is refreshed, and most importantly the horizontal sync rate,
which is the rate at which scanlines are displayed.
The valid range for horizontal sync and vertical sync should be documented
in the manual of your monitor. If in doubt, check the monitor database
/usr/X11R6/lib/X11/doc/Monitors to see if your monitor is there.
Press enter to continue, or ctrl-c to abort.
You must indicate the horizontal sync range of your monitor. You can either
select one of the predefined ranges below that correspond to industry-
standard monitor types, or give a specific range.
It is VERY IMPORTANT that you do not specify a monitor type with a horizontal
sync range that is beyond the capabilities of your monitor. If in doubt,
choose a conservative setting.
hsync in kHz; monitor type with characteristic modes
1 31.5; Standard VGA, 640x480 @ 60 Hz
2 31.5 - 35.1; Super VGA, 800x600 @ 56 Hz
3 31.5, 35.5; 8514 Compatible, 1024x768 @ 87 Hz interlaced (no 800x600)
4 31.5, 35.15, 35.5; Super VGA, 1024x768 @ 87 Hz interlaced, 800x600 @ 56 Hz
5 31.5 - 37.9; Extended Super VGA, 800x600 @ 60 Hz, 640x480 @ 72 Hz
6 31.5 - 48.5; Non-Interlaced SVGA, 1024x768 @ 60 Hz, 800x600 @ 72 Hz
7 31.5 - 57.0; High Frequency SVGA, 1024x768 @ 70 Hz
8 31.5 - 64.3; Monitor that can do 1280x1024 @ 60 Hz
9 31.5 - 79.0; Monitor that can do 1280x1024 @ 74 Hz
10 31.5 - 82.0; Monitor that can do 1280x1024 @ 76 Hz
11 Enter your own horizontal sync range
Enter your choice (1-11): 6
You must indicate the vertical sync range of your monitor. You can either
select one of the predefined ranges below that correspond to industry-
standard monitor types, or give a specific range. For interlaced modes,
the number that counts is the high one (e.g. 87 Hz rather than 43 Hz).
1 50-70
2 50-90
3 50-100
4 40-150
5 Enter your own vertical sync range
Enter your choice: 2
You must now enter a few identification/description strings, namely an
identifier, a vendor name, and a model name. Just pressing enter will fill
in default names.
The strings are free-form, spaces are allowed.
Enter an identifier for your monitor definition: HitachiThe selection of a video card driver from a list is
next. If you pass your card on the list, continue to press
Enter and the list will repeat. Only an
excerpt from the list is shown:Now we must configure video card specific settings. At this point you can
choose to make a selection out of a database of video card definitions.
Because there can be variation in Ramdacs and clock generators even
between cards of the same model, it is not sensible to blindly copy
the settings (e.g. a Device section). For this reason, after you make a
selection, you will still be asked about the components of the card, with
the settings from the chosen database entry presented as a strong hint.
The database entries include information about the chipset, what driver to
run, the Ramdac and ClockChip, and comments that will be included in the
Device section. However, a lot of definitions only hint about what driver
to run (based on the chipset the card uses) and are untested.
If you can't find your card in the database, there's nothing to worry about.
You should only choose a database entry that is exactly the same model as
your card; choosing one that looks similar is just a bad idea (e.g. a
GemStone Snail 64 may be as different from a GemStone Snail 64+ in terms of
hardware as can be).
Do you want to look at the card database? y
288 Matrox Millennium G200 8MB mgag200
289 Matrox Millennium G200 SD 16MB mgag200
290 Matrox Millennium G200 SD 4MB mgag200
291 Matrox Millennium G200 SD 8MB mgag200
292 Matrox Millennium G400 mgag400
293 Matrox Millennium II 16MB mga2164w
294 Matrox Millennium II 4MB mga2164w
295 Matrox Millennium II 8MB mga2164w
296 Matrox Mystique mga1064sg
297 Matrox Mystique G200 16MB mgag200
298 Matrox Mystique G200 4MB mgag200
299 Matrox Mystique G200 8MB mgag200
300 Matrox Productiva G100 4MB mgag100
301 Matrox Productiva G100 8MB mgag100
302 MediaGX mediagx
303 MediaVision Proaxcel 128 ET6000
304 Mirage Z-128 ET6000
305 Miro CRYSTAL VRX Verite 1000
Enter a number to choose the corresponding card definition.
Press enter for the next page, q to continue configuration.
288
Your selected card definition:
Identifier: Matrox Millennium G200 8MB
Chipset: mgag200
Driver: mga
Do NOT probe clocks or use any Clocks line.
Press enter to continue, or ctrl-c to abort.
Now you must give information about your video card. This will be used for
the "Device" section of your video card in XF86Config.
You must indicate how much video memory you have. It is probably a good
idea to use the same approximate amount as that detected by the server you
intend to use. If you encounter problems that are due to the used server
not supporting the amount memory you have (e.g. ATI Mach64 is limited to
1024K with the SVGA server), specify the maximum amount supported by the
server.
How much video memory do you have on your video card:
1 256K
2 512K
3 1024K
4 2048K
5 4096K
6 Other
Enter your choice: 6
Amount of video memory in Kbytes: 8192
You must now enter a few identification/description strings, namely an
identifier, a vendor name, and a model name. Just pressing enter will fill
in default names (possibly from a card definition).
Your card definition is Matrox Millennium G200 8MB.
The strings are free-form, spaces are allowed.
Enter an identifier for your video card definition:Next, the video modes are set for the resolutions
desired. Typically, useful ranges are 640x480, 800x600, and 1024x768
but those are a function of video card capability, monitor size,
and eye comfort. When selecting a color depth, select the highest
mode that your card will support.For each depth, a list of modes (resolutions) is defined. The default
resolution that the server will start-up with will be the first listed
mode that can be supported by the monitor and card.
Currently it is set to:
"640x480" "800x600" "1024x768" "1280x1024" for 8-bit
"640x480" "800x600" "1024x768" "1280x1024" for 16-bit
"640x480" "800x600" "1024x768" "1280x1024" for 24-bit
Modes that cannot be supported due to monitor or clock constraints will
be automatically skipped by the server.
1 Change the modes for 8-bit (256 colors)
2 Change the modes for 16-bit (32K/64K colors)
3 Change the modes for 24-bit (24-bit color)
4 The modes are OK, continue.
Enter your choice: 2
Select modes from the following list:
1 "640x400"
2 "640x480"
3 "800x600"
4 "1024x768"
5 "1280x1024"
6 "320x200"
7 "320x240"
8 "400x300"
9 "1152x864"
a "1600x1200"
b "1800x1400"
c "512x384"
Please type the digits corresponding to the modes that you want to select.
For example, 432 selects "1024x768" "800x600" "640x480", with a
default mode of 1024x768.
Which modes? 432
You can have a virtual screen (desktop), which is screen area that is larger
than the physical screen and which is panned by moving the mouse to the edge
of the screen. If you don't want virtual desktop at a certain resolution,
you cannot have modes listed that are larger. Each color depth can have a
differently-sized virtual screen
Please answer the following question with either 'y' or 'n'.
Do you want a virtual screen that is larger than the physical screen? n
For each depth, a list of modes (resolutions) is defined. The default
resolution that the server will start-up with will be the first listed
mode that can be supported by the monitor and card.
Currently it is set to:
"640x480" "800x600" "1024x768" "1280x1024" for 8-bit
"1024x768" "800x600" "640x480" for 16-bit
"640x480" "800x600" "1024x768" "1280x1024" for 24-bit
Modes that cannot be supported due to monitor or clock constraints will
be automatically skipped by the server.
1 Change the modes for 8-bit (256 colors)
2 Change the modes for 16-bit (32K/64K colors)
3 Change the modes for 24-bit (24-bit color)
4 The modes are OK, continue.
Enter your choice: 4
Please specify which color depth you want to use by default:
1 1 bit (monochrome)
2 4 bits (16 colors)
3 8 bits (256 colors)
4 16 bits (65536 colors)
5 24 bits (16 million colors)
Enter a number to choose the default depth.
4Finally, the configuration needs to be saved. Be sure
to enter /etc/XF86Config as the location
for saving the configuration.I am going to write the XF86Config file now. Make sure you don't accidently
overwrite a previously configured one.
Shall I write it to /etc/X11/XF86Config? yIf the configuration fails, you can try the configuration again
by selecting [ Yes ] when the following
message appears: User Confirmation Requested
The XFree86 configuration process seems to have
failed. Would you like to try again?
[ Yes ] NoIf you have trouble configuring &xfree86;, select
[ No ] and press Enter
and continue with the installation process. After installation
you can use xf86cfg -textmode or
xf86config to access the command line
configuration utilities as root. There is
an additional method for configuring &xfree86; described in
. If you choose not to configure
&xfree86; at this time the next menu will be for package
selection.The default setting which allows the server to be killed
is the hotkey sequence CtrlAltBackspace. This
can be executed if something is wrong with the server settings and
prevent hardware damage.The default setting that allows video mode switching will
permit changing of the mode while running X with the hotkey
sequence
CtrlAlt+ or
CtrlAlt-.
After installation, the display can be adjusted for height,
width, or centering by using xvidtune
after you have &xfree86; running with
xvidtune.There are warnings that improper settings can
damage your equipment. Heed them. If in doubt, do not do
it. Instead, use the monitor controls to adjust the display for
X Window. There may be some display differences when switching
back to text mode, but it is better than damaging equipment.Read the &man.xvidtune.1; manual page before making
any adjustments.Following a successful &xfree86; configuration, it will proceed
to the selection of a default desktop.Select Default X DesktopThere are a variety of window managers available. They range
from very basic environments to full desktop environments with a
large suite of software. Some require only minimal disk space and
low memory while others with more features require much more. The
best way to determine which is most suitable for you is to try a few
different ones. Those are available from the ports collection or as
packages and can be added after installation.You can select one of the popular desktops to be installed
and configured as the default desktop. This will allow you
to start it right after installation.Use the arrow keys to select a desktop and press
Enter. Installation of the selected desktop will
proceed.Install PackagesPackages are pre-compiled binaries and are a convenient
way to install software.Installation of one package is shown for purposes of
illustration. Additional packages can also be added at this
time if desired. After installation
/stand/sysinstall can be used to add additional
packages. User Confirmation Requested
The FreeBSD package collection is a collection of hundreds of
ready-to-run applications, from text editors to games to WEB servers
and more. Would you like to browse the collection now?
[ Yes ] NoSelecting [ Yes ] and pressing
Enter will be
followed by the Package Selection screens:Only packages on the current installation media are
available for installation at any given time.All packages available will be displayed if
All is selected or you can select a
particular category. Highlight your selection with the arrow
keys and press Enter.A menu will display showing all the packages available for
the selection made:The bash shell is shown selected.
Select as many as desired by highlighting the package and pressing the
Space key. A short description of each package will
appear in the lower left corner of the screen.Pressing the Tab key will toggle between the last
selected package, &gui.ok;, and &gui.cancel;.When you have finished marking the packages for installation,
press Tab once to toggle to the &gui.ok; and press
Enter to return to the Package Selection menu.The left and right arrow keys will also toggle between &gui.ok;
and &gui.cancel;. This method can also be used to select &gui.ok; and
press Enter to return to the Package Selection
menu.Use the Tab and arrow keys to select [ Install ]
and press Enter. You will then need to confirm
that you want to install the packages:Selecting &gui.ok; and pressing Enter will start
the package installation. Installing messages will appear until
completed. Make note if there are any error messages.The final configuration continues after packages are
installed. If you end up not selecting any packages, and wish
to return to the final configuration, select
Install anyways.Add Users/GroupsYou should add at least one user during the installation so
that you can use the system without being logged in as
root. The root partition is generally small
and running applications as root can quickly
fill it. A bigger danger is noted below: User Confirmation Requested
Would you like to add any initial user accounts to the system? Adding
at least one account for yourself at this stage is suggested since
working as the "root" user is dangerous (it is easy to do things which
adversely affect the entire system).
[ Yes ] NoSelect [ Yes ] and press
Enter to continue with adding a user.Select User with the arrow keys
and press Enter.The following descriptions will appear in the lower part of
the screen as the items are selected with Tab
to assist with entering the required information:Login IDThe login name of the new user (mandatory).UIDThe numerical ID for this user (leave blank for
automatic choice).GroupThe login group name for this user (leave blank for
automatic choice).PasswordThe password for this user (enter this field with
care!).Full nameThe user's full name (comment).Member groupsThe groups this user belongs to (i.e. gets access
rights for).Home directoryThe user's home directory (leave blank for
default).Login shellThe user's login shell (leave blank for
default, e.g. /bin/sh).The login shell was changed from /bin/sh to
/usr/local/bin/bash to use the
bash shell that was previously installed as
a package. Do not try to use a shell that does not exist or you will
not be able to login. The most common shell used in the
BSD-world is the C shell, which can be indicated as
/bin/tcsh.The user was also added to the wheel group
to be able to become a superuser with root
privileges.When you are satisfied, press &gui.ok; and
the User and Group Management menu will redisplay:Groups can also be added at this time if specific needs
are known. Otherwise, this may be accessed through using
/stand/sysinstall after installation is
completed.When you are finished adding users, select
Exit with the arrow keys and press
Enter to continue the installation.Set the root Password Message
Now you must set the system manager's password.
This is the password you'll use to log in as "root".
[ OK ]
[ Press enter to continue ]Press Enter to set the root
password.The password will need to be typed in twice correctly. Needless to
say, make sure you have a way of finding the password if you
forget.Changing local password for root.
New password :
Retype new password :The installation will continue after the password is
successfully entered.Exiting InstallIf you need to configure additional network devices or
any other configuration, you can do it at this point or
after installation with /stand/sysinstall. User Confirmation Requested
Visit the general configuration menu for a chance to set any last
options?
Yes [ No ]Select [ No ] with the arrow keys
and press Enter to return to the Main
Installation Menu.Select [X Exit Install] with the arrow
keys and press Enter. You will be asked to
confirm exiting the installation: User Confirmation Requested
Are you sure you wish to exit? The system will reboot (be sure to
remove any floppies from the drives).
[ Yes ] NoSelect [ Yes ] and remove the floppy if
booting from the floppy. The CDROM drive is locked until the machine
starts to reboot. The CDROM drive is then unlocked and the disk can
be removed from drive (quickly).The system will reboot so watch for any error messages that
may appear.FreeBSD BootupFreeBSD Bootup on the &i386;If everything went well, you will see messages scroll
off the screen and you will arrive at a login prompt. You can view
the content of the messages by pressing Scroll-Lock
and using PgUp and PgDn.
Pressing Scroll-Lock again will return
to the prompt.The entire message may not display (buffer limitation) but
it can be viewed from the command line after logging in by typing
dmesg at the prompt.Login using the username/password you set during installation
(rpratt, in this example). Avoid logging in as
root except when necessary.Typical boot messages (version information omitted):Copyright (c) 1992-2002 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
Timecounter "i8254" frequency 1193182 Hz
CPU: AMD-K6(tm) 3D processor (300.68-MHz 586-class CPU)
Origin = "AuthenticAMD" Id = 0x580 Stepping = 0
Features=0x8001bf<FPU,VME,DE,PSE,TSC,MSR,MCE,CX8,MMX>
AMD Features=0x80000800<SYSCALL,3DNow!>
real memory = 268435456 (262144K bytes)
config> di sn0
config> di lnc0
config> di le0
config> di ie0
config> di fe0
config> di cs0
config> di bt0
config> di aic0
config> di aha0
config> di adv0
config> q
avail memory = 256311296 (250304K bytes)
Preloaded elf kernel "kernel" at 0xc0491000.
Preloaded userconfig_script "/boot/kernel.conf" at 0xc049109c.
md0: Malloc disk
Using $PIR table, 4 entries at 0xc00fde60
npx0: <math processor> on motherboard
npx0: INT 16 interface
pcib0: <Host to PCI bridge> on motherboard
pci0: <PCI bus> on pcib0
pcib1: <VIA 82C598MVP (Apollo MVP3) PCI-PCI (AGP) bridge> at device 1.0 on pci0
pci1: <PCI bus> on pcib1
pci1: <Matrox MGA G200 AGP graphics accelerator> at 0.0 irq 11
isab0: <VIA 82C586 PCI-ISA bridge> at device 7.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <VIA 82C586 ATA33 controller> port 0xe000-0xe00f at device 7.1 on pci0
ata0: at 0x1f0 irq 14 on atapci0
ata1: at 0x170 irq 15 on atapci0
uhci0: <VIA 83C572 USB controller> port 0xe400-0xe41f irq 10 at device 7.2 on pci0
usb0: <VIA 83C572 USB controller> on uhci0
usb0: USB revision 1.0
uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
chip1: <VIA 82C586B ACPI interface> at device 7.3 on pci0
ed0: <NE2000 PCI Ethernet (RealTek 8029)> port 0xe800-0xe81f irq 9 at
device 10.0 on pci0
ed0: address 52:54:05:de:73:1b, type NE2000 (16 bit)
isa0: too many dependant configs (8)
isa0: unexpected small tag 14
fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0
fdc0: FIFO enabled, 8 bytes threshold
fd0: <1440-KB 3.5" drive> on fdc0 drive 0
atkbdc0: <keyboard controller (i8042)> at port 0x60-0x64 on isa0
atkbd0: <AT Keyboard> flags 0x1 irq 1 on atkbdc0
kbd0 at atkbd0
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: model Generic PS/2 mouse, device ID 0
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
sc0: <System console> at flags 0x1 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
sio1 at port 0x2f8-0x2ff irq 3 on isa0
sio1: type 16550A
ppc0: <Parallel port> at port 0x378-0x37f irq 7 on isa0
ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode
ppc0: FIFO with 16/16/15 bytes threshold
ppbus0: IEEE1284 device found /NIBBLE
Probing for PnP devices on ppbus0:
plip0: <PLIP network interface> on ppbus0
lpt0: <Printer> on ppbus0
lpt0: Interrupt-driven port
ppi0: <Parallel I/O> on ppbus0
ad0: 8063MB <IBM-DHEA-38451> [16383/16/63] at ata0-master using UDMA33
ad2: 8063MB <IBM-DHEA-38451> [16383/16/63] at ata1-master using UDMA33
acd0: CDROM <DELTA OTC-H101/ST3 F/W by OIPD> at ata0-slave using PIO4
Mounting root from ufs:/dev/ad0s1a
swapon: adding /dev/ad0s1b as swap device
Automatic boot in progress...
/dev/ad0s1a: FILESYSTEM CLEAN; SKIPPING CHECKS
/dev/ad0s1a: clean, 48752 free (552 frags, 6025 blocks, 0.9% fragmentation)
/dev/ad0s1f: FILESYSTEM CLEAN; SKIPPING CHECKS
/dev/ad0s1f: clean, 128997 free (21 frags, 16122 blocks, 0.0% fragmentation)
/dev/ad0s1g: FILESYSTEM CLEAN; SKIPPING CHECKS
/dev/ad0s1g: clean, 3036299 free (43175 frags, 374073 blocks, 1.3% fragmentation)
/dev/ad0s1e: filesystem CLEAN; SKIPPING CHECKS
/dev/ad0s1e: clean, 128193 free (17 frags, 16022 blocks, 0.0% fragmentation)
Doing initial network setup: hostname.
ed0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::5054::5ff::fede:731b%ed0 prefixlen 64 tentative scopeid 0x1
ether 52:54:05:de:73:1b
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
Additional routing options: IP gateway=YES TCP keepalive=YES
routing daemons:.
additional daemons: syslogd.
Doing additional network setup:.
Starting final network daemons: creating ssh RSA host key
Generating public/private rsa1 key pair.
Your identification has been saved in /etc/ssh/ssh_host_key.
Your public key has been saved in /etc/ssh/ssh_host_key.pub.
The key fingerprint is:
cd:76:89:16:69:0e:d0:6e:f8:66:d0:07:26:3c:7e:2d root@k6-2.example.com
creating ssh DSA host key
Generating public/private dsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_dsa_key.
Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub.
The key fingerprint is:
f9:a1:a9:47:c4:ad:f9:8d:52:b8:b8:ff:8c:ad:2d:e6 root@k6-2.example.com.
setting ELF ldconfig path: /usr/lib /usr/lib/compat /usr/X11R6/lib
/usr/local/lib
a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout /usr/X11R6/lib/aout
starting standard daemons: inetd cron sshd usbd sendmail.
Initial rc.i386 initialization:.
rc.i386 configuring syscons: blank_time screensaver moused.
Additional ABI support: linux.
Local package initialization:.
Additional TCP options:.
FreeBSD/i386 (k6-2.example.com) (ttyv0)
login: rpratt
Password:Generating the RSA and DSA keys may take some time on slower
machines. This happens only on the initial boot-up of a new
installation. Subsequent boots will be faster.If the X server has been configured and a Default Desktop
chosen, it can be started by typing startx at
the command line.Bootup of FreeBSD on the AlphaAlphaOnce the install procedure has finished, you will be
able to start FreeBSD by typing something like this to the
SRM prompt:>>>BOOT DKC0This instructs the firmware to boot the specified
disk. To make FreeBSD boot automatically in the future, use
these commands:>>>SET BOOT_OSFLAGS A>>>SET BOOT_FILE ''>>>SET BOOTDEF_DEV DKC0>>>SET AUTO_ACTION BOOTThe boot messages will be similar (but not identical) to
those produced by FreeBSD booting on the &i386;.FreeBSD ShutdownIt is important to properly shutdown the operating
system. Do not just turn off power. First, become a superuser by
typing su at the command line and entering the
root password. This will work only if the user
is a member of the wheel group.
Otherwise, login as root and use
shutdown -h now.The operating system has halted.
Please press any key to reboot.It is safe to turn off the power after the shutdown command
has been issued and the message Please press any key to reboot
appears. If any key is pressed instead of turning off the power
switch, the system will reboot.You could also use the
CtrlAltDel
key combination to reboot the system, however this is not recommended
during normal operation.Supported HardwarehardwareFreeBSD currently runs on a wide variety of ISA, VLB, EISA, and PCI
bus-based PCs with Intel, AMD, Cyrix, or NexGen x86
processors, as well as a number of machines based on the Compaq Alpha
processor. Support for generic IDE or ESDI drive configurations,
various SCSI controllers, PCMCIA cards, USB devices, and network and
serial cards is also provided. FreeBSD also supports IBM's microchannel
(MCA) bus.A list of supported hardware is provided with each FreeBSD release
in the FreeBSD Hardware Notes. This document can usually be found in a
file named HARDWARE.TXT, in the top-level directory
of a CDROM or FTP distribution or in
sysinstall's documentation menu. It lists,
for a given architecture, what hardware devices are known to be
supported by each release of FreeBSD. Copies of the supported
hardware list for various releases and architectures can also be
found on the Release
Information page of the FreeBSD Web site.TroubleshootinginstallationtroubleshootingThe following section covers basic installation troubleshooting,
such as common problems people have reported. There are also a few
questions and answers for people wishing to dual-boot FreeBSD with
&ms-dos;.What to Do If Something Goes WrongDue to various limitations of the PC architecture, it is
impossible for probing to be 100% reliable, however, there are a
few things you can do if it fails.Check the Hardware Notes document for your version of
FreeBSD to make sure your hardware is
supported.If your hardware is supported and you still experience
lock-ups or other problems, reset your computer, and when the
visual kernel configuration option is given, choose it. This will
allow you to go through your hardware and supply information to the
system about it. The kernel on the boot disks is configured
assuming that most hardware devices are in their factory default
configuration in terms of IRQs, IO addresses, and DMA channels. If
your hardware has been reconfigured, you will most likely need to
use the configuration editor to tell FreeBSD where to find
things.It is also possible that a probe for a device not present will
cause a later probe for another device that is present to fail. In
that case, the probes for the conflicting driver(s) should be
disabled.Some installation problems can be avoided or alleviated
by updating the firmware on various hardware components, most notably
the motherboard. The motherboard firmware may also be referred to
as BIOS and most of the motherboard or computer
manufactures have a website where the upgrades and upgrade information
may be located.Most manufacturers strongly advise against upgrading the motherboard
BIOS unless there is a good reason for doing so, which
could possibly be a critical update of sorts. The upgrade process
can go wrong, causing permanent damage to the
BIOS chip.Do not disable any drivers you will need during the
installation, such as your screen (sc0).
If the installation wedges or fails mysteriously after leaving
the configuration editor, you have probably removed or changed
something you should not have. Reboot and try again.In configuration mode, you can:List the device drivers installed in the kernel.Disable device drivers for hardware that is not present in
your system.Change IRQs, DRQs, and IO port addresses used by a device
driver.After adjusting the kernel to match your hardware
configuration, type Q to boot with the new
settings. Once the installation has completed, any changes you
made in the configuration mode will be permanent so you do not have
to reconfigure every time you boot. It is still highly likely that
you will eventually want to build a custom kernel.Dealing with Existing &ms-dos; PartitionsDOSMany users wish to install &os; on PCs inhabited by
µsoft; based operating systems. For those instances, &os; has a
utility known as FIPS. This utility can be found
in the tools directory on the install CD-ROM, or downloaded
from one of various &os; mirrors.The FIPS utility allows you to split an
existing &ms-dos; partition into two pieces, preserving the original
partition and allowing you to install onto the second free piece.
You first need to defragment your &ms-dos; partition using the &windows;;
Disk Defragmenter utility (go into Explorer, right-click on
the hard drive, and choose to defrag your hard drive), or use
Norton Disk Tools. Now you can run the
FIPS utility. It will prompt you for the rest of
the information, just follow the on screen instructions. Afterwards, you can
reboot and install &os; on the new free slice. See the Distributions menu
for an estimate of how much free space you will need for the kind of
installation you want.There is also a very useful product from PowerQuest
(http://www.powerquest.com) called
&partitionmagic;. This application has far more
functionality than FIPS, and is highly recommended
if you plan to add/remove operating systems often. It does cost money, so if you
plan to install &os; and keep it installed, FIPS
will probably be fine for you.Using &ms-dos; and &windows; File SystemsAt this time, &os; does not support file systems compressed with the
Double Space™ application. Therefore the file
system will need to be uncompressed before &os; can access the data. This
can be done by running the Compression Agent
located in the Start> Programs >
System Tools menu.&os; can support &ms-dos; based file systems. This requires you use
the &man.mount.msdos.8; command (in &os; 5.X, the command is &man.mount.msdosfs.8;)
with the required parameters. The utilities most common usage is:&prompt.root; mount_msdos /dev/ad0s1 /mntIn this example, the &ms-dos; file system is located on the first partition of
the primary hard disk. Your situation may be different, check the output from
the dmesg, and mount commands. They should
produce enough information too give an idea of the partition layout.Extended &ms-dos; file systems are usually mapped after the &os;
partitions. In other words, the slice number may be higher than the ones
&os; is using. For instance, the first &ms-dos; partition may be
/dev/ad0s1, the &os; partition may be
/dev/ad0s2, with the extended &ms-dos; partition being
located on /dev/ad0s3. To some, this can be confusing
at first.NTFS partitions can also be mounted in a similar manner
using the &man.mount.ntfs.8; command.Alpha User's Questions and AnswersAlphaThis section answers some commonly asked questions about
installing FreeBSD on Alpha systems.Can I boot from the ARC or Alpha BIOS Console?ARCAlpha BIOSSRMNo. &os;, like Compaq Tru64 and VMS, will only boot
from the SRM console.Help, I have no space! Do I need to delete
everything first?Unfortunately, yes.Can I mount my Compaq Tru64 or VMS filesystems?No, not at this time.ValentinoVaschettoContributed by Advanced Installation GuideThis section describes how to install FreeBSD in exceptional
cases.Installing FreeBSD on a System without a Monitor or
Keyboardinstallationheadless (serial console)serial consoleThis type of installation is called a headless
install, because the machine that you are trying to install
FreeBSD on either does not have a monitor attached to it, or does not
even have a VGA output. How is this possible you ask? Using a
serial console. A serial console is basically using another
machine to act as the main display and keyboard for a
system. To do this, just follow the steps to create
installation floppies, explained in .To modify these floppies to boot into a serial console, follow
these steps:Enabling the Boot Floppies to Boot into a Serial ConsolemountIf you were to boot into the floppies that you just
made, FreeBSD would boot into its normal install mode. We
want FreeBSD to boot into a serial console for our
install. To do this, you have to mount the
kern.flp floppy onto your FreeBSD
system using the &man.mount.8; command.&prompt.root; mount /dev/fd0 /mntNow that you have the floppy mounted, you must
change into the /mnt directory:&prompt.root; cd /mntHere is where you must set the floppy to boot into a
serial console. You have to make a file called
boot.config containing
/boot/loader -h. All this does is pass a flag to the bootloader to
boot into a serial console.&prompt.root; echo "/boot/loader -h" > boot.configNow that you have your floppy configured correctly,
you must unmount the floppy using the &man.umount.8;
command:&prompt.root; cd /
&prompt.root; umount /mntNow you can remove the floppy from the floppy
drive.Connecting Your Null Modem Cablenull modem cableYou now need to connect a null modem cable between
the two machines. Just connect the cable to the serial
ports of the 2 machines. A normal serial cable
will not work here, you need a null modem
cable because it has some of the wires inside crossed
over.Booting Up for the InstallIt is now time to go ahead and start the install. Put
the kern.flp floppy in the floppy
drive of the machine you are doing the headless install
on, and power on the machine.Connecting to Your Headless MachinecuNow you have to connect to that machine with
&man.cu.1;:&prompt.root; cu -l /dev/cuaa0That's it! You should now be able to control the headless machine
through your cu session. It will ask you to
put in the mfsroot.flp, and then it will come up
with a selection of what kind of terminal to use. Select the
FreeBSD color console and proceed with your install!Preparing Your Own Installation MediaTo prevent repetition, FreeBSD disk in this context
means a FreeBSD CDROM or DVD that you have purchased or produced
yourself.There may be some situations in which you need to create your own
FreeBSD installation media and/or source. This might be physical media,
such as a tape, or a source that sysinstall
can use to retrieve the files, such as a local FTP site, or an &ms-dos;
partition.For example:You have many machines connected to your local network, and one
FreeBSD disk. You want to create a local FTP site using the
contents of the FreeBSD disk, and then have your machines use this
local FTP site instead of needing to connect to the Internet.You have a FreeBSD disk, and FreeBSD does not recognize your CD/DVD
drive, but &ms-dos;/&windows; does. You want to copy the FreeBSD
installations files to a DOS partition on the same computer, and
then install FreeBSD using those files.The computer you want to install on does not have a CD/DVD
drive or a network card, but you can connect a
Laplink-style serial or parallel cable to a computer
that does.You want to create a tape that can be used to install
FreeBSD.Creating an Installation CDROMAs part of each release, the FreeBSD project makes available two
CDROM images (ISO images). These images can be written
(burned) to CDs if you have a CD writer, and then used
to install FreeBSD. If you have a CD writer, and bandwidth is cheap,
then this is the easiest way to install FreeBSD.Download the Correct ISO ImagesThe ISO images for each release can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-arch/version or the closest mirror.
Substitute arch and
version as appropriate.That directory will normally contain the following images:
FreeBSD ISO Image Names and MeaningsFilenameContainsversion-mini.isoEverything you need to install FreeBSD.version-disc1.isoEverything you need to install FreeBSD, and as many
additional third party packages as would fit on the
disc.version-disc2.isoA live filesystem, which is used in
conjunction with the Repair facility in
sysinstall. A copy of the
FreeBSD CVS tree. As many additional third party packages
as would fit on the disc.
You must download one of either the mini
ISO image, or the image of disc one. Do not download both of them,
since the disc one image contains everything that the mini ISO
image contains.Use the mini ISO if Internet access is cheap for you. It will
let you install FreeBSD, and you can then install third party
packages by downloading them using the ports/packages system (see
) as
necessary.Use the image of disc one if you want a reasonable selection
of third party packages on the disc as well.The additional disc images are useful, but not essential,
especially if you have high-speed access to the Internet.Write the CDsYou must then write the CD images to disc. If you will be
doing this on another FreeBSD system then see
for more information (in
particular, and
).If you will be doing this on another platform then you will
need to use whatever utilities exist to control your CD writer on
that platform. The images provided are in the standard ISO format,
which many CD writing applications support.Creating a Local FTP Site with a FreeBSD DiskinstallationnetworkFTPFreeBSD disks are laid out in the same way as the FTP site. This
makes it very easy for you to create a local FTP site that can be used
by other machines on your network when installing FreeBSD.On the FreeBSD computer that will host the FTP site, ensure
that the CDROM is in the drive, and mounted on
/cdrom.&prompt.root; mount /cdromCreate an account for anonymous FTP in
/etc/passwd. Do this by editing
/etc/passwd using &man.vipw.8; and adding
this line.ftp:*:99:99::0:0:FTP:/cdrom:/nonexistentEnsure that the FTP service is enabled in
/etc/inetd.conf.Anyone with network connectivity to your machine can now
chose a media type of FTP and type in
ftp://your machine
after picking Other in the FTP sites menu during
the install.This approach is OK for a machine that is on your local network,
and that is protected by your firewall. Offering up FTP services to
other machines over the Internet (and not your local network)
exposes your computer to the attention of crackers and other
undesirables. We strongly recommend that you follow good security
practices if you do this.Creating Installation FloppiesinstallationfloppiesIf you must install from floppy disk (which we suggest you
do not do), either due to unsupported
hardware or simply because you insist on doing things the hard
way, you must first prepare some floppies for the installation.At a minimum, you will need as many 1.44 MB or 1.2 MB floppies
as it takes to hold all the files in the
bin (binary distribution) directory. If
you are preparing the floppies from DOS, then they
MUST be formatted using the &ms-dos;
FORMAT command. If you are using &windows;,
use Explorer to format the disks (right-click on the
A: drive, and select Format.Do not trust factory pre-formatted
floppies. Format them again yourself, just to be sure. Many
problems reported by our users in the past have resulted from
the use of improperly formatted media, which is why we are
making a point of it now.If you are creating the floppies on another FreeBSD machine,
a format is still not a bad idea, though you do not need to put
a DOS filesystem on each floppy. You can use the
disklabel and newfs
commands to put a UFS filesystem on them instead, as the
following sequence of commands (for a 3.5" 1.44 MB floppy)
illustrates:&prompt.root; fdformat -f 1440 fd0.1440
&prompt.root; disklabel -w -r fd0.1440 floppy3
&prompt.root; newfs -t 2 -u 18 -l 1 -i 65536 /dev/fd0Use fd0.1200 and
floppy5 for 5.25" 1.2 MB disks.Then you can mount and write to them like any other
filesystem.After you have formatted the floppies, you will need to copy
the files to them. The distribution files are split into chunks
conveniently sized so that five of them will fit on a conventional
1.44 MB floppy. Go through all your floppies, packing as many
files as will fit on each one, until you have all of the
distributions you want packed up in this fashion. Each
distribution should go into a subdirectory on the floppy, e.g.:
a:\bin\bin.aa,
a:\bin\bin.ab, and so on.Once you come to the Media screen during the install
process, select Floppy and you will be prompted
for the rest.Installing from an &ms-dos; Partitioninstallationfrom MS-DOSTo prepare for an installation from an &ms-dos; partition,
copy the files from the distribution into a directory
called freebsd in the root directory of the
partition. For example, c:\freebsd. The
directory structure of the CDROM or FTP site must be partially
reproduced within this directory, so we suggest using the DOS
xcopy command if you are copying it from a CD.
For example, to prepare for a minimal installation of
FreeBSD:C:\>md c:\freebsdC:\>xcopy e:\bin c:\freebsd\bin\ /sC:\>xcopy e:\manpages c:\freebsd\manpages\ /sAssuming that C: is where you have
free space and E: is where your CDROM
is mounted.If you do not have a CDROM drive, you can download the
distribution from ftp.FreeBSD.org.
Each distribution is in its own directory; for example, the
base distribution can be found in the &rel.current;/base/
directory.In the 4.X and older releases of &os; the base
distribution is called bin. Adjust the sample
commands and URLs above accordingly, if you are using one of these
versions.For as many distributions you wish to install from an &ms-dos;
partition (and you have the free space for), install each one
under c:\freebsd — the
BIN distribution is the only one required for
a minimum installation.Creating an Installation Tapeinstallationfrom QIC/SCSI TapeInstalling from tape is probably the easiest method, short
of an online FTP install or CDROM install. The installation
program expects the files to be simply tarred onto the tape.
After getting all of the distribution files you are interested
in, simply tar them onto the tape:&prompt.root; cd /freebsd/distdir
&prompt.root; tar cvf /dev/rwt0 dist1 ... dist2When you perform the installation, you should make
sure that you leave enough room in some temporary directory
(which you will be allowed to choose) to accommodate the
full contents of the tape you have created.
Due to the non-random access nature of tapes, this method of
installation requires quite a bit of temporary storage. You
should expect to require as much temporary storage as you have
data written on tape.When starting the installation, the tape must be in the
drive before booting from the boot
floppy. The installation probe may otherwise fail to find
it.Before Installing over a Networkinstallationnetworkserial (SLIP or PPP)installationnetworkparallel (PLIP)installationnetworkEthernetThere are three types of network installations available.
Serial port (SLIP or PPP), Parallel port (PLIP (laplink cable)),
or Ethernet (a standard Ethernet controller (includes some
PCMCIA)).The SLIP support is rather primitive, and limited primarily
to hard-wired links, such as a serial cable running between a
laptop computer and another computer. The link should be
hard-wired as the SLIP installation does not currently offer a
dialing capability; that facility is provided with the PPP
utility, which should be used in preference to SLIP whenever
possible.If you are using a modem, then PPP is almost certainly
your only choice. Make sure that you have your service
provider's information handy as you will need to know it fairly
early in the installation process.If you use PAP or CHAP to connect your ISP (in other words, if
you can connect to the ISP in &windows; without using a script), then
all you will need to do is type in dial at the
ppp prompt. Otherwise, you will need to
know how to dial your ISP using the AT commands
specific to your modem, as the PPP dialer provides only a very
simple terminal emulator. Please refer to the user-ppp handbook and FAQ entries for further information.
If you have problems, logging can be directed to the screen using
the command set log local ....If a hard-wired connection to another FreeBSD (2.0-R or
later) machine is available, you might also consider installing
over a laplink parallel port cable. The data rate
over the parallel port is much higher than what is typically
possible over a serial line (up to 50 kbytes/sec), thus resulting
in a quicker installation.Finally, for the fastest possible network installation, an
Ethernet adapter is always a good choice! FreeBSD supports most
common PC Ethernet cards; a table of supported cards (and their
required settings) is provided in the Hardware Notes for each
release of FreeBSD. If you are using one of the supported PCMCIA
Ethernet cards, also be sure that it is plugged in
before the laptop is powered on! FreeBSD does
not, unfortunately, currently support hot insertion of PCMCIA cards
during installation.You will also need to know your IP address on the network,
the netmask value for your address class, and the name of your
machine. If you are installing over a PPP connection and do not
have a static IP, fear not, the IP address can be dynamically
assigned by your ISP. Your system administrator can tell you
which values to use for your particular network setup. If you
will be referring to other hosts by name rather than IP address,
you will also need a name server and possibly the address of a
gateway (if you are using PPP, it is your provider's IP address)
to use in talking to it. If you want to install by FTP via a
HTTP proxy, you will also need the proxy's address.
If you do not know the answers to all or most of these questions,
then you should really probably talk to your system administrator
or ISP before trying this type of
installation.Before Installing via NFSinstallationnetworkNFSThe NFS installation is fairly straight-forward. Simply
copy the FreeBSD distribution files you want onto an NFS server
and then point the NFS media selection at it.If this server supports only privileged port
(as is generally the default for Sun workstations), you will
need to set this option in the Options menu before
installation can proceed.If you have a poor quality Ethernet card which suffers
from very slow transfer rates, you may also wish to toggle the
appropriate Options flag.In order for NFS installation to work, the server must
support subdir mounts, for example, if your FreeBSD &rel.current; distribution
directory lives on:
ziggy:/usr/archive/stuff/FreeBSD, then
ziggy will have to allow the direct mounting
of /usr/archive/stuff/FreeBSD, not just
/usr or
/usr/archive/stuff.In FreeBSD's /etc/exports file, this
is controlled by the options. Other NFS
servers may have different conventions. If you are getting
permission denied messages from the server, then
it is likely that you do not have this enabled
properly.
diff --git a/en_US.ISO8859-1/books/handbook/introduction/chapter.sgml b/en_US.ISO8859-1/books/handbook/introduction/chapter.sgml
index be0dbca240..3b1fb2ca0a 100644
--- a/en_US.ISO8859-1/books/handbook/introduction/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/introduction/chapter.sgml
@@ -1,943 +1,943 @@
JimMockRestructured, reorganized, and parts
rewritten by IntroductionSynopsisThank you for your interest in FreeBSD! The following chapter
covers various aspects of the FreeBSD Project, such as its history,
goals, development model, and so on.After reading this chapter, you will know:How FreeBSD relates to other computer operating systems.The history of the FreeBSD Project.The goals of the FreeBSD Project.The basics of the FreeBSD open-source development model.And of course: where the name FreeBSD comes from.Welcome to FreeBSD!4.4BSD-LiteFreeBSD is a 4.4BSD-Lite based operating system for
Intel (x86 and &itanium;), AMD64, Alpha, Sun
&ultrasparc; computers. Ports to other
architectures are also underway.
You can also
read about the history of FreeBSD,
or the current release. If you
are interested in contributing something to the Project (code,
hardware, unmarked bills), see the Contributing to FreeBSD article.What Can FreeBSD Do?FreeBSD has many noteworthy features. Some of these
are:preemptive multitaskingPreemptive multitasking with
dynamic priority adjustment to ensure smooth and fair
sharing of the computer between applications and users, even
under the heaviest of loads.multi-user facilitiesMulti-user facilities which allow many
people to use a FreeBSD system simultaneously for a variety
of things. This means, for example, that system peripherals
such as printers and tape drives are properly shared between
all users on the system or the network and that individual
resource limits can be placed on users or groups of users,
protecting critical system resources from over-use.TCP/IP networkingStrong TCP/IP networking with
support for industry standards such as SLIP, PPP, NFS, DHCP,
and NIS. This means that your FreeBSD machine can
interoperate easily with other systems as well as act as an
enterprise server, providing vital functions such as NFS
(remote file access) and email services or putting your
organization on the Internet with WWW, FTP, routing and
firewall (security) services.memory protectionMemory protection ensures that
applications (or users) cannot interfere with each other. One
application crashing will not affect others in any way.FreeBSD is a 32-bit operating
system (64-bit on the Alpha, &itanium;, AMD64, and &ultrasparc;) and was
designed as such from the ground up.X Window SystemXFree86The industry standard X Window System
(X11R6) provides a graphical user interface (GUI) for the cost
of a common VGA card and monitor and comes with full
sources.binary compatibilityLinuxbinary compatibilitySCObinary compatibilitySVR4binary compatibilityBSD/OSbinary compatibilityNetBSDBinary compatibility with many
programs built for Linux, SCO, SVR4, BSDI and NetBSD.Thousands of ready-to-run
applications are available from the FreeBSD
ports and packages
collection. Why search the net when you can find it all right
here?Thousands of additional and
easy-to-port applications are available
on the Internet. FreeBSD is source code compatible with most
popular commercial &unix; systems and thus most applications
require few, if any, changes to compile.virtual memoryDemand paged virtual memory and
merged VM/buffer cache design efficiently
satisfies applications with large appetites for memory while
still maintaining interactive response to other users.Symmetric Multi-Processing (SMP)SMP support for machines with
multiple CPUs.compilersCcompilersC++compilersFORTRANA full complement of C,
C++, Fortran, and
Perl development tools.
Many additional languages for advanced research
and development are also available in the ports and packages
collection.source codeSource code for the entire system
means you have the greatest degree of control over your
environment. Why be locked into a proprietary solution
at the mercy of your vendor when you can have a truly open
system?Extensive online
documentation.And many more!4.4BSD-LiteComputer Systems Research Group (CSRG)U.C. BerkeleyFreeBSD is based on the 4.4BSD-Lite release from Computer
Systems Research Group (CSRG) at the University of California at
Berkeley, and carries on the distinguished tradition of BSD
systems development. In addition to the fine work provided by
CSRG, the FreeBSD Project has put in many thousands of hours in
fine tuning the system for maximum performance and reliability in
real-life load situations. As many of the commercial giants
struggle to field PC operating systems with such features,
performance and reliability, FreeBSD can offer them
now!The applications to which FreeBSD can be put are truly
limited only by your own imagination. From software development
to factory automation, inventory control to azimuth correction of
remote satellite antennae; if it can be done with a commercial
&unix; product then it is more than likely that you can do it with
FreeBSD too! FreeBSD also benefits significantly from
literally thousands of high quality applications developed by
research centers and universities around the world, often
available at little to no cost. Commercial applications are also
available and appearing in greater numbers every day.Because the source code for FreeBSD itself is generally
available, the system can also be customized to an almost unheard
of degree for special applications or projects, and in ways not
generally possible with operating systems from most major
commercial vendors. Here is just a sampling of some of the
applications in which people are currently using FreeBSD:Internet Services: The robust TCP/IP
networking built into FreeBSD makes it an ideal platform for a
variety of Internet services such as:FTP serversFTP serversweb serversWorld Wide Web servers (standard or secure
[SSL])firewallIP masqueradingFirewalls and NAT (IP masquerading)
gatewayselectronic mailElectronic Mail serversUSENETUSENET News or Bulletin Board SystemsAnd more...With FreeBSD, you can easily start out small with an
inexpensive 386 class PC and upgrade all the way up to a
quad-processor Xeon with RAID storage as your enterprise
grows.Education: Are you a student of
computer science or a related engineering field? There is no
better way of learning about operating systems, computer
architecture and networking than the hands on, under the hood
experience that FreeBSD can provide. A number of freely
available CAD, mathematical and graphic design packages also
make it highly useful to those whose primary interest in a
computer is to get other work
done!Research: With source code for the
entire system available, FreeBSD is an excellent platform for
research in operating systems as well as other branches of
computer science. FreeBSD's freely available nature also makes
it possible for remote groups to collaborate on ideas or
shared development without having to worry about special
licensing agreements or limitations on what may be discussed
in open forums.routerDNS ServerNetworking: Need a new router? A
name server (DNS)? A firewall to keep people out of your
internal network? FreeBSD can easily turn that unused 386 or
486 PC sitting in the corner into an advanced router with
sophisticated packet-filtering capabilities.X Window SystemXFree86X Window SystemAccelerated-XX Window workstation: FreeBSD is a
fine choice for an inexpensive X terminal solution, either
using the freely available &xfree86; server or one of the
excellent commercial servers provided by Xi Graphics. Unlike an
X terminal, FreeBSD allows many applications to be run
locally if desired, thus relieving the burden on a central
server. FreeBSD can even boot diskless, making
individual workstations even cheaper and easier to
administer.GNU Compiler CollectionSoftware Development: The basic
FreeBSD system comes with a full complement of development
tools including the renowned GNU C/C++ compiler and
debugger.FreeBSD is available in both source and binary form on CDROM,
DVD,
and via anonymous FTP. Please see
for more information about obtaining FreeBSD.Who Uses FreeBSD?UsersLarge sites running FreeBSDFreeBSD is used to power some of the biggest sites on the
Internet, including:Yahoo!Yahoo!ApacheApacheBlue Mountain ArtsBlue Mountain
ArtsPair NetworksPair
NetworksSony JapanSony
JapanNetcraftNetcraftWeathernewsWeathernewsSupervaluSupervaluTELEHOUSE AmericaTELEHOUSE
AmericaSophos Anti-VirusSophos
Anti-VirusJMA WiredJMA Wiredand many more.About the FreeBSD ProjectThe following section provides some background information on
the project, including a brief history, project goals, and the
development model of the project.JordanHubbardContributed by A Brief History of FreeBSD386BSD PatchkitHubbard, JordanWilliams, NateGrimes, RodFreeBSD ProjecthistoryThe FreeBSD project had its genesis in the early part of 1993,
partially as an outgrowth of the Unofficial 386BSD
Patchkit by the patchkit's last 3 coordinators: Nate
Williams, Rod Grimes and myself.386BSDOur original goal was to produce an intermediate snapshot of
386BSD in order to fix a number of problems with it that the
patchkit mechanism just was not capable of solving. Some of you
may remember the early working title for the project being
386BSD 0.5 or 386BSD Interim in
reference to that fact.Jolitz, Bill386BSD was Bill Jolitz's operating system, which had been up
to that point suffering rather severely from almost a year's worth
of neglect. As the patchkit swelled ever more uncomfortably with
each passing day, we were in unanimous agreement that something
had to be done and decided to assist Bill by providing
this interim cleanup snapshot. Those plans came to
a rude halt when Bill Jolitz suddenly decided to withdraw his
sanction from the project without any clear indication of what
would be done instead.Greenman, DavidWalnut Creek CDROMIt did not take us long to decide that the goal remained
worthwhile, even without Bill's support, and so we adopted the
name FreeBSD, coined by David Greenman. Our initial
objectives were set after consulting with the system's current
users and, once it became clear that the project was on the road
to perhaps even becoming a reality, I contacted Walnut Creek CDROM
with an eye toward improving FreeBSD's distribution channels for
those many unfortunates without easy access to the Internet.
Walnut Creek CDROM not only supported the idea of distributing
FreeBSD on CD but also went so far as to provide the project with a
machine to work on and a fast Internet connection. Without Walnut
Creek CDROM's almost unprecedented degree of faith in what was, at
the time, a completely unknown project, it is quite unlikely that
FreeBSD would have gotten as far, as fast, as it has today.4.3BSD-LiteNet/2U.C. Berkeley386BSDFree Software FoundationThe first CDROM (and general net-wide) distribution was
FreeBSD 1.0, released in December of 1993. This was based on the
4.3BSD-Lite (Net/2) tape from U.C. Berkeley, with
many components also provided by 386BSD and the Free Software
Foundation. It was a fairly reasonable success for a first
offering, and we followed it with the highly successful FreeBSD
1.1 release in May of 1994.NovellU.C. BerkeleyNet/2AT&TAround this time, some rather unexpected storm clouds formed
on the horizon as Novell and U.C. Berkeley settled their
long-running lawsuit over the legal status of the Berkeley Net/2
tape. A condition of that settlement was U.C. Berkeley's
concession that large parts of Net/2 were encumbered
code and the property of Novell, who had in turn acquired it from
AT&T some time previously. What Berkeley got in return was
Novell's blessing that the 4.4BSD-Lite release, when
it was finally released, would be declared unencumbered and all
existing Net/2 users would be strongly encouraged to switch. This
included FreeBSD, and the project was given until the end of July
1994 to stop shipping its own Net/2 based product. Under the
terms of that agreement, the project was allowed one last release
before the deadline, that release being FreeBSD 1.1.5.1.FreeBSD then set about the arduous task of literally
re-inventing itself from a completely new and rather incomplete
set of 4.4BSD-Lite bits. The Lite releases were
light in part because Berkeley's CSRG had removed large chunks of
code required for actually constructing a bootable running system
(due to various legal requirements) and the fact that the Intel
port of 4.4 was highly incomplete. It took the project until
November of 1994 to make this transition, at which point it
released FreeBSD 2.0 to the net and on CDROM (in late December).
Despite being still more than a little rough around the edges,
the release was a significant success and was followed by the
more robust and easier to install FreeBSD 2.0.5 release in June of
1995.We released FreeBSD 2.1.5 in August of 1996, and it appeared
to be popular enough among the ISP and commercial communities that
another release along the 2.1-STABLE branch was merited. This was
FreeBSD 2.1.7.1, released in February 1997 and capping the end of
mainstream development on 2.1-STABLE. Now in maintenance mode,
only security enhancements and other critical bug fixes will be
done on this branch (RELENG_2_1_0).FreeBSD 2.2 was branched from the development mainline
(-CURRENT) in November 1996 as the RELENG_2_2
branch, and the first full release (2.2.1) was released in April
1997. Further releases along the 2.2 branch were done in the
summer and fall of '97, the last of which (2.2.8) appeared in
November 1998. The first official 3.0 release appeared in
October 1998 and spelled the beginning of the end for the 2.2
branch.The tree branched again on Jan 20, 1999, leading to the
4.0-CURRENT and 3.X-STABLE branches. From 3.X-STABLE, 3.1 was
released on February 15, 1999, 3.2 on May 15, 1999, 3.3 on
September 16, 1999, 3.4 on December 20, 1999, and 3.5 on
June 24, 2000, which was followed a few days later by a minor
point release update to 3.5.1, to incorporate some last-minute
security fixes to Kerberos. This will be the final release in the
3.X branch.There was another branch on March 13, 2000, which saw the
emergence of the 4.X-STABLE branch, now considered to be the
current -stable branch. There have been several releases
from it so far: 4.0-RELEASE was introduced in March 2000, and
the most recent &rel2.current;-RELEASE came out in
&rel2.current.date;. There will be additional releases
along the 4.X-stable (RELENG_4) branch well into 2003.The long-awaited 5.0-RELEASE was announced on January 19,
2003. The culmination of nearly three years of work, this
release started FreeBSD on the path of advanced multiprocessor
and application thread support and introduced support for the
&ultrasparc; and ia64 platforms. This release was followed by 5.1 in
June of 2003. Besides a number of new features, the 5.X
releases also contain a number of major developments in the
underlying system architecture. Along with these advances,
however, comes a system that incorporates a tremendous amount of
new and not-widely-tested code. For this reason, the 5.X
releases are considered New Technology releases, while the 4.X
series function as Production releases. In time, 5.X will be
declared stable and work will commence on the next development
branch, 6.0-CURRENT.For now, long-term development projects continue to take place in the
5.X-CURRENT (trunk) branch, and SNAPshot releases of 5.X on
CDROM (and, of course, on the net) are continually made available
from
the snapshot server as work progresses.JordanHubbardContributed by FreeBSD Project GoalsFreeBSD ProjectgoalsThe goals of the FreeBSD Project are to provide software that
may be used for any purpose and without strings attached. Many of
us have a significant investment in the code (and project) and
would certainly not mind a little financial compensation now and
then, but we are definitely not prepared to insist on it. We
believe that our first and foremost mission is to
provide code to any and all comers, and for whatever purpose, so
that the code gets the widest possible use and provides the widest
possible benefit. This is, I believe, one of the most fundamental
goals of Free Software and one that we enthusiastically
support.GNU General Public License (GPL)GNU Lesser General Public License (LGPL)BSD CopyrightThat code in our source tree which falls under the GNU
General Public License (GPL) or Library General Public License
(LGPL) comes with slightly more strings attached, though at
least on the side of enforced access rather than the usual
opposite. Due to the additional complexities that can evolve
in the commercial use of GPL software we do, however, prefer
software submitted under the more relaxed BSD copyright when
it is a reasonable option to do so.SatoshiAsamiContributed by The FreeBSD Development ModelFreeBSD Projectdevelopment modelThe development of FreeBSD is a very open and flexible
process, being literally built from the contributions
of hundreds of people around the world, as can be seen from
our list of
contributors. FreeBSD's development infrastructure allow
these hundreds of developers to collaborate over the Internet.
We are constantly on the lookout for
new developers and ideas, and those interested in becoming
more closely involved with the project need simply contact us
at the &a.hackers;. The &a.announce; is also available to
those wishing to make other FreeBSD users aware of major areas
of work.Useful things to know about the FreeBSD project and its
development process, whether working independently or in close
cooperation:The CVS repositoryCVSrepositoryConcurrent Versions SystemCVSThe central source tree for FreeBSD is maintained by
CVS
(Concurrent Versions System), a freely available source code
control tool that comes bundled with FreeBSD. The primary
CVS
repository resides on a machine in Santa Clara CA, USA
from where it is replicated to numerous mirror machines
throughout the world. The CVS tree, which contains the -CURRENT and -STABLE trees,
can all be easily replicated to your own machine as well.
Please refer to the Synchronizing
your source tree section for more information on
doing this.The committers listcommittersThe committers
are the people who have write access to
the CVS tree, and are authorized to make modifications
to the FreeBSD source (the term committer
comes from the &man.cvs.1; commit
command, which is used to bring new changes into the CVS
repository). The best way of making submissions for review
by the committers list is to use the &man.send-pr.1;
command. If something appears to be jammed in the
system, then you may also reach them by sending mail to
the &a.committers;.The FreeBSD core teamcore teamThe FreeBSD core team
would be equivalent to the board of directors if the FreeBSD
Project were a company. The primary task of the core team
is to make sure the project, as a whole, is in good shape
and is heading in the right directions. Inviting dedicated
and responsible developers to join our group of committers
is one of the functions of the core team, as is the
recruitment of new core team members as others move on.
The current core team was elected from a pool of committer
candidates in June 2002. Elections are held every 2 years.
Some core team members also have specific areas of
responsibility, meaning that they are committed to
ensuring that some large portion of the system works as
advertised. For a complete list of FreeBSD developers
and their areas of responsibility, please see the Contributors
ListMost members of the core team are volunteers when it
comes to FreeBSD development and do not benefit from the
project financially, so commitment should
also not be misconstrued as meaning guaranteed
support. The board of directors
analogy above is not very accurate, and it may be
more suitable to say that these are the people who gave up
their lives in favor of FreeBSD against their better
judgment!Outside contributorscontributorsLast, but definitely not least, the largest group of
developers are the users themselves who provide feedback and
bug fixes to us on an almost constant basis. The primary
way of keeping in touch with FreeBSD's more non-centralized
development is to subscribe to the &a.hackers where such
things are discussed. See for more information about
the various FreeBSD mailing lists.The
FreeBSD Contributors List is a long
and growing one, so why not join it by contributing
something back to FreeBSD today?Providing code is not the only way of contributing to
the project; for a more complete list of things that need
doing, please refer to the FreeBSD Project web
+ url="&url.base;/index.html">FreeBSD Project web
site.In summary, our development model is organized as a loose set
of concentric circles. The centralized model is designed for the
convenience of the users of FreeBSD, who are
provided with an easy way of tracking one central code
base, not to keep potential contributors out! Our desire is to
present a stable operating system with a large set of coherent
application programs that the users
can easily install and use — this model works very well in
accomplishing that.All we ask of those who would join us as FreeBSD developers is
some of the same dedication its current people have to its
continued success!The Current FreeBSD ReleaseNetBSDOpenBSD386BSDFree Software FoundationU.C. BerkeleyComputer Systems Research Group (CSRG)FreeBSD is a freely available, full source 4.4BSD-Lite based
release for Intel &i386;, &i486;, &pentium;,
&pentium; Pro,
&celeron;,
&pentium; II,
&pentium; III,
&pentium; 4 (or compatible),
&xeon;, DEC Alpha
and Sun &ultrasparc; based computer
systems. It is based primarily on software from U.C. Berkeley's
CSRG group, with some enhancements from NetBSD, OpenBSD, 386BSD, and
the Free Software Foundation.Since our release of FreeBSD 2.0 in late 94, the performance,
feature set, and stability of FreeBSD has improved dramatically.
The largest change is a revamped virtual memory system with a merged
VM/file buffer cache that not only increases performance, but also
reduces FreeBSD's memory footprint, making a 5 MB configuration a
more acceptable minimum. Other enhancements include full NIS client
and server support, transaction TCP support, dial-on-demand PPP,
integrated DHCP support, an improved SCSI subsystem, ISDN support,
support for ATM, FDDI, Fast and Gigabit Ethernet (1000 Mbit)
adapters, improved support for the latest Adaptec controllers, and
many thousands of bug fixes.In addition to the base distributions, FreeBSD offers a
ported software collection with thousands of commonly
sought-after programs. At the time of this printing, there
were over &os.numports; ports! The list of ports ranges from
http (WWW) servers, to games, languages, editors, and almost
everything in between. The entire ports collection requires
approximately &ports.size; of storage, all ports being expressed as
deltas to their original sources. This makes
it much easier for us to update ports, and greatly reduces the
disk space demands made by the older 1.0 ports collection. To
compile a port, you simply change to the directory of the
program you wish to install, type make
install, and let the system do the rest. The full
original distribution for each port you build is retrieved
dynamically off the CDROM or a local FTP site, so you need
only enough disk space to build the ports you want. Almost
every port is also provided as a pre-compiled
package, which can be installed with a simple
command (pkg_add) by those who do not wish
to compile their own ports from source. More information on
packages and ports can be found in .A number of additional documents which you may find very helpful
in the process of installing and using FreeBSD may now also be found
in the /usr/share/doc directory on any recent
FreeBSD machine. You may view the locally installed
manuals with any HTML capable browser using the following
URLs:The FreeBSD Handbook/usr/share/doc/handbook/index.htmlThe FreeBSD FAQ/usr/share/doc/faq/index.htmlYou can also view the master (and most frequently updated)
copies at http://www.FreeBSD.org/.
+ url="&url.base;/index.html">http://www.FreeBSD.org/.
diff --git a/en_US.ISO8859-1/books/handbook/l10n/chapter.sgml b/en_US.ISO8859-1/books/handbook/l10n/chapter.sgml
index 31aa25fd3d..37a44af498 100644
--- a/en_US.ISO8859-1/books/handbook/l10n/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/l10n/chapter.sgml
@@ -1,979 +1,979 @@
Andrey A.ChernovContributed by Michael C.WuRewritten by Localization - I18N/L10N Usage and SetupSynopsisFreeBSD is a very distributed project with users and
contributors located all over the world. This chapter discusses
the internationalization and localization features of FreeBSD
that allow non-English speaking users to get real work done.
There are many aspects of the i18n implementation in both the system
and application levels, so where applicable we refer the reader
to more specific sources of documentation.After reading this chapter, you will know:How different languages and locales are encoded
on modern operating systems.How to set the locale for your login
shell.How to configure your console for non-English
languages.How to use X Window System effectively with different
languages.Where to find more information about writing
i18n-compliant applications.Before reading this chapter, you should:Know how to install additional third-party
applications ().The BasicsWhat Is I18N/L10N?internationalizationlocalizationDevelopers shortened internationalization into the term I18N,
counting the number of letters between the first and the last
letters of internationalization. L10N uses the same naming
scheme, coming from localization. Combined
together, I18N/L10N methods, protocols, and applications allow
users to use languages of their choice.I18N applications are programmed using I18N kits under
libraries. It allows for developers to write a simple file and
translate displayed menus and texts to each language. We strongly
encourage programmers to follow this convention.Why Should I Use I18N/L10N?I18N/L10N is used whenever you wish to either view, input, or
process data in non-English languages.What Languages Are Supported in the I18N Effort?I18N and L10N are not FreeBSD specific. Currently, one can
choose from most of the major languages of the World, including
but not limited to: Chinese, German, Japanese, Korean, French,
Russian, Vietnamese and others.Using LocalizationIn all its splendor, I18N is not FreeBSD-specific and is a
convention. We encourage you to help FreeBSD in following this
convention.localeLocalization settings are based on three main terms:
Language Code, Country Code, and Encoding. Locale names are
constructed from these parts as follows:LanguageCode_CountryCode.EncodingLanguage and Country Codeslanguage codescountry codesIn order to localize a FreeBSD system to a specific language
(or any other I18N-supporting &unix; like systems), the user needs to find out
the codes for the specify country and language (country
codes tell applications what variation of given
language to use). In addition, web
browsers, SMTP/POP servers, web servers, etc. make decisions based on
them. The following are examples of language/country codes:Language/Country CodeDescriptionen_USEnglish - United Statesru_RURussian for Russiazh_TWTraditional Chinese for TaiwanEncodingsencodingsASCIISome languages use non-ASCII encodings that are 8-bit, wide
or multibyte characters, see &man.multibyte.3; for more
details. Older applications do not recognize them
and mistake them for control characters. Newer applications
usually do recognize 8-bit characters. Depending on the
implementation, users may be required to compile an application
with wide or multibyte characters support, or configure it correctly.
To be able to input and process wide or multibyte characters, the FreeBSD Ports collection has provided
+ url="&url.base;/ports/index.html">FreeBSD Ports collection has provided
each language with different programs. Refer to the I18N
documentation in the respective FreeBSD Port.Specifically, the user needs to look at the application
documentation to decide on how to configure it correctly or to
pass correct values into the configure/Makefile/compiler.Some things to keep in mind are:Language specific single C chars character sets
(see &man.multibyte.3;), e.g.
ISO-8859-1, ISO-8859-15, KOI8-R, CP437.Wide or multibyte encodings, e.g. EUC, Big5.You can check the active list of character sets at the
IANA Registry.FreeBSD versions 4.5 and up use X11-compatible locale
encodings instead.I18N ApplicationsIn the FreeBSD Ports and Package system, I18N applications
have been named with I18N in their names for
easy identification. However, they do not always support the
language needed.Setting LocaleUsually it is sufficient to export the value of the locale name
as LANG in the login shell. This could be done in
the user's ~/.login_conf file or in the
startup file of the user's shell (~/.profile,
~/.bashrc, ~/.cshrc).
There is no need to set the locale subsets such as
LC_CTYPE, LC_CTIME. Please
refer to language-specific FreeBSD documentation for more
information.You should set the following two environment variables in your configuration
files:POSIXLANG for &posix; &man.setlocale.3; family
functionsMIMEMM_CHARSET for applications' MIME character
setThis includes the user shell configuration, the specific application
configuration, and the X11 configuration.Setting Locale Methodslocalelogin classThere are two methods for setting locale, and both are
described below. The first (recommended one) is by assigning
the environment variables in login
class, and the second is by adding the environment
variable assignments to the system's shell startup file.Login Classes MethodThis method allows environment variables needed for locale
name and MIME character sets to be assigned once for every
possible shell instead of adding specific shell assignments to
each shell's startup file. User
Level Setup can be done by an user himself and Administrator Level Setup require
superuser privileges.User Level SetupHere is a minimal example of a
.login_conf file in user's home
directory which has both variables set for Latin-1
encoding:me:\
:charset=ISO-8859-1:\
:lang=de_DE.ISO8859-1:Traditional ChineseBIG-5 encodingHere is an example of a
.login_conf that sets the variables
for Traditional Chinese in BIG-5 encoding. Notice the many
more variables set because some software does not respect
locale variables correctly for Chinese, Japanese, and Korean.#Users who do not wish to use monetary units or time formats
#of Taiwan can manually change each variable
me:\
:lang=zh_TW.Big5:\
:lc_all=zh_TW.Big:\
:lc_collate=zh_TW.Big5:\
:lc_ctype=zh_TW.Big5:\
:lc_messages=zh_TW.Big5:\
:lc_monetary=zh_TW.Big5:\
:lc_numeric=zh_TW.Big5:\
:lc_time=zh_TW.Big5:\
:charset=big5:\
:xmodifiers="@im=xcin": #Setting the XIM Input ServerSee Administrator Level
Setup and &man.login.conf.5; for more details.Administrator Level SetupVerify that the user's login class in
/etc/login.conf sets the correct
language. Make sure these settings
appear in /etc/login.conf:language_name:accounts_title:\
:charset=MIME_charset:\
:lang=locale_name:\
:tc=default:So sticking with our previous example using Latin-1, it
would look like this:german:German Users Accounts:\
:charset=ISO-8859-1:\
:lang=de_DE.ISO8859-1:\
:tc=default:Changing Login Classes with &man.vipw.8;vipwUse vipw to add new users, and make
the entry look like this:user:password:1111:11:language:0:0:User Name:/home/user:/bin/shChanging Login Classes with &man.adduser.8;adduserlogin classUse adduser to add new users, and do
the following:Set defaultclass =
language in
/etc/adduser.conf. Keep in mind
you must enter a default class for
all users of other languages in this case.An alternative variant is answering the specified
language each time that
Enter login class: default []:
appears from &man.adduser.8;.Another alternative is to use the following for each
user of a different language that you wish to
add:&prompt.root; adduser -class languageChanging Login Classes with &man.pw.8;pwIf you use &man.pw.8; for adding new users, call it in
this form:&prompt.root; pw useradd user_name -L languageShell Startup File MethodThis method is not recommended because it requires a
different setup for each possible shell program chosen. Use
the Login Class Method
instead.MIMElocaleTo add the locale name and MIME character set, just set
the two environment variables shown below in the
/etc/profile and/or
/etc/csh.login shell startup files. We
will use the German language as an example below:In /etc/profile:LANG=de_DE.ISO8859-1; export LANGMM_CHARSET=ISO-8859-1; export MM_CHARSETOr in /etc/csh.login:setenv LANG de_DE.ISO8859-1setenv MM_CHARSET ISO-8859-1Alternatively, you can add the above instructions to
/usr/share/skel/dot.profile (similar to
what was used in /etc/profile above), or
/usr/share/skel/dot.login (similar to
what was used in /etc/csh.login
above).For X11:In $HOME/.xinitrc:LANG=de_DE.ISO8859-1; export LANGOr:setenv LANG de_DE.ISO8859-1Depending on your shell (see above).Console SetupFor all single C chars character sets, set the correct
console fonts in /etc/rc.conf for the
language in question with:font8x16=font_name
font8x14=font_name
font8x8=font_nameThe font_name here is taken from
the /usr/share/syscons/fonts directory,
without the .fnt suffix.sysinstallkeymapscreenmapAlso be sure to set the correct keymap and screenmap for your
single C chars character set through
/stand/sysinstall.
Once inside sysinstall, choose Configure, then
Console. Alternatively, you can add the
following to /etc/rc.conf:scrnmap=screenmap_name
keymap=keymap_name
keychange="fkey_number sequence"The screenmap_name here is taken
from the /usr/share/syscons/scrnmaps
directory, without the .scm suffix. A
screenmap with a corresponding mapped font is usually needed as a
workaround for expanding bit 8 to bit 9 on a VGA adapter's font
character matrix in pseudographics area, i.e., to move letters out
of that area if screen font uses a bit 8 column.If you have the moused daemon
enabled by setting the following
in your /etc/rc.conf:moused_enable="YES"then examine the mouse cursor information in the next
paragraph.mousedBy default the mouse cursor of the &man.syscons.4; driver occupies the
0xd0-0xd3 range in the character set. If your language uses this
range, you need to move the cursor's range outside of it. To enable
the workaround for FreeBSD versions before 5.0, insert the following
line into your kernel configuration:options SC_MOUSE_CHAR=0x03For the FreeBSD versions 4.4 and up insert the following line
into /etc/rc.conf:mousechar_start=3The keymap_name here is taken from
the /usr/share/syscons/keymaps directory,
without the .kbd suffix. If you're
uncertain which keymap to use, you use can &man.kbdmap.1; to test
keymaps without rebooting.The keychange is usually needed to program
function keys to match the selected terminal type because
function key sequences cannot be defined in the key map.Also be sure to set the correct console terminal type in
/etc/ttys for all ttyv*
entries. Current pre-defined correspondences are:Character SetTerminal TypeISO-8859-1 or ISO-8859-15cons25l1ISO-8859-2cons25l2ISO-8859-7cons25l7KOI8-Rcons25rKOI8-Ucons25uCP437 (VGA default)cons25US-ASCIIcons25wFor wide or multibyte characters languages, use the correct
FreeBSD port in your
/usr/ports/language
directory. Some ports appear as console while the system sees it
as serial vtty's, hence you must reserve enough vtty's for both
X11 and the pseudo-serial console. Here is a partial list of
applications for using other languages in console:LanguageLocationTraditional Chinese (BIG-5)chinese/big5conJapanesejapanese/ja-kon2-* or
japanese/Mule_WnnKoreankorean/ko-hanX11 SetupAlthough X11 is not part of the FreeBSD Project, we have
included some information here for FreeBSD users. For more
details, refer to the &xfree86;
web site or whichever X11 Server you use.In ~/.Xresources, you can additionally
tune application specific I18N settings (e.g., fonts, menus,
etc.).Displaying FontsX11 True Type font serverInstall the X11 &truetype; Common server (x11-servers/XttXF86srv-common) and
install the language &truetype; fonts. Setting the correct
locale should allow you to view your selected language in menus
and such.Inputting Non-English CharactersX11 Input Method (XIM)The X11 Input Method (XIM) Protocol is a new standard for
all X11 clients. All X11 applications should be written as XIM
clients that take input from XIM Input servers. There are
several XIM servers available for different languages.Printer SetupSome single C chars character sets are usually hardware
coded into printers. Wide or multibyte
character sets require special setup and we recommend using
apsfilter. You may also convert the
document to &postscript; or PDF formats using language specific
converters.Kernel and File SystemsThe FreeBSD fast filesystem (FFS) is 8-bit clean, so it can be used
with any single C chars character set (see &man.multibyte.3;),
but there is no character set
name stored in the filesystem; i.e., it is raw 8-bit and does not
know anything about encoding order. Officially, FFS does not
support any form of wide or multibyte character sets yet. However, some
wide or multibyte character sets have independent patches for FFS
enabling such support. They are only temporary unportable
solutions or hacks and we have decided to not include them in the
source tree. Refer to respective languages' web sites for more
informations and the patch files.DOSUnicodeThe FreeBSD &ms-dos; filesystem has the configurable ability to
convert between &ms-dos;, Unicode character sets and chosen
FreeBSD filesystem character sets. See &man.mount.msdos.8; for
details.Compiling I18N ProgramsMany FreeBSD Ports have been ported with I18N support. Some
of them are marked with -I18N in the port name. These and many
other programs have built in support for I18N and need no special
consideration.MySQLHowever, some applications such as
MySQL need to be have the
Makefile configured with the specific
charset. This is usually done in the
Makefile or done by passing a value to
configure in the source.Localizing FreeBSD to Specific LanguagesAndrey A.ChernovOriginally contributed by Russian Language (KOI8-R Encoding)localizationRussianFor more information about KOI8-R encoding, see the KOI8-R References
(Russian Net Character Set).Locale SetupPut the following lines into your
~/.login_conf file:me:My Account:\
:charset=KOI8-R:\
:lang=ru_RU.KOI8-R:See earlier in this chapter for examples of setting up the
locale.Console SetupFor the FreeBSD versions before 5.0 add the following line
to your kernel configuration file:options SC_MOUSE_CHAR=0x03For the FreeBSD versions 4.4 and up insert the following
line into /etc/rc.conf:mousechar_start=3Use following settings in
/etc/rc.conf:keymap="ru.koi8-r"
scrnmap="koi8-r2cp866"
font8x16="cp866b-8x16"
font8x14="cp866-8x14"
font8x8="cp866-8x8"For each ttyv* entry in
/etc/ttys, use
cons25r as the terminal type.See earlier in this chapter for examples of setting up the
console.Printer SetupprintersSince most printers with Russian characters come with
hardware code page CP866, a special output filter is needed
to convert from KOI8-R to CP866. Such a filter is installed by
default as /usr/libexec/lpr/ru/koi2alt.
A Russian printer /etc/printcap entry
should look like:lp|Russian local line printer:\
:sh:of=/usr/libexec/lpr/ru/koi2alt:\
:lp=/dev/lpt0:sd=/var/spool/output/lpd:lf=/var/log/lpd-errs:See &man.printcap.5; for a detailed description.&ms-dos; FS and Russian FilenamesThe following example &man.fstab.5; entry enables support
for Russian filenames in mounted &ms-dos; filesystems:/dev/ad0s2 /dos/c msdos rw,-Wkoi2dos,-Lru_RU.KOI8-R 0 0The option selects the locale name
used, and sets the character conversion
table. To use the option, be sure to
mount /usr before the &ms-dos; partition
because the conversion tables are located in
/usr/libdata/msdosfs. For more
informations, see the &man.mount.msdos.8; manual
page.X11 SetupDo non-X locale
setup first as described.The Russian KOI8-R locale
may not work with old &xfree86; releases (lower than 3.3).
&xfree86; 4.X is now the default
version of the X Window System on FreeBSD.
This should not be an
issue unless you are using an old version of
FreeBSD.Go to the
russian/X.language directory
and issue the following command:&prompt.root; make installThe above port installs the latest version of the KOI8-R
fonts. &xfree86; 3.3 already has some KOI8-R fonts, but these
are scaled better.Check the "Files" section
in your /etc/XF86Config file.
The following
lines must be added before any other
FontPath entries:FontPath "/usr/X11R6/lib/X11/fonts/cyrillic/misc"
FontPath "/usr/X11R6/lib/X11/fonts/cyrillic/75dpi"
FontPath "/usr/X11R6/lib/X11/fonts/cyrillic/100dpi"If you use a high resolution video mode, swap the 75 dpi
and 100 dpi lines.To activate a Russian keyboard, add the following to the
"Keyboard" section of your
XF86Config file.For &xfree86; 3.X:XkbLayout "ru"
XkbOptions "grp:caps_toggle"For &xfree86; 4.X:Option "XkbLayout" "ru"
Option "XkbOptions" "grp:caps_toggle"Also make sure that XkbDisable is
turned off (commented out) there.The RUS/LAT switch will be CapsLock.
The old CapsLock function is still
available via ShiftCapsLock (in LAT mode
only).If you have &windows; keys on your keyboard,
and notice that some non-alphabetical keys are mapped
incorrectly in RUS mode, add the following line in your
XF86Config file.For &xfree86; 3.X:XkbVariant "winkeys"For &xfree86; 4.X:Option "XkbVariant" "winkeys"The Russian XKB keyboard may not work with old &xfree86;
versions, see the above
note for more information. The Russian XKB
keyboard may also not work with non-localized
applications as well. Minimally localized applications
should call a XtSetLanguageProc (NULL, NULL,
NULL); function early in the program.
See
KOI8-R for X Window for more instructions on
localizing X11 applications.Traditional Chinese Localization for TaiwanlocalizationTraditional ChineseThe FreeBSD-Taiwan Project has an I18N/L10N tutorial for
FreeBSD at
using many Chinese ports.
The editor for the zh-L10N-tut is Clive Lin
Clive@CirX.org. You can also cvsup the following
collections at freebsd.sinica.edu.tw:CollectionDescriptionoutta-port tag=.Beta-quality ports collection for Chinesezh-L10N-tut tag=.Localizing FreeBSD Tutorial in BIG-5 Traditional
Chinesezh-doc tag=.FreeBSD Documentation Translation to BIG-5 Traditional
ChineseChuan-Hsing Shen s874070@mail.yzu.edu.tw has
created the Chinese
FreeBSD Collection (CFC) using FreeBSD-Taiwan's
zh-L10N-tut. The packages and the script files
are available at .German Language Localization (for All ISO 8859-1
Languages)localizationGermanSlaven Rezic eserte@cs.tu-berlin.de wrote a
tutorial how to use umlauts on a FreeBSD machine. The tutorial
is written in German and available at
.Japanese and Korean Language LocalizationlocalizationJapaneselocalizationKoreanFor Japanese, refer to
,
and for Korean, refer to
.Non-English FreeBSD DocumentationSome FreeBSD contributors have translated parts of FreeBSD to
other languages. They are available through links on the main site or in
+ url="&url.base;/index.html">main site or in
/usr/share/doc.
diff --git a/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.sgml b/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.sgml
index b8c739927d..ee4dff3993 100644
--- a/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/pgpkeys/chapter.sgml
@@ -1,811 +1,811 @@
PGP Keyspgp keysIn case you need to verify a signature or send encrypted email
to one of the officers or developers a number of keys are provided
here for your convenience. A complete keyring of FreeBSD.org
- users is available for download from http://www.FreeBSD.org/doc/pgpkeyring.txt.
+ users is available for download from http://www.FreeBSD.org/doc/pgpkeyring.txt.
Officers&a.security-officer;
&pgpkey.security-officer;
&a.core-secretary;
&pgpkey.core-secretary;
Core Team Members&a.imp;
&pgpkey.imp;
&a.jhb;
&pgpkey.jhb;
&a.kuriyama;
&pgpkey.kuriyama;
&a.murray;
&pgpkey.murray;
&a.peter;
&pgpkey.peter;
&a.wes;
&pgpkey.wes;
Developers&a.will;
&pgpkey.will;
&a.mat;
&pgpkey.mat;
&a.asami;
&pgpkey.asami;
&a.dougb;
&pgpkey.dougb;
&a.tobez;
&pgpkey.tobez;
&a.mbr;
&pgpkey.mbr;
&a.harti;
&pgpkey.harti;
&a.obraun;
&pgpkey.obraun;
&a.jmb;
&pgpkey.jmb;
&a.brueffer;
&pgpkey.brueffer;
&a.markus;
&pgpkey.markus;
&a.wilko;
&pgpkey.wilko;
&a.jon;
&pgpkey.jon;
&a.luoqi;
&pgpkey.luoqi;
&a.ache;
&pgpkey.ache;
&a.seanc;
&pgpkey.seanc;
&a.cjh;
&pgpkey.cjh;
&a.cjc;
&pgpkey.cjc;
&a.marcus;
&pgpkey.marcus;
&a.nik;
&pgpkey.nik;
&a.ceri;
&pgpkey.ceri;
&a.brooks;
&pgpkey.brooks;
&a.pjd;
&pgpkey.pjd;
&a.bsd;
&pgpkey.bsd;
&a.dd;
&pgpkey.dd;
&a.ale;
&pgpkey.ale;
&a.peadar;
&pgpkey.peadar;
&a.josef;
&pgpkey.josef;
&a.ue;
&pgpkey.ue;
&a.ru;
&pgpkey.ru;
&a.le;
&pgpkey.le;
&a.stefanf;
&pgpkey.stefanf;
&a.jedgar;
&pgpkey.jedgar;
&a.green;
&pgpkey.green;
&a.lioux;
&pgpkey.lioux;
&a.fanf;
&pgpkey.fanf;
&a.blackend;
&pgpkey.blackend;
&a.petef;
&pgpkey.petef;
&a.billf;
&pgpkey.billf;
&a.patrick;
&pgpkey.patrick;
&a.gioria;
&pgpkey.gioria;
&a.jmg;
&pgpkey.jmg;
&a.dannyboy;
&pgpkey.dannyboy;
&a.dhartmei;
&pgpkey.dhartmei;
&a.jhay;
&pgpkey.jhay;
&a.sheldonh;
&pgpkey.sheldonh;
&a.mikeh;
&pgpkey.mikeh;
&a.ghelmer;
&pgpkey.ghelmer;
&a.mux;
&pgpkey.mux;
&a.mich;
&pgpkey.mich;
&a.foxfair;
&pgpkey.foxfair;
&a.jkh;
&pgpkey.jkh;
&a.trevor;
&pgpkey.trevor;
&a.phk;
&pgpkey.phk;
&a.joe;
&pgpkey.joe;
&a.vkashyap;
&pgpkey.vkashyap;
&a.kris;
&pgpkey.kris;
&a.keramida;
&pgpkey.keramida;
&a.fjoe;
&pgpkey.fjoe;
&a.andreas;
&pgpkey.andreas;
&a.sergei;
&pgpkey.sergei;
&a.maxim;
&pgpkey.maxim;
&a.jkoshy;
&pgpkey.jkoshy;
&a.rik;
&pgpkey.rik;
&a.rushani;
&pgpkey.rushani;
&a.clement;
&pgpkey.clement;
&a.mlaier;
&pgpkey.mlaier;
&a.alex;
&pgpkey.alex;
&a.erwin;
&pgpkey.erwin;
&a.leeym;
&pgpkey.leeym;
&a.netchild;
&pgpkey.netchild;
&a.ijliao;
&pgpkey.ijliao;
&a.clive;
&pgpkey.clive;
&a.arved;
&pgpkey.arved;
&a.scottl;
&pgpkey.scottl;
&a.pav;
&pgpkey.pav;
&a.bmah;
&pgpkey.bmah;
&a.mtm;
&pgpkey.mtm;
&a.dwmalone;
&pgpkey.dwmalone;
&a.matusita;
&pgpkey.matusita;
&a.ken;
&pgpkey.ken;
&a.dinoex;
&pgpkey.dinoex;
&a.sanpei;
&pgpkey.sanpei;
&a.jim;
&pgpkey.jim;
&a.marcel;
&pgpkey.marcel;
&a.tmm;
&pgpkey.tmm;
&a.rich;
&pgpkey.rich;
&a.knu;
&pgpkey.knu;
&a.max;
&pgpkey.max;
&a.yoichi;
&pgpkey.yoichi;
&a.bland;
&pgpkey.bland;
&a.simon;
&pgpkey.simon;
&a.anders;
&pgpkey.anders;
&a.obrien;
&pgpkey.obrien;
&a.philip;
&pgpkey.philip;
&a.hmp;
&pgpkey.hmp;
&a.mp;
&pgpkey.mp;
&a.roam;
&pgpkey.roam;
&a.den;
&pgpkey.den;
&a.pirzyk;
&pgpkey.pirzyk;
&a.jdp;
&pgpkey.jdp;
&a.krion;
&pgpkey.krion;
&a.markp;
&pgpkey.markp;
&a.thomas;
&pgpkey.thomas;
&a.dfr;
&pgpkey.dfr;
&a.trhodes;
&pgpkey.trhodes;
&a.benno;
&pgpkey.benno;
&a.paul;
&pgpkey.paul;
&a.roberto;
&pgpkey.roberto;
&a.guido;
&pgpkey.guido;
&a.niklas;
&pgpkey.niklas;
&a.marks;
&pgpkey.marks;
&a.hrs;
&pgpkey.hrs;
&a.wosch;
&pgpkey.wosch;
&a.das;
&pgpkey.das;
&a.schweikh;
&pgpkey.schweikh;
&a.gshapiro;
&pgpkey.gshapiro;
&a.arun;
&pgpkey.arun;
&a.vanilla;
&pgpkey.vanilla;
&a.cshumway;
&pgpkey.cshumway;
&a.demon;
&pgpkey.demon;
&a.jesper;
&pgpkey.jesper;
&a.scop;
&pgpkey.scop;
&a.kensmith;
&pgpkey.kensmith;
&a.ben;
&pgpkey.ben;
&a.des;
&pgpkey.des;
&a.sobomax;
&pgpkey.sobomax;
&a.dcs;
&pgpkey.dcs;
&a.brian;
&pgpkey.brian;
&a.nsouch;
&pgpkey.nsouch;
&a.vs;
&pgpkey.vs;
&a.gsutter;
&pgpkey.gsutter;
&a.metal;
&pgpkey.metal;
&a.nyan;
&pgpkey.nyan;
&a.mi;
&pgpkey.mi;
&a.gordon;
&pgpkey.gordon;
&a.lth;
&pgpkey.lth;
&a.thierry;
&pgpkey.thierry;
&a.viny;
&pgpkey.viny;
&a.nectar;
&pgpkey.nectar;
&a.adamw;
&pgpkey.adamw;
&a.nate;
&pgpkey.nate;
&a.wollman;
&pgpkey.wollman;
&a.joerg;
&pgpkey.joerg;
&a.phantom;
&pgpkey.phantom;
diff --git a/en_US.ISO8859-1/books/handbook/ports/chapter.sgml b/en_US.ISO8859-1/books/handbook/ports/chapter.sgml
index f0600f7f7d..ea956f89e5 100644
--- a/en_US.ISO8859-1/books/handbook/ports/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/ports/chapter.sgml
@@ -1,1299 +1,1299 @@
Installing Applications: Packages and PortsSynopsisportspackagesFreeBSD is bundled with a rich collection of system tools as
part of the base system. However, there is only so much one can
do before needing to install an additional third-party
application to get real work done. FreeBSD provides two
complementary technologies for installing third party software
on your system: the FreeBSD Ports Collection, and binary
software packages. Either system may be used to install the
newest version of your favorite applications from local media or
straight off the network.After reading this chapter, you will know:How to install third-party binary software packages.How to build third-party software from the ports
collection.How to remove previously installed packages or ports.How to override the default values that the ports
collection uses.How to upgrade your ports.Overview of Software InstallationIf you have used a &unix; system before you will know that the typical
procedure for installing third party software goes something like
this:Download the software, which might be distributed in source code
format, or as a binary.Unpack the software from its distribution format (typically a
tarball compressed with &man.compress.1;, &man.gzip.1;, or &man.bzip2.1;).Locate the documentation (perhaps an INSTALL or README
file, or some files in a doc/ subdirectory) and
read up on how to install the software.If the software was distributed in source format, compile it.
This may involve editing a Makefile, or
running a configure script, and other work.Test and install the software.And that is only if everything goes well. If you are installing a
software package that was not deliberately ported to FreeBSD you may
even have to go in and edit the code to make it work properly.Should you want to, you can continue to install software the
traditional way with FreeBSD. However, FreeBSD
provides two technologies which can save you a lot of effort:
packages and ports. At the time of writing, over &os.numports;
third party applications have been made available in this
way.For any given application, the FreeBSD package for that
application is a single file which you must download. The
package contains pre-compiled copies of all the commands for the
application, as well as any configuration files or
documentation. A downloaded package file can be manipulated
with FreeBSD package management commands, such as
&man.pkg.add.1;, &man.pkg.delete.1;, &man.pkg.info.1;, and so
on. Installing a new application can be carried out with a single
command.A FreeBSD port for an application is a collection of files
designed to automate the process of compiling an application
from source code.Remember that there are a number of steps you would normally
carry out if you compiled a program yourself (downloading,
unpacking, patching, compiling, installing). The files that
make up a port contain all the necessary information to allow
the system to do this for you. You run a handful of simple
commands and the source code for the application is
automatically downloaded, extracted, patched, compiled, and
installed for you.In fact, the ports system can also be used to generate packages
which can later be manipulated with pkg_add
and the other package management commands that will be introduced
shortly.Both packages and ports understand
dependencies. Suppose you want to install
an application that depends on a specific library being
installed. Both the application and the library have been made
available as FreeBSD ports and packages. If you use the
pkg_add command or the ports system to add
the application, both will notice that the library has not been
installed, and automatically install the library first.Given that the two technologies are quite similar, you might
be wondering why FreeBSD bothers with both. Packages and ports
both have their own strengths, and which one you use will depend
on your own preference.Package BenefitsA compressed package tarball is typically smaller than
the compressed tarball containing the source code for the
application.Packages do not require any additional compilation. For
large applications, such as
Mozilla,
KDE, or
GNOME this can be important,
particularly if you are on a slow system.Packages do not require any understanding of the process
involved in compiling software on FreeBSD.Ports BenefitsPackages are normally compiled with conservative options,
because they have to run on the maximum number of systems. By
installing from the port, you can tweak the compilation options to
(for example) generate code that is specific to a Pentium
IV or Athlon processor.Some applications have compile time options relating to
what they can and cannot do. For example,
Apache can be configured with a
wide variety of different built-in options. By building
from the port you do not have to accept the default options,
and can set them yourself.In some cases, multiple packages will exist for the same
application to specify certain settings. For example,
Ghostscript is available as a
ghostscript package and a
ghostscript-nox11 package, depending on
whether or not you have installed an X11 server. This sort
of rough tweaking is possible with packages, but rapidly
becomes impossible if an application has more than one or
two different compile time options.The licensing conditions of some software distributions forbid
binary distribution. They must be distributed as source
code.Some people do not trust binary distributions. At least
with source code, you can (in theory) read through it and
look for potential problems yourself.If you have local patches, you will need the source in order to
apply them.Some people like having code around, so they can read it
if they get bored, hack it, borrow from it (license
permitting, of course), and so on.To keep track of updated ports, subscribe to the
&a.ports; and the &a.ports-bugs;.Before installing any application, you should check for security issues
related to your application.You can also install security/portaudit which will
automatically check all installed applications for known
vulnerabilities, a check will be also performed before any port
build. Meanwhile, you can use the command portaudit
-F -a after you have installed some
packages.The remainder of this chapter will explain how to use
packages and ports to install and manage third party software on
FreeBSD.Finding Your ApplicationBefore you can install any applications you need to know what you
want, and what the application is called.FreeBSD's list of available applications is growing all the
time. Fortunately, there are a number of ways to find what you
want:The FreeBSD web site maintains an up-to-date searchable
list of all the available applications, at http://www.FreeBSD.org/ports/.
+ url="&url.base;/ports/index.html">http://www.FreeBSD.org/ports/.
The ports are divided into categories, and you may either
search for an application by name (if you know it), or see
all the applications available in a category.FreshPortsDan Langille maintains FreshPorts, at . FreshPorts
tracks changes to the applications in the ports tree as they
happen, allows you to watch one or more
ports, and can send you email when they are updated.FreshMeatIf you do not know the name of the application you want,
try using a site like FreshMeat () to find an
application, then check back at the FreeBSD site to see if
the application has been ported yet.ChernLeeContributed by Using the Packages SystemInstalling a Packagepackagesinstallingpkg_addYou can use the &man.pkg.add.1; utility to install a
FreeBSD software package from a local file or from a server on
the network.Downloading a Package Manually and Installing It Locally&prompt.root; ftp -a ftp2.FreeBSD.org
Connected to ftp2.FreeBSD.org.
220 ftp2.FreeBSD.org FTP server (Version 6.00LS) ready.
331 Guest login ok, send your email address as password.
230-
230- This machine is in Vienna, VA, USA, hosted by Verio.
230- Questions? E-mail freebsd@vienna.verio.net.
230-
230-
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>cd /pub/FreeBSD/ports/packages/sysutils/
250 CWD command successful.
ftp>get lsof-4.56.4.tgz
local: lsof-4.56.4.tgz remote: lsof-4.56.4.tgz
200 PORT command successful.
150 Opening BINARY mode data connection for 'lsof-4.56.4.tgz' (92375 bytes).
100% |**************************************************| 92375 00:00 ETA
226 Transfer complete.
92375 bytes received in 5.60 seconds (16.11 KB/s)
ftp>exit
&prompt.root; pkg_add lsof-4.56.4.tgzIf you do not have a source of local packages (such as a
FreeBSD CD-ROM set) then it will probably be easier to use the
option to &man.pkg.add.1;. This will
cause the utility to automatically determine the correct
object format and release and then fetch and install the
package from an FTP site.
pkg_add&prompt.root; pkg_add -r lsofThe example above would download the correct package and
add it without any further user intervention.
If you want to specify an alternative &os; Packages Mirror,
instead of the main distribution site, you have to set
PACKAGESITE accordingly, to
override the default settings. &man.pkg.add.1;
uses &man.fetch.3; to download the files, which honors various
environment variables, including
FTP_PASSIVE_MODE, FTP_PROXY, and
FTP_PASSWORD. You may need to set one or more
of these if you are behind a firewall, or need to use an
FTP/HTTP proxy. See &man.fetch.3; for the complete list.
Note that in the example above
lsof is used instead of
lsof-4.56.4. When the remote fetching
feature is used, the version number of the package must be
removed. &man.pkg.add.1; will automatically fetch the latest
version of the application.Package files are distributed in .tgz
and .tbz formats. You can find them at ,
or on the FreeBSD CD-ROM distribution. Every CD on the
FreeBSD 4-CD set (and the PowerPak, etc.) contains packages
in the /packages directory. The layout
of the packages is similar to that of the
/usr/ports tree. Each category has its
own directory, and every package can be found within the
All directory.
The directory structure of the package system matches the
ports layout; they work with each other to form the entire
package/port system.
Managing Packagespackagesmanaging&man.pkg.info.1; is a utility that lists and describes
the various packages installed.
pkg_info&prompt.root; pkg_info
cvsup-16.1 A general network file distribution system optimized for CV
docbook-1.2 Meta-port for the different versions of the DocBook DTD
...&man.pkg.version.1; is a utility that summarizes the
versions of all installed packages. It compares the package
version to the current version found in the ports tree.
pkg_version&prompt.root; pkg_version
cvsup =
docbook =
...The symbols in the second column indicate the relative age
of the installed version and the version available in the
local ports tree.SymbolMeaning=The version of the
installed package matches the one found in the
local ports tree.<The installed version is older than the one available
in the ports tree.>The installed version is newer
than the one found in the local ports tree. (The local ports
tree is probably out of date.)?The installed package cannot be
found in the ports index. (This can happen, for instance, if an
installed port is removed from the ports collection or
renamed.)*There are multiple versions of the
package.Deleting a Packagepkg_deletepackagesdeletingTo remove a previously installed software package, use the
&man.pkg.delete.1; utility.
&prompt.root; pkg_delete xchat-1.7.1MiscellaneousAll package information is stored within the
/var/db/pkg directory. The installed
file list and descriptions of each package can be found within
files in this directory.
Using the Ports CollectionThe following sections provide basic instructions on using the
ports collection to install or remove programs from your
system.Obtaining the Ports CollectionBefore you can install ports, you must first obtain the
ports collection—which is essentially a set of
Makefiles, patches, and description files
placed in /usr/ports.
When installing your FreeBSD system,
sysinstall asked if you would like
to install the ports collection. If you chose no, you can
follow these instructions to obtain the ports
collection:Sysinstall MethodThis method involves using
sysinstall again to manually
install the ports collection.As root, run /stand/sysinstall as
shown below:&prompt.root; /stand/sysinstallScroll down and select Configure,
press Enter.Scroll down and select
Distributions, press Enter.Scroll down to ports, press
Space.Scroll up to Exit, press
Enter.Select your desired installation media, such as CDROM,
FTP, and so on.Scroll up to Exit and press
Enter.Press X to exit
sysinstall.The alternative method to obtain and keep your ports
collection up to date is by using
CVSup. Look at the ports
CVSup file,
/usr/share/examples/cvsup/ports-supfile.
See Using CVSup () for more information on using
CVSup and this file.CVSup MethodThis is a quick method for getting the ports collection
using CVSup. If you want to keep
your ports tree up to date, or learn more about
CVSup, read the previously
mentioned sections.Install the net/cvsup port. See CVSup Installation () for more details.As root, copy
/usr/share/examples/cvsup/ports-supfile
to a new location, such as /root or your
home directory.Edit ports-supfile.Change CHANGE_THIS.FreeBSD.org to a
CVSup server near you. See CVSup Mirrors () for a complete listing of mirror
sites.Run cvsup:&prompt.root; cvsup -g -L 2 /root/ports-supfileRunning this command later will download and apply all
the recent changes to your ports collection, except
actually rebuilding the ports for your own system.Installing PortsportsinstallingThe first thing that should be explained when it comes to
the ports collection is what is actually meant by a
skeleton. In a nutshell, a port skeleton is a
minimal set of files that tell your FreeBSD system how to
cleanly compile and install a program. Each port skeleton
includes:A Makefile. The
Makefile contains various statements
that specify how the application should be compiled and
where it should be installed on your system.A distinfo file. This file
contains information about the files that must be
downloaded to build the port and their checksums, to
verify that files have not been corrupted during the
download using &man.md5.1;.A files directory. This
directory contains patches to make the program compile and
install on your FreeBSD system. Patches are basically
small files that specify changes to particular files.
They are in plain text format, and basically say
Remove line 10 or Change line 26 to
this .... Patches are also known as
diffs because they are generated by the
&man.diff.1; program.This directory may also contain other files used to build
the port.A pkg-descr file. This is a more
detailed, often multiple-line, description of the program.A pkg-plist file. This is a list of all
the files that will be installed by the port. It also tells the
ports system what files to remove upon deinstallation.Some ports have other files, such as
pkg-message. The ports system uses these
files to handle special situations. If you want more details
on these files, and on ports in general, check out the FreeBSD Porter's
Handbook.Now that you have enough background information to know
what the ports collection is used for, you are ready to
install your first port. There are two ways this can be done,
and each is explained below.Before we get into that, however, you will need to choose a
port to install. There are a few ways to do this, with the
easiest method being the ports listing on the FreeBSD
+ url="&url.base;/ports/index.html">ports listing on the FreeBSD
web site. You can browse through the ports listed there
or use the search function on the site. Each port also includes
a description so you can read a bit about each port before
deciding to install it.Another method is to use the &man.whereis.1; command.
Simply type whereis
file, where
file is the program you want to
install. If it is found on your system, you will be told
where it is, as follows:&prompt.root; whereis lsof
lsof: /usr/ports/sysutils/lsofThis tells us that lsof (a system
utility) can be found in the
/usr/ports/sysutils/lsof
directory.Yet another way to find a particular port is by using the
ports collection's built-in search mechanism. To use the
search feature, you will need to be in the
/usr/ports directory. Once in that
directory, run make search
name=program-name where
program-name is the name of the
program you want to find. For example, if you were looking
for lsof:&prompt.root; cd /usr/ports
&prompt.root; make search name=lsof
Port: lsof-4.56.4
Path: /usr/ports/sysutils/lsof
Info: Lists information about open files (similar to fstat(1))
Maint: obrien@FreeBSD.org
Index: sysutils
B-deps:
R-deps: The part of the output you want to pay particular
attention to is the Path: line, since that
tells you where to find the port. The other information
provided is not needed in order to install the port, so it
will not be covered here.For more in-depth searching you can also use make
search key=string where
string is some text to search for.
This searches port names, comments, descriptions and
dependencies and can be used to find ports which relate to a
particular subject if you don't know the name of the program
you are looking for.In both of these cases, the search string is case-insensitive.
Searching for LSOF will yield the same results as
searching for lsof.You must be logged in as root to install
ports.Now that you have found a port you would like to install,
you are ready to do the actual installation. The port
includes instructions on how to build source code, but does not include the
actual source code. You can get the source code from a CD-ROM
or from the Internet. Source code is distributed in whatever
manner the software author desires. Frequently this is a
tarred and gzipped file, but it might be compressed with some
other tool or even uncompressed. The program source code,
whatever form it comes in, is called a
distfile. You can get the distfile from a
CD-ROM or from the Internet.Before installing any port, you should be sure to have
an up-to-date ports collection and you should check for security issues
related to your port.A security vulnerabilities check can be automatically
done by portaudit before any new
application installation. This tool can be found in the
ports collection (security/portaudit). Consider
running portaudit -F before installing a
new port, to fetch the current vulnerabilities database. A
security audit and an update of the database will be
performed during the daily security system check. For more
informations read the &man.portaudit.1; and &man.periodic.8;
manual pages.Installing Ports from a CD-ROMportsinstalling from CD-ROMThe FreeBSD Project's official CD-ROM images no longer
include distfiles. They take up a lot of room that is
better used for precompiled packages. CD-ROM products such as
the FreeBSD PowerPak do include distfiles, and you can
order these sets from a vendor such as the FreeBSD Mall.
This section assumes you have such a FreeBSD CD-ROM
set.Place your FreeBSD CD-ROM in the drive. Mount it on
/cdrom. (If you use a different mount
point, the install will not work.) To begin, change to the
directory for the port you want to install:&prompt.root; cd /usr/ports/sysutils/lsofOnce inside the lsof directory,
you will see the port
skeleton. The next step is to compile, or build, the
port. This is done by simply typing make at
the prompt. Once you have done so, you should see something
like this:&prompt.root; make
>> lsof_4.57D.freebsd.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
>> Attempting to fetch from file:/cdrom/ports/distfiles/.
===> Extracting for lsof-4.57
...
[extraction output snipped]
...
>> Checksum OK for lsof_4.57D.freebsd.tar.gz.
===> Patching for lsof-4.57
===> Applying FreeBSD patches for lsof-4.57
===> Configuring for lsof-4.57
...
[configure output snipped]
...
===> Building for lsof-4.57
...
[compilation output snipped]
...
&prompt.root;Notice that once the compile is complete you are
returned to your prompt. The next step is to install the
port. In order to install it, you simply need to tack one word
onto the make command, and that word is
install:&prompt.root; make install
===> Installing for lsof-4.57
...
[installation output snipped]
...
===> Generating temporary packing list
===> Compressing manual pages for lsof-4.57
===> Registering installation for lsof-4.57
===> SECURITY NOTE:
This port has installed the following binaries which execute with
increased privileges.
&prompt.root;Once you are returned to your prompt, you should be able to
run the application you just installed. Since
lsof is a
program that runs with increased privileges, a security
warning is shown. During the building and installation of
ports, you should take heed of any other warnings that
may appear.You can save an extra step by just running make
install instead of make and
make install as two separate steps.Some shells keep a cache of the commands that are
available in the directories listed in the
PATH environment variable, to speed up
lookup operations for the executable file of these
commands. If you are using one of these shells, you might
have to use the rehash command after
installing a port, before the newly installed commands can
be used. This is true for both shells that are part of
the base-system (such as tcsh) and
shells that are available as ports (for instance,
shells/zsh).Please be aware that the licenses of a few ports do
not allow for inclusion on the CD-ROM. This could be
because a registration form needs to be filled out before
downloading or redistribution is not allowed, or for
another reason. If you wish to install a port not
included on the CD-ROM, you will need to be online in
order to do so (see the next
section).Installing Ports from the InternetAs with the last section, this section makes an
assumption that you have a working Internet connection. If
you do not, you will need to perform the CD-ROM installation, or put a copy
of the distfile into
/usr/ports/distfiles manually.Installing a port from the Internet is done exactly the
same way as it would be if you were installing from a
CD-ROM. The only difference between the two is that the
distfile is downloaded from the Internet instead of read
from the CD-ROM.The steps involved are identical:&prompt.root; make install
>> lsof_4.57D.freebsd.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
>> Attempting to fetch from ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/.
Receiving lsof_4.57D.freebsd.tar.gz (439860 bytes): 100%
439860 bytes transferred in 18.0 seconds (23.90 kBps)
===> Extracting for lsof-4.57
...
[extraction output snipped]
...
>> Checksum OK for lsof_4.57D.freebsd.tar.gz.
===> Patching for lsof-4.57
===> Applying FreeBSD patches for lsof-4.57
===> Configuring for lsof-4.57
...
[configure output snipped]
...
===> Building for lsof-4.57
...
[compilation output snipped]
...
===> Installing for lsof-4.57
...
[installation output snipped]
...
===> Generating temporary packing list
===> Compressing manual pages for lsof-4.57
===> Registering installation for lsof-4.57
===> SECURITY NOTE:
This port has installed the following binaries which execute with
increased privileges.
&prompt.root;As you can see, the only difference is the line that tells
you where the system is fetching the port distfile from.The ports system uses &man.fetch.1; to download the
files, which honors various environment variables, including
FTP_PASSIVE_MODE, FTP_PROXY,
and FTP_PASSWORD. You may need to set one or
more of these if you are behind a firewall, or need to use
an FTP/HTTP proxy. See &man.fetch.3; for the complete
list.For users which cannot be connected all the time, the
make fetch option is
provided. Just run this command at the top level directory
(/usr/ports) and the required files
will be downloaded for you. This command will also work in
the lower level categories, for example:
/usr/ports/net.
Note that if a port depends on libraries or other ports this will
not fetch the distfiles of those ports too.
Replace fetch with
fetch-recursive
if you want to fetch all the dependencies of a port too.You can build all the ports in a category or as a
whole by running make in the top level
directory, just like the aforementioned make
fetch method. This is
dangerous, however, as some ports cannot co-exist. In other
cases, some ports can install two different files with the
same filename.In some rare cases, users may need to acquire the
tarballs from a site other than the
MASTER_SITES (the location where files
are downloaded from). You can override the
MASTER_SITES option with the following
command:&prompt.root; cd /usr/ports/directory
&prompt.root; make MASTER_SITE_OVERRIDE= \
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/ fetchIn this example we change the
MASTER_SITES option to ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/.Some ports allow (or even require) you to provide build options
which can enable/disable parts of the application which are
unneeded, certain security options, and other
customizations. A few which come to mind are www/mozilla, security/gpgme, and mail/sylpheed-claws. A message
will be displayed when options such as these are
available.Overriding the Default Ports DirectoriesSometimes it is useful (or mandatory) to use a different
distfiles and ports directory. The
PORTSDIR and PREFIX
variables can override the default directories. For
example:&prompt.root; make PORTSDIR=/usr/home/example/ports installwill compile the port in
/usr/home/example/ports and install
everything under /usr/local.&prompt.root; make PREFIX=/usr/home/example/local installwill compile it in /usr/ports and
install it in
/usr/home/example/local.And of course,&prompt.root; make PORTSDIR=../ports PREFIX=../local installwill combine the two (it is too long to completely write
on this page, but it should give you the general
idea).Alternatively, these variables can also be set as part
of your environment. Read the manual page for your shell
for instructions on doing so.Dealing with imakeSome ports that use imake (a part of
the X Window System) do not work well with
PREFIX, and will insist on installing
under /usr/X11R6. Similarly, some Perl
ports ignore PREFIX and install in the
Perl tree. Making these ports respect
PREFIX is a difficult or impossible
job.Removing Installed PortsportsremovingNow that you know how to install ports, you are probably
wondering how to remove them, just in case you install one and
later on decide that you installed the wrong port.
We will remove our previous example (which was
lsof for
those of you not paying attention). As with installing ports,
the first thing you must do is change to the port directory,
/usr/ports/sysutils/lsof. After you change
directories, you are ready to uninstall lsof.
This is done with
the make deinstall command:&prompt.root; cd /usr/ports/sysutils/lsof
&prompt.root; make deinstall
===> Deinstalling for lsof-4.57That was easy enough. You have removed
lsof
from your system. If you would like to reinstall it, you can do
so by running make reinstall from the
/usr/ports/sysutils/lsof directory.The make deinstall and make
reinstall sequence does not work once you have run
make clean. If you want to deinstall a
port after cleaning, use &man.pkg.delete.1; as
discussed in the Packages
section of the Handbook.Ports and Disk Spaceportsdisk-spaceUsing the ports collection can defiantly eat up your disk
space. For this reason you should always remember to clean up
the work directories using the make
clean option. This will remove
the work directory after a port has been
built, and installed. You can also remove the tar files from
the distfiles directory, and remove the
installed ports when their use has delimited.Some users choose to limit the port categories by placing an entry
in the refuse file. This way when they run the
CVSup application, it will not download the
files in that category.Upgrading PortsportupgradeportsupgradingOnce you updated your ports collection, before
attempting a port upgrade, you should check the
/usr/ports/UPDATING file. This file
describes various issues and additional steps users may
encounter and need to perform when updating a port.Keeping your ports up to date can be a tedious job. For
instance, to upgrade a port you would go to the ports
directory, build the port, deinstall the old port, install the
new port, and then clean up after the build. Imagine doing
that for five ports, tedious right? This was a large problem
for system administrators to deal with, and now we have
utilities which do this for us. For instance the sysutils/portupgrade utility will do
everything for you! Just install it like you would any other
port, using the make install
clean command.Now create a database with the pkgdb -F
command. This will read the list of installed ports and
create a database file in the /var/db/pkg
directory. Now when you run portupgrade
-a, it will read this and the ports
INDEX file. Finally,
portupgrade will begin to download, build,
backup, install, and clean the ports which have been updated.
portupgrade comes with a lot of options
for different use cases, the most important ones will be presented
below.If you want to upgrade only a certain application, not the
complete database, use portupgrade
pkgname,
include the flags if
portupgrade should act on all
those packages depending on the given package as well, and
to act on all packages required by
the given packages.
To use packages instead of ports for installation, provide
and to just fetch distfiles without
building or installing anything, use .
For further information see &man.portupgrade.1;.It is important to regularly update the package database using
pkgdb -F to fix inconsistencies, especially when
portupgrade asks you to. Do not abort
portupgrade while it is updating the
package database, this will leave you an inconsistent
database.Other utilities exist which will do this, check out the
ports/sysutils directory and see what you
come up with.Post-installation ActivitiesAfter installing a new application you will normally want to
read any documentation it may have included, edit any
configuration files that are required, ensure that the
application starts at boot time (if it is a daemon), and so
on.The exact steps you need to take to configure each
application will obviously be different. However, if you have
just installed a new application and are wondering What
now? these tips might help:Use &man.pkg.info.1; to find out which files were installed,
and where. For example, if you have just
installed FooPackage version 1.0.0, then this command&prompt.root; pkg_info -L foopackage-1.0.0 | lesswill show all the files installed by the package. Pay
special attention to files in man/
directories, which will be manual pages,
etc/ directories, which will be
configuration files, and doc/, which
will be more comprehensive documentation.If you are not sure which version of the application was
just installed, a command like this&prompt.root; pkg_info | grep -i foopackagewill find all the installed packages that have
foopackage in the package name.
Replace foopackage in your
command line as necessary.Once you have identified where the application's manual
pages have been installed, review them using &man.man.1;.
Similarly, look over the sample configuration files, and any
additional documentation that may have been provided.If the application has a web site, check it for
additional documentation, frequently asked questions, and so
forth. If you are not sure of the web site address it may
be listed in the output from&prompt.root; pkg_info foopackage-1.0.0A WWW: line, if present, should provide a URL
for the application's web site.Ports that should start at boot (such as Internet
servers) will usually install a sample script in
/usr/local/etc/rc.d. You should
review this script for correctness and edit or rename it if
needed. See Starting
Services for more information.Dealing with Broken PortsIf you come across a port that does not work for you,
there are a few things you can do, including:Fix it! The Porter's
Handbook includes detailed information on the
Ports infrastructure so that you can fix the occasional
broken port or even submit your own!Gripe—by email only! Send
email to the maintainer of the port first. Type
make maintainer or read the
Makefile to find the maintainer's
email address. Remember to include the name and version
of the port (send the $FreeBSD:
line from the Makefile) and the
output leading up to the error when you email the
maintainer. If you do not get a response from the
maintainer, you can use &man.send-pr.1; to submit a bug
report.Grab the package from an FTP site near you. The
master package collection is on ftp.FreeBSD.org in the packages
directory, but be sure to check your local mirror
first! These are more likely to work
than trying to compile from source and are a lot faster as
well. Use the &man.pkg.add.1; program to install the
package on your system.
diff --git a/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.sgml b/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.sgml
index b055a93468..057df81c1e 100644
--- a/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/ppp-and-slip/chapter.sgml
@@ -1,3271 +1,3271 @@
JimMockRestructured, reorganized, and updated by PPP and SLIPSynopsisPPPSLIPFreeBSD has a number of ways to link one computer to
another. To establish a network or Internet connection through a
dial-up modem, or to allow others to do so through you, requires
the use of PPP or SLIP. This chapter describes setting up
these modem-based communication services in detail.After reading this chapter, you will know:How to set up user PPP.How to set up kernel PPP.How to set up PPPoE (PPP over
Ethernet).How to set up PPPoA (PPP over
ATM).How to configure and set up a SLIP client and
server.PPPuser PPPPPPkernel PPPPPPover EthernetBefore reading this chapter, you should:Be familiar with basic network terminology.Understand the basics and purpose of a dialup connection
and PPP and/or SLIP.You may be wondering what the main difference is between user
PPP and kernel PPP. The answer is simple: user PPP processes the
inbound and outbound data in userland rather than in the kernel.
This is expensive in terms of copying the data between the kernel
and userland, but allows a far more feature-rich PPP implementation.
User PPP uses the tun device to communicate
with the outside world whereas kernel PPP uses the
ppp device.Throughout in this chapter, user PPP will simply be
referred to as ppp unless a distinction needs to be made between it
and any other PPP software such as pppd.
Unless otherwise stated, all of the commands explained in this
chapter should be executed as root.TomRhodesUpdated and enhanced by BrianSomersOriginally contributed by NikClaytonWith input from DirkFrömbergPeterChildsUsing User PPPUser PPPAssumptionsThis document assumes you have the following:ISPPPPAn account with an Internet Service Provider (ISP) which
you connect to using PPP.You have a modem or
other device connected to your system and configured
correctly which allows you to connect to your ISP.The dial-up number(s) of your ISP.PAPCHAPUNIXlogin namepasswordYour login name and password. (Either a
regular &unix; style login and password pair, or a PAP or CHAP
login and password pair.)nameserverThe IP address of one or more name servers.
Normally, you will be given two IP addresses by your ISP to
use for this. If they have not given you at least one, then
you can use the enable dns command in
ppp.conf and
ppp will set the name servers for
you. This feature depends on your ISPs PPP implementation
supporting DNS negotiation.The following information may be supplied by your ISP, but
is not completely necessary:The IP address of your ISP's gateway. The gateway is
the machine to which you will connect and will be set up as
your default route. If you do not have
this information, we can make one up and your ISP's PPP
server will tell us the correct value when we connect.This IP number is referred to as
HISADDR by
ppp.The netmask you should use. If your ISP has not
provided you with one, you can safely use 255.255.255.255.static IP addressIf your ISP provides you with a static IP address and
hostname, you can enter it. Otherwise, we simply let the
peer assign whatever IP address it sees fit.If you do not have any of the required information, contact
your ISP.Throughout this section, many of the examples showing
the contents of configuration files are numbered by line.
These numbers serve to aid in the presentation and
discussion only and are not meant to be placed in the actual
file. Proper indentation with tab and space characters is
also important.Creating PPP Device NodesPPPcreating device nodesUnder normal circumstances, most users will only need
one tun device
(/dev/tun0). References to
tun0 below may be changed to
tunN
where N is any unit number
corresponding to your system.For FreeBSD installations that do not have &man.devfs.5; enabled
(FreeBSD 4.X and earlier), the existence of the
tun0 device should be verified (this is not
necessary if &man.devfs.5; is enabled as device nodes will be created
on demand).The easiest way to make sure that the
tun0 device is configured correctly
is to remake the device. To remake the device, do the
following:&prompt.root; cd /dev
&prompt.root; sh MAKEDEV tun0If you need 16 tunnel devices in your kernel, you will need
to create them. This can be done by executing the following
commands:&prompt.root; cd /dev
&prompt.root; sh MAKEDEV tun15Automatic PPP ConfigurationPPPconfigurationBoth ppp and pppd
(the kernel level implementation of PPP) use the configuration
files located in the /etc/ppp directory.
Examples for user ppp can be found in
/usr/share/examples/ppp/.Configuring ppp requires that you edit a
number of files, depending on your requirements. What you put
in them depends to some extent on whether your ISP allocates IP
addresses statically (i.e., you get given one IP address, and
always use that one) or dynamically (i.e., your IP address
changes each time you connect to your ISP).PPP and Static IP AddressesPPPwith static IP addressesYou will need to edit the
/etc/ppp/ppp.conf configuration file. It
should look similar to the example below.Lines that end in a : start in
the first column (beginning of the line)— all other
lines should be indented as shown using spaces or
tabs.1 default:
2 set log Phase Chat LCP IPCP CCP tun command
3 ident user-ppp VERSION (built COMPILATIONDATE)
4 set device /dev/cuaa0
5 set speed 115200
6 set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \
7 \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT"
8 set timeout 180
9 enable dns
10
11 provider:
12 set phone "(123) 456 7890"
13 set authname foo
14 set authkey bar
15 set login "TIMEOUT 10 \"\" \"\" gin:--gin: \\U word: \\P col: ppp"
16 set timeout 300
17 set ifaddr x.x.x.xy.y.y.y 255.255.255.255 0.0.0.0
18 add default HISADDRLine 1:Identifies the default entry. Commands in this
entry are executed automatically when ppp is run.Line 2:Enables logging parameters. When the configuration
is working satisfactorily, this line should be reduced
to saying
set log phase tun
in order to avoid excessive log file sizes.Line 3:Tells PPP how to identify itself to the peer.
PPP identifies itself to the peer if it has any trouble
negotiating and setting up the link, providing information
that the peers administrator may find useful when
investigating such problems.Line 4:Identifies the device to which the modem is
connected. COM1 is
/dev/cuaa0 and
COM2 is
/dev/cuaa1.Line 5:Sets the speed you want to connect at. If 115200
does not work (it should with any reasonably new modem),
try 38400 instead.Line 6 & 7:PPPuser PPPThe dial string. User PPP uses an expect-send
syntax similar to the &man.chat.8; program. Refer to
the manual page for information on the features of this
language.Note that this command continues onto the next line
for readability. Any command in
ppp.conf may do this if the last
character on the line is a ``\'' character.Line 8:Sets the idle timeout for the link. 180 seconds
is the default, so this line is purely cosmetic.Line 9:Tells PPP to ask the peer to confirm the local
resolver settings. If you run a local name server, this
line should be commented out or removed.Line 10:A blank line for readability. Blank lines are ignored
by PPP.Line 11:Identifies an entry for a provider called
provider. This could be changed
to the name of your ISP so
that later you can use the
to start the connection.Line 12:Sets the phone number for this provider. Multiple
phone numbers may be specified using the colon
(:) or pipe character
(|)as a separator. The difference
between the two separators is described in &man.ppp.8;.
To summarize, if you want to rotate through the numbers,
use a colon. If you want to always attempt to dial the
first number first and only use the other numbers if the
first number fails, use the pipe character. Always
quote the entire set of phone numbers as shown.You must enclose the phone number in quotation marks
(") if there is any intention on using
spaces in the phone number. This can cause a simple, yet
subtle error.Line 13 & 14:Identifies the user name and password. When
connecting using a &unix; style login prompt, these
values are referred to by the set
login command using the \U and \P
variables. When connecting using PAP or CHAP, these
values are used at authentication time.Line 15:PAPCHAPIf you are using PAP or CHAP, there will be no login
at this point, and this line should be commented out or
removed. See PAP and CHAP
authentication for further details.The login string is of the same chat-like syntax as
the dial string. In this example, the string works for
a service whose login session looks like this:J. Random Provider
login: foo
password: bar
protocol: pppYou will need to alter this script to suit your
own needs. When you write this script for the first
time, you should ensure that you have enabled
chat logging so you can determine if
the conversation is going as expected.Line 16:timeoutSets the default idle timeout (in seconds) for the
connection. Here, the connection will be closed
automatically after 300 seconds of inactivity. If you
never want to timeout, set this value to zero or use
the command line switch.Line 17:ISPSets the interface addresses. The string
x.x.x.x should be
replaced by the IP address that your provider has
allocated to you. The string
y.y.y.y should be
replaced by the IP address that your ISP indicated
for their gateway (the machine to which you
connect). If your ISP has not given you a gateway
address, use 10.0.0.2/0. If you need to
use a guessed address, make sure that
you create an entry in
/etc/ppp/ppp.linkup as per the
instructions for PPP and Dynamic IP
addresses. If this line is omitted,
ppp cannot run in
mode.Line 18:Adds a default route to your ISP's gateway. The
special word HISADDR is replaced with
the gateway address specified on line 17. It is
important that this line appears after line 17,
otherwise HISADDR will not yet be
initialized.If you do not wish to run ppp in ,
this line should be moved to the
ppp.linkup file.It is not necessary to add an entry to
ppp.linkup when you have a static IP
address and are running ppp in mode as your
routing table entries are already correct before you connect.
You may however wish to create an entry to invoke programs after
connection. This is explained later with the sendmail
example.Example configuration files can be found in the
/usr/share/examples/ppp/ directory.PPP and Dynamic IP AddressesPPPwith dynamic IP addressesIPCPIf your service provider does not assign static IP
addresses, ppp can be configured to
negotiate the local and remote addresses. This is done by
guessing an IP address and allowing
ppp to set it up correctly using the IP
Configuration Protocol (IPCP) after connecting. The
ppp.conf configuration is the same as
PPP and Static IP
Addresses, with the following change:17 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255Again, do not include the line number, it is just for
reference. Indentation of at least one space is
required.Line 17:The number after the / character
is the number of bits of the address that ppp will
insist on. You may wish to use IP numbers more
appropriate to your circumstances, but the above example
will always work.The last argument (0.0.0.0) tells
PPP to start negotiations using address 0.0.0.0 rather than 10.0.0.1 and is necessary for some
ISPs. Do not use 0.0.0.0 as the first
argument to set ifaddr as it prevents
PPP from setting up an initial route in
mode.If you are not running in mode, you
will need to create an entry in
/etc/ppp/ppp.linkup.
ppp.linkup is used after a connection has
been established. At this point, ppp will
have assigned the interface addresses and it will now be
possible to add the routing table entries:1 provider:
2 add default HISADDRLine 1:On establishing a connection,
ppp will look for an entry in
ppp.linkup according to the
following rules: First, try to match the same label
as we used in ppp.conf. If
that fails, look for an entry for the IP address of
our gateway. This entry is a four-octet IP style
label. If we still have not found an entry, look
for the MYADDR entry.Line 2:This line tells ppp to add a
default route that points to
HISADDR.
HISADDR will be replaced with the
IP number of the gateway as negotiated by the
IPCP.See the pmdemand entry in the files
/usr/share/examples/ppp/ppp.conf.sample
and
/usr/share/examples/ppp/ppp.linkup.sample
for a detailed example.Receiving Incoming CallsPPPreceiving
incoming callsWhen you configure ppp to
receive incoming calls on a machine connected to a LAN, you
must decide if you wish to forward packets to the LAN. If you
do, you should allocate the peer an IP number from your LAN's
subnet, and use the command enable proxy in
your /etc/ppp/ppp.conf file. You should
also confirm that the /etc/rc.conf file
contains the following:gateway_enable="YES"Which getty?Configuring FreeBSD for Dial-up
Services provides a good description on enabling
dial-up services using &man.getty.8;.An alternative to getty is mgetty,
a smarter version of getty designed
with dial-up lines in mind.The advantages of using mgetty is
that it actively talks to modems,
meaning if port is turned off in
/etc/ttys then your modem will not answer
the phone.Later versions of mgetty (from
0.99beta onwards) also support the automatic detection of
PPP streams, allowing your clients script-less access to
your server.Refer to Mgetty and
AutoPPP for more information on
mgetty.PPP PermissionsThe ppp command must normally be
run as the root user. If however,
you wish to allow ppp to run in
server mode as a normal user by executing
ppp as described below, that user
must be given permission to run ppp
by adding them to the network group
in /etc/group.You will also need to give them access to one or more
sections of the configuration file using the
allow command:allow users fred maryIf this command is used in the default
section, it gives the specified users access to
everything.PPP Shells for Dynamic-IP UsersPPP shellsCreate a file called
/etc/ppp/ppp-shell containing the
following:#!/bin/sh
IDENT=`echo $0 | sed -e 's/^.*-\(.*\)$/\1/'`
CALLEDAS="$IDENT"
TTY=`tty`
if [ x$IDENT = xdialup ]; then
IDENT=`basename $TTY`
fi
echo "PPP for $CALLEDAS on $TTY"
echo "Starting PPP for $IDENT"
exec /usr/sbin/ppp -direct $IDENTThis script should be executable. Now make a symbolic
link called ppp-dialup to this script
using the following commands:&prompt.root; ln -s ppp-shell /etc/ppp/ppp-dialupYou should use this script as the
shell for all of your dialup users.
This is an example from /etc/password
for a dialup PPP user with username
pchilds (remember do not directly edit
the password file, use vipw).pchilds:*:1011:300:Peter Childs PPP:/home/ppp:/etc/ppp/ppp-dialupCreate a /home/ppp directory that
is world readable containing the following 0 byte
files:-r--r--r-- 1 root wheel 0 May 27 02:23 .hushlogin
-r--r--r-- 1 root wheel 0 May 27 02:22 .rhostswhich prevents /etc/motd from being
displayed.PPP Shells for Static-IP UsersPPP shellsCreate the ppp-shell file as above,
and for each account with statically assigned IPs create a
symbolic link to ppp-shell.For example, if you have three dialup customers,
fred, sam, and
mary, that you route class C networks
for, you would type the following:&prompt.root; ln -s /etc/ppp/ppp-shell /etc/ppp/ppp-fred
&prompt.root; ln -s /etc/ppp/ppp-shell /etc/ppp/ppp-sam
&prompt.root; ln -s /etc/ppp/ppp-shell /etc/ppp/ppp-maryEach of these users dialup accounts should have their
shell set to the symbolic link created above (for example,
mary's shell should be
/etc/ppp/ppp-mary).Setting Up ppp.conf for Dynamic-IP UsersThe /etc/ppp/ppp.conf file should
contain something along the lines of:default:
set debug phase lcp chat
set timeout 0
ttyd0:
set ifaddr 203.14.100.1 203.14.100.20 255.255.255.255
enable proxy
ttyd1:
set ifaddr 203.14.100.1 203.14.100.21 255.255.255.255
enable proxyThe indenting is important.The default: section is loaded for
each session. For each dialup line enabled in
/etc/ttys create an entry similar to
the one for ttyd0: above. Each line
should get a unique IP address from your pool of IP
addresses for dynamic users.Setting Up ppp.conf for Static-IP
UsersAlong with the contents of the sample
/usr/share/examples/ppp/ppp.conf
above you should add a section for each of the
statically assigned dialup users. We will continue with
our fred, sam,
and mary example.fred:
set ifaddr 203.14.100.1 203.14.101.1 255.255.255.255
sam:
set ifaddr 203.14.100.1 203.14.102.1 255.255.255.255
mary:
set ifaddr 203.14.100.1 203.14.103.1 255.255.255.255The file /etc/ppp/ppp.linkup
should also contain routing information for each static
IP user if required. The line below would add a route
for the 203.14.101.0
class C via the client's ppp link.fred:
add 203.14.101.0 netmask 255.255.255.0 HISADDR
sam:
add 203.14.102.0 netmask 255.255.255.0 HISADDR
mary:
add 203.14.103.0 netmask 255.255.255.0 HISADDRmgetty and AutoPPPmgettyAutoPPPLCPConfiguring and compiling mgetty
with the AUTO_PPP option enabled
allows mgetty to detect the LCP phase
of PPP connections and automatically spawn off a ppp
shell. However, since the default login/password
sequence does not occur it is necessary to authenticate
users using either PAP or CHAP.This section assumes the user has successfully
configured, compiled, and installed a version of
mgetty with the
AUTO_PPP option (v0.99beta or
later).Make sure your
/usr/local/etc/mgetty+sendfax/login.config
file has the following in it:/AutoPPP/ - - /etc/ppp/ppp-pap-dialupThis will tell mgetty to run the
ppp-pap-dialup script for detected
PPP connections.Create a file called
/etc/ppp/ppp-pap-dialup containing the
following (the file should be executable):#!/bin/sh
exec /usr/sbin/ppp -direct pap$IDENTFor each dialup line enabled in
/etc/ttys, create a corresponding entry
in /etc/ppp/ppp.conf. This will
happily co-exist with the definitions we created
above.pap:
enable pap
set ifaddr 203.14.100.1 203.14.100.20-203.14.100.40
enable proxyEach user logging in with this method will need to have
a username/password in
/etc/ppp/ppp.secret file, or
alternatively add the following option to authenticate users
via PAP from /etc/password file.enable passwdauthIf you wish to assign some users a static IP number,
you can specify the number as the third argument in
/etc/ppp/ppp.secret. See
/usr/share/examples/ppp/ppp.secret.sample
for examples.MS ExtensionsDNSNetBIOSPPPMicrosoft extensionsIt is possible to configure PPP to supply DNS and
NetBIOS nameserver addresses on demand.To enable these extensions with PPP version 1.x, the
following lines might be added to the relevant section of
/etc/ppp/ppp.conf.enable msext
set ns 203.14.100.1 203.14.100.2
set nbns 203.14.100.5And for PPP version 2 and above:accept dns
set dns 203.14.100.1 203.14.100.2
set nbns 203.14.100.5This will tell the clients the primary and secondary
name server addresses, and a NetBIOS nameserver host.In version 2 and above, if the
set dns line is omitted, PPP will use the
values found in /etc/resolv.conf.PAP and CHAP AuthenticationPAPCHAPSome ISPs set their system up so that the authentication
part of your connection is done using either of the PAP or
CHAP authentication mechanisms. If this is the case, your ISP
will not give a login: prompt when you
connect, but will start talking PPP immediately.PAP is less secure than CHAP, but security is not normally
an issue here as passwords, although being sent as plain text
with PAP, are being transmitted down a serial line only.
There is not much room for crackers to
eavesdrop.Referring back to the PPP
and Static IP addresses or PPP and Dynamic IP addresses
sections, the following alterations must be made:13 set authname MyUserName
14 set authkey MyPassword
15 set loginLine 13:This line specifies your PAP/CHAP user name. You
will need to insert the correct value for
MyUserName.Line 14:passwordThis line specifies your PAP/CHAP password. You
will need to insert the correct value for
MyPassword. You may want to
add an additional line, such as:16 accept PAPor16 accept CHAPto make it obvious that this is the intention, but
PAP and CHAP are both accepted by default.Line 15:Your ISP will not normally require that you log into
the server if you are using PAP or CHAP. You must
therefore disable your set login
string.Changing Your ppp Configuration on the
FlyIt is possible to talk to the ppp
program while it is running in the background, but only if a
suitable diagnostic port has been set up. To do this, add the
following line to your configuration:set server /var/run/ppp-tun%d DiagnosticPassword 0177This will tell PPP to listen to the specified
&unix; domain socket, asking clients for the specified
password before allowing access. The
%d in the name is replaced with the
tun device number that is in
use.Once a socket has been set up, the &man.pppctl.8;
program may be used in scripts that wish to manipulate the
running program.Using PPP Network Address Translation CapabilityPPPNATPPP has ability to use internal NAT without kernel diverting
capabilities. This functionality may be enabled by the following
line in /etc/ppp/ppp.conf:nat enable yesAlternatively, PPP NAT may be enabled by command-line
option -nat. There is also
/etc/rc.conf knob named
ppp_nat, which is enabled by default.If you use this feature, you may also find useful
the following /etc/ppp/ppp.conf options
to enable incoming connections forwarding:nat port tcp 10.0.0.2:ftp ftp
nat port tcp 10.0.0.2:http httpor do not trust the outside at allnat deny_incoming yesFinal System ConfigurationPPPconfigurationYou now have ppp configured, but there
are a few more things to do before it is ready to work. They
all involve editing the /etc/rc.conf
file.Working from the top down in this file, make sure the
hostname= line is set, e.g.:hostname="foo.example.com"If your ISP has supplied you with a static IP address and
name, it is probably best that you use this name as your host
name.Look for the network_interfaces variable.
If you want to configure your system to dial your ISP on demand,
make sure the tun0 device is added to
the list, otherwise remove it.network_interfaces="lo0 tun0"
ifconfig_tun0=The ifconfig_tun0 variable should be
empty, and a file called
/etc/start_if.tun0 should be created.
This file should contain the line:ppp -auto mysystemThis script is executed at network configuration time,
starting your ppp daemon in automatic mode. If you have a LAN
for which this machine is a gateway, you may also wish to use
the switch. Refer to the manual page
for further details.Make sure the router program set to NO with
following line in your
/etc/rc.conf:router_enable="NO"routedIt is important that the routed daemon is
not started (it is by default), as
routed tends to delete the default routing
table entries created by ppp.It is probably worth your while ensuring that the
sendmail_flags line does not include the
option, otherwise
sendmail will attempt to do a network lookup
every now and then, possibly causing your machine to dial out.
You may try:sendmail_flags="-bd"sendmailThe downside of this is that you must force
sendmail to re-examine the mail queue
whenever the ppp link is up by typing:&prompt.root; /usr/sbin/sendmail -qYou may wish to use the !bg command in
ppp.linkup to do this automatically:1 provider:
2 delete ALL
3 add 0 0 HISADDR
4 !bg sendmail -bd -q30mSMTPIf you do not like this, it is possible to set up a
dfilter to block SMTP traffic. Refer to the
sample files for further details.All that is left is to reboot the machine. After rebooting,
you can now either type:&prompt.root; pppand then dial provider to start the PPP
session, or, if you want ppp to establish
sessions automatically when there is outbound traffic (and
you have not created the start_if.tun0
script), type:&prompt.root; ppp -auto providerSummaryTo recap, the following steps are necessary when setting up
ppp for the first time:Client side:Ensure that the tun device is
built into your kernel.Ensure that the
tunN device
file is available in the /dev
directory.Create an entry in
/etc/ppp/ppp.conf. The
pmdemand example should suffice for
most ISPs.If you have a dynamic IP address, create an entry in
/etc/ppp/ppp.linkup.Update your /etc/rc.conf
file.Create a start_if.tun0 script if
you require demand dialing.Server side:Ensure that the tun device is
built into your kernel.Ensure that the
tunN device
file is available in the /dev
directory.Create an entry in /etc/passwd
(using the &man.vipw.8; program).Create a profile in this users home directory that runs
ppp -direct direct-server or
similar.Create an entry in
/etc/ppp/ppp.conf. The
direct-server example should
suffice.Create an entry in
/etc/ppp/ppp.linkup.Update your /etc/rc.conf
file.Gennady B.SorokopudParts originally contributed by RobertHuffUsing Kernel PPPSetting Up Kernel PPPPPPkernel PPPBefore you start setting up PPP on your machine, make sure
that pppd is located in
/usr/sbin and the directory
/etc/ppp exists.pppd can work in two modes:As a client — you want to connect your
machine to the outside world via a PPP serial connection or
modem line.PPPserverAs a server — your machine is located on
the network, and is used to connect other computers using
PPP.In both cases you will need to set up an options file
(/etc/ppp/options or
~/.ppprc if you have more than one user on
your machine that uses PPP).You will also need some modem/serial software (preferably
comms/kermit), so you can dial and
establish a connection with the remote host.TrevRoydhouseBased on information provided by Using pppd as a ClientPPPclientCiscoThe following /etc/ppp/options might be
used to connect to a Cisco terminal server PPP line.crtscts # enable hardware flow control
modem # modem control line
noipdefault # remote PPP server must supply your IP address
# if the remote host does not send your IP during IPCP
# negotiation, remove this option
passive # wait for LCP packets
domain ppp.foo.com # put your domain name here
:<remote_ip> # put the IP of remote PPP host here
# it will be used to route packets via PPP link
# if you didn't specified the noipdefault option
# change this line to <local_ip>:<remote_ip>
defaultroute # put this if you want that PPP server will be your
# default routerTo connect:kermitmodemDial to the remote host using kermit (or some other modem
program), and enter your user name and password (or whatever
is needed to enable PPP on the remote host).Exit kermit (without
hanging up the line).Enter the following:&prompt.root; /usr/src/usr.sbin/pppd.new/pppd /dev/tty0119200Be sure to use the appropriate speed and device name.Now your computer is connected with PPP. If the connection
fails, you can add the option to the
/etc/ppp/options file, and check console messages
to track the problem.Following /etc/ppp/pppup script will make
all 3 stages automatic:#!/bin/sh
ps ax |grep pppd |grep -v grep
pid=`ps ax |grep pppd |grep -v grep|awk '{print $1;}'`
if [ "X${pid}" != "X" ] ; then
echo 'killing pppd, PID=' ${pid}
kill ${pid}
fi
ps ax |grep kermit |grep -v grep
pid=`ps ax |grep kermit |grep -v grep|awk '{print $1;}'`
if [ "X${pid}" != "X" ] ; then
echo 'killing kermit, PID=' ${pid}
kill -9 ${pid}
fi
ifconfig ppp0 down
ifconfig ppp0 delete
kermit -y /etc/ppp/kermit.dial
pppd /dev/tty01 19200kermit/etc/ppp/kermit.dial is a kermit
script that dials and makes all necessary authorization on the
remote host (an example of such a script is attached to the end
of this document).Use the following /etc/ppp/pppdown script
to disconnect the PPP line:#!/bin/sh
pid=`ps ax |grep pppd |grep -v grep|awk '{print $1;}'`
if [ X${pid} != "X" ] ; then
echo 'killing pppd, PID=' ${pid}
kill -TERM ${pid}
fi
ps ax |grep kermit |grep -v grep
pid=`ps ax |grep kermit |grep -v grep|awk '{print $1;}'`
if [ "X${pid}" != "X" ] ; then
echo 'killing kermit, PID=' ${pid}
kill -9 ${pid}
fi
/sbin/ifconfig ppp0 down
/sbin/ifconfig ppp0 delete
kermit -y /etc/ppp/kermit.hup
/etc/ppp/ppptestCheck to see if pppd is still running by executing
/usr/etc/ppp/ppptest, which should look like
this:#!/bin/sh
pid=`ps ax| grep pppd |grep -v grep|awk '{print $1;}'`
if [ X${pid} != "X" ] ; then
echo 'pppd running: PID=' ${pid-NONE}
else
echo 'No pppd running.'
fi
set -x
netstat -n -I ppp0
ifconfig ppp0To hang up the modem, execute
/etc/ppp/kermit.hup, which should
contain:set line /dev/tty01 ; put your modem device here
set speed 19200
set file type binary
set file names literal
set win 8
set rec pack 1024
set send pack 1024
set block 3
set term bytesize 8
set command bytesize 8
set flow none
pau 1
out +++
inp 5 OK
out ATH0\13
echo \13
exitHere is an alternate method using chat
instead of kermit:The following two files are sufficient to accomplish a
pppd connection./etc/ppp/options:/dev/cuaa1 115200
crtscts # enable hardware flow control
modem # modem control line
connect "/usr/bin/chat -f /etc/ppp/login.chat.script"
noipdefault # remote PPP serve must supply your IP address
# if the remote host doesn't send your IP during
# IPCP negotiation, remove this option
passive # wait for LCP packets
domain <your.domain> # put your domain name here
: # put the IP of remote PPP host here
# it will be used to route packets via PPP link
# if you didn't specified the noipdefault option
# change this line to <local_ip>:<remote_ip>
defaultroute # put this if you want that PPP server will be
# your default router/etc/ppp/login.chat.script:The following should go on a single line.ABORT BUSY ABORT 'NO CARRIER' "" AT OK ATDT<phone.number>
CONNECT "" TIMEOUT 10 ogin:-\\r-ogin: <login-id>
TIMEOUT 5 sword: <password>Once these are installed and modified correctly, all you need
to do is run pppd, like so:&prompt.root; pppdUsing pppd as a Server/etc/ppp/options should contain something
similar to the following:crtscts # Hardware flow control
netmask 255.255.255.0 # netmask (not required)
192.114.208.20:192.114.208.165 # IP's of local and remote hosts
# local ip must be different from one
# you assigned to the ethernet (or other)
# interface on your machine.
# remote IP is IP address that will be
# assigned to the remote machine
domain ppp.foo.com # your domain
passive # wait for LCP
modem # modem lineThe following /etc/ppp/pppserv script
will tell pppd to behave as a
server:#!/bin/sh
ps ax |grep pppd |grep -v grep
pid=`ps ax |grep pppd |grep -v grep|awk '{print $1;}'`
if [ "X${pid}" != "X" ] ; then
echo 'killing pppd, PID=' ${pid}
kill ${pid}
fi
ps ax |grep kermit |grep -v grep
pid=`ps ax |grep kermit |grep -v grep|awk '{print $1;}'`
if [ "X${pid}" != "X" ] ; then
echo 'killing kermit, PID=' ${pid}
kill -9 ${pid}
fi
# reset ppp interface
ifconfig ppp0 down
ifconfig ppp0 delete
# enable autoanswer mode
kermit -y /etc/ppp/kermit.ans
# run ppp
pppd /dev/tty01 19200Use this /etc/ppp/pppservdown script to
stop the server:#!/bin/sh
ps ax |grep pppd |grep -v grep
pid=`ps ax |grep pppd |grep -v grep|awk '{print $1;}'`
if [ "X${pid}" != "X" ] ; then
echo 'killing pppd, PID=' ${pid}
kill ${pid}
fi
ps ax |grep kermit |grep -v grep
pid=`ps ax |grep kermit |grep -v grep|awk '{print $1;}'`
if [ "X${pid}" != "X" ] ; then
echo 'killing kermit, PID=' ${pid}
kill -9 ${pid}
fi
ifconfig ppp0 down
ifconfig ppp0 delete
kermit -y /etc/ppp/kermit.noansThe following kermit script
(/etc/ppp/kermit.ans) will enable/disable
autoanswer mode on your modem. It should look like this:set line /dev/tty01
set speed 19200
set file type binary
set file names literal
set win 8
set rec pack 1024
set send pack 1024
set block 3
set term bytesize 8
set command bytesize 8
set flow none
pau 1
out +++
inp 5 OK
out ATH0\13
inp 5 OK
echo \13
out ATS0=1\13 ; change this to out ATS0=0\13 if you want to disable
; autoanswer mode
inp 5 OK
echo \13
exitA script named /etc/ppp/kermit.dial is
used for dialing and authenticating on the remote host. You will
need to customize it for your needs. Put your login and password
in this script; you will also need to change the input statement
depending on responses from your modem and remote host.;
; put the com line attached to the modem here:
;
set line /dev/tty01
;
; put the modem speed here:
;
set speed 19200
set file type binary ; full 8 bit file xfer
set file names literal
set win 8
set rec pack 1024
set send pack 1024
set block 3
set term bytesize 8
set command bytesize 8
set flow none
set modem hayes
set dial hangup off
set carrier auto ; Then SET CARRIER if necessary,
set dial display on ; Then SET DIAL if necessary,
set input echo on
set input timeout proceed
set input case ignore
def \%x 0 ; login prompt counter
goto slhup
:slcmd ; put the modem in command mode
echo Put the modem in command mode.
clear ; Clear unread characters from input buffer
pause 1
output +++ ; hayes escape sequence
input 1 OK\13\10 ; wait for OK
if success goto slhup
output \13
pause 1
output at\13
input 1 OK\13\10
if fail goto slcmd ; if modem doesn't answer OK, try again
:slhup ; hang up the phone
clear ; Clear unread characters from input buffer
pause 1
echo Hanging up the phone.
output ath0\13 ; hayes command for on hook
input 2 OK\13\10
if fail goto slcmd ; if no OK answer, put modem in command mode
:sldial ; dial the number
pause 1
echo Dialing.
output atdt9,550311\13\10 ; put phone number here
assign \%x 0 ; zero the time counter
:look
clear ; Clear unread characters from input buffer
increment \%x ; Count the seconds
input 1 {CONNECT }
if success goto sllogin
reinput 1 {NO CARRIER\13\10}
if success goto sldial
reinput 1 {NO DIALTONE\13\10}
if success goto slnodial
reinput 1 {\255}
if success goto slhup
reinput 1 {\127}
if success goto slhup
if < \%x 60 goto look
else goto slhup
:sllogin ; login
assign \%x 0 ; zero the time counter
pause 1
echo Looking for login prompt.
:slloop
increment \%x ; Count the seconds
clear ; Clear unread characters from input buffer
output \13
;
; put your expected login prompt here:
;
input 1 {Username: }
if success goto sluid
reinput 1 {\255}
if success goto slhup
reinput 1 {\127}
if success goto slhup
if < \%x 10 goto slloop ; try 10 times to get a login prompt
else goto slhup ; hang up and start again if 10 failures
:sluid
;
; put your userid here:
;
output ppp-login\13
input 1 {Password: }
;
; put your password here:
;
output ppp-password\13
input 1 {Entering SLIP mode.}
echo
quit
:slnodial
echo \7No dialtone. Check the telephone line!\7
exit 1
; local variables:
; mode: csh
; comment-start: "; "
; comment-start-skip: "; "
; end:TomRhodesContributed by Troubleshooting PPP ConnectionsPPPtroubleshootingThis section covers a few issues which may arise when
using PPP over a modem connection. For instance, perhaps you
need to know exactly what prompts the system you are dialing
into will present. Some ISPs present the
ssword prompt, and others will present
password; if the ppp
script is not written accordingly, the login attempt will
fail. The most common way to debug ppp
connections is by connecting manually. The following
information will walk you through a manual connection step by
step.Check the Device NodesIf you reconfigured your kernel then you recall the
sio device. If you did not
configure your kernel, there is no reason to worry. Just
check the dmesg output for the modem
device with:&prompt.root;dmesg | grep sioYou should get some pertinent output about the
sio devices. These are the COM
ports we need. If your modem acts like a standard serial
port then you should see it listed on
sio1, or COM2. If so, you are not
required to rebuild the kernel, you just need to make the
serial device. You can do this by changing your directory
to /dev and running the
MAKEDEV script like above. Now make
the serial devices with:&prompt.root; sh MAKEDEV cuaa0 cuaa1 cuaa2 cuaa3which will create the serial devices for your system.
When matching up sio modem is on sio1 or
COM2 if you are in DOS, then your
modem device would be /dev/cuaa1.Connecting ManuallyConnecting to the Internet by manually controlling
ppp is quick, easy, and a great way to
debug a connection or just get information on how your
ISP treats ppp client
connections. Lets start PPP from
the command line. Note that in all of our examples we will
use example as the hostname of the
machine running PPP. You start
ppp by just typing
ppp:&prompt.root; pppWe have now started ppp.ppp ON example> set device /dev/cuaa1We set our modem device, in this case it is
cuaa1.ppp ON example> set speed 115200Set the connection speed, in this case we
are using 115,200 kbps.ppp ON example> enable dnsTell ppp to configure our
resolver and add the nameserver lines to
/etc/resolv.conf. If ppp
cannot determine our hostname, we can set one manually later.ppp ON example> termSwitch to terminal mode so that we can manually
control the modem.deflink: Entering terminal mode on /dev/cuaa1
type '~h' for helpat
OK
atdt123456789Use at to initialize the modem,
then use atdt and the number for your
ISP to begin the dial in process.CONNECTConfirmation of the connection, if we are going to have
any connection problems, unrelated to hardware, here is where
we will attempt to resolve them.ISP Login:myusernameHere you are prompted for a username, return the
prompt with the username that was provided by the
ISP.ISP Pass:mypasswordThis time we are prompted for a password, just
reply with the password that was provided by the
ISP. Just like logging into
&os;, the password will not echo.Shell or PPP:pppDepending on your ISP this prompt
may never appear. Here we are being asked if we wish to
use a shell on the provider, or to start
ppp. In this example, we have chosen
to use ppp as we want an Internet
connection.Ppp ON example>Notice that in this example the first
has been capitalized. This shows that we have successfully
connected to the ISP.PPp ON example>We have successfully authenticated with our
ISP and are waiting for the
assigned IP address.PPP ON example>We have made an agreement on an IP
address and successfully completed our connection.PPP ON example>add default HISADDRHere we add our default route, we need to do this before
we can talk to the outside world as currently the only
established connection is with the peer. If this fails due to
existing routes you can put a bang character
! in front of the .
Alternatively, you can set this before making the actual
connection and it will negotiate a new route
accordingly.If everything went good we should now have an active
connection to the Internet, which could be thrown into the
background using CTRLz If you notice the
PPP return to ppp then
we have lost our connection. This is good to know because it
shows our connection status. Capital P's show that we have a
connection to the ISP and lowercase p's
show that the connection has been lost for whatever reason.
ppp only has these 2 states.DebuggingIf you have a direct line and cannot seem to make a
connection, then turn hardware flow
CTS/RTS to off with the . This is mainly the case if you are
connected to some PPP capable
terminal servers, where PPP hangs
when it tries to write data to your communication link, so
it would be waiting for a CTS, or Clear
To Send signal which may never come. If you use this option
however, you should also use the
option, which may be required to defeat hardware dependent
on passing certain characters from end to end, most of the
time XON/XOFF. See the &man.ppp.8; manual page for more
information on this option, and how it is used.If you have an older modem, you may need to use the
. Parity is set at none
be default, but is used for error checking (with a large
increase in traffic) on older modems and some
ISPs. You may need this option for
the Compuserve ISP.PPP may not return to the
command mode, which is usually a negotiation error where
the ISP is waiting for your side to start
negotiating. At this point, using the ~p
command will force ppp to start sending the configuration
information.If you never obtain a login prompt, then most likely you
need to use PAP or
CHAP authentication instead of the
&unix; style in the example above. To use
PAP or CHAP just add
the following options to PPP
before going into terminal mode:ppp ON example> set authname myusernameWhere myusername should be
replaced with the username that was assigned by the
ISP.ppp ON example> set authkey mypasswordWhere mypassword should be
replaced with the password that was assigned by the
ISP.If you connect fine, but cannot seem to find any domain
name, try to use &man.ping.8; with an IP
address and see if you can get any return information. If
you experience 100 percent (100%) packet loss, then it is most
likely that you were not assigned a default route. Double
check that the option
was set during the connection. If you can connect to a
remote IP address then it is possible
that a resolver address has not been added to the
/etc/resolv.conf. This file should
look like:domain example.com
nameserver x.x.x.x
nameserver y.y.y.yWhere x.x.x.x and
y.y.y.y should be replaced with
the IP address of your
ISP's DNS servers. This information may
or may not have been provided when you signed up, but a
quick call to your ISP should remedy
that.You could also have &man.syslog.3; provide a logging
function for your PPP connection.
Just add:!ppp
*.* /var/log/ppp.logto /etc/syslog.conf. In most cases, this
functionality already exists.JimMockContributed (from http://node.to/freebsd/how-tos/how-to-freebsd-pppoe.html) by Using PPP over Ethernet (PPPoE)PPPover EthernetPPPoEPPP, over EthernetThis section describes how to set up PPP over Ethernet
(PPPoE).Configuring the KernelNo kernel configuration is necessary for PPPoE any longer. If
the necessary netgraph support is not built into the kernel, it will
be dynamically loaded by ppp.Setting Up ppp.confHere is an example of a working
ppp.conf:default:
set log Phase tun command # you can add more detailed logging if you wish
set ifaddr 10.0.0.1/0 10.0.0.2/0
name_of_service_provider:
set device PPPoE:xl1 # replace xl1 with your ethernet device
set authname YOURLOGINNAME
set authkey YOURPASSWORD
set dial
set login
add default HISADDRRunning pppAs root, you can run:&prompt.root; ppp -ddial name_of_service_providerStarting ppp at BootAdd the following to your /etc/rc.conf
file:ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="YES" # if you want to enable nat for your local network, otherwise NO
ppp_profile="name_of_service_provider"Using a PPPoE Service TagSometimes it will be necessary to use a service tag to establish
your connection. Service tags are used to distinguish between
different PPPoE servers attached to a given network.You should have been given any required service tag information
in the documentation provided by your ISP. If you cannot locate
it there, ask your ISP's tech support personnel.As a last resort, you could try the method suggested by the
Roaring Penguin
PPPoE program which can be found in the ports collection. Bear in mind however,
this may de-program your modem and render it useless, so
think twice before doing it. Simply install the program shipped
with the modem by your provider. Then, access the
System menu from the program. The name of your
profile should be listed there. It is usually
ISP.The profile name (service tag) will be used in the PPPoE
configuration entry in ppp.conf as the provider
part of the set device command (see the &man.ppp.8;
manual page for full details). It should look like this:set device PPPoE:xl1:ISPDo not forget to change xl1
to the proper device for your Ethernet card.Do not forget to change ISP
to the profile you have just found above.For additional information, see:Cheaper
Broadband with FreeBSD on DSL by Renaud
Waldura.
Nutzung von T-DSL und T-Online mit FreeBSD
by Udo Erdelhoff (in German).PPPoE with a &tm.3com; HomeConnect ADSL Modem Dual LinkThis modem does not follow RFC 2516
(A Method for transmitting PPP over Ethernet
(PPPoE), written by L. Mamakos, K. Lidl, J. Evarts,
D. Carrel, D. Simone, and R. Wheeler). Instead, different packet
type codes have been used for the Ethernet frames. Please complain
to 3Com if you think it
should comply with the PPPoE specification.In order to make FreeBSD capable of communicating with this
device, a sysctl must be set. This can be done automatically at
boot time by updating /etc/sysctl.conf:net.graph.nonstandard_pppoe=1or can be done for immediate effect with the command
sysctl net.graph.nonstandard_pppoe=1.Unfortunately, because this is a system-wide setting, it is
not possible to talk to a normal PPPoE client or server and a
&tm.3com; HomeConnect ADSL Modem at the same time.Using PPP over ATM (PPPoA)PPPover ATMPPPoAPPP, over ATMThe following describes how to set up PPP over ATM (PPPoA).
PPPoA is a popular choice among European DSL providers.Using PPPoA with the Alcatel &speedtouch; USBPPPoA support for this device is supplied as a port in
FreeBSD because the firmware is distributed under Alcatel's
license agreement and can not be redistributed freely
with the base system of FreeBSD.To install the software, simply use the ports collection. Install the
net/pppoa port and follow the
instructions provided with it.Like many USB devices, the Alcatel &speedtouch; USB needs to
download firmware from the host computer to operate properly.
It is possible to automate this process in &os; so that this
transfer takes place whenever the device is plugged into a USB
port. The following information can be added to the
/etc/usbd.conf file to enable this
automatic firmware transfer. This file must be edited as the
root user.device "Alcatel SpeedTouch USB"
devname "ugen[0-9]+"
vendor 0x06b9
product 0x4061
attach "/usr/local/sbin/modem_run -f /usr/local/libdata/mgmt.o"To enable the USB daemon, usbd,
put the following the line into
/etc/rc.conf:usbd_enable="YES"It is also possible to set up
ppp to dial up at startup. To do
this add the following lines to
/etc/rc.conf. Again, for this procedure
you will need to be logged in as the root
user.ppp_enable="YES"
ppp_mode="ddial"
ppp_profile="adsl"For this to work correctly you will need to have used the
sample ppp.conf which is supplied with the
net/pppoa port.Using mpdYou can use mpd to connect to a
variety of services, in particular PPTP services. You can find
mpd in the ports collection,
net/mpd. Many ADSL modems
require that a PPTP tunnel is created between the modem and
computer, one such modem is the Alcatel &speedtouch;
Home.First you must install the port, and then you can
configure mpd to suit your
requirements and provider settings. The port places a set of
sample configuration files which are well documented in
PREFIX/etc/mpd/.
Note here that PREFIX means the directory
into which your ports are installed, this defaults to
/usr/local/. A complete guide to
configure mpd is available in
HTML format once the port has been installed. It is placed in
PREFIX/share/doc/mpd/.
Here is a sample configuration for connecting to an ADSL
service with mpd. The configuration
is spread over two files, first the
mpd.conf:default:
load adsl
adsl:
new -i ng0 adsl adsl
set bundle authname username
set bundle password password
set bundle disable multilink
set link no pap acfcomp protocomp
set link disable chap
set link accept chap
set link keep-alive 30 10
set ipcp no vjcomp
set ipcp ranges 0.0.0.0/0 0.0.0.0/0
set iface route default
set iface disable on-demand
set iface enable proxy-arp
set iface idle 0
openThe username used to authenticate with your ISP.The password used to authenticate with your ISP.The mpd.links file contains information about
the link, or links, you wish to establish. An example
mpd.links to accompany the above example is given
beneath:adsl:
set link type pptp
set pptp mode active
set pptp enable originate outcall
set pptp self 10.0.0.1
set pptp peer 10.0.0.138The IP address of your &os; computer which you will be
using mpd from.The IP address of your ADSL modem. For the Alcatel
&speedtouch; Home this address defaults to 10.0.0.138.It is possible to initialize the connection easily by issuing the
following command as root:&prompt.root; mpd -b adslYou can see the status of the connection with the following
command:&prompt.user; ifconfig ng0
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> mtu 1500
inet 216.136.204.117 --> 204.152.186.171 netmask 0xffffffffUsing mpd is the recommended way to
connect to an ADSL service with &os;.Using pptpclientIt is also possible to use FreeBSD to connect to other PPPoA
services using
net/pptpclient.To use net/pptpclient to
connect to a DSL service, install the port or package and edit your
/etc/ppp/ppp.conf. You will need to be
root to perform both of these operations. An
example section of ppp.conf is given
below. For further information on ppp.conf
options consult the ppp manual page,
&man.ppp.8;.adsl:
set log phase chat lcp ipcp ccp tun command
set timeout 0
enable dns
set authname username
set authkey password
set ifaddr 0 0
add default HISADDRThe username of your account with the DSL provider.The password for your account.Because you must put your account's password in the
ppp.conf file in plain text form you should
make sure than nobody can read the contents of this file. The
following series of commands will make sure the file is only
readable by the root account. Refer to the
manual pages for &man.chmod.1; and &man.chown.8; for further
information.&prompt.root; chown root:wheel /etc/ppp/ppp.conf
&prompt.root; chmod 600 /etc/ppp/ppp.confThis will open a tunnel for a PPP session to your DSL router.
Ethernet DSL modems have a preconfigured LAN IP address which you
connect to. In the case of the Alcatel &speedtouch; Home this address is
10.0.0.138. Your router documentation
should tell you which address your device uses. To open the tunnel and
start a PPP session execute the following
command:&prompt.root; pptp addressadslYou may wish to add an ampersand (&) to the
end of the previous command because pptp
will not return your prompt to you otherwise.A tun virtual tunnel device will be
created for interaction between the pptp
and ppp processes. Once you have been
returned to your prompt, or the pptp
process has confirmed a connection you can examine the tunnel like
so:&prompt.user; ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
inet 216.136.204.21 --> 204.152.186.171 netmask 0xffffff00
Opened by PID 918If you are unable to connect, check the configuration of
your router, which is usually accessible via
telnet or with a web browser. If you still
cannot connect you should examine the output of the
pptp command and the contents of the
ppp log file,
/var/log/ppp.log for clues.SatoshiAsamiOriginally contributed by GuyHelmerWith input from PieroSeriniUsing SLIPSLIPSetting Up a SLIP ClientSLIPclientThe following is one way to set up a FreeBSD machine for SLIP
on a static host network. For dynamic hostname assignments (your
address changes each time you dial up), you probably need to
have a more complex setup.First, determine which serial port your modem is connected to.
Many people set up a symbolic link, such as
/dev/modem, to point to the real device name,
/dev/cuaaN. This allows you to
abstract the actual device name should you ever need to move
the modem to a different port. It can become quite cumbersome when you
need to fix a bunch of files in /etc and
.kermrc files all over the system!/dev/cuaa0 is
COM1, cuaa1 is
COM2, etc.Make sure you have the following in your kernel configuration
file:pseudo-device sl 1It is included in the GENERIC kernel, so
this should not be a problem unless you have deleted it.Things You Have to Do Only OnceAdd your home machine, the gateway and nameservers to
your /etc/hosts file. Mine looks like
this:127.0.0.1 localhost loghost
136.152.64.181 water.CS.Example.EDU water.CS water
136.152.64.1 inr-3.CS.Example.EDU inr-3 slip-gateway
128.32.136.9 ns1.Example.EDU ns1
128.32.136.12 ns2.Example.EDU ns2Make sure you have before
in your
/etc/host.conf on FreeBSD versions
prior to 5.0. Since FreeBSD 5.0, the system uses
the file /etc/nsswitch.conf instead,
make sure you have before
in the line
of this file. Without these parameters funny
things may happen.Edit the /etc/rc.conf file.Set your hostname by editing the line that
says:hostname="myname.my.domain"Your machine's full Internet hostname should be
placed here.Add sl0 to the list of
network interfaces by changing the line that
says:network_interfaces="lo0"to:network_interfaces="lo0 sl0"Set the startup flags of sl0 by adding a
line:ifconfig_sl0="inet ${hostname} slip-gateway netmask 0xffffff00 up"default routeDesignate the default router by changing the
line:defaultrouter="NO"to:defaultrouter="slip-gateway"Make a file /etc/resolv.conf which
contains:domain CS.Example.EDU
nameserver 128.32.136.9
nameserver 128.32.136.12nameserverdomain nameAs you can see, these set up the nameserver hosts. Of
course, the actual domain names and addresses depend on your
environment.Set the password for root and
toor (and any other
accounts that do not have a password).Reboot your machine and make sure it comes up with the
correct hostname.Making a SLIP ConnectionSLIPconnecting withDial up, type slip at the prompt,
enter your machine name and password. What is required to
be entered depends on your environment. If you use
kermit, you can try a script like this:# kermit setup
set modem hayes
set line /dev/modem
set speed 115200
set parity none
set flow rts/cts
set terminal bytesize 8
set file type binary
# The next macro will dial up and login
define slip dial 643-9600, input 10 =>, if failure stop, -
output slip\x0d, input 10 Username:, if failure stop, -
output silvia\x0d, input 10 Password:, if failure stop, -
output ***\x0d, echo \x0aCONNECTED\x0aOf course, you have to change the hostname and password
to fit yours. After doing so, you can just type
slip from the kermit prompt to
connect.Leaving your password in plain text anywhere in the
filesystem is generally a bad idea.
Do it at your own risk.Leave the kermit there (you can suspend it by
Ctrlz) and as root, type:&prompt.root; slattach -h -c -s 115200 /dev/modemIf you are able to ping hosts on the
other side of the router, you are connected! If it does not
work, you might want to try instead of
as an argument to
slattach.How to Shutdown the ConnectionDo the following:&prompt.root; kill -INT `cat /var/run/slattach.modem.pid`to kill slattach. Keep in mind you must be
root to do the above. Then go back to
kermit (by running fg if you suspended it) and
exit from
it (q).The slattach manual page says you have
to use ifconfig sl0 down
to mark the interface down, but this does not
seem to make any difference for me.
(ifconfig sl0 reports the same thing.)Some times, your modem might refuse to drop the carrier
(mine often does). In that case, simply start kermit and quit
it again. It usually goes out on the second try.TroubleshootingIf it does not work, feel free to ask me. The things that
people tripped over so far:Not using or in
slattach (This should not be fatal,
but some users have reported that this solves their
problems.)Using instead of
(might be hard to see the difference on
some fonts).Try ifconfig sl0 to see your
interface status. For example, you might get:&prompt.root; ifconfig sl0
sl0: flags=10<POINTOPOINT>
inet 136.152.64.181 --> 136.152.64.1 netmask ffffff00If you get no route to host
messages from ping, there may be a problem with your
routing table. You can use the netstat -r
command to display the current routes :&prompt.root; netstat -r
Routing tables
Destination Gateway Flags Refs Use IfaceMTU Rtt Netmasks:
(root node)
(root node)
Route Tree for Protocol Family inet:
(root node) =>
default inr-3.Example.EDU UG 8 224515 sl0 - -
localhost.Exampl localhost.Example. UH 5 42127 lo0 - 0.438
inr-3.Example.ED water.CS.Example.E UH 1 0 sl0 - -
water.CS.Example localhost.Example. UGH 34 47641234 lo0 - 0.438
(root node)The preceding examples are from a relatively busy system.
The numbers on your system will vary depending on
network activity.Setting Up a SLIP ServerSLIPserverThis document provides suggestions for setting up SLIP Server
services on a FreeBSD system, which typically means configuring
your system to automatically startup connections upon login for
remote SLIP clients.PrerequisitesTCP/IP networkingThis section is very technical in nature, so background
knowledge is required. It is assumed that you are familiar with
the TCP/IP network protocol, and in particular, network and node
addressing, network address masks, subnetting, routing, and
routing protocols, such as RIP. Configuring SLIP services on a
dial-up server requires a knowledge of these concepts, and if
you are not familiar with them, please read a copy of either
Craig Hunt's TCP/IP Network Administration
published by O'Reilly & Associates, Inc. (ISBN Number
0-937175-82-X), or Douglas Comer's books on the TCP/IP
protocol.modemIt is further assumed that you have already set up your
modem(s) and configured the appropriate system files to allow
logins through your modems. If you have not prepared your
system for this yet, please see the tutorial for configuring
dialup services; if you have a World-Wide Web browser available,
browse the list of tutorials at http://www.FreeBSD.org/.
+ url="&url.base;/index.html">http://www.FreeBSD.org/.
You may also want to check the manual pages for &man.sio.4; for
information on the serial port device driver and &man.ttys.5;,
&man.gettytab.5;, &man.getty.8;, & &man.init.8; for
information relevant to configuring the system to accept logins
on modems, and perhaps &man.stty.1; for information on setting
serial port parameters (such as clocal for
directly-connected serial interfaces).Quick OverviewIn its typical configuration, using FreeBSD as a SLIP server
works as follows: a SLIP user dials up your FreeBSD SLIP Server
system and logs in with a special SLIP login ID that uses
/usr/sbin/sliplogin as the special user's
shell. The sliplogin program browses the
file /etc/sliphome/slip.hosts to find a
matching line for the special user, and if it finds a match,
connects the serial line to an available SLIP interface and then
runs the shell script
/etc/sliphome/slip.login to configure the
SLIP interface.An Example of a SLIP Server LoginFor example, if a SLIP user ID were
Shelmerg, Shelmerg's
entry in /etc/master.passwd would look
something like this:Shelmerg:password:1964:89::0:0:Guy Helmer - SLIP:/usr/users/Shelmerg:/usr/sbin/sliploginWhen Shelmerg logs in,
sliplogin will search
/etc/sliphome/slip.hosts for a line that
had a matching user ID; for example, there may be a line in
/etc/sliphome/slip.hosts that
reads:Shelmerg dc-slip sl-helmer 0xfffffc00 autocompsliplogin will find that matching line,
hook the serial line into the next available SLIP interface,
and then execute /etc/sliphome/slip.login
like this:/etc/sliphome/slip.login 0 19200 Shelmerg dc-slip sl-helmer 0xfffffc00 autocompIf all goes well,
/etc/sliphome/slip.login will issue an
ifconfig for the SLIP interface to which
sliplogin attached itself (slip interface
0, in the above example, which was the first parameter in the
list given to slip.login) to set the
local IP address (dc-slip), remote IP address
(sl-helmer), network mask for the SLIP
interface (0xfffffc00), and
any additional flags (autocomp). If
something goes wrong, sliplogin usually
logs good informational messages via the
daemon syslog facility, which usually logs
to /var/log/messages (see the manual
pages for &man.syslogd.8; and &man.syslog.conf.5; and perhaps
check /etc/syslog.conf to see to what
syslogd is logging and where it is
logging to).OK, enough of the examples — let us dive into
setting up the system.Kernel ConfigurationkernelconfigurationFreeBSD's default kernels usually come with two SLIP
interfaces defined (sl0 and
sl1); you can use netstat
-i to see whether these interfaces are defined in your
kernel.Sample output from netstat -i:Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll
ed0 1500 <Link>0.0.c0.2c.5f.4a 291311 0 174209 0 133
ed0 1500 138.247.224 ivory 291311 0 174209 0 133
lo0 65535 <Link> 79 0 79 0 0
lo0 65535 loop localhost 79 0 79 0 0
sl0* 296 <Link> 0 0 0 0 0
sl1* 296 <Link> 0 0 0 0 0The sl0 and
sl1 interfaces shown from
netstat -i indicate that there are
two SLIP interfaces built into the kernel. (The asterisks after
the sl0 and sl1 indicate
that the interfaces are down.)However, FreeBSD's default kernel does not come configured
to forward packets (by default, your FreeBSD machine will not act
as a
router) due to Internet RFC requirements for Internet hosts (see
RFCs 1009 [Requirements for Internet Gateways], 1122
[Requirements for Internet Hosts — Communication Layers],
and perhaps 1127 [A Perspective on the Host Requirements RFCs]).
If you want your FreeBSD SLIP Server to act as a router, you
will have to edit the /etc/rc.conf file and
change the setting of the gateway_enable variable to
.You will then need to reboot for the new settings to take
effect.You will notice that near the end of the default kernel
configuration file (/sys/i386/conf/GENERIC)
is a line that reads:pseudo-device sl 2SLIPThis is the line that defines the number of SLIP devices
available in the kernel; the number at the end of the line is
the maximum number of SLIP connections that may be operating
simultaneously.Please refer to on
Configuring the FreeBSD Kernel for help in
reconfiguring your kernel.Sliplogin ConfigurationAs mentioned earlier, there are three files in the
/etc/sliphome directory that are part of
the configuration for /usr/sbin/sliplogin
(see &man.sliplogin.8; for the actual manual page for
sliplogin): slip.hosts,
which defines the SLIP users and their associated IP
addresses; slip.login, which usually just
configures the SLIP interface; and (optionally)
slip.logout, which undoes
slip.login's effects when the serial
connection is terminated.slip.hosts Configuration/etc/sliphome/slip.hosts contains
lines which have at least four items separated by
whitespace:SLIP user's login IDLocal address (local to the SLIP server) of the SLIP
linkRemote address of the SLIP linkNetwork maskThe local and remote addresses may be host names
(resolved to IP addresses by
/etc/hosts or by the domain name
service, depending on your specifications in the file
/etc/nsswitch.conf on
FreeBSD 5.X, in /etc/host.conf
if you use FreeBSD 4.X), and the network mask may be
a name that can be resolved by a lookup into
/etc/networks. On a sample system,
/etc/sliphome/slip.hosts looks like
this:#
# login local-addr remote-addr mask opt1 opt2
# (normal,compress,noicmp)
#
Shelmerg dc-slip sl-helmerg 0xfffffc00 autocompAt the end of the line is one or more of the
options. — no header
compression — compress
headers — compress headers if
the remote end allows it — disable ICMP packets
(so any ping packets will be dropped instead
of using up your bandwidth)SLIPTCP/IP networkingYour choice of local and remote addresses for your SLIP
links depends on whether you are going to dedicate a TCP/IP
subnet or if you are going to use proxy ARP on
your SLIP server (it is not true proxy ARP, but
that is the terminology used in this section to describe it).
If you are not sure which method to select or how to assign IP
addresses, please refer to the TCP/IP books referenced in
the SLIP Prerequisites ()
and/or consult your IP network manager.If you are going to use a separate subnet for your SLIP
clients, you will need to allocate the subnet number out of
your assigned IP network number and assign each of your SLIP
client's IP numbers out of that subnet. Then, you will
probably need to configure a static route to the SLIP
subnet via your SLIP server on your nearest IP router.EthernetOtherwise, if you will use the proxy ARP
method, you will need to assign your SLIP client's IP
addresses out of your SLIP server's Ethernet subnet, and you
will also need to adjust your
/etc/sliphome/slip.login and
/etc/sliphome/slip.logout scripts to use
&man.arp.8; to manage the proxy-ARP entries in the SLIP
server's ARP table.slip.login ConfigurationThe typical /etc/sliphome/slip.login
file looks like this:#!/bin/sh -
#
# @(#)slip.login 5.1 (Berkeley) 7/1/90
#
# generic login file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 inet $4 $5 netmask $6This slip.login file merely runs
ifconfig for the appropriate SLIP interface
with the local and remote addresses and network mask of the
SLIP interface.If you have decided to use the proxy ARP
method (instead of using a separate subnet for your SLIP
clients), your /etc/sliphome/slip.login
file will need to look something like this:#!/bin/sh -
#
# @(#)slip.login 5.1 (Berkeley) 7/1/90
#
# generic login file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 inet $4 $5 netmask $6
# Answer ARP requests for the SLIP client with our Ethernet addr
/usr/sbin/arp -s $5 00:11:22:33:44:55 pubThe additional line in this
slip.login, arp -s
$5 00:11:22:33:44:55 pub, creates an ARP entry
in the SLIP server's ARP table. This ARP entry causes the
SLIP server to respond with the SLIP server's Ethernet MAC
address whenever another IP node on the Ethernet asks to
speak to the SLIP client's IP address.EthernetMAC addressWhen using the example above, be sure to replace the
Ethernet MAC address (00:11:22:33:44:55) with the MAC address of
your system's Ethernet card, or your proxy ARP
will definitely not work! You can discover your SLIP server's
Ethernet MAC address by looking at the results of running
netstat -i; the second line of the output
should look something like:ed0 1500 <Link>0.2.c1.28.5f.4a 191923 0 129457 0 116This indicates that this particular system's Ethernet MAC
address is 00:02:c1:28:5f:4a
— the periods in the Ethernet MAC address given by
netstat -i must be changed to colons and
leading zeros should be added to each single-digit hexadecimal
number to convert the address into the form that &man.arp.8;
desires; see the manual page on &man.arp.8; for complete
information on usage.When you create
/etc/sliphome/slip.login and
/etc/sliphome/slip.logout, the
execute bit (chmod 755
/etc/sliphome/slip.login /etc/sliphome/slip.logout)
must be set, or sliplogin will be unable
to execute it.slip.logout Configuration/etc/sliphome/slip.logout is not
strictly needed (unless you are implementing proxy
ARP), but if you decide to create it, this is an
example of a basic
slip.logout script:#!/bin/sh -
#
# slip.logout
#
# logout file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 downIf you are using proxy ARP, you will want to
have /etc/sliphome/slip.logout remove the
ARP entry for the SLIP client:#!/bin/sh -
#
# @(#)slip.logout
#
# logout file for a slip line. sliplogin invokes this with
# the parameters:
# 1 2 3 4 5 6 7-n
# slipunit ttyspeed loginname local-addr remote-addr mask opt-args
#
/sbin/ifconfig sl$1 down
# Quit answering ARP requests for the SLIP client
/usr/sbin/arp -d $5The arp -d $5 removes the ARP entry
that the proxy ARPslip.login added when the SLIP client
logged in.It bears repeating: make sure
/etc/sliphome/slip.logout has the execute
bit set after you create it (ie, chmod 755
/etc/sliphome/slip.logout).Routing ConsiderationsSLIProutingIf you are not using the proxy ARP method for
routing packets between your SLIP clients and the rest of your
network (and perhaps the Internet), you will probably
have to add static routes to your closest default router(s) to
route your SLIP client subnet via your SLIP server.Static Routesstatic routesAdding static routes to your nearest default routers
can be troublesome (or impossible if you do not have
authority to do so...). If you have a multiple-router
network in your organization, some routers, such as those
made by Cisco and Proteon, may not only need to be
configured with the static route to the SLIP subnet, but
also need to be told which static routes to tell other
routers about, so some expertise and
troubleshooting/tweaking may be necessary to get
static-route-based routing to work.Running &gated;gated&gated; is proprietary software now and
will not be available as source code to the public anymore
(more info on the &gated; website). This
section only exists to ensure backwards compatibility for
those that are still using an older version.An alternative to the headaches of static routes is to
install &gated; on your FreeBSD SLIP server
and configure it to use the appropriate routing protocols
(RIP/OSPF/BGP/EGP) to tell other routers about your SLIP
subnet.
You'll need to write a /etc/gated.conf
file to configure your gated; here is a sample, similar to
what the author used on a FreeBSD SLIP server:#
# gated configuration file for dc.dsu.edu; for gated version 3.5alpha5
# Only broadcast RIP information for xxx.xxx.yy out the ed Ethernet interface
#
#
# tracing options
#
traceoptions "/var/tmp/gated.output" replace size 100k files 2 general ;
rip yes {
interface sl noripout noripin ;
interface ed ripin ripout version 1 ;
traceoptions route ;
} ;
#
# Turn on a bunch of tracing info for the interface to the kernel:
kernel {
traceoptions remnants request routes info interface ;
} ;
#
# Propagate the route to xxx.xxx.yy out the Ethernet interface via RIP
#
export proto rip interface ed {
proto direct {
xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections
} ;
} ;
#
# Accept routes from RIP via ed Ethernet interfaces
import proto rip interface ed {
all ;
} ;RIPThe above sample gated.conf file
broadcasts routing information regarding the SLIP subnet
xxx.xxx.yy via RIP onto the
Ethernet; if you are using a different Ethernet driver than
the ed driver, you will need to
change the references to the ed
interface appropriately. This sample file also sets up
tracing to /var/tmp/gated.output for
debugging &gated;'s activity; you can
certainly turn off the tracing options if
&gated; works OK for you. You will need to
change the xxx.xxx.yy's into the
network address of your own SLIP subnet (be sure to change the
net mask in the proto direct clause as
well).Once you have installed and configured
&gated; on your system, you will need to
tell the FreeBSD startup scripts to run
&gated; in place of
routed. The easiest way to accomplish
this is to set the router and
router_flags variables in
/etc/rc.conf. Please see the manual
page for &gated; for information on
command-line parameters.
diff --git a/share/mk/doc.common.mk b/share/mk/doc.common.mk
index dbb541e5a1..ca041be4fc 100644
--- a/share/mk/doc.common.mk
+++ b/share/mk/doc.common.mk
@@ -1,183 +1,193 @@
#
# $FreeBSD$
#
# This include file provides targets and variables for
# documents commonly used in doc/ and www/ tree.
#
AWK?= /usr/bin/awk
GREP?= /usr/bin/grep
REALPATH?= /bin/realpath
.if defined(DOC_PREFIX) && !empty(DOC_PREFIX)
WEB_PREFIX?= ${DOC_PREFIX}/../www
.elif defined(WEB_PREFIX) && !empty(WEB_PREFIX)
DOC_PREFIX?= ${WEB_PREFIX}/../doc
.else
.error "You must define either WEB_PREFIX or DOC_PREFIX!"
.endif
# ------------------------------------------------------------------------
#
# Work out the language and encoding used for this document.
#
# Liberal default of maximum of 10 directories below to find it.
#
.if defined(DOC_PREFIX) && !empty(DOC_PREFIX)
DOC_PREFIX_NAME!= ${REALPATH} ${DOC_PREFIX}
DOC_PREFIX_NAME:= ${DOC_PREFIX_NAME:T}
.else
DOC_PREFIX_NAME?= doc
.endif
.if defined(WEB_PREFIX) && !empty(WEB_PREFIX)
WWW_PREFIX_NAME!= ${REALPATH} ${WEB_PREFIX}
WWW_PREFIX_NAME:= ${WWW_PREFIX_NAME:T}
.else
WWW_PREFIX_NAME?= www
.endif
.if (!defined(LANGCODE) || empty(LANGCODE)) && (!defined(WWW_LANGCODE) || empty(WWW_LANGCODE))
# Calculate _LANGCODE.
_LANGCODE:= ${.CURDIR}
.for _ in 1 2 3 4 5 6 7 8 9 10
.if !(${_LANGCODE:H:T} == ${DOC_PREFIX_NAME}) && !(${_LANGCODE:H:T} == ${WWW_PREFIX_NAME})
_LANGCODE:= ${_LANGCODE:H}
.endif
.endfor
.if (${_LANGCODE:H:T} == ${DOC_PREFIX_NAME})
# We are in doc/.
_LANGCODE:= ${_LANGCODE:T}
_WWW_LANGCODE:= .
.else
# We are in www/.
_WWW_LANGCODE:= ${_LANGCODE:T}
_LANGCODE:= .
.endif
.else
# when LANGCODE or WWW_LANGCODE is defined, use the value.
.if defined(LANGCODE) && !empty(LANGCODE)
_LANGCODE?= ${LANGCODE}
.else
_LANGCODE?= .
.endif
.if defined(WWW_LANGCODE) && !empty(WWW_LANGCODE)
_WWW_LANGCODE?= ${WWW_LANGCODE}
.else
_WWW_LANGCODE?= .
.endif
.endif
# fixup _LANGCODE
.if (${_LANGCODE} == .)
# We have a short name such as `en' in ${_WWW_LANGCODE} now.
# Guess _LANGCODE using _WWW_LANGCODE.
_LANGCODE:= ${_WWW_LANGCODE}
.if (${_LANGCODE} != .)
_LANGCODE!= ${ECHO} ${DOC_PREFIX}/${_WWW_LANGCODE}*
.for _ in 1 2 3 4 5 6 7 8 9 10
.if !(${_LANGCODE:H:T} == ${DOC_PREFIX_NAME})
_LANGCODE:= ${_LANGCODE:H}
.endif
.endfor
_LANGCODE:= ${_LANGCODE:T}
.endif
.endif
LANGCODE?= ${_LANGCODE}
# fixup _WWW_LANGCODE
.if (${_WWW_LANGCODE} == .)
# We have a long name such as `en_US.ISO8859-1' in ${LANGCODE} now.
# Guess _WWW_LANGCODE using _LANGCODE.
_WWW_LANGCODE!= ${ECHO} ${WEB_PREFIX}/*
_WWW2_LANGCODE!= ${ECHO} ${_WWW_LANGCODE:T} |\
${SED} -e 's,.*\(${LANGCODE:R:C,(..)_.*,\1,}[^. ]*\).*,\1,'
.if ${_WWW_LANGCODE:T} == ${_WWW2_LANGCODE}
_WWW_LANGCODE:= .
.else
_WWW_LANGCODE:= ${_WWW2_LANGCODE}
.endif
.undef _WWW2_LANGCODE
.endif
WWW_LANGCODE?= ${_WWW_LANGCODE}
# normalize DOC_PREFIX and WEB_PREFIX
DOC_PREFIX!= ${REALPATH} ${DOC_PREFIX}
WEB_PREFIX!= ${REALPATH} ${WEB_PREFIX}
+.if !defined(URL_RELPREFIX)
+URLS_ABSOLUTE= YES
+.elif !defined(URLS_ABSOLUTE)
+_URL_RELPREFIX_LEVEL!= set -- ${URL_RELPREFIX:S,/$,,:S,/, ,g}; echo "$$\#"
+URL_RELPREFIX_ENT= freebsd.urls.relprefix.${_URL_RELPREFIX_LEVEL}
+.endif
+
# ------------------------------------------------------------------------
#
# mirrors.xml dependency.
#
XML_MIRRORS_MASTER= ${DOC_PREFIX}/share/sgml/mirrors.xml
XML_MIRRORS= ${.OBJDIR}/${DOC_PREFIX:S,^${.CURDIR}/,,}/${LANGCODE}/share/sgml/mirrors.xml
XSL_MIRRORS_MASTER= ${DOC_PREFIX}/share/sgml/mirrors-master.xsl
.if exists(${DOC_PREFIX}/${LANGCODE}/share/sgml/mirrors-local.xsl)
XSL_MIRRORS= ${DOC_PREFIX}/${LANGCODE}/share/sgml/mirrors-local.xsl
.else
XSL_MIRRORS= ${DOC_PREFIX}/share/sgml/mirrors-local.xsl
.endif
XSL_TRANSTABLE_MASTER= ${DOC_PREFIX}/share/sgml/transtable-master.xsl
XSL_TRANSTABLE_COMMON= ${DOC_PREFIX}/share/sgml/transtable-common.xsl
.if exists(${DOC_PREFIX}/${LANGCODE}/share/sgml/transtable-local.xsl)
XSL_TRANSTABLE= ${DOC_PREFIX}/${LANGCODE}/share/sgml/transtable-local.xsl
.else
XSL_TRANSTABLE= ${DOC_PREFIX}/share/sgml/transtable-local.xsl
.endif
.if exists(${DOC_PREFIX}/${LANGCODE}/share/sgml/transtable.xml)
XML_TRANSTABLE= ${DOC_PREFIX}/${LANGCODE}/share/sgml/transtable.xml
.else
XML_TRANSTABLE= ${DOC_PREFIX}/share/sgml/transtable.xml
.endif
${XSL_MIRRORS}: ${XSL_MIRRORS_MASTER} ${XSL_TRANSTABLE_COMMON}
${XML_MIRRORS}: ${XML_MIRRORS_MASTER} ${XSL_TRANSTABLE} ${XSL_TRANSTABLE_MASTER} ${XSL_TRANSTABLE_COMMON}
${MKDIR} -p ${@:H}
${XSLTPROC} ${XSLTPROCOPTS} \
--param 'transtable.xml' "'${XML_TRANSTABLE}'" \
--param 'transtable-target-element' "'country'" \
--param 'transtable-word-group' "'country'" \
--param 'transtable-mode' "'sortkey'" \
${XSL_TRANSTABLE} ${XML_MIRRORS_MASTER} \
| env -i LANG="${LANGCODE}" ${SORT} -f > $@.sort.tmp
env -i ${GREP} "^ $@.sort
${ECHO} "" >> $@.sort
env -i ${AWK} '/^ / {sub(/@sortkey@/, ++line); print;}' < $@.sort.tmp >> $@.sort
${ECHO} '' >> $@.sort
${XSLTPROC} ${XSLTPROCOPTS} -o $@ \
--param 'transtable.xml' "'${XML_TRANSTABLE}'" \
--param 'transtable-target-element' "'country'" \
--param 'transtable-word-group' "'country'" \
--param 'transtable-sortkey.xml' "'$@.sort'" \
${XSL_TRANSTABLE} ${XML_MIRRORS_MASTER}
${RM} -f $@.sort $@.sort.tmp
CLEANFILES+= ${XML_MIRRORS}
CLEANFILES+= ${XML_MIRRORS}.sort
CLEANFILES+= ${XML_MIRRORS}.sort.tmp
#
# when URLS_ABSOLUTE is specified, make
# %freebsd.urls.absolute; "INCLUDE".
#
-
.if defined(URLS_ABSOLUTE)
HTMLFLAGS+= -ifreebsd.urls.absolute
SGMLNORMFLAGS+= -ifreebsd.urls.absolute
NSGMLSFLAGS+= -ifreebsd.urls.absolute
+.elif defined(URL_RELPREFIX_ENT) && !empty(URL_RELPREFIX_ENT)
+HTMLFLAGS+= -i${URL_RELPREFIX_ENT}
+SGMLNORMFLAGS+= -i${URL_RELPREFIX_ENT}
+NSGMLSFLAGS+= -i${URL_RELPREFIX_ENT}
.endif
# for ascii and printable format, always use URLS_ABSOLUTE.
PRINTFLAGS+= -ifreebsd.urls.absolute
HTMLTXTFLAGS+= -ifreebsd.urls.absolute
# for packages, always use URLS_ABSOLUTE.
PKGMAKEFLAGS+= URLS_ABSOLUTE=yes
diff --git a/share/sgml/urls.ent b/share/sgml/urls.ent
index b8b91b1fb6..4932a5cca1 100644
--- a/share/sgml/urls.ent
+++ b/share/sgml/urls.ent
@@ -1,13 +1,52 @@
+
+
+
+
+
+
+
+
-
+
+
+]]>
+
+]]>
+
+]]>
+
+]]>
+
+]]>
+
+]]>
+
+]]>
+
+]]>
+
+
+
+
+
]]>
-
+
+