Context Navigation

← Previous Changeset
Next Changeset →

Changeset 0931098

Timestamp:

06/13/2004 05:38:30 AM (19 years ago)

Author:

DJ Lucas <dj@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, ken/inkscape-core-mods, krejzi/svn, lazarus, nosym, perl-modules, plabs/python-mods, qt5new, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/soup3, xry111/test-20220226

Children:

60384c68

Parents:

08254fc

Message:

Part VI xml update + bz815

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@2307 af4574ff-66df-0310-9fd7-8a98e5e911e0

Files:

: 20 edited

general.ent (modified) (3 diffs)
index.xml (modified) (3 diffs)
introduction/welcome/changelog.xml (modified) (1 diff)
server/mail/courier.xml (modified) (1 diff)
server/mail/exim.xml (modified) (1 diff)
server/mail/mail.xml (modified) (2 diffs)
server/mail/postfix.xml (modified) (1 diff)
server/mail/qpopper.xml (modified) (1 diff)
server/mail/sendmail.xml (modified) (1 diff)
server/other/bind.xml (modified) (1 diff)
server/other/cvsserver.xml (modified) (1 diff)
server/other/dhcp.xml (modified) (1 diff)
server/other/leafnode.xml (modified) (1 diff)
server/other/openldap.xml (modified) (1 diff)
server/other/openssh.xml (modified) (1 diff)
server/other/other.xml (modified) (2 diffs)
server/other/rsync.xml (modified) (1 diff)
server/other/samba3.xml (modified) (1 diff)
server/other/xinetd.xml (modified) (1 diff)
server/server.xml (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

general.ent

-              r08254fc
+              r0931098
 <!ENTITY version      "cvs-20040611">
 <!ENTITY releasedate  "June 11th, 2004">
 <!ENTITY pubdate      "2004-06-11">       <!-- metadata req. by TLDP -->
+<!ENTITY version      "cvs-20040612">
+<!ENTITY releasedate  "June 12th, 2004">
+<!ENTITY pubdate      "2004-06-12">       <!-- metadata req. by TLDP -->
 <!ENTITY blfs-version "cvs">              <!-- cvs|[release #] -->
 <!ENTITY lfs-version  "stable">           <!-- stable|testing|unstable] -->
 …
 <!ENTITY heimdal-version           "0.6.2">
 <!ENTITY mitkrb-version            "1.3.3">
 <!-- Chapter 5 -->
 …
 <!-- Part VI -->
 <!-- Chapter 21 -->
+<!ENTITY postfix-version "2.1.1">
+<!ENTITY sendmail-version "8.12.10">
+<!ENTITY exim-version "4.24">
+<!ENTITY qpopper-version "4.0.5">
+<!ENTITY courier-version "0.45.5">
 <!-- Chapter 22 -->
+<!-- bind (chapter 19) -->
+<!-- cvs (chapter 18) -->
+<!-- dhcp (chapter 14) -->
+<!ENTITY leafnode-version "1.9.43">
+<!-- openssh (chapter 18) -->
+<!-- rsync (chaptet 18) -->
+<!ENTITY openldap-version "2.1.30">
+<!ENTITY samba3-version "3.0.4">
+<!ENTITY xinetd-version "2.3.13">
 <!-- Part VII -->

index.xml

-              r08254fc
+              r0931098
         "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
 <!ENTITY version "cvs-20040606">
 <!ENTITY releasedate "June 6th, 2004">
 <!ENTITY pubdate "2004-06-06">
+<!ENTITY version "cvs-20040612">
+<!ENTITY releasedate "June 12th, 2004">
+<!ENTITY pubdate "2004-06-12">
 <!ENTITY blfs-version "cvs">
 <!ENTITY last-commit "Sun Jun 06 10:08:20 CDT 2004">
 …
 %general;
 <!-- %connect;
 %basicnet; -->
+%basicnet;
 %server;
 <!-- %content; -->
+%content; -->
 %x;
 %kde;
 …
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="connect/connect.xml"/>
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="basicnet/basicnet.xml"/>
+&server;
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="server/server.xml"/>
+<!-- &server; -->
 <xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="content/content.xml"/>
 &x;

introduction/welcome/changelog.xml

r08254fc	r0931098
19	19	<itemizedlist>
20	20
	21	<listitem><para>June 12th, 2004 [dj]: added end quotes to EOFs when creating
	22	courier's pam.d config files</para></listitem>
21	23
22	24	<listitem><para>June 11th, 2004 [larry]: added our new co-editor;

server/mail/courier.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY courier-download-http "http://prdownloads.sourceforge.net/courier/courier-&courier-version;.tar.bz2">
+<!ENTITY courier-download-ftp " ">
+<!ENTITY courier-size "4.2 MB">
+<!ENTITY courier-buildsize "114 MB">
+<!ENTITY courier-time "3.00 SBU">
+]>
 <sect1 id="courier" xreflabel="Courier-&courier-version;">
 <?dbhtml filename="courier.html"?>
 <title>Courier-&courier-version;</title>
+&courier-intro;
+&courier-inst;
+&courier-exp;
+&courier-config;
+&courier-desc;
+<sect2>
+<title>Introduction to <application>Courier</application></title>
+<para>The <application>Courier</application> package contains a Mail Transport
+Agent (<acronym>MTA</acronym>). This is useful for sending email to other users
+of your host machine. It can also be configured to be a central mail server for
+your domain or a mail relay agent. The <application>Courier</application>
+packages also includes a web-based email interface, <acronym>IMAP</acronym>,
+<acronym>IMAP</acronym>-<acronym>SSL</acronym>, <acronym>POP</acronym>3, and
+<acronym>POP</acronym>3-<acronym>SSL</acronym>.</para>
+<!--
+The configuration
+listed below will allow users with <acronym>PAM</acronym> and virtual-users in
+a <application>My<acronym>SQL</acronym></application> Database access to email.</para>
+-->
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&courier-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&courier-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &courier-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &courier-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &courier-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Courier</application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="gdbm"/><!-- or <xref linkend="db"/> --></para></sect4>
+<sect4><title>Optional</title>
+<para>
+<xref linkend="mysql"/> or <xref linkend="postgresql"/>,
+<xref linkend="Linux_PAM"/>,
+<xref linkend="openssl"/>,
+<xref linkend="fam"/>,
+<xref linkend="openldap"/>,
+<xref linkend="apache"/>,
+<xref linkend="ispell"/> or <xref linkend="aspell"/>,
+<xref linkend="gnupg"/>,
+<ulink url="http://expect.nist.gov/">Expect</ulink>,
+<ulink url="http://netpbm.sourceforge.net/">Netpbm</ulink> and
+<ulink url="http://alpha.greenie.net/mgetty/">Mgetty+Sendfax</ulink>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Courier</application></title>
+<para> Before you compile the program, you need to create users and groups that
+will be expected to be in place when the install script executes. Add the users
+and groups with the following commands:</para>
+<screen><userinput><command>groupadd courier &amp;&amp;
+useradd -c 'Courier Mail Server' -d /dev/null -g courier -s /bin/false courier</command></userinput></screen>
+<para> You also need to create a bin user. If you already have a user
+named bin, this step can be safely ignored.</para>
+<screen><userinput><command>useradd -c 'bin' -d /dev/null -g bin -u 1 bin</command></userinput></screen>
+<para>This creates a
+<filename class="directory">/var/run/courier</filename> directory where
+all the <application>Courier</application> <acronym>MTA</acronym> pid
+files will exist. This will allow <filename>courierfilter.pid</filename>
+to be created. Without the <command>courierfilter</command> running, the
+<application>Courier</application> MTA will not work. Issue the
+following commands to create
+<filename class="directory">/var/run/courier</filename>:</para>
+<screen><userinput><command>mkdir /var/run/courier &amp;&amp;
+chown courier:courier /var/run/courier</command></userinput></screen>
+<para>Install <application>courier</application> by running the following commands:</para>
+<screen><userinput><command>./configure --prefix=/usr --libexecdir=/usr/lib/courier \
+    --datadir=/usr/share/courier --sysconfdir=/etc/courier \
+    --localstatedir=/var/lib/courier --with-piddir=/var/run/courier \
+    --disable-root-check --with-mailuser=courier --with-mailgroup=courier \
+    --with-paranoid-smtpext --disable-autorenamesent \
+    --enable-workarounds-for-imap-client-bugs --with-db=gdbm &amp;&amp;
+make &amp;&amp;
+make install &amp;&amp;
+make install-configure</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><parameter>--libexecdir=/usr/lib/courier</parameter>: Specifies
+the directory which contains programs and libraries that cannot be
+directly executed from the command-line.</para>
+<para><parameter>--datadir=/usr/share/courier</parameter>: Specifies the
+directory where miscellaneous shell scripts,
+<application>Perl</application> scripts, and data files will be
+installed.</para>
+<para><parameter>--localstatedir=/var/spool/courier</parameter>:
+Specifies the directory that will hold the mail queue, and other
+temporary data.</para>
+<para><parameter>--with-piddir=/var/run/courier</parameter>: Specifies
+the directory where <application>Courier</application>'s
+<filename>PID</filename> files are stored when
+<application>Courier</application> is active.</para>
+<para><option>--disable-root-check</option>: Allows
+<application>Courier</application> to be built as the root user.</para>
+<para><parameter>--with-mailuser=courier</parameter>: All except two
+<application>Courier</application> daemons run as a non-privileged user.
+This option specifies the userid that <application>Courier</application>
+will install and run as.</para>
+<para><parameter>--with-mailgroup=courier</parameter>: like
+<option>--with-mailuser</option>, but specifies the group
+<acronym>ID</acronym>.</para>
+<para><option>--with-paranoid-smtpext</option>: Be paranoid when
+negotiating Courier-specific <acronym>ESMTP</acronym> extensions with
+remote servers. The <application>Courier</application> mail server
+defines and implements certain experimental <acronym>ESMTP</acronym>
+extensions: XVERP and XEXDATA. Problems may result in the event that
+someone else uses the same name to implement some other extension. If
+this option is specified, <application>Courier's</application>
+<acronym>ESMTP</acronym> server will also advertise a dummy
+<acronym>ESMTP</acronym> capability called XCOURIEREXTENSIONS, and will
+not recognize any Courier-specific extensions unless the remote mail
+server also advertises this dummy <acronym>ESMTP</acronym>
+capability.</para>
+<para><option>--disable-autorenamesent</option>: Do not rename the Sent
+folder every month. This option can also be controlled by the
+<envar>SQWEBMAIL_AUTORENAMESENT</envar> environment variable.</para>
+<para><option>--enable-workarounds-for-imap-client-bugs</option>: There
+are several confirmed bugs in some <acronym>IMAP</acronym> clients that
+do not properly implement the <acronym>IMAP</acronym>4rev1 protocol.
+This option enables some workarounds for those buggy
+<acronym>IMAP</acronym> clients. NOTE: <command>make check</command>
+will fail if this option is used. You should first configure without
+this option, and if all post-configuration tests succeed, rerun
+configure with this option and recompile.</para>
+<para><parameter>--with-db=gdbm</parameter>:
+<application>Courier</application> requires either the
+<application><acronym>GDBM</acronym></application> or the
+<application>DB</application> database library.
+<application><acronym>GDBM</acronym></application> is used if both are
+present. This option forces the selection of the GDBM database
+library since support for DB is broken at the current state.</para>
+<!-- # Note - Courier will build fine with <xref linkend="db"/>, but all
+the database files will not be created correctly -->
+<para><parameter>--with-ispell=/usr/bin/aspell</parameter>:
+<application>Courier</application>'s webmail server can use spell
+checking, if <command>configure</command> finds
+<application>ispell</application> or if you explicitly set the location
+of <application>aspell</application>.</para>
+<para><parameter>--enable-mimetypes=<replaceable>[location of mime.types file]</replaceable></parameter>:
+Use this switch if you receive an error saying that the
+<filename>mime.types</filename> file could not be found.</para>
+</sect2>
+<sect2>
+<title>Configuring <application>Courier</application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/courier/*</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>Make the following changes in
+<filename>/etc/courier/authmysqlrc</filename> file if you are utilizing
+<application>My<acronym>SQL</acronym></application>:</para>
+<screen><userinput>MYSQL_SERVER            localhost
+MYSQL_USERNAME          courier
+MYSQL_PASSWORD          <replaceable>[your choice]</replaceable>
+MYSQL_SOCKET            /tmp/mysql.sock
+MYSQL_PORT              3306
+MYSQL_DATABASE          courier_mail
+MYSQL_USER_TABLE        users
+MYSQL_CLEAR_PWFIELD     clear
+DEFAULT DOMAIN          <replaceable>[your domain]</replaceable>
+MYSQL_QUOTA_FIELD       quota</userinput></screen>
+<para>If you utilize <application>PAM</application>:</para>
+<screen><userinput><command>cat &gt; /etc/pam.d/esmtp &lt;&lt; "EOF"</command>
+# Begin /etc/pam.d/esmtp
+auth            required                pam_unix.so try_first_pass
+account         required                pam_unix.so
+session         required                pam_unix.so
+# End /etc/pam.d/esmtp
+<command>EOF
+cat &gt; /etc/pam.d/pop3 &lt;&lt; "EOF"</command>
+# Begin /etc/pam.d/pop3
+auth            required                pam_unix.so try_first_pass
+account         required                pam_unix.so
+session         required                pam_unix.so
+# End /etc/pam.d/pop3
+<command>EOF
+cat &gt; /etc/pam.d/imap &lt;&lt; "EOF"</command>
+# Begin /etc/pam.d/imap
+auth            required                pam_unix.so try_first_pass
+account         required                pam_unix.so
+session         required                pam_unix.so
+# End /etc/pam.d/imap
+<command>EOF
+cat &gt; /etc/pam.d/webmail &lt;&lt; "EOF"</command>
+# Begin /etc/pam.d/webmail
+auth            required                pam_unix.so try_first_pass
+account         required                pam_unix.so
+session         required                pam_unix.so
+# End /etc/pam.d/webmail
+<command>EOF</command></userinput></screen>
+<para>Connect to the <application>My<acronym>SQL</acronym></application>
+database:</para>
+<screen><userinput><command>mysql -p</command></userinput></screen>
+<para>This command will create the database for authentication:</para>
+<screen><userinput><command>CREATE DATABASE courier_mail;
+USE courier_mail</command></userinput></screen>
+<para>This command will setup the table users for the courier_mail
+database:</para>
+<screen><userinput><command>CREATE TABLE users (
+id                    char(128) DEFAULT '' NOT NULL,
+crypt                 char(128) DEFAULT '' NOT NULL,
+clear                 char(128) DEFAULT '' NOT NULL,
+name                  char(128) DEFAULT '' NOT NULL,
+uid                   int(10) unsigned DEFAULT '65534' NOT NULL,
+gid                   int(10) unsigned DEFAULT '65534' NOT NULL,
+home                  char(255) DEFAULT '' NOT NULL,
+quota                 char(255) DEFAULT '' NOT NULL,
+KEY id (id(128))
+);</command></userinput></screen>
+<para>This will add the courier user that we specified earlier in the
+<filename>/etc/courier/authmysqlrc</filename> file:</para>
+<screen><userinput><command>GRANT ALL PRIVILEGES ON *.* TO courier@localhost IDENTIFIED BY '<replaceable>[password]</replaceable>' WITH GRANT OPTION;
+QUIT</command></userinput></screen>
+<para><emphasis>General Settings for Mail</emphasis></para>
+<para>You will need to create the following files with the contents
+specified.</para>
+<para><filename>/etc/courier/defaultdomain</filename></para>
+<screen><userinput><command>cat &gt; /etc/courier/defaultdomain &lt;&lt; "EOF"</command>
+<replaceable>[yourdomain]</replaceable>
+<command>EOF</command></userinput></screen>
+<para><filename>/etc/courier/me</filename></para>
+<screen><userinput><command>cat &gt; /etc/courier/me &lt;&lt; "EOF"</command>
+<replaceable>[servername.yourdomain]</replaceable>
+<command>EOF</command></userinput></screen>
+<para><filename>/etc/courier/locals</filename></para>
+<screen><userinput><command>cat &gt; /etc/courier/locals &lt;&lt; "EOF"</command>
+localhost
+<replaceable>[yourdomain]</replaceable>
+<command>EOF</command></userinput></screen>
+<para><filename>/etc/courier/esmtpacceptmailfor.dir/system</filename></para>
+<screen><userinput><command>cat &gt;/etc/courier/esmtpacceptmailfor.dir/system &lt;&lt; "EOF"</command>
+localhost
+<replaceable>[yourdomain]</replaceable>
+<command>EOF</command></userinput></screen>
+<para>You will also need to edit the aliases file and change the
+following entry.</para>
+<para><filename>/etc/courier/aliases/system</filename></para>
+<screen><userinput>postmaster: <replaceable>[your administrator email]</replaceable></userinput></screen>
+<para>If you want to deny access from some hosts from sending mail, you
+will need to edit the
+<filename>/etc/courier/smtpaccess/default</filename> file.</para>
+<para>After the above steps are completed you will need to run the
+following commands:</para>
+<screen><userinput><command>makesmtpaccess &amp;&amp;
+makehosteddomains &amp;&amp;
+makealiases</command></userinput></screen>
+<para><emphasis><acronym>SMTP</acronym>/<acronym>SMTMP</acronym>-<acronym>SSL
+</acronym> Configuration</emphasis></para>
+<para>This section will enable the <acronym>SMTP</acronym> Server from Courier</para>
+<para><filename>/etc/courier/esmtpd</filename></para>
+<screen><userinput>ESMTPDSTART=YES</userinput></screen>
+<para><filename>/etc/courier/esmtpd-ssl</filename></para>
+<screen><userinput>ESMTPDSSLSTART=YES</userinput></screen>
+<para><emphasis><acronym>POP</acronym>3/<acronym>POP</acronym>3-<acronym>SSL
+</acronym> Configuration</emphasis></para>
+<para>This section will enable the <acronym>POP</acronym>3 Server from
+Courier</para>
+<para><filename>/etc/courier/pop3d</filename></para>
+<screen><userinput>POP3DSTART=YES</userinput></screen>
+<para><filename>/etc/courier/pop3d-ssl</filename></para>
+<screen><userinput>POP3DSLLSTART=YES</userinput></screen>
+<para><emphasis><acronym>IMAP</acronym>/<acronym>IMAP</acronym>-<acronym>SSL
+</acronym> Configuration</emphasis></para>
+<para>This section will enable the <acronym>IMAP</acronym> Server from
+Courier</para>
+<para><filename>/etc/courier/imapd</filename></para>
+<screen><userinput>IMAPDSTART=YES</userinput></screen>
+<para><filename>/etc/courierd/imapd-ssl</filename></para>
+<screen><userinput>IMAPDSSLSTART=YES</userinput></screen>
+<para><emphasis>Creating Mail directories for System Users</emphasis></para>
+<para>This section will explain how to create MailDirs for
+your system users.</para>
+<screen><userinput><command>cd /home/<replaceable>[username]</replaceable> &amp;&amp;
+maildirmake Maildir &amp;&amp;
+chown <replaceable>[username]</replaceable>.<replaceable>[username]</replaceable> Maildir -R</command></userinput></screen>
+<para><emphasis>Setup for Virtual users</emphasis></para>
+<para>This section will explain how to setup Maildir for your virtual
+users.</para>
+<screen><userinput><command>groupadd -g 9000 vmailman &amp;&amp;
+useradd -c 'Virtual Mailman' -g vmailman -m -k /dev/null -u 9000 vmailman</command></userinput></screen>
+<para>Now to setup the Maildir for these virtual users.</para>
+<screen><userinput><command>cd /home/vmailman &amp;&amp;
+mkdir <replaceable>[virtual_user]</replaceable> &amp;&amp;
+cd <replaceable>[virtual_user]</replaceable> &amp;&amp;
+maildirmake Maildir &amp;&amp;
+chown vmailman.vmailman Maildir -R</command></userinput></screen>
+<para>Connect to the <application>My<acronym>SQL</acronym></application>
+database.</para>
+<screen><userinput><command>mysql -u courier -p</command></userinput></screen>
+<para>To add the virtual user you need to enter at
+least one version of the password either clear text or encrypted.</para>
+<screen><userinput><command>USE courier_mail
+INSERT INTO users VALUES (
+'<replaceable>[virtual_users]</replaceable>@<replaceable>[domain.com]</replaceable>,
+'<replaceable>[encrypted password or blank]</replaceable>',
+'<replaceable>[clear text password or blank]</replaceable>',
+'<replaceable>[User's Name]</replaceable>',
+,
+,
+'<replaceable>[location of Maildir]</replaceable>',
+'<replaceable>[Quota in Bytes']</replaceable>
+);
+QUIT</command></userinput></screen>
+<para>For example:</para>
+<screen><userinput><command>INSERT INTO users VALUES (
+'blfsuser@linuxfromscratch.org',
+'',
+'password',
+'BLFS User',
+,
+,
+'/home/vmailman/blfsuser',
+''
+);</command></userinput></screen>
+<para><emphasis>Setup for Web-based Email</emphasis></para>
+<para>This section will explain how to setup Courier Web-based email
+system.</para>
+<para>You will need to copy the <filename>webmail</filename> file from
+<filename>/usr/lib/courier/courier/webmail</filename> to your <filename>cgi-bin
+</filename> directory of your <application>Apache</application>
+server.</para>
+<screen><userinput><command>cp -a /usr/lib/courier/courier/webmail/webmail /var/www/cgi-bin</command></userinput></screen>
+<para>You will then need to copy the images to a directory under your
+<filename>htdocs</filename> directory of your
+<application>Apache</application> server. The directory needs to be named
+<filename>webmail</filename> or you need to specify it during the configure
+phase with <parameter>--enable-imageurl=<replaceable>[URL]</replaceable></parameter>.</para>
+<screen><userinput><command>cp -a /usr/share/courier/sqwebmail/images /var/www/htdocs/webmail</command></userinput></screen>
+<para><emphasis>Setup for Web-based Email</emphasis></para>
+<para>This section will explain how to setup Courier Web-based administration
+system.</para>
+<para>You will need to copy the <filename>webadmin</filename> file from
+<filename class="directory">/usr/lib/courier/courier/webmail</filename>
+to your <filename class="directory">cgi-bin</filename> directory of your
+<application>Apache</application> server.</para>
+<screen><userinput><command>cp -a /usr/lib/courier/courier/webmail/webadmin /var/www/cgi-bin</command></userinput></screen>
+<para><filename>/etc/courier/webadmin/password</filename></para>
+<screen><userinput><command>cat &gt; /etc/courier/webadmin/password &lt;&lt; "EOF"</command>
+<replaceable>[password]</replaceable>
+<command>EOF</command></userinput></screen>
+<para>If you are not using <acronym>SSL</acronym> on your <application>Apache
+</application> server, you will need to add
+<filename>/etc/courier/webadmin/unsecureok</filename>, so you will be able
+to use your web based administration tool.</para>
+<screen><userinput><command>touch /etc/courier/webadmin/unsecureok</command></userinput></screen>
+</sect3>
+<sect3><title>Courier init.d script</title>
+<para>The startup script from the <application>Courier</application> package is
+the easiest to use. It will automatically create missing data files, and
+<acronym>SSL</acronym> certificates if they are missing. To install the
+init.d file for <application>Courier</application>, you will need to use the
+following commands:</para>
+<screen><userinput><command>cp /usr/src/courier-&courier-version;/courier.sysvinit /etc/rc.d/init.d/courier &amp;&amp;
+chmod 754 /etc/rc.d/init.d/courier</command></userinput></screen>
+<para>Create the symbolic links to this file in the relevant
+<filename>rc.d</filename> directory with the following commands:</para>
+<screen><userinput><command>cd /etc/rc.d/init.d &amp;&amp;
+ln -sf ../init.d/courier ../rc0.d/K25courier &amp;&amp;
+ln -sf ../init.d/courier ../rc1.d/K25courier &amp;&amp;
+ln -sf ../init.d/courier ../rc2.d/K25courier &amp;&amp;
+ln -sf ../init.d/courier ../rc3.d/S35courier &amp;&amp;
+ln -sf ../init.d/courier ../rc4.d/S35courier &amp;&amp;
+ln -sf ../init.d/courier ../rc5.d/S35courier &amp;&amp;
+ln -sf ../init.d/courier ../rc6.d/K25courier</command></userinput></screen>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Courier</application> package contains
+<command>addcr</command>,
+<command>authenumerate</command>,
+<command>cancelmsg</command>,
+<command>courier</command>,
+<command>courier-config</command>,
+<command>courieresmtpd</command>,
+<command>courierfilter</command>,
+<command>courierldapaliasd</command>,
+<command>courierlogger</command>,
+<command>couriermlm</command>,
+<command>couriertcpd</command>,
+<command>couriertls</command>,
+<command>deliverquota</command>,
+<command>dotforward</command>,
+<command>esmtpd</command>,
+<command>esmtpd-msa</command>,
+<command>esmtpd-ssl</command>,
+<command>filterctl</command>,
+<command>imapd</command>,
+<command>imapd</command>,
+<command>imapd-ssl</command>,
+<command>lockmail</command>,
+<command>mailbot</command>,
+<command>maildiracl</command>,
+<command>maildirkw</command>,
+<command>maildirmake</command>,
+<command>maildrop</command>,
+<command>makeacceptmailfor</command>,
+<command>makealiases</command>,
+<command>makedat</command>,
+<command>makehosteddomains</command>,
+<command>makemime</command>,
+<command>makepercentrelay</command>,
+<command>makesmtpaccess</command>,
+<command>makesmtpaccess-msa</command>,
+<command>makeuserdb</command>,
+<command>makeuucpneighbors</command>,
+<command>mimegpg</command>,
+<command>mkesmtpdcert</command>,
+<command>mkimapdcert</command>,
+<command>mkpop3dcert</command>,
+<command>pop3d</command>,
+<command>pop3d-ssl</command>,
+<command>preline</command>,
+<command>pw2userdb</command>,
+<command>reformail</command>,
+<command>reformime</command>,
+<command>rmail</command>,
+<command>sendmail</command>,
+<command>sharedindexinstall</command>,
+<command>sharedindexsplit</command>,
+<command>showconfig</command>,
+<command>showmodules</command>,
+<command>testmxlookup</command>,
+<command>userdb</command>,
+<command>userdbpw</command>,
+<command>vchkpw2userdb</command> and
+<command>webgpg</command>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>cancelmsg</title>
+<para><command>cancelmsg</command> removes a message from the mail queue.</para></sect3>
+<sect3><title>courier</title>
+<para><command>courier</command> is a modular multi-protocol E-mail
+transport agent. The <command>courier</command> command is an
+administrative command, and most of its options are only available to
+the superuser.</para></sect3>
+<sect3><title>courierfilter</title>
+<para><command>courierfilter</command> command installs or uninstalls
+global mail filters. Global mail filters are used to selectively block
+unwanted mail.</para></sect3>
+<sect3><title>couriermlm</title>
+<para><command>couriermlm</command> is the Courier mailing list manager.</para></sect3>
+<sect3><title>filterctl</title>
+<para><command>filterctl</command> command installs or uninstalls global
+mail filters. Global mail filters are used to selectively block unwanted
+mail.</para></sect3>
+<sect3><title>lockmail</title>
+<para><command>lockmail</command> is a helper utility for working with mailbox files.</para></sect3>
+<sect3><title>mailbot</title>
+<para><command>mailbot</command> reads an E-mail message on standard input and creates an E-mail message
+replying to the original message's sender.</para></sect3>
+<sect3><title>maildirkw</title>
+<para><command>maildirkw</command> modifies Courier-IMAP compatible maildir message keywords.</para></sect3>
+<sect3><title>maildrop</title>
+<para><command>maildrop</command> is a replacement local mail delivery agent that includes a mail filtering
+language.</para></sect3>
+<sect3><title>makeacceptmailfor</title>
+<para><command>makeacceptmailfor</command> Build a list of domains to accept mail for from the
+<filename>/etc/courier/esmtpacceptmailfor.dir</filename> directory.</para></sect3>
+<sect3><title>makealiases</title>
+<para><command>makealiases</command> Build a list of aliases from the <filename>/etc/courier/aliases</filename>
+or <filename>/etc/courier/aliasdir</filename> directories.</para></sect3>
+<sect3><title>makehosteddomains</title>
+<para><command>makehostedomains</command> Build a database of hosted domains from <filename>hosteddomains</filename>.</para></sect3>
+<sect3><title>makepercentrelay</title>
+<para><command>makepercentrelay</command> Build a list of %-relayed
+domains from the <filename>percentrelay.dir</filename>
+directory.</para></sect3>
+<sect3><title>makesmtpaccess</title>
+<para><command>makesmtpaccess</command> Build ESMTP server access file
+from the <filename>/etc/courier/smtpaccess</filename>
+directory.</para></sect3>
+<sect3><title>makesmtpaccess-msa</title>
+<para><command>makesmtpaccess-msa</command> Build ESMTP server access
+file from the <filename>/etc/courier/smtpaccess</filename>
+directory. This esmtp list is for the MSA protocol.</para></sect3>
+<sect3><title>makeuucpneighbors</title>
+<para><command>makeuucpneighbors</command> Builds a list of
+<acronym>UUCP</acronym> recipients using <filename>/etc/courier/uucpneighbors</filename>.</para></sect3>
+<sect3><title>reformail</title>
+<para><command>reformail</command> program reads a message on standard input, reformats it in some way,
+ and writes the message to standard output.</para></sect3>
+<sect3><title>reformime</title>
+<para><command>reformime</command> is a utility for reformatting MIME messages.</para></sect3>
+<sect3><title>sendmail</title>
+<para><command>sendmail</command> command reads an E-mail message and delivers the message to its recipients.
+This sendmail command is part of the Courier mail server, although it attempts to emulate the behavior of the
+original sendmail MTA.</para></sect3>
+<sect3><title>showconfig</title>
+<para><command>showconfig</command> Shows the current Courier configuration.</para></sect3>
+<sect3><title>showmodules</title>
+<para><command>showmodules</command> Shows the current Courier modules.</para></sect3>
+<sect3><title>testmxlookup</title>
+<para><command>testmxlookup</command> lists the names and IP addresses of mail relays that receive mail for the
+domain.  This is useful in diagnosing mail delivery problems.</para></sect3>
+</sect2>
 </sect1>

server/mail/exim.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY exim-download-http "http://gd.tuwien.ac.at/infosys/mail/exim/exim4/exim-&exim-version;.tar.bz2">
+<!ENTITY exim-download-ftp "ftp://ftp.exim.org/pub/exim/exim4/exim-&exim-version;.tar.bz2">
+<!ENTITY exim-size "1.2 MB">
+<!ENTITY exim-buildsize "11 MB">
+<!ENTITY exim-time "0.27 SBU">
+]>
 <sect1 id="exim" xreflabel="Exim-&exim-version;">
 <?dbhtml filename="exim.html"?>
 <title>Exim-&exim-version;</title>
+&exim-intro;
+&exim-inst;
+&exim-exp;
+&exim-config;
+&exim-desc;
+<sect2>
+<title>Introduction to <application>Exim</application></title>
+<para>The <application>Exim</application> package contains a Mail Transport Agent written by the
+University of Cambridge, released under the <acronym>GNU</acronym> Public License.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&exim-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&exim-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &exim-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &exim-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &exim-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Exim</application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="db"/>
+</para></sect4>
+<sect4><title>Optional</title>
+<para>
+X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>),
+<xref linkend="openldap"/>,
+<xref linkend="mysql"/>,
+<xref linkend="tcpwrappers"/> and
+<xref linkend="Linux_PAM"/>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Exim</application></title>
+<para>Before building <application>Exim</application>, we need to
+create the group and user exim which will run the exim daemon:</para>
+<screen><userinput><command>groupadd exim &amp;&amp;
+useradd -d /dev/null -g exim -s /bin/false exim</command></userinput></screen>
+<para>Install <application>Exim</application> with the following commands:</para>
+<screen><userinput><command>sed -e 's/^BIN_DIR.*$/BIN_DIRECTORY=\/usr\/sbin/' src/EDITME | \
+  sed -e 's/^CONF.*$/CONFIGURE_FILE=\/etc\/exim.conf/' | \
+  sed -e 's/^EXIM_USER.*$/EXIM_USER=exim/' | \
+  sed -e 's/^EXIM_MONITOR/#EXIM_MONITOR/' > Local/Makefile &amp;&amp;
+make &amp;&amp;
+make install &amp;&amp;
+cp doc/exim.8 /usr/share/man/man8 &amp;&amp;
+ln -s exim-4.24-1 /usr/sbin/exim &amp;&amp;
+ln -s exim /usr/sbin/sendmail</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><command>sed -e ... > Local/Makefile</command>: Many of
+<application>Exim</application>'s
+configuration options are compiled in. Here, we specify the minimum set
+of options, <parameter>BIN_DIRECTORY</parameter>,
+<parameter>CONFIGURE_FILE</parameter> and
+<parameter>EXIM_USER</parameter>. We also defer
+building the <application>Exim</application> monitor program, which
+requires the <application>X</application> Window System
+support, by commenting out the <parameter>EXIM_MONITOR</parameter> line
+in the <filename>Makefile</filename>.</para>
+<para><command>ln -s exim /usr/sbin/sendmail</command>:
+Create a link to <command>sendmail</command> for applications which need
+it. <application>Exim</application> will
+accept most <application>Sendmail</application> command-line options.</para>
+</sect2>
+<sect2>
+<title>Configuring Exim</title>
+<sect3><title>Config files</title>
+<para><filename>/etc/exim.conf</filename>, <filename>/etc/aliases</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>Create the Exim configuration files with the following commands:</para>
+<screen><userinput><command>cat &gt;&gt; /etc/aliases &lt;&lt; "EOF"</command>
+postmaster: root
+MAILER-DAEMON: root
+<command>EOF
+exim -v -bi &amp;&amp;
+/usr/sbin/exim -bd -q1m</command></userinput></screen>
+<note><para>To protect an existing <filename>/etc/aliases</filename>
+file, we will append these aliases to it if it exists. This file
+should be checked and duplicate aliases removed, if
+present.</para></note>
+<para>To automate the running of exim at startup,
+install the <filename>/etc/rc.d/init.d/exim</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-exim</command></userinput></screen>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Exim</application> package contains
+<command>exim</command>,
+<command>exim_dumpdb</command>,
+<command>exim_fixdb</command>,
+<command>exim_tidydb</command>,
+<command>exinext</command>,
+<command>exiwhat</command>,
+<command>exim_dbmbuild</command>,
+<command>exicyclog</command>,
+<command>exigrep</command>,
+<command>eximstats</command>,
+<command>exiqsumm</command>,
+<command>exiqgrep</command>,
+<command>exim_lock</command> and
+<command>exim_checkaccess</command>.
+</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>exim</title>
+<para><command>exim</command> is the Mail Transport Agent daemon.</para></sect3>
+<sect3><title>exim_dumpdb</title>
+<para><command>exim_dumpdb</command> writes the contents of exim databases to the
+standard output.</para></sect3>
+<sect3><title>exim_fixdb</title>
+<para><command>exim_fixdb</command> modifies data in exim databases.</para></sect3>
+<sect3><title>exim_tidydb</title>
+<para><command>exim_tidydb</command> removes old records from exim databases.</para></sect3>
+<sect3><title>exinext</title>
+<para><command>exinext</command> queries remote host retry times.</para></sect3>
+<sect3><title>exiwhat</title>
+<para><command>exiwhat</command> queries running exim processes.</para></sect3>
+<sect3><title>exim_dbmbuild</title>
+<para><command>exim_dbmbuild</command> creates and rebuilds exim
+databases.</para></sect3>
+<sect3><title>exicyclog</title>
+<para><command>exicyclog</command> cycles exim log files.</para></sect3>
+<sect3><title>exigrep</title>
+<para><command>exigrep</command> searches exim log files.</para></sect3>
+<sect3><title>eximstats</title>
+<para><command>eximstats</command> generates mail statistics from exim log
+files.</para></sect3>
+<sect3><title>exiqsumm</title>
+<para><command>exiqsumm</command> produces a summary of the messages on the mail
+queue.</para></sect3>
+<sect3><title>exiqgrep</title>
+<para><command>exiqgrep</command> is an utility for selective queue
+listing.</para></sect3>
+<sect3><title>exim_lock</title>
+<para><command>exim_lock</command> locks a mailbox file.</para></sect3>
+<sect3><title>exim_checkaccess</title>
+<para><command>exim_checkaccess</command> states whether a given recipient address from a
+given host is acceptable or not.</para></sect3>
+</sect2>
 </sect1>

server/mail/mail.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+  "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+ <!ENTITY % general-entities SYSTEM "../../general.ent">
+ %general-entities;
+]>
 <chapter id="server-mail">
 <?dbhtml filename="mail.html"?>
 …
 server (Courier-<acronym>IMAP</acronym>).</para>
+&postfix;
+&sendmail;
+&exim;
+&qpopper;
+&courier;
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="postfix.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="sendmail.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="exim.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="qpopper.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="courier.xml"/>
 </chapter>

server/mail/postfix.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY postfix-download-http "http://ftp.uni-koeln.de/mail/postfix-&postfix-version;.tar.gz">
+<!ENTITY postfix-download-ftp "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-&postfix-version;.tar.gz">
+<!ENTITY postfix-size "1.9 MB">
+<!ENTITY postfix-buildsize "82 MB">
+<!ENTITY postfix-time "0.29 SBU">
+]>
 <sect1 id="postfix" xreflabel="Postfix-&postfix-version;">
 <?dbhtml filename="postfix.html"?>
 <title>Postfix-&postfix-version;</title>
+&postfix-intro;
+&postfix-inst;
+&postfix-exp;
+&postfix-config;
+&postfix-desc;
+<sect2>
+<title>Introduction to Postfix</title>
+<para>The <application>Postfix</application> package contains a Mail
+Transport Agent (<acronym>MTA</acronym>). This is useful for sending email
+to other users of your host machine.  It can also be configured to be a
+central mail server for your domain, a mail relay agent or simply a mail
+delivery agent to your local Internet Service Provider
+(<acronym>ISP</acronym>).</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink
+url="&postfix-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink
+url="&postfix-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &postfix-size;</para></listitem>
+<listitem><para>Estimated Disk space required:
+&postfix-buildsize;</para></listitem>
+<listitem><para>Estimated build time:
+&postfix-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Postfix</application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="db"/></para></sect4>
+<sect4><title>Optional</title>
+<para><ulink url="http://asg.web.cmu.edu/sasl/">Cyrus SASL</ulink></para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Postfix</application></title>
+<para>Before you compile the program, you need to create users and groups that
+will be expected to be in place when the install script executes.  Add the
+users and groups with the following commands:</para>
+<screen><userinput><command>groupadd postfix &amp;&amp;
+groupadd postdrop &amp;&amp;
+groupadd -g 65534 nogroup &amp;&amp;
+useradd -c postfix -d /dev/null -g postfix -s /bin/false postfix &amp;&amp;
+useradd -c nobody -d /home -g nogroup -s /bin/bash -u 65534 nobody &amp;&amp;
+chown postfix:postfix /var/mail</command></userinput></screen>
+<para>Install <application>postfix</application> by running the following commands:</para>
+<screen><userinput><command>make &amp;&amp;
+sh postfix-install daemon_directory=/usr/sbin \
+                   manpage_directory=/usr/share/man \
+                   sample_directory=/usr/share/doc/postfix \
+                   -non-interactive</command></userinput></screen>
+<para>The final installation step is to install the program's documentation with this command:</para>
+<screen><userinput><command>install -d /usr/share/doc/postfix &amp;&amp;
+cp -rf html/* /usr/share/doc/postfix</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><command>sh postfix-install ... -non-interactive</command> :
+We don't want the install script to ask any questions so we call it with
+a non-interactive switch and accept default destination directories in
+all but three cases.</para>
+</sect2>
+<sect2>
+<title>Configuring <application>Postfix</application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/aliases</filename>,
+<filename>/etc/postfix/main.cf</filename> and
+<filename>/etc/postfix/master.cf</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<screen><userinput><command>cat &gt;&gt; /etc/aliases &lt;&lt; "EOF"</command>
+# Begin /etc/aliases
+MAILER-DAEMON:    postmaster
+postmaster:       root
+root:             LOGIN
+# End /etc/aliases
+<command>EOF</command></userinput></screen>
+<note><para>To protect an existing <filename>/etc/aliases</filename>
+file, we will append these aliases to it if it exists. This file
+should be checked and duplicate aliases removed, if
+present.</para></note>
+<para>The <filename>/etc/aliases</filename> file that was just created
+or appended, the <filename>main.cf</filename> and the
+<filename>master.cf</filename>
+must be personalized for your system. The <filename>aliases</filename> file
+needs your non-root login identity so mail addressed to root can be forwarded
+to you at the user level.  The <filename>main.cf</filename> file needs your
+fully qualified hostname.  All of these edits can be done with sed commands
+entered into the console with appropriate substitutions of your non-root
+login name for <replaceable>[user]</replaceable> and your fully qualified
+hostname for <replaceable>[localhost.localdomain]</replaceable>. You will
+find the <filename>main.cf</filename> file
+is self documenting, so load it into your editor to make the changes you need
+for your situation.</para>
+<screen><userinput><command>cp /etc/aliases /etc/aliases.bak &amp;&amp;
+cp /etc/postfix/main.cf /etc/postfix/main.cf.bak &amp;&amp;
+sed "s/LOGIN/<replaceable>[user]</replaceable>/" /etc/aliases.bak > /etc/aliases &amp;&amp;
+sed "s/#myhostname = host.domain.tld/myhostname = \
+        <replaceable>[localhost.localdomain]</replaceable>/" \
+        /etc/postfix/main.cf.bak > /etc/postfix/main.cf &amp;&amp;
+/usr/bin/newaliases &amp;&amp;
+/usr/sbin/postfix start</command></userinput></screen></sect3>
+<sect3><title>Postfix init.d script</title>
+<para>To automate the running of Postfix at startup, install the  <filename>/etc/rc.d/init.d/postfix</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-postfix</command></userinput></screen>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Postfix</application> package contains <filename>bounce
+</filename>, <filename>cleanup</filename>, <filename>error</filename>,
+<filename>flush</filename>, <filename>lmtp</filename>,
+<filename>local</filename>, <filename class="symlink">mailq</filename>,
+<filename>master</filename>, <filename class="symlink">newaliases</filename>,
+<filename>nqmgr</filename>, <filename>pickup</filename>,
+<filename>pipe</filename>, <command>postalias</command>,
+<command>postcat</command>, <command>postconf</command>,
+<command>postdrop</command>, <command>postfix</command>,
+<command>postkick</command>, <command>postlock</command>,
+<command>postlog</command>, <command>postmap</command>,
+<command>postqueue</command>, <command>postsuper</command>,
+<filename>qmgr</filename>, <filename>qmqpd</filename>,
+<command>sendmail</command>, <command>showq</command>,
+<filename>smtp</filename>, <filename>smtpd</filename>,
+<filename>spawn</filename>, <filename>trivial-rewrite</filename>,
+and <filename>virtual</filename>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>postfix</title>
+<para><command>postfix</command> is the program that starts and stops the mail delivery system.</para></sect3>
+<sect3><title>master</title>
+<para><filename>master</filename> is the resident process that runs
+<filename>bounce</filename>, <filename>cleanup</filename>,
+<filename>error</filename>, <filename>flush</filename>,
+<filename>lmtp</filename>, <filename>local</filename>,
+<filename>nqmgr</filename>, <filename>pickup</filename>,
+<filename>pipe</filename>, <filename>qmgr</filename>,
+<filename>qmqpd</filename>, <filename>showq</filename>,
+<filename>smtp</filename>, <filename>smtpd</filename>,
+<filename>spawn</filename>, <filename>trivial-rewrite</filename> and
+<filename>virtual</filename> on demand. These programs are not designed to
+work as user commands.</para></sect3>
+<sect3><title>postqueue</title>
+<para><command>postqueue</command> implements the
+<application>Postfix</application> user interface for
+queue management.  It implements all the operations that are traditionally
+available via the <command>sendmail</command> command.</para></sect3>
+<sect3><title>sendmail</title>
+<para><command>sendmail</command> implements the
+<application>Postfix</application> to
+<application>Sendmail</application> compatibility interface.
+<filename class="symlink">mailq</filename> and <filename
+class="symlink">newaliases</filename> are symlinks to
+<command>sendmail</command>.</para></sect3>
+<sect3><title>showq</title>
+<para><command>showq</command> will emulate the <filename
+class="symlink">mailq</filename> command when the
+<application>Postfix</application> mail system is
+not running.</para></sect3>
+<sect3><title>postsuper</title>
+<para><command>postsuper</command> does maintenance jobs on the
+<application>Postfix</application> queue.</para></sect3>
+<sect3><title>postalias</title>
+<para><command>postalias</command> creates, queries or updates
+<application>Postfix</application> alias
+databases.</para></sect3>
+<sect3><title>postcat</title>
+<para><command>postcat</command> prints the contents of a
+<application>Postfix</application> queue file in human-readable
+form.</para></sect3>
+<sect3><title>postconf</title>
+<para><command>postconf</command> prints or changes the value of configuration
+parameters.</para></sect3>
+<sect3><title>postdrop</title>
+<para><command>postdrop</command> creates a file in the maildrop directory and
+copies its standard input to the file.</para></sect3>
+<sect3><title>postkick</title>
+<para><command>postkick</command> makes the mail system private
+<acronym>IPC</acronym> accessible for use in shell
+scripts.</para></sect3>
+<sect3><title>postlock</title>
+<para><command>postlock</command> locks a file for exclusive access and
+executes a command on that file.</para></sect3>
+<sect3><title>postlog</title>
+<para><command>postlog</command> implements a logging interface for use in
+shell scripts.</para></sect3>
+<sect3><title>postmap</title>
+<para><command>postmap</command> creates, queries or updates
+<application>Postfix</application> lookup tables.</para></sect3>
+</sect2>
 </sect1>

server/mail/qpopper.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY qpopper-download-http "http://ftp.uni-koeln.de/mail/qpopper&qpopper-version;.tar.gz">
+<!ENTITY qpopper-download-ftp "ftp://ftp.qualcomm.com/eudora/servers/unix/popper/qpopper&qpopper-version;.tar.gz">
+<!ENTITY qpopper-size "2.2 MB">
+<!ENTITY qpopper-buildsize "9.0 MB">
+<!ENTITY qpopper-time "0.13 SBU">
+]>
 <sect1 id="qpopper" xreflabel="Qpopper-&qpopper-version;">
 <?dbhtml filename="qpopper.html"?>
 <title>Qpopper-&qpopper-version;</title>
+&qpopper-intro;
+&qpopper-inst;
+&qpopper-config;
+&qpopper-desc;
+<sect2>
+<title>Introduction to <application>Qpopper</application></title>
+<para>The <application>Qpopper</application> package contains a
+<acronym>POP</acronym>3
+mail server.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&qpopper-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&qpopper-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &qpopper-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &qpopper-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &qpopper-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Qpopper</application> dependencies</title>
+<sect4><title>Required</title>
+<para>
+<ulink url="../server/mail.html">MTA</ulink>
+</para></sect4>
+<sect4><title>Optional</title>
+<para>
+<xref linkend="openssl"/>,
+<xref linkend="gdbm"/>,
+<xref linkend="Linux_PAM"/> and
+<xref linkend="mitkrb"/>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Qpopper</application></title>
+<para>Install <application>Qpopper</application> with the following commands:</para>
+<screen><userinput><command>./configure --prefix=/usr &amp;&amp;
+make &amp;&amp;
+make install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Configuring <application>Qpopper</application></title>
+<sect3><title>Configuration Information</title>
+<para>If you use <command>inetd</command>, the following command will add the qpopper
+entry to <filename>/etc/inetd.conf</filename>:</para>
+<screen><userinput><command>echo "pop3 stream tcp nowait root /usr/sbin/popper popper" &gt;&gt; \
+    /etc/inetd.conf &amp;&amp;
+killall inetd || inetd &amp;&amp;
+echo "local0.notice;local0.debug /var/log/POP.log" &gt;&gt; \
+    /etc/syslog.conf &amp;&amp;
+killall -HUP syslogd</command></userinput></screen>
+<para>Issue a <command>killall -HUP inetd</command> to reread the changed
+<filename>inetd.conf</filename> file.</para>
+<para>If you use <command>xinetd</command>, the following command will add the qpopper
+entry to <filename>/etc/xinetd.conf</filename>:</para>
+<screen><userinput><command>cat &gt;&gt; /etc/xinetd.conf &lt;&lt; "EOF"</command>
+service pop3
+{
+    port            = 110
+    socket_type     = stream
+    protocol        = tcp
+    wait            = no
+    user            = root
+    server          = /usr/sbin/popper
+}
+<command>EOF</command></userinput></screen>
+<para>Issue a <command>killall -HUP xinetd</command> to reread the changed
+<filename>xinetd.conf</filename> file.</para>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Qpopper</application> package contains
+<command>popper</command>.
+</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>popper</title>
+<para><command>popper</command> is the <acronym>POP</acronym>3 server daemon.</para></sect3>
+</sect2>
 </sect1>

server/mail/sendmail.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY sendmail-download-ftp "ftp://ftp.sendmail.org/pub/sendmail/sendmail.&sendmail-version;.tar.gz">
+<!ENTITY sendmail-download-http "http://www.sendmail.org/ftp/sendmail.&sendmail-version;.tar.gz">
+<!ENTITY sendmail-size "1.8 MB">
+<!ENTITY sendmail-buildsize "13 MB">
+<!ENTITY sendmail-time "0.43 SBU">
+]>
 <sect1 id="sendmail" xreflabel="Sendmail-&sendmail-version;">
 <?dbhtml filename="sendmail.html"?>
 <title>Sendmail-&sendmail-version;</title>
+&sendmail-intro;
+&sendmail-inst;
+&sendmail-config;
+&sendmail-desc;
+<sect2>
+<title>Introduction to <application>Sendmail</application></title>
+<para>The <application>Sendmail</application> package contains a Mail Transport Agent
+(<acronym>MTA</acronym>).</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&sendmail-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&sendmail-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &sendmail-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &sendmail-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &sendmail-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Sendmail</application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="db"/> and <xref linkend="procmail"/>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Sendmail</application></title>
+<para>Before building <application>Sendmail</application>, we need to create users, groups and
+directories that sendmail uses with the following commands:</para>
+<screen><userinput><command>groupadd smmsp &amp;&amp;
+groupadd mail &amp;&amp;
+useradd -g smmsp -G mail smmsp &amp;&amp;
+chmod 1777 /tmp &amp;&amp;
+chmod 1777 /var/mail &amp;&amp;
+mkdir /var/spool/mqueue</command></userinput></screen>
+<para>Install <application>Sendmail</application> with the following commands:</para>
+<screen><userinput><command>cat &gt; devtools/Site/site.config.m4 &lt;&lt; "EOF"
+define(`confMANGRP',`root')
+define(`confMANOWN',`root')
+define(`confSBINGRP',`root')
+define(`confUBINGRP',`root')
+define(`confUBINOWN',`root')
+EOF
+cd sendmail &amp;&amp;
+sh Build &amp;&amp;
+cd ../cf/cf &amp;&amp;
+cp generic-linux.mc sendmail.mc &amp;&amp;
+mkdir /etc/mail &amp;&amp;
+sh Build sendmail.mc &amp;&amp;
+sh Build install-cf &amp;&amp;
+cd ../../ &amp;&amp;
+sh Build install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Configuring <application>Sendmail</application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/mail/*</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<screen><userinput><command>echo `hostname` > /etc/mail/local-host-names
+cat &gt; /etc/mail/aliases &lt;&lt; "EOF"
+postmaster: root
+MAILER-DAEMON: root
+EOF
+cp -R cf/* /etc/mail &amp;&amp;
+cp cf/cf/{submit,sendmail}.mc /etc/mail &amp;&amp;
+newaliases -v</command></userinput></screen>
+<para>To automate the running of Sendmail at startup, install the <filename>/etc/rc.d/init.d/sendmail</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-sendmail</command></userinput></screen>
+<note><para>The -qNm option to <command>sendmail</command>, where N is number of minutes, controls
+how often Sendmail will process the mail queue. A default of 5
+minutes is used in the init script. Individual workstation users may want to set
+this as low as 1 minute, large installations handling more mail may
+want to set it higher.</para></note>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Sendmail</application> package contains
+<command>mail.local</command>,
+<command>rmail</command>,
+<command>smrsh</command>,
+<command>editmap</command>,
+<command>makemap</command>,
+<command>mailq</command>,
+<command>newaliases</command>,
+<command>sendmail</command>,
+<command>vacation</command>,
+<command>praliases</command> and
+<command>mailstats</command>.
+</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>mail.local</title>
+<para><command>mail.local</command> appends its standard input to a user's mail
+file.</para></sect3>
+<sect3><title>rmail</title>
+<para><command>rmail</command> interprets incoming mail received via
+<acronym>UUCP</acronym>.</para></sect3>
+<sect3><title>smrsh</title>
+<para><command>smrsh</command> is a restricted shell for Sendmail.</para></sect3>
+<sect3><title>editmap</title>
+<para><command>editmap</command> queries and edits Sendmail map files.</para></sect3>
+<sect3><title>makemap</title>
+<para><command>makemap</command> creates Sendmail map files.</para></sect3>
+<sect3><title>mailq</title>
+<para><command>mailq</command> prints a summary of waiting mail messages.</para></sect3>
+<sect3><title>newaliases</title>
+<para><command>newaliases</command> rebuilds <filename>/etc/mail/aliases.db</filename>.
+</para></sect3>
+<sect3><title>sendmail</title>
+<para><command>sendmail</command> is the Sendmail mail transport agent.</para></sect3>
+<sect3><title>vacation</title>
+<para><command>vacation</command> is an email auto responder.</para></sect3>
+<sect3><title>praliases</title>
+<para><command>praliases</command> displays current Sendmail aliases.</para></sect3>
+<sect3><title>mailstats</title>
+<para><command>mailstats</command> displays Sendmail statistics.</para></sect3>
+</sect2>
 </sect1>

server/other/bind.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY bind-download-http "http://gd.tuwien.ac.at/infosys/servers/isc/bind9/&bind-version;/bind-&bind-version;.tar.gz">
+<!ENTITY bind-download-ftp "ftp://ftp.isc.org/isc/bind9/&bind-version;/bind-&bind-version;.tar.gz">
+<!ENTITY bind-size "4.4 MB">
+<!ENTITY bind-buildsize "88 MB">
+<!ENTITY bind-time "0.89 SBU">
+]>
 <sect1 id="bind" xreflabel="BIND-&bind-version;">
 <?dbhtml filename="bind.html"?>
 <title><acronym>BIND</acronym>-&bind-version;</title>
+&bind-intro;
+&bind-inst;
+&bind-config;
+&bind-desc;
+<sect2>
+<title>Introduction to <application><acronym>BIND</acronym></application></title>
+<para>The <application><acronym>BIND</acronym></application> package
+provides a <acronym>DNS</acronym> server and client utilities. If you
+are only interested in the utilities, refer to the <xref linkend="bind-utils"/>.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&bind-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&bind-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &bind-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &bind-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &bind-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application><acronym>BIND</acronym></application> dependencies</title>
+<sect4><title>Optional</title>
+<para><xref linkend="openssl"/> and <xref linkend="openjade"/>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application><acronym>BIND</acronym></application></title>
+<para>Install <application><acronym>BIND</acronym></application> by
+running the following commands:</para>
+<screen><userinput><command>./configure --prefix=/usr --sysconfdir=/etc &amp;&amp;
+make &amp;&amp;
+make install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Configuring
+<application><acronym>BIND</acronym></application></title>
+<sect3><title>Config files</title>
+<para><filename>named.conf</filename>, <filename>root.hints</filename>,
+<filename>127.0.0</filename>, <filename>rndc.conf</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>We will configure
+<application><acronym>BIND</acronym></application> to run in a chroot
+jail as an unprivileged user (named). This configuration is more secure
+in that a <acronym>DNS</acronym> compromise can only affect a few files
+in the named user's <envar>HOME</envar> directory.</para>
+<para>First we create the unprivileged user and group named:</para>
+<screen><userinput><command>groupadd named &amp;&amp;
+useradd -m -g named -s /bin/false named</command></userinput></screen>
+<para>Then we set up some files, directories and devices needed by
+<application><acronym>BIND</acronym></application>:</para>
+<screen><userinput><command>cd /home/named &amp;&amp;
+mkdir -p dev etc/namedb/slave var/run &amp;&amp;
+mknod /home/named/dev/null c 1 3 &amp;&amp;
+mknod /home/named/dev/random c 1 8 &amp;&amp;
+chmod 666 /home/named/dev/{null,random} &amp;&amp;
+mkdir /home/named/etc/namedb/pz &amp;&amp;
+cp /etc/localtime /home/named/etc</command></userinput></screen>
+<para>Create the <filename>named.conf</filename> file from which named
+will read the location of zone files, root name servers and secure
+<acronym>DNS</acronym> keys:</para>
+<screen><userinput><command>cat &gt; /home/named/etc/named.conf &lt;&lt; "EOF"</command>
+ options {
+     directory "/etc/namedb";
+    pid-file "/var/run/named.pid";
+    statistics-file "/var/run/named.stats";
+ };
+ controls {
+     inet 127.0.0.1 allow { localhost; } keys { rndc_key; };
+ };
+ key "rndc_key" {
+     algorithm hmac-md5;
+     secret "<replaceable>[c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K]</replaceable>";
+ };
+ zone "." {
+     type hint;
+     file "root.hints";
+ };
+ zone "0.0.127.in-addr.arpa" {
+     type master;
+     file "pz/127.0.0";
+ };
+<command>EOF</command></userinput></screen>
+<para>Create a zone file with the following contents:</para>
+<screen><userinput><command>cat &gt; /home/named/etc/namedb/pz/127.0.0 &lt;&lt; "EOF"</command>
+$TTL 3D
+@      IN      SOA     ns.local.domain. hostmaster.local.domain. (
+       ; Serial
+H      ; Refresh
+H      ; Retry
+W      ; Expire
+D)     ; Minimum TTL
+                NS      ns.local.domain.
+               PTR     localhost.
+<command>EOF</command></userinput></screen>
+<para>Create the <filename>root.hints</filename> file with the following
+commands:</para>
+<note><para>Caution must be used to ensure no leading spaces in this
+file.</para></note>
+<screen><userinput><command>cat &gt; /home/named/etc/namedb/root.hints &lt;&lt; "EOF"</command>
+.                       6D  IN      NS      A.ROOT-SERVERS.NET.
+.                       6D  IN      NS      B.ROOT-SERVERS.NET.
+.                       6D  IN      NS      C.ROOT-SERVERS.NET.
+.                       6D  IN      NS      D.ROOT-SERVERS.NET.
+.                       6D  IN      NS      E.ROOT-SERVERS.NET.
+.                       6D  IN      NS      F.ROOT-SERVERS.NET.
+.                       6D  IN      NS      G.ROOT-SERVERS.NET.
+.                       6D  IN      NS      H.ROOT-SERVERS.NET.
+.                       6D  IN      NS      I.ROOT-SERVERS.NET.
+.                       6D  IN      NS      J.ROOT-SERVERS.NET.
+.                       6D  IN      NS      K.ROOT-SERVERS.NET.
+.                       6D  IN      NS      L.ROOT-SERVERS.NET.
+.                       6D  IN      NS      M.ROOT-SERVERS.NET.
+A.ROOT-SERVERS.NET.     6D  IN      A       198.41.0.4
+B.ROOT-SERVERS.NET.     6D  IN      A       128.9.0.107
+C.ROOT-SERVERS.NET.     6D  IN      A       192.33.4.12
+D.ROOT-SERVERS.NET.     6D  IN      A       128.8.10.90
+E.ROOT-SERVERS.NET.     6D  IN      A       192.203.230.10
+F.ROOT-SERVERS.NET.     6D  IN      A       192.5.5.241
+G.ROOT-SERVERS.NET.     6D  IN      A       192.112.36.4
+H.ROOT-SERVERS.NET.     6D  IN      A       128.63.2.53
+I.ROOT-SERVERS.NET.     6D  IN      A       192.36.148.17
+J.ROOT-SERVERS.NET.     6D  IN      A       192.58.128.30
+K.ROOT-SERVERS.NET.     6D  IN      A       193.0.14.129
+L.ROOT-SERVERS.NET.     6D  IN      A       198.32.64.12
+M.ROOT-SERVERS.NET.     6D  IN      A       202.12.27.33
+<command>EOF</command></userinput></screen>
+<para>The <filename>root.hints</filename> file is a list of root name
+servers. This file must be updated periodically with the
+<command>dig</command> utility.
+Consult the <ulink url="http://www.bind9.net/Bv9ARM.html"><application><acronym>BIND</acronym></application> 9 Administrator Reference Manual</ulink> for
+details.</para>
+<para>Create the <filename>rndc.conf</filename> with the following commands:</para>
+<screen><userinput><command>cat &gt; /etc/rndc.conf &lt;&lt; "EOF"</command>
+key rndc_key {
+algorithm "hmac-md5";
+    secret
+    "<replaceable>[c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K]</replaceable>";
+    };
+options {
+    default-server localhost;
+    default-key    rndc_key;
+};
+<command>EOF</command></userinput></screen>
+<para>The <filename>rndc.conf</filename> file contains information for
+controlling named operations with the <command>rndc</command>
+utility.</para>
+<para>Create or modify <filename>resolv.conf</filename> to use the new
+name server with the following commands:</para>
+<note><para>Replace yourdomain.com with your own valid domain
+name.</para></note>
+<screen><userinput><command>cp /etc/resolv.conf /etc/resolv.conf.bak &amp;&amp;
+cat &gt; /etc/resolv.conf &lt;&lt; "EOF"</command>
+search <replaceable>[yourdomain.com]</replaceable>
+nameserver 127.0.0.1
+<command>EOF</command></userinput></screen>
+<para>Set permissions on the chroot jail with the following
+command:</para>
+<screen><userinput><command>chown -R named.named /home/named</command></userinput></screen>
+<para>To start the DNS server at boot, install the <filename>/etc/rc.d/init.d/bind</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-bind</command></userinput></screen>
+<para>Now start <application><acronym>BIND</acronym></application> with
+the new boot script:</para>
+<screen><userinput><command>/etc/rc.d/init.d/bind start</command></userinput></screen>
+</sect3>
+<sect3><title>Testing <application><acronym>BIND</acronym></application></title>
+<para>Test out the new
+<application><acronym>BIND</acronym></application> 9 installation. First
+query the local host address with <command>dig</command>:</para>
+<screen><userinput><command>dig -x 127.0.0.1</command></userinput></screen>
+<para>Now try an external name lookup, taking note of the speed
+difference in repeated lookups due to the caching. Run the dig command
+twice on the same address:</para>
+<para><screen><userinput><command>dig beyond.linuxfromscratch.org &amp;&amp;
+dig beyond.linuxfromscratch.org</command></userinput></screen>
+You can see almost instantaneous results with the named caching lookups.
+Consult <filename>bind-&bind-version;/doc/arm/Bv9ARM.html</filename>,
+the <application><acronym>BIND</acronym></application> Administrator
+Reference Manual for further configuration options.</para>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application><acronym>BIND</acronym></application> package contains
+<command>dig</command>,
+<command>host</command>,
+<command>isc-config.sh</command>,
+<command>nslookup</command>,
+<command>rndc</command>,
+<command>rndc-confgen</command>,
+<command>named-checkconf</command>,
+<command>named-checkzone</command>,
+<command>lwresd</command>,
+<command>named</command>,
+<command>dnssec-signzone</command>,
+<command>dnssec-signkey</command>,
+<command>dnssec-keygen</command>,
+<command>dnssec-makekeyset</command> and
+<command>nsupdate</command>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>dig</title>
+<para><command>dig</command> interrogates <acronym>DNS</acronym>
+servers.</para></sect3>
+<sect3><title>host</title>
+<para><command>host</command> is a utility for <acronym>DNS</acronym>
+lookups.</para></sect3>
+<sect3><title>nslookup</title>
+<para><command>nslookup</command> is a program used to query Internet
+domain nameservers.</para></sect3>
+<sect3><title>rndc</title>
+<para><command>rndc</command> controls the operation of
+<application><acronym>BIND</acronym></application>.</para></sect3>
+<sect3><title>rndc-confgen</title>
+<para><command>rndc-confgen</command> generates
+<filename>rndc.conf</filename> files.</para></sect3>
+<sect3><title>named-checkconf</title>
+<para><command>named-checkconf</command> checks the syntax of
+<filename>named.conf</filename> files.</para></sect3>
+<sect3><title>named-checkzone</title>
+<para><command>named-checkzone</command> checks zone file
+validity.</para></sect3>
+<sect3><title>lwresd</title>
+<para><command>lwresd</command> is a caching-only name server for local
+process use.</para></sect3>
+<sect3><title>named</title>
+<para><command>named</command> is the name server daemon.</para></sect3>
+<sect3><title>dnssec-signzone</title>
+<para><command>dnssec-signzone</command> generates signed versions of
+zone files.</para></sect3>
+<sect3><title>dnssec-signkey</title>
+<para><command>dnssec-signkey</command> signs zone file key
+sets.</para></sect3>
+<sect3><title>dnssec-keygen</title>
+<para><command>dnssec-keygen</command> is a key generator for secure
+<acronym>DNS</acronym>.</para></sect3>
+<sect3><title>dnssec-makekeyset</title>
+<para><command>dnssec-makekeyset</command> generates a key set from one
+or more keys created by dnssec-keygen.</para></sect3>
+<sect3><title>nsupdate</title>
+<para><command>nsupdate</command> is used to submit
+<acronym>DNS</acronym> update requests.</para></sect3>
+</sect2>
 </sect1>

server/other/cvsserver.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+]>
 <sect1 id="cvsserver" xreflabel="cvsserver">
 <?dbhtml filename="cvsserver.html"?>
 <title>Running a CVS server</title>
+&cvsserver-intro;
+&cvsserver-inst;
+&cvsserver-exp;
+<sect2>
+<title>Running a <acronym>CVS</acronym> server</title>
+<para>This section will describe how to set up, administer and secure
+a <acronym>CVS</acronym> server.</para>
+<sect3><title><application>CVS server</application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="cvs"/> and <xref linkend="openssh"/></para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Setting up a <acronym>CVS</acronym> server.</title>
+<para>A <acronym>CVS</acronym> server will be set up using OpenSSH
+as the remote access method.  Other access methods, including :pserver: and
+:server: will not be used for write access to the <acronym>CVS</acronym>
+repository.  The :pserver: method sends clear text passwords over the network
+and the :server: method is not supported in all <acronym>CVS</acronym> ports.
+Instructions for anonymous, read only <acronym>CVS</acronym> access using
+:pserver: can be found at the end of this section.</para>
+<para>Configuration of the <acronym>CVS</acronym> server consists of four
+steps:</para>
+<sect3><title>1. Create a repository.</title>
+<para>Create a new <acronym>CVS</acronym> repository with the following
+commands:</para>
+<screen><userinput><command>mkdir /home/cvsroot &amp;&amp;
+chmod 1777 /home/cvsroot &amp;&amp;
+export CVSROOT=/home//cvsroot &amp;&amp;
+cvs init</command></userinput></screen></sect3>
+<sect3><title>2. Import source code into the repository.</title>
+<para>Import a source module into the repository with the following
+commands, issued from a user account on the same machine as the
+<acronym>CVS</acronym> repository:</para>
+<screen><userinput><command>export CVSROOT=/home/cvsroot &amp;&amp;
+cd <replaceable>[sourcedir]</replaceable> &amp;&amp;
+cvs import -m <replaceable>["repository test"] [cvstest] [vendortag] [releasetag]</replaceable></command></userinput></screen></sect3>
+<sect3><title>3. Verify local repository access.</title>
+<para>Test access to the <acronym>CVS</acronym> repository from the same user
+account with the following command:</para>
+<screen><userinput><command>cvs co cvstest</command></userinput></screen></sect3>
+<sect3><title>4. Verify remote repository access.</title>
+<para>Test access to the <acronym>CVS</acronym> repository from a remote
+machine using a user account that has <command>ssh</command> access to the
+<acronym>CVS</acronym> server with the following commands:</para>
+<note><para>Replace <replaceable>[servername]</replaceable> with the
+<acronym>IP</acronym> address or host name of the <acronym>CVS</acronym>
+repository machine.  You will be prompted for the user's shell account password
+before <acronym>CVS</acronym> checkout can continue.</para></note>
+<screen><userinput><command>export CVS_RSH=/usr/bin/ssh &amp;&amp;
+cvs -d:ext:<replaceable>[servername]</replaceable>:/cvsroot co cvstest</command></userinput></screen></sect3>
+</sect2>
+<sect2>
+<title>Configuring <acronym>CVS</acronym> for anonymous read only access.</title>
+<para><acronym>CVS</acronym> can be set up to allow anonymous read only access
+using the :pserver: method by logging on as root and executing the following
+commands:</para>
+<screen><userinput><command>(grep anonymous /etc/passwd || useradd anonymous -s /bin/false) &amp;&amp;
+echo anonymous: &gt; /home/cvsroot/CVSROOT/passwd &amp;&amp;
+echo anonymous &gt; /home/cvsroot/CVSROOT/readers</command></userinput></screen>
+<para>If you use <command>inetd</command>, the following command will add the
+pserver entry to <filename>/etc/inetd.conf</filename>:</para>
+<screen><userinput><command>echo "2401  stream  tcp  nowait  root  /usr/bin/cvs cvs -f \
+        --allow-root=/home/cvsroot pserver" &gt;&gt; /etc/inetd.conf</command></userinput></screen>
+<para>Issue a <command>killall -HUP inetd</command> to reread the changed
+<filename>inetd.conf</filename> file.</para>
+<para>If you use <command>xinetd</command>, the following command will add the
+pserver entry to <filename>/etc/xinetd.conf</filename>:</para>
+<screen><userinput><command>cat &gt;&gt; /etc/xinetd.conf &lt;&lt; "EOF"</command>
+     service cvspserver
+     {
+          port        = 2401
+          socket_type = stream
+          protocol    = tcp
+          wait        = no
+          user        = root
+          passenv     = PATH
+          server      = /usr/bin/cvs
+         server_args = -f --allow-root=/home/cvsroot pserver
+     }
+<command>EOF</command></userinput></screen>
+<para>Issue a <command>/etc/rc.d/init.d/xinetd reload</command> to reread the changed
+<filename>xinetd.conf</filename> file.</para>
+<para>Testing anonymous access to the new repository requires an account
+on another machine that can reach the <acronym>CVS</acronym> server via
+network.  No account on the <acronym>CVS</acronym> repository is needed.  To
+test anonymous access to the <acronym>CVS</acronym> repository, log in to
+another machine as an unprivileged user and execute the following command:
+</para>
+<screen><userinput><command>cvs -d:pserver:anonymous@<replaceable>[servername]</replaceable>:/home/cvsroot co cvstest</command></userinput></screen>
+<note><para>Replace <replaceable>[servername]</replaceable> with the <acronym>IP</acronym> address or
+hostname of the <acronym>CVS</acronym> server</para></note>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><command>mkdir /home/cvsroot</command>: Create the <acronym>CVS</acronym>
+repository directory.</para>
+<para><command>chmod 1777 /home/cvsroot</command>: Set sticky bit permissions for
+<envar>CVSROOT</envar>.</para>
+<para><command>export CVSROOT=/home/cvsroot</command>: Specify new <envar>CVSROOT
+</envar> for all <command>cvs</command> commands.</para>
+<para><command>cvs init</command>: Initialize the new <acronym>CVS</acronym>
+repository.</para>
+<para><command>cvs import -m "repository test" cvstest vendortag
+releasetag</command>: All source code modules must be imported
+into the <acronym>CVS</acronym> repository before use, with the
+<command>cvs import</command> command.  The <userinput>-m</userinput>
+flags specifies an initial descriptive entry for the new module.
+The "cvstest" parameter is the name used for the module in all
+subsequent <command>cvs</command> commands.  The "vendortag" and "releasetag"
+parameters are used to further identify each <acronym>CVS</acronym> module and
+are mandatory whether used or not.</para>
+<para><command>(grep anonymous /etc/passwd || useradd anonymous -s
+/bin/false)</command>: Check for an existing anonymous user and
+create one if not found.</para>
+<para><command>echo anonymous: &gt; /home/cvsroot/CVSROOT/passwd
+</command>: Add the anonymous user to the <acronym>CVS</acronym> passwd file,
+which is unused for anything else in this configuration.</para>
+<para><command>echo anonymous &gt; /home/cvsroot/CVSROOT/readers</command>: Add the
+anonymous user to the <acronym>CVS</acronym> readers file, a list of
+users who have read only access to the repository.</para>
+</sect2>
 </sect1>

server/other/dhcp.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY dhcp-download-http "http://gd.tuwien.ac.at/infosys/servers/isc/dhcp/dhcp-&dhcp-version;.tar.gz">
+<!ENTITY dhcp-download-ftp "ftp://ftp.isc.org/isc/dhcp/dhcp-&dhcp-version;.tar.gz">
+<!ENTITY dhcp-size "852 KB">
+<!ENTITY dhcp-buildsize "29.6 MB">
+<!ENTITY dhcp-time "0.23 SBU">
+]>
 <sect1 id="dhcp" xreflabel="DHCP-&dhcp-version;">
 <?dbhtml filename="dhcp.html"?>
 <title><acronym>DHCP</acronym>-&dhcp-version;</title>
+&dhcp-intro;
+&dhcp-inst;
+&dhcp-exp;
+&dhcp-config;
+&dhcp-desc;
+<sect2>
+<title>Introduction to <application><acronym>DHCP</acronym></application></title>
+<para>The <application><acronym>DHCP</acronym></application> package contains
+both the client and server programs for <acronym>DHCP</acronym>.
+<command>dhclient</command> (the client) is useful for connecting your computer
+to a network which uses <acronym>DHCP</acronym> to assign network addresses.
+<command>dhcpd</command> (the server) is useful for assigning network addresses
+on your private network.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink
+url="&dhcp-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink
+url="&dhcp-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &dhcp-size;</para></listitem>
+<listitem><para>Estimated Disk space required:
+&dhcp-buildsize;</para></listitem>
+<listitem><para>Estimated build time:
+&dhcp-time;</para></listitem></itemizedlist>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application><acronym>DHCP</acronym></application></title>
+<note><para>You must have Packet Socket support compiled in the kernel and
+Socket Filtering either compiled in or as a kernel module.</para></note>
+<para>Install <application><acronym>DHCP</acronym></application> by running the following commands:</para>
+<screen><userinput><command>./configure &amp;&amp;
+make &amp;&amp;
+make LIBDIR=/usr/lib INCDIR=/usr/include install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><parameter>LIBDIR=/usr/lib INCDIR=/usr/include</parameter>: This
+command installs the library and include files in <filename
+class="directory">/usr</filename> instead of <filename
+class="directory">/usr/local</filename>.</para>
+</sect2>
+<sect2>
+<title>Configuring <application><acronym>DHCP</acronym></application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/dhclient.conf</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>Information on configuring the <acronym>DHCP</acronym> client can be
+found in <xref linkend="connect-dhcp"/>.</para>
+<para>Note that you only need the <acronym>DHCP</acronym> server if
+you want to issue <acronym>LAN</acronym> addresses over your network.  The
+<acronym>DHCP</acronym> client doesn't need this script to be used.  Also note
+that this script is coded for the <emphasis role="strong">eth1</emphasis>
+interface, which may need to be modified for your hardware configuration.</para>
+<para>Install the <filename>/etc/rc.d/init.d/dhcp</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-dhcp</command></userinput></screen>
+<para>The lease file must exist on startup.  The following command will
+satisfy that requirement:</para>
+<screen><userinput><command>touch /var/state/dhcp/dhcpd.leases</command></userinput></screen>
+<para>The following commands will create a base configuration file for a
+<acronym>DHCP</acronym> server.  There are several options that you may want to
+add (information that is passed back to the <acronym>DHCP</acronym> client) and
+those are covered in the man pages for <filename>dhcp.conf</filename>.</para>
+<screen><userinput><command>cat &gt; /etc/dhcpd.conf &lt;&lt; "EOF"</command>
+default-lease-time 72000;
+max-lease-time 144000;
+ddns-update-style ad-hoc;
+subnet <replaceable>[192.168.5.0]</replaceable> netmask <replaceable>[255.255.255.0]</replaceable> {
+  range <replaceable>[192.168.5.10] [192.168.5.240]</replaceable>;
+  option broadcast-address <replaceable>[195.168.5.255]</replaceable>;
+  option routers <replaceable>[192.168.5.1]</replaceable>;
+}
+<command>EOF</command></userinput></screen>
+<para>All addresses should be changed to meet your circumstance.</para>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application><acronym>DHCP</acronym></application> package contains
+<command>dhclient</command>, <command>dhcpd</command> and <command>dhcrelay</command>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>dhclient</title>
+<para><command>dhclient</command> is the implementation of the
+<acronym>DHCP</acronym> client.</para></sect3>
+<sect3><title>dhcpd</title>
+<para><command>dhcpd</command> implements Dynamic Host Configuration Protocol
+(<acronym>DHCP</acronym>) and Internet Bootstrap Protocol
+(<acronym>BOOTP</acronym>) requests for network addresses.</para></sect3>
+<sect3><title>dhcrelay</title>
+<para><command>dhcrelay</command> provides a means to accept <acronym>DHCP
+</acronym> and <acronym>BOOTP</acronym> requests on a subnet without a
+<acronym>DHCP</acronym> server and relay them to a <acronym>DHCP</acronym>
+server on another subnet.</para></sect3>
+</sect2>
 </sect1>

server/other/leafnode.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY leafnode-download-http "http://prdownloads.sourceforge.net/leafnode/leafnode-&leafnode-version;.rel.tar.bz2">
+<!ENTITY leafnode-download-ftp " ">
+<!ENTITY leafnode-size "614 KB">
+<!ENTITY leafnode-buildsize "14 MB">
+<!ENTITY leafnode-time "0.11 SBU">
+]>
 <sect1 id="leafnode" xreflabel="Leafnode-&leafnode-version;">
 <?dbhtml filename="leafnode.html"?>
 <title>Leafnode-&leafnode-version;</title>
+&leafnode-intro;
+&leafnode-inst;
+&leafnode-exp;
+&leafnode-config;
+&leafnode-desc;
+<sect2>
+<title>Introduction to <application>Leafnode</application></title>
+<para><application>Leafnode</application> is an <acronym>NNTP</acronym>
+server designed for small sites to provide a local USENET spool.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&leafnode-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&leafnode-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &leafnode-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &leafnode-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &leafnode-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Leafnode</application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="pcre"/> and <xref linkend="tcpwrappers"/>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Leafnode</application></title>
+<para>Create the group and user news, if not present:</para>
+<screen><userinput><command>groupadd news &amp;&amp;
+useradd -g news news</command></userinput></screen>
+<para>Install <application>Leafnode</application> by running the following
+commands:</para>
+<screen><userinput><command>./configure --prefix=/usr --localstatedir=/var \
+    --sysconfdir=/etc/news --with-lockfile=/var/lock/fetchnews.lck &amp;&amp;
+make &amp;&amp;
+make install &amp;&amp;
+ldconfig &amp;&amp;
+make update</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Installation command explanations</title>
+<para><parameter>--localstatedir=/var</parameter>: Change the default
+spool directory of <filename class="directory">/usr/var</filename>.</para>
+<para><parameter>--sysconfdir=/etc/news</parameter>: leafnode reads its
+configuration data from a file called <filename>config</filename> which
+will be created in <filename class="directory">/etc/news</filename> to
+avoid any potential conflict with other packages.</para>
+<para><command>make update</command>: Create an initial
+<filename>/etc/news/config.example</filename> file, which must be
+renamed to <filename>/etc/news/config</filename>.</para>
+</sect2>
+<sect2>
+<title>Configuring <application>Leafnode</application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/news/config</filename>,
+<filename>/etc/inetd.conf</filename> or
+<filename>/etc/xinetd.conf</filename></para>
+<para><application>Leafnode</application> may be configured to use
+<command>inetd</command> by adding an entry
+to the <filename>/etc/inetd.conf</filename> file with the following
+command:</para>
+<screen><userinput><command>echo "nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode" \
+&gt;&gt; /etc/inetd.conf</command></userinput></screen>
+<para>Issue a <command>killall -HUP inetd</command> to reread the
+changed <filename>inetd.conf</filename> file.</para>
+<para>Alternatively, <application>Leafnode</application> may be configured to
+use <command>xinetd</command> by adding an entry to the <filename>
+/etc/xinetd.conf</filename> file with the following command:</para>
+<screen><userinput><command>cat &gt;&gt; /etc/xinetd.conf &lt;&lt; "EOF" </command>
+        service nntp
+        {
+           flags           = NAMEINARGS NOLIBWRAP
+           socket_type     = stream
+           protocol        = tcp
+           wait            = no
+           user            = news
+           server          = /usr/sbin/tcpd
+           server_args     = /usr/sbin/leafnode
+           instances       = 7
+           per_source      = 3
+        }
+<command>EOF</command></userinput></screen>
+<para>Issue a <command>killall -HUP xinetd</command> to reread the
+changed <filename>xinetd.conf</filename> file.</para>
+<para>The <filename>/etc/news/config</filename> file must be
+edited to reflect the name of the upstream <acronym>NNTP</acronym>
+provider. Copy the
+example configuration file to <filename>/etc/news/config</filename>
+and save the original for reference: </para>
+<screen><userinput><command>cp /etc/news/config.example /etc/news/config
+</command></userinput></screen>
+<para>Change the
+<screen><userinput>server = </userinput></screen>
+entry to reflect your news provider.</para>
+<para>The <envar>NNTPSERVER</envar> environment variable must be set to
+.0.0.1 to prevent news clients from reading news from the upstream feed,
+so add the following to <filename>/etc/profile</filename> or
+<filename>$HOME/.bash_profile</filename>:</para>
+<screen><userinput><command>export NNTPSERVER=127.0.0.1</command></userinput></screen>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Leafnode</application> package contains
+<command>leafnode-version</command>,
+<command>leafnode</command>,
+<command>applyfilter</command>,
+<command>texpire</command>,
+<command>checkgroups</command>,
+<command>fetchnews</command> and
+<command>newsq.</command></para></sect2>
+<sect2><title>Description</title>
+<sect3><title>leafnode-version</title>
+<para><command>leafnode-version</command> prints the leafnode
+version.</para></sect3>
+<sect3><title>leafnode</title>
+<para><command>leafnode</command> is the <acronym>NNTP</acronym> server daemon.</para></sect3>
+<sect3><title>applyfilter</title>
+<para><command>applyfilter</command> filters newsgroup articles according to regular
+expressions.</para></sect3>
+<sect3><title>texpire</title>
+<para><command>texpire</command> expires old articles and unread groups.</para></sect3>
+<sect3><title>checkgroups</title>
+<para><command>checkgroups</command> inserts newsgroup titles into the newsgroup
+database.</para></sect3>
+<sect3><title>fetchnews</title>
+<para><command>fetchnews</command> sends posted articles to and retrieves new articles
+from an upstream news server.</para></sect3>
+<sect3><title>newsq</title>
+<para><command>newsq</command> shows articles waiting to be sent upstream.</para></sect3>
+</sect2>
 </sect1>

server/other/openldap.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY openldap-download-http "http://gd.tuwien.ac.at/infosys/network/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz">
+<!ENTITY openldap-download-ftp "ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-&openldap-version;.tgz">
+<!ENTITY openldap-size "2.0 MB">
+<!ENTITY openldap-buildsize "116 MB">
+<!ENTITY openldap-time "7.52 SBU">
+]>
 <sect1 id="openldap" xreflabel="OpenLDAP-&openldap-version;">
 <?dbhtml filename="openldap.html"?>
 <title>Open<acronym>LDAP</acronym>-&openldap-version;</title>
+&openldap-intro;
+&openldap-inst;
+&openldap-exp;
+&openldap-config;
+&openldap-desc;
+<sect2>
+<title>Introduction to <application>Open<acronym>LDAP</acronym></application></title>
+<para>The <application>Open<acronym>LDAP</acronym></application> package
+provides an open source implementation of the Lightweight Directory
+Access Protocol.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&openldap-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&openldap-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &openldap-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &openldap-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &openldap-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Open<acronym>LDAP</acronym></application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="db"/>
+</para></sect4>
+<sect4><title>Optional</title>
+<para>
+<xref linkend="openssl"/>,
+<xref linkend="gdbm"/>,
+<xref linkend="tcpwrappers"/>,
+<xref linkend="readline"/>,
+<xref linkend="heimdal"/> or
+<xref linkend="mitkrb"/>,  and
+<ulink url="http://asg.web.cmu.edu/sasl/">Cyrus SASL</ulink>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Open<acronym>LDAP</acronym></application></title>
+<para>Install <application>Open<acronym>LDAP</acronym></application> by
+running the following commands:</para>
+<screen><userinput><command>./configure --prefix=/usr --libexecdir=/usr/sbin \
+    --sysconfdir=/etc --localstatedir=/var/lib \
+    --disable-debug --enable-ldbm &amp;&amp;
+make depend &amp;&amp;
+make &amp;&amp;
+make test &amp;&amp;
+make install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration file directory to
+avoid the default of <filename class="directory">/usr/etc</filename>.</para>
+<para><parameter>--libexecdir=/usr/sbin</parameter>: Puts the server executables in
+<filename class="directory">/usr/sbin</filename> instead of <filename
+class="directory">/usr/libexec</filename>.</para>
+<para><option>--enable-ldbm</option>: Build <command>slapd</command>
+with primary database back end using either <application>Berkeley
+DB</application> or
+<application><acronym>GNU</acronym> Database Manager</application>.</para>
+<para><option>--disable-debug</option>: Disable debugging code.</para>
+<para><command>make test</command>: Validate correct build of the package.</para>
+</sect2>
+<sect2>
+<title>Configuring Open<acronym>LDAP</acronym></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/openldap/*</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>The only configuration needed for
+<application>Open<acronym>LDAP</acronym></application> is
+to run <command>ldconfig</command>. The <acronym>LDAP</acronym> server
+can be started by <command>/usr/sbin/slapd</command> as described in
+the man page slapd(8). You can verify that <acronym>LDAP</acronym> is
+running with <command>ps aux</command> and you can verify access to the
+<acronym>LDAP</acronym> server with the following command:</para>
+<screen><userinput><command>ldapsearch -x -b '' -s base '(objectclass=*)' namingContexts</command></userinput></screen>
+<para>The correct result is:</para>
+<screen><computeroutput># extended LDIF
+#
+# LDAPv3
+# base &lt;&gt; with scope base
+# filter: (objectclass=*)
+# requesting: namingContexts
+#
+#
+dn:
+namingContexts: dc=my-domain,dc=com
+# search result
+search: 2
+result: 0 Success
+# numResponses: 2
+# numEntries: 1</computeroutput></screen>
+<para>Kill the server with this command:</para>
+<screen><userinput><command>kill -INT `cat /var/lib/slapd.pid`</command></userinput></screen>
+<para>You are now ready to modify the
+<filename>/etc/openldap/slapd.conf</filename> to be specific to your
+installation.</para>
+<para><emphasis>Utilizing <application>GDBM</application></emphasis></para>
+<para>To utilize <application>GDBM</application> as the database
+backend, the "database" entry in <filename>/etc/openldap/slapd.conf</filename>
+must be changed from "bdb" to "ldbm".  You can use both by creating an
+additional database section in <filename>/etc/openldap/slapd.conf</filename>.</para>
+<para><emphasis>Securing your <acronym>LDAP</acronym> server</emphasis></para>
+<para>Significant configuration is needed for
+<application>Open<acronym>LDAP</acronym></application> to utilize
+security features.  The <ulink
+url="http://www.openldap.org/doc/admin21/">OpenLDAP 2.1 Administrator's
+Guide</ulink> is a good place to start for access control settings,
+running as a user other than root and setting a chroot environment.</para>
+<para><emphasis>User Tools</emphasis></para>
+<para>Data can be added to the <acronym>LDAP</acronym> database via
+<command>ldapadd</command>. There are other programs that can use
+the database. For more information see the appropriate man page.</para>
+<para><emphasis><application>Mozilla</application> Address Directory</emphasis></para>
+<para>By default, LDAPv2 support is disabled in the
+<filename>slapd.conf</filename> file. Once the database is properly
+setup and <application>Mozilla</application> is configured to use the
+directory, you must add <option>allow bind_v2</option> to the
+<filename>slapd.conf</filename> file.</para>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The Open<acronym><acronym>LDAP</acronym></acronym> package contains
+<command>ldapadd</command>,
+<command>ldapcompare</command>,
+<command>ldapdelete</command>,
+<command>ldapmodify</command>,
+<command>ldapmodrdn</command>,
+<command>ldappasswd</command>,
+<command>ldapsearch</command>,
+<command>ldapwhoami</command>,
+<command>slapadd</command>,
+<command>slapcat</command>,
+<command>slapd</command>,
+<command>slapindex</command>,
+<command>slappasswd</command>,
+<command>slurpd</command>,
+<filename class="libraryfile">liblber</filename> and
+<filename class="libraryfile">libldap</filename>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>ldapadd</title>
+<para><command>ldapadd</command> opens a connection to an <acronym>LDAP</acronym> server,
+binds and adds entries.</para></sect3>
+<sect3><title>ldapcompare</title>
+<para><command>ldapcompare</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and performs a compare using specified
+parameters.</para></sect3>
+<sect3><title>ldapdelete</title>
+<para><command>ldapdelete</command> opens a connection to an <acronym>LDAP</acronym> server,
+binds and deletes one or more entries.</para></sect3>
+<sect3><title>ldapmodify</title>
+<para><command>ldapmodify</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and modifies entries.</para></sect3>
+<sect3><title>ldapmodrdn</title>
+<para><command>ldapmodrdn</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and modifies the <acronym>RDN</acronym> of
+entries.</para></sect3>
+<sect3><title>ldappasswd</title>
+<para><command>ldappasswd</command> is a tool to set the password of an
+<acronym>LDAP</acronym> user.</para></sect3>
+<sect3><title>ldapsearch</title>
+<para><command>ldapsearch</command> opens a connection to an <acronym>LDAP</acronym>
+server, binds and performs a search using specified
+parameters.</para></sect3>
+<sect3><title>ldapwhoami</title>
+<para><command>ldapwhoami</command> open a connection to an <acronym>LDAP</acronym> server,
+binds and performs a whoami operation.</para></sect3>
+<sect3><title>slapadd</title>
+<para><command>slapadd</command> is used to add entries specified in
+<acronym>LDAP</acronym> Directory Interchange Format (<acronym>LDIF</acronym>) to a
+slapd database.</para></sect3>
+<sect3><title>slapcat</title>
+<para><command>slapcat</command> is used to generate an <acronym>LDAP</acronym>
+<acronym>LDIF</acronym> output
+based upon the contents of a slapd database.</para></sect3>
+<sect3><title>slapd</title>
+<para><command>slapd</command> is the stand-alone <acronym>LDAP</acronym> server.</para></sect3>
+<sect3><title>slapindex</title>
+<para><command>slapindex</command> is used to regenerate slapd
+indices based upon the current contents of a database.</para></sect3>
+<sect3><title>slappasswd</title>
+<para><command>slappasswd</command> is an Open<acronym>LDAP</acronym> password
+utility.</para></sect3>
+<sect3><title>slurpd</title>
+<para><command>slurpd</command> is the stand-alone
+<acronym>LDAP</acronym> replication server.</para></sect3>
+<sect3><title>liblber and libldap</title>
+<para>These libraries support the <acronym>LDAP</acronym> programs and provide functionality for
+other programs interacting with <acronym>LDAP</acronym>.</para></sect3>
+</sect2>
 </sect1>

server/other/openssh.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY openssh-download-http "http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">
+<!ENTITY openssh-download-ftp "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">
+<!ENTITY openssh-size "799 KB">
+<!ENTITY openssh-buildsize "37 MB">
+<!ENTITY openssh-time "0.49 SBU">
+]>
 <sect1 id="openssh" xreflabel="OpenSSH-&openssh-version;">
 <?dbhtml filename="openssh.html"?>
 <title>Open<acronym>SSH</acronym>-&openssh-version;</title>
+&openssh-intro;
+&openssh-inst;
+&openssh-exp;
+&openssh-config;
+&openssh-desc;
+<sect2>
+<title>Introduction to <application>Open<acronym>SSH</acronym></application></title>
+<para>The <application>Open<acronym>SSH</acronym></application> package
+contains <command>ssh</command> clients and the <command>sshd</command> daemon.
+This is useful for encrypting authentication and subsequent traffic over a network.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&openssh-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&openssh-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &openssh-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &openssh-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &openssh-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Open<acronym>SSH</acronym></application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="openssl"/></para></sect4>
+<sect4><title>Optional</title>
+<para>
+<xref linkend="Linux_PAM"/>,
+<xref linkend="tcpwrappers"/>,
+X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>),
+<xref linkend="mitkrb"/> or <xref linkend="heimdal"/>, and
+<ulink url="http://www.opensc.org/">OpenSC</ulink>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Open<acronym>SSH</acronym></application></title>
+<para><application>Open<acronym>SSH</acronym></application> runs as two
+processes when connecting to other
+computers. The first process is a privileged process and controls the
+issuance of privileges as necessary. The second process communicates
+with the network. Additional installation steps are necessary to set up
+the proper environment which are performed by the following
+commands:</para>
+<screen><userinput><command>mkdir /var/empty &amp;&amp;
+chown root:sys /var/empty &amp;&amp;
+groupadd sshd &amp;&amp;
+useradd -c 'sshd privsep' -d /var/empty -g sshd -s /bin/false sshd</command></userinput></screen>
+<para><application>OpenSSH</application> is very sensitive to changes in the
+linked <application>OpenSSL</application> libraries. If you recompile
+<application>OpenSSL</application>, <application>OpenSSH</application> may
+fail to startup. An alternative is to link against the static <application>OpenSSL</application>
+library. To link against the static library, execute the following command:</para>
+<screen><userinput><command>sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" configure</command></userinput></screen>
+<para>Install <application>Open<acronym>SSH</acronym></application> by running
+the following commands:</para>
+<screen><userinput><command>./configure --prefix=/usr --sysconfdir=/etc/ssh \
+    --libexecdir=/usr/sbin --with-md5-passwords &amp;&amp;
+make &amp;&amp;
+make install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><parameter>--sysconfdir=/etc/ssh</parameter>: This prevents the
+configuration files from going to <filename class="directory">/usr/etc</filename>.</para>
+<para><parameter>--with-md5-passwords</parameter>: This is required
+if you made the changes recommended by the shadowpasswd_plus
+<acronym>LFS</acronym> hint on
+your <acronym>SSH</acronym> server when you installed the Shadow Password
+Suite or if you access a <acronym>SSH</acronym> server that authenticates by
+user passwords encrypted with md5. </para>
+<para><parameter>--libexecdir=/usr/sbin</parameter>:
+<application>Open<acronym>SSH</acronym></application> installs
+programs called by programs in <filename class="directory">/usr/libexec</filename>.
+<command>sftp-server</command> is a <command>sshd</command>
+utility and <command>ssh-askpass</command> is a <command>ssh-add</command>
+utility that is installed as a link to <command>X11-ssh-askpass</command>.
+Both of these should go in <filename class="directory">/usr/sbin</filename>
+not <filename class="directory">/usr/libexec</filename>.</para>
+</sect2>
+<sect2>
+<title>Configuring <application>Open<acronym>SSH</acronym></application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/ssh/ssh_config</filename>,
+<filename>/etc/ssh/sshd_config </filename></para>
+<para>There are no required changes in either of these files.  However
+you may wish to view them to make changes for appropriate security to
+your system. Configuration information can be found in the man pages for
+<command>sshd</command>, <command>ssh</command> and <command>ssh-agent
+</command></para>
+</sect3>
+<sect3><title>sshd init.d script</title>
+<para>To start the SSH Server at boot, install the <filename>/etc/rc.d/init.d/sshd</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-sshd</command></userinput></screen>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Open<acronym>SSH</acronym></application> package contains <command>ssh</command>,
+<command>sshd</command>, <command>ssh-agent</command>,
+<command>ssh-add</command>, <command>sftp</command>,
+<command>scp</command>, <command>ssh-keygen</command>,
+<command>sftp-server</command> and
+<command>ssh-keyscan</command>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>ssh</title>
+<para>The basic rlogin/rsh-like client program.</para></sect3>
+<sect3><title>sshd</title>
+<para>The daemon that listens for ssh login requests.</para></sect3>
+<sect3><title>ssh-agent</title>
+<para>An authentication agent that can store private keys.</para></sect3>
+<sect3><title>ssh-add</title>
+<para>Tool which adds keys to the <command>ssh-agent</command>.</para></sect3>
+<sect3><title>sftp</title>
+<para><acronym>FTP</acronym>-like program that works over
+<acronym>SSH</acronym>1 and <acronym>SSH</acronym>2 protocols.</para></sect3>
+<sect3><title>scp</title>
+<para>File copy program that acts like rcp.</para></sect3>
+<sect3><title>ssh-keygen</title>
+<para>Key generation tool.</para></sect3>
+<sect3><title>sftp-server</title>
+<para><acronym>SFTP</acronym> server subsystem.</para></sect3>
+<sect3><title>ssh-keyscan</title>
+<para>Utility for gathering public host keys from a number of hosts.</para></sect3>
+</sect2>
 </sect1>

server/other/other.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+  "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+ <!ENTITY % general-entities SYSTEM "../../general.ent">
+ %general-entities;
+]>
 <chapter id="server-other">
 <?dbhtml filename="other.html"?>
 …
 that you can analyze the risks.</para>
+&bind;
+&cvsserver;
+&dhcp;
+&leafnode;
+&openssh;
+&rsync;
+&openldap;
+&samba3;
+&xinetd;
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="bind.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="cvsserver.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="dhcp.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="leafnode.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="openssh.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="rsync.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="openldap.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="samba3.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="xinetd.xml"/>
 </chapter>

server/other/rsync.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY rsync-download-http "http://rsync.samba.org/ftp/rsync/rsync-&rsync-version;.tar.gz">
+<!ENTITY rsync-download-ftp "ftp://gd.tuwien.ac.at/utils/admin-tools/rsync/rsync-&rsync-version;.tar.gz">
+<!ENTITY rsyncd-size "504 KB">
+<!ENTITY rsync-buildsize "6.5 MB">
+<!ENTITY rsyncd-time "0.20 SBU">
+]>
 <sect1 id="rsync" xreflabel="rsync-&rsync-version;">
 <?dbhtml filename="rsync.html"?>
 <title>rsync-&rsync-version;</title>
+&rsync-intro;
+&rsync-inst;
+&rsync-config;
+&rsync-desc;
+<sect2>
+<title>Introduction to <application>rsync</application></title>
+<para>The <application>rsync</application> package contains the
+<command>rsync</command> utility. This is useful for synchronizing large file
+archives over a network.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&rsync-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&rsync-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &rsyncd-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &rsync-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &rsyncd-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>rsync</application> dependencies</title>
+<sect4><title>Optional</title>
+<para>
+<xref linkend="popt"/>
+</para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>rsync</application></title>
+<para>For security reasons, running the <application>rsync</application> server as
+an unprivileged user and group is encouraged.  Create the rsyncd user
+and group with the following commands:</para>
+<screen><userinput><command>groupadd rsyncd &amp;&amp;
+useradd -c rsyncd -d /home/rsync -g rsyncd -s /bin/false rsyncd</command>
+</userinput></screen>
+<para>Install <application>rsync</application> by running the following
+commands:</para>
+<screen><userinput><command>./configure --prefix=/usr &amp;&amp;
+make &amp;&amp;
+make install </command></userinput></screen>
+</sect2>
+<sect2>
+<title>Configuring <application>rsync</application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/rsyncd.conf</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>This is a simple download-only configuration. See the rsyncd man-page for
+additional options (i.e., user authentication).</para>
+<screen><userinput><command>cat &gt; /etc/rsyncd.conf &lt;&lt; "EOF"</command>
+# This is a basic rsync configuration file
+# It exports a single module without user authentication.
+motd file = /home/rsync/welcome.msg
+use chroot = yes
+[localhost]
+    path = /home/rsync
+    comment = Default rsync module
+    read only = yes
+    list = yes
+    uid = rsyncd
+    gid = rsyncd
+<command>EOF</command></userinput></screen>
+</sect3>
+<sect3><title>rsyncd init.d script</title>
+<para>Note that you only want to start the <application>rsync</application>
+server if you want to provide a <application>rsync</application> archive on
+your machine. The <application>rsync</application> client doesn't need this
+script to be used.</para>
+<para>Install the <filename>/etc/rc.d/init.d/rsyncd</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-rsyncd</command></userinput></screen>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>rsync</application> package contains <command>rsync</command>.</para>
+</sect2>
+<sect2><title>Description</title>
+<sect3><title>rsync</title>
+<para><application>rsync</application> is a replacement for <command>rcp
+</command> (and <command>scp</command>) that has many more features. It
+uses the "rsync algorithm" which provides a very fast method of syncing remote
+files. It does this by sending just the differences in the files across the
+link, without requiring that both sets of files are present at one end
+of the link beforehand.</para></sect3>
+</sect2>
 </sect1>

server/other/samba3.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY samba3-download-http "http://us1.samba.org/samba/ftp/samba-&samba3-version;.tar.gz">
+<!ENTITY samba3-download-ftp "ftp://ftp.samba.org/pub/samba/samba-&samba3-version;.tar.gz">
+<!ENTITY samba3-size "14.4 MB">
+<!ENTITY samba3-buildsize "123 MB">
+<!ENTITY samba3-time "10.5 SBU">
+]>
 <sect1 id="samba3" xreflabel="Samba-&samba3-version;">
 <?dbhtml filename="samba3.html"?>
 <title>Samba-&samba3-version;</title>
+&samba3-intro;
+&samba3-inst;
+&samba3-exp;
+&samba3-config;
+&samba3-desc;
+<sect2>
+<title>Introduction to <application>Samba</application></title>
+<para>The <application>Samba</application> package provides file and print
+services to <acronym>SMB</acronym>/<acronym>CIFS</acronym> clients and
+Windows networking to Linux clients.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&samba3-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&samba3-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &samba3-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &samba3-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &samba3-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title>Additional downloads</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Maintainer Recommended patch:
+<ulink url="&patch-root;/samba-3.0.4-maintainer.patch"/></para></listitem>
+</itemizedlist>
+</sect3>
+<sect3>
+<title><application>Samba</application> dependencies</title>
+<sect4>
+<title>Optional</title>
+<para>
+<xref linkend="Linux_PAM"/>,
+<xref linkend="readline"/>,
+<xref linkend="openldap"/>,
+<xref linkend="cups"/>,
+<xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
+<xref linkend="libxml2"/>,
+<xref linkend="mysql"/> or <xref linkend="postgresql"/>,
+<xref linkend="Python"/>, and
+<ulink url="http://valgrind.kde.org/">Valgrind</ulink>
+</para>
+</sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>Samba</application></title>
+<para>Install <application>Samba</application> by running the following
+commands:</para>
+<screen><userinput><command>patch -Np1 -i samba-3.0.4-maintainer.patch &amp;&amp;
+cd source &amp;&amp;
+install -d /var/cache/samba &amp;&amp;
+./configure \
+    --prefix=/usr \
+    --sysconfdir=/etc \
+    --localstatedir=/var \
+    --with-piddir=/var/run \
+    --with-fhs \
+    --with-smbmount &amp;&amp;
+make &amp;&amp;
+make install &amp;&amp;
+install -m755 nsswitch/libnss_win{s,bind}.so /lib &amp;&amp;
+ln -sf libnss_winbind.so /lib/libnss_winbind.so.2 &amp;&amp;
+ln -sf libnss_wins.so /lib/libnss_wins.so.2 &amp;&amp;
+cp ../examples/smb.conf.default /etc/samba</command></userinput></screen>
+<note><para>You may want to run <command>configure</command> with the
+<parameter>--help</parameter> parameter.  There may be other parameters
+needed to take advantage of the optional dependencies.</para></note>
+</sect2>
+<sect2>
+<title>Installation command explanations</title>
+<para><command>install -d /var/cache/samba</command>: This directory is
+needed for proper operation of the <command>smbd</command> and
+<command>nmbd</command> daemons.</para>
+<para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
+file directory to avoid the default of <filename class="directory">/usr/etc</filename>.</para>
+<para><parameter>--localstatedir=/var</parameter>: Sets the variable
+data directory to avoid the default of <filename class="directory">/usr/var</filename>.</para>
+<para><option>--with-fhs</option>: Assigns all other file paths in a manner
+compliant with the Filesystem Hierarchy Standard
+(<acronym>FHS</acronym>).</para>
+<para><option>--with-smbmount</option>: Orders the creation of an extra
+binary for use by the <command>mount</command> command so that mounting remote
+<acronym>SMB</acronym> (Windows) shares becomes no more complex than mounting
+remote <acronym>NFS</acronym> shares.</para>
+<para><command>install -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
+The nss libraries are not installed by default.  If you intend to use
+winbindd for domain auth, and/or <acronym>WINS</acronym> name resolution,
+you need these libraries.</para>
+<para><command>ln -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
+and <command>ln -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
+These symlinks are required by glibc to use the nss libraries.</para>
+<para><command>cp ../examples/smb.conf.default /etc/samba</command>:
+This copies a default <filename>smb.conf </filename>into
+<filename>/etc/samba</filename>.  This sample configuration will not
+work unless edited for your site, and renamed
+<filename>smb.conf</filename>.</para>
+</sect2>
+<sect2>
+<title>Configuring <application>Samba</application></title>
+<para>Because of the various uses for <application>Samba</application>,
+complete configuration is well beyond the scope of the BLFS book.
+In fact, many complete books have been written on this topic alone.
+The included documentation, a popular book published by O'Reilly,
+can be viewed by pointing your web browser to
+<ulink url="file:///usr/share/samba/swat/using_samba/toc.html" />.
+</para>
+<para>The built in <acronym>SWAT</acronym> (Samba Web Administration Tool)
+utility can be used for basic configuration, however, before
+using <acronym>SWAT</acronym> you must add an entry to
+<filename>/etc/services</filename> and make changes to your
+<command>inetd</command>/<command>xinetd</command>
+configuration.</para>
+<para>Add the swat entry to <filename>/etc/services</filename> with the
+following command: </para>
+<screen><userinput><command>echo "swat            901/tcp" &gt;&gt; /etc/services</command></userinput></screen>
+<para>If <command>inetd</command> is used, the following command will add the
+swat entry to <filename>/etc/inetd.conf</filename>: </para>
+<screen><userinput><command>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
+    &gt;&gt; /etc/inetd.conf</command></userinput></screen>
+<para>Issue a <command>killall -HUP inetd</command> to reread the
+changed <filename>inetd.conf</filename> file.</para>
+<para>If <command>xinetd</command> is used, the following command will
+add the swat entry to <filename>/etc/xinetd.conf</filename>: </para>
+<screen><userinput><command>cat &gt;&gt; /etc/xinetd.conf &lt;&lt; "EOF"</command>
+service swat
+{
+    port            = 901
+    socket_type     = stream
+    wait            = no
+    only_from       = 127.0.0.1
+    user            = root
+    server          = /usr/sbin/swat
+    log_on_failure  += USERID
+}
+<command>EOF</command></userinput></screen>
+<para>Issue a <command>killall -HUP xinetd</command> to reread the
+changed <filename>xinetd.conf</filename> file.</para>
+<para><acronym>SWAT</acronym> can be launched by pointing your web
+browser to <ulink url="http://localhost:901"/>.</para>
+<para>For your convenience, boot scripts have been provided for
+<application>Samba</application>.  There are two included in the
+<xref linkend="intro-important-bootscripts"/> package.  The first,
+<filename>samba</filename>, will start the <command>smbd</command> and
+<command>nmbd</command> daemons needed to provide
+<acronym>SMB</acronym>/<acronym>CIFS</acronym> services.  The second
+script, <filename>winbind</filename>, starts the <command>winbindd</command>
+daemon, used for providing Windows domain services to Linux clients.</para>
+<para>Install the <filename>samba</filename> script with the following
+command:</para>
+<screen><userinput><command>make install-samba</command></userinput></screen>
+<para>If you also need the <filename>winbind</filename> script:</para>
+<screen><userinput><command>make install-winbind</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>Samba</application> package contains
+<command>make_smbcodepage</command>,
+<command>make_unicodemap</command>,
+<command>mount.smbfs</command>,
+<command>net</command>,
+<command>nmbd</command>,
+<command>nmblookup</command>,
+<command>rpcclient</command>,
+<command>smbcacls</command>,
+<command>smbclient</command>,
+<command>smbcontrol</command>,
+<command>smbd</command>,
+<command>smbpasswd</command>,
+<command>smbspool</command>,
+<command>smbstatus</command>,
+<command>swat</command>,
+<command>testparm</command>,
+<command>testprns</command>,
+<command>wbinfo</command> and
+<command>winbindd.</command></para></sect2>
+<sect2>
+<title>Description</title>
+<sect3><title>make_smbcodepage</title>
+<para><command>make_smbcodepage</command> converts text descriptions of code
+pages to binary code page files and vice versa.</para></sect3>
+<sect3><title>make_unicodemap</title>
+<para><command>make_unicodemap</command> converts text Unicode map files to
+binary, for use in mapping characters to 16 bit Unicode.</para></sect3>
+<sect3><title>mount.smbfs</title>
+<para><command>mount.smbfs</command> provides <command>/bin/mount</command>
+with a way to mount remote Windows (or Samba) fileshares.</para></sect3>
+<sect3><title>net</title>
+<para><command>net</command> is a tool for administration of Samba and remote
+CIFS servers, similar to the net utility for DOS/Windows.</para></sect3>
+<sect3><title>nmbd</title>
+<para><command>nmbd</command> is the Samba Net<acronym>BIOS</acronym> name
+server.</para></sect3>
+<sect3><title>nmblookup</title>
+<para><command>nmblookup</command> is used to query
+Net<acronym>BIOS</acronym> names and map them to <acronym>IP</acronym>
+addresses.</para></sect3>
+<sect3><title>rpcclient</title>
+<para><command>rpcclient</command> is used to execute
+MS-<acronym>RPC</acronym> client side functions.</para></sect3>
+<sect3><title>smbcacls</title>
+<para><command>smbcacls</command> is used to manipulate NT access control
+lists.</para></sect3>
+<sect3><title>smbclient</title>
+<para><command>smbclient</command> is a <acronym>SMB</acronym>/<acronym>CIFS
+</acronym> access utility, similar to <acronym>FTP</acronym>.</para></sect3>
+<sect3><title>smbcontrol</title>
+<para><command>smbcontrol</command> is used to control running <command>smbd</command>,
+<command>nmbd</command> and <command>winbindd</command>
+daemons.</para></sect3>
+<sect3><title>smbd</title>
+<para><command>smbd</command> is the main
+<application>Samba</application> daemon.</para></sect3>
+<sect3><title>smbpasswd</title>
+<para><command>smbpasswd</command> changes a user's <application>Samba
+</application> password.</para></sect3>
+<sect3><title>smbspool</title>
+<para><command>smbspool</command> sends a print job to an <acronym>SMB
+</acronym> printer.</para></sect3>
+<sect3><title>smbstatus</title>
+<para><command>smbstatus</command> reports current
+<application>Samba</application> connections.</para></sect3>
+<sect3><title>swat</title>
+<para><command>swat</command> is the Samba Web Administration Tool.</para>
+</sect3>
+<sect3><title>testparm</title>
+<para><command>testparm</command> checks an <filename>smb.conf</filename> file
+for proper syntax.</para></sect3>
+<sect3><title>testprns</title>
+<para><command>testprns</command> tests printer names.</para></sect3>
+<sect3><title>wbinfo</title>
+<para><command>wbinfo</command> queries a running <command>winbindd</command>
+daemon.</para></sect3>
+<sect3><title>winbindd</title>
+<para><command>winbindd</command> resolves names from NT servers.</para></sect3>
+</sect2>
 </sect1>

server/other/xinetd.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+<!ENTITY xinetd-download-http "http://www.xinetd.org/xinetd-&xinetd-version;.tar.gz">
+<!ENTITY xinetd-download-ftp " ">
+<!ENTITY xinetd-size "291 KB">
+<!ENTITY xinetd-buildsize "5.5 MB">
+<!ENTITY xinetd-time "0.12 SBU">
+]>
 <sect1 id="xinetd" xreflabel="xinetd-&xinetd-version;">
 <?dbhtml filename="xinetd.html"?>
 <title>xinetd-&xinetd-version;</title>
+&xinetd-intro;
+&xinetd-inst;
+&xinetd-config;
+&xinetd-desc;
+<sect2>
+<title>Introduction to <application>xinetd</application></title>
+<para><application>xinetd</application> is the eXtended InterNET services
+Daemon, a secure replacement for <command>inetd</command>.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP): <ulink url="&xinetd-download-http;"/></para></listitem>
+<listitem><para>Download (FTP): <ulink url="&xinetd-download-ftp;"/></para></listitem>
+<listitem><para>Download size: &xinetd-size;</para></listitem>
+<listitem><para>Estimated Disk space required: &xinetd-buildsize;</para></listitem>
+<listitem><para>Estimated build time: &xinetd-time;</para></listitem></itemizedlist>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of <application>xinetd</application></title>
+<para>Install <application>xinetd</application> by running the following commands:</para>
+<screen><userinput><command>./configure --prefix=/usr &amp;&amp;
+make &amp;&amp;
+make install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Configuring <application>xinetd</application></title>
+<sect3><title>Config files</title>
+<para><filename>/etc/xinetd.conf</filename></para>
+</sect3>
+<sect3><title>Configuration Information</title>
+<para>Ensure the path to all daemons is <filename
+class="directory">/usr/sbin</filename>, rather than the default path of
+<filename class="directory">/usr/etc</filename> by running the following
+command:</para>
+<screen><userinput><command>sed -e 's/etc/sbin/g' xinetd/sample.conf &gt; /etc/xinetd.conf</command>
+</userinput></screen>
+<para>The format of the <filename>/etc/xinetd.conf</filename> is
+documented in the xinetd.conf man page. Further information can be
+found at <ulink url="http://www.xinetd.org"/>.</para>
+<para>Install the <filename>/etc/rc.d/init.d/xinetd</filename>
+init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
+<screen><userinput><command>make install-xinetd</command></userinput></screen>
+<para>Now, we'll use our new boot script to start <command>xinetd</command>: </para>
+<screen><userinput><command>/etc/rc.d/init.d/xinetd start</command></userinput></screen>
+<para>Checking the <filename>/var/log/daemon.log</filename> file
+should prove quite entertaining. This file may contain entries
+similar to the following:</para>
+<screen><userinput>Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rlogind is not
+executable [line=29]
+Aug 22 21:40:21 dps10 xinetd[2696]: Error parsing attribute server -
+DISABLING SERVICE [line=29]
+Aug 22 21:40:21 dps10 xinetd[2696]: Server /usr/sbin/in.rshd is not
+executable [line=42]</userinput></screen>
+<para>These errors are because most of the
+servers <command>xinetd</command> is trying to control are not installed yet.</para>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<para>The <application>xinetd</application> package contains
+<command>xinetd</command>,
+<command>itox</command> and
+<command>xconv.pl</command>.</para></sect2>
+<sect2><title>Description</title>
+<sect3><title>xinetd</title>
+<para><command>xinetd</command> is the Internet services daemon.</para></sect3>
+<sect3><title>itox</title>
+<para><command>itox</command> is a utility used for converting
+<filename>inetd.conf</filename> files to
+<filename>xinetd.conf</filename> format.</para></sect3>
+<sect3><title>xconv.pl</title>
+<para><command>xconv.pl</command> is a <application>Perl</application> script used for converting
+<filename>inetd.conf</filename> files to <filename>xinetd.conf</filename>
+format, similar to <command>itox</command>.</para></sect3>
+</sect2>
 </sect1>

server/server.xml

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+  "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+ <!ENTITY % general-entities SYSTEM "../general.ent">
+ %general-entities;
+]>
 <part id="server" xreflabel="Server Networking">
 <?dbhtml filename="server.html" dir="server"?>
 <title>Server Networking</title>
+&server-mail;
+&server-other;
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="mail/mail.xml"/>
+<xi:include xmlns:xi="http://www.w3.org/2003/XInclude" href="other/other.xml"/>
 </part>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 0931098

Legend:

Download in other formats: