Context Navigation

-              r23d784b
+              r65df9fca
 servers. This file must be updated periodically with the
 <command>dig</command> utility.
 Consult the <application><acronym>BIND</acronym></application> 9 Administrator Reference Manual for
+Consult the <ulink url="http://www.bind9.net/Bv9ARM.html"><application><acronym>BIND</acronym></application> 9 Administrator Reference Manual</ulink> for
 details.</para>
 …
 <screen><userinput><command>cp /etc/resolv.conf /etc/resolv.conf.bak &amp;&amp;
 cat &gt; /etc/resolv.conf &lt;&lt; "EOF"</command>
 search yourdomain.com
+search <replaceable>[yourdomain.com]</replaceable>
 nameserver 127.0.0.1
 <command>EOF</command></userinput></screen>
 …
 <screen><userinput><command>chown -R named.named /home/named</command></userinput></screen>
 <para>To start the DNS server at boot, install <filename>/etc/rc.d/init.d/bind</filename>
+<para>To start the DNS server at boot, install the <filename>/etc/rc.d/init.d/bind</filename>
 init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>

server/other/cvsserver/cvsserver-exp.xml

-              r23d784b
+              r65df9fca
 <title>Command explanations</title>
 <para><command>mkdir /cvsroot</command>: Create the <acronym>CVS</acronym>
+<para><command>mkdir /home/cvsroot</command>: Create the <acronym>CVS</acronym>
 repository directory.</para>
 <para><command>chmod 1777 /cvsroot</command>: Sticky bit permissions for
+<para><command>chmod 1777 /home/cvsroot</command>: Set sticky bit permissions for
 <envar>CVSROOT</envar>.</para>
 <para><command>export CVSROOT=/cvsroot</command>: Specify new <envar>CVSROOT
+<para><command>export CVSROOT=/home/cvsroot</command>: Specify new <envar>CVSROOT
 </envar> for all <command>cvs</command> commands.</para>
 …
 releasetag</command>: All source code modules must be imported
 into the <acronym>CVS</acronym> repository before use, with the
 <command>cvs import</command> command.  the <userinput>-m</userinput>
+<command>cvs import</command> command.  The <userinput>-m</userinput>
 flags specifies an initial descriptive entry for the new module.
 the "cvstest" parameter is the name used for the module in all
 subsequent <command>cvs</command> commands.  the "vendortag" and "releasetag"
+The "cvstest" parameter is the name used for the module in all
+subsequent <command>cvs</command> commands.  The "vendortag" and "releasetag"
 parameters are used to further identify each <acronym>CVS</acronym> module and
 are mandatory whether used or not.</para>
 …
 create one if not found.</para>
 <para><command>echo anonymous: &gt; /cvsroot/CVSROOT/passwd
+<para><command>echo anonymous: &gt; /home/cvsroot/CVSROOT/passwd
 </command>: Add the anonymous user to the <acronym>CVS</acronym> passwd file,
 which is unused for anything else in this configuration.</para>
 <para><command>echo anonymous &gt; /cvsroot/CVSROOT/readers</command>: Add the
+<para><command>echo anonymous &gt; /home/cvsroot/CVSROOT/readers</command>: Add the
 anonymous user to the <acronym>CVS</acronym> readers file, a list of
 users who have read only access to the repository.</para>

server/other/cvsserver/cvsserver-inst.xml

-              r23d784b
+              r65df9fca
 <title>Setting up a <acronym>CVS</acronym> server.</title>
 <para>We will discuss setting up a <acronym>CVS</acronym> server using OpenSSH
+<para>A <acronym>CVS</acronym> server will be set up using OpenSSH
 as the remote access method.  Other access methods, including :pserver: and
 :server: will not be used for write access to the <acronym>CVS</acronym>
 …
 :pserver: can be found at the end of this section.</para>
 <para>Configuration of our <acronym>CVS</acronym> server consists of four
+<para>Configuration of the <acronym>CVS</acronym> server consists of four
 steps:</para>
 <sect3><title>1. Create a repository.</title>
 <para>Create a new <acronym>CVS</acronym> repository with the following
 commands, logged in as root:</para>
 <screen><userinput><command>mkdir /cvsroot &amp;&amp;
 chmod 1777 /cvsroot &amp;&amp;
 export CVSROOT=/cvsroot &amp;&amp;
+commands:</para>
+<screen><userinput><command>mkdir /home/cvsroot &amp;&amp;
+chmod 1777 /home/cvsroot &amp;&amp;
+export CVSROOT=/home//cvsroot &amp;&amp;
 cvs init</command></userinput></screen></sect3>
 …
 <acronym>CVS</acronym> repository:</para>
 <screen><userinput><command>export CVSROOT=/cvsroot &amp;&amp;
 cd sourcedir &amp;&amp;
 cvs import -m "repository test" cvstest vendortag releasetag</command></userinput></screen></sect3>
+<screen><userinput><command>export CVSROOT=/home/cvsroot &amp;&amp;
+cd <replaceable>[sourcedir]</replaceable> &amp;&amp;
+cvs import -m <replaceable>["repository test"] [cvstest] [vendortag] [releasetag]</replaceable></command></userinput></screen></sect3>
 <sect3><title>3. Verify local repository access.</title>
 …
 <screen><userinput><command>(grep anonymous /etc/passwd || useradd anonymous -s /bin/false) &amp;&amp;
 echo anonymous: &gt; /cvsroot/CVSROOT/passwd &amp;&amp;
 echo anonymous &gt; /cvsroot/CVSROOT/readers</command></userinput></screen>
+echo anonymous: &gt; /home/cvsroot/CVSROOT/passwd &amp;&amp;
+echo anonymous &gt; /home/cvsroot/CVSROOT/readers</command></userinput></screen>
 <para>If you use <command>inetd</command>, the following command will add the
 …
 <screen><userinput><command>echo "2401  stream  tcp  nowait  root  /usr/bin/cvs cvs -f \
         --allow-root=/cvsroot pserver" &gt;&gt; /etc/inetd.conf</command></userinput></screen>
+        --allow-root=/home/cvsroot pserver" &gt;&gt; /etc/inetd.conf</command></userinput></screen>
 <para>Issue a <command>killall -HUP inetd</command> to reread the changed
 …
           passenv     = PATH
           server      = /usr/bin/cvs
          server_args = -f --allow-root=/cvsroot pserver
+         server_args = -f --allow-root=/home/cvsroot pserver
+     }
 <command>EOF</command></userinput></screen>
 …
 on another machine that can reach the <acronym>CVS</acronym> server via
 network.  No account on the <acronym>CVS</acronym> repository is needed.  To
 test anonymous access to the <acronym>CVS</acronym> repository log in to
+test anonymous access to the <acronym>CVS</acronym> repository, log in to
 another machine as an unprivileged user and execute the following command:
 </para>
 <screen><userinput><command>cvs -d:pserver:anonymous@<replaceable>[servername]</replaceable>:/cvsroot co cvstest</command></userinput></screen>
+<screen><userinput><command>cvs -d:pserver:anonymous@<replaceable>[servername]</replaceable>:/home/cvsroot co cvstest</command></userinput></screen>
 <note><para>Replace <replaceable>[servername]</replaceable> with the <acronym>IP</acronym> address or
 hostname of the <acronym>CVS</acronym> server</para></note>

server/other/dhcp/dhcp-config.xml

-              r23d784b
+              r65df9fca
 <para>Information on configuring the <acronym>DHCP</acronym> client can be
 found in Chapter 14.</para>
+found in <xref linkend="connect-dhcp"/>.</para>
 <para>Note that you only need the <acronym>DHCP</acronym> server if
 …
 interface, which may need to be modified for your hardware configuration.</para>
 <para>Install <filename>/etc/rc.d/init.d/dhcp</filename>
+<para>Install the <filename>/etc/rc.d/init.d/dhcp</filename>
 init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
 …
 <screen><userinput><command>touch /var/state/dhcp/dhcpd.leases</command></userinput></screen>
 <para>The follow commands will create a base configuration file for a
+<para>The following commands will create a base configuration file for a
 <acronym>DHCP</acronym> server.  There are several options that you may want to
 add (information that is passed back to the <acronym>DHCP</acronym> client) and
 …
 ddns-update-style ad-hoc;
 subnet 192.168.5.0 netmask 255.255.255.0 {
   range 192.168.5.10 192.168.5.240;
   option broadcast-address 195.168.5.255;
   option routers 192.168.5.1;
+subnet <replaceable>[192.168.5.0]</replaceable> netmask <replaceable>[255.255.255.0]</replaceable> {
+  range <replaceable>[192.168.5.10] [192.168.5.240]</replaceable>;
+  option broadcast-address <replaceable>[195.168.5.255]</replaceable>;
+  option routers <replaceable>[192.168.5.1]</replaceable>;
+}
 <command>EOF</command></userinput></screen>

server/other/dhcp/dhcp-desc.xml

-              r23d784b
+              r65df9fca
 <para>The <application><acronym>DHCP</acronym></application> package contains
+<command>dhclient</command>, <command>dhcpd</command> and <command>dhcrelay
+</command>.</para>
+<command>dhclient</command>, <command>dhcpd</command> and <command>dhcrelay</command>.</para>
 </sect2>

server/other/leafnode/leafnode-config.xml

-              r23d784b
+              r65df9fca
 <sect3><title>Config files</title>
 <para><filename>/etc/leafnode/config</filename>,
 <filename>/etc/inetd.conf</filename> and
+<para><filename>/etc/news/config</filename>,
+<filename>/etc/inetd.conf</filename> or
 <filename>/etc/xinetd.conf</filename></para>
 …
 <screen><userinput><command>echo "nntp stream tcp nowait news /usr/sbin/tcpd /usr/sbin/leafnode" \
 &gt;&gt; /etc/inetd.conf</command></userinput></screen>
+<para>Issue a <command>killall -HUP inetd</command> to reread the
+changed <filename>inetd.conf</filename> file.</para>
 <para>Alternatively, <application>Leafnode</application> may be configured to
 …
 <command>EOF</command></userinput></screen>
+<para>Issue a <command>killall -HUP xinetd</command> to reread the
+changed <filename>xinetd.conf</filename> file.</para>
 <para>The <filename>/etc/news/config</filename> file must be
 edited to reflect the name of the upstream <acronym>NNTP</acronym>
 …
 <para>The <envar>NNTPSERVER</envar> environment variable must be set to
 .0.0.1 to prevent news clients from reading news from the upstream feed,
 add the following to <filename>/etc/profile</filename> or
+so add the following to <filename>/etc/profile</filename> or
 <filename>$HOME/.bash_profile</filename>:</para>

server/other/leafnode/leafnode-intro.xml

r23d784b	r65df9fca
16	16	<sect3><title><application>Leafnode</application> dependencies</title>
17	17	<sect4><title>Required</title>
18		<para><xref linkend="pcre"/>
	18	<para><xref linkend="pcre"/> and <xref linkend="tcpwrappers"/>
19	19	</para></sect4>
20	20	</sect3>

server/other/openssh/openssh-config.xml

r23d784b	r65df9fca
15	15	<sect3><title>sshd init.d script</title>
16	16
17		<para>To start the SSH Server at boot, install <filename>/etc/rc.d/init.d/sshd</filename>
	17	<para>To start the SSH Server at boot, install the <filename>/etc/rc.d/init.d/sshd</filename>
18	18	init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
19	19

server/other/openssh/openssh-desc.xml

-              r23d784b
+              r65df9fca
 <sect3><title>sshd</title>
 <para>The daemon that permits you to login.</para></sect3>
+<para>The daemon that listens for ssh login requests.</para></sect3>
 <sect3><title>ssh-agent</title>
 …
 <sect3><title>sftp</title>
 <para><acronym>FTP</acronym>-like program that works over
 <acronym>SSH</acronym>1 and <acronym>SSH</acronym>2 protocol.</para></sect3>
+<acronym>SSH</acronym>1 and <acronym>SSH</acronym>2 protocols.</para></sect3>
 <sect3><title>scp</title>

server/other/openssh/openssh-exp.xml

r23d784b	r65df9fca
13	13
14	14	<para><parameter>--libexecdir=/usr/sbin</parameter>:
15		<application>Open<acronym>SSH</acronym></application> ~~put~~s
	15	<application>Open<acronym>SSH</acronym></application> installs
16	16	programs called by programs in <filename class="directory">/usr/libexec</filename>.
17	17	<command>sftp-server</command> is a <command>sshd</command>

server/other/openssh/openssh-inst.xml

r23d784b	r65df9fca
18	18	linked <application>OpenSSL</application> libraries. If you recompile
19	19	<application>OpenSSL</application>, <application>OpenSSH</application> may
20		fail to startup. An alternative is to link against static <application>OpenSSL</application>
	20	fail to startup. An alternative is to link against the static <application>OpenSSL</application>
21	21	library. To link against the static library, execute the following command:</para>
22	22

server/other/openssh/openssh-intro.xml

-              r23d784b
+              r65df9fca
 <para>The <application>Open<acronym>SSH</acronym></application> package
 contains <command>ssh</command> clients and the <command>sshd</command> daemon.
 This is useful for encrypting all traffic over a network.</para>
+This is useful for encrypting authentication and subsequent traffic over a network.</para>
 <sect3><title>Package information</title>
 …
 <xref linkend="tcpwrappers"/>,
 X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>),
 <ulink url="http://web.mit.edu/kerberos/www/">MIT Kerberos</ulink> and
+<xref linkend="mitkrb"/> or <xref linkend="heimdal"/> and
 <ulink url="http://www.opensc.org/">OpenSC</ulink>
 </para></sect4>

server/other/rsync.xml

r23d784b	r65df9fca
5	5	&rsync-intro;
6	6	&rsync-inst;
7		~~&rsync-exp;~~
8	7	&rsync-config;
9	8	&rsync-desc;

server/other/rsync/rsync-config.xml

r23d784b	r65df9fca
36	36	script to be used.</para>
37	37
38		<para>Install <filename>/etc/rc.d/init.d/rsyncd</filename>
	38	<para>Install the <filename>/etc/rc.d/init.d/rsyncd</filename>
39	39	init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
40	40

server/other/rsync/rsync-desc.xml

r23d784b	r65df9fca
13	13	uses the "rsync algorithm" which provides a very fast method of syncing remote
14	14	files. It does this by sending just the differences in the files across the
15		link, without requiring that both sets of files are present at one ~~of the ends~~
	15	link, without requiring that both sets of files are present at one end
16	16	of the link beforehand.</para></sect3>
17	17

server/other/rsync/rsync-inst.xml

-              r23d784b
+              r65df9fca
 <title>Installation of <application>rsync</application></title>
+<para>For security reasons, running <application>rsync</application> server as
+an unprivileged user and group is encouraged.</para>
+<para>For security reasons, running the <application>rsync</application> server as
+an unprivileged user and group is encouraged.  Create the rsyncd user
+and group with the following commands:</para>
 <screen><userinput><command>groupadd rsyncd &amp;&amp;

server/other/samba3/samba3-config.xml

-              r23d784b
+              r65df9fca
 <screen><userinput><command>echo "swat stream tcp nowait.400 root /usr/sbin/swat swat" \
     &gt;&gt; /etc/inetd.conf</command></userinput></screen>
+<para>Issue a <command>killall -HUP inetd</command> to reread the
+changed <filename>inetd.conf</filename> file.</para>
 <para>If <command>xinetd</command> is used, the following command will
 …
+}
 <command>EOF</command></userinput></screen>
+<para>Issue a <command>killall -HUP xinetd</command> to reread the
+changed <filename>xinetd.conf</filename> file.</para>
 <para><acronym>SWAT</acronym> can be launched by pointing your web

server/other/samba3/samba3-exp.xml

-              r23d784b
+              r65df9fca
 needed for proper operation of the <command>smbd</command> and
 <command>nmbd</command> daemons.</para>
-<para><parameter>--prefix=/usr</parameter>: Sets the prefix for almost
-all the file paths to <filename class="directory">/usr</filename>.</para>
 <para><parameter>--sysconfdir=/etc</parameter>: Sets the configuration
 …
 <para><command>install -m755 nsswitch/libnss_win{s,bind}.so /lib</command>:
 The nss libs are not installed by default.  If you intend to use
+The nss libraries are not installed by default.  If you intend to use
 winbindd for domain auth, and/or <acronym>WINS</acronym> name resolution,
 you need these libraries.</para>
 …
 <para><command>ln -sf libnss_winbind.so /lib/libnss_winbind.so.2</command>
 and <command>ln -sf libnss_wins.so /lib/libnss_wins.so.2</command>:
 These symlinks are required by glibc to use the nss libs.</para>
+These symlinks are required by glibc to use the nss libraries.</para>
 <para><command>cp ../examples/smb.conf.default /etc/samba</command>:

server/other/xinetd/xinetd-config.xml

-              r23d784b
+              r65df9fca
 <sect3><title>Configuration Information</title>
 <para>Ensure the path to all daemons are in <filename
+<para>Ensure the path to all daemons is <filename
 class="directory">/usr/sbin</filename>, rather than the default path of
+<filename class="directory">/usr/etc</filename>:</para>
+<filename class="directory">/usr/etc</filename> by running the following
+command:</para>
 <screen><userinput><command>sed -e 's/etc/sbin/g' xinetd/sample.conf &gt; /etc/xinetd.conf</command>
 …
 found at <ulink url="http://www.xinetd.org"/>.</para>
 <para>Install <filename>/etc/rc.d/init.d/xinetd</filename>
+<para>Install the <filename>/etc/rc.d/init.d/xinetd</filename>
 init script included in the <xref linkend="intro-important-bootscripts"/> package.</para>
 …
 executable [line=42]</userinput></screen>
 <para>These errors are due to the fact that we don't have most of the
 servers that <command>xinetd</command> is trying to control installed yet.</para>
+<para>These errors are because most of the
+servers <command>xinetd</command> is trying to control are not installed yet.</para>
 </sect3>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 65df9fca for server/other

Legend:

Download in other formats: