Context Navigation

← Previous Changeset
Next Changeset →

Changeset 81a73ed8

Timestamp:

03/25/2020 03:07:11 PM (4 years ago)

Author:

Pierre Labastie <pieere@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, lazarus, lxqt, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

Parents:

Message:

Format postlfs config

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@22886 af4574ff-66df-0310-9fd7-8a98e5e911e0

Location:

Files:

: 10 edited

bootdisk.xml (modified) (4 diffs)
config.xml (modified) (1 diff)
devices.xml (modified) (7 diffs)
firmware.xml (modified) (15 diffs)
logon.xml (modified) (1 diff)
profile.xml (modified) (18 diffs)
random.xml (modified) (1 diff)
skel.xml (modified) (1 diff)
users.xml (modified) (2 diffs)
vimrc.xml (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

postlfs/config/bootdisk.xml

-              rfa3edfef
+              r81a73ed8
     <title>Decent Rescue Boot Device Needs</title>
+    <para>This section is really about creating a <emphasis>rescue</emphasis>
+    device.  As the name <emphasis>rescue</emphasis> implies, the host
+    system has a problem, often lost partition information or corrupted file
+    systems, that prevents it from booting and/or operating normally.  For
+    this reason, you <emphasis>must not</emphasis> depend on resources from
+    the host being "rescued".  To presume that any given partition or hard
+    drive <emphasis>will</emphasis> be available is a risky presumption.</para>
+    <para>
+      This section is really about creating a <emphasis>rescue</emphasis>
+      device.  As the name <emphasis>rescue</emphasis> implies, the host
+      system has a problem, often lost partition information or corrupted file
+      systems, that prevents it from booting and/or operating normally.  For
+      this reason, you <emphasis>must not</emphasis> depend on resources from
+      the host being "rescued".  To presume that any given partition or hard
+      drive <emphasis>will</emphasis> be available is a risky presumption.
+    </para>
+    <para>In a modern system, there are many devices that can be
+    used as a rescue device: floppy, cdrom, usb drive, or even a network card.
+    Which one you use depends on your hardware and your BIOS.  In the past,
+    a rescue device was thought to be a floppy disk.  Today, many
+    systems do not even have a floppy drive.</para>
+    <para>
+      In a modern system, there are many devices that can be used as a
+      rescue device: floppy, cdrom, usb drive, or even a network card.
+      Which one you use depends on your hardware and your BIOS.  In the past,
+      a rescue device was thought to be a floppy disk.  Today, many
+      systems do not even have a floppy drive.
+    </para>
+    <para>Building a complete rescue device is a challenging task.  In many
+    ways, it is equivalent to building an entire LFS system.
+    In addition, it would be a repetition of information already available.
+    For these reasons, the procedures for a rescue device image are not
+    presented here.</para>
+    <para>
+      Building a complete rescue device is a challenging task.  In many
+      ways, it is equivalent to building an entire LFS system.
+      In addition, it would be a repetition of information already available.
+      For these reasons, the procedures for a rescue device image are not
+      presented here.
+    </para>
   </sect2>
 …
     <title>Creating a Rescue Floppy</title>
+    <para>The software of today's systems has grown large.  Linux 2.6 no longer
+    supports booting directly from a floppy.  In spite of this, there are solutions
+    available using older versions of Linux.  One of the best is Tom's Root/Boot
+    Disk available at <ulink url='http://www.toms.net/rb/'/>.  This will provide a
+    minimal Linux system on a single floppy disk and provides the ability to
+    customize the contents of your disk if necessary.</para>
+    <para>
+      The software of today's systems has grown large.  Linux 2.6 no longer
+      supports booting directly from a floppy.  In spite of this, there are
+      solutions available using older versions of Linux.  One of the best is
+      Tom's Root/Boot Disk available at <ulink
+      url='http://www.toms.net/rb/'/>.  This will provide a minimal Linux
+      system on a single floppy disk and provides the ability to customize
+      the contents of your disk if necessary.
+    </para>
   </sect2>
 …
     <title>Creating a Bootable CD-ROM</title>
+    <para>There are several sources that can be used for a rescue CD-ROM.
+    Just about any commercial distribution's installation CD-ROMs or
+    DVDs will work.  These include RedHat, Ubuntu, and SuSE.  One
+    very popular option is Knoppix.</para>
+    <para>
+      There are several sources that can be used for a rescue CD-ROM.
+      Just about any commercial distribution's installation CD-ROMs or
+      DVDs will work.  These include RedHat, Ubuntu, and SuSE.  One
+      very popular option is Knoppix.
+    </para>
+    <para>Also, the LFS Community has developed its own LiveCD available at
+    <ulink url='http://www.&lfs-domainname;/livecd/'/>.  This LiveCD, is no
+    longer capable of building an entire LFS/BLFS system, but is still a
+    good rescue CD-ROM.  If you download the
+    ISO image, use <xref linkend="xorriso"/> to copy the image to a
+    CD-ROM.</para>
+    <para>
+      Also, the LFS Community has developed its own LiveCD available at
+      <ulink url='http://www.&lfs-domainname;/livecd/'/>.  This LiveCD, is no
+      longer capable of building an entire LFS/BLFS system, but is still a
+      good rescue CD-ROM.  If you download the
+      ISO image, use <xref linkend="xorriso"/> to copy the image to a
+      CD-ROM.
+    </para>
+    <para>The instructions for using GRUB2 to make a custom rescue CD-ROM are
+    also available in <ulink
+    url='http://www.&lfs-domainname;/lfs/view/stable/chapter08/grub.html'>LFS
+    Chapter 8</ulink>.</para>
+    <para>
+      The instructions for using GRUB2 to make a custom rescue CD-ROM are
+      also available in <ulink
+      url='http://www.&lfs-domainname;/lfs/view/stable/chapter08/grub.html'>LFS
+      Chapter 8</ulink>.
+    </para>
   </sect2>
 …
     <title>Creating a Bootable USB Drive</title>
+    <para>A USB Pen drive, sometimes called a Thumb drive, is recognized by Linux as
+    a SCSI device.  Using one of these devices as a rescue device has the advantage
+    that it is usually large enough to hold more than a minimal boot image.  You
+    can save critical data to the drive as well as use it to diagnose and recover
+    a damaged system.  Booting such a drive requires BIOS support, but building the
+    system consists of formatting the drive, adding <application>GRUB</application>
+    as well as the Linux kernel and supporting files.</para>
+    <para>
+      A USB Pen drive, sometimes called a Thumb drive, is recognized by Linux
+      as a SCSI device.  Using one of these devices as a rescue device has
+      the advantage that it is usually large enough to hold more than a
+      minimal boot image.  You can save critical data to the drive as well
+      as use it to diagnose and recover a damaged system.  Booting such a
+      drive requires BIOS support, but building the system consists of
+      formatting the drive, adding <application>GRUB</application> as well
+      as the Linux kernel and supporting files.
+    </para>
     <para condition="html" role="usernotes">User Notes:
+    <ulink url='&blfs-wiki;/CreatingaCustomBootDevice'/></para>
+    <ulink url='&blfs-wiki;/CreatingaCustomBootDevice'/>
+    </para>
   </sect2>

postlfs/config/config.xml

-              rfa3edfef
+              r81a73ed8
   <title>After LFS Configuration Issues</title>
+  <para>The intention of LFS is to provide a basic system which you can
+  build upon.  There are several things about tidying up the system which
+  many people wonder about once they have done the base install.
+  We hope to cover these issues in this chapter.</para>
+  <para>
+    The intention of LFS is to provide a basic system which you can
+    build upon.  There are several things about tidying up the system which
+    many people wonder about once they have done the base install.
+    We hope to cover these issues in this chapter.
+  </para>
+  <para>Most people coming from non-Unix like backgrounds to Linux find the
+  concept of text-only configuration files slightly strange.  In Linux, just
+  about all configuration is done via the manipulation of text files. The
+  majority of these files can be found in the
+  <filename class='directory'>/etc</filename> hierarchy. There are often
+  graphical configuration programs available for different subsystems but most
+  are simply pretty front ends to the process of editing a text file. The
+  advantage of text-only configuration is that you can edit parameters using
+  your favorite text editor, whether that be <command>vim</command>,
+  <command>emacs</command>, or any other editor.</para>
+  <para>
+    Most people coming from non-Unix like backgrounds to Linux find the
+    concept of text-only configuration files slightly strange.  In Linux, just
+    about all configuration is done via the manipulation of text files. The
+    majority of these files can be found in the <filename
+    class='directory'>/etc</filename> hierarchy. There are often graphical
+    configuration programs available for different subsystems but most
+    are simply pretty front ends to the process of editing a text file. The
+    advantage of text-only configuration is that you can edit parameters using
+    your favorite text editor, whether that be <command>vim</command>,
+    <command>emacs</command>, or any other editor.
+  </para>
+  <para>The first task is making a recovery boot device in
+  <xref linkend="postlfs-config-bootdisk"/> because it's the most critical need.
+  Hardware issues relevant to firmware and other devices is addressed next.
+  The system is then configured to ease addition of new users, because this
+  can affect the choices you make in the two subsequent
+  topics&mdash;<xref linkend="postlfs-config-profile"/> and
+  <xref linkend="postlfs-config-vimrc"/>.</para>
+  <para>
+    The first task is making a recovery boot device in <xref
+    linkend="postlfs-config-bootdisk"/> because it's the most critical need.
+    Hardware issues relevant to firmware and other devices is addressed next.
+    The system is then configured to ease addition of new users, because this
+    can affect the choices you make in the two subsequent
+    topics&mdash;<xref linkend="postlfs-config-profile"/> and
+    <xref linkend="postlfs-config-vimrc"/>.
+  </para>
+  <para> The remaining topics, <xref linkend="postlfs-config-logon"/>,
+  <phrase revision="sysv"><xref linkend="postlfs-config-random"/>,</phrase>
+  and <xref linkend="autofs"/> are then addressed, in that order. They
+  don't have much interaction with the other topics in this chapter.</para>
+  <para revision="sysv">
+    The remaining topics, <xref linkend="postlfs-config-logon"/> and
+    <xref linkend="postlfs-config-random"/> are then addressed, in that order.
+    They don't have much interaction with the other topics in this chapter.
+  </para>
+  <para revision="systemd">
+    There is one remaining topic: <xref linkend="postlfs-config-logon"/>.
+    It doesn't have much interaction with the other topics in this chapter.
+  </para>
+<!-- autofs has been moved to sysutils -->
   <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="bootdisk.xml"/>

postlfs/config/devices.xml

-              rfa3edfef
+              r81a73ed8
   </indexterm>
+  <para>Although most devices needed by packages in BLFS and beyond are set up
+  properly by <application>udev</application> using the default rules installed
+  by LFS in <filename class="directory">/etc/udev/rules.d</filename>, there are
+  cases where the rules must be modified or augmented.</para>
+  <para>
+    Although most devices needed by packages in BLFS and beyond are set up
+    properly by <application>udev</application> using the default rules
+    installed by LFS in <filename
+    class="directory">/etc/udev/rules.d</filename>, there are cases where
+    the rules must be modified or augmented.
+  </para>
   <para condition="html" role="usernotes">User Notes:
 …
     <title>Multiple Sound Cards</title>
+    <para>If there are multiple sound cards in a system, the "default"
+    sound card becomes random.  The method to establish sound card order
+    depends on whether the drivers are modules or not.  If the sound card
+    drivers are compiled into the kernel, control is via kernel command line
+    parameters in <filename>/boot/grub/grub.cfg</filename>.  For example,
+    if a system has both an FM801 card and a SoundBlaster PCI card, the
+    following can be appended to the command line:</para>
+    <para>
+      If there are multiple sound cards in a system, the "default"
+      sound card becomes random.  The method to establish sound card order
+      depends on whether the drivers are modules or not.  If the sound card
+      drivers are compiled into the kernel, control is via kernel command line
+      parameters in <filename>/boot/grub/grub.cfg</filename>.  For example,
+      if a system has both an FM801 card and a SoundBlaster PCI card, the
+      following can be appended to the command line:
+    </para>
 <screen><literal>snd-fm801.index=0 snd-ens1371.index=1</literal></screen>
+    <para>If the sound card drivers are built as modules, the order can be
+    established in the <filename>/etc/modprobe.conf</filename> file
+    with:</para>
+    <para>
+      If the sound card drivers are built as modules, the order can be
+      established in the <filename>/etc/modprobe.conf</filename> file with:
+    </para>
 <screen><literal>options snd-fm801 index=0
 …
     <title>USB Device Issues</title>
+    <para>USB devices usually have two kinds of device nodes associated with
+    them.</para>
+    <para>The first kind is created by device-specific drivers (e.g.,
+    usb_storage/sd_mod or usblp) in the kernel. For example, a USB mass storage
+    device would be /dev/sdb, and a USB printer would be /dev/usb/lp0. These
+    device nodes exist only when the device-specific driver is loaded.</para>
+    <para>The second kind of device nodes (/dev/bus/usb/BBB/DDD, where BBB is
+    the bus number and DDD is the device number) are created even if the device
+    doesn't have a kernel driver. By using these "raw" USB device nodes, an
+    application can exchange arbitrary USB packets with the device, i.e.,
+    bypass the possibly-existing kernel driver.</para>
+    <para>Access to raw USB device nodes is needed when a userspace program is
+    acting as a device driver. However, for the program to open the device
+    successfully, the permissions have to be set correctly. By default, due to
+    security concerns, all raw USB devices are owned by user root and group
+    usb, and have 0664 permissions (the read access is needed, e.g., for lsusb
+    to work and for programs to access USB hubs). Packages (such as SANE and
+    libgphoto2) containing userspace USB device drivers also ship udev rules
+    that change the permissions of the controlled raw USB devices. That is, rules
+    installed by SANE change permissions for known scanners, but not printers.
+    If a package maintainer forgot to write a rule for your device,
+    report a bug to both BLFS (if the package is there) and upstream, and
+    you will need to write your own rule.</para>
+    <para>There is one situation when such fine-grained access control with
+    pre-generated udev rules doesn't work. Namely, PC emulators such as KVM,
+    QEMU and VirtualBox use raw USB device nodes to present arbitrary USB
+    devices to the guest operating system (note: patches are needed in order to
+    get this to work without the obsolete /proc/bus/usb mount point described
+    below). Obviously, maintainers of these packages cannot know which USB
+    devices are going to be connected to the guest operating system. You can
+    either write separate udev rules for all needed USB devices yourself, or
+    use the default catch-all "usb" group, members of which can send
+    arbitrary commands to all USB devices. </para>
+    <para>Before Linux-2.6.15, raw USB device access was performed not with
+    /dev/bus/usb/BBB/DDD device nodes, but with /proc/bus/usb/BBB/DDD
+    pseudofiles. Some applications (e.g., VMware Workstation) still use only
+    this deprecated technique and can't use the new device nodes. For them to
+    work, use the "usb" group, but remember that members will have unrestricted
+    access to all USB devices.  To create the fstab entry for the obsolete
+    usbfs filesystem:</para>
+    <para>
+      USB devices usually have two kinds of device nodes associated with them.
+    </para>
+    <para>
+      The first kind is created by device-specific drivers (e.g.,
+      usb_storage/sd_mod or usblp) in the kernel. For example, a USB mass
+      storage device would be /dev/sdb, and a USB printer would be
+      /dev/usb/lp0. These device nodes exist only when the device-specific
+      driver is loaded.
+    </para>
+    <para>
+      The second kind of device nodes (/dev/bus/usb/BBB/DDD, where BBB is
+      the bus number and DDD is the device number) are created even if the
+      device doesn't have a kernel driver. By using these "raw" USB device
+      nodes, an application can exchange arbitrary USB packets with the
+      device, i.e., bypass the possibly-existing kernel driver.
+    </para>
+    <para>
+      Access to raw USB device nodes is needed when a userspace program is
+      acting as a device driver. However, for the program to open the device
+      successfully, the permissions have to be set correctly. By default, due
+      to security concerns, all raw USB devices are owned by user root and
+      group usb, and have 0664 permissions (the read access is needed, e.g.,
+      for lsusb to work and for programs to access USB hubs). Packages (such
+      as SANE and libgphoto2) containing userspace USB device drivers also
+      ship udev rules that change the permissions of the controlled raw USB
+      devices. That is, rules installed by SANE change permissions for known
+      scanners, but not printers.  If a package maintainer forgot to write
+      a rule for your device, report a bug to both BLFS (if the package is
+      there) and upstream, and you will need to write your own rule.
+    </para>
+    <para>
+      There is one situation when such fine-grained access control with
+      pre-generated udev rules doesn't work. Namely, PC emulators such as KVM,
+      QEMU and VirtualBox use raw USB device nodes to present arbitrary USB
+      devices to the guest operating system (note: patches are needed in order
+      to get this to work without the obsolete /proc/bus/usb mount point
+      described below). Obviously, maintainers of these packages cannot know
+      which USB devices are going to be connected to the guest operating
+      system. You can either write separate udev rules for all needed USB
+      devices yourself, or use the default catch-all "usb" group, members
+      of which can send arbitrary commands to all USB devices.
+    </para>
+    <para>
+      Before Linux-2.6.15, raw USB device access was performed not with
+      /dev/bus/usb/BBB/DDD device nodes, but with /proc/bus/usb/BBB/DDD
+      pseudofiles. Some applications (e.g., VMware Workstation) still use only
+      this deprecated technique and can't use the new device nodes. For them to
+      work, use the "usb" group, but remember that members will have
+      unrestricted access to all USB devices.  To create the fstab entry for
+      the obsolete usbfs filesystem:
+    </para>
 <screen><literal>usbfs  /proc/bus/usb  usbfs  devgid=14,devmode=0660  0  0</literal></screen>
+    <note><para>Adding users to the "usb" group is inherently insecure, as they
+    can bypass access restrictions imposed through the driver-specific USB
+    device nodes. For instance, they can read sensitive data from USB hard drives
+    without being in the "disk" group. Avoid adding users to this group, if
+    you can.</para></note>
+    <note>
+      <para>
+        Adding users to the "usb" group is inherently insecure, as they can
+        bypass access restrictions imposed through the driver-specific USB
+        device nodes. For instance, they can read sensitive data from USB
+        hard drives without being in the "disk" group. Avoid adding users
+        to this group, if you can.
+    </para>
+    </note>
   </sect2>
 …
     <title>Udev Device Attributes</title>
+    <para>Fine-tuning of device attributes such as group name and permissions
+    is possible by creating extra <application>udev</application> rules,
+    matching on something like this. The vendor and product can be found by
+    searching the <filename class='directory'>/sys/devices</filename> directory
+    entries or using <command>udevadm info</command> after the device has been
+    attached. See the documentation in the current
+    <application>udev</application> directory of
+    <filename class='directory'>/usr/share/doc</filename> for details.</para>
+    <para>
+      Fine-tuning of device attributes such as group name and permissions
+      is possible by creating extra <application>udev</application> rules,
+      matching on something like this. The vendor and product can be found by
+      searching the <filename class='directory'>/sys/devices</filename>
+      directory entries or using <command>udevadm info</command> after the
+      device has been attached. See the documentation in the current
+      <application>udev</application> directory of <filename
+      class='directory'>/usr/share/doc</filename> for details.
+    </para>
 <screen><literal>SUBSYSTEM=="usb_device", SYSFS{idVendor}=="05d8", SYSFS{idProduct}=="4002", \
   GROUP:="scanner", MODE:="0660"</literal></screen>
+    <note><para>The above line is used for descriptive purposes only. The
+    scanner <application>udev</application> rules are put into place when
+    installing <xref linkend='sane'/>.</para></note>
+    <note>
+      <para>
+        The above line is used for descriptive purposes only. The
+        scanner <application>udev</application> rules are put into place when
+        installing <xref linkend='sane'/>.
+      </para>
+    </note>
   </sect2>
 …
     <title>Devices for Servers</title>
+    <para>In some cases, it makes sense to disable
+    <application>udev</application> completely and create static devices.
+    Servers are one example of this situation.  Does a server need the
+    capability of handling dynamic devices?  Only the system administrator can
+    answer that question, but in many cases the answer will be no.</para>
+    <para>If dynamic devices are not desired, then static devices must be
+    created on the system.  In the default configuration, the
+    <filename>/etc/rc.d/rcS.d/S10udev</filename> boot script mounts a
+    <systemitem class="filesystem">tmpfs</systemitem> partition over the
+    <filename class="directory">/dev</filename> directory.  This problem can be
+    overcome by mounting the root partition temporarily:</para>
+    <warning><para>If the instructions below are not followed carefully, your
+    system could become unbootable.</para></warning>
+    <para>
+      In some cases, it makes sense to disable
+      <application>udev</application> completely and create static devices.
+      Servers are one example of this situation.  Does a server need the
+      capability of handling dynamic devices?  Only the system administrator
+      can answer that question, but in many cases the answer will be no.
+    </para>
+    <para>
+      If dynamic devices are not desired, then static devices must be
+      created on the system.  In the default configuration, the
+      <filename>/etc/rc.d/rcS.d/S10udev</filename> boot script mounts a
+      <systemitem class="filesystem">tmpfs</systemitem> partition over the
+      <filename class="directory">/dev</filename> directory. This problem can
+      be overcome by mounting the root partition temporarily:
+    </para>
+    <warning>
+      <para>
+        If the instructions below are not followed carefully, your
+        system could become unbootable.
+      </para>
+    </warning>
 …
 umount /mnt</userinput></screen>
+    <para>At this point, the system will use static devices upon the next
+    reboot.  Create any desired additional devices using
+    <command>mknod</command>.</para>
+    <para>If you want to restore the dynamic devices, recreate the
+    <filename>/etc/rc.d/rcS.d/{S10udev,S50udev_retry}</filename> symbolic
+    links and reboot again.  Static devices do not need to be removed (console
+    and null are always needed) because they are covered by the <systemitem
+    class="filesystem">tmpfs</systemitem> partition.  Disk usage for devices is
+    negligible (about 20&ndash;30 bytes per entry.)</para>
+    <para>
+      At this point, the system will use static devices upon the next
+      reboot.  Create any desired additional devices using
+      <command>mknod</command>.
+    </para>
+    <para>
+      If you want to restore the dynamic devices, recreate the
+      <filename>/etc/rc.d/rcS.d/{S10udev,S50udev_retry}</filename> symbolic
+      links and reboot again.  Static devices do not need to be removed
+      (console and null are always needed) because they are covered by the
+      <systemitem class="filesystem">tmpfs</systemitem> partition.  Disk
+      usage for devices is negligible (about 20&ndash;30 bytes per entry.)
+    </para>
   </sect2>
 …
     <title>Devices for DVD Drives</title>
+    <para>If the initial boot process does not set up the
+    <systemitem>/dev/dvd</systemitem> device properly, it can
+    be installed using the following modification to the default udev rules.
+    As the <systemitem class="username">root</systemitem> user, run:</para>
+    <para>
+      If the initial boot process does not set up the
+      <systemitem>/dev/dvd</systemitem> device properly, it can
+      be installed using the following modification to the default udev rules.
+      As the <systemitem class="username">root</systemitem> user, run:
+    </para>
 <screen><userinput>sed '1d;/SYMLINK.*cdrom/ a\

postlfs/config/firmware.xml

-              rfa3edfef
+              r81a73ed8
   </indexterm>
+  <para> On some recent PCs it can be necessary, or desirable, to load firmware
+  to make them work at their best. There is a directory, <filename
+  class="directory">/lib/firmware</filename>, where the kernel or kernel
+  drivers look for firmware images.</para>
+  <para>Preparing firmware for multiple different machines, as a distro would
+  do, is outside the scope of this book.</para>
+  <para>Currently, most firmware can be found at a <userinput>git</userinput>
+  repository: <ulink
+  url="http://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/tree/"/>.
+  For convenience, the LFS Project has created a mirror, updated daily, where
+  these firmware files can be accessed via <userinput>wget</userinput> or a web
+  browser at <ulink
+  url="&sources-anduin-http;/linux-firmware/"/>.</para>
+  <para>To get the firmware, either point a browser to one of the above
+  repositories and then download the item(s) which you need, or install
+  <userinput>git</userinput> and clone that repository.</para>
+  <para>For some other firmware, particularly for Intel microcode and certain
+  wifi devices, the needed firmware is not available in the above repository.
+  Some of this will be addressed below, but a search of the Internet for needed
+  firmware is sometimes necessary.</para>
+  <para>Firmware files are conventionally referred to as blobs because you cannot
+  determine what they will do. Note that firmware is distributed under various
+  different licenses which do not permit disassembly or reverse-engineering.</para>
+  <para>Firmware for PCs falls into four categories:</para>
+  <para>
+    On some recent PCs it can be necessary, or desirable, to load firmware
+    to make them work at their best. There is a directory, <filename
+    class="directory">/lib/firmware</filename>, where the kernel or kernel
+    drivers look for firmware images.
+  </para>
+  <para>
+    Preparing firmware for multiple different machines, as a distro would
+    do, is outside the scope of this book.
+  </para>
+  <para>
+    Currently, most firmware can be found at a <userinput>git</userinput>
+    repository: <ulink url=
+      "http://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/tree/"/>.
+    For convenience, the LFS Project has created a mirror, updated daily, where
+    these firmware files can be accessed via <userinput>wget</userinput> or a
+    web browser at <ulink url="&sources-anduin-http;/linux-firmware/"/>.
+  </para>
+  <para>
+    To get the firmware, either point a browser to one of the above
+    repositories and then download the item(s) which you need, or install
+    <xref linkend="git"/> and clone that repository.
+  </para>
+  <para>
+    For some other firmware, particularly for Intel microcode and certain
+    wifi devices, the needed firmware is not available in the above repository.
+    Some of this will be addressed below, but a search of the Internet for
+    needed firmware is sometimes necessary.
+  </para>
+  <para>
+    Firmware files are conventionally referred to as blobs because you cannot
+    determine what they will do. Note that firmware is distributed under
+    various different licenses which do not permit disassembly or
+    reverse-engineering.
+  </para>
+  <para>
+    Firmware for PCs falls into four categories:
+  </para>
   <itemizedlist spacing="compact">
     <listitem>
+      <para>Updates to the CPU to work around errata, usually referred to as
+       microcode.</para>
+      <para>
+        Updates to the CPU to work around errata, usually referred to as
+        microcode.
+      </para>
     </listitem>
     <listitem>
+      <para>Firmware for video controllers. On x86 machines this seems to mostly
+      apply to ATI devices (Radeon and AMDGPU chips) and Nvidia
+      Maxwell and Pascal cards which all require firmware to be able to use KMS
+      (kernel modesetting - the preferred option) as well as for Xorg. For
+      earlier radeon chips (before the R600), the firmware is still in the
+      kernel.</para>
+      <para>
+        Firmware for video controllers. On x86 machines this seems to mostly
+        apply to ATI devices (Radeon and AMDGPU chips) and Nvidia Maxwell
+        and Pascal cards which all require firmware to be able to use KMS
+        (kernel modesetting - the preferred option) as well as for Xorg. For
+        earlier radeon chips (before the R600), the firmware is still in the
+        kernel.
+      </para>
     </listitem>
     <listitem>
+      <para>Firmware updates for wired network ports. Mostly they work even
+      without the updates, but probably they will work better with
+      the updated firmware. For some modern laptops, firmware for both
+      wired ethernet (e.g. rtl_nic) and also for bluetooth devices (e.g. qca)
+      is <emphasis>required</emphasis> before the wired network can be used.
+      <para>
+        Firmware updates for wired network ports. Mostly they work even
+        without the updates, but probably they will work better with
+        the updated firmware. For some modern laptops, firmware for both
+        wired ethernet (e.g. rtl_nic) and also for bluetooth devices (e.g. qca)
+        is <emphasis>required</emphasis> before the wired network can be used.
       </para>
     </listitem>
     <listitem>
+      <para>Firmware for other devices, such as wifi. These devices are not
+      required for the PC to boot, but need the firmware before these devices
+      can be used.</para>
+      <para>
+        Firmware for other devices, such as wifi. These devices are not
+        required for the PC to boot, but need the firmware before these devices
+        can be used.
+      </para>
     </listitem>
   </itemizedlist>
+  <note><para>Although not needed to load a firmware blob, the following
+  tools may be useful for determining, obtaining, or preparing the needed
+  firmware in order to load it into the system:
+    <xref linkend="cpio"/>,
+    <xref linkend="git"/>,
+    <xref linkend="pciutils"/>, and
+    <xref linkend="wget"/></para></note>
+  <note>
+    <para>
+      Although not needed to load a firmware blob, the following
+      tools may be useful for determining, obtaining, or preparing the needed
+      firmware in order to load it into the system:
+      <xref linkend="cpio"/>,
+      <xref linkend="git"/>,
+      <xref linkend="pciutils"/>, and
+      <xref linkend="wget"/>
+    </para>
+  </note>
   <para condition="html" role="usernotes">User Notes:
 …
     <title>Microcode updates for CPUs</title>
+    <para>In general, microcode can be loaded by the BIOS or UEFI, and it might
+    be updated by upgrading to a newer version of those. On linux, you can also
+    load the microcode from the kernel if you are using an AMD family 10h or
+    later processor (first introduced late 2007), or an Intel processor from
+and later (Pentium4, Core, etc), if updated microcode has been
+    released. These updates only last until the machine is powered off, so they
+    need to be applied on every boot.</para>
+    <para>Intel provide updates of their microcode for SandyBridge and later
+    processors as new vulnerabilities come to light. New versions of AMD
+    firmware are rare and usually only apply to a few models, although
+    motherboard manufacturers get extra updates which maybe update microcode
+    along with the changes to support newer CPUs and faster memory.</para>
+    <para>There are two ways of loading the microcode, described as 'early'
+    and 'late'. Early loading happens before userspace has been started, late
+    loading happens after userspace has started. Not surprisingly, early loading
+    is preferred, (see e.g. an explanatory comment in a kernel commit noted at
+    <ulink url="https://lwn.net/Articles/530346/">x86/microcode: Early load
+    microcode </ulink> on LWN.)  Indeed, it is needed to work around one
+    particular erratum in early Intel Haswell processors which had TSX enabled.
+    (See <ulink
+    url="http://www.anandtech.com/show/8376/intel-disables-tsx-instructions-erratum-found-in-haswell-haswelleep-broadwellyi/">
+    Intel Disables TSX Instructions: Erratum Found in Haswell, Haswell-E/EP,
+    Broadwell-Y</ulink>.) Without this update glibc can do the wrong thing in
+    uncommon situations. </para>
+    <para>It is still possible to manually force late loading of microcode,
+    either for testing or to prevent having to reboot. You will need to
+    reconfigure your kernel for either method. The instructions here will
+    create a kernel <filename>.config</filename> to suite early loading, before
+    forcing late loading to see if there is any microcode. If there is, the
+    instructions then show you how to create an initrd for early loading.</para>
+    <para>To confirm what processor(s) you have (if more than one, they will be
+    identical) look in /proc/cpuinfo.</para>
+    <para>
+      In general, microcode can be loaded by the BIOS or UEFI, and it might be
+      updated by upgrading to a newer version of those. On linux, you can also
+      load the microcode from the kernel if you are using an AMD family 10h or
+      later processor (first introduced late 2007), or an Intel processor from
+and later (Pentium4, Core, etc), if updated microcode has been
+      released. These updates only last until the machine is powered off, so
+      they need to be applied on every boot.
+    </para>
+    <para>
+      Intel provide updates of their microcode for SandyBridge and later
+      processors as new vulnerabilities come to light. New versions of AMD
+      firmware are rare and usually only apply to a few models, although
+      motherboard manufacturers get extra updates which maybe update microcode
+      along with the changes to support newer CPUs and faster memory.
+    </para>
+    <para>
+      There are two ways of loading the microcode, described as 'early' and
+      'late'. Early loading happens before userspace has been started, late
+      loading happens after userspace has started. Not surprisingly, early
+      loading is preferred, (see e.g. an explanatory comment in a kernel
+      commit noted at <ulink url="https://lwn.net/Articles/530346/">
+        x86/microcode: Early load microcode</ulink> on LWN.)  Indeed, it
+      is needed to work around one particular erratum in early Intel Haswell
+      processors which had TSX enabled.  (See <ulink url=
+      "http://www.anandtech.com/show/8376/intel-disables-tsx-instructions-erratum-found-in-haswell-haswelleep-broadwellyi/">
+        Intel Disables TSX Instructions: Erratum Found in Haswell,
+        Haswell-E/EP, Broadwell-Y
+      </ulink>.) Without this update glibc can do the wrong thing in uncommon
+      situations.
+    </para>
+    <para>
+      It is still possible to manually force late loading of microcode, either
+      for testing or to prevent having to reboot. You will need to reconfigure
+      your kernel for either method. The instructions here will create a
+      kernel <filename>.config</filename> to suite early loading, before
+      forcing late loading to see if there is any microcode. If there is,
+      the instructions then show you how to create an initrd for early loading.
+    </para>
+    <para>
+      To confirm what processor(s) you have (if more than one, they will be
+      identical) look in /proc/cpuinfo.
+    </para>
     <sect3 id="intel-microcode">
       <title>Intel Microcode for the CPU</title>
+     <para>The first step is to get the most recent version of the Intel
+     microcode.  This must be done by navigating to <ulink
+     url='https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/'/>
+     and downloading the latest file there.  As of this writing the most recent
+     version of the microcode is microcode-20191115.
+     Extract this file in the normal way, the microcode is in the <filename>intel-ucode</filename>
+     directory, containing various blobs with names in the form XX-YY-ZZ.
+     There are also various other files, and a releasenote.</para>
+     <para>In the past, intel did not provide any details of which blobs had
+     changed versions, but now the release note details this.</para>
+     <para>The recent firmware for older processors is provided to deal with
+     vulnerabilities which have now been made public, and for some of these such
+     as Microarchitectural Data Sampling (MDS) you might wish to increase the
+     protection by disabling hyperthreading, or alternatively to disable the
+     kernel's default mitigation because of its impact on compile times. Please
+     read the online documentation at <ulink
+     url='https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/index.html'/>.
+     </para>
+     <para>To be able to use this latest microcode to provide mitigation on all
+     the affected processors, the kernel version needs to be at least 5.3.11 (or
+.19.84 if you are using the 4.19 long term support series).</para>
+     <para>Now you need to determine your processor's identity to see if there
+     is any microcode for it. Determine the decimal values of the cpu family,
+     model and stepping by running the following command (it will also report
+     the current microcode version):</para>
+      <para>
+        The first step is to get the most recent version of the Intel
+        microcode.  This must be done by navigating to <ulink url=
+         'https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/'/>
+        and downloading the latest file there.  As of this writing the most
+        recent version of the microcode is microcode-20191115.  Extract this
+        file in the normal way, the microcode is in the <filename>intel-ucode
+        </filename> directory, containing various blobs with names in the form
+        XX-YY-ZZ. There are also various other files, and a releasenote.
+      </para>
+      <para>
+        In the past, intel did not provide any details of which blobs had
+        changed versions, but now the release note details this.
+      </para>
+      <para>
+        The recent firmware for older processors is provided to deal with
+        vulnerabilities which have now been made public, and for some of these
+        such as Microarchitectural Data Sampling (MDS) you might wish to
+        increase the protection by disabling hyperthreading, or alternatively
+        to disable the kernel's default mitigation because of its impact on
+        compile times. Please read the online documentation at <ulink url=
+        'https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/index.html'/>.
+      </para>
+      <para>
+        To be able to use this latest microcode to provide mitigation on all
+        the affected processors, the kernel version needs to be at least 5.3.11
+        (or 4.19.84 if you are using the 4.19 long term support series).
+      </para>
+      <para>
+        Now you need to determine your processor's identity to see if there
+        is any microcode for it. Determine the decimal values of the cpu family,
+        model and stepping by running the following command (it will also report
+        the current microcode version):
+      </para>
 <screen><userinput>head -n7 /proc/cpuinfo</userinput></screen>
+      <para>Convert the cpu family, model and stepping to pairs of hexadecimal
+      digits. For a Skylake i3 6100 (described as Intel(R) Core(TM) i3-6100
+      CPU) the relevant values are cpu family 6, model 94, stepping 3 so in
+      this case the required identification is 06-5e-03. A look at the blobs
+      will show that there is one for this CPU (although for older issues it
+      might have already been applied by the BIOS). If there is a blob for your
+      system then test if it will be applied by copying it (replace &lt;XX-YY-ZZ&gt;
+      by the identifier for your machine) to where the kernel can find it:</para>
+      <para>
+        Convert the cpu family, model and stepping to pairs of hexadecimal
+        digits. For a Skylake i3 6100 (described as Intel(R) Core(TM) i3-6100
+        CPU) the relevant values are cpu family 6, model 94, stepping 3 so in
+        this case the required identification is 06-5e-03. A look at the blobs
+        will show that there is one for this CPU (although for older issues it
+        might have already been applied by the BIOS). If there is a blob for
+        your system then test if it will be applied by copying it (replace
+        &lt;XX-YY-ZZ&gt; by the identifier for your CPU) to where the
+        kernel can find it:
+      </para>
 <screen><userinput>mkdir -pv /lib/firmware/intel-ucode
 cp -v intel-ucode/&lt;XX-YY-ZZ&gt; /lib/firmware/intel-ucode</userinput></screen>
+      <para>Now that the Intel microcode has been prepared, use the following
+      options when you configure the kernel to load Intel
+      microcode:</para>
+      <para>
+        Now that the Intel microcode has been prepared, use the following
+        options when you configure the kernel to load Intel microcode:
+      </para>
 <screen><literal>General Setup ---&gt;
 …
   [y]      Intel microcode loading support [CONFIG_MICROCODE_INTEL]</literal></screen>
+      <para>After you have successfully booted the new system, force late loading by
+      using the command:</para>
+      <para>
+        After you have successfully booted the new system, force late loading
+        by using the command:
+      </para>
 <screen><userinput>echo 1 > /sys/devices/system/cpu/microcode/reload</userinput></screen>
+      <para>Then use the following command to see if anything was loaded:</para>
+      <para>
+        Then use the following command to see if anything was loaded:
+      </para>
 <screen><userinput>dmesg | grep -e 'microcode' -e 'Linux version' -e 'Command line'</userinput></screen>
+      <para>This reformatted example was created by temporarily booting without
+      microcode, to show the current Firmware Bug message, then the late load
+      shows it being updated to revision 0xd6.</para>
+      <para>
+        This reformatted example was created by temporarily booting without
+        microcode, to show the current Firmware Bug message, then the late load
+        shows it being updated to revision 0xd6.
+      </para>
 <screen><literal>[    0.000000] Linux version 5.4.2 (lfs@leshp) (gcc version 9.2.0 (GCC))
 …
 [  277.674231] x86/CPU: CPU features have changed after loading microcode, but might not take effect</literal></screen>
+    <para>If the microcode was not updated, there is no new microcode for
+    this system's processor. If it did get updated, you can now proceed to <xref
+    linkend='early-microcode'/>.</para>
+      <para>
+        If the microcode was not updated, there is no new microcode for this
+        system's processor. If it did get updated, you can now proceed to
+        <xref linkend='early-microcode'/>.
+      </para>
     </sect3>
 …
       <title>AMD Microcode for the CPU</title>
+      <para>Begin by downloading a container of firmware for your CPU family
+      from <ulink
+      url='&sources-anduin-http;/linux-firmware/amd-ucode/'/>.
+      The family is always specified in hex. Families 10h to 14h (16 to 20)
+      are in microcode_amd.bin.  Families 15h, 16h and 17h have their own containers.
+      Create the required directory and put the firmware you downloaded into
+      it as the <systemitem class="username">root</systemitem> user:</para>
+      <para>
+        Begin by downloading a container of firmware for your CPU family
+        from <ulink url=
+          '&sources-anduin-http;/linux-firmware/amd-ucode/'/>.
+        The family is always specified in hex. Families 10h to 14h (16 to 20)
+        are in microcode_amd.bin.  Families 15h, 16h and 17h have their own
+        containers.  Create the required directory and put the firmware you
+        downloaded into it as the <systemitem
+        class="username">root</systemitem> user:
+      </para>
 <screen><userinput>mkdir -pv /lib/firmware/amd-ucode
 cp -v microcode_amd* /lib/firmware/amd-ucode</userinput></screen>
+      <para>When you configure the kernel, use the following options
+      to load AMD microcode:</para>
+      <para>
+        When you configure the kernel, use the following options
+        to load AMD microcode:
+      </para>
 <screen><literal>General Setup ---&gt;
 …
   [y]      AMD microcode loading support [CONFIG_MICROCODE_AMD]</literal></screen>
+      <para>After you have successfully booted the new system, force late loading by
+      using the command:</para>
+      <para>
+        After you have successfully booted the new system, force late loading
+        by using the command:
+      </para>
 <screen><userinput>echo 1 > /sys/devices/system/cpu/microcode/reload</userinput></screen>
+      <para>Then use the following command to see if anything was loaded:</para>
+      <para>
+        Then use the following command to see if anything was loaded:
+      </para>
 <screen><userinput>dmesg | grep -e 'microcode' -e 'Linux version' -e 'Command line'</userinput></screen>
+      <para>This historic example from an old Athlon(tm) II X2 shows it has been
+      updated. At that time, all CPUs were still reported in the microcode details on
+      AMD machines (the current position for AMD machines where newer microcode is
+      available is unknown) :</para>
+      <para>
+        This historic example from an old Athlon(tm) II X2 shows it has been
+        updated. At that time, all CPUs were still reported in the microcode
+        details on AMD machines (the current position for AMD machines where
+        newer microcode is available is unknown) :
+      </para>
 <screen><literal>[    0.000000] Linux version 4.15.3 (ken@testserver) (gcc version 7.3.0 (GCC))
 …
 [  187.928899] microcode: CPU1: new patch_level=0x010000c8</literal></screen>
+    <para>If the microcode was not updated, there is no new microcode for
+    this system's processor. If it did get updated, you can now proceed to <xref
+    linkend='early-microcode'/>.</para>
+      <para>
+        If the microcode was not updated, there is no new microcode for
+        this system's processor. If it did get updated, you can now proceed to
+        <xref linkend='early-microcode'/>.
+      </para>
     </sect3>
 …
       <title>Early loading of microcode</title>
+      <para>If you have established that updated microcode is available for
+      your system, it is time to prepare it for early loading. This requires
+      an additional package, <xref linkend='cpio'/> and the creation of an
+      initrd which will need to be added to grub.cfg.</para>
+      <para>It does not matter where you prepare the initrd, and once it is
+      working you can apply the same initrd to later LFS systems or newer
+      kernels on this same machine, at least until any newer microcode is
+      released. Use the following commands:</para>
+      <para>
+        If you have established that updated microcode is available for
+        your system, it is time to prepare it for early loading. This requires
+        an additional package, <xref linkend='cpio'/> and the creation of an
+        initrd which will need to be added to grub.cfg.
+      </para>
+      <para>
+        It does not matter where you prepare the initrd, and once it is
+        working you can apply the same initrd to later LFS systems or newer
+        kernels on this same machine, at least until any newer microcode is
+        released. Use the following commands:
+      </para>
 <screen><userinput>mkdir -p initrd/kernel/x86/microcode
 cd initrd</userinput></screen>
+      <para>For an AMD machine, use the following command (replace
+      &lt;MYCONTAINER&gt; with the name of the container for your CPU's
+      family):</para>
+      <para>
+        For an AMD machine, use the following command (replace
+        &lt;MYCONTAINER&gt; with the name of the container for your CPU's
+        family):
+      </para>
 <screen><userinput>cp -v /lib/firmware/amd-ucode/&lt;MYCONTAINER&gt; kernel/x86/microcode/AuthenticAMD.bin</userinput></screen>
+      <para>Or for an Intel machine copy the appropriate blob using this command:</para>
+      <para>
+        Or for an Intel machine copy the appropriate blob using this command:
+      </para>
 <screen><userinput>cp -v /lib/firmware/intel-ucode/&lt;XX-YY-ZZ&gt; kernel/x86/microcode/GenuineIntel.bin</userinput></screen>
+      <para>Now prepare the initrd:</para>
+      <para>
+        Now prepare the initrd:
+      </para>
 <screen><userinput>find . | cpio -o -H newc &gt; /boot/microcode.img</userinput></screen>
+      <para>You now need to add a new entry to /boot/grub/grub.cfg and
+      here you should add a new line after the linux line within the stanza.
+      If /boot is a separate mountpoint: </para>
+      <para>
+        You now need to add a new entry to /boot/grub/grub.cfg and
+        here you should add a new line after the linux line within the stanza.
+        If /boot is a separate mountpoint:
+       </para>
 <screen><userinput>initrd /microcode.img</userinput></screen>
+      <para>or this if it is not:</para>
+      <para>
+        or this if it is not:
+      </para>
 <screen><userinput>initrd /boot/microcode.img</userinput></screen>
+      <para>If you are already booting with an initrd (see <xref
+      linkend="initramfs"/>), you should run <command>mkinitramfs</command>
+      again after putting the appropriate blob or container into <filename
+      class="directory">/lib/firmware</filename> as explained above.
+      Alternatively, you can have both initrd on the same line, such as
+      <userinput>initrd /microcode.img /other-initrd.img</userinput> (adapt
+      that as above if /boot is not a separate mountpoint).</para>
+      <para>You can now reboot with the added initrd, and then use the same
+      command to check that the early load worked.</para>
+      <para>
+        If you are already booting with an initrd (see <xref
+        linkend="initramfs"/>), you should run <command>mkinitramfs</command>
+        again after putting the appropriate blob or container into <filename
+        class="directory">/lib/firmware</filename> as explained above.
+        Alternatively, you can have both initrd on the same line, such as
+        <userinput>initrd /microcode.img /other-initrd.img</userinput> (adapt
+        that as above if /boot is not a separate mountpoint).
+      </para>
+      <para>
+        You can now reboot with the added initrd, and then use the same
+        command to check that the early load worked:
+      </para>
 <screen><userinput>dmesg | grep -e 'microcode' -e 'Linux version' -e 'Command line'</userinput></screen>
+      <para>If you updated to address vulnerabilities, you can look at <filename
+      class="directory">/sys/devices/system/cpu/vulnerabilities/</filename> to
+      see what is now reported.</para>
+      <para>The places and times where early loading happens are very different
+      in AMD and Intel machines. First, an Intel example with early loading:</para>
+      <para>
+        If you updated to address vulnerabilities, you can look at <filename
+        class="directory">/sys/devices/system/cpu/vulnerabilities/</filename>
+        to see what is now reported.
+      </para>
+      <para>
+        The places and times where early loading happens are very different
+        in AMD and Intel machines. First, an Intel example with early loading:
+      </para>
 <screen><literal>[    0.000000] microcode: microcode updated early to revision 0xd6, date = 2019-10-03
 …
 [    0.579961] microcode: Microcode Update Driver: v2.2.</literal></screen>
+      <para>A historic AMD example:</para>
+      <para>
+        A historic AMD example:
+      </para>
 <screen><literal>[    0.000000] Linux version 4.15.3 (ken@testserver) (gcc version 7.3.0 (GCC))
 …
     <title>Firmware for Video Cards</title>
+  <sect3 id="ati-video-firmware">
+    <title>Firmware for ATI video chips (R600 and later)</title>
+    <para>These instructions do NOT apply to old radeons before the R600
+    family. For those, the firmware is in the kernel's <filename
+    class='directory'>/lib/firmware/</filename> directory. Nor do they apply if
+    you intend to avoid a graphical setup such as Xorg and are content to use
+    the default 80x25 display rather than a framebuffer. </para>
+    <para> Early radeon devices only needed a single 2K blob of firmware.
+    Recent devices need several different blobs, and some of them are much
+    bigger. The total size of the radeon firmware directory is over 500K &mdash; on a
+    large modern system you can probably spare the space, but it is still
+    redundant to install all the unused files each time you build a system.</para>
+    <para>A better approach is to install <xref linkend='pciutils'/> and then
+    use <userinput>lspci</userinput> to identify which VGA controller is
+    installed.</para>
+    <para>With that information, check the RadeonFeature page of the Xorg wiki
+    for <ulink url="http://wiki.x.org/wiki/RadeonFeature/#index5h2">Decoder
+    ring for engineering vs marketing names</ulink> to identify the family (you
+    may need to know this for the Xorg driver in BLFS &mdash; Southern Islands and
+    Sea Islands use the radeonsi driver) and the specific model.</para>
+    <para>Now that you know which controller you are using, consult the
+    <ulink url="https://wiki.gentoo.org/wiki/Radeon#Firmware">Radeon</ulink> page
+    of the Gentoo wiki which has a table listing the required firmware blobs
+    for the various chipsets. Note that Southern Islands and Sea Islands chips
+    use different firmware for kernel 3.17 and later compared to earlier
+    kernels. Identify and download the required blobs then install them:</para>
+    <sect3 id="ati-video-firmware">
+      <title>Firmware for ATI video chips (R600 and later)</title>
+      <para>
+        These instructions do NOT apply to old radeons before the R600
+        family. For those, the firmware is in the kernel's <filename
+        class='directory'>/lib/firmware/</filename> directory. Nor do they
+        apply if you intend to avoid a graphical setup such as Xorg and are
+        content to use the default 80x25 display rather than a framebuffer.
+      </para>
+      <para>
+        Early radeon devices only needed a single 2K blob of firmware. Recent
+        devices need several different blobs, and some of them are much bigger.
+        The total size of the radeon firmware directory is over 500K &mdash;
+        on a large modern system you can probably spare the space, but it is
+        still redundant to install all the unused files each time you build
+        a system.
+      </para>
+      <para>
+        A better approach is to install <xref linkend='pciutils'/> and then
+        use <userinput>lspci</userinput> to identify which VGA controller is
+        installed.
+      </para>
+      <para>
+        With that information, check the RadeonFeature page of the Xorg wiki
+        for <ulink url="http://wiki.x.org/wiki/RadeonFeature/#index5h2">Decoder
+        ring for engineering vs marketing names</ulink> to identify the family
+        (you may need to know this for the Xorg driver in BLFS &mdash;
+        Southern Islands and Sea Islands use the radeonsi driver) and the
+        specific model.
+      </para>
+      <para>
+        Now that you know which controller you are using, consult the
+        <ulink url="https://wiki.gentoo.org/wiki/Radeon#Firmware">
+           Radeon</ulink> page of the Gentoo wiki which has a table listing
+        the required firmware blobs for the various chipsets. Note that
+        Southern Islands and Sea Islands chips use different firmware for
+        kernel 3.17 and later compared to earlier kernels. Identify and
+        download the required blobs then install them:
+      </para>
 <screen><userinput>mkdir -pv /lib/firmware/radeon
 cp -v &lt;YOUR_BLOBS&gt; /lib/firmware/radeon</userinput></screen>
+    <para>There are actually two ways of installing this firmware. BLFS, in the
+    'Kernel Configuration for additional firmware' section part of the <xref
+    linkend="xorg-ati-driver"/> section  gives an example of compiling the
+    firmware into the kernel - that is slightly faster to load, but uses more
+    kernel memory. Here we will use the alternative method of making the radeon
+    driver a module. In your kernel config set the following: </para>
+      <para>
+        There are actually two ways of installing this firmware. BLFS, in the
+        'Kernel Configuration for additional firmware' section part of the
+        <xref linkend="xorg-ati-driver"/> section gives an example of
+        compiling the firmware into the kernel - that is slightly faster to
+        load, but uses more kernel memory. Here we will use the alternative
+        method of making the radeon driver a module. In your kernel config
+        set the following:
+      </para>
 <screen><literal>Device Drivers ---&gt;
 …
       &lt;m&gt; ATI Radeon                                        [CONFIG_DRM_RADEON]</literal></screen>
+    <para>Loading several large blobs from /lib/firmware takes a noticeable
+    time, during which the screen will be blank. If you do not enable the
+    penguin framebuffer logo, or change the console size by using a bigger
+    font, that probably does not matter. If desired, you can slightly
+    reduce the time if you follow the alternate method of specifying 'y' for
+    CONFIG_DRM_RADEON covered in BLFS at the link above &mdash; you must specify each
+    needed radeon blob if you do that.</para>
+  </sect3>
+  <sect3 id="nvidia-video-firmware">
+    <title>Firmware for Nvidia video chips</title>
+    <para>Some Nvidia graphics chips need firmware updates to take advantage
+    of all the card's capability.  These are generally the GeForce 8, 9, 9300,
+    and 200-900 series chips.  For more exact information, see <ulink
+    url="https://nouveau.freedesktop.org/wiki/VideoAcceleration/#firmware">
+    https://nouveau.freedesktop.org/wiki/VideoAcceleration/#firmware</ulink>.</para>
+      <para>
+        Loading several large blobs from /lib/firmware takes a noticeable
+        time, during which the screen will be blank. If you do not enable the
+        penguin framebuffer logo, or change the console size by using a bigger
+        font, that probably does not matter. If desired, you can slightly
+        reduce the time if you follow the alternate method of specifying 'y'
+        for CONFIG_DRM_RADEON covered in BLFS at the link above &mdash; you
+        must specify each needed radeon blob if you do that.
+      </para>
+    </sect3>
+    <sect3 id="nvidia-video-firmware">
+      <title>Firmware for Nvidia video chips</title>
+      <para>
+        Some Nvidia graphics chips need firmware updates to take advantage
+        of all the card's capability.  These are generally the GeForce 8, 9,
+, and 200-900 series chips.  For more exact information, see
+        <ulink url=
+          "https://nouveau.freedesktop.org/wiki/VideoAcceleration/#firmware"/>.
+      </para>
+    <para>First, the kernel Nvidia driver must be activated:</para>
+      <para>
+        First, the kernel Nvidia driver must be activated:
+      </para>
 <screen><literal>Device Drivers ---&gt;
 …
       &lt;*/m&gt; Nouveau (NVIDIA) cards                          [CONFIG_DRM_NOUVEAU]</literal></screen>
+    <para>The steps to install the Nvidia firmware are:</para>
+      <para>
+        The steps to install the Nvidia firmware are:
+      </para>
 <screen><userinput>wget https://raw.github.com/imirkin/re-vp2/master/extract_firmware.py
 …
 cp -d nv* vuc-* /lib/firmware/nouveau/</userinput></screen>
   </sect3>
+    </sect3>
   </sect2>
 …
     <title>Firmware for Network Interfaces</title>
+    <para>The kernel likes to load firmware for some network drivers,
+    particularly those from Realtek (the /lib/linux-firmware/rtl_nic/) directory,
+    but they generally appear to work without it. Therefore, you can boot the
+    kernel, check dmesg for messages about this missing firmware, and if
+    necessary download the firmware and put it in the specified directory in
+    /lib/firmware so that it will be found on subsequent boots. Note that with
+    current kernels this works whether or not the driver is compiled in or
+    built as a module, there is no need to build this firmware into the kernel.
+    Here is an example where the R8169 driver has been compiled in but the
+    firmware was not made available. Once the firmware had been provided, there
+    was no mention of it on later boots. </para>
+    <para>
+      The kernel likes to load firmware for some network drivers, particularly
+      those from Realtek (the /lib/linux-firmware/rtl_nic/) directory, but
+      they generally appear to work without it. Therefore, you can boot the
+      kernel, check dmesg for messages about this missing firmware, and if
+      necessary download the firmware and put it in the specified directory in
+      <filename class="directory">/lib/firmware</filename> so that it will
+      be found on subsequent boots. Note that with current kernels this
+      works whether or not the driver is compiled in or built as a module,
+      there is no need to build this firmware into the kernel.
+      Here is an example where the R8169 driver has been compiled in but the
+      firmware was not made available. Once the firmware had been provided,
+      there was no mention of it on later boots.
+    </para>
 <screen><literal>dmesg | grep firmware | grep r8169
 …
     <title>Firmware for Other Devices</title>
+    <para> Identifying the correct firmware will typically require you to
+    install <xref linkend='pciutils'/>, and then use
+    <userinput>lspci</userinput> to identify the device. You should then search
+    online to check which module it uses, which firmware, and where to obtain
+    the firmware &mdash; not all of it is in linux-firmware.</para>
+    <para>If possible, you should begin by using a wired connection when you
+    first boot your LFS system. To use a wireless connection you will need to
+    use a network tools such as <xref linkend='wireless_tools'/> and <xref
+    linkend='wpa_supplicant'/>.</para>
+    <para>Firmware may also be needed for other devices such as some SCSI
+    controllers, bluetooth adaptors, or TV recorders. The same principles
+    apply.</para>
+    <para>
+      Identifying the correct firmware will typically require you to install
+      <xref linkend='pciutils'/>, and then use <userinput>lspci</userinput>
+      to identify the device. You should then search online to check which
+      module it uses, which firmware, and where to obtain the firmware &mdash;
+      not all of it is in linux-firmware.
+    </para>
+    <para>
+      If possible, you should begin by using a wired connection when you first
+      boot your LFS system. To use a wireless connection you will need to
+      use a network tools such as <xref linkend='wireless_tools'/> and <xref
+      linkend='wpa_supplicant'/>.
+    </para>
+    <para>
+      Firmware may also be needed for other devices such as some SCSI
+      controllers, bluetooth adaptors, or TV recorders. The same principles
+      apply.
+    </para>
   </sect2>

postlfs/config/logon.xml

-              rfa3edfef
+              r81a73ed8
   </indexterm>
+  <para>When you first boot up your new LFS system, the logon screen will
+  be nice and plain (as it should be in a bare-bones system).  Many people
+  however, will want their system to display some information in the logon
+  message.  This can be accomplished using the
+  file <filename>/etc/issue</filename>.</para>
+  <para>
+    When you first boot up your new LFS system, the logon screen will be
+    nice and plain (as it should be in a bare-bones system).  Many people
+    however, will want their system to display some information in the logon
+    message.  This can be accomplished using the
+    file <filename>/etc/issue</filename>.
+  </para>
+  <para>The <filename>/etc/issue</filename> file is a plain text file
+  which will also accept certain escape sequences (see below) in order to
+  insert information about the system.  There is also the file
+  <filename>issue.net</filename> which can be used when logging on remotely.
+  <command>ssh</command> however, will only use it if you set the option in the
+  configuration file and will <emphasis>not</emphasis> interpret the
+  escape sequences shown below.</para>
+  <para>
+    The <filename>/etc/issue</filename> file is a plain text file
+    which will also accept certain escape sequences (see below) in order to
+    insert information about the system.  There is also the file
+    <filename>issue.net</filename> which can be used when logging on remotely.
+    <command>ssh</command> however, will only use it if you set the option in
+    the configuration file and will <emphasis>not</emphasis> interpret the
+    escape sequences shown below.
+  </para>
+  <para>One of the most common things which people want to do is clear the
+  screen at each logon.  The easiest way of doing that is to put a "clear"
+  escape sequence into <filename>/etc/issue</filename>.  A simple way of doing
+  this is to issue the command <command>clear &gt; /etc/issue</command>.  This
+  will insert the relevant escape code into the start of the
+  <filename>/etc/issue</filename> file.  Note that if you do this, when you
+  edit the file, you should leave the characters (normally '^[[H^[[2J') on the
+  first line alone.</para>
+  <para>
+    One of the most common things which people want to do is clear the
+    screen at each logon.  The easiest way of doing that is to put a "clear"
+    escape sequence into <filename>/etc/issue</filename>.  A simple way of
+    doing this is to issue the command <command>clear &gt;
+    /etc/issue</command>.  This will insert the relevant escape code into
+    the start of the <filename>/etc/issue</filename> file.  Note that if
+    you do this, when you edit the file, you should leave the characters
+    (normally '^[[H^[[2J') on the first line alone.
+  </para>
+  <note><para>Terminal escape sequences are special codes recognized by the
+  terminal.  The ^[ represents an ASCII ESC character.  The sequence ESC [ H
+  puts the cursor in the upper left hand corner of the screen and ESC 2 J
+  erases the screen.  For more information on terminal escape sequences see
+  <ulink url='http://rtfm.etla.org/xterm/ctlseq.html'/></para></note>
+  <note>
+    <para>
+      Terminal escape sequences are special codes recognized by the terminal.
+      The ^[ represents an ASCII ESC character.  The sequence ESC [ H
+      puts the cursor in the upper left hand corner of the screen and ESC 2 J
+      erases the screen.  For more information on terminal escape sequences see
+      <ulink url='http://rtfm.etla.org/xterm/ctlseq.html'/>
+    </para>
+  </note>
+  <para>The following sequences are recognized by <command>agetty</command>
+  (the program which usually parses <filename>/etc/issue</filename>).  This
+  information is from <command>man agetty</command> where you can find
+  extra information about the logon process.</para>
+  <para>
+    The following sequences are recognized by <command>agetty</command>
+    (the program which usually parses <filename>/etc/issue</filename>).  This
+    information is from <command>man agetty</command> where you can find
+    extra information about the logon process.
+  </para>
+  <para>The <filename>issue</filename> file can contain certain character
+  sequences to display various information.  All <filename>issue</filename>
+  sequences consist of a backslash (\) immediately followed by one of the
+  letters explained below (so <option>\d</option> in
+  <filename>/etc/issue</filename> would insert the current date).</para>
+  <para>
+    The <filename>issue</filename> file can contain certain character
+    sequences to display various information.  All <filename>issue</filename>
+    sequences consist of a backslash (\) immediately followed by one of the
+    letters explained below (so <option>\d</option> in
+    <filename>/etc/issue</filename> would insert the current date).
+  </para>
 <screen><literal>b   Insert the baudrate of the current line.

postlfs/config/profile.xml

-              rfa3edfef
+              r81a73ed8
   <title>The Bash Shell Startup Files</title>
+  <para>The shell program <filename>/bin/bash</filename> (hereafter
+  referred to as just "the shell") uses a collection of startup files to
+  help create an environment.  Each file has a specific use and
+  may affect login and interactive environments differently.  The files in
+  the <filename class="directory">/etc</filename> directory generally provide
+  global settings. If an equivalent file exists in your home directory it may
+  override the global settings.</para>
+  <para>An interactive login shell is started after a successful login, using
+  <filename>/bin/login</filename>, by reading the
+  <filename>/etc/passwd</filename> file. This shell invocation normally reads
+  <filename>/etc/profile</filename> and its private equivalent
+  <filename>~/.bash_profile</filename> (or <filename>~/.profile</filename> if
+  called as <command>/bin/sh</command>) upon startup.</para>
+  <para>An interactive non-login shell is normally started at the command-line
+  using a shell program (e.g.,
+  <prompt>[prompt]$</prompt><command>/bin/bash</command>) or by the
+  <command>/bin/su</command> command.  An interactive non-login shell is also
+  started with a terminal program such as <command>xterm</command> or
+  <command>konsole</command> from within a graphical environment. This type of
+  shell invocation normally copies the parent environment and then reads the
+  user's <filename>~/.bashrc</filename> file for additional startup
+  configuration instructions.</para>
+  <para>A non-interactive shell is usually present when a shell script is
+  running.  It is non-interactive because it is processing a script and not
+  waiting for user input between commands. For these shell invocations, only
+  the environment inherited from the parent shell is used.</para>
+  <para> The file <filename>~/.bash_logout</filename> is not used for an
+  invocation of the shell.  It is read and executed when a user exits from an
+  interactive login shell.</para>
+  <para>Many distributions use <filename>/etc/bashrc</filename> for system wide
+  initialization of non-login shells. This file is usually called from the
+  user's <filename>~/.bashrc</filename> file and is not built directly into
+  <command>bash</command> itself.  This convention is followed in this
+  section.</para>
+  <para>For more information see <command>info bash</command> --
+  <emphasis role="strong">Nodes: Bash Startup Files and Interactive
+  Shells</emphasis>.</para>
+  <para>
+    The shell program <filename>/bin/bash</filename> (hereafter referred to
+    as just "the shell") uses a collection of startup files to help create
+    an environment.  Each file has a specific use and may affect login and
+    interactive environments differently.  The files in the <filename
+    class="directory">/etc</filename> directory generally provide global
+    settings. If an equivalent file exists in your home directory it may
+    override the global settings.
+  </para>
+  <para>
+    An interactive login shell is started after a successful login, using
+    <filename>/bin/login</filename>, by reading the
+    <filename>/etc/passwd</filename> file. This shell invocation normally reads
+    <filename>/etc/profile</filename> and its private equivalent
+    <filename>~/.bash_profile</filename> (or <filename>~/.profile</filename>
+    if called as <command>/bin/sh</command>) upon startup.
+  </para>
+  <para>
+    An interactive non-login shell is normally started at the command-line
+    using a shell program (e.g.,
+    <prompt>[prompt]$</prompt><command>/bin/bash</command>) or by the
+    <command>/bin/su</command> command.  An interactive non-login shell is also
+    started with a terminal program such as <command>xterm</command> or
+    <command>konsole</command> from within a graphical environment. This type
+    of shell invocation normally copies the parent environment and then reads
+    the user's <filename>~/.bashrc</filename> file for additional startup
+    configuration instructions.
+  </para>
+  <para>
+    A non-interactive shell is usually present when a shell script is
+    running.  It is non-interactive because it is processing a script and not
+    waiting for user input between commands. For these shell invocations, only
+    the environment inherited from the parent shell is used.
+  </para>
+  <para>
+    The file <filename>~/.bash_logout</filename> is not used for an
+    invocation of the shell.  It is read and executed when a user exits from an
+    interactive login shell.
+  </para>
+  <para>
+    Many distributions use <filename>/etc/bashrc</filename> for system wide
+    initialization of non-login shells. This file is usually called from the
+    user's <filename>~/.bashrc</filename> file and is not built directly into
+    <command>bash</command> itself.  This convention is followed in this
+    section.
+  </para>
+  <para>
+    For more information see <command>info bash</command> --
+    <emphasis role="strong">Nodes: Bash Startup Files and Interactive
+    Shells</emphasis>.
+  </para>
   <note>
+    <para>Most of the instructions below are used to create files located in
+    the <filename class='directory'>/etc</filename> directory structure which
+    requires you to execute the commands as the
+    <systemitem class='username'>root</systemitem> user. If you elect to create
+    the files in user's home directories instead, you should run the commands
+    as an unprivileged user.</para>
+    <para>
+      Most of the instructions below are used to create files located in the
+      <filename class='directory'>/etc</filename> directory structure which
+      requires you to execute the commands as the <systemitem
+      class='username'>root</systemitem> user. If you elect to create the
+      files in user's home directories instead, you should run the commands
+      as an unprivileged user.
+    </para>
   </note>
     <para condition="html" role="usernotes">User Notes:
     <ulink url="&blfs-wiki;/bash-shell-startup-files"/></para>
+  <para condition="html" role="usernotes">User Notes:
+  <ulink url="&blfs-wiki;/bash-shell-startup-files"/></para>
   <sect2 id="etc-profile-profile">
 …
     </indexterm>
+    <para>Here is a base <filename>/etc/profile</filename>. This file starts by
+    setting up some helper functions and some basic parameters.  It specifies some
+    <command>bash</command> history parameters and, for security purposes,
+    disables keeping a permanent history file for the <systemitem
+    class="username">root</systemitem> user.  It also sets a
+    default user prompt.  It then calls small, single purpose scripts in the
+    <filename class='directory'>/etc/profile.d</filename> directory to provide most
+    of the initialization.</para>
+    <para>For more information on the escape sequences you can use for your prompt
+    (i.e., the <envar>PS1</envar> environment variable) see <command>info
+    bash</command> -- <emphasis role="strong">Node: Printing a
+    Prompt</emphasis>.</para>
+    <para>
+      Here is a base <filename>/etc/profile</filename>. This file starts by
+      setting up some helper functions and some basic parameters. It specifies
+      some <command>bash</command> history parameters and, for security
+      purposes, disables keeping a permanent history file for the <systemitem
+      class="username">root</systemitem> user.  It also sets a default user
+      prompt.  It then calls small, single purpose scripts in the <filename
+      class='directory'>/etc/profile.d</filename> directory to provide most
+      of the initialization.
+    </para>
+    <para>
+      For more information on the escape sequences you can use for your prompt
+      (i.e., the <envar>PS1</envar> environment variable) see <command>info
+      bash</command> -- <emphasis role="strong">Node: Printing a
+      Prompt</emphasis>.
+    </para>
 <screen role="root"><?dbfo keep-together="auto"?><userinput>cat &gt; /etc/profile &lt;&lt; "EOF"
 …
       </indexterm>
+      <para>Now create the <filename class='directory'>/etc/profile.d</filename>
+      directory, where the individual initialization scripts are placed:</para>
+      <para>
+        Now create the <filename class='directory'>/etc/profile.d</filename>
+        directory, where the individual initialization scripts are placed:
+      </para>
 <screen role="root"><userinput>install --directory --mode=0755 --owner=root --group=root /etc/profile.d</userinput></screen>
 …
       </indexterm>
+      <note><para>Using the bash completion script below is controversial.
+      Not all users like it.  It adds many (usually over 1000) lines to the
+      bash environment and makes it difficult to use the 'set' command to
+      examine simple environment variables.  Omitting this script does not
+      interfere with the ability of bash to use the tab key for file name
+      completion.</para></note>
+      <para>This script imports bash completion scripts, installed by many
+      other BLFS packages, to allow TAB command line completion.</para>
+      <note>
+        <para>
+          Using the bash completion script below is controversial. Not all
+          users like it.  It adds many (usually over 1000) lines to the bash
+          environment and makes it difficult to use the 'set' command to
+          examine simple environment variables.  Omitting this script does
+          not interfere with the ability of bash to use the tab key for file
+          name completion.
+        </para>
+      </note>
+      <para>
+        This script imports bash completion scripts, installed by many
+        other BLFS packages, to allow TAB command line completion.
+      </para>
 <screen role="root"><userinput>cat &gt; /etc/profile.d/bash_completion.sh &lt;&lt; "EOF"
 …
 # End /etc/profile.d/bash_completion.sh</literal>
 EOF</userinput></screen>
+      <para>Make sure that the directory exists:</para>
+      <para>
+        Make sure that the directory exists:
+      </para>
 <screen role="root"><userinput>install --directory --mode=0755 --owner=root --group=root /etc/bash_completion.d</userinput></screen>
+      <para>For a more complete installation, see
+      <ulink url="&blfs-wiki;/bash-shell-startup-files#bash-completions"/>.</para>
+      <para>
+        For a more complete installation, see
+        <ulink url="&blfs-wiki;/bash-shell-startup-files#bash-completions"/>.
+      </para>
     </sect3>
 …
       </indexterm>
+      <para>This script uses the <filename>~/.dircolors</filename> and
+      <filename>/etc/dircolors</filename> files to control the colors of file names in a
+      directory listing. They control colorized output of things like <command>ls
+      --color</command>.  The explanation of how to initialize these files is at the
+      end of this section.</para>
+      <para>
+        This script uses the <filename>~/.dircolors</filename> and
+        <filename>/etc/dircolors</filename> files to control the colors of
+        file names in a directory listing. They control colorized output of
+        things like <command>ls --color</command>.  The explanation of how to
+        initialize these files is at the end of this section.
+      </para>
 <screen role="root"><userinput>cat &gt; /etc/profile.d/dircolors.sh &lt;&lt; "EOF"
 …
       </indexterm>
+      <para>This script adds some useful paths to the <envar>PATH</envar> and
+      can be used to customize other PATH related environment variables
+      (e.g. LD_LIBRARY_PATH, etc) that may be needed for all users.</para>
+      <para>
+        This script adds some useful paths to the <envar>PATH</envar> and
+        can be used to customize other PATH related environment variables
+        (e.g. LD_LIBRARY_PATH, etc) that may be needed for all users.
+      </para>
 <screen role="root"><userinput>cat &gt; /etc/profile.d/extrapaths.sh &lt;&lt; "EOF"
 …
       </indexterm>
+      <para>This script sets up the default <filename>inputrc</filename>
+      configuration file. If the user does not have individual settings, it uses the
+      global file.</para>
+      <para>
+        This script sets up the default <filename>inputrc</filename>
+        configuration file. If the user does not have individual settings, it
+        uses the global file.
+      </para>
 <screen role="root"><userinput>cat &gt; /etc/profile.d/readline.sh &lt;&lt; "EOF"
 …
       </indexterm>
+      <para>Setting the <command>umask</command> value is important for security.
+      Here the default group write permissions are turned off for system users and when
+      the user name and group name are not the same.</para>
+      <para>
+        Setting the <command>umask</command> value is important for security.
+        Here the default group write permissions are turned off for system
+        users and when the user name and group name are not the same.
+      </para>
 <screen role="root"><userinput>cat &gt; /etc/profile.d/umask.sh &lt;&lt; "EOF"
 …
       </indexterm>
+      <para>If <application>X</application> is installed, the <envar>PATH</envar>
+      and <envar>PKG_CONFIG_PATH</envar> variables are also updated.</para>
+      <para>
+        If <application>X</application> is installed, the <envar>PATH</envar>
+        and <envar>PKG_CONFIG_PATH</envar> variables are also updated.
+      </para>
 <screen role="root"><userinput>cat &gt; /etc/profile.d/X.sh &lt;&lt; "EOF"
 …
     </indexterm>
+      <para>This script sets an environment variable necessary for
+      native language support. A full discussion on determining this
+      variable can be found on the <ulink
+      url="&lfs-root;/chapter07/profile.html">LFS Bash Shell
+      Startup Files</ulink> page.</para>
+      <para>
+        This script sets an environment variable necessary for
+        native language support. A full discussion on determining this
+        variable can be found on the <ulink
+        url="&lfs-root;/chapter07/profile.html">LFS Bash Shell
+        Startup Files</ulink> page.
+      </para>
 <screen role="root" revision="sysv"><userinput>cat &gt; /etc/profile.d/i18n.sh &lt;&lt; "EOF"
 …
       <title>Other Initialization Values</title>
+      <para>Other initialization can easily be added to the
+      <filename>profile</filename> by adding additional scripts to the
+      <filename class='directory'>/etc/profile.d</filename> directory.</para>
+      <para>
+        Other initialization can easily be added to the
+        <filename>profile</filename> by adding additional scripts to the
+        <filename class='directory'>/etc/profile.d</filename> directory.
+      </para>
     </sect3>
 …
     </indexterm>
+    <para>Here is a base <filename>/etc/bashrc</filename>.  Comments in the
+    file should explain everything you need.</para>
+    <para>
+      Here is a base <filename>/etc/bashrc</filename>.  Comments in the
+      file should explain everything you need.
+    </para>
 <screen role="root"><userinput>cat &gt; /etc/bashrc &lt;&lt; "EOF"
 …
     </indexterm>
+    <para>Here is a base <filename>~/.bash_profile</filename>.  If you want each
+    new user to have this file automatically, just change the output of
+    the command to <filename>/etc/skel/.bash_profile</filename> and check the
+    permissions after the command is run. You can then copy
+    <filename>/etc/skel/.bash_profile</filename> to the home directories of already
+    existing users, including <systemitem class="username">root</systemitem>,
+    and set the owner and group appropriately.</para>
+    <para>
+      Here is a base <filename>~/.bash_profile</filename>.  If you want each
+        new user to have this file automatically, just change the output of
+      the command to <filename>/etc/skel/.bash_profile</filename> and check the
+      permissions after the command is run. You can then copy <filename>
+      /etc/skel/.bash_profile</filename> to the home directories of already
+      existing users, including <systemitem class="username">root</systemitem>,
+      and set the owner and group appropriately.
+    </para>
 <screen><userinput>cat &gt; ~/.bash_profile &lt;&lt; "EOF"
 …
     </indexterm>
+    <para>Here is a base <filename>~/.profile</filename>. The comments and
+    instructions for using <filename class="directory">/etc/skel</filename> for
+    <filename>.bash_profile</filename> above also apply here. Only the target
+    file names are different.</para>
+    <para>
+      Here is a base <filename>~/.profile</filename>. The comments and
+      instructions for using <filename class="directory">/etc/skel</filename>
+      for <filename>.bash_profile</filename> above also apply here. Only the
+      target file names are different.
+    </para>
 <screen><userinput>cat &gt; ~/.profile &lt;&lt; "EOF"
 …
     </indexterm>
+    <para>Here is a base <filename>~/.bashrc</filename>.</para>
+    <para>
+      Here is a base <filename>~/.bashrc</filename>.
+    </para>
 <screen><userinput>cat &gt; ~/.bashrc &lt;&lt; "EOF"
 …
     </indexterm>
+    <para>This is an empty <filename>~/.bash_logout</filename> that can be used as
+    a template.  You will notice that the base <filename>~/.bash_logout</filename>
+    does not include a <userinput>clear</userinput> command.  This is because the
+    clear is handled in the <filename>/etc/issue</filename> file.</para>
+    <para>
+      This is an empty <filename>~/.bash_logout</filename> that can be used as
+      a template.  You will notice that the base <filename>~/.bash_logout
+      </filename> does not include a <userinput>clear</userinput> command.
+      This is because the clear is handled in the
+      <filename>/etc/issue</filename> file.
+    </para>
 <screen><userinput>cat &gt; ~/.bash_logout &lt;&lt; "EOF"
 …
     </indexterm>
+    <para> If you want to use the <filename>dircolors</filename> capability,
+    then run the following command. The
+    <filename class="directory">/etc/skel</filename> setup steps shown above
+    also can be used here to provide a <filename>~/.dircolors</filename> file
+    when a new user is set up. As before, just change the output file name on
+    the following command and assure the permissions, owner, and group are
+    correct on the files created and/or copied.</para>
+    <para>
+       If you want to use the <filename>dircolors</filename> capability, then
+       run the following command. The <filename class="directory">/etc/skel
+       </filename> setup steps shown above also can be used here to provide
+       a <filename>~/.dircolors</filename> file when a new user is set up.
+       As before, just change the output file name on the following command
+       and assure the permissions, owner, and group are correct on the files
+       created and/or copied.
+    </para>
 <screen role="root"><userinput>dircolors -p > /etc/dircolors</userinput></screen>
+    <para>If you wish to customize the colors used for different file types,
+    you can edit the <filename>/etc/dircolors</filename> file. The instructions
+    for setting the colors are embedded in the file.</para>
+    <para>Finally, Ian Macdonald has written an excellent collection of tips and
+    tricks to enhance your shell environment.  You can read it online at
+    <ulink url="http://www.caliban.org/bash/index.shtml"/>.</para>
+    <para>
+      If you wish to customize the colors used for different file types, you
+      can edit the <filename>/etc/dircolors</filename> file. The instructions
+      for setting the colors are embedded in the file.
+    </para>
+    <para>
+      Finally, Ian Macdonald has written an excellent collection of tips and
+      tricks to enhance your shell environment.  You can read it online at
+      <ulink url="http://www.caliban.org/bash/index.shtml"/>.
+    </para>
   </sect2>

postlfs/config/random.xml

-              rfa3edfef
+              r81a73ed8
   </indexterm>
+  <para>The Linux kernel supplies a random number generator which is accessed
+  through <filename class="devicefile">/dev/random</filename> and
+  <filename class="devicefile">/dev/urandom</filename>.  Programs that utilize
+  the random and urandom devices, such as <application>OpenSSH</application>,
+  will benefit from these instructions.</para>
+  <para>
+    The Linux kernel supplies a random number generator which is accessed
+    through <filename class="devicefile">/dev/random</filename> and
+    <filename class="devicefile">/dev/urandom</filename>. Programs that utilize
+    the random and urandom devices, such as <application>OpenSSH</application>,
+    will benefit from these instructions.
+  </para>
+  <para>When a Linux system starts up without much operator interaction, the
+  entropy pool (data used to compute a random number) may be in a fairly
+  predictable state.  This creates the real possibility that the number generated
+  at startup may always be the same.  In order to counteract this effect,
+  you should carry the entropy pool information across your shut-downs and
+  start-ups.</para>
+  <para>
+    When a Linux system starts up without much operator interaction, the
+    entropy pool (data used to compute a random number) may be in a fairly
+    predictable state.  This creates the real possibility that the number
+    generated at startup may always be the same.  In order to counteract
+    this effect, you should carry the entropy pool information across your
+    shut-downs and start-ups.
+  </para>
+  <para>Install the <filename>/etc/rc.d/init.d/random</filename> init script
+  included with the <xref linkend="bootscripts"/> package.</para>
+  <para>
+    Install the <filename>/etc/rc.d/init.d/random</filename> init script
+    included with the <xref linkend="bootscripts"/> package.
+  </para>
 <screen role="root"><userinput>make install-random</userinput></screen>

postlfs/config/skel.xml

-              rfa3edfef
+              r81a73ed8
   </indexterm>
+  <para>Together, the <command>/usr/sbin/useradd</command> command and
+  <filename class="directory">/etc/skel</filename> directory (both are easy to
+  set up and use) provide a way to assure new users are added to your LFS
+  system with the same beginning settings for things such as the
+  <envar>PATH</envar>, keyboard processing and other environmental variables.
+  Using these two facilities makes it easier to assure this initial state for
+  each new user added to the system.</para>
+  <para>
+    Together, the <command>/usr/sbin/useradd</command> command and <filename
+    class="directory">/etc/skel</filename> directory (both are easy to
+    set up and use) provide a way to assure new users are added to your LFS
+    system with the same beginning settings for things such as the
+    <envar>PATH</envar>, keyboard processing and other environmental variables.
+    Using these two facilities makes it easier to assure this initial state for
+    each new user added to the system.
+  </para>
+  <para>The <filename class="directory">/etc/skel</filename> directory holds
+  copies of various initialization and other files that may be copied to the
+  new user's home directory when the <command>/usr/sbin/useradd</command>
+  program adds the new user.</para>
+  <para>
+    The <filename class="directory">/etc/skel</filename> directory holds
+    copies of various initialization and other files that may be copied to the
+    new user's home directory when the <command>/usr/sbin/useradd</command>
+    program adds the new user.
+  </para>
   <bridgehead renderas="sect5">Useradd</bridgehead>
+  <para>The <command>useradd</command> program uses a collection of
+  default values kept in <filename>/etc/default/useradd</filename>. This file
+  is created in a base LFS installation by the
+  <application>Shadow</application> package. If it has been removed or renamed,
+  the <command>useradd</command> program uses some internal defaults.  You can
+  see the default values by running
+  <command>/usr/sbin/useradd -D</command>.</para>
+  <para>
+    The <command>useradd</command> program uses a collection of default
+    values kept in <filename>/etc/default/useradd</filename>. This file
+    is created in a base LFS installation by the
+    <application>Shadow</application> package. If it has been removed or
+    renamed, the <command>useradd</command> program uses some internal
+    defaults.  You can see the default values by running
+    <command>/usr/sbin/useradd -D</command>.
+  </para>
+  <para>To change these values, simply modify the
+  <filename>/etc/default/useradd</filename> file as the
+  <systemitem class='username'>root</systemitem> user. An alternative to
+  directly modifying the file is to run <command>useradd</command> as the
+  <systemitem class='username'>root</systemitem> user while supplying the
+  desired modifications on the command line. Information on how to do this
+  can be found in the <command>useradd</command> man page.</para>
+  <para>
+    To change these values, simply modify the
+    <filename>/etc/default/useradd</filename> file as the
+    <systemitem class='username'>root</systemitem> user. An alternative to
+    directly modifying the file is to run <command>useradd</command> as the
+    <systemitem class='username'>root</systemitem> user while supplying the
+    desired modifications on the command line. Information on how to do this
+    can be found in the <command>useradd</command> man page.
+  </para>
   <bridgehead renderas="sect5">/etc/skel</bridgehead>
+  <para>To get started, create an
+  <filename class="directory">/etc/skel</filename> directory and make sure it
+  is writable only by the system administrator, usually
+  <systemitem class="username">root</systemitem>. Creating the directory as
+  <systemitem class="username">root</systemitem> is the best way to go.</para>
+  <para>
+    To get started, create an
+    <filename class="directory">/etc/skel</filename> directory and make sure it
+    is writable only by the system administrator, usually
+    <systemitem class="username">root</systemitem>. Creating the directory as
+    <systemitem class="username">root</systemitem> is the best way to go.
+  </para>
+  <para>The mode of any files from this part of the book that you put in
+  <filename class="directory">/etc/skel</filename> should be writable only by
+  the owner. Also, since there is no telling what kind of sensitive information
+  a user may eventually place in their copy of these files, you should
+  make them unreadable by "group" and "other".</para>
+  <para>
+    The mode of any files from this part of the book that you put in <filename
+    class="directory">/etc/skel</filename> should be writable only by the
+    owner. Also, since there is no telling what kind of sensitive information
+    a user may eventually place in their copy of these files, you should
+    make them unreadable by "group" and "other".
+  </para>
+  <para>You can also put other files in
+  <filename class="directory">/etc/skel</filename> and
+  different permissions may be needed for them.</para>
+  <para>
+    You can also put other files in
+    <filename class="directory">/etc/skel</filename> and
+    different permissions may be needed for them.
+  </para>
+  <para>Decide which initialization files should be provided in every (or most)
+  new user's home directory. The decisions you make will affect what you
+  do in the next two sections, <xref linkend="postlfs-config-profile"/> and
+  <xref linkend="postlfs-config-vimrc"/>. Some or all of those files will be
+  useful for <systemitem class="username">root</systemitem>, any
+  already-existing users, and new users.</para>
+  <para>
+    Decide which initialization files should be provided in every (or most)
+    new user's home directory. The decisions you make will affect what you
+    do in the next two sections, <xref linkend="postlfs-config-profile"/> and
+    <xref linkend="postlfs-config-vimrc"/>. Some or all of those files will be
+    useful for <systemitem class="username">root</systemitem>, any
+    already-existing users, and new users.
+  </para>
+  <para>The files from those sections that you might want to place in
+  <filename class="directory">/etc/skel</filename> include
+  <filename>.inputrc</filename>, <filename>.bash_profile</filename>,
+  <filename>.bashrc</filename>, <filename>.bash_logout</filename>,
+  <filename>.dircolors</filename>, and <filename>.vimrc</filename>. If
+  you are unsure which of these should be placed there, just continue to
+  the following sections, read each section and any references provided,
+  and then make your decision.</para>
+  <para>
+    The files from those sections that you might want to place in
+    <filename class="directory">/etc/skel</filename> include
+    <filename>.inputrc</filename>, <filename>.bash_profile</filename>,
+    <filename>.bashrc</filename>, <filename>.bash_logout</filename>,
+    <filename>.dircolors</filename>, and <filename>.vimrc</filename>. If
+    you are unsure which of these should be placed there, just continue to
+    the following sections, read each section and any references provided,
+    and then make your decision.
+  </para>
+  <para>You will run a slightly modified set of commands for files which
+  are placed in <filename class="directory">/etc/skel</filename>. Each section
+  will remind you of this. In brief, the book's commands have been written for
+  files <emphasis>not</emphasis> added to
+  <filename class="directory">/etc/skel</filename> and instead just sends the
+  results to the user's home directory. If the file is going to be in
+  <filename class="directory">/etc/skel</filename>, change the book's command(s)
+  to send output there instead and then just copy the file from
+  <filename class="directory">/etc/skel</filename> to the appropriate
+  directories, like <filename class="directory">/etc</filename>,
+  <filename class="directory">~</filename> or the home directory
+  of any other user already in the system.</para>
+  <para>
+    You will run a slightly modified set of commands for files which are
+    placed in <filename class="directory">/etc/skel</filename>. Each section
+    will remind you of this. In brief, the book's commands have been written
+    for files <emphasis>not</emphasis> added to <filename class="directory">
+    /etc/skel</filename> and instead just sends the results to the user's
+    home directory. If the file is going to be in <filename class="directory">
+    /etc/skel</filename>, change the book's command(s) to send output there
+    instead and then just copy the file from <filename class="directory">
+    /etc/skel</filename> to the appropriate directories, like <filename
+    class="directory">/etc</filename>, <filename class="directory">~
+    </filename> or the home directory of any other user already in the system.
+  </para>
   <bridgehead renderas="sect5">When Adding a User</bridgehead>
+  <para>When adding a new user with <command>useradd</command>, use
+  the <option>-m</option> parameter, which tells
+  <command>useradd</command> to create the user's home directory and
+  copy files from <filename class="directory">/etc/skel</filename> (can be
+  overridden) to the new user's home directory.  For example (perform as the
+  <systemitem class="username">root</systemitem> user):</para>
+  <para>
+    When adding a new user with <command>useradd</command>, use
+    the <option>-m</option> parameter, which tells
+    <command>useradd</command> to create the user's home directory and
+    copy files from <filename class="directory">/etc/skel</filename> (can be
+    overridden) to the new user's home directory.  For example (perform as the
+    <systemitem class="username">root</systemitem> user):
+  </para>
 <screen role="root"><userinput>useradd -m <replaceable>&lt;newuser&gt;</replaceable></userinput></screen>

postlfs/config/users.xml

-              rfa3edfef
+              r81a73ed8
   </indexterm>
+  <para>Throughout BLFS, many packages install programs that
+  run as daemons or in some way should have a user or group name
+  assigned.  Generally these names are used to map a user ID (uid) or group
+  ID (gid) for system use.  Generally the specific uid or gid numbers used
+  by these applications are not significant.  The exception of course, is
+  that <systemitem class='username'>root</systemitem> has a uid and gid of 0
+  (zero) that is indeed special.  The uid values are stored in
+  <filename>/etc/passwd</filename> and the gid values
+  are found in <filename>/etc/group</filename>.</para>
+  <para>
+    Throughout BLFS, many packages install programs that run as daemons or in
+    some way should have a user or group name assigned.  Generally these
+    names are used to map a user ID (uid) or group ID (gid) for system use.
+    Generally the specific uid or gid numbers used by these applications are
+    not significant.  The exception of course, is that <systemitem
+    class='username'>root</systemitem> has a uid and gid of 0 (zero) that
+    is indeed special.  The uid values are stored in
+    <filename>/etc/passwd</filename> and the gid values are found in
+    <filename>/etc/group</filename>.
+  </para>
+  <para>Customarily, Unix systems classify users and groups into two
+  categories: system users and regular users.  The system users and groups are
+  given low numbers and regular users and groups have numeric values greater
+  than all the system values.  The cutoff for these numbers is found in two
+  parameters in the <filename>/etc/login.defs</filename> configuration file.
+  The default UID_MIN value is 1000 and the default GID_MIN value is 1000.  If a
+  specific uid or gid value is not specified when creating a user with
+  <command>useradd</command> or a group with <command>groupadd</command> the values
+  assigned will always be above these cutoff values.</para>
+  <para>
+    Customarily, Unix systems classify users and groups into two categories:
+    system users and regular users.  The system users and groups are given
+    low numbers and regular users and groups have numeric values greater
+    than all the system values.  The cutoff for these numbers is found in
+    two parameters in the <filename>/etc/login.defs</filename> configuration
+    file.  The default UID_MIN value is 1000 and the default GID_MIN value
+    is 1000.  If a specific uid or gid value is not specified when creating
+    a user with <command>useradd</command> or a group with
+    <command>groupadd</command> the values assigned will always be above
+    these cutoff values.
+  </para>
+  <para>Additionally, the <ulink
+  url='http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/usernames.html'>
+  Linux Standard Base</ulink> recommends that system uid and gid values should be
+  below 100.</para>
+  <para>
+    Additionally, the <ulink url=
+      "http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/usernames.html">
+    Linux Standard Base</ulink> recommends that system uid and gid values
+    should be below 100.
+  </para>
+  <para>Below is a table of suggested uid/gid values used in BLFS beyond those
+  defined in a base LFS installation.  These can be changed as desired, but
+  provide a suggested set of consistent values.</para>
+  <para>
+    Below is a table of suggested uid/gid values used in BLFS beyond those
+    defined in a base LFS installation.  These can be changed as desired, but
+    provide a suggested set of consistent values.
+  </para>
   <table id="uidgid" class="uidvalues">
 …
   </table>
+  <para>One value that is missing is 65534.  This value is customarily assigned
+  to the user <systemitem class="username">nobody</systemitem> and group
+  <systemitem class="groupname">nogroup</systemitem> and is unnecessary.
+  <para>
+    One value that is missing is 65534.  This value is customarily assigned
+    to the user <systemitem class="username">nobody</systemitem> and group
+    <systemitem class="groupname">nogroup</systemitem> and is unnecessary.
   </para>

postlfs/config/vimrc.xml

-              rfa3edfef
+              r81a73ed8
   </indexterm>
+  <para>The LFS book installs <application>Vim</application>
+  as its text editor.  At this point it should be noted that there are a
+  <emphasis>lot</emphasis> of different editing applications out there including
+  <application>Emacs</application>, <application>nano</application>,
+  <application>Joe</application> and many more.  Anyone who has been around the
+  Internet (especially usenet) for a short time will certainly have observed at
+  least one flame war, usually involving <application>Vim</application> and
+  <application>Emacs</application> users!</para>
+  <para>
+    The LFS book installs <application>Vim</application> as its text editor.
+    At this point it should be noted that there are a <emphasis>lot</emphasis>
+    of different editing applications out there including
+    <application>Emacs</application>, <application>nano</application>,
+    <application>Joe</application> and many more.  Anyone who has been
+    around the Internet (especially usenet) for a short time will certainly
+    have observed at least one flame war, usually involving
+    <application>Vim</application> and <application>Emacs</application> users!
+  </para>
+  <para>The LFS book creates a basic <filename>vimrc</filename> file. In this
+  section you'll find an attempt to enhance this file. At startup,
+  <command>vim</command> reads the global configuration file
+  (<filename>/etc/vimrc</filename>) as well as a user-specific file
+  (<filename>~/.vimrc</filename>). Either or both can be tailored to suit
+  the needs of your particular system.</para>
+  <para>
+    The LFS book creates a basic <filename>vimrc</filename> file. In this
+    section you'll find an attempt to enhance this file. At startup,
+    <command>vim</command> reads the global configuration file
+    (<filename>/etc/vimrc</filename>) as well as a user-specific file
+    (<filename>~/.vimrc</filename>). Either or both can be tailored to suit
+    the needs of your particular system.
+  </para>
+  <para>Here is a slightly expanded <filename>.vimrc</filename> that you can
+  put in <filename>~/.vimrc</filename> to provide user specific effects. Of
+  course, if you put it into <filename>/etc/skel/.vimrc</filename> instead, it
+  will be made available to users you add to the system later. You can also copy
+  the file from <filename>/etc/skel/.vimrc</filename> to the home directory of
+  users already on the system, such as
+  <systemitem class='username'>root</systemitem>. Be sure to set permissions,
+  owner, and group if you do copy anything directly from
+  <filename class="directory">/etc/skel</filename>.</para>
+  <para>
+    Here is a slightly expanded <filename>.vimrc</filename> that you can put
+    in <filename>~/.vimrc</filename> to provide user specific effects. Of
+    course, if you put it into <filename>/etc/skel/.vimrc</filename> instead,
+    it will be made available to users you add to the system later. You
+    can also copy the file from <filename>/etc/skel/.vimrc</filename> to
+    the home directory of users already on the system, such as <systemitem
+    class='username'>root</systemitem>. Be sure to set permissions, owner,
+    and group if you do copy anything directly from <filename
+    class="directory">/etc/skel</filename>.
+  </para>
 <screen><literal>" Begin .vimrc
 …
 " End .vimrc</literal></screen>
+  <para>Note that the comment tags are " instead of the more
+  usual # or //.  This is correct, the syntax for
+  <filename>vimrc</filename> is slightly unusual.</para>
+  <para>
+    Note that the comment tags are " instead of the more
+    usual # or //.  This is correct, the syntax for
+    <filename>vimrc</filename> is slightly unusual.
+  </para>
+  <para>Below you'll find a quick explanation of what each of the
+  options in this example file means here:</para>
+  <para>
+    Below you'll find a quick explanation of what each of the
+    options in this example file means here:
+  </para>
   <itemizedlist>
     <!--
     <listitem>
+      <para><option>set nocompatible</option> : This option
+      stops <command>vim</command> from behaving in a strongly <command>vi
+      </command>-compatible way. It should be at the start of any <filename>vimrc
+      </filename> file as it can affect lots of other options which you may want to
+      override.</para>
+      <para>
+        <option>set nocompatible</option> : This option
+        stops <command>vim</command> from behaving in a strongly <command>vi
+        </command>-compatible way. It should be at the start of any
+        <filename>vimrc </filename> file as it can affect lots of other
+        options which you may want to override.
+      </para>
     </listitem>
     <listitem>
+      <para><option>set bs=2</option>: This influences the behavior
+      of the backspace option.  It is fairly complex so see <command>:help 'bs'
+      </command> for more details.</para>
+      <para>
+        <option>set bs=2</option>: This influences the behavior of the
+        backspace option.  It is fairly complex so see <command>:help 'bs'
+        </command> for more details.
+      </para>
     </listitem>
     -->
     <listitem>
+      <para><option>set columns=80</option>: This simply sets the
+      number of columns used on the screen.</para>
+      <para>
+        <option>set columns=80</option>: This simply sets the
+        number of columns used on the screen.
+      </para>
     </listitem>
     <!--
     <listitem>
+      <para><option>set background=dark</option>: This tells
+      <command>vim</command> to use colors which look good on a dark
+      background.</para>
+      <para>
+        <option>set background=dark</option>: This tells
+        <command>vim</command> to use colors which look good on a dark
+        background.
+      </para>
     </listitem>
     -->
     <listitem>
+      <para><option>set wrapmargin=8</option>: This is the number of
+      characters from the right window border where wrapping starts.</para>
+      <para>
+        <option>set wrapmargin=8</option>: This is the number of
+        characters from the right window border where wrapping starts.
+      </para>
     </listitem>
     <!--
     <listitem>
+      <para><option>syntax on</option>: Enables
+      <command>vim</command>'s syntax highlighting.</para>
+      <para>
+        <option>syntax on</option>: Enables
+        <command>vim</command>'s syntax highlighting.
+      </para>
     </listitem>
     -->
     <listitem>
+      <para><option>set ruler</option>: This makes <command>vim</command>
+      show the current row and column at the bottom right of the screen.</para>
+      <para>
+        <option>set ruler</option>: This makes <command>vim</command>
+        show the current row and column at the bottom right of the screen.
+      </para>
     </listitem>
   </itemizedlist>
+  <para>More information on the <emphasis>many</emphasis>
+  <command>vim</command> options can be found by reading the help
+  inside <command>vim</command> itself.  Do this by typing
+  <command>:</command><option>help</option> in
+  <command>vim</command> to get the general help, or by typing
+  <command>:</command><option>help usr_toc.txt</option> to view
+  the User Manual Table of Contents.</para>
+  <para>
+    More information on the <emphasis>many</emphasis>
+    <command>vim</command> options can be found by reading the help
+    inside <command>vim</command> itself.  Do this by typing
+    <command>:</command><option>help</option> in
+    <command>vim</command> to get the general help, or by typing
+    <command>:</command><option>help usr_toc.txt</option> to view
+    the User Manual Table of Contents.
+  </para>
 </sect1>

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: