White space fix only. Translators can ignore.

svn path=/head/; revision=43018
2013-10-21 22:51:19 +00:00 · 2013-10-21 22:51:19 +00:00 · 420435f8e6 · 2020-12-08 03:00:23 +00:00
commit 420435f8e6
parent b69ebce38c
1 changed files with 200 additions and 186 deletions
--- a/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
@ -3006,134 +3006,136 @@ dhcpd_ifaces="dc0"</programlisting>
    -->
    <title>Domain Name System (<acronym>DNS</acronym>)</title>
-      <indexterm><primary>BIND</primary></indexterm>
+    <indexterm><primary>BIND</primary></indexterm>
-      <para>Domain Name System (<acronym>DNS</acronym>) is the protocol through which domain names are
+    <para>Domain Name System (<acronym>DNS</acronym>) is the protocol
-	mapped to <acronym>IP</acronym> addresses, and vice versa.  By default, &os; installs the Berkeley
+      through which domain names are mapped to <acronym>IP</acronym>
-	Internet Name Domain (<acronym>BIND</acronym>), which is the most common implementation
+      addresses, and vice versa.  By default, &os; installs the
-	of the <acronym>DNS</acronym> protocol.  The &os; version provides enhanced security features, a new file
+      Berkeley Internet Name Domain (<acronym>BIND</acronym>), which
-	system layout, and automated &man.chroot.8;
+      is the most common implementation of the <acronym>DNS</acronym>
-	configuration.  BIND is maintained by the
+      protocol.  The &os; version provides enhanced security features,
-	<ulink url="https://www.isc.org/">isc.org</ulink>.
+      a new file system layout, and automated &man.chroot.8;
-	It is not necessary to run a name
+      configuration.  BIND is maintained by the <ulink
-	server to perform <acronym>DNS</acronym> lookups on a
+	url="https://www.isc.org/">isc.org</ulink>.  It is not
-	system.</para>
+      necessary to run a name server to perform <acronym>DNS</acronym>
      lookups on a system.</para>
-      <indexterm><primary>DNS</primary></indexterm>
+    <indexterm><primary>DNS</primary></indexterm>
-      <para><acronym>DNS</acronym> is coordinated across the Internet
+    <para><acronym>DNS</acronym> is coordinated across the Internet
-	through a somewhat complex system of authoritative root, Top
+      through a somewhat complex system of authoritative root, Top
-	Level Domain (<acronym>TLD</acronym>), and other smaller-scale
+      Level Domain (<acronym>TLD</acronym>), and other smaller-scale
-	name servers, which host and cache individual domain
+      name servers, which host and cache individual domain
-	information.  Table 28.4 describes some of the terms associated with <acronym>DNS</acronym>:</para>
+      information.  Table 28.4 describes some of the terms associated
      with <acronym>DNS</acronym>:</para>
-      <indexterm><primary>resolver</primary></indexterm>
+    <indexterm><primary>resolver</primary></indexterm>
-      <indexterm><primary>reverse
+    <indexterm><primary>reverse
-	  <acronym>DNS</acronym></primary></indexterm>
+      <acronym>DNS</acronym></primary></indexterm>
-      <indexterm><primary>root zone</primary></indexterm>
+    <indexterm><primary>root zone</primary></indexterm>
-      <table frame="none" pgwide="1">
+    <table frame="none" pgwide="1">
-	<title><acronym>DNS</acronym> Terminology</title>
+      <title><acronym>DNS</acronym> Terminology</title>
 	<tgroup cols="2">
 	  <colspec colwidth="1*"/>
 	  <colspec colwidth="3*"/>
-	  <thead>
+      <tgroup cols="2">
-	    <row>
+	<colspec colwidth="1*"/>
-	      <entry>Term</entry>
+	<colspec colwidth="3*"/>
 	      <entry>Definition</entry>
 	    </row>
 	  </thead>
-	  <tbody>
+	<thead>
-	    <row>
+	  <row>
-	      <entry>Forward <acronym>DNS</acronym></entry>
+	    <entry>Term</entry>
-	      <entry>Mapping of hostnames to <acronym>IP</acronym>
+	    <entry>Definition</entry>
-		addresses.</entry>
+	  </row>
-	    </row>
+	</thead>
-	    <row>
+	<tbody>
-	      <entry>Origin</entry>
+	  <row>
-	      <entry>Refers to the domain covered in a particular zone
+	    <entry>Forward <acronym>DNS</acronym></entry>
-		file.</entry>
+	    <entry>Mapping of hostnames to <acronym>IP</acronym>
-	    </row>
+	      addresses.</entry>
 	  </row>
-	    <row>
+	  <row>
-	      <entry><application>named</application>, BIND</entry>
+	    <entry>Origin</entry>
-	      <entry>Common names for the BIND name server package
+	    <entry>Refers to the domain covered in a particular zone
-		within &os;.</entry>
+	      file.</entry>
-	    </row>
+	  </row>
-	    <row>
+	  <row>
-	      <entry>Resolver</entry>
+	    <entry><application>named</application>, BIND</entry>
-	      <entry>A system process through which a machine queries
+	    <entry>Common names for the BIND name server package
-		a name server for zone information.</entry>
+	      within &os;.</entry>
-	    </row>
+	  </row>
-	    <row>
+	  <row>
-	      <entry>Reverse <acronym>DNS</acronym></entry>
+	    <entry>Resolver</entry>
-	      <entry>Mapping of <acronym>IP</acronym> addresses to
+	    <entry>A system process through which a machine queries
-		hostnames.</entry>
+	      a name server for zone information.</entry>
-	    </row>
+	  </row>
-	    <row>
+	  <row>
-	      <entry>Root zone</entry>
+	    <entry>Reverse <acronym>DNS</acronym></entry>
 	    <entry>Mapping of <acronym>IP</acronym> addresses to
 	      hostnames.</entry>
 	  </row>
-	      <entry>The beginning of the Internet zone hierarchy.
+	  <row>
-		All zones fall under the root zone, similar to how
+	    <entry>Root zone</entry>
 		all files in a file system fall under the root
 		directory.</entry>
 	    </row>
-	    <row>
+	    <entry>The beginning of the Internet zone hierarchy.  All
-	      <entry>Zone</entry>
+	      zones fall under the root zone, similar to how all files
-	      <entry>An individual domain, subdomain, or portion of
+	      in a file system fall under the root directory.</entry>
-		the <acronym>DNS</acronym> administered by the same
+	  </row>
 		authority.</entry>
 	    </row>
 	  </tbody>
 	</tgroup>
      </table>
-      <indexterm>
+	  <row>
-	<primary>zones</primary>
+	    <entry>Zone</entry>
-	<secondary>examples</secondary>
+	    <entry>An individual domain, subdomain, or portion of the
-      </indexterm>
+	      <acronym>DNS</acronym> administered by the same
 	      authority.</entry>
 	  </row>
 	</tbody>
      </tgroup>
    </table>
-      <para>Examples of zones:</para>
+    <indexterm>
      <primary>zones</primary>
      <secondary>examples</secondary>
    </indexterm>
-      <itemizedlist>
+    <para>Examples of zones:</para>
 	<listitem>
 	  <para><hostid>.</hostid> is how the root zone is usually
 	    referred to in documentation.</para>
 	</listitem>
-	<listitem>
+    <itemizedlist>
-	  <para><hostid>org.</hostid> is a Top Level Domain
+      <listitem>
-	    (<acronym>TLD</acronym>) under the root zone.</para>
+	<para><hostid>.</hostid> is how the root zone is usually
-	</listitem>
+	  referred to in documentation.</para>
      </listitem>
-	<listitem>
+      <listitem>
-	  <para><hostid role="domainname">example.org.</hostid> is a
+	<para><hostid>org.</hostid> is a Top Level Domain
-	    zone under the <hostid>org.</hostid>
+	  (<acronym>TLD</acronym>) under the root zone.</para>
-	    <acronym>TLD</acronym>.</para>
+      </listitem>
 	</listitem>
-	<listitem>
+      <listitem>
-	  <para><hostid>1.168.192.in-addr.arpa</hostid> is a zone
+	<para><hostid role="domainname">example.org.</hostid> is a
-	    referencing all <acronym>IP</acronym> addresses which fall
+	  zone under the <hostid>org.</hostid>
-	    under the <hostid role="ipaddr">192.168.1.*</hostid>
+	  <acronym>TLD</acronym>.</para>
-	    <acronym>IP</acronym> address space.</para>
+      </listitem>
 	</listitem>
      </itemizedlist>
-      <para>As one can see, the more specific part of a hostname
+      <listitem>
-	appears to its left.  For example,
+	<para><hostid>1.168.192.in-addr.arpa</hostid> is a zone
-	<hostid role="domainname">example.org.</hostid> is more
+	  referencing all <acronym>IP</acronym> addresses which fall
-	specific than <hostid>org.</hostid>, as <hostid>org.</hostid>
+	  under the <hostid role="ipaddr">192.168.1.*</hostid>
-	is more specific than the root zone.  The layout of each part
+	  <acronym>IP</acronym> address space.</para>
-	of a hostname is much like a file system: the
+      </listitem>
-	<filename class="directory">/dev</filename> directory falls
+    </itemizedlist>
-	within the root, and so on.</para>
+
    <para>As one can see, the more specific part of a hostname
      appears to its left.  For example, <hostid
 	role="domainname">example.org.</hostid> is more specific than
      <hostid>org.</hostid>, as <hostid>org.</hostid> is more specific
      than the root zone.  The layout of each part of a hostname is
      much like a file system: the <filename
 	class="directory">/dev</filename> directory falls within the
      root, and so on.</para>
    <sect2>
      <title>Reasons to Run a Name Server</title>
@ -4405,18 +4407,19 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
      <secondary>setting up</secondary></indexterm>
    <indexterm><primary>Apache</primary></indexterm>
-    <para>The open source
+    <para>The open source <application>Apache HTTP Server
-      <application>Apache HTTP Server</application> is the most widely
+	</application> is the most widely used web server.  &os; does
-      used web server.  &os; does not install this web server by default,
+      not install this web server by default, but it can be installed
-      but it can be installed from the
+      from the <filename
-      <filename role="package">www/apache24</filename> package or port.</para>
+	role="package">www/apache24</filename> package or port.</para>
-    <para>This section summarizes how to configure and start version 2.<replaceable>x</replaceable> of the
+    <para>This section summarizes how to configure and start version
-	<application>Apache HTTP Server</application>, the
+      2.<replaceable>x</replaceable> of the <application>Apache HTTP
-	most widely used version, on &os;.  For more detailed
+	Server</application>, the most widely used version, on &os;.
-	information about
+      For more detailed information about
-	<application>Apache</application>&nbsp;2.X and its configuration directives, refer to
+      <application>Apache</application>&nbsp;2.X and its configuration
-	<ulink url="http://httpd.apache.org/">httpd.apache.org</ulink>.</para>
+      directives, refer to <ulink
 	url="http://httpd.apache.org/">httpd.apache.org</ulink>.</para>
    <sect2>
      <title>Configuring and Starting Apache</title>
@ -4424,20 +4427,20 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
      <indexterm><primary>Apache</primary>
 	<secondary>configuration file</secondary></indexterm>
-      <para>In &os;, the main <application>Apache HTTP Server</application>
+      <para>In &os;, the main <application>Apache HTTP
-	configuration file is installed as
+	  Server</application> configuration file is installed as
 	<filename>/usr/local/etc/apache2<replaceable>x</replaceable>/httpd.conf</filename>.
-	This ASCII text file begins
+	This ASCII text file begins comment lines with the
-	comment lines with the <literal>#</literal>.  The
+	<literal>#</literal>.  The most frequently modified directives
-	most frequently modified directives are:</para>
+	are:</para>
      <variablelist>
 	<varlistentry>
 	  <term><literal>ServerRoot "/usr/local"</literal></term>
 	  <listitem>
-	    <para>Specifies the default directory hierarchy for
+	    <para>Specifies the default directory hierarchy for the
-	      the <application>Apache</application> installation.
+	      <application>Apache</application> installation.
 	      Binaries are stored in the
 	      <filename class="directory">bin</filename> and
 	      <filename class="directory">sbin</filename>
@ -4451,7 +4454,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	  <term><literal>ServerAdmin you@your.address</literal></term>
 	  <listitem>
-	    <para>The email address to receive problems with the server.  This address also appears on some
+	    <para>The email address to receive problems with the
 	      server.  This address also appears on some
 	      server-generated pages, such as error documents.</para>
 	  </listitem>
 	</varlistentry>
@ -4463,8 +4467,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	    <para>Allows an
 	      administrator to set a host name which is sent back to
 	      clients for the server.  For example,
-	      <hostid>www</hostid> can be used instead of the actual host
+	      <hostid>www</hostid> can be used instead of the actual
-	      name.</para>
+	      host name.</para>
 	  </listitem>
 	</varlistentry>
@ -4487,8 +4491,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
 	making changes.  When the configuration of
 	<application>Apache</application>, is complete, save the
 	file and verify the configuration using apachectl(8).
-	Running <command>apachectl configtest</command>
+	Running <command>apachectl configtest</command> should return
-	should return <literal>Syntax OK</literal>.</para>
+	<literal>Syntax OK</literal>.</para>
      <indexterm><primary>Apache</primary>
 	<secondary>starting or stopping</secondary></indexterm>
@ -4507,16 +4511,17 @@ $include Kexample.com.+005+nnnnn.ZSK.key    ; ZSK</programlisting>
      <para>If <application>Apache</application> should be started
 	with non-default options, the following line may be added to
-	<filename>/etc/rc.conf</filename> to specify the needed flags:</para>
+	<filename>/etc/rc.conf</filename> to specify the needed
 	flags:</para>
      <programlisting>apache24_flags=""</programlisting>
      <para>The <application>Apache</application> configuration can be
-	tested for errors after making subsequent
+	tested for errors after making subsequent configuration
-	configuration changes while <command>httpd</command> is
+	changes while <command>httpd</command> is running.  This can
-	running.  This can be done by the &man.rc.8; script directly,
+	be done by the &man.rc.8; script directly, or by the
-	or by the &man.service.8; utility by issuing one of the
+	&man.service.8; utility by issuing one of the following
-	following commands:</para>
+	commands:</para>
      <screen>&prompt.root; <userinput>service apache24 configtest</userinput></screen>
@ -4873,66 +4878,72 @@ DocumentRoot /www/someotherdomain.tld
    -->
    <title>File Transfer Protocol (<acronym>FTP</acronym>)</title>
-    <indexterm><primary><acronym>FTP</acronym> servers</primary></indexterm>
+    <indexterm><primary><acronym>FTP</acronym>
 	servers</primary></indexterm>
-    <para>The File Transfer Protocol (<acronym>FTP</acronym>) provides users with a
+    <para>The File Transfer Protocol (<acronym>FTP</acronym>) provides
-      simple way to transfer files to and from an
+      users with a simple way to transfer files to and from an
-      <acronym>FTP</acronym> server.
+      <acronym>FTP</acronym> server.  &os; includes
-      &os; includes <acronym>FTP</acronym> server
+      <acronym>FTP</acronym> server software,
-      software, <application>ftpd</application>, in the base system.</para>
+      <application>ftpd</application>, in the base system.</para>
      <para>&os; provides several configuration files for controlling access
 	to the <acronym>FTP</acronym> server. This section summarizes
 	these files.  Refer to &man.ftpd.8; for more details about the
 	built-in <acronym>FTP</acronym> server.</para>
-      <sect2>
+    <para>&os; provides several configuration files for controlling
-	<title>Configuration</title>
+      access to the <acronym>FTP</acronym> server.  This section
      summarizes these files.  Refer to &man.ftpd.8; for more details
      about the built-in <acronym>FTP</acronym> server.</para>
    <sect2>
      <title>Configuration</title>
      <para>The most important configuration step is deciding which
-	accounts will be allowed access to the <acronym>FTP</acronym> server.  A
+	accounts will be allowed access to the <acronym>FTP</acronym>
-	&os; system has a number of system accounts which
+	server.  A &os; system has a number of system accounts which
-	should not be allowed <acronym>FTP</acronym> access.
+	should not be allowed <acronym>FTP</acronym> access.  The list
-	The list of users disallowed any <acronym>FTP</acronym> access
+	of users disallowed any <acronym>FTP</acronym> access can be
-	can be found in <filename>/etc/ftpusers</filename>.
+	found in <filename>/etc/ftpusers</filename>.  By default, it
-	By
+	includes system accounts.  Additional users that should not be
 	default, it includes system accounts.  Additional
 	users that should not be
 	allowed access to <acronym>FTP</acronym> can be added.</para>
      <para>In some cases it may be desirable to restrict the access
 	of some users without preventing them completely from using
 	<acronym>FTP</acronym>.  This can be accomplished be creating
-	<filename>/etc/ftpchroot</filename> as described in &man.ftpchroot.5;.  This file lists
+	<filename>/etc/ftpchroot</filename> as described in
-	users and groups subject to <acronym>FTP</acronym> access restrictions.</para>
+	&man.ftpchroot.5;.  This file lists users and groups subject
 	to <acronym>FTP</acronym> access restrictions.</para>
      <indexterm>
 	<primary><acronym>FTP</acronym></primary>
 	<secondary>anonymous</secondary>
      </indexterm>
-      <para>To enable anonymous <acronym>FTP</acronym> access to the server, create a
+      <para>To enable anonymous <acronym>FTP</acronym> access to the
-	user named <username>ftp</username> on the &os; system.  Users
+	server, create a user named <username>ftp</username> on the
-	will then be able to log on to the <acronym>FTP</acronym> server with a username
+	&os; system.  Users will then be able to log on to the
-	of <username>ftp</username> or <username>anonymous</username>.  When prompted for the password,
+	<acronym>FTP</acronym> server with a username of
-	any input will be accepted, but by convention, an email address
+	<username>ftp</username> or <username>anonymous</username>.
-	should be used as the password.  The <acronym>FTP</acronym> server will
+	When prompted for the password, any input will be accepted,
-	call &man.chroot.2; when an anonymous user logs in, to
+	but by convention, an email address should be used as the
-	restrict access to only the home directory of the
+	password.  The <acronym>FTP</acronym> server will call
 	&man.chroot.2; when an anonymous user logs in, to restrict
 	access to only the home directory of the
 	<username>ftp</username> user.</para>
-      <para>There are two text files that can be created to specify welcome messages to
+      <para>There are two text files that can be created to specify
-	be displayed to <acronym>FTP</acronym> clients.  The contents of
+	welcome messages to be displayed to <acronym>FTP</acronym>
 	clients.  The contents of
 	<filename>/etc/ftpwelcome</filename> will be displayed to
 	users before they reach the login prompt.  After a successful
 	login, the contents of
 	<filename>/etc/ftpmotd</filename> will be displayed.  Note
 	that the path to this file is relative to the login
-	environment, so the contents of <filename>~ftp/etc/ftpmotd</filename>
+	environment, so the contents of
-	would be displayed for anonymous users.</para>
+	<filename>~ftp/etc/ftpmotd</filename> would be displayed for
 	anonymous users.</para>
-      <para>Once the <acronym>FTP</acronym> server has been configured, set the appropriate variable in
+      <para>Once the <acronym>FTP</acronym> server has been
-	<filename>/etc/rc.conf</filename> to start the service during boot:</para>
+	configured, set the appropriate variable in
 	<filename>/etc/rc.conf</filename> to start the service during
 	boot:</para>
      <programlisting>ftpd_enable="YES"</programlisting>
@ -4940,7 +4951,8 @@ DocumentRoot /www/someotherdomain.tld
      <screen>&prompt.root; <userinput>service ftpd start</userinput></screen>
-      <para>Test the connection to the <acronym>FTP</acronym> server by typing:</para>
+      <para>Test the connection to the <acronym>FTP</acronym> server
 	by typing:</para>
      <screen>&prompt.user; <userinput>ftp localhost</userinput></screen>
@ -4950,9 +4962,10 @@ DocumentRoot /www/someotherdomain.tld
      <para>The <application>ftpd</application> daemon uses
 	&man.syslog.3; to log messages.  By default, the system log
-	daemon will write messages related to <acronym>FTP</acronym> in
+	daemon will write messages related to <acronym>FTP</acronym>
-	<filename>/var/log/xferlog</filename>.  The location of
+	in <filename>/var/log/xferlog</filename>.  The location of
-	the <acronym>FTP</acronym> log can be modified by changing the following line in
+	the <acronym>FTP</acronym> log can be modified by changing the
 	following line in
 	<filename>/etc/syslog.conf</filename>:</para>
      <programlisting>ftp.info      /var/log/xferlog</programlisting>
@ -4963,14 +4976,15 @@ DocumentRoot /www/someotherdomain.tld
      </indexterm>
      <note>
-      <para>Be aware of the potential problems involved with running
+	<para>Be aware of the potential problems involved with running
-	an anonymous <acronym>FTP</acronym> server.  In particular, think twice about
+	  an anonymous <acronym>FTP</acronym> server.  In particular,
-	allowing anonymous users to upload files.  It may turn out
+	  think twice about allowing anonymous users to upload files.
-	that the <acronym>FTP</acronym> site becomes a forum for the trade of unlicensed
+	  It may turn out that the <acronym>FTP</acronym> site becomes
-	commercial software or worse.  If anonymous <acronym>FTP</acronym> uploads are
+	  a forum for the trade of unlicensed commercial software or
-	required, then verify the permissions so that these files can
+	  worse.  If anonymous <acronym>FTP</acronym> uploads are
-	not be read by other anonymous users until they have been
+	  required, then verify the permissions so that these files
-	reviewed by an administrator.</para>
+	  can not be read by other anonymous users until they have
 	  been reviewed by an administrator.</para>
      </note>
    </sect2>
  </sect1>