FreeBSD Bugzilla – Attachment 67915 Details for
Bug 99992
[patch] zh_TW handbook/{disks,config}: up-to-date
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
file.diff
file.diff (text/plain), 42.63 KB, created by
Cheng-Lung Sung
on 2006-07-10 04:10:13 UTC
(
hide
)
Description:
file.diff
Filename:
MIME Type:
Creator:
Cheng-Lung Sung
Created:
2006-07-10 04:10:13 UTC
Size:
42.63 KB
patch
obsolete
>Index: config/chapter.sgml >=================================================================== >RCS file: /home/dcvs/doc/zh_TW.Big5/books/handbook/config/chapter.sgml,v >retrieving revision 1.4 >diff -u -r1.4 chapter.sgml >--- config/chapter.sgml 8 Jul 2006 03:01:13 -0000 1.4 >+++ config/chapter.sgml 10 Jul 2006 03:03:17 -0000 >@@ -3,6 +3,7 @@ > > $FreeBSD: doc/zh_TW.Big5/books/handbook/config/chapter.sgml,v 1.4 2006/07/08 03:01:13 vanilla Exp $ > Original revision: 1.213 >+ Chased revision: 1.217 > --> > > <chapter id="config-tuning"> >@@ -102,7 +103,7 @@ > <sect3> > <title>Base Partitions</title> > >- <para>ç¨ &man.disklabel.8; æ &man.sysinstall.8; ä¾è¦åæªæ¡ç³»çµ±æï¼è«è¨ä½ï¼ >+ <para>ç¨ &man.bsdlabel.8; æ &man.sysinstall.8; ä¾è¦åæªæ¡ç³»çµ±æï¼è«è¨ä½ï¼ > 硬ç¢å¨å³è¼¸è³ææ¹é¢ï¼(ç±æ¼çµæ§çºç¢çå ç´ )å¤åææ¯å §åä¾å¾å¿«äºã > å æ¤ï¼å»ºè°æè¼å°ã常æååçåå²ååéæ¾å¤åï¼èè¼å¤§çåå²ååæ¯ > <filename>/usr</filename> åææ¾å¨è¼å §åã >@@ -370,7 +371,7 @@ > kill -9 `cat /var/run/utility.pid` > ;; > *) >- echo "Usage: `basename $0` {start|stop}" >&2 >+ echo "Usage: `basename $0` {start|stop}" >&2 > exit 64 > ;; > esac >@@ -830,15 +831,6 @@ > the supported hardware and even the possible problems that > could occur.</para> > >- <note> >- <para><filename>NOTES</filename> does not exist on >- &os; 4.X. Instead, check the <filename>LINT</filename> >- file for information about various network interfaces. See >- <xref linkend="kernelconfig-config"> for a more detailed >- summary of <filename>NOTES</filename> versus >- <filename>LINT</filename>.</para> >- </note> >- > <para>If you own a common card, most of the time you will not > have to look very hard for a driver. Drivers for common > network cards are present in the <filename>GENERIC</filename> >@@ -1578,7 +1570,7 @@ > syntax:</para> > > <screen>&prompt.root; <userinput>sysctl kern.maxfiles=5000</userinput> >-kern.maxfiles: 2088 -> 5000</screen> >+kern.maxfiles: 2088 -> 5000</screen> > > <para>Settings of sysctl variables are usually either strings, > numbers, or booleans (a boolean being <literal>1</literal> for yes >@@ -1698,8 +1690,8 @@ > </para> > > <para>There are various other buffer-cache and VM page cache >- related sysctls. We do not recommend modifying these values. As >- of &os; 4.3, the VM system does an extremely good job of >+ related sysctls. We do not recommend modifying these values, >+ the VM system does an extremely good job of > automatically tuning itself.</para> > </sect3> > >@@ -1801,10 +1793,6 @@ > it is mounted. A good time to enable Soft Updates is before any > partitions have been mounted, in single-user mode.</para> > >- <note><para>As of &os; 4.5, it is possible to enable Soft Updates >- at filesystem creation time, through use of the <literal>-U</literal> >- option to &man.newfs.8;.</para></note> >- > <para>Soft Updates drastically improves meta-data performance, mainly > file creation and deletion, through the use of a memory cache. We > recommend to use Soft Updates on all of your file systems. There >@@ -2011,16 +1999,13 @@ > connected at once, the resources needed may be similar to a > high-scale web server.</para> > >- <para>Starting with &os; 4.5, the system will auto-tune >+ <para>The system will auto-tune > <literal>maxusers</literal> for you if you explicitly set it to > <literal>0</literal><footnote> > <para>The auto-tuning algorithm sets > <literal>maxusers</literal> equal to the amount of memory in the > system, with a minimum of 32, and a maximum of 384.</para> >- </footnote>. In &os; 5.X and above, <literal>maxusers</literal> >- will default to <literal>0</literal> if not specified. If you >- are using an version of &os; earlier than 4.5, or you want to >- manage it yourself you will want to set >+ </footnote>. When setting this option, you will want to set > <literal>maxusers</literal> to at least 4, especially if you are > using the X Window System or compiling software. The reason is that > the most important table set by <literal>maxusers</literal> is the >@@ -2207,17 +2192,6 @@ > 3500) to get the desired effect. Reducing these parameters > should be done as a last resort only.</para> > >- <note> >- <para>In 4.X and earlier releases of &os; the >- <literal>inflight</literal> sysctl variables are directly under >- <varname>net.inet.tcp</varname>. Their names were >- (in alphabetic order): >- <varname>net.inet.tcp.inflight_debug</varname>, >- <varname>net.inet.tcp.inflight_enable</varname>, >- <varname>net.inet.tcp.inflight_max</varname>, >- <varname>net.inet.tcp.inflight_min</varname>, >- <varname>net.inet.tcp.inflight_stab</varname>.</para> >- </note> > </sect3> > </sect2> > >@@ -2267,6 +2241,10 @@ > space: adding a new hard drive, enabling swap over NFS, and > creating a swap file on an existing partition.</para> > >+ <para>For information on how to encrypt swap space, what options >+ for this task exist and why it should be done, please refer to >+ <xref linkend="swap-encrypting"> of the Handbook.</para> >+ > <sect2 id="new-drive-swap"> > <title>Swap on a New Hard Drive</title> > >@@ -2283,10 +2261,7 @@ > <title>Swapping over NFS</title> > > <para>Swapping over NFS is only recommended if you do not have a >- local hard disk to swap to. Swapping over NFS is slow and >- inefficient in versions of &os; prior to 4.X. It is >- reasonably fast and efficient in 4.0-RELEASE and newer. Even >- with newer versions of &os;, NFS swapping will be limited >+ local hard disk to swap to; NFS swapping will be limited > by the available network bandwidth and puts an additional > burden on the NFS server.</para> > </sect2> >@@ -2300,53 +2275,7 @@ > want, of course.</para> > > <example> >- <title>Creating a Swapfile on &os; 4.X</title> >- >- <orderedlist> >- <listitem> >- <para>Be certain that your kernel configuration includes >- the vnode driver. It is <emphasis>not</emphasis> in recent versions of >- <filename>GENERIC</filename>.</para> >- >- <programlisting>pseudo-device vn 1 #Vnode driver (turns a file into a device)</programlisting> >- </listitem> >- >- <listitem> >- <para>Create a vn-device:</para> >- <screen>&prompt.root; <userinput>cd /dev</userinput> >-&prompt.root; <userinput>sh MAKEDEV vn0</userinput></screen> >- </listitem> >- >- <listitem> >- <para>Create a swapfile (<filename>/usr/swap0</filename>):</para> >- >- <screen>&prompt.root; <userinput>dd if=/dev/zero of=/usr/swap0 bs=1024k count=64</userinput></screen> >- </listitem> >- >- <listitem> >- <para>Set proper permissions on (<filename>/usr/swap0</filename>):</para> >- >- <screen>&prompt.root; <userinput>chmod 0600 /usr/swap0</userinput></screen> >- </listitem> >- >- <listitem> >- <para>Enable the swap file in <filename>/etc/rc.conf</filename>:</para> >- >- <programlisting>swapfile="/usr/swap0" # Set to name of swapfile if aux swapfile desired.</programlisting> >- </listitem> >- >- <listitem> >- >- <para>Reboot the machine or to enable the swap file immediately, >- type:</para> >- >- <screen>&prompt.root; <userinput>vnconfig -e /dev/vn0b /usr/swap0 swap</userinput></screen> >- </listitem> >- </orderedlist> >- >- </example> >- <example> >- <title>Creating a Swapfile on &os; 5.X</title> >+ <title>Creating a Swapfile on &os;</title> > > <orderedlist> > <listitem> >@@ -2380,7 +2309,7 @@ > <para>Reboot the machine or to enable the swap file immediately, > type:</para> > >- <screen>&prompt.root; <userinput>mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0</userinput></screen> >+ <screen>&prompt.root; <userinput>mdconfig -a -t vnode -f /usr/swap0 -u 0 && swapon /dev/md0</userinput></screen> > </listitem> > </orderedlist> > >@@ -2419,12 +2348,7 @@ > > <para>In this section of the &os; Handbook, we will provide > comprehensive information about <acronym>ACPI</acronym>. References >- will be provided for further reading at the end. Please be aware >- that <acronym>ACPI</acronym> is available on &os; 5.X and >- above systems as a default kernel module. For &os; 4.9, >- <acronym>ACPI</acronym> can be enabled by adding the line >- <literal>device acpica</literal> to a kernel configuration and >- rebuilding.</para> >+ will be provided for further reading at the end.</para> > > <sect2 id="acpi-intro"> > <title>What Is ACPI?</title> >@@ -2446,8 +2370,7 @@ > more control and flexibility to the operating system > (<acronym>OS</acronym>). > Modern systems <quote>stretched</quote> the limits of the >- current Plug and Play interfaces (such as APM, which is used in >- &os; 4.X), prior to the introduction of >+ current Plug and Play interfaces prior to the introduction of > <acronym>ACPI</acronym>. <acronym>ACPI</acronym> is the direct > successor to <acronym>APM</acronym> > (Advanced Power Management).</para> >Index: disks/chapter.sgml >=================================================================== >RCS file: /home/dcvs/doc/zh_TW.Big5/books/handbook/disks/chapter.sgml,v >retrieving revision 1.4 >diff -u -r1.4 chapter.sgml >--- disks/chapter.sgml 17 Jun 2006 10:22:45 -0000 1.4 >+++ disks/chapter.sgml 10 Jul 2006 03:03:18 -0000 >@@ -100,12 +100,7 @@ > <row> > <entry>éæ¨æºè¦æ ¼å ç¢æ©</entry> > <entry>Mitsumi å ç¢æ©ç¨ <literal>mcd</literal>ï¼ >- Sony å ç¢æ©ç¨ <literal>scd</literal>ï¼ >- Matsushita/Pansonic å ç¢æ©ç¨ <literal>matcd</literal> >- <footnote> >- <para>2002 å¹´ 10 æ 5 æ¥ FreeBSD 4.X 移é¤äº &man.matcd.4; é© åç¨å¼ï¼ >- å æ¤ FreeBSD 5.0 å以å¾ççæ¬ä¸åæ¯æ´ã</para> >- </footnote> >+ Sony å ç¢æ©ç¨ <literal>scd</literal>ã > </entry> > </row> > <row> >@@ -164,8 +159,7 @@ > çä¸ä¸ <filename>/var/run/dmesg.boot</filename> 以確èªç³»çµ±æ¯å¦æå°æ°ç¡¬ç¢ã > ç¹¼çºåæçç¯ä¾ï¼æ°å¢ç硬ç¢ææ¯ <devicename>da1</devicename>ï¼ > åè¨æåæ³å°å®æè¼å° <filename>/1</filename> éåä½ç½® >- (å¦ææ¨æ°å¢çæ¯ IDE 硬ç¢ç話ï¼4.0 ä¹åçç³»çµ±æ¯ >- <devicename>wd1</devicename>ï¼4.X åä¹å¾ç系統åæ¯ >+ (å¦ææ¨æ°å¢çæ¯ IDE 硬ç¢ç話ï¼è«ç¨ > <devicename>ad1</devicename>)ã</para> > > <indexterm><primary>partitions</primary></indexterm> >@@ -194,7 +188,7 @@ > å <filename>e</filename> BSD partitionãå¨ dedicated 模å¼çè©±ï¼ > æ°ç¡¬ç¢åæ¯ <filename>/dev/da1e</filename>ã</para> > >- <para>å çº &man.bsdlabel.8;(å¨ &os; 4.X ç¨±çº &man.disklabel.8;) >+ <para>å çº &man.bsdlabel.8; > ç¨ 32-bit æ´æ¸ä¾å²å sector(ç£å) æ¸ï¼ > å æ¤éå¶ä¸å硬ç¢æ大åªè½æ 2^32-1 å sectorï¼äº¦å³ 2TB ç空éã > è &man.fdisk.8; çæ ¼å¼å®¹è¨±èµ·å§ sector ç·¨èä¸è¶ é 2^32-1ï¼ >@@ -216,8 +210,7 @@ > <title>æä½ <application>Sysinstall</application></title> > > <para>éé <command>sysinstall</command> >- (<command>/stand/sysinstall</command> in &os; versions older >- than 5.2) çé¸å®ä»é¢ï¼æ¨å¯ä»¥è¼æçºç¡¬ç¢åå² BIOS partition(slice) >+ çé¸å®ä»é¢ï¼æ¨å¯ä»¥è¼æçºç¡¬ç¢åå² BIOS partition(slice) > å BSD patitionãæ¨å¿ é 以 root èº«ä»½ä½¿ç¨ <command>sysinstall</command>ï¼ > è¦åç¨ root ç»å ¥ï¼è¦åç¨ <command>su</command> åæå° rootã > å·è¡ <command>sysinstall</command> å¾ï¼é¸ <Literal>Configure</literal> >@@ -300,8 +293,8 @@ > > <screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/da1 bs=1k count=1</userinput> > &prompt.root; <userinput>fdisk -BI da1</userinput> # åå§æ¨ç硬ç¢ã >-&prompt.root; <userinput>disklabel -B -w -r da1s1 auto</userinput> # å»ºç« disklabelã >-&prompt.root; <userinput>disklabel -e da1s1</userinput> # 編輯 disklabel 以æ°å¢ labelã >+&prompt.root; <userinput>bsdlabel -B -w -r da1s1 auto</userinput> # å»ºç« bsdlabelã >+&prompt.root; <userinput>bsdlabel -e da1s1</userinput> # 編輯 bsdlabel 以æ°å¢ labelã > &prompt.root; <userinput>mkdir -p /1</userinput> > &prompt.root; <userinput>newfs /dev/da1s1e</userinput> # å¦ææ¨æ°å¢äºå¤å labelï¼å°æ¯å label éè¦éåæ¥é©ã > &prompt.root; <userinput>mount /dev/da1s1e /1</userinput> # æè¼éäºæ° labelã >@@ -309,8 +302,7 @@ > > <para>å¦ææ¨æ°å¢çæ¯ IDE 硬ç¢ï¼å° <filename>da</filename> > æ¹æ <filename>da</filename> å³å¯ >- <footnote><para>è¯è¨»ï¼da æ¯ direct accessï¼ad åæ¯ ata diskã</para></footnote>ã >- èå¦ææ¯ 4.X ä¹åç系統ï¼ç¨ <filename>wd</filename>ã</para> >+ <footnote><para>è¯è¨»ï¼da æ¯ direct accessã</para></footnote>ã</para> > </sect3> > > <sect3> >@@ -326,8 +318,8 @@ > not understand.</para></footnote>ã</para> > > <screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/da1 bs=1k count=1</userinput> >-&prompt.root; <userinput>disklabel -Brw da1 auto</userinput> >-&prompt.root; <userinput>disklabel -e da1</userinput> # å»ºç« `e' partitionã >+&prompt.root; <userinput>bsdlabel -Brw da1 auto</userinput> >+&prompt.root; <userinput>bsdlabel -e da1</userinput> # å»ºç« `e' partitionã > &prompt.root; <userinput>newfs -d0 /dev/da1e</userinput> > &prompt.root; <userinput>mkdir -p /1</userinput> > &prompt.root; <userinput>vi /etc/fstab</userinput> # æ°å¢ä¸ç /dev/da1e çè³è¨ã >@@ -336,17 +328,12 @@ > <para>å¦ä¸ç¨®æ¹æ³ï¼</para> > > <screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/da1 count=2</userinput> >-&prompt.root; <userinput>disklabel /dev/da1 | disklabel -BrR da1 /dev/stdin</userinput> >+&prompt.root; <userinput>bsdlabel /dev/da1 | bsdlabel -BrR da1 /dev/stdin</userinput> > &prompt.root; <userinput>newfs /dev/da1e</userinput> > &prompt.root; <userinput>mkdir -p /1</userinput> > &prompt.root; <userinput>vi /etc/fstab</userinput> # æ°å¢ä¸ç /dev/da1e çè³è¨ã > &prompt.root; <userinput>mount /1</userinput></screen> > >- <note><para>å¾ &os; 5.1-RELEASE éå§ï¼&man.bsdlabel.8; å代åæ¬ç >- &man.disklabel.8; ç¨å¼ï¼æäºæ令åæ¸å·²ç¶å»¢æ£ä¸ç¨ã >- ä¸é¢ç¯ä¾è£¡ï¼å¦æç¨çæ¯ &man.bsdlabel.8;ï¼<option>-r</option> >- åæ¸æ該æ¿æãæ´å¤çè³è¨è«åè &man.bsdlabel.8; manual pageã >- </para></note> > </sect3> > </sect2> > </sect1> >@@ -430,47 +417,28 @@ > Add this line to your kernel configuration file, rebuild, and > reinstall the kernel:</para> > >- <programlisting>pseudo-device ccd 4</programlisting> >- >- <para>On 5.X systems, you have to use instead the following >- line:</para> >- > <programlisting>device ccd</programlisting> > >- <note><para>In FreeBSD 5.X, it is not necessary to specify >- a number of &man.ccd.4; devices, as the &man.ccd.4; device driver is now >- self-cloning — new device instances will automatically be >- created on demand.</para></note> >- > <para>The &man.ccd.4; support can also be >- loaded as a kernel loadable module in FreeBSD 3.0 or >- later.</para> >+ loaded as a kernel loadable module.</para> > > <para>To set up &man.ccd.4;, you must first use >- &man.disklabel.8; to label the disks:</para> >+ &man.bsdlabel.8; to label the disks:</para> > >- <programlisting>disklabel -r -w ad1 auto >-disklabel -r -w ad2 auto >-disklabel -r -w ad3 auto</programlisting> >+ <programlisting>bsdlabel -r -w ad1 auto >+bsdlabel -r -w ad2 auto >+bsdlabel -r -w ad3 auto</programlisting> > >- <para>This creates a disklabel for <devicename>ad1c</devicename>, <devicename>ad2c</devicename> and <devicename>ad3c</devicename> that >+ <para>This creates a bsdlabel for <devicename>ad1c</devicename>, <devicename>ad2c</devicename> and <devicename>ad3c</devicename> that > spans the entire disk.</para> > >- <note><para>Since &os; 5.1-RELEASE, the &man.bsdlabel.8; >- utility replaces the old &man.disklabel.8; program. With >- &man.bsdlabel.8; a number of obsolete options and parameters >- have been retired; in the examples above the option >- <option>-r</option> should be removed. For more >- information, please refer to the &man.bsdlabel.8; >- manual page.</para></note> >- > <para>The next step is to change the disk label type. You >- can use &man.disklabel.8; to edit the >+ can use &man.bsdlabel.8; to edit the > disks:</para> > >- <programlisting>disklabel -e ad1 >-disklabel -e ad2 >-disklabel -e ad3</programlisting> >+ <programlisting>bsdlabel -e ad1 >+bsdlabel -e ad2 >+bsdlabel -e ad3</programlisting> > > <para>This opens up the current disk label on each disk with > the editor specified by the <envar>EDITOR</envar> >@@ -499,17 +467,6 @@ > <sect4 id="ccd-buildingfs"> > <title>Building the File System</title> > >- <para>The device node for >- <devicename>ccd0c</devicename> may not exist yet, so to >- create it, perform the following commands:</para> >- >- <programlisting>cd /dev >-sh MAKEDEV ccd0</programlisting> >- >- <note><para>In FreeBSD 5.0, &man.devfs.5; will automatically >- manage device nodes in <filename>/dev</filename>, so use of >- <command>MAKEDEV</command> is not necessary.</para></note> >- > <para>Now that you have all the disks labeled, you must > build the &man.ccd.4;. To do that, > use &man.ccdconfig.8;, with options similar to the following:</para> >@@ -788,22 +745,13 @@ > </note> > > <para>Support for USB 2.0 controllers is provided on >- &os; 5.X, and on the 4.X branch since &os; 4.10-RELEASE. >- You have to add:</para> >+ &os;; however, you must add:</para> > > <programlisting>device ehci</programlisting> > > <para>to your configuration file for USB 2.0 support. Note > &man.uhci.4; and &man.ohci.4; drivers are still needed if you > want USB 1.X support.</para> >- >- <note> >- <para>On &os; 4.X, the USB daemon (&man.usbd.8;) must be >- running to be able to see some USB devices. To enable it, >- add <literal>usbd_enable="YES"</literal> to your >- <filename>/etc/rc.conf</filename> file and reboot the >- machine.</para> >- </note> > </sect2> > > <sect2> >@@ -1020,16 +968,9 @@ > > <screen>&prompt.root; <userinput>mkisofs -R -no-emul-boot -b boot/cdboot -o /tmp/bootable.iso /tmp/myboot</userinput></screen> > >- <para>Having done that, if you have <devicename>vn</devicename> >- (FreeBSD 4.X), or <devicename>md</devicename> >- (FreeBSD 5.X) >+ <para>Having done that, if you have <devicename>md</devicename> > configured in your kernel, you can mount the file system with:</para> > >- <screen>&prompt.root; <userinput>vnconfig -e vn0c /tmp/bootable.iso</userinput> >-&prompt.root; <userinput>mount -t cd9660 /dev/vn0c /mnt</userinput></screen> >- >- <para>for FreeBSD 4.X, and for FreeBSD 5.X:</para> >- > <screen>&prompt.root; <userinput>mdconfig -a -t vnode -f /tmp/bootable.iso -u 0</userinput> > &prompt.root; <userinput>mount -t cd9660 /dev/md0 /mnt</userinput></screen> > >@@ -1058,7 +999,7 @@ > > <para>Will burn a copy of <replaceable>imagefile.iso</replaceable> on > <replaceable>cddevice</replaceable>. The default device is >- <filename>/dev/acd0</filename> (or <filename>/dev/acd0c</filename> under &os; 4.X). See &man.burncd.8; for options to >+ <filename>/dev/acd0</filename>. See &man.burncd.8; for options to > set the write speed, eject the CD after burning, and write audio > data.</para> > </sect2> >@@ -1093,7 +1034,7 @@ > <secondary>burning</secondary> > </indexterm> > <screen>&prompt.root; <userinput>cdrecord -scanbus</userinput> >-Cdrecord 1.9 (i386-unknown-freebsd4.2) Copyright (C) 1995-2000 Jörg Schilling >+Cdrecord-Clone 2.01 (i386-unknown-freebsd7.0) Copyright (C) 1995-2004 Jörg Schilling > Using libscg version 'schily-0.1' > scsibus0: > 0,0,0 0) 'SEAGATE ' 'ST39236LW ' '0004' Disk >@@ -1173,15 +1114,6 @@ > > <screen>&prompt.root; <userinput>dd if=/dev/acd0 of=/dev/null count=1</userinput></screen> > >- <note><para>In &os; 4.X, the entries are not prefixed with >- zero. If the necessary entries in <filename>/dev</filename> >- are missing, use <command>MAKEDEV</command> to create >- them:</para> >- >- <screen>&prompt.root; <userinput>cd /dev</userinput> >-&prompt.root; <userinput>sh MAKEDEV acd0t99</userinput></screen> >- </note> >- > </step> > > <step> >@@ -1213,9 +1145,7 @@ > &man.mkisofs.8;, and you can use it to duplicate > any data CD. The example given here assumes that your CDROM > device is <devicename>acd0</devicename>. Substitute your >- correct CDROM device. Under &os; 4.X, a <literal>c</literal> must be appended >- to the end of the device name to indicate the entire partition >- or, in the case of CDROMs, the entire disc.</para> >+ correct CDROM device.</para> > > <screen>&prompt.root; <userinput>dd if=/dev/acd0 of=file.iso bs=2048</userinput></screen> > >@@ -1260,7 +1190,7 @@ > oddly, however. For example, Joliet disks store all filenames > in two-byte Unicode characters. The FreeBSD kernel does not > speak Unicode (yet!), so non-English characters show up as >- question marks. (If you are running FreeBSD 4.3 or later, the >+ question marks. (The FreeBSD > CD9660 driver includes hooks to load an appropriate Unicode > conversion table on the fly. Modules for some of the common > encodings are available via the >@@ -1797,44 +1727,9 @@ > > <para>Floppy disks are accessed through entries in > <filename>/dev</filename>, just like other devices. To >- access the raw floppy disk in 4.X and earlier releases, one >- uses >- <filename>/dev/fd<replaceable>N</replaceable></filename>, >- where <replaceable>N</replaceable> stands for the drive >- number, usually 0, or >- <filename>/dev/fd<replaceable>NX</replaceable></filename>, >- where <replaceable>X</replaceable> stands for a >- letter.</para> >- >- <para>In 5.0 or newer releases, simply use >+ access the raw floppy disk, simply use > <filename>/dev/fd<replaceable>N</replaceable></filename>.</para> > >- <sect4> >- <title>The Disk Size in 4.X and Earlier Releases</title> >- >- <para>There are also <filename>/dev/fd<replaceable>N</replaceable>.<replaceable>size</replaceable></filename> >- devices, where <replaceable>size</replaceable> is a floppy disk >- size in kilobytes. These entries are used at low-level format >- time to determine the disk size. 1440kB is the size that will be >- used in the following examples.</para> >- >- <para>Sometimes the entries under <filename>/dev</filename> will >- have to be (re)created. To do that, issue:</para> >- >- <screen>&prompt.root; <userinput>cd /dev && ./MAKEDEV "fd*"</userinput></screen> >- </sect4> >- >- <sect4> >- <title>The Disk Size in 5.0 and Newer Releases</title> >- >- <para>In 5.0, &man.devfs.5; will automatically >- manage device nodes in <filename>/dev</filename>, so use of >- <command>MAKEDEV</command> is not necessary.</para> >- >- <para>The desired disk size is passed to &man.fdformat.1; through >- the <option>-f</option> flag. Supported sizes are listed in >- &man.fdcontrol.8;, but be advised that 1440kB is what works best.</para> >- </sect4> > </sect3> > > <sect3> >@@ -1854,19 +1749,7 @@ > determine if the disk is good or bad.</para> > > <sect4> >- <title>Formatting in 4.X and Earlier Releases</title> >- >- <para>Use the >- <filename>/dev/fd<replaceable>N</replaceable>.<replaceable>size</replaceable></filename> >- devices to format the floppy. Insert a new 3.5inch floppy >- disk in your drive and issue:</para> >- >- <screen>&prompt.root; <userinput>/usr/sbin/fdformat /dev/fd0.1440</userinput></screen> >- >- </sect4> >- >- <sect4> >- <title>Formatting in 5.0 and Newer Releases</title> >+ <title>Formatting Floppy Disks</title> > > <para>Use the > <filename>/dev/fd<replaceable>N</replaceable></filename> >@@ -1879,8 +1762,6 @@ > </sect3> > </sect2> > >- >- > <sect2> > <title>The Disk Label</title> > >@@ -1894,12 +1775,12 @@ > floppy. The geometry values for the disk label are listed in > <filename>/etc/disktab</filename>.</para> > >- <para>You can run now &man.disklabel.8; like so:</para> >+ <para>You can run now &man.bsdlabel.8; like so:</para> > >- <screen>&prompt.root; <userinput>/sbin/disklabel -B -r -w /dev/fd0 fd1440</userinput></screen> >+ <screen>&prompt.root; <userinput>/sbin/bsdlabel -B -r -w /dev/fd0 fd1440</userinput></screen> > > <note><para>Since &os; 5.1-RELEASE, the &man.bsdlabel.8; >- utility replaces the old &man.disklabel.8; program. With >+ utility replaces the old &man.bsdlabel.8; program. With > &man.bsdlabel.8; a number of obsolete options and parameters > have been retired; in the example above the option > <option>-r</option> should be removed. For more >@@ -1931,9 +1812,7 @@ > <sect2> > <title>Using the Floppy</title> > >- <para>To use the floppy, mount it with &man.mount.msdos.8; (in >- 4.X and earlier releases) or &man.mount.msdosfs.8; (in 5.0 or >- newer releases). One can also use >+ <para>To use the floppy, mount it with &man.mount.msdos.8;. One can also use > <filename role="package">emulators/mtools</filename> from the ports > collection.</para> > </sect2> >@@ -2607,11 +2486,11 @@ > <para>There are only four steps that you need to perform in > preparation for any disaster that may occur.</para> > <indexterm> >- <primary><command>disklabel</command></primary> >+ <primary><command>bsdlabel</command></primary> > </indexterm> > >- <para>First, print the disklabel from each of your disks >- (e.g. <command>disklabel da0 | lpr</command>), your file system table >+ <para>First, print the bsdlabel from each of your disks >+ (e.g. <command>bsdlabel da0 | lpr</command>), your file system table > (<filename>/etc/fstab</filename>) and all boot messages, > two copies of > each.</para> >@@ -2627,7 +2506,7 @@ > <para>Otherwise, you have to create two custom bootable > floppies which have a kernel that can mount all of your disks > and access your tape drive. These floppies must contain: >- <command>fdisk</command>, <command>disklabel</command>, >+ <command>fdisk</command>, <command>bsdlabel</command>, > <command>newfs</command>, <command>mount</command>, and > whichever backup program you use. These programs must be > statically linked. If you use <command>dump</command>, the >@@ -2674,7 +2553,7 @@ > > # place boot blocks on the floppy > # >-disklabel -w -B /dev/fd0c fd1440 >+bsdlabel -w -B /dev/fd0c fd1440 > > # > # newfs the one and only partition >@@ -2848,14 +2727,14 @@ > </indexterm> > <indexterm><primary>root partition</primary></indexterm> > <indexterm> >- <primary><command>disklabel</command></primary> >+ <primary><command>bsdlabel</command></primary> > </indexterm> > <indexterm> > <primary><command>newfs</command></primary> > </indexterm> > <para>Try to <command>mount</command> (e.g. <command>mount /dev/da0a > /mnt</command>) the root partition of your first disk. If the >- disklabel was damaged, use <command>disklabel</command> to re-partition and >+ bsdlabel was damaged, use <command>bsdlabel</command> to re-partition and > label the disk to match the label that you printed and saved. Use > <command>newfs</command> to re-create the file systems. Re-mount the root > partition of the floppy read-write (<command>mount -u -o rw >@@ -2920,73 +2799,19 @@ > memory-based file systems.</para> > > <note> >- <para>The FreeBSD 4.X users will have to use &man.MAKEDEV.8; >- to create the required devices. FreeBSD 5.0 and later use >- &man.devfs.5; to allocate device nodes transparently for the >+ <para>Use &man.devfs.5; to allocate device nodes transparently for the > user.</para> > </note> > >- <sect2 id="disks-vnconfig"> >- <title>File-Backed File System under FreeBSD 4.X</title> >- <indexterm> >- <primary>disks</primary> >- <secondary>file-backed (4.X)</secondary> >- </indexterm> >- >- <para>The utility &man.vnconfig.8; configures and enables vnode pseudo-disk >- devices. A <firstterm>vnode</firstterm> is a representation >- of a file, and is the focus of file activity. This means that >- &man.vnconfig.8; uses files to create and operate a >- file system. One possible use is the mounting of floppy or CD >- images kept in files.</para> >- >- <para>To use &man.vnconfig.8;, you need &man.vn.4; support in your >- kernel configuration file:</para> >- >- <programlisting>pseudo-device vn</programlisting> >- >- <para>To mount an existing file system image:</para> >- >- <example> >- <title>Using vnconfig to Mount an Existing File System >- Image under FreeBSD 4.X</title> >- >- <screen>&prompt.root; <userinput>vnconfig vn<replaceable>0</replaceable> <replaceable>diskimage</replaceable></userinput> >-&prompt.root; <userinput>mount /dev/vn<replaceable>0</replaceable>c <replaceable>/mnt</replaceable></userinput></screen> >- </example> >- >- <para>To create a new file system image with &man.vnconfig.8;:</para> >- >- <example> >- <title>Creating a New File-Backed Disk with <command>vnconfig</command></title> >- >- <screen>&prompt.root; <userinput>dd if=/dev/zero of=<replaceable>newimage</replaceable> bs=1k count=<replaceable>5</replaceable>k</userinput> >-5120+0 records in >-5120+0 records out >-&prompt.root; <userinput>vnconfig -s labels -c vn<replaceable>0</replaceable> <replaceable>newimage</replaceable></userinput> >-&prompt.root; <userinput>disklabel -r -w vn<replaceable>0</replaceable> auto</userinput> >-&prompt.root; <userinput>newfs vn<replaceable>0</replaceable>c</userinput> >-Warning: 2048 sector(s) in last cylinder unallocated >-/dev/vn0c: 10240 sectors in 3 cylinders of 1 tracks, 4096 sectors >- 5.0MB in 1 cyl groups (16 c/g, 32.00MB/g, 1280 i/g) >-super-block backups (for fsck -b #) at: >- 32 >-&prompt.root; <userinput>mount /dev/vn<replaceable>0</replaceable>c <replaceable>/mnt</replaceable></userinput> >-&prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput> >-Filesystem 1K-blocks Used Avail Capacity Mounted on >-/dev/vn0c 4927 1 4532 0% /mnt</screen> >- </example> >- </sect2> >- > <sect2 id="disks-mdconfig"> >- <title>File-Backed File System under FreeBSD 5.X</title> >+ <title>File-Backed File System</title> > <indexterm> > <primary>disks</primary> >- <secondary>file-backed (5.X)</secondary> >+ <secondary>file-backed</secondary> > </indexterm> > > <para>The utility &man.mdconfig.8; is used to configure and enable >- memory disks, &man.md.4;, under FreeBSD 5.X. To use >+ memory disks, &man.md.4;, under FreeBSD. To use > &man.mdconfig.8;, you have to load &man.md.4; module or to add > the support in your kernel configuration file:</para> > >@@ -3002,7 +2827,7 @@ > > <example> > <title>Using <command>mdconfig</command> to Mount an Existing File System >- Image under FreeBSD 5.X</title> >+ Image</title> > > <screen>&prompt.root; <userinput>mdconfig -a -t vnode -f <replaceable>diskimage</replaceable> -u <replaceable>0</replaceable></userinput> > &prompt.root; <userinput>mount /dev/md<replaceable>0</replaceable> <replaceable>/mnt</replaceable></userinput></screen> >@@ -3017,16 +2842,16 @@ > 5120+0 records in > 5120+0 records out > &prompt.root; <userinput>mdconfig -a -t vnode -f <replaceable>newimage</replaceable> -u <replaceable>0</replaceable></userinput> >-&prompt.root; <userinput>disklabel -r -w md<replaceable>0</replaceable> auto</userinput> >-&prompt.root; <userinput>newfs md<replaceable>0</replaceable>c</userinput> >-/dev/md0c: 5.0MB (10240 sectors) block size 16384, fragment size 2048 >- using 4 cylinder groups of 1.27MB, 81 blks, 256 inodes. >+&prompt.root; <userinput>bsdlabel -w md<replaceable>0</replaceable> auto</userinput> >+&prompt.root; <userinput>newfs md<replaceable>0</replaceable>a</userinput> >+/dev/md0a: 5.0MB (10224 sectors) block size 16384, fragment size 2048 >+ using 4 cylinder groups of 1.25MB, 80 blks, 192 inodes. > super-block backups (for fsck -b #) at: >- 32, 2624, 5216, 7808 >-&prompt.root; <userinput>mount /dev/md<replaceable>0</replaceable>c <replaceable>/mnt</replaceable></userinput> >+ 160, 2720, 5280, 7840 >+&prompt.root; <userinput>mount /dev/md<replaceable>0</replaceable>a <replaceable>/mnt</replaceable></userinput> > &prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput> >-Filesystem 1K-blocks Used Avail Capacity Mounted on >-/dev/md0c 4846 2 4458 0% /mnt</screen> >+Filesystem 1K-blocks Used Avail Capacity Mounted on >+/dev/md0a 4710 4 4330 0% /mnt</screen> > </example> > > <para>If you do not specify the unit number with the >@@ -3036,17 +2861,9 @@ > <devicename>md4</devicename>. For more details about > &man.mdconfig.8;, please refer to the manual page.</para> > >- <note><para>Since &os; 5.1-RELEASE, the &man.bsdlabel.8; >- utility replaces the old &man.disklabel.8; program. With >- &man.bsdlabel.8; a number of obsolete options and parameters >- have been retired; in the example above the option >- <option>-r</option> should be removed. For more >- information, please refer to the &man.bsdlabel.8; >- manual page.</para></note> >- > <para>The utility &man.mdconfig.8; is very useful, however it > asks many command lines to create a file-backed file system. >- FreeBSD 5.0 also comes with a tool called &man.mdmfs.8;, >+ FreeBSD also comes with a tool called &man.mdmfs.8;, > this program configures a &man.md.4; disk using > &man.mdconfig.8;, puts a UFS file system on it using > &man.newfs.8;, and mounts it using &man.mount.8;. For example, >@@ -3061,7 +2878,7 @@ > &prompt.root; <userinput>mdmfs -F <replaceable>newimage</replaceable> -s <replaceable>5</replaceable>m md<replaceable>0</replaceable> <replaceable>/mnt</replaceable></userinput> > &prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput> > Filesystem 1K-blocks Used Avail Capacity Mounted on >-/dev/md0 4846 2 4458 0% /mnt</screen> >+/dev/md0 4718 4 4338 0% /mnt</screen> > </example> > > <para>If you use the option <option>md</option> without unit >@@ -3071,47 +2888,23 @@ > > </sect2> > >- <sect2 id="disks-md-freebsd4"> >- <title>Memory-Based File System under FreeBSD 4.X</title> >- <indexterm> >- <primary>disks</primary> >- <secondary>memory file system (4.X)</secondary> >- </indexterm> >- >- <para>The &man.md.4; driver is a simple, efficient means to create memory >- file systems under FreeBSD 4.X. &man.malloc.9; is used >- to allocate the memory.</para> >- >- <para>Simply take a file system you have prepared with, for >- example, &man.vnconfig.8;, and:</para> >- >- <example> >- <title>md Memory Disk under FreeBSD 4.X</title> >- >- <screen>&prompt.root; <userinput>dd if=<replaceable>newimage</replaceable> of=/dev/md<replaceable>0</replaceable></userinput> >-5120+0 records in >-5120+0 records out >-&prompt.root; <userinput>mount /dev/md<replaceable>0c</replaceable> <replaceable>/mnt</replaceable></userinput> >-&prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput> >-Filesystem 1K-blocks Used Avail Capacity Mounted on >-/dev/md0c 4927 1 4532 0% /mnt</screen> >- </example> >- >- <para>For more details, please refer to &man.md.4; manual >- page.</para> >- </sect2> >- > <sect2 id="disks-md-freebsd5"> >- <title>Memory-Based File System under FreeBSD 5.X</title> >+ <title>Memory-Based File System</title> > <indexterm> > <primary>disks</primary> >- <secondary>memory file system (5.X)</secondary> >+ <secondary>memory file system</secondary> > </indexterm> > >- <para>The same tools are used for memory-based and file-backed >- file systems: &man.mdconfig.8; or &man.mdmfs.8;. The storage >- for memory-based file system is allocated with >- &man.malloc.9;.</para> >+ <para>For a >+ memory-based file system the <quote>swap backing</quote> >+ should normally be used. Using swap backing does not mean >+ that the memory disk will be swapped out to disk by default, >+ but merely that the memory disk will be allocated from a >+ memory pool which can be swapped out to disk if needed. It is >+ also possible to create memory-based disk which are >+ &man.malloc.9; backed, but using malloc backed memory disks, >+ especially large ones, can result in a system panic if the >+ kernel runs out of memory.</para> > > <example> > <title>Creating a New Memory-Based Disk with >@@ -3170,13 +2963,6 @@ > &man.md.4; devices in using the command <command>mdconfig > -l</command>.</para> > >- <para>For FreeBSD 4.X, &man.vnconfig.8; is used to detach >- the device. For example to detach and free all resources >- used by <filename>/dev/vn4</filename>:</para> >- >- <screen>&prompt.root; <userinput>vnconfig -u vn<replaceable>4</replaceable></userinput></screen> >- >- > </sect2> > </sect1> > >@@ -3199,7 +2985,7 @@ > <secondary>snapshots</secondary> > </indexterm> > >- <para>FreeBSD 5.0 offers a new feature in conjunction with >+ <para>FreeBSD offers a feature in conjunction with > <link linkend="soft-updates">Soft Updates</link>: File system snapshots.</para> > > <para>Snapshots allow a user to create images of specified file >@@ -3594,15 +3380,6 @@ > </step> > > <step> >- <title>Verify the Operating System Version</title> >- >- <para>&man.gbde.4; requires FreeBSD 5.0 or higher.</para> >- >- <screen>&prompt.root; <userinput>uname -r</userinput> >-5.0-RELEASE</screen> >- </step> >- >- <step> > <title>Add &man.gbde.4; Support to the Kernel Configuration File</title> > > <para>Add the following line to the kernel configuration >@@ -3742,9 +3519,6 @@ > initialize the old UFS1 file system, using &man.newfs.8; with > the <option>-O2</option> option is recommended.</para> > >- <note><para>The <option>-O2</option> option is the default >- with &os; 5.1-RELEASE and later.</para></note> >- > <screen>&prompt.root; <userinput>newfs -U -O2 /dev/ad4s1c.bde</userinput></screen> > > <note> >@@ -4100,6 +3874,137 @@ > </sect3> > </sect2> > </sect1> >+ >+ >+ <sect1 id="swap-encrypting"> >+ <sect1info> >+ <authorgroup> >+ <author> >+ <firstname>Christian</firstname> >+ <surname>Brüffer</surname> >+ <contrib>Written by </contrib> >+ </author> >+ </authorgroup> >+ </sect1info> >+ >+ <title>Encrypting Swap Space</title> >+ <indexterm> >+ <primary>swap</primary> >+ <secondary>encrypting</secondary> >+ </indexterm> >+ >+ <para>Swap encryption in &os; is easy to configure and has been >+ available since &os; 5.3-RELEASE. Depending on which version >+ of &os; is being used, different options are available >+ and configuration can vary slightly. From &os; 6.0-RELEASE onwards, >+ the &man.gbde.8; or &man.geli.8; encryption systems can be used >+ for swap encryption. With earlier versions, only &man.gbde.8; is >+ available. Both systems use the <filename>encswap</filename> >+ <link linkend="configtuning-rcd">rc.d</link> script.</para> >+ >+ <para>The previous section, <link linkend="disks-encrypting">Encrypting >+ Disk Partitions</link>, includes a short discussion on the different >+ encryption systems.</para> >+ >+ <sect2> >+ <title>Why should Swap be Encrypted?</title> >+ >+ <para>Like the encryption of disk partitions, encryption of swap space >+ is done to protect sensitive information. Imagine an application >+ that e.g. deals with passwords. As long as these passwords stay in >+ physical memory, all is well. However, if the operating system starts >+ swapping out memory pages to free space for other applications, the >+ passwords may be written to the disk platters unencrypted and easy to >+ retrieve for an adversary. Encrypting swap space can be a solution for >+ this scenario.</para> >+ </sect2> >+ >+ <sect2> >+ <title>Preparation</title> >+ >+ <note> >+ <para>For the remainder of this section, <devicename>ad0s1b</devicename> >+ will be the swap partition.</para> >+ </note> >+ >+ <para>Up to this point the swap has been unencrypted. It is possible that >+ there are already passwords or other sensitive data on the disk platters >+ in cleartext. To rectify this, the data on the swap partition should be >+ overwritten with random garbage:</para> >+ >+ <screen>&prompt.root; <userinput>dd if=/dev/random of=/dev/ad0s1b bs=1m</userinput></screen> >+ </sect2> >+ >+ <sect2> >+ <title>Swap Encryption with &man.gbde.8;</title> >+ >+ <para>If &os; 6.0-RELEASE or newer is being used, the >+ <literal>.bde</literal> suffix should be added to the device in the >+ respective <filename>/etc/fstab</filename> swap line:</para> >+ >+ <screen> >+# Device Mountpoint FStype Options Dump Pass# >+/dev/ad0s1b.bde none swap sw 0 0 >+ </screen> >+ >+ <para>For systems prior to &os; 6.0-RELEASE, the following line >+ in <filename>/etc/rc.conf</filename> is also needed:</para> >+ >+ <programlisting>gbde_swap_enable="YES"</programlisting> >+ </sect2> >+ >+ <sect2> >+ <title>Swap Encryption with &man.geli.8;</title> >+ >+ <para>Alternatively, the procedure for using &man.geli.8; for swap >+ encryption is similar to that of using &man.gbde.8;. The >+ <literal>.eli</literal> suffix should be added to the device in the >+ respective <filename>/etc/fstab</filename> swap line:</para> >+ >+ <screen> >+# Device Mountpoint FStype Options Dump Pass# >+/dev/ad0s1b.eli none swap sw 0 0 >+ </screen> >+ >+ <para>&man.geli.8; uses the <acronym>AES</acronym> algorithm with >+ a key length of 256 bit by default.</para> >+ >+ <para>Optionally, these defaults can be altered using the >+ <literal>geli_swap_flags</literal> option in >+ <filename>/etc/rc.conf</filename>. The following line tells the >+ <filename>encswap</filename> rc.d script to create &man.geli.8; swap >+ partitions using the Blowfish algorithm with a key length of 128 bit, >+ a sectorsize of 4 kilobytes and the <quote>detach on last close</quote> >+ option set:</para> >+ >+ <programlisting>geli_swap_flags="-a blowfish -l 128 -s 4096 -d"</programlisting> >+ >+ <para>Please refer to the description of the <command>onetime</command> command >+ in the &man.geli.8; manual page for a list of possible options.</para> >+ </sect2> >+ >+ <sect2> >+ <title>Verifying that it Works</title> >+ >+ <para>Once the system has been rebooted, proper operation of the >+ encrypted swap can be verified using the >+ <command>swapinfo</command> command.</para> >+ >+ <para>If &man.gbde.8; is being used:</para> >+ >+ <screen>&prompt.user; <userinput>swapinfo</userinput> >+Device 1K-blocks Used Avail Capacity >+/dev/ad0s1b.bde 542720 0 542720 0% >+ </screen> >+ >+ <para>If &man.geli.8; is being used:</para> >+ >+ <screen>&prompt.user; <userinput>swapinfo</userinput> >+Device 1K-blocks Used Avail Capacity >+/dev/ad0s1b.eli 542720 0 542720 0% >+ </screen> >+ </sect2> >+ </sect1> > </chapter> > > <!--
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=67915">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 99992
: 67915