From 559078326804c1a54dfb127813efd2f5f38822ab Mon Sep 17 00:00:00 2001 From: Dru Lavigne Date: Wed, 19 Mar 2014 14:08:07 +0000 Subject: [PATCH] White space fix only. Translators can ignore. Sponsored by: iXsystems --- .../handbook/network-servers/chapter.xml | 295 +++++++++--------- 1 file changed, 146 insertions(+), 149 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml b/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml index 0e18437ec5..235cab03ba 100644 --- a/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml @@ -1744,10 +1744,10 @@ nis_client_enable="YES" logins. To prevent specified users from logging on to a system, - even if they are present in the - NIS database, use vipw - to add -username with the correct number - of colons towards the end of + even if they are present in the NIS + database, use vipw to add + -username with + the correct number of colons towards the end of /etc/master.passwd on the client, where username is the username of a user to bar from logging in. The line with the blocked @@ -4394,7 +4394,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key ; ZSK Binaries are stored in the bin and sbin subdirectories of the server root, and configuration files are stored in - etc/apache2x. + etc/apache2x. @@ -4485,7 +4486,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key ; ZSK &prompt.root; service apache24 start The httpd service can be tested by - entering http://localhost + entering + http://localhost in a web browser, replacing localhost with the fully-qualified domain name of the machine running httpd, @@ -5658,27 +5660,26 @@ Logging to FILE /var/log/messages Configuration iSCSI is a way to share storage over a - network. Unlike - NFS, which works at the - file system level, iSCSI works at the - block device level. - + network. Unlike NFS, which works at the file + system level, iSCSI works at the block device + level. + In iSCSI terminology, the system that - shares the storage is - known as the target. The storage can be a - physical disk, or an area representing multiple disks or a - portion of a physical disk. For example, if the disk(s) are - formatted with ZFS, a zvol can be created to - use as the iSCSI storage. - + shares the storage is known as the target. + The storage can be a physical disk, or an area representing + multiple disks or a portion of a physical disk. For example, if + the disk(s) are formatted with ZFS, a zvol + can be created to use as the iSCSI + storage. + The clients which access the iSCSI - storage are called initiators. - To initiators, the storage available through + storage are called initiators. To + initiators, the storage available through iSCSI appears as a raw, unformatted disk - known as a LUN. - Device nodes for the disk appear in /dev/ and the device must be + known as a LUN. Device nodes for the disk + appear in /dev/ and the device must be separately formatted and mounted. - + Beginning with 10.0-RELEASE, &os; provides a native, kernel-based iSCSI target and initiator. This section describes how to configure a &os; system as a @@ -5688,28 +5689,26 @@ Logging to FILE /var/log/messages Configuring an <acronym>iSCSI</acronym> Target - The native iSCSI target is - supported starting with &os; 10.0-RELEASE. To use - iSCSI in older versions of &os;, install a - userspace target from the Ports Collection, such as - net/istgt. This chapter only describes the - native target. + The native iSCSI target is supported + starting with &os; 10.0-RELEASE. To use + iSCSI in older versions of &os;, install + a userspace target from the Ports Collection, such as + net/istgt. This chapter only describes + the native target. - To configure an iSCSI target, - create the - /etc/ctl.conf configuration file, add - a line to /etc/rc.conf to - make sure the &man.ctld.8; - daemon is automatically started at boot, and then start the - daemon. + To configure an iSCSI target, create + the /etc/ctl.conf configuration file, add + a line to /etc/rc.conf to make sure the + &man.ctld.8; daemon is automatically started at boot, and then + start the daemon. - The following is an example of a simple - /etc/ctl.conf - configuration file. Refer to &man.ctl.conf.5; for a more - complete description of this file's available options. + The following is an example of a simple + /etc/ctl.conf configuration file. Refer + to &man.ctl.conf.5; for a more complete description of this + file's available options. - portal-group pg0 { + portal-group pg0 { discovery-auth-group no-authentication listen 0.0.0.0 listen [::] @@ -5725,86 +5724,78 @@ target iqn.2012-06.com.example:target0 { } } - The first entry defines the pg0 - portal group. Portal groups define which network addresses the - &man.ctld.8; - daemon will listen on. The discovery-auth-group - no-authentication entry indicates that any initiator is - allowed to perform iSCSI target - discovery without authentication. Lines three and four - configure &man.ctld.8; to - listen on all IPv4 - (listen 0.0.0.0) and - IPv6 (listen [::]) - addresses on the default port of 3260. - - It is not necessary - to define a portal group as there is a built-in portal group called - default. In this case, the difference between - default and pg0 - is that with default, target - discovery is always - denied, while with pg0, it is always - allowed. + The first entry defines the pg0 portal + group. Portal groups define which network addresses the + &man.ctld.8; daemon will listen on. The + discovery-auth-group no-authentication + entry indicates that any initiator is allowed to perform + iSCSI target discovery without + authentication. Lines three and four configure &man.ctld.8; + to listen on all IPv4 + (listen 0.0.0.0) and + IPv6 (listen [::]) + addresses on the default port of 3260. - The second entry defines a single - target. Target has two possible - meanings: a machine serving iSCSI or - a named group of LUNs. This - example uses the latter meaning, where - iqn.2012-06.com.example:target0 is the - target name. This target name is suitable for testing purposes. - For actual use, change com.example - to the real domain name, reversed. The - 2012-06 represents the year and month of - acquiring control of that domain name, and - target0 can be any value. Any - number of targets can be defined in this configuration - file. + It is not necessary to define a portal group as there is a + built-in portal group called default. In + this case, the difference between default + and pg0 is that with + default, target discovery is always denied, + while with pg0, it is always + allowed. - The auth-group no-authentication line allows - all initiators to connect to the specified target and - portal-group pg0 makes the target - reachable through the pg0 portal - group. + The second entry defines a single target. Target has two + possible meanings: a machine serving iSCSI + or a named group of LUNs. This example + uses the latter meaning, where + iqn.2012-06.com.example:target0 is the + target name. This target name is suitable for testing + purposes. For actual use, change + com.example to the real domain name, + reversed. The 2012-06 represents the year + and month of acquiring control of that domain name, and + target0 can be any value. Any number of + targets can be defined in this configuration file. - The next section defines the LUN. To the - initiator, each LUN will be visible as a - separate disk device. Multiple - LUNs can be defined for each target. - Each LUN is identified by a number, where - LUN 0 is mandatory. The - path /data/target0-0 line defines the full - path to a file or zvol backing the LUN. - That path must exist before starting &man.ctld.8;. - The second line is optional and specifies the size of the - LUN. + The auth-group no-authentication line + allows all initiators to connect to the specified target and + portal-group pg0 makes the target reachable + through the pg0 portal group. - Next, to make sure the &man.ctld.8; - daemon is started at boot, add this line to - /etc/rc.conf: + The next section defines the LUN. To + the initiator, each LUN will be visible as + a separate disk device. Multiple LUNs can + be defined for each target. Each LUN is + identified by a number, where LUN 0 is + mandatory. The path /data/target0-0 line + defines the full path to a file or zvol backing the + LUN. That path must exist before starting + &man.ctld.8;. The second line is optional and specifies the + size of the LUN. - ctld_enable="YES" + Next, to make sure the &man.ctld.8; daemon is started at + boot, add this line to + /etc/rc.conf: - To start &man.ctld.8; now, - run this command: + ctld_enable="YES" - &prompt.root; service ctld start + To start &man.ctld.8; now, run this command: - As the &man.ctld.8; - daemon is started, it reads /etc/ctl.conf. - If this file is edited after the daemon starts, use this - command so that the changes take - effect immediately: + &prompt.root; service ctld start - &prompt.root; service ctld reload + As the &man.ctld.8; daemon is started, it reads + /etc/ctl.conf. If this file is edited + after the daemon starts, use this command so that the changes + take effect immediately: + + &prompt.root; service ctld reload Authentication - The previous example is inherently insecure as it uses no - authentication, granting anyone full access to - all targets. To require a username and password to access + The previous example is inherently insecure as it uses + no authentication, granting anyone full access to all + targets. To require a username and password to access targets, modify the configuration as follows: auth-group ag0 { @@ -5830,16 +5821,17 @@ target iqn.2012-06.com.example:target0 { The auth-group section defines username and password pairs. An initiator trying to connect to iqn.2012-06.com.example:target0 must - first specify a defined username and secret. However, target discovery is still - permitted without authentication. To require target discovery authentication, - set discovery-auth-group to a defined + first specify a defined username and secret. However, + target discovery is still permitted without authentication. + To require target discovery authentication, set + discovery-auth-group to a defined auth-group name instead of no-authentication. - It is common to define a - single exported target for every initiator. As a shorthand - for the syntax above, the username and password can be - specified directly in the target entry: + It is common to define a single exported target for + every initiator. As a shorthand for the syntax above, the + username and password can be specified directly in the + target entry: target iqn.2012-06.com.example:target0 { portal-group pg0 @@ -5857,28 +5849,26 @@ target iqn.2012-06.com.example:target0 { Configuring an <acronym>iSCSI</acronym> Initiator - The iSCSI initiator described in this section is - supported starting with &os; 10.0-RELEASE. To use the - iSCSI initiator available in older - versions, refer to &man.iscontrol.8;. + The iSCSI initiator described in this + section is supported starting with &os; 10.0-RELEASE. To + use the iSCSI initiator available in + older versions, refer to &man.iscontrol.8;. - The iSCSI initiator requires that the &man.iscsid.8; - daemon is running. This daemon does not use a configuration file. To - start it automatically at boot, add this line to - /etc/rc.conf: + The iSCSI initiator requires that the + &man.iscsid.8; daemon is running. This daemon does not use a + configuration file. To start it automatically at boot, add + this line to /etc/rc.conf: iscsid_enable="YES" - To start &man.iscsid.8; now, - run this command: + To start &man.iscsid.8; now, run this command: &prompt.root; service iscsid start Connecting to a target can be done with or without an - /etc/iscsi.conf - configuration file. This section demonstrates both types of - connections. + /etc/iscsi.conf configuration file. This + section demonstrates both types of connections. Connecting to a Target Without a Configuration @@ -5891,15 +5881,16 @@ target iqn.2012-06.com.example:target0 { <screen>&prompt.root; <userinput>iscsictl -A -p <replaceable>10.10.10.10</replaceable> -t <replaceable>iqn.2012-06.com.example:target0</replaceable></userinput></screen> <para>To verify if the connection succeeded, run - <command>iscsictl</command> without any - arguments. The output should look similar to this:</para> + <command>iscsictl</command> without any arguments. The + output should look similar to this:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Connected: da0</programlisting> - <para>In this example, the <acronym>iSCSI</acronym> session was - successfully established, with <filename>/dev/da0</filename> - representing the attached <acronym>LUN</acronym>. If the + <para>In this example, the <acronym>iSCSI</acronym> session + was successfully established, with + <filename>/dev/da0</filename> representing the attached + <acronym>LUN</acronym>. If the <literal>iqn.2012-06.com.example:target0</literal> target exports more than one <acronym>LUN</acronym>, multiple device nodes will be shown in that section of the @@ -5907,25 +5898,28 @@ iqn.2012-06.com.example:target0 10.10.10.10 Connected: da0</ <screen>Connected: da0 da1 da2.</screen> - <para>Any errors will be reported in the output, as well as the system logs. - For example, this message usually means that the &man.iscsid.8; - daemon is not running:</para> + <para>Any errors will be reported in the output, as well as + the system logs. For example, this message usually means + that the &man.iscsid.8; daemon is not running:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Waiting for iscsid(8)</programlisting> - <para>The following message suggests a networking problem, such as - a wrong <acronym>IP</acronym> address or port:</para> + <para>The following message suggests a networking problem, + such as a wrong <acronym>IP</acronym> address or + port:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.11 Connection refused</programlisting> - <para>This message means that the specified target name is wrong:</para> + <para>This message means that the specified target name is + wrong:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:atrget0 10.10.10.10 Not found</programlisting> - <para>This message means that the target requires authentication:</para> + <para>This message means that the target requires + authentication:</para> <programlisting>Target name Target portal State iqn.2012-06.com.example:target0 10.10.10.10 Authentication failed</programlisting> @@ -5953,19 +5947,22 @@ iqn.2012-06.com.example:target0 10.10.10.10 Authentication f }</programlisting> <para>The <literal>t0</literal> specifies a nickname for the - configuration file section. It will be used by the initiator to - specify which configuration to use. The other lines - specify the parameters to use during connection. The <literal>TargetAddress</literal> - and <literal>TargetName</literal> are mandatory, whereas the other options are optional. In - this example, the <acronym>CHAP</acronym> username and secret - are shown.</para> + configuration file section. It will be used by the + initiator to specify which configuration to use. The other + lines specify the parameters to use during connection. The + <literal>TargetAddress</literal> and + <literal>TargetName</literal> are mandatory, whereas the + other options are optional. In this example, the + <acronym>CHAP</acronym> username and secret are + shown.</para> - <para>To connect to the defined target, specify the nickname:</para> + <para>To connect to the defined target, specify the + nickname:</para> <screen>&prompt.root; <userinput>iscsictl -An <replaceable>t0</replaceable></userinput></screen> - <para>Alternately, to connect to all targets defined in the configuration - file, use:</para> + <para>Alternately, to connect to all targets defined in the + configuration file, use:</para> <screen>&prompt.root; <userinput>iscsictl -Aa</userinput></screen>