os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update the zh_TW translation of the Handbook using the PO translation

Browse source 
tools.

Submitted by:	Chien Wei Lin <cwlin0416@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D7009
This commit is contained in:
Warren Block 2016-08-09 03:14:22 +00:00
parent dcade40461
commit 7da9bf5a6a
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=49235
89 changed files with 80682 additions and 91585 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
zh_TW.UTF-8/books/handbook/advanced-networking/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.2
#
CHAPTERS= advanced-networking/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

5438
zh_TW.UTF-8/books/handbook/advanced-networking/chapter.xml
View file

File diff suppressed because it is too large Load diff

16
zh_TW.UTF-8/books/handbook/audit/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= audit/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

567
zh_TW.UTF-8/books/handbook/audit/chapter.xml
View file

@ -1,567 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.13
-->
<!-- Need more documentation on praudit, auditreduce, etc. Plus more info
on the triggers from the kernel (log rotation, out of space, etc).
And the /dev/audit special file if we choose to support that. Could use
some coverage of integrating MAC with Event auditing and perhaps discussion
on how some companies or organizations handle auditing and auditing
requirements. -->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="audit">
<info><title>Security Event Auditing</title>
<authorgroup>
<author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Written by </contrib></author>
</authorgroup>
</info>
<sect1 xml:id="audit-synopsis">
<title>Synopsis</title>
<indexterm><primary>AUDIT</primary></indexterm>
<indexterm>
<primary>Security Event Auditing</primary>
<see>MAC</see>
</indexterm>
<para>The &os;&nbsp;7-CURRENT development branch includes
support for Event Auditing based on the &posix;.1e draft and
Sun's published <acronym>BSM</acronym> API and file format.
Event auditing permits the selective logging of security-relevant
system events for the purposes of post-mortem analysis, system
monitoring, and intrusion detection. After some settling time in
&os;&nbsp;7-CURRENT, this support will be merged to &os;&nbsp;6-STABLE
and appear in subsequent releases.</para>
<warning>
<para>The audit facility in FreeBSD is considered experimental, and
production deployment should occur only after careful consideration
of the risks of deploying experimental software.</para>
</warning>
<para>This chapter will focus mainly on the installation and
configuration of Event Auditing. Explanation of audit policies,
and an example configuration will be provided for the
convenience of the reader.</para>
<para>After reading this chapter, you will know:</para>
<itemizedlist>
<listitem>
<para>What Event Auditing is and how it works.</para>
</listitem>
<listitem>
<para>How to configure Event Auditing on &os; for users
and processes.</para>
</listitem>
</itemizedlist>
<para>Before reading this chapter, you should:</para>
<itemizedlist>
<listitem>
<para>Understand &unix; and &os; basics
(<xref linkend="basics"/>).</para>
</listitem>
<listitem>
<para>Be familiar with the basics of kernel
configuration/compilation
(<xref linkend="kernelconfig"/>).</para>
</listitem>
<listitem>
<para>Have some familiarity with security and how it
pertains to &os; (<xref linkend="security"/>).</para>
</listitem>
</itemizedlist>
<warning>
<para>Event auditing can generate a great deal of log file
data, exceeding gigabytes a week in some configurations. An
administrator should read this chapter in its entirety to avoid
possible self-inflicted <acronym>DoS</acronym> attacks due to
improper configuration.</para>
</warning>
<para>The implementation of Event Auditing in &os; is similar to
that of the &sun; Basic Security Module, or <acronym>BSM</acronym>
library. Thus, the configuration is almost completely
interchangeable with &solaris; and Mac OS X/Darwin operating
systems.</para>
</sect1>
<sect1 xml:id="audit-inline-glossary">
<title>Key Terms - Words to Know</title>
<para>Before reading this chapter, a few key terms must be
explained. This is intended to clear up any confusion that
may occur and to avoid the abrupt introduction of new terms
and information.</para>
<itemizedlist>
<listitem>
<para><emphasis>event</emphasis>: An auditable event is
an event that can be logged using the audit subsystem. The
administrator can configure which events will be audited.
Examples of security-relevant events include the creation of
a file, the building of a network connection, or the logging
in of a user. Events are either <quote>attributable</quote>,
meaning that they can be traced back to a user
authentication, or <quote>non-attributable</quote>. Examples
of non-attributable events are any events that occur before
authentication has succeeded in the login process, such as
failed authentication attempts.</para>
</listitem>
<listitem>
<para><emphasis>class</emphasis>: Events may be assigned to
one or more classes, usually based on the general category
of the events, such as <quote>file creation</quote>,
<quote>file access</quote>, or <quote>network</quote>. Login
and logout events are assigned to the <literal>lo</literal>
class. The use of classes allows the administrator to
specify high level auditing rules without having to specify
whether each individual auditable operation will be logged.</para>
</listitem>
<listitem>
<para><emphasis>record</emphasis>: A record is a log entry
describing a security event. Records typically have a
record event type, information on the subject (user) associated
with the event, time information, information on any objects,
such as files, and information on whether the event corresponded
to a successful operation.</para>
</listitem>
<listitem>
<para><emphasis>trail</emphasis>: An audit trail, or log file,
consists of a series of audit records describing security
events. Typically, trails are in roughly chronological
order with respect to the time events completed. Only
authorized processes are allowed to commit records to the
audit trail.</para>
</listitem>
<listitem>
<para><emphasis>prefix</emphasis>: A prefix is considered to
be the configuration element used to toggle auditing for
success and failed events.</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="audit-install">
<title>Installing Audit Support</title>
<para>Support for Event Auditing is installed with
the normal <buildtarget>installworld</buildtarget> process. An
administrator may confirm this by viewing the contents
of <filename>/etc/security</filename>. Files
beginning with the word <emphasis>audit</emphasis> should be present.
For example, <filename>audit_event</filename>.</para>
<para>In-kernel support for the framework must also exist. This
may be done by adding the following lines to the local kernel
configuration file:</para>
<programlisting>options AUDIT</programlisting>
<para>Rebuild and reinstall
the kernel via the normal process explained in
<xref linkend="kernelconfig"/>.</para>
<para>Once completed, enable the audit daemon by adding the
following line to &man.rc.conf.5;:</para>
<programlisting>auditd_enable="YES"</programlisting>
<para>Functionality not provided by the default may be added
here with the <option>auditd_flags</option> option.</para>
</sect1>
<sect1 xml:id="audit-config">
<title>Audit Configuration</title>
<para>All configuration files for security audit are found in
<filename>/etc/security</filename>. The following
files must be present before the audit daemon is started:</para>
<itemizedlist>
<listitem>
<para><filename>audit_class</filename> - Contains the
definitions of the audit classes.</para>
</listitem>
<listitem>
<para><filename>audit_control</filename> - Controls aspects
of the audit subsystem, such as default audit classes,
minimum disk space to leave on the audit log volume,
etc.</para>
</listitem>
<listitem>
<para><filename>audit_event</filename> - Defines the kernel
audit events. These map, mostly, to system calls.</para>
</listitem>
<listitem>
<para><filename>audit_user</filename> - The events to audit
for individual users. Users not appearing here will be
subject to the default configuration in the control
configuration file.</para>
</listitem>
<listitem>
<para><filename>audit_warn</filename> - A shell script
used by auditd to generate warning messages in
exceptional situations, such as when space for audit
records is running low.</para>
</listitem>
</itemizedlist>
<sect2>
<title>Audit File Syntax</title>
<para>The configuration file syntax is rather arcane, albeit easy
to work with. One thing an administrator must be leery about
is overriding system defaults. This could create potential
openings for audit data to not be collected properly.</para>
<para>The audit subsystem will accept both the short name and
long name with regards to configuration syntax. A syntax
map has been included below.</para>
<para>The following list contains all supported audit
classes:</para>
<itemizedlist>
<listitem>
<para><option>all</option> - <literal>all</literal> - All
audit flags set.</para>
</listitem>
<listitem>
<para><option>ad</option> - <literal>administrative</literal>
- Administrative actions performed on the system as a
whole.</para>
</listitem>
<listitem>
<para><option>ap</option> - <literal>application</literal> -
Application defined action.</para>
</listitem>
<listitem>
<para><option>cl</option> - <literal>file_close</literal> -
Audit calls to the <function>close</function> system
call.</para>
</listitem>
<listitem>
<para><option>ex</option> - <literal>exec</literal> - Audit
program or utility execution.</para>
</listitem>
<listitem>
<para><option>fa</option> - <literal>file_attr_acc</literal>
- Audit the access of object attributes such as
&man.stat.1;, &man.pathconf.2; and similar events.</para>
</listitem>
<listitem>
<para><option>fc</option> - <literal>file_creation</literal>
- Audit events where a file is created as a result.</para>
</listitem>
<listitem>
<para><option>fd</option> - <literal>file_deletion</literal>
- Audit events where file deletion occurs.</para>
</listitem>
<listitem>
<para><option>fm</option> - <literal>file_attr_mod</literal>
- Audit events where file attribute modification occurs,
such as &man.chown.8;, &man.chflags.1;, &man.flock.2;,
etc.</para>
</listitem>
<listitem>
<para><option>fr</option> - <literal>file_read</literal>
- Audit events in which data is read, files are opened for
reading, etc.</para>
</listitem>
<listitem>
<para><option>fw</option> - <literal>file_write</literal> -
Audit events in which data is written, files are written
or modified, etc.</para>
</listitem>
<listitem>
<para><option>io</option> - <literal>ioctl</literal> - Audit
use of the &man.ioctl.2; system call.</para>
</listitem>
<listitem>
<para><option>ip</option> - <literal>ipc</literal> - Audit
various forms of Inter-Process Communication, including POSIX
pipes and System V <acronym>IPC</acronym> operations.</para>
</listitem>
<listitem>
<para><option>lo</option> - <literal>login_logout</literal> -
Audit &man.login.1; and &man.logout.1; events occurring
on the system.</para>
</listitem>
<listitem>
<para><option>na</option> - <literal>non_attrib</literal> -
Audit non-attributable events.</para>
</listitem>
<listitem>
<para><option>no</option> - <literal>no_class</literal> -
Null class used to disable event auditing.</para>
</listitem>
<listitem>
<para><option>nt</option> - <literal>network</literal> -
Audit events related to network actions, such as
&man.connect.2; and &man.accept.2;.</para>
</listitem>
<listitem>
<para><option>ot</option> - <literal>other</literal> -
Audit miscellaneous events.</para>
</listitem>
<listitem>
<para><option>pc</option> - <literal>process</literal> -
Audit process operations, such as &man.exec.3; and
&man.exit.3;.</para>
</listitem>
</itemizedlist>
<para>Following is a list of all supported audit prefixes:</para>
<itemizedlist>
<listitem>
<para><literal>none</literal> - Audit both the success
or failure of an event. For example, just listing a
class will result in the auditing of both success and
failure.</para>
</listitem>
<listitem>
<para><literal>+</literal> - Audit successful events
only.</para>
</listitem>
<listitem>
<para><literal>-</literal> - Audit failed events
only.</para>
</listitem>
</itemizedlist>
<warning>
<para>Using the <option>all</option> class with either the
positive or negative prefix can generate a large amount
of data at an extremely rapid rate.</para>
</warning>
<para>Extra prefixes used to modify the default configuration
values:</para>
<!-- XXX: Perhaps a variable listing here. -->
<itemizedlist>
<listitem>
<para>^- - Disable auditing of failed events.</para>
</listitem>
<listitem>
<para>^+ - Enable auditing of successful events.</para>
</listitem>
<listitem>
<para>^ - Disable auditing of both successful and failed
events.</para>
</listitem>
</itemizedlist>
</sect2>
<sect2>
<title>Configuration Files</title>
<para>In most cases, administrators will need to modify only two files
when configuring the audit system: <filename>audit_control</filename>
and <filename>audit_user</filename>. The first controls system-wide
audit paramaters and defaults for both attributable and
non-attributable events. The second may be used to tune the level
and nature of auditing for individual users.</para>
<sect3 xml:id="audit-auditcontrol">
<title>The <filename>audit_control</filename> File</title>
<para>The <filename>audit_control</filename> file contains some basic
defaults that the administrator may wish to modify. Perhaps
even set some new ones. Viewing the contents of this file,
we see the following:</para>
<programlisting>dir:/var/audit
flags:lo
minfree:20
naflags:lo</programlisting>
<para>The <option>dir</option> option is used to set the default
directory where audit logs are stored. Audit is frequently
configured so that audit logs are stored on a dedicated file
system, so as to prevent interference between the audit
subsystem and other subsystems when file systems become full.
</para>
<para>The <option>flags</option> option is used to set the
system-wide defaults. The current setting, <option>lo</option>
configures the auditing of all &man.login.1; and &man.logout.1;
actions. A more complex example,
<option>lo,ad,-all,^-fa,^-fc,^-cl</option> audits all system
&man.login.1; and &man.logout.1; actions, all administrator
actions, all failed events in the system, and finally disables
auditing of failed attempts for <option>fa</option>,
<option>fc</option>, and <option>cl</option>. Even though
the <option>-all</option> turned on the auditing of all
failed attempts, the <option>^-</option> prefix will override
that for the latter options.</para>
<para>Notice that the previous paragraph shows the file is
read from left to right. As such, values further on the
right side may override a previous value specified to
its left.</para>
<para>The <option>minfree</option> option defines the minimum
percentage of free space for audit file systems. This
relates to the file system where audit logs are stored.
For example, if the <option>dir</option> specifies
<filename>/var/audit</filename> and
<option>minfree</option> is set to twenty (20), warning
messages will be generated when the
<filename>/var</filename> file system grows
to eighty (80) percent full.</para>
<para>The <option>naflags</option> option specifies audit
classes to be audited for non-attributed events &mdash;
that is, events for which there is no authenticated user.
</para>
</sect3>
<sect3 xml:id="audit-audituser">
<title>The <filename>audit_user</filename> File</title>
<para>The <filename>audit_user</filename> file permits the
administrator to determine which classes of audit events
should be logged for which system users.</para>
<para>The following is the defaults currently placed in
the <filename>audit_user</filename> file:</para>
<programlisting>root:lo:no
audit:fc:no</programlisting>
<para>Notice how the default is to audit all cases of
<command>login</command>/<command>logout</command>
and disable auditing of all other actions for
<systemitem class="username">root</systemitem>. This configuration
also audits all file creation and disables all
other auditing for the <systemitem class="username">audit</systemitem>
user. While event auditing does not require a special
user exist, some configurations, specifically environments
making use of <acronym>MAC</acronym>, may require it.</para>
</sect3>
</sect2>
</sect1>
<sect1 xml:id="audit-administration">
<title>Event Audit Administration</title>
<para>Events written by the kernel audit subsystem cannot
be altered or read in plain text. Data is stored and accessed
in a method similar to that of &man.ktrace.1; and &man.kdump.1;,
that is, they may only be viewed by dumping them using the
<command>praudit</command> command; audit trails may be reduced
using the <command>auditreduce</command> command, which selects
records from an audit trail based on properties of interest, such
as the user, time of the event, and type of operation.</para>
<para>For example, the <command>praudit</command> utility will dump the
entire contents of a specified audit log in plain text. To dump an
audit log in its entirety, use:</para>
<screen>&prompt.root; <userinput>praudit /var/audit/AUDITFILE</userinput></screen>
<para>Where <replaceable>AUDITFILE</replaceable> is the audit log
of viewing choice. Since audit logs may contain enormous
amounts of data, an administrator may prefer to select records
for specific users. This is made possible with the following
command, where <systemitem class="username">trhodes</systemitem> is the user of
choice:</para>
<screen>&prompt.root; <userinput>auditreduce -e trhodes /var/audit/AUDITFILE | praudit</userinput></screen>
<para>This will select all audit records produced by the user
<systemitem class="username">trhodes</systemitem> stored in the
<replaceable>AUDITFILE</replaceable> file.</para>
<para>There are several other options available for reading audit
records, see the aforementioned command's manual pages for
a more in depth explanation.</para>
<sect2>
<title>Rotating Audit Log Files</title>
<para>Due to log reliability requirements, audit trails
are written to only by the kernel, and managed only by
<command>auditd</command>. Administrators should not
attempt to use &man.newsyslog.conf.5; or other tools to
directly rotate audit logs. Instead, the <command>audit</command>
management tool should be used to shut down auditing,
reconfigure the audit system, and perform log rotation.
The following command causes the audit daemon to create a
new audit log and signal the kernel to switch to using the
new log. The old log will be terminated and renamed, at
which point it may then be manipulated by the administrator.</para>
<screen>&prompt.root; <userinput>audit -n</userinput></screen>
<warning>
<para>If the <command>auditd</command> daemon is not currently
running, the previous command will fail and an error message
will be produced.</para>
</warning>
<para>Adding the following line to
<filename>/etc/crontab</filename> will force the rotation
every twelve hours from &man.cron.8;:</para>
<programlisting>* */12 * * * root /usr/sbin/audit -n</programlisting>
<para>The change will take effect once you have saved the
new <filename>/etc/crontab</filename>.</para>
</sect2>
<sect2>
<title>Delegating Audit Review Rights</title>
<para>By default, only the root user has the right to read system audit
logs. However, that right may be delegated to members of the
<literal>audit</literal> group, as the audit directory and audit
trail files are assigned to that group, and made group-readable. As
the ability to track audit log contents provides significant insight
into the behavior of users and processes, it is recommended that the
delegation of audit review rights be performed with caution.</para>
</sect2>
</sect1>
</chapter>

16
zh_TW.UTF-8/books/handbook/basics/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= basics/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

3042
zh_TW.UTF-8/books/handbook/basics/chapter.xml
View file

File diff suppressed because it is too large Load diff

BIN
zh_TW.UTF-8/books/handbook/basics/disk-layout.kil
View file

Binary file not shown.

7
zh_TW.UTF-8/books/handbook/basics/example-dir1.dot
View file

@ -1,7 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/";
root -> "A2/";
}

8
zh_TW.UTF-8/books/handbook/basics/example-dir2.dot
View file

@ -1,8 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/" -> "B1/";
"A1/" -> "B2/";
root -> "A2/";
}

8
zh_TW.UTF-8/books/handbook/basics/example-dir3.dot
View file

@ -1,8 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/";
root -> "A2/" -> "B1/";
"A2/" -> "B2/";
}

9
zh_TW.UTF-8/books/handbook/basics/example-dir4.dot
View file

@ -1,9 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/";
root -> "A2/" -> "B1/" -> "C1/";
"B1/" -> "C2/";
"A2/" -> "B2/";
}

9
zh_TW.UTF-8/books/handbook/basics/example-dir5.dot
View file

@ -1,9 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/" -> "C1/";
"A1/" -> "C2/";
root -> "A2/" -> "B1/";
"A2/" -> "B2/";
}

16
zh_TW.UTF-8/books/handbook/bibliography/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= bibliography/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

630
zh_TW.UTF-8/books/handbook/bibliography/chapter.xml
View file

@ -1,630 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.85
-->
<appendix xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="bibliography">
<title>參考文獻</title>
<para>雖然線上說明(manual pages)有提供 &os; 各個特定部分明確的說明,
但它們卻難免有「小學而大遺」之憾,像是如何讓整個系統運作順暢。 因此,
身邊有 &unix; 系統管理的好書以及好的使用手冊是不可或缺的。</para>
<sect1 xml:id="bibliography-freebsd">
<title>FreeBSD 相關的書籍、雜誌</title>
<para><emphasis>非英語的書籍、雜誌:</emphasis></para>
<itemizedlist>
<listitem>
<para><link xlink:href="http://jdli.tw.FreeBSD.org/publication/book/freebsd2/index.htm">FreeBSD 入門與應用(光碟豪華版)</link> (繁體中文)
<link xlink:href="http://www.drmaster.com.tw/">博碩文化</link>
1997。 ISBN 9-578-39435-7</para>
</listitem>
<listitem>
<para>FreeBSD 技術內幕 (FreeBSD Unleashed 簡體中譯版)
<link xlink:href="http://www.hzbook.com/">機械工業出版社</link>
。 ISBN 7-111-10201-0
</para>
</listitem>
<listitem>
<para>FreeBSD 使用大全第一版 (簡體中文)
機械工業出版社。 ISBN 7-111-07482-3
</para>
</listitem>
<listitem>
<para>FreeBSD 使用大全第二版 (簡體中文)
機械工業出版社。 ISBN 7-111-10286-X
</para>
</listitem>
<listitem>
<para>FreeBSD Handbook 第二版 (簡體中譯版)
<link xlink:href="http://www.ptpress.com.cn/">人民郵電出版社</link>
。 ISBN 7-115-10541-3
</para>
</listitem>
<listitem>
<para>FreeBSD 3.x Internet 高級服務器的架設與管理 (簡體中文)
<link xlink:href="http://www.tup.tsinghua.edu.cn/">清華大學出版社</link>
。 ISBN 7-900625-66-6</para>
</listitem>
<listitem>
<para>FreeBSD &amp; Windows 集成組網實務 (簡體中文)
<link xlink:href="http://www.tdpress.com/">中國鐵道出版社</link>
。 ISBN 7-113-03845-X</para>
</listitem>
<listitem>
<para>FreeBSD 網站架設實務 (簡體中文),中國鐵道出版社
。 ISBN 7-113-03423-3</para>
</listitem>
<listitem>
<para>FreeBSD for PC 98'ers (日文)SHUWA SystemCo, LTD
。 ISBN 4-87966-468-5 C3055 定價 2900 日圓。</para>
</listitem>
<listitem>
<para>FreeBSD (日文)CUTT。 ISBN 4-906391-22-2
C3055 定價 2400 日圓。</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.shoeisha.com/book/Detail.asp?bid=650">Complete Introduction to FreeBSD</link> (日文)<link xlink:href="http://www.shoeisha.co.jp/">Shoeisha Co., Ltd</link>。 ISBN 4-88135-473-6 定價 3600 日圓。</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.ascii.co.jp/pb/book1/shinkan/detail/1322785.html">Personal UNIX Starter Kit FreeBSD</link> (日文) <link xlink:href="http://www.ascii.co.jp/">ASCII</link>。 ISBN 4-7561-1733-3 定價 3000 日圓。</para>
</listitem>
<listitem>
<para>FreeBSD Handbook (日文譯版) <link xlink:href="http://www.ascii.co.jp/">ASCII</link>。 ISBN 4-7561-1580-2
定價 3800 日圓。</para>
</listitem>
<listitem>
<para>FreeBSD mit Methode (德文)<link xlink:href="http://www.cul.de">Computer und
Literatur Verlag</link>/Vertrieb Hanser1998。 ISBN 3-932311-31-0</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.cul.de/freebsd.html">FreeBSD 4 - Installieren, Konfigurieren, Administrieren</link>
(德文)<link xlink:href="http://www.cul.de">Computer und Literatur Verlag</link>2001。
ISBN 3-932311-88-4</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.cul.de/freebsd.html">FreeBSD 5 - Installieren, Konfigurieren, Administrieren</link>
(德文)<link xlink:href="http://www.cul.de">Computer und Literatur Verlag</link>2003。
ISBN 3-936546-06-1</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.mitp.de/vmi/mitp/detail/pWert/1343/">
FreeBSD de Luxe</link> (德文)
<link xlink:href="http://www.mitp.de">Verlag Modere Industrie</link>
2003。 ISBN 3-8266-1343-0</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.pc.mycom.co.jp/FreeBSD/install-manual.html">FreeBSD
Install and Utilization Manual</link> (日文)<link xlink:href="http://www.pc.mycom.co.jp/">Mainichi Communications Inc.</link>
1998。 ISBN 4-8399-0112-0</para>
</listitem>
<listitem>
<para>Onno W Purbo, Dodi Maryanto, Syahrial Hubbany, Widjil Widodo
<emphasis><link xlink:href="http://maxwell.itb.ac.id/">
Building Internet Server with
FreeBSD</link></emphasis> (印尼文)<link xlink:href="http://www.elexmedia.co.id/">Elex Media Komputindo</link></para>
</listitem>
<listitem>
<para>FreeBSD 完全探索 (Absolute BSD: The Ultimate Guide to FreeBSD
繁體中文譯版)<link xlink:href="http://www.grandtech.com.tw/">上奇</link>2003。
ISBN 986-7944-92-5</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.twbsd.org/cht/book/">FreeBSD 6.0架設管理與應用</link>
(繁體中文)博碩2006。ISBN 9-575-27878-X</para>
</listitem>
</itemizedlist>
<para><emphasis>英文的書籍、雜誌:</emphasis></para>
<itemizedlist>
<listitem>
<para><link xlink:href="http://www.AbsoluteBSD.com/">Absolute
BSD: The Ultimate Guide to FreeBSD</link>
<link xlink:href="http://www.nostarch.com/">No Starch Press</link>2002。
ISBN: 1886411743</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.freebsdmall.com/cgi-bin/fm/bsdcomp">
The Complete FreeBSD</link>
<link xlink:href="http://www.oreilly.com/">O'Reilly</link>2003。
ISBN: 0596005164</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.freebsd-corp-net-guide.com/">The
FreeBSD Corporate Networker's Guide</link>
<link xlink:href="http://www.awl.com/aw/">Addison-Wesley</link>2000。
ISBN: 0201704811</para>
</listitem>
<listitem>
<para><link xlink:href="http://andrsn.stanford.edu/FreeBSD/introbook/">
FreeBSD: An Open-Source Operating System for Your Personal
Computer</link>The Bit Tree Press2001。
ISBN: 0971204500</para>
</listitem>
<listitem>
<para>Teach Yourself FreeBSD in 24 Hours
<link xlink:href="http://www.samspublishing.com/">Sams</link>2002。
ISBN: 0672324245</para>
</listitem>
<listitem>
<para>FreeBSD 6 Unleashed
<link xlink:href="http://www.samspublishing.com/">Sams</link>2006。
ISBN: 0672328755</para>
</listitem>
<listitem>
<para>FreeBSD: The Complete Reference
<link xlink:href="http://books.mcgraw-hill.com">McGrawHill</link>2003。
ISBN: 0072224096 </para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-userguides">
<title>使用說明手冊</title>
<itemizedlist>
<listitem>
<para>Computer Systems Research Group, UC Berkeley. <emphasis>4.4BSD
User's Reference Manual</emphasis>. O'Reilly &amp; Associates,
Inc., 1994. ISBN 1-56592-075-9</para>
</listitem>
<listitem>
<para>Computer Systems Research Group, UC Berkeley. <emphasis>4.4BSD
User's Supplementary Documents</emphasis>. O'Reilly &amp;
Associates, Inc., 1994. ISBN 1-56592-076-7</para>
</listitem>
<listitem>
<para><emphasis>UNIX in a Nutshell</emphasis>. O'Reilly &amp;
Associates, Inc., 1990. ISBN 093717520X</para>
</listitem>
<listitem>
<para>Mui, Linda. <emphasis>What You Need To Know When You Can't Find
Your UNIX System Administrator</emphasis>. O'Reilly &amp;
Associates, Inc., 1995. ISBN 1-56592-104-6</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.osu.edu/">Ohio State University</link>
有撰寫 <link xlink:href="http://8help.osu.edu/wks/unix_course/index.html">UNIX
介紹的課程</link>,並提供 HTML 或 PostScript 兩種格式供人瀏覽。
</para>
<para>UNIX 介紹的<link xlink:href="&url.doc.base;/it_IT.ISO8859-15/books/unix-introduction/index.html">義大利文翻譯版</link>
,同時本文件也是 FreeBSD Italian Documentation Project 之一。</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.jp.FreeBSD.org/">Jpman Project, Japan
FreeBSD Users Group</link>. <link xlink:href="http://www.pc.mycom.co.jp/FreeBSD/urm.html">FreeBSD User's
Reference Manual</link> (日文翻譯)。 <link xlink:href="http://www.pc.mycom.co.jp/">Mainichi Communications
Inc.</link>, 1998. ISBN4-8399-0088-4 P3800E.</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.ed.ac.uk/">Edinburgh
University</link> 為 UNIX 新手所撰寫的 <link xlink:href="http://unixhelp.ed.ac.uk/">Online Guide</link> 指引說明。</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-adminguides">
<title>系統管理指南</title>
<itemizedlist>
<listitem>
<para>Albitz, Paul and Liu, Cricket. <emphasis>DNS and
BIND</emphasis>, 4th Ed. O'Reilly &amp; Associates, Inc., 2001.
ISBN 1-59600-158-4</para>
</listitem>
<listitem>
<para>Computer Systems Research Group, UC Berkeley. <emphasis>4.4BSD
System Manager's Manual</emphasis>. O'Reilly &amp; Associates,
Inc., 1994. ISBN 1-56592-080-5</para>
</listitem>
<listitem>
<para>Costales, Brian, et al. <emphasis>Sendmail</emphasis>, 2nd Ed.
O'Reilly &amp; Associates, Inc., 1997. ISBN 1-56592-222-0</para>
</listitem>
<listitem>
<para>Frisch, &AElig;leen. <emphasis>Essential System
Administration</emphasis>, 2nd Ed. O'Reilly &amp; Associates,
Inc., 1995. ISBN 1-56592-127-5</para>
</listitem>
<listitem>
<para>Hunt, Craig. <emphasis>TCP/IP Network
Administration</emphasis>, 2nd Ed. O'Reilly &amp; Associates, Inc.,
1997. ISBN 1-56592-322-7</para>
</listitem>
<listitem>
<para>Nemeth, Evi. <emphasis>UNIX System Administration
Handbook</emphasis>. 3rd Ed. Prentice Hall, 2000. ISBN
0-13-020601-6</para>
</listitem>
<listitem>
<para>Stern, Hal <emphasis>Managing NFS and NIS</emphasis> O'Reilly
&amp; Associates, Inc., 1991. ISBN 0-937175-75-7</para>
</listitem>
<listitem>
<para><link xlink:href="http://www.jp.FreeBSD.org/">Jpman Project, Japan
FreeBSD Users Group</link>. <link xlink:href="http://www.pc.mycom.co.jp/FreeBSD/sam.html">FreeBSD System
Administrator's Manual</link> (日文翻譯)。 <link xlink:href="http://www.pc.mycom.co.jp/">Mainichi Communications
Inc.</link>, 1998. ISBN4-8399-0109-0 P3300E.</para>
</listitem>
<listitem>
<para>Dreyfus, Emmanuel. <link xlink:href="http://www.eyrolles.com/Informatique/Livre/9782212114638/">Cahiers
de l'Admin: BSD</link> 2nd Ed. (法文), Eyrolles, 2004.
ISBN 2-212-11463-X</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-programmers">
<title>程式設計師指南</title>
<itemizedlist>
<listitem>
<para>Asente, Paul, Converse, Diana, and Swick, Ralph.
<emphasis>X Window System Toolkit</emphasis>. Digital Press,
1998. ISBN 1-55558-178-1</para>
</listitem>
<listitem>
<para>Computer Systems Research Group, UC Berkeley. <emphasis>4.4BSD
Programmer's Reference Manual</emphasis>. O'Reilly &amp;
Associates, Inc., 1994. ISBN 1-56592-078-3</para>
</listitem>
<listitem>
<para>Computer Systems Research Group, UC Berkeley. <emphasis>4.4BSD
Programmer's Supplementary Documents</emphasis>. O'Reilly &amp;
Associates, Inc., 1994. ISBN 1-56592-079-1</para>
</listitem>
<listitem>
<para>Harbison, Samuel P. and Steele, Guy L. Jr. <emphasis>C: A
Reference Manual</emphasis>. 4th ed. Prentice Hall, 1995.
ISBN 0-13-326224-3</para>
</listitem>
<listitem>
<para>Kernighan, Brian and Dennis M. Ritchie. <emphasis>The C
Programming Language</emphasis>. 2nd Ed. PTR Prentice Hall, 1988.
ISBN 0-13-110362-8</para>
</listitem>
<listitem>
<para>Lehey, Greg. <emphasis>Porting UNIX Software</emphasis>.
O'Reilly &amp; Associates, Inc., 1995. ISBN 1-56592-126-7</para>
</listitem>
<listitem>
<para>Plauger, P. J. <emphasis>The Standard C Library</emphasis>.
Prentice Hall, 1992. ISBN 0-13-131509-9</para>
</listitem>
<listitem>
<para>Spinellis, Diomidis. <link xlink:href="http://www.spinellis.gr/codereading/"><emphasis>Code
Reading: The Open Source Perspective</emphasis></link>.
Addison-Wesley, 2003. ISBN 0-201-79940-5</para>
</listitem>
<listitem>
<para>Spinellis, Diomidis. <link xlink:href="http://www.spinellis.gr/codequality/"><emphasis>Code
Quality: The Open Source Perspective</emphasis></link>.
Addison-Wesley, 2006. ISBN 0-321-16607-8</para>
</listitem>
<listitem>
<para>Stevens, W. Richard and Stephen A. Rago.
<emphasis>Advanced Programming in the UNIX
Environment</emphasis>. 2nd Ed.
Reading, Mass. : Addison-Wesley, 2005.
ISBN 0-201-43307-9</para>
</listitem>
<listitem>
<para>Stevens, W. Richard. <emphasis>UNIX Network
Programming</emphasis>. 2nd Ed, PTR Prentice Hall, 1998. ISBN
0-13-490012-X</para>
</listitem>
<listitem>
<para>Wells, Bill. <quote>Writing Serial Drivers for UNIX</quote>.
<emphasis>Dr. Dobb's Journal</emphasis>. 19(15), December 1994.
pp68-71, 97-99.</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-osinternals">
<title>深入作業系統</title>
<itemizedlist>
<listitem>
<para>Andleigh, Prabhat K. <emphasis>UNIX System
Architecture</emphasis>. Prentice-Hall, Inc., 1990. ISBN
0-13-949843-5</para>
</listitem>
<listitem>
<para>Jolitz, William. <quote>Porting UNIX to the 386</quote>.
<emphasis>Dr. Dobb's Journal</emphasis>. January 1991-July
1992.</para>
</listitem>
<listitem>
<para>Leffler, Samuel J., Marshall Kirk McKusick, Michael J Karels and
John Quarterman <emphasis>The Design and Implementation of the
4.3BSD UNIX Operating System</emphasis>. Reading, Mass. :
Addison-Wesley, 1989. ISBN 0-201-06196-1</para>
</listitem>
<listitem>
<para>Leffler, Samuel J., Marshall Kirk McKusick, <emphasis>The Design
and Implementation of the 4.3BSD UNIX Operating System: Answer
Book</emphasis>. Reading, Mass. : Addison-Wesley, 1991. ISBN
0-201-54629-9</para>
</listitem>
<listitem>
<para>McKusick, Marshall Kirk, Keith Bostic, Michael J Karels, and
John Quarterman. <emphasis>The Design and Implementation of the
4.4BSD Operating System</emphasis>. Reading, Mass. :
Addison-Wesley, 1996. ISBN 0-201-54979-4</para>
<para>(本書第二章的 <link xlink:href="&url.books.design-44bsd;/book.html">網路版</link>
FreeBSD 文件計劃的一部份,以及第九章的部分可以在 <link xlink:href="http://www.netapp.com/tech_library/nfsbook.html">
這邊</link>找到)</para>
</listitem>
<listitem>
<para>Marshall Kirk McKusick, George V. Neville-Neil <emphasis>The
Design and Implementation of the FreeBSD Operating System</emphasis>.
Boston, Mass. : Addison-Wesley, 2004. ISBN 0-201-70245-2</para>
</listitem>
<listitem>
<para>Stevens, W. Richard. <emphasis>TCP/IP Illustrated, Volume 1:
The Protocols</emphasis>. Reading, Mass. : Addison-Wesley,
1996. ISBN 0-201-63346-9</para>
</listitem>
<listitem>
<para>Schimmel, Curt. <emphasis>Unix Systems for Modern
Architectures</emphasis>. Reading, Mass. : Addison-Wesley, 1994.
ISBN 0-201-63338-8</para>
</listitem>
<listitem>
<para>Stevens, W. Richard. <emphasis>TCP/IP Illustrated, Volume 3:
TCP for Transactions, HTTP, NNTP and the UNIX Domain
Protocols</emphasis>. Reading, Mass. : Addison-Wesley, 1996.
ISBN 0-201-63495-3</para>
</listitem>
<listitem>
<para>Vahalia, Uresh. <emphasis>UNIX Internals -- The New
Frontiers</emphasis>. Prentice Hall, 1996. ISBN
0-13-101908-2</para>
</listitem>
<listitem>
<para>Wright, Gary R. and W. Richard Stevens. <emphasis>TCP/IP
Illustrated, Volume 2: The Implementation</emphasis>. Reading,
Mass. : Addison-Wesley, 1995. ISBN 0-201-63354-X</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-security">
<title>資安領域的參考文獻</title>
<itemizedlist>
<listitem>
<para>Cheswick, William R. and Steven M. Bellovin. <emphasis>Firewalls
and Internet Security: Repelling the Wily Hacker</emphasis>.
Reading, Mass. : Addison-Wesley, 1995. ISBN
0-201-63357-4</para>
</listitem>
<listitem>
<para>Garfinkel, Simson and Gene Spafford.
<emphasis>Practical UNIX &amp; Internet Security</emphasis>.
2nd Ed. O'Reilly &amp; Associates, Inc., 1996. ISBN
1-56592-148-8</para>
</listitem>
<listitem>
<para>Garfinkel, Simson. <emphasis>PGP Pretty Good
Privacy</emphasis> O'Reilly &amp; Associates, Inc., 1995. ISBN
1-56592-098-8</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-hardware">
<title>硬體方面的參考文獻</title>
<itemizedlist>
<listitem>
<para>Anderson, Don and Tom Shanley. <emphasis>Pentium Processor
System Architecture</emphasis>. 2nd Ed. Reading, Mass. :
Addison-Wesley, 1995. ISBN 0-201-40992-5</para>
</listitem>
<listitem>
<para>Ferraro, Richard F. <emphasis>Programmer's Guide to the EGA,
VGA, and Super VGA Cards</emphasis>. 3rd ed. Reading, Mass. :
Addison-Wesley, 1995. ISBN 0-201-62490-7</para>
</listitem>
<listitem>
<para>Intel Corporation 通常會以 PDF 格式在 <link xlink:href="http://developer.intel.com/">developer web site</link>
網站放他們的 CPU、晶片組、相關標準的規格書文件。</para>
</listitem>
<listitem>
<para>Shanley, Tom. <emphasis>80486 System Architecture</emphasis>.
3rd ed. Reading, Mass. : Addison-Wesley, 1995. ISBN
0-201-40994-1</para>
</listitem>
<listitem>
<para>Shanley, Tom. <emphasis>ISA System Architecture</emphasis>.
3rd ed. Reading, Mass. : Addison-Wesley, 1995. ISBN
0-201-40996-8</para>
</listitem>
<listitem>
<para>Shanley, Tom. <emphasis>PCI System Architecture</emphasis>.
4th ed. Reading, Mass. : Addison-Wesley, 1999. ISBN
0-201-30974-2</para>
</listitem>
<listitem>
<para>Van Gilluwe, Frank. <emphasis>The Undocumented PC</emphasis>,
2nd Ed. Reading, Mass: Addison-Wesley Pub. Co., 1996. ISBN
0-201-47950-8</para>
</listitem>
<listitem>
<para>Messmer, Hans-Peter. <emphasis>The Indispensable PC Hardware
Book</emphasis>, 4th Ed.
Reading, Mass: Addison-Wesley Pub. Co., 2002. ISBN
0-201-59616-4</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-history">
<title>&unix; 歷史淵源</title>
<itemizedlist>
<listitem>
<para>Lion, John <emphasis>Lion's Commentary on UNIX, 6th Ed. With
Source Code</emphasis>. ITP Media Group, 1996. ISBN
1573980137</para>
</listitem>
<listitem>
<para>Raymond, Eric S. <emphasis>The New Hacker's Dictionary, 3rd
edition</emphasis>. MIT Press, 1996. ISBN
0-262-68092-0. Also known as the <link xlink:href="http://www.catb.org/~esr/jargon/html/index.html">Jargon
File</link></para>
</listitem>
<listitem>
<para>Salus, Peter H. <emphasis>A quarter century of UNIX</emphasis>.
Addison-Wesley Publishing Company, Inc., 1994. ISBN
0-201-54777-5</para>
</listitem>
<listitem>
<para>Simon Garfinkel, Daniel Weise, Steven Strassmann. <emphasis>The
UNIX-HATERS Handbook</emphasis>. IDG Books Worldwide, Inc.,
1994. ISBN 1-56884-203-1. Out of print, but available <link xlink:href="http://research.microsoft.com/~daniel/unix-haters.html">
online</link>.</para>
</listitem>
<listitem>
<para>Don Libes, Sandy Ressler <emphasis>Life with UNIX</emphasis>
&mdash; special edition. Prentice-Hall, Inc., 1989. ISBN
0-13-536657-7</para>
</listitem>
<listitem>
<para><emphasis>BSD 族譜</emphasis>
<uri xlink:href="http://www.FreeBSD.org/cgi/cvsweb.cgi/src/share/misc/bsd-family-tree">http://www.FreeBSD.org/cgi/cvsweb.cgi/src/share/misc/bsd-family-tree</uri>
或 FreeBSD 機器內的 <link xlink:href="file://localhost/usr/share/misc/bsd-family-tree"><filename>/usr/share/misc/bsd-family-tree</filename></link>
</para>
</listitem>
<listitem>
<para><emphasis>The BSD Release Announcements collection</emphasis>.
1997. <uri xlink:href="http://www.de.FreeBSD.org/de/ftp/releases/">http://www.de.FreeBSD.org/de/ftp/releases/</uri></para>
</listitem>
<listitem>
<para><emphasis>Networked Computer Science Technical Reports
Library</emphasis>. <uri xlink:href="http://www.ncstrl.org/">http://www.ncstrl.org/</uri></para>
</listitem>
<listitem>
<para><emphasis>Old BSD releases from the Computer Systems Research
group (CSRG)</emphasis>.
<uri xlink:href="http://www.mckusick.com/csrg/">http://www.mckusick.com/csrg/</uri>:
The 4CD set covers all BSD versions from 1BSD to 4.4BSD and
4.4BSD-Lite2 (but not 2.11BSD, unfortunately). The last
disk also holds the final sources plus the SCCS files.</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="bibliography-journals">
<title>雜誌、期刊</title>
<itemizedlist>
<listitem>
<para><emphasis>The C/C++ Users Journal</emphasis>. R&amp;D
Publications Inc. ISSN 1075-2838</para>
</listitem>
<listitem>
<para><emphasis>Sys Admin &mdash; The Journal for UNIX System
Administrators</emphasis> Miller Freeman, Inc., ISSN
1061-2688</para>
</listitem>
<listitem>
<para><emphasis>freeX &mdash; Das Magazin f&uuml;r Linux - BSD - UNIX</emphasis>
(德文) Computer- und Literaturverlag GmbH, ISSN 1436-7033</para>
</listitem>
</itemizedlist>
</sect1>
</appendix>

68981
zh_TW.UTF-8/books/handbook/book.xml
View file

File diff suppressed because it is too large Load diff

16
zh_TW.UTF-8/books/handbook/boot/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= boot/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

802
zh_TW.UTF-8/books/handbook/boot/chapter.xml
View file

@ -1,802 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.62
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="boot">
<title>FreeBSD 開機流程篇</title>
<sect1 xml:id="boot-synopsis">
<title>概述</title>
<indexterm><primary>booting</primary></indexterm>
<indexterm><primary>bootstrap</primary></indexterm>
<para>The process of starting a computer and loading the operating system
is referred to as <quote>the bootstrap process</quote>, or simply
<quote>booting</quote>. FreeBSD's boot process provides a great deal of
flexibility in customizing what happens when you start the system,
allowing you to select from different operating systems installed on the
same computer, or even different versions of the same operating system
or installed kernel.</para>
<para>This chapter details the configuration options you can set and how
to customize the FreeBSD boot process. This includes everything that
happens until the FreeBSD kernel has started, probed for devices, and
started &man.init.8;. If you are not quite sure when this happens, it
occurs when the text color changes from bright white to grey.</para>
<para>讀完這章,您將了解:</para>
<itemizedlist>
<listitem>
<para>What the components of the FreeBSD bootstrap system are, and how
they interact.</para>
</listitem>
<listitem>
<para>The options you can give to the components in the FreeBSD
bootstrap to control the boot process.</para>
</listitem>
<listitem>
<para>&man.device.hints.5; 的基本概念。</para>
</listitem>
</itemizedlist>
<note>
<title>x86 Only</title>
<para>This chapter only describes the boot process for FreeBSD running
on Intel x86 systems.</para>
</note>
</sect1>
<sect1 xml:id="boot-introduction">
<title>Booting 問題</title>
<para>Turning on a computer and starting the operating system poses an
interesting dilemma. By definition, the computer does not know how to
do anything until the operating system is started. This includes
running programs from the disk. So if the computer can not run a
program from the disk without the operating system, and the operating
system programs are on the disk, how is the operating system
started?</para>
<para>This problem parallels one in the book <citetitle>The Adventures of
Baron Munchausen</citetitle>. A character had fallen part way down a
manhole, and pulled himself out by grabbing his bootstraps, and
lifting. In the early days of computing the term
<firstterm>bootstrap</firstterm> was applied to the mechanism used to
load the operating system, which has become shortened to
<quote>booting</quote>.</para>
<indexterm><primary>BIOS</primary></indexterm>
<indexterm><primary>Basic Input/Output System</primary><see>BIOS</see></indexterm>
<para>On x86 hardware the Basic Input/Output System (BIOS) is responsible
for loading the operating system. To do this, the BIOS looks on the
hard disk for the Master Boot Record (MBR), which must be located on a
specific place on the disk. The BIOS has enough knowledge to load and
run the MBR, and assumes that the MBR can then carry out the rest of the
tasks involved in loading the operating system,
possibly with the help of the BIOS.</para>
<indexterm><primary>Master Boot Record (MBR)</primary></indexterm>
<indexterm><primary>Boot Manager</primary></indexterm>
<indexterm><primary>Boot Loader</primary></indexterm>
<para>The code within the MBR is usually referred to as a <emphasis>boot
manager</emphasis>, especially when it interacts with the user. In this case
the boot manager usually has more code in the first
<emphasis>track</emphasis> of the disk or within some OS's file system. (A
boot manager is sometimes also called a <emphasis>boot loader</emphasis>,
but FreeBSD uses that term for a later stage of booting.) Popular boot
managers include <application>boot0</application> (a.k.a. <application>Boot
Easy</application>, the standard &os; boot manager),
<application>Grub</application>, <application>GAG</application>, and
<application>LILO</application>.
(Only <application>boot0</application> fits within the MBR.)</para>
<para>If you have only one operating system installed on your disks then
a standard PC MBR will suffice. This MBR searches for the first bootable
(a.k.a. active) slice on the disk, and then runs the code on that slice to
load the remainder of the operating system. The MBR installed by
&man.fdisk.8;, by default, is such an MBR. It is based on
<filename>/boot/mbr</filename>.</para>
<para>If you have installed multiple operating systems on your disks then
you can install a different boot manager, one that can display a list of
different operating systems, and allows you to choose the one to boot
from. Two of these are discussed in the next subsection.</para>
<para>The remainder of the FreeBSD bootstrap system is divided into three
stages. The first stage is run by the MBR, which knows just enough to
get the computer into a specific state and run the second stage. The
second stage can do a little bit more, before running the third stage.
The third stage finishes the task of loading the operating system. The
work is split into these three stages because the PC standards put
limits on the size of the programs that can be run at stages one and
two. Chaining the tasks together allows FreeBSD to provide a more
flexible loader.</para>
<indexterm><primary>kernel</primary></indexterm>
<indexterm><primary><command>init</command></primary></indexterm>
<para>The kernel is then started and it begins to probe for devices
and initialize them for use. Once the kernel boot
process is finished, the kernel passes control to the user process
&man.init.8;, which then makes sure the disks are in a usable state.
&man.init.8; then starts the user-level resource configuration which
mounts file systems, sets up network cards to communicate on the
network, and generally starts all the processes that usually
are run on a FreeBSD system at startup.</para>
</sect1>
<sect1 xml:id="boot-blocks">
<title>The Boot Manager and Boot Stages</title>
<indexterm><primary>Boot Manager</primary></indexterm>
<sect2 xml:id="boot-boot0">
<title>The Boot Manager</title>
<indexterm><primary>Master Boot Record (MBR)</primary></indexterm>
<para>The code in the MBR or boot manager is sometimes referred to as
<emphasis>stage zero</emphasis> of the boot process. This subsection
discusses two of the boot managers previously mentioned:
<application>boot0</application> and <application>LILO</application>.</para>
<formalpara><title>The <application>boot0</application> Boot Manager:</title>
<para>The MBR installed by FreeBSD's installer or &man.boot0cfg.8;, by
default, is based on <filename>/boot/boot0</filename>.
(The <application>boot0</application> program is very simple, since the
program in the <abbrev>MBR</abbrev> can only be 446 bytes long because of the slice
table and 0x55AA identifier at the end of the MBR.)
If you have installed <application>boot0</application> and
multiple operating systems on your hard disks, then you will see a
display similar to this one at boot time:</para></formalpara>
<example xml:id="boot-boot0-example">
<title><filename>boot0</filename> Screenshot</title>
<screen>F1 DOS
F2 FreeBSD
F3 Linux
F4 ??
F5 Drive 1
Default: F2</screen>
</example>
<para>Other operating systems, in particular &windows;, have been known
to overwrite an existing MBR with their own. If this happens to you,
or you want to replace your existing MBR with the FreeBSD MBR then use
the following command:</para>
<screen>&prompt.root; <userinput>fdisk -B -b /boot/boot0 device</userinput></screen>
<para>where <replaceable>device</replaceable> is the device that you
boot from, such as <filename>ad0</filename> for the first IDE
disk, <filename>ad2</filename> for the first IDE disk on a second
IDE controller, <filename>da0</filename> for the first SCSI disk,
and so on. Or, if you want a custom configuration of the MBR,
use &man.boot0cfg.8;.</para>
<formalpara><title>The LILO Boot Manager:</title>
<para>To install this boot manager so it will also boot FreeBSD, first
start Linux and add the following to your existing
<filename>/etc/lilo.conf</filename> configuration file:</para></formalpara>
<programlisting>other=/dev/hdXY
table=/dev/hdX
loader=/boot/chain.b
label=FreeBSD</programlisting>
<para>In the above, specify FreeBSD's primary partition and drive using
Linux specifiers, replacing <replaceable>X</replaceable> with the Linux
drive letter and <replaceable>Y</replaceable> with the Linux primary
partition number. If you are using a <acronym>SCSI</acronym> drive, you
will need to change <replaceable>/dev/hd</replaceable> to read something
similar to <replaceable>/dev/sd</replaceable>. The
<option>loader=/boot/chain.b</option> line can be omitted if you have
both operating systems on the same drive. Now run
<command>/sbin/lilo&nbsp;-v</command> to commit your new changes to the
system; this should be verified by checking its screen messages.</para>
</sect2>
<sect2 xml:id="boot-boot1">
<title>Stage One, <filename>/boot/boot1</filename>, and Stage Two,
<filename>/boot/boot2</filename></title>
<para>Conceptually the first and second stages are part of the same
program, on the same area of the disk. Because of space constraints
they have been split into two, but you would always install them
together. They are copied from the combined file
<filename>/boot/boot</filename> by the installer or
<application>disklabel</application> (see below).</para>
<para>They are located outside file systems, in the first track of
the boot slice, starting with the first sector. This is where <link linkend="boot-boot0">boot0</link>, or any other boot manager,
expects to find a program to run which will
continue the boot process. The number of sectors used is easily
determined from the size of <filename>/boot/boot</filename>.</para>
<para><filename>boot1</filename> is very simple, since it
can only be 512 bytes
in size, and knows just enough about the FreeBSD
<firstterm>disklabel</firstterm>, which stores information
about the slice, to find and execute <filename>boot2</filename>.</para>
<para><filename>boot2</filename> is slightly more sophisticated, and understands
the FreeBSD file system enough to find files on it, and can
provide a simple interface to choose the kernel or loader to
run.</para>
<para>Since the <link linkend="boot-loader">loader</link> is
much more sophisticated, and provides a nice easy-to-use
boot configuration, <filename>boot2</filename> usually runs
it, but previously it
was tasked to run the kernel directly.</para>
<example xml:id="boot-boot2-example">
<title><filename>boot2</filename> Screenshot</title>
<screen>&gt;&gt; FreeBSD/i386 BOOT
Default: 0:ad(0,a)/kernel
boot:</screen>
</example>
<para>If you ever need to replace the installed
<filename>boot1</filename> and <filename>boot2</filename> use
&man.disklabel.8;:</para>
<screen>&prompt.root; <userinput>disklabel -B diskslice</userinput></screen>
<para>where <replaceable>diskslice</replaceable> is the disk and slice
you boot from, such as <filename>ad0s1</filename> for the first
slice on the first IDE disk.</para>
<warning>
<title>Dangerously Dedicated Mode</title>
<para>If you use just the disk name, such as
<filename>ad0</filename>, in the &man.disklabel.8; command you
will create a dangerously dedicated disk, without slices. This is
almost certainly not what you want to do, so make sure you double
check the &man.disklabel.8; command before you press
<keycap>Return</keycap>.</para>
</warning>
</sect2>
<sect2 xml:id="boot-loader">
<title>Stage Three, <filename>/boot/loader</filename></title>
<indexterm><primary>boot-loader</primary></indexterm>
<para>The loader is the final stage of the three-stage
bootstrap, and is located on the file system, usually as
<filename>/boot/loader</filename>.</para>
<para>The loader is intended as a user-friendly method for
configuration, using an easy-to-use built-in command set,
backed up by a more powerful interpreter, with a more complex
command set.</para>
<sect3 xml:id="boot-loader-flow">
<title>Loader Program Flow</title>
<para>During initialization, the loader will probe for a
console and for disks, and figure out what disk it is
booting from. It will set variables accordingly, and an
interpreter is started where user commands can be passed from
a script or interactively.</para>
<indexterm><primary>loader</primary></indexterm>
<indexterm><primary>loader configuration</primary></indexterm>
<para>The loader will then read
<filename>/boot/loader.rc</filename>, which by default reads
in <filename>/boot/defaults/loader.conf</filename> which
sets reasonable defaults for variables and reads
<filename>/boot/loader.conf</filename> for local changes to
those variables. <filename>loader.rc</filename> then acts
on these variables, loading whichever modules and kernel are
selected.</para>
<para>Finally, by default, the loader issues a 10 second wait
for key presses, and boots the kernel if it is not interrupted.
If interrupted, the user is presented with a prompt which
understands the easy-to-use command set, where the user may
adjust variables, unload all modules, load modules, and then
finally boot or reboot.</para>
</sect3>
<sect3 xml:id="boot-loader-commands">
<title>Loader Built-In Commands</title>
<para>These are the most commonly used loader commands. For a
complete discussion of all available commands, please see
&man.loader.8;.</para>
<variablelist>
<varlistentry>
<term>autoboot <replaceable>seconds</replaceable></term>
<listitem>
<para>Proceeds to boot the kernel if not interrupted
within the time span given, in seconds. It displays a
countdown, and the default time span is 10
seconds.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>boot
<optional>-options</optional>
<optional>kernelname</optional></term>
<listitem>
<para>Immediately proceeds to boot the kernel, with the
given options, if any, and with the kernel name given,
if it is.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>boot-conf</term>
<listitem>
<para>Goes through the same automatic configuration of
modules based on variables as what happens at boot.
This only makes sense if you use
<command>unload</command> first, and change some
variables, most commonly <envar>kernel</envar>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>help
<optional>topic</optional></term>
<listitem>
<para>Shows help messages read from
<filename>/boot/loader.help</filename>. If the topic
given is <literal>index</literal>, then the list of
available topics is given.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>include <replaceable>filename</replaceable>
&hellip;</term>
<listitem>
<para>Processes the file with the given filename. The
file is read in, and interpreted line by line. An
error immediately stops the include command.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>load <optional>-t
type</optional>
<replaceable>filename</replaceable></term>
<listitem>
<para>Loads the kernel, kernel module, or file of the
type given, with the filename given. Any arguments
after filename are passed to the file.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>ls <optional>-l</optional>
<optional>path</optional></term>
<listitem>
<para>Displays a listing of files in the given path, or
the root directory, if the path is not specified. If
<option>-l</option> is specified, file sizes will be
shown too.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>lsdev <optional>-v</optional></term>
<listitem>
<para>Lists all of the devices from which it may be
possible to load modules. If <option>-v</option> is
specified, more details are printed.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>lsmod <optional>-v</optional></term>
<listitem>
<para>Displays loaded modules. If <option>-v</option> is
specified, more details are shown.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>more <replaceable>filename</replaceable></term>
<listitem>
<para>Displays the files specified, with a pause at each
<varname>LINES</varname> displayed.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>reboot</term>
<listitem>
<para>Immediately reboots the system.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>set <replaceable>variable</replaceable></term>
<term>set
<replaceable>variable</replaceable>=<replaceable>value</replaceable></term>
<listitem>
<para>Sets the loader's environment variables.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>unload</term>
<listitem>
<para>Removes all loaded modules.</para>
</listitem>
</varlistentry>
</variablelist>
</sect3>
<sect3 xml:id="boot-loader-examples">
<title>Loader Examples</title>
<para>Here are some practical examples of loader usage:</para>
<itemizedlist>
<listitem>
<para>To simply boot your usual kernel, but in single-user
mode:<indexterm><primary>single-user mode</primary></indexterm></para>
<screen><userinput>boot -s</userinput></screen>
</listitem>
<listitem>
<para>To unload your usual kernel and modules, and then
load just your old (or another) kernel:</para>
<screen><userinput>unload</userinput>
<userinput>load kernel.old</userinput></screen>
<para>You can use <filename>kernel.GENERIC</filename> to
refer to the generic kernel that comes on the install
disk, or <filename>kernel.old</filename><indexterm><primary><filename>kernel.old</filename></primary></indexterm> to refer to
your previously installed kernel (when you have upgraded
or configured your own kernel, for example).</para>
<note>
<para>Use the following to load your usual modules with
another kernel:</para>
<screen><userinput>unload</userinput>
<userinput>set kernel="kernel.old"</userinput>
<userinput>boot-conf</userinput></screen></note>
</listitem>
<listitem>
<para>To load a kernel configuration script (an automated
script which does the things you would normally do in the
kernel boot-time configurator):</para>
<screen><userinput>load -t userconfig_script /boot/kernel.conf</userinput></screen>
</listitem>
</itemizedlist>
</sect3>
</sect2>
</sect1>
<sect1 xml:id="boot-kernel">
<title>Kernel Interaction During Boot</title>
<indexterm>
<primary>kernel</primary>
<secondary>boot interaction</secondary>
</indexterm>
<para>Once the kernel is loaded by either <link linkend="boot-loader">loader</link> (as usual) or <link linkend="boot-boot1">boot2</link> (bypassing the loader), it
examines its boot flags, if any, and adjusts its behavior as
necessary.</para>
<sect2 xml:id="boot-kernel-bootflags">
<title>Kernel Boot Flags</title>
<indexterm>
<primary>kernel</primary>
<secondary>bootflags</secondary>
</indexterm>
<para>Here are the more common boot flags:</para>
<variablelist xml:id="boot-kernel-bootflags-list">
<varlistentry>
<term><option>-a</option></term>
<listitem>
<para>during kernel initialization, ask for the device
to mount as the root file system.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-C</option></term>
<listitem>
<para>boot from CDROM.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-c</option></term>
<listitem>
<para>run UserConfig, the boot-time kernel
configurator</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-s</option></term>
<listitem>
<para>boot into single-user mode</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v</option></term>
<listitem>
<para>be more verbose during kernel startup</para>
</listitem>
</varlistentry>
</variablelist>
<note>
<para>There are other boot flags, read &man.boot.8; for more
information on them.</para></note>
</sect2>
<!-- <sect2 id="boot-kernel-userconfig">
<title>UserConfig: the Boot-time Kernel Configurator</title>
<para> </para>
</sect2> -->
</sect1>
<sect1 xml:id="device-hints">
<info><title>Device Hints</title>
<authorgroup>
<author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<indexterm>
<primary>device.hints</primary>
</indexterm>
<note><para>This is a FreeBSD&nbsp;5.0 and later feature which does not
exist in earlier versions.</para></note>
<para>During initial system startup, the boot &man.loader.8; will read the
&man.device.hints.5; file. This file stores kernel boot information
known as variables, sometimes referred to as <quote>device hints</quote>.
These <quote>device hints</quote> are used by device drivers for device
configuration.</para>
<para>Device hints may also be specified at the <link linkend="boot-loader">
Stage 3 boot loader</link> prompt. Variables can be added using
<command>set</command>, removed with <command>unset</command>, and viewed
with the <command>show</command> commands. Variables set in the
<filename>/boot/device.hints</filename> file can be overridden here also. Device hints entered at
the boot loader are not permanent and will be forgotten on the next
reboot.</para>
<para>Once the system is booted, the &man.kenv.1; command can be used to
dump all of the variables.</para>
<para>The syntax for the <filename>/boot/device.hints</filename> file is one variable per line, using
the standard hash <quote>#</quote> as comment markers. Lines are
constructed as follows:</para>
<screen><userinput>hint.driver.unit.keyword="value"</userinput></screen>
<para>The syntax for the Stage 3 boot loader is:</para>
<screen><userinput>set hint.driver.unit.keyword=value</userinput></screen>
<para><literal>driver</literal> is the device driver name, <literal>unit</literal>
is the device driver unit number, and <literal>keyword</literal> is the hint
keyword. The keyword may consist of the following options:</para>
<itemizedlist>
<listitem>
<para><literal>at</literal>: specifies the bus which the device is attached to.</para>
</listitem>
<listitem>
<para><literal>port</literal>: specifies the start address of the <acronym>I/O</acronym>
to be used.</para>
</listitem>
<listitem>
<para><literal>irq</literal>: specifies the interrupt request number to be used.</para>
</listitem>
<listitem>
<para><literal>drq</literal>: specifies the DMA channel number.</para>
</listitem>
<listitem>
<para><literal>maddr</literal>: specifies the physical memory address occupied by the
device.</para>
</listitem>
<listitem>
<para><literal>flags</literal>: sets various flag bits for the device.</para>
</listitem>
<listitem>
<para><literal>disabled</literal>: if set to <literal>1</literal> the device is disabled.</para>
</listitem>
</itemizedlist>
<para>Device drivers may accept (or require) more hints not listed here, viewing
their manual page is recommended. For more information, consult the
&man.device.hints.5;, &man.kenv.1;, &man.loader.conf.5;, and &man.loader.8;
manual pages.</para>
</sect1>
<sect1 xml:id="boot-init">
<title>Init: Process Control Initialization</title>
<indexterm>
<primary><command>init</command></primary>
</indexterm>
<para>Once the kernel has finished booting, it passes control to
the user process &man.init.8;, which is located at
<filename>/sbin/init</filename>, or the program path specified
in the <envar>init_path</envar> variable in
<command>loader</command>.</para>
<sect2 xml:id="boot-autoreboot">
<title>Automatic Reboot Sequence</title>
<para>The automatic reboot sequence makes sure that the
file systems available on the system are consistent. If they
are not, and &man.fsck.8; cannot fix the
inconsistencies, &man.init.8; drops the system
into <link linkend="boot-singleuser">single-user mode</link>
for the system administrator to take care of the problems
directly.</para>
</sect2>
<sect2 xml:id="boot-singleuser">
<title>Single-User Mode</title>
<indexterm><primary>single-user mode</primary></indexterm>
<indexterm><primary>console</primary></indexterm>
<para>This mode can be reached through the <link linkend="boot-autoreboot">automatic reboot
sequence</link>, or by the user booting with the
<option>-s</option> option or setting the
<envar>boot_single</envar> variable in
<command>loader</command>.</para>
<para>It can also be reached by calling
&man.shutdown.8; without the reboot
(<option>-r</option>) or halt (<option>-h</option>) options,
from <link linkend="boot-multiuser">multi-user
mode</link>.</para>
<para>If the system <literal>console</literal> is set
to <literal>insecure</literal> in <filename>/etc/ttys</filename>,
then the system prompts for the <systemitem class="username">root</systemitem> password
before initiating single-user mode.</para>
<example xml:id="boot-insecure-console">
<title>An Insecure Console in <filename>/etc/ttys</filename></title>
<programlisting># name getty type status comments
#
# If console is marked "insecure", then init will ask for the root password
# when going to single-user mode.
console none unknown off insecure</programlisting>
</example>
<note>
<para>An <literal>insecure</literal> console means that you
consider your physical security to the console to be
insecure, and want to make sure only someone who knows the
<systemitem class="username">root</systemitem> password may use single-user mode, and it
does not mean that you want to run your console insecurely. Thus,
if you want security, choose <literal>insecure</literal>,
not <literal>secure</literal>.</para>
</note>
</sect2>
<sect2 xml:id="boot-multiuser">
<title>Multi-User Mode</title>
<indexterm><primary>multi-user mode</primary></indexterm>
<para>If &man.init.8; finds your file systems to be
in order, or once the user has finished in <link linkend="boot-singleuser">single-user mode</link>, the
system enters multi-user mode, in which it starts the
resource configuration of the system.</para>
<sect3 xml:id="boot-rc">
<title>Resource Configuration (rc)</title>
<indexterm><primary>rc files</primary></indexterm>
<para>The resource configuration system reads in
configuration defaults from
<filename>/etc/defaults/rc.conf</filename>, and
system-specific details from
<filename>/etc/rc.conf</filename>, and then proceeds to
mount the system file systems mentioned in
<filename>/etc/fstab</filename>, start up networking
services, start up miscellaneous system daemons, and
finally runs the startup scripts of locally installed
packages.</para>
<para>The &man.rc.8; manual page is a good reference to the resource
configuration system, as is examining the scripts
themselves.</para>
</sect3>
</sect2>
</sect1>
<sect1 xml:id="boot-shutdown">
<title>Shutdown Sequence</title>
<indexterm>
<primary><command>shutdown</command></primary>
</indexterm>
<para>Upon controlled shutdown, via &man.shutdown.8;,
&man.init.8; will attempt to run the script
<filename>/etc/rc.shutdown</filename>, and then proceed to send
all processes the <literal>TERM</literal> signal, and subsequently
the <literal>KILL</literal> signal to any that do not terminate
timely.</para>
<para>To power down a FreeBSD machine on architectures and systems
that support power management, simply use the command
<command>shutdown -p now</command> to turn the power off
immediately. To just reboot a FreeBSD system, just use
<command>shutdown -r now</command>. You need to be
<systemitem class="username">root</systemitem> or a member of
<systemitem class="groupname">operator</systemitem> group to run &man.shutdown.8;.
The &man.halt.8; and &man.reboot.8; commands can also be used,
please refer to their manual pages and to &man.shutdown.8;'s one
for more information.</para>
<note>
<para>Power management requires &man.acpi.4; support in the kernel
or loaded as module for FreeBSD&nbsp;5.X and &man.apm.4;
support for FreeBSD&nbsp;4.X.</para>
</note>
</sect1>
</chapter>

15
zh_TW.UTF-8/books/handbook/bsdinstall/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= bsdinstall/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

2632
zh_TW.UTF-8/books/handbook/bsdinstall/chapter.xml
View file

File diff suppressed because it is too large Load diff

68
zh_TW.UTF-8/books/handbook/chapters.ent
View file

@ -1,68 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Creates entities for each chapter in the FreeBSD Handbook. Each entity
is named chap.foo, where foo is the value of the id attribute on that
chapter, and corresponds to the name of the directory in which that
chapter's .xml file is stored.
Chapters should be listed in the order in which they are referenced.
$FreeBSD$
Original revision: r45602
-->
<!ENTITY chap.preface SYSTEM "preface/preface.xml">
<!ENTITY % pgpkeys SYSTEM "../../../share/pgpkeys/pgpkeys.ent"> %pgpkeys;
<!-- Part One -->
<!ENTITY chap.introduction SYSTEM "introduction/chapter.xml">
<!ENTITY chap.bsdinstall SYSTEM "bsdinstall/chapter.xml">
<!ENTITY chap.basics SYSTEM "basics/chapter.xml">
<!ENTITY chap.ports SYSTEM "ports/chapter.xml">
<!ENTITY chap.x11 SYSTEM "x11/chapter.xml">
<!-- Part Two -->
<!ENTITY chap.desktop SYSTEM "desktop/chapter.xml">
<!ENTITY chap.multimedia SYSTEM "multimedia/chapter.xml">
<!ENTITY chap.kernelconfig SYSTEM "kernelconfig/chapter.xml">
<!ENTITY chap.printing SYSTEM "printing/chapter.xml">
<!ENTITY chap.linuxemu SYSTEM "linuxemu/chapter.xml">
<!-- Part Three -->
<!ENTITY chap.config SYSTEM "config/chapter.xml">
<!ENTITY chap.boot SYSTEM "boot/chapter.xml">
<!ENTITY chap.security SYSTEM "security/chapter.xml">
<!ENTITY chap.jails SYSTEM "jails/chapter.xml">
<!ENTITY chap.mac SYSTEM "mac/chapter.xml">
<!ENTITY chap.audit SYSTEM "audit/chapter.xml">
<!ENTITY chap.disks SYSTEM "disks/chapter.xml">
<!ENTITY chap.geom SYSTEM "geom/chapter.xml">
<!ENTITY chap.zfs SYSTEM "zfs/chapter.xml">
<!ENTITY chap.filesystems SYSTEM "filesystems/chapter.xml">
<!ENTITY chap.virtualization SYSTEM "virtualization/chapter.xml">
<!ENTITY chap.l10n SYSTEM "l10n/chapter.xml">
<!ENTITY chap.cutting-edge SYSTEM "cutting-edge/chapter.xml">
<!ENTITY chap.dtrace SYSTEM "dtrace/chapter.xml">
<!-- Part Four -->
<!ENTITY chap.serialcomms SYSTEM "serialcomms/chapter.xml">
<!ENTITY chap.ppp-and-slip SYSTEM "ppp-and-slip/chapter.xml">
<!ENTITY chap.mail SYSTEM "mail/chapter.xml">
<!ENTITY chap.network-servers SYSTEM "network-servers/chapter.xml">
<!ENTITY chap.firewalls SYSTEM "firewalls/chapter.xml">
<!ENTITY chap.advanced-networking SYSTEM "advanced-networking/chapter.xml">
<!-- Part Five (appendices) -->
<!ENTITY chap.mirrors SYSTEM "mirrors/chapter.xml">
<!ENTITY chap.mirrors.lastmod.inc SYSTEM "mirrors.lastmod.inc">
<!ENTITY chap.mirrors.ftp.index.inc SYSTEM "mirrors.xml.ftp.index.inc">
<!ENTITY chap.mirrors.ftp.inc SYSTEM "mirrors.xml.ftp.inc">
<!ENTITY chap.bibliography SYSTEM "bibliography/chapter.xml">
<!ENTITY chap.eresources SYSTEM "eresources/chapter.xml">
<!ENTITY chap.eresources.www.index.inc SYSTEM "eresources.xml.www.index.inc">
<!ENTITY chap.eresources.www.inc SYSTEM "eresources.xml.www.inc">
<!ENTITY chap.pgpkeys SYSTEM "pgpkeys/chapter.xml">
<!ENTITY chap.freebsd-glossary SYSTEM "../../share/xml/glossary.ent">
<!ENTITY chap.index "<index xmlns='http://docbook.org/ns/docbook'/>">
<!ENTITY chap.colophon SYSTEM "colophon.xml">

19
zh_TW.UTF-8/books/handbook/colophon.xml
View file

@ -1,19 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
-->
<colophon xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="colophon">
<para>本手冊是由數以百計
<quote>The FreeBSD 文件計劃</quote>的志願工作者所合作而成。
這些文字是由依據 DocBook DTD 規範的XML所寫
並由XSLT將XML轉換成其他不同格式。
要是沒有 Donald Knuth 的 &tex; 排版語言, Leslie Lamport 的
<application>LaTeX</application>, 或 Sebastian Rahtz 的
<application>JadeTeX</application> 巨集套件的重要貢獻,
本文件的印刷版本將無以完成。</para>
</colophon>

16
zh_TW.UTF-8/books/handbook/config/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= config/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

3120
zh_TW.UTF-8/books/handbook/config/chapter.xml
View file

File diff suppressed because it is too large Load diff

16
zh_TW.UTF-8/books/handbook/cutting-edge/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= cutting-edge/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

2076
zh_TW.UTF-8/books/handbook/cutting-edge/chapter.xml
View file

File diff suppressed because it is too large Load diff

16
zh_TW.UTF-8/books/handbook/desktop/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= desktop/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1037
zh_TW.UTF-8/books/handbook/desktop/chapter.xml
View file

File diff suppressed because it is too large Load diff

16
zh_TW.UTF-8/books/handbook/disks/Makefile
View file

@ -1,16 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= disks/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

3638
zh_TW.UTF-8/books/handbook/disks/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/dtrace/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= dtrace/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

359
zh_TW.UTF-8/books/handbook/dtrace/chapter.xml
View file

@ -1,359 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Recently I suggested to myself that this should become a profiling
and debugging chapter, which covers things like ktrace(1) and
using other debugging (like -x in shell scripts). But then I
realized that, over time and while DTrace becomes better supported,
that might make this chapter too large.
-->
<!--
The FreeBSD Documentation Project
$FreeBSD$
-->
<!-- XXXTR: Should probably put links and resources here. I'm
nervous about this chapter as it may require a partial
re-write and large modification once DTrace is complete, but
at least we can get everyone started ... -->
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="dtrace">
<info>
<title>&dtrace;</title>
<authorgroup>
<author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Written
by </contrib></author>
</authorgroup>
</info>
<sect1 xml:id="dtrace-synopsis">
<title>Synopsis</title>
<indexterm><primary>&dtrace;</primary></indexterm>
<indexterm>
<primary>&dtrace; support</primary>
<see>&dtrace;</see>
</indexterm>
<para>&dtrace;, also known as Dynamic Tracing, was developed by
&sun; as a tool for locating performance bottlenecks in
production and pre-production systems. In addition to
diagnosing performance problems, &dtrace; can be used to help
investigate and debug unexpected behavior in both the &os;
kernel and in userland programs.</para>
<para>&dtrace; is a remarkable profiling tool, with an impressive
array of features for diagnosing system issues. It may also be
used to run pre-written scripts to take advantage of its
capabilities. Users can author their own utilities using the
&dtrace; D Language, allowing them to customize their profiling
based on specific needs.</para>
<para>The &os; implementation provides full support for kernel
&dtrace; and experimental support for userland &dtrace;.
Userland &dtrace; allows users to perform function boundary
tracing for userland programs using the <literal>pid</literal>
provider, and to insert static probes into userland programs for
later tracing. Some ports, such as
<package>databases/postgres-server</package> and
<package>lang/php5</package> have a &dtrace; option to enable
static probes. &os; 10.0-RELEASE has reasonably good userland
&dtrace; support, but it is not considered production ready. In
particular, it is possible to crash traced programs.</para>
<para>After reading this chapter, you will know:</para>
<itemizedlist>
<listitem>
<para>What &dtrace; is and what features it provides.</para>
</listitem>
<listitem>
<para>Differences between the &solaris; &dtrace;
implementation and the one provided by &os;.</para>
</listitem>
<listitem>
<para>How to enable and use &dtrace; on &os;.</para>
</listitem>
</itemizedlist>
<para>Before reading this chapter, you should:</para>
<itemizedlist>
<listitem>
<para>Understand &unix; and &os; basics
(<xref linkend="basics"/>).</para>
</listitem>
<listitem>
<para>Have some familiarity with security and how it pertains
to &os; (<xref linkend="security"/>).</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="dtrace-implementation">
<title>Implementation Differences</title>
<para>While the &dtrace; in &os; is similar to that found in
&solaris;, differences do exist. The primary difference is that
in &os;, &dtrace; is implemented as a set of kernel modules and
&dtrace; can not be used until the modules are loaded. To load
all of the necessary modules:</para>
<screen>&prompt.root; <userinput>kldload dtraceall</userinput></screen>
<para>Beginning with &os; 10.0-RELEASE, the modules are
automatically loaded when <command>dtrace</command> is
run.</para>
<para>&os; uses the <literal>DDB_CTF</literal> kernel option to
enable support for loading <acronym>CTF</acronym> data from
kernel modules and the kernel itself. <acronym>CTF</acronym> is
the &solaris; Compact C Type Format which encapsulates a reduced
form of debugging information similar to
<acronym>DWARF</acronym> and the venerable stabs.
<acronym>CTF</acronym> data is added to binaries by the
<command>ctfconvert</command> and <command>ctfmerge</command>
build tools. The <command>ctfconvert</command> utility parses
<acronym>DWARF</acronym> <acronym>ELF</acronym> debug sections
created by the compiler and <command>ctfmerge</command> merges
<acronym>CTF</acronym> <acronym>ELF</acronym> sections from
objects into either executables or shared libraries.</para>
<para>Some different providers exist for &os; than for &solaris;.
Most notable is the <literal>dtmalloc</literal> provider, which
allows tracing <function>malloc()</function> by type in the &os;
kernel. Some of the providers found in &solaris;, such as
<literal>cpc</literal> and <literal>mib</literal>, are not
present in &os;. These may appear in future versions of &os;.
Moreover, some of the providers available in both operating
systems are not compatible, in the sense that their probes have
different argument types. Thus, <acronym>D</acronym> scripts
written on &solaris; may or may not work unmodified on &os;, and
vice versa.</para>
<para>Due to security differences, only <systemitem
class="username">root</systemitem> may use &dtrace; on &os;.
&solaris; has a few low level security checks which do not yet
exist in &os;. As such, the
<filename>/dev/dtrace/dtrace</filename> is strictly limited to
<systemitem class="username">root</systemitem>.</para>
<para>&dtrace; falls under the Common Development and Distribution
License (<acronym>CDDL</acronym>) license. To view this license
on &os;, see
<filename>/usr/src/cddl/contrib/opensolaris/OPENSOLARIS.LICENSE</filename>
or view it online at <uri
xlink:href="http://opensource.org/licenses/CDDL-1.0">http://opensource.org/licenses/CDDL-1.0</uri>.
While a &os; kernel with &dtrace; support is
<acronym>BSD</acronym> licensed, the <acronym>CDDL</acronym> is
used when the modules are distributed in binary form or the
binaries are loaded.</para>
</sect1>
<sect1 xml:id="dtrace-enable">
<title>Enabling &dtrace; Support</title>
<para>In &os; 9.2 and 10.0, &dtrace; support is built into the
<filename>GENERIC</filename> kernel. Users of earlier versions
of &os; or who prefer to statically compile in &dtrace; support
should add the following lines to a custom kernel configuration
file and recompile the kernel using the instructions in <xref
linkend="kernelconfig"/>:</para>
<programlisting>options KDTRACE_HOOKS
options DDB_CTF
options DEBUG=-g</programlisting>
<para>Users of the AMD64 architecture should also add this
line:</para>
<programlisting>options KDTRACE_FRAME</programlisting>
<para>This option provides support for <acronym>FBT</acronym>.
While &dtrace; will work without this option, there will be
limited support for function boundary tracing.</para>
<para>Once the &os; system has rebooted into the new kernel, or
the &dtrace; kernel modules have been loaded using
<command>kldload dtraceall</command>, the system will need
support for the Korn shell as the &dtrace;
Toolkit has several utilities written in <command>ksh</command>.
Make sure that the <package>shells/ksh93</package> package or
port is installed. It is also possible to run these tools under
<package>shells/pdksh</package> or
<package>shells/mksh</package>.</para>
<para>Finally, install the current &dtrace; Toolkit,
a collection of ready-made scripts
for collecting system information. There are scripts to check
open files, memory, <acronym>CPU</acronym> usage, and a lot
more. &os; 10
installs a few of these scripts into
<filename>/usr/share/dtrace</filename>. On other &os; versions,
or to install the full
&dtrace; Toolkit, use the
<package>sysutils/DTraceToolkit</package> package or
port.</para>
<note>
<para>The scripts found in
<filename>/usr/share/dtrace</filename> have been specifically
ported to &os;. Not all of the scripts found in the &dtrace;
Toolkit will work as-is on &os; and some scripts may require
some effort in order for them to work on &os;.</para>
</note>
<para>The &dtrace; Toolkit includes many scripts in the special
language of &dtrace;. This language is called the D language
and it is very similar to C++. An in depth discussion of the
language is beyond the scope of this document. It is
extensively discussed at <uri
xlink:href="http://wikis.oracle.com/display/DTrace/Documentation">http://wikis.oracle.com/display/DTrace/Documentation</uri>.</para>
</sect1>
<sect1 xml:id="dtrace-using">
<title>Using &dtrace;</title>
<para>&dtrace; scripts consist of a list of one or more
<firstterm>probes</firstterm>, or instrumentation points, where
each probe is associated with an action. Whenever the condition
for a probe is met, the associated action is executed. For
example, an action may occur when a file is opened, a process is
started, or a line of code is executed. The action might be to
log some information or to modify context variables. The
reading and writing of context variables allows probes to share
information and to cooperatively analyze the correlation of
different events.</para>
<para>To view all probes, the administrator can execute the
following command:</para>
<screen>&prompt.root; <userinput>dtrace -l | more</userinput></screen>
<para>Each probe has an <literal>ID</literal>, a
<literal>PROVIDER</literal> (dtrace or fbt), a
<literal>MODULE</literal>, and a
<literal>FUNCTION NAME</literal>. Refer to &man.dtrace.1; for
more information about this command.</para>
<para>The examples in this section provide an overview of how to
use two of the fully supported scripts from the
&dtrace; Toolkit: the
<filename>hotkernel</filename> and
<filename>procsystime</filename> scripts.</para>
<para>The <filename>hotkernel</filename> script is designed to
identify which function is using the most kernel time. It will
produce output similar to the following:</para>
<screen>&prompt.root; <userinput>cd /usr/share/dtrace/toolkit</userinput>
&prompt.root; <userinput>./hotkernel</userinput>
Sampling... Hit Ctrl-C to end.</screen>
<para>As instructed, use the
<keycombo action="simul"><keycap>Ctrl</keycap><keycap>C</keycap>
</keycombo> key combination to stop the process. Upon
termination, the script will display a list of kernel functions
and timing information, sorting the output in increasing order
of time:</para>
<screen>kernel`_thread_lock_flags 2 0.0%
0xc1097063 2 0.0%
kernel`sched_userret 2 0.0%
kernel`kern_select 2 0.0%
kernel`generic_copyin 3 0.0%
kernel`_mtx_assert 3 0.0%
kernel`vm_fault 3 0.0%
kernel`sopoll_generic 3 0.0%
kernel`fixup_filename 4 0.0%
kernel`_isitmyx 4 0.0%
kernel`find_instance 4 0.0%
kernel`_mtx_unlock_flags 5 0.0%
kernel`syscall 5 0.0%
kernel`DELAY 5 0.0%
0xc108a253 6 0.0%
kernel`witness_lock 7 0.0%
kernel`read_aux_data_no_wait 7 0.0%
kernel`Xint0x80_syscall 7 0.0%
kernel`witness_checkorder 7 0.0%
kernel`sse2_pagezero 8 0.0%
kernel`strncmp 9 0.0%
kernel`spinlock_exit 10 0.0%
kernel`_mtx_lock_flags 11 0.0%
kernel`witness_unlock 15 0.0%
kernel`sched_idletd 137 0.3%
0xc10981a5 42139 99.3%</screen>
<!-- XXXTR: I attempted to use objdump and nm on /boot/kernel/kernel
to find 0xc10981a5, but to no avail. It would be nice to know
how we should look that up. -->
<para>This script will also work with kernel modules. To use this
feature, run the script with <option>-m</option>:</para>
<screen>&prompt.root; <userinput>./hotkernel -m</userinput>
Sampling... Hit Ctrl-C to end.
^C
MODULE COUNT PCNT
0xc107882e 1 0.0%
0xc10e6aa4 1 0.0%
0xc1076983 1 0.0%
0xc109708a 1 0.0%
0xc1075a5d 1 0.0%
0xc1077325 1 0.0%
0xc108a245 1 0.0%
0xc107730d 1 0.0%
0xc1097063 2 0.0%
0xc108a253 73 0.0%
kernel 874 0.4%
0xc10981a5 213781 99.6%</screen>
<!-- XXXTR: I was unable to match these up with output from
kldstat and kldstat -v and grep. Maybe I'm missing something
seriously obvious. It is 5AM btw. -->
<para>The <filename>procsystime</filename> script captures and
prints the system call time usage for a given process
<acronym>ID</acronym> (<acronym>PID</acronym>) or process name.
In the following example, a new instance of
<filename>/bin/csh</filename> was spawned. Then,
<filename>procsystime</filename> was executed and remained
waiting while a few commands were typed on the other incarnation
of <command>csh</command>. These are the results of this
test:</para>
<screen>&prompt.root; <userinput>./procsystime -n csh</userinput>
Tracing... Hit Ctrl-C to end...
^C
Elapsed Times for processes csh,
SYSCALL TIME (ns)
getpid 6131
sigreturn 8121
close 19127
fcntl 19959
dup 26955
setpgid 28070
stat 31899
setitimer 40938
wait4 62717
sigaction 67372
sigprocmask 119091
gettimeofday 183710
write 263242
execve 492547
ioctl 770073
vfork 3258923
sigsuspend 6985124
read 3988049784</screen>
<para>As shown, the <function>read()</function> system call used
the most time in nanoseconds while the
<function>getpid()</function> system call used the least amount
of time.</para>
</sect1>
</chapter>

15
zh_TW.UTF-8/books/handbook/eresources/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
# $FreeBSD$
# Original revision: 1.1
#
CHAPTERS= eresources/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1577
zh_TW.UTF-8/books/handbook/eresources/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/filesystems/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= filesystems/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

219
zh_TW.UTF-8/books/handbook/filesystems/chapter.xml
View file

@ -1,219 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
-->
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="filesystems">
<info>
<title>Other File Systems</title>
<authorgroup>
<author><personname><firstname>Tom</firstname><surname>Rhodes</surname></personname><contrib>Written
by </contrib></author>
</authorgroup>
</info>
<sect1 xml:id="filesystems-synopsis">
<title>Synopsis</title>
<indexterm><primary>File Systems</primary></indexterm>
<indexterm>
<primary>File Systems Support</primary>
<see>File Systems</see>
</indexterm>
<para>File systems are an integral part of any operating system.
They allow users to upload and store files, provide access to
data, and make hard drives useful. Different operating systems
differ in their native file system. Traditionally, the native
&os; file system has been the Unix File System
<acronym>UFS</acronym> which has been modernized as
<acronym>UFS2</acronym>. Since &os;&nbsp;7.0, the Z File System
(<acronym>ZFS</acronym>) is also available as a native file
system. See <xref linkend="zfs"/> for more information.</para>
<para>In addition to its native file systems, &os; supports a
multitude of other file systems so that data from other
operating systems can be accessed locally, such as data stored
on locally attached <acronym>USB</acronym> storage devices,
flash drives, and hard disks. This includes support for the
&linux; Extended File System (<acronym>EXT</acronym>) and the
Reiser file system.</para>
<para>There are different levels of &os; support for the various
file systems. Some require a kernel module to be loaded and
others may require a toolset to be installed. Some non-native
file system support is full read-write while others are
read-only.</para>
<para>After reading this chapter, you will know:</para>
<itemizedlist>
<listitem>
<para>The difference between native and supported file
systems.</para>
</listitem>
<listitem>
<para>Which file systems are supported by &os;.</para>
</listitem>
<listitem>
<para>How to enable, configure, access, and make use of
non-native file systems.</para>
</listitem>
</itemizedlist>
<para>Before reading this chapter, you should:</para>
<itemizedlist>
<listitem>
<para>Understand &unix; and <link
linkend="basics">&os; basics</link>.</para>
</listitem>
<listitem>
<para>Be familiar with the basics of <link
linkend="kernelconfig">kernel configuration and
compilation</link>.</para>
</listitem>
<listitem>
<para>Feel comfortable <link linkend="ports">installing
software</link> in &os;.</para>
</listitem>
<listitem>
<para>Have some familiarity with <link
linkend="disks">disks</link>, storage, and device names in
&os;.</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="filesystems-linux">
<title>&linux; File Systems</title>
<para>&os; provides built-in support for several &linux; file
systems. This section demonstrates how to load support for and
how to mount the supported &linux; file systems.</para>
<sect2>
<title><acronym>ext2</acronym></title>
<para>Kernel support for ext2 file systems has
been available since &os;&nbsp;2.2. In &os;&nbsp;8.x and
earlier, the code is licensed under the
<acronym>GPL</acronym>. Since &os;&nbsp;9.0, the code has
been rewritten and is now <acronym>BSD</acronym>
licensed.</para>
<para>The &man.ext2fs.5; driver allows the &os; kernel to both
read and write to ext2 file systems.</para>
<note>
<para>
This driver can also be used to access ext3 and ext4 file
systems. However, ext3 journaling, extended attributes, and
inodes greater than 128-bytes are not supported. Support
for ext4 is read-only.</para>
</note>
<para>To access an ext file system, first
load the kernel loadable module:</para>
<screen>&prompt.root; <userinput>kldload ext2fs</userinput></screen>
<para>Then, mount the ext volume by specifying its &os;
partition name and an existing mount point. This example
mounts <filename>/dev/ad1s1</filename> on
<filename>/mnt</filename>:</para>
<screen>&prompt.root; <userinput>mount -t ext2fs <replaceable>/dev/ad1s1</replaceable> <replaceable>/mnt</replaceable></userinput></screen>
</sect2>
<sect2>
<title>XFS</title>
<para>A &os; kernel can be configured to provide read-only
support for <acronym>XFS</acronym>
file systems.</para>
<para>To compile in <acronym>XFS</acronym> support, add the
following option to a custom kernel configuration file and
recompile the kernel using the instructions in <xref
linkend="kernelconfig"/>:</para>
<programlisting>options XFS</programlisting>
<para>Then, to mount an <acronym>XFS</acronym> volume located on
<filename>/dev/ad1s1</filename>:</para>
<screen>&prompt.root; <userinput>mount -t xfs <replaceable>/dev/ad1s1</replaceable> <replaceable>/mnt</replaceable></userinput></screen>
<para>The <package>sysutils/xfsprogs</package> package or
port provides additional
utilities, with man pages, for using, analyzing, and repairing
<acronym>XFS</acronym> file systems.</para>
</sect2>
<sect2>
<title>ReiserFS</title>
<para>&os; provides read-only support for The Reiser file
system, ReiserFS.</para>
<para>To load the &man.reiserfs.5; driver:</para>
<screen>&prompt.root; <userinput>kldload reiserfs</userinput></screen>
<para>Then, to mount a ReiserFS volume located on
<filename>/dev/ad1s1</filename>:</para>
<screen>&prompt.root; <userinput>mount -t reiserfs <replaceable>/dev/ad1s1</replaceable> <replaceable>/mnt</replaceable></userinput></screen>
</sect2>
</sect1>
<!--
<sect1>
<title>Device File System</title>
</sect1>
<sect1>
<title>DOS and NTFS File Systems</title>
<para>This is a good section for those who transfer files, using
USB devices, from Windows to FreeBSD and vice-versa. My camera,
and many other cameras I have seen default to using FAT16. There
is (was?) a kde utility, I think called kamera, that could be used
to access camera devices. A section on this would be useful.</para>
<para>XXXTR: Though! The disks chapter, covers a bit of this and
devfs under it's USB devices. It leaves a lot to be desired though,
see:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/usb-disks.html
It may be better to flesh out that section a bit more. Add the
word "camera" to it so that others can easily notice.</para>
</sect1>
<sect1>
<title>Linux EXT File System</title>
<para>Probably NOT as useful as the other two, but it requires
knowledge of the existence of the tools. Which are hidden in
the ports collection. Most Linux guys would probably only use
Linux, BSD guys would be smarter and use NFS.</para>
</sect1>
<sect1>
<title>HFS</title>
<para>I think this is the file system used on Apple OSX. There are
tools in the ports collection, and with Apple being a big
FreeBSD supporter and user of our technologies, surely there
is enough cross over to cover this?</para>
</sect1>
-->
</chapter>

15
zh_TW.UTF-8/books/handbook/firewalls/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= firewalls/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

3260
zh_TW.UTF-8/books/handbook/firewalls/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/geom/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= geom/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1220
zh_TW.UTF-8/books/handbook/geom/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/install/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= install/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

4569
zh_TW.UTF-8/books/handbook/install/chapter.xml
View file

File diff suppressed because it is too large Load diff

7
zh_TW.UTF-8/books/handbook/install/example-dir1.dot
View file

@ -1,7 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/";
root -> "A2/";
}

8
zh_TW.UTF-8/books/handbook/install/example-dir2.dot
View file

@ -1,8 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/" -> "B1/";
"A1/" -> "B2/";
root -> "A2/";
}

8
zh_TW.UTF-8/books/handbook/install/example-dir3.dot
View file

@ -1,8 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/";
root -> "A2/" -> "B1/";
"A2/" -> "B2/";
}

9
zh_TW.UTF-8/books/handbook/install/example-dir4.dot
View file

@ -1,9 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/";
root -> "A2/" -> "B1/" -> "C1/";
"B1/" -> "C2/";
"A2/" -> "B2/";
}

9
zh_TW.UTF-8/books/handbook/install/example-dir5.dot
View file

@ -1,9 +0,0 @@
// $FreeBSD$
digraph directory {
root [label="Root\n/"];
root -> "A1/" -> "C1/";
"A1/" -> "C2/";
root -> "A2/" -> "B1/";
"A2/" -> "B2/";
}

15
zh_TW.UTF-8/books/handbook/introduction/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= introduction/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

842
zh_TW.UTF-8/books/handbook/introduction/chapter.xml
View file

@ -1,842 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.125
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="introduction">
<info><title>簡介</title>
<authorgroup>
<author><personname><firstname>Jim</firstname><surname>Mock</surname></personname><contrib>Restructured, reorganized, and parts
rewritten by </contrib></author>
</authorgroup>
</info>
<sect1 xml:id="introduction-synopsis">
<title>概述</title>
<para>非常感謝您對 &os; 感興趣!以下章節涵蓋 &os;
計劃的各方面:比如它的歷史、目標、開發模式等等。</para>
<para>讀完這章,您將了解︰</para>
<itemizedlist>
<listitem>
<para>&os; 與其他 OS 之間的關係;</para>
</listitem>
<listitem>
<para>&os; 計劃的歷史源流;</para>
</listitem>
<listitem>
<para>&os; 計劃的目標;</para>
</listitem>
<listitem>
<para>&os; open-source 開發模式的基礎概念;</para>
</listitem>
<listitem>
<para>當然囉,還有 <quote>&os;</quote> 這名字的由來。</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="nutshell">
<title>Welcome to &os;!</title>
<indexterm><primary>4.4BSD-Lite</primary></indexterm>
<para>&os; 是一個從 4.4BSD-Lite 衍生出而能在以 Intel (x86 and &itanium;),
AMD64, <trademark>Alpha</trademark>, Sun &ultrasparc;
為基礎的電腦上執行的作業系統。同時,移植到其他平台的工作也在進行中。
對於本計劃歷史的介紹,請看 <link linkend="history">&os; 歷史源流</link>
對於 &os; 的最新版本介紹,請看 <link linkend="relnotes">current release
</link>。若打算對於 &os; 計劃有所貢獻的話(像是程式碼硬體設備、基金)
請看 <link xlink:href="&url.articles.contributing;/index.html">如何對 &os;
有貢獻</link></para>
<sect2 xml:id="os-overview">
<title>&os; 能做什麼?</title>
<para>&os; 提供給你許多先進功能。這些功能包括:</para>
<itemizedlist>
<listitem>
<indexterm><primary>先佔式多工(preemptive multitasking)</primary></indexterm>
<para>動態優先權調整的『先佔式多工』能夠確保,即使在系統負擔很重的情況下,
程式執行平順並且應用程式與使用者公平地共享資源。</para>
</listitem>
<listitem>
<indexterm><primary>支援多人共用</primary></indexterm>
<para>『多人共用(multi-user)』代表著許多人可以同時使用一個 &os; 系統來處理各自的事務。
系統的硬體周邊(如印表機及磁帶機)也可以讓所有的使用者適當地分享。
也可以針對各別使用者或一群使用者的系統資源,予以設限,
以保護系統不致被過度使用。</para>
</listitem>
<listitem>
<indexterm><primary>TCP/IP 網路功能</primary></indexterm>
<para>好用的『TCP/IP 網路功能』可支援許多業界標準,比如:
SCTP、DHCP、NFS、NIS、PPP、SLIP、IPSec、IPv6 的支援,也就是說 &os;
可以容易地跟其他作業系統透過網路共同運作,或是當作企業的伺服器用途
,例如提供遠端檔案共享(NFS)及電子郵件(email)等服務,
或是讓您的企業連上網際網路(Internet)並提供 WWW、FTP、
路由(routing)、及防火牆(firewall、security) 等必備服務。</para>
</listitem>
<listitem>
<indexterm><primary>記憶體保護</primary></indexterm>
<para>『記憶體保護(Memory protection)』能確保程式(或是使用者)不會互相干擾,
即使任何程式有不正常的運作,都不會影響其他程式的執行。</para>
</listitem>
<listitem>
<para>&os; 是『32位元(32-bit)』的作業系統
(在 Alpha、&itanium;、 AMD64 及 &ultrasparc; 上則是『64位元(64-bit)』)
— 打從一開始便是這樣設計的。</para>
</listitem>
<listitem>
<indexterm>
<primary>X Window System</primary>
<seealso>XFree86</seealso>
</indexterm>
<para>業界標準的『X Window 系統』(X11R7)可以在常見的便宜 VGA 顯示卡/螢幕,
提供了圖形化的使用者介面(GUI),並且包括了完整的原始程式碼。</para>
</listitem>
<listitem>
<indexterm>
<primary>binary compatibility</primary>
<secondary>Linux</secondary>
</indexterm>
<indexterm>
<primary>binary compatibility</primary>
<secondary>SCO</secondary>
</indexterm>
<indexterm>
<primary>binary compatibility</primary>
<secondary>SVR4</secondary>
</indexterm>
<indexterm>
<primary>binary compatibility</primary>
<secondary>BSD/OS</secondary>
</indexterm>
<indexterm>
<primary>binary compatibility</primary>
<secondary>NetBSD</secondary>
</indexterm>
<para>能『直接執行』許多其他作業系統(比如: Linux、SCO、SVR4、BSDI 和 NetBSD)
的可執行檔。</para>
</listitem>
<listitem>
<para>數以萬計的立即可以執行的應用程式,這些都可透過 &os;
的『ports』及『packages』軟體管理機制來取得。
不再需要費心到網路上到處搜尋所需要的軟體。</para>
</listitem>
<listitem>
<para>此外,網路上尚有可非常容易移植的數以萬計應用程式。
&os; 的原始程式碼與許多常見的商業版 &unix; 系統都相容,
所以大部分的程式都只需要很少的修改(或根本不用修改)
,就可以編譯執行。</para>
</listitem>
<listitem>
<indexterm><primary>virtual memory</primary></indexterm>
<para>需要時才置換(demand paged) <emphasis>virtual memory</emphasis>
<quote>merged VM/buffer cache</quote> 的設計,
這點在系統中有用去大量記憶體的程式執行時,仍然有不錯的效率表現。</para>
</listitem>
<listitem>
<indexterm>
<primary>Symmetric Multi-Processing (SMP)</primary>
</indexterm>
<para>支援 CPU 的對稱多工處理(SMP):可以支援多 CPU
的電腦系統。</para>
</listitem>
<listitem>
<indexterm>
<primary>compilers</primary>
<secondary>C</secondary>
</indexterm>
<indexterm>
<primary>compilers</primary>
<secondary>C++</secondary>
</indexterm>
<indexterm>
<primary>compilers</primary>
<secondary>FORTRAN</secondary>
</indexterm>
<para>完全相容的 <emphasis>C</emphasis><emphasis>C++</emphasis> 以及
<emphasis>Fortran</emphasis> 的環境和其他開發工具。
以及其他許多可供進階研發的程式語言也收集在 ports 和 packages。
</para>
</listitem>
<listitem>
<indexterm><primary>source code</primary></indexterm>
<para>整個系統都有『原始程式碼』,
這讓你對作業環境擁有最完全的掌握度。
既然能擁有完全開放的系統,何苦被特定封閉軟體所約束,任廠商擺佈呢?
</para>
</listitem>
<listitem>
<para>廣泛且豐富的『線上文件』。</para>
</listitem>
<listitem>
<para><emphasis>當然囉,還不止如此!</emphasis></para>
</listitem>
</itemizedlist>
<indexterm><primary>4.4BSD-Lite</primary></indexterm>
<indexterm>
<primary>Computer Systems Research Group (CSRG)</primary>
</indexterm>
<indexterm><primary>U.C. Berkeley</primary></indexterm>
<para>&os; 系統乃是基於美國加州大學柏克萊分校的電腦系統研究群
(Computer Systems Research Group 也就是 CSRG) 所發行的
4.4BSD-Lite以及基於 BSD 系統開發的優良傳統。
除了由 CSRG 所提供的高品質的成果,
為了提供可處理真正具負荷的工作,
&os; 計劃也投入了數千小時以上的細部調整,
以能獲得最好的執行效率以及系統的穩定度。
正當許多商業上的巨人正努力地希望能提供效能及穩定時,
&os; 已經具備這樣的特質 -- <emphasis>就是現在</emphasis>
</para>
<para>&os; 的運用範圍無限,其實完全限制在你的想像力上。
從軟體的開發到工廠自動化,或是人造衛星上面的天線的方位角度的遠端控制;
這些功能若可以用商用的 Unix 產品來達成,
那麼極有可能使用 &os; 也能辦到!
&os; 也受益於來自於全球各研究中心及大學所開發的數千個高品質的軟體
,這些通常只需要花費很少的費用或根本就是免費的。
當然也有商業軟體,而且出現的數目是與日俱增。</para>
<para>由於每個人都可以取得 &os; 的原始程式碼,
這個系統可以被調整而能執行任何原本完全無法想像的功能或計劃,
而對於從各廠商取得的作業系統通常沒有辦法這樣地被修改。
以下提供一些人們使用 &os; 的例子:</para>
<itemizedlist>
<listitem>
<para><emphasis>網路服務:</emphasis> &os;
內建強勁的網路功能使它成為網路服務(如下例)的理想平台:</para>
<itemizedlist>
<listitem>
<indexterm><primary>FTP servers</primary></indexterm>
<para>檔案伺服器(FTP servers)</para>
</listitem>
<listitem>
<indexterm><primary>web servers</primary></indexterm>
<para>全球資訊網伺服器(WWW servers)
(標準的或更安全的 [SSL] 連線)</para>
</listitem>
<listitem>
<para>IPv4 及 IPv6 routing</para>
</listitem>
<listitem>
<indexterm><primary>firewall</primary></indexterm>
<indexterm><primary>IP masquerading</primary></indexterm>
<para>防火牆以及 NAT (<quote>IP masquerading</quote>)
gateways。</para>
</listitem>
<listitem>
<indexterm><primary>electronic mail</primary></indexterm>
<para>電子郵件伺服器(Electronic Mail servers)</para>
</listitem>
<listitem>
<indexterm><primary>USENET</primary></indexterm>
<para>網路新聞伺服器(USENET News)
或是電子佈告欄系統(BBS)</para>
</listitem>
<listitem>
<para>還有更多...</para>
</listitem>
</itemizedlist>
<para>有了 &os;,您可以容易地先用便宜的 386 PC
再逐步升級您的機器到四個 CPU 的 Xeon
並使用磁碟陣列(RAID)來滿足您企業運用上的需求。</para>
</listitem>
<listitem>
<para><emphasis>教育:</emphasis>
若您是資工相關領域的學生,再也沒有比使用 &os;
能學到更多作業系統、計算機結構、及網路的方法了。
另外如果你想利用電腦來處理一些<emphasis>其他的</emphasis>
工作,還有一些如 CAD、
數學運算以及圖形處理軟體等可以免費地取得使用。</para>
</listitem>
<listitem>
<para><emphasis>研究:</emphasis>有了完整的原始程式碼,&os;
是研究作業系統及電腦科學的極佳環境。
具有免費且自由取得特性的 &os;
也使得一個分置兩地的合作計劃,不必擔心版權及系統開放性的問題,
而能自在的交流。</para>
</listitem>
<listitem>
<indexterm><primary>router</primary></indexterm>
<indexterm><primary>DNS Server</primary></indexterm>
<para><emphasis>網路:</emphasis>
你如果需要 router、Name Server (DNS) 或安全的防火牆(Firewall)
&os; 可以輕易的將你沒有用到的 386 或 486 PC
變身成為絕佳的伺服器,甚至具有過濾封包(packet-filter) 的功能。
</para>
</listitem>
<listitem>
<indexterm>
<primary>X Window System</primary>
<secondary>XFree86</secondary>
</indexterm>
<indexterm>
<primary>X Window System</primary>
<secondary>Accelerated-X</secondary>
</indexterm>
<para><emphasis>X 視窗工作站:</emphasis> &os; 是 X
終端機的良策,你可以使用免費的 X11 Server。
&os; 不但可以充當遠端 X 程式終端機,
也可以執行本地的 X 程式而減輕大型工作站的負荷。
如果有一台中央伺服器的話,&os; 甚至可以經由網路開機
(不需硬碟,也就是<quote>diskless</quote>)
,而變成更便宜且易於管理的工作站。</para>
</listitem>
<listitem>
<indexterm><primary>GNU Compiler Collection</primary></indexterm>
<para><emphasis>軟體開發:</emphasis>
基本安裝的 &os; 就包含了完整的程式開發工具,如 GNU C/C++
編譯器及除錯器。</para>
</listitem>
</itemizedlist>
<para>你可以經由燒錄 CD-ROM、DVD 或是從 FTP 站上抓回 &os; --
包括立即可執行的系統以及系統的完整程式碼。
詳情請參閱 <xref linkend="mirrors"/> 取得 &os;</para>
</sect2>
<sect2>
<title>誰在用 &os;</title>
<indexterm>
<primary>users</primary>
<secondary>large sites running &os;</secondary>
</indexterm>
<para>許多 Internet 上的大型網站都是以 &os; 作為它的作業系統,例如:</para>
<itemizedlist>
<listitem>
<indexterm><primary>Yahoo!</primary></indexterm>
<para><link xlink:href="http://www.yahoo.com/">Yahoo!</link></para>
</listitem>
<listitem>
<indexterm><primary>Apache</primary></indexterm>
<para><link xlink:href="http://www.apache.org/">Apache</link></para>
</listitem>
<listitem>
<indexterm><primary>Blue Mountain Arts</primary></indexterm>
<para><link xlink:href="http://www.bluemountain.com/">Blue Mountain
Arts</link></para>
</listitem>
<listitem>
<indexterm><primary>Pair Networks</primary></indexterm>
<para><link xlink:href="http://www.pair.com/">Pair
Networks</link></para>
</listitem>
<listitem>
<indexterm><primary>Sony Japan</primary></indexterm>
<para><link xlink:href="http://www.sony.co.jp/">Sony
Japan</link></para>
</listitem>
<listitem>
<indexterm><primary>Netcraft</primary></indexterm>
<para><link xlink:href="http://www.netcraft.com/">Netcraft</link>
</para>
</listitem>
<listitem>
<indexterm><primary>Weathernews</primary></indexterm>
<para><link xlink:href="http://www.wni.com/">Weathernews</link>
</para></listitem>
<listitem>
<indexterm><primary>Supervalu</primary></indexterm>
<para><link xlink:href="http://www.supervalu.com/">Supervalu</link></para>
</listitem>
<listitem>
<indexterm><primary>TELEHOUSE America</primary></indexterm>
<para><link xlink:href="http://www.telehouse.com/">TELEHOUSE
America</link></para>
</listitem>
<listitem>
<indexterm><primary>Sophos Anti-Virus</primary></indexterm>
<para><link xlink:href="http://www.sophos.com/">Sophos
Anti-Virus</link></para>
</listitem>
<listitem>
<indexterm><primary>JMA Wired</primary></indexterm>
<para><link xlink:href="http://www.jmawired.com/">JMA Wired</link></para>
</listitem>
</itemizedlist>
<para>以及許多其他的網站。</para>
</sect2>
</sect1>
<sect1 xml:id="history">
<title>關於 &os; 計劃</title>
<para>接下來講的是 &os; 計劃的背景,包含歷史源流的簡介、計劃的目標,以及開發的模式。</para>
<sect2 xml:id="intro-history">
<info role="firstperson"><title>&os; 歷史源流的簡介</title>
<authorgroup>
<author><personname><firstname>Jordan</firstname><surname>Hubbard</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<indexterm><primary>386BSD Patchkit</primary></indexterm>
<indexterm><primary>Hubbard, Jordan</primary></indexterm>
<indexterm><primary>Williams, Nate</primary></indexterm>
<indexterm><primary>Grimes, Rod</primary></indexterm>
<indexterm>
<primary>&os; Project</primary>
<secondary>history</secondary>
</indexterm>
<para>&os; 計畫的想法是在 1993 年初所形成的,
那是源自於維護一組 『非官方 386BSD 的 patchkit(修正工具)』計劃的三個協調維護人
Nate WilliamsRod Grimes 和我(Jordan Hubbard)。</para>
<indexterm><primary>386BSD</primary></indexterm>
<para>我們最初的目標是做出一份 386BSD 綜合修正的 snapshot 版,以便修正當時一堆
patchkit 都不容易解決的問題。有些人可能還記得早期的計劃名稱叫做
<quote>386BSD 0.5</quote><quote>386BSD Interim</quote> 就是這個原因。</para>
<indexterm><primary>Jolitz, Bill</primary></indexterm>
<para>386BSD 是 Bill Jolitz 的作業系統,在當時就已有約一年的分裂討論。
當該修正工具 (patchkit) 日漸龐雜得令人不舒服,我們無異議地同意要作一些事了,
並決定提供一份臨時性的 <quote>淨化版(cleanup)</quote> 來幫助 Bill。
然而,由於 Bill Jolitz 忽然決定取消其對該計劃的認可,且沒有明確指出未來的打算,
所以該計劃便突然面臨斷炊危機。</para>
<indexterm><primary>Greenman, David</primary></indexterm>
<indexterm><primary>Walnut Creek CD-ROM</primary></indexterm>
<para>不久我們便決定在即使沒有 Bill 的支持下,讓該計劃仍然繼續下去,
最後我們採用 David Greenman 丟銅板決定的名字,也就是『&os;』。
在詢問了當時的一些使用者意見之後,就開始決定了最初的目標,
當該計劃開始實施一切就要成真時,一切就變得更清楚了。
我跟 Walnut Creek CD-ROM 討論發行 CD-ROM
這樣子不便上網的人就可以用比較簡單的方式取得 &os;
Walnut Creek CD-ROM 不只贊成以 CD-ROM 來發行 &os;
的想法,同時提供了一台機器以及快速的網際網路的頻寬。
如果不是 Walnut Creek CD-ROM 幾乎是空前的信任這個剛開始還是完全默默無聞的計劃,
那麼很可能 &os; 不會如此快速的成長到今日這樣的規模。</para>
<indexterm><primary>4.3BSD-Lite</primary></indexterm>
<indexterm><primary>Net/2</primary></indexterm>
<indexterm><primary>U.C. Berkeley</primary></indexterm>
<indexterm><primary>386BSD</primary></indexterm>
<indexterm><primary>Free Software Foundation</primary></indexterm>
<para>第一張以 CD-ROM (及網路)發行的 &os;&nbsp;1.0 是在 1993 年十二月。
該版本是基於由 U.C. Berkeley 以磁帶方式發行的
4.3BSD-Lite (<quote>Net/2</quote>)以及許多來自於 386BSD
和自由軟體基金會的軟體。對於第一次發行而言還算成功,
我們又接著於 1994 年 5 月發行了相當成功的 &os; 1.1。</para>
<indexterm><primary>Novell</primary></indexterm>
<indexterm><primary>U.C. Berkeley</primary></indexterm>
<indexterm><primary>Net/2</primary></indexterm>
<indexterm><primary>AT&amp;T</primary></indexterm>
<para>然而此後不久,另一個意外的風暴在 Novell 和 U.C. Berkeley 關於
Berkeley Net/2 磁帶之法律地位的訴訟確定之後形成。
U.C. Berkeley 接受大部份的 Net/2 的程式碼都是『侵佔來的』且是屬於 Novell 的財產
-- 事實上是當時不久前從 AT&amp;T 取得的。
Berkeley 得到的是 Novell 對於 4.4BSD-Lite 的『祝福』,最後當 4.4BSD-Lite
終於發行之後,便不再是侵佔行為。
而所有現有 Net/2 使用者都被強烈建議更換新版本,這包括了 &os;
於是,我們被要求於 1994 年 6 月底前停止散佈基於 Net/2
的產品。在此前提之下,本計劃被允許在期限以前作最後一次發行,也就是
&os;&nbsp;1.1.5.1。</para>
<para>&os; 便開始了這宛如『重新發明輪子』的艱鉅工作 -- 從全新的且不完整的
4.4BSD-Lite 重新整合。
這個 <quote>Lite</quote> 版本是不完整的,因為
Berkeley 的 CSRG 已經刪除了大量在建立一個可以開機執行的系統所需要的程式碼
(基於若干法律上的要求),且該版本在 Intel 平台的移植是非常不完整的。
直到 1994 年 11 月本計劃才完成了這個轉移,
同時在該年 12 月底以 CD-ROM 以及網路的形式發行了 &os;&nbsp;2.0。
雖然該份版本在當時有點匆促粗糙,但仍是富有意義的成功。
隨之於 1995 年 6 月又發行了更容易安裝,更好的 &os;&nbsp;2.0.5。</para>
<para>我們在 1996 年 8 月發行了 &os;&nbsp;2.1.5,在 ISP 和商業團體中非常流行。
隨後, 2.1-STABLE 分支的另一個版本應運而生,它就是在 1997 年 2 月發行 &os; 2.1.7.1
,同時也是 2.1-STABLE 分支的最後版。之後此分支便進入維護狀態,
僅僅提供安全性的加強和其他嚴重錯誤修補的維護(RELENG_2_1_0)。</para>
<para>1996 年 11 月 &os;&nbsp;2.2 從開發主軸分支 (<quote>-CURRENT</quote>)
出來成為 RELENG_2_2 分支。它的第一個完整版(2.2.1)於 1997 年 4 月發行。
2.2 分支的延續版本在 97 年夏秋之間發行的,其最後版是在 1998 年 11 月發行的 2.2.8 版。
第一個正式的 3.0 版本在 1998 年 10 月發行,亦即宣告 2.2 分支的落幕。</para>
<para>1999/01/20 日再度分支,這產生了 4.0-CURRENT 以及 3.X-STABLE 兩個分支。
3.X-STABLE 方面3.1 發行於 1999/02/153.2 發行於1999/05/153.3 發行於 1999/09/16
3.4 發行於 1999/12/203.5 發行於 2000/06/24
,接下來幾天後發佈了一些的修補檔(對 Kerberos 安全性方面的修正),就升級至 3.5.1
,這是 3.X 分支最後一個發行版本。</para>
<para>在 2000/03/13 又有了一個新的分支, 也就是 4.X-STABLE
。這個分支之後發佈了許多的發行版本︰ 4.0-RELEASE 在 2000 年 3 月發行,
而最後的 4.11-RELEASE 則在 2005 年 1 月發行。4-STABLE 分支的支援會持續到 2007/01/31
,但主要焦點在於安全方面的漏洞、臭蟲及其他嚴重問題的修補。</para>
<para>期待已久的 5.0-RELEASE 在 2003/01/19 正式發行。這是將近開發三年的巔峰之作,同時
也開始加強多顆CPU(SMPng)的支援、kernel thread(KSE) 的支援、檔案系統採用 UFS2 以及支援 snapshot
等, 並支援 &ultrasparc;
<literal>ia64</literal> 平台、支援藍芽、32 bit 的 PCMCIA 等。之後於 2003 年 6 月發行了 5.1。
而 -CURRENT 這個發展主軸分支的最後 5.X 版本是在 2004 年 2 月正式發行的 5.2.1-RELEASE在 5.X
系列進入 -STABLE (RELENG_5分支)之後,-CURRENT 就轉移為 6.X 系列。</para>
<para>RELENG_5 分支於 2004 年 8 月正式開跑,之後是 5.3-RELEASE
,它是 5-STABLE 分支的第一個發行版本。 最後的 5.5-RELEASE 是在
2006 年 5 月發行的,在此之後 RELENG_5 分支不再繼續。</para>
<para>RELENG_6 分支於 2005 年 7 月開跑,而 6.X 分支的第一個
release(6.0-RELEASE) 是在 2005 年 11 月出的。
最新的 &rel2.current;-RELEASE 是在 &rel2.current.date;
發行。 當然囉RELENG_6 分支還將有後續的發行版。</para>
<para>RELENG_7 分支於 2007 年 10 月開跑,最新的 &rel.current;-RELEASE
是在 &rel.current.date; 發行。 RELENG_7
分支還將有後續的發行版。</para>
<para>目前,長期的開發計畫繼續在 8.X-CURRENT (trunk) 分支中進行,而
8.X 的 CD-ROM (當然,也可以用網路抓) snapshot 版本可以在 <link xlink:href="ftp://current.FreeBSD.org/pub/FreeBSD/snapshots/">FreeBSD snapshot server</link>
取得。</para>
</sect2>
<sect2 xml:id="goals">
<info><title>&os; 計劃的目標</title>
<authorgroup>
<author><personname><firstname>Jordan</firstname><surname>Hubbard</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<indexterm>
<primary>&os; Project</primary>
<secondary>goals</secondary>
</indexterm>
<para>&os; 計劃的目標在於提供可作任意用途的軟體而不附帶任何限制條文。
我們之中許多人對程式碼 (以及計畫本身) 都有非常大的投入,
因此,當然不介意偶爾有一些資金上的補償,但我們並沒打算堅決地要求得到這類資助。
我們認為我們的首要『使命(mission)』是為任何人提供程式碼,
不管他們打算用這些程式碼做什麼, 因為這樣程式碼將能夠被更廣泛地使用,從而發揮其價值。
我認為這是自由軟體最基本的,同時也是我們所倡導的一個目標。</para>
<indexterm>
<primary>GNU General Public License (GPL)</primary>
</indexterm>
<indexterm>
<primary>GNU Lesser General Public License (LGPL)</primary>
</indexterm>
<indexterm><primary>BSD Copyright</primary></indexterm>
<para>我們程式碼樹中,有若干是以 GNU GPL 或者 LGPL
發佈的那些程式碼帶有少許的附加限制,還好只是強制性的要求開放程式碼而不是別的。
由於使用 GPL 的軟體在商業用途上會增加若干複雜性,因此,如果可以選擇的話,
我們會比較喜歡使用限制相對更寬鬆的 BSD 版權來發佈軟體。</para>
</sect2>
<sect2 xml:id="development">
<info><title>&os; 的開發模式</title>
<authorgroup>
<author><personname><firstname>Satoshi</firstname><surname>Asami</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<indexterm>
<primary>&os; Project</primary>
<secondary>development model</secondary>
</indexterm>
<para>&os; 的開發是一個非常開放且具彈性的過程,就像從 <link xlink:href="&url.articles.contributors;/article.html">貢獻者名單</link>
所看到的,是由全世界成千上萬的貢獻者發展起來的。
&os; 的開發基礎架構允許數以百計的開發者透過網際網路協同工作。
我們也經常關注著那些對我們的計畫感興趣的新開發者和新的創意,
那些有興趣更進一步參與計劃的人只需要在 &a.hackers; 連繫我們。
&a.announce; 對那些希望了解我們進度的人也是相當有用的。</para>
<para>無論是單獨開發者或者封閉式的團隊合作,多瞭解 &os; 計劃和它的開發過程會是不錯的︰</para>
<variablelist>
<varlistentry>
<term>The SVN and CVS repository<anchor xml:id="development-cvs-repository"/></term>
<listitem>
<indexterm>
<primary>CVS</primary>
<secondary>repository</secondary>
</indexterm>
<indexterm>
<primary>Concurrent Versions System</primary>
<see>CVS</see>
</indexterm>
<indexterm>
<primary>SVN</primary>
<secondary>repository</secondary>
</indexterm>
<indexterm>
<primary>Subversion</primary>
<see>SVN</see>
</indexterm>
<para>過去數年來 &os; 的中央 source tree 一直是以
<link xlink:href="http://ximbiot.com/cvs/wiki/">CVS</link>
(Concurrent Versions System) 來維護的,
它是個自由軟體,可用來做為版本控制,一裝完 &os; 內就有附了。
然而在 2008 年 6 月起, &os; 版本控制系統改用 <link xlink:href="http://subversion.tigris.org">SVN</link>(Subversion)。
這切換動作我們認為是有必要,因為 <application>CVS</application>
先天的技術限制,導致 source tree 以及歷史版本數量不斷快速擴張。
因此,主要的 repository 目前是採用 <application>SVN</application>
,而 client 端的工具像是 <application>CVSup</application>
<application>csup</application> 都是以舊式的
<application>CVS</application> 架構為基礎,仍可以繼續正常運作
&mdash; 此乃因 <application>SVN</application> repository
有 backport 回 <application>CVS</application> 才可以繼續讓 client
端相容。 目前,就只有中央 source tree 是採
<application>SVN</application> 版本控制方式。 而文件、網頁、
Ports 這些 repository 仍持續使用 <application>CVS</application>
版本控制方式。
而主要的 <link xlink:href="http://www.FreeBSD.org/cgi/cvsweb.cgi">CVS
repository</link> 是位於美國加州 Santa Clara 的某台機器上,
然後再 mirror 到世界上其他的許多機器上。
<application>SVN</application> tree 內有兩個主分支:
<link linkend="current">-CURRENT</link> 以及 <link linkend="stable">-STABLE</link> ,這些都可輕鬆複製到自己機器上。
詳情請參閱 <link linkend="synching">更新你的 source tree</link>
一節。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>The committers list<anchor xml:id="development-committers"/></term>
<listitem>
<indexterm><primary>committers</primary></indexterm>
<para>所謂的 <firstterm>committers</firstterm>
指的是對 CVS tree 有 <emphasis>write</emphasis> 權限,
並依不同授權部分,而有不同權限可修改 &os; source。
(<quote>committer</quote> 這詞源自 &man.cvs.1; 中的
<command>commit</command> 指令,該指令是用來把新的修改提交給
CVS repository。)
而提交修改給 committer 們檢查的最好方式,就是用 &man.send-pr.1;
指令。 若提交 PR 的流程系統上有壅塞現象的話,
也可以改用寄信方式,寄信到 &a.committers; 即可。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>The &os; core team<anchor xml:id="development-core"/></term>
<listitem>
<indexterm><primary>core team</primary></indexterm>
<para>如果把 &os; 看成是一家公司的話,
<firstterm>&os; core team</firstterm>
就相當於『董事會(board of directors)』。 core team
的主要職責在於確保此計劃有良好的架構,以朝著正確的方向發展。
此外,邀請熱血且負責的軟體開發者加入 committers 行列,
以在若干成員離去時得以補充新血。
目前的 core team 是在 2008 年 7 月 committers
候選人中選出來的,每兩年會舉辦一次選舉。</para>
<para>有些 core team 成員還負責某些特定範圍,
也就是說他們必須盡量確保一些子系統的穩定、效能。
關於 &os; 開發者們以及各自責任範圍,請參閱 <link xlink:href="&url.articles.contributors;/article.html">貢獻者名單
</link></para>
<note>
<para>core team 大部分成員加入 &os; 開發都是志工性質而已,
並未從本計劃中獲得任何薪酬,所以不該把
<quote>commitment</quote> 誤解為
<quote>guaranteed support</quote> 才對。
剛前面所講的『董事會』可能是不恰當的類推,或許我們應該說:
他們是一群自願放棄原本的優渥生活、個人其他領域成就,
而選擇投入 &os; 開發的熱血有為者才對!</para>
</note>
</listitem>
</varlistentry>
<varlistentry>
<term>其他的貢獻者</term>
<listitem>
<indexterm><primary>contributors</primary></indexterm>
<para>最後一點,但這點絕非最不重要的,
最大的開發者團隊就是持續為我們提供回饋以及錯誤修正的使用者自己。
&os; 非核心開發者互動的主要方式,便是透過訂閱 &a.hackers;
來進行溝通,這方面可參考,請參閱 <xref linkend="eresources"/> 以瞭解各式不同的 &os;
郵遞論壇(mailing lists)。</para>
<para><citetitle><link xlink:href="&url.articles.contributors;/article.html">&os; 貢獻者名單
</link></citetitle> 相當長且不斷成長中,
只要有貢獻就會被列入其中,
要不要立即考慮貢獻 &os; 一些回饋呢?</para>
<para>然而,提供原始碼並非為這個計劃做貢獻的唯一方式;
還需要大家投入的完整工作列表、說明,請參閱 <link xlink:href="&url.base;/index.html">&os; 官網</link></para>
</listitem>
</varlistentry>
</variablelist>
<para>簡單的說,我們的開發模式就像是一組沒有拘束的同心圓。
這種集中開發模式是以 <emphasis>給使用者方便</emphasis> 為主,
同時讓他們能很容易地共同維護軟體,而不會把潛在的貢獻者排除在外!
我們的目標是提供含有大量一致性的
<link linkend="ports">應用軟體(ports/packages)</link>
,以便讓使用者輕鬆安裝、使用的作業系統 ——
而這開發模式相當符合此一目標。</para>
<para>我們對於那些想要加入 &os; 開發者的期待是:
請保持如同前人一樣的投入,以確保繼續成功!</para>
</sect2>
<sect2 xml:id="relnotes">
<title>最新的 &os; 發行版本</title>
<indexterm><primary>NetBSD</primary></indexterm>
<indexterm><primary>OpenBSD</primary></indexterm>
<indexterm><primary>386BSD</primary></indexterm>
<indexterm><primary>Free Software Foundation</primary></indexterm>
<indexterm><primary>U.C. Berkeley</primary></indexterm>
<indexterm>
<primary>Computer Systems Research Group (CSRG)</primary>
</indexterm>
<para>&os; 是免費使用且帶有完整原始程式碼的以 4.4BSD-Lite
為基礎的系統,可以在
Intel &i386;, &i486;, &pentium;,
&pentium;&nbsp;Pro,
&celeron;,
&pentium;&nbsp;II,
&pentium;&nbsp;III,
&pentium;&nbsp;4 (或者相容型號),
&xeon;, DEC <trademark>Alpha</trademark>
和 Sun &ultrasparc; 為基礎的電腦上執行的作業系統。
它主要以加州大學巴爾克利分校 的 CSRG 研究小組的軟體為基礎,並加入了
NetBSD、OpenBSD、386BSD 以及自由軟體基金會的一些東西。</para>
<para>自從 1994 年末,我們發佈了 &os;&nbsp;2.0 之後,系統的執行效率、
功能、穩定性都有了令人注目的提升。
<!-- XXX is the rest of this paragraph still true ? -->
最大的改變就是我們將記憶體與檔案系統的 cache 機制結合在一起。
這不只使得系統的表現變得更好, 並且使得 &os;
系統最少的記憶體需求減少到 5&nbsp;MB。
其它的改進包括完整的 NIS cilent and server 功能支援,
支援 transaction TCP、PPP 撥接連線、整合的 DHCP 支援、
SCSI 子系統的改進、ISDN 的支援ATM、FDDI 以及乙太網路 (Ethernet、包括
100&nbsp;Mbit 和 Gigabit) 的支援,提升了最新的 Adaptec
控制卡驅動程式的改善,以及數以千計的 bug 修正。</para>
<para>除了最基本的系統軟體,&os; 還提供了廣受歡迎的套件軟體管理機制:
Ports Collection。
到本書付印時,已有超過 &os.numports; 個 ports這範疇涵蓋從 http(WWW)
伺服器到遊戲、程式語言、編輯器以及您能想到的幾乎所有的東西。
完整的 Ports Collection 需要約 &ports.size; 的硬碟空間,除了
port 基本架構檔案外,都只儲存與該 port
軟體的原始碼有『須要變更』的部份。
如此一來,我們可以更容易更新這些 ports也大量的減少如舊的 1.0 版
Ports Collection 對於硬碟空間的需求。
要安裝一個 port 的話,只需要進入該 port 的目錄,輸入
<command>make install</command>,這樣子系統就會幫你裝好了。
您要編譯的每個程式的完整原始程式,
都可從 FTP 或 CD-ROM 中獲得,所以您只需準備足夠的硬碟空間來編譯你要的
port 軟體。
幾乎每一個 port 都有已事先編譯好的 <quote>package</quote>以方便安裝,
如果不想從編譯 port 的人,只要用個簡單指令
(<command>pkg_add</command>)就可以安裝。
有關 packages 和 ports 的細節,可以參閱 <xref linkend="ports"/></para>
<para>&os; 主機的 <filename>/usr/share/doc</filename>
目錄下找到許多有用的文件,
來幫助您安裝、使用 &os;
也可以使用下面的網址,以瀏覽器來翻閱本機上安裝的手冊︰</para>
<variablelist>
<varlistentry>
<term>&os; 使用手冊</term>
<listitem>
<para><link xlink:href="file://localhost/usr/share/doc/handbook/index.html"><filename>/usr/share/doc/handbook/index.html</filename></link></para>
</listitem>
</varlistentry>
<varlistentry>
<term>&os; 常見問答集</term>
<listitem>
<para><link xlink:href="file://localhost/usr/share/doc/faq/index.html"><filename>/usr/share/doc/faq/index.html</filename></link></para>
</listitem>
</varlistentry>
</variablelist>
<para>此外,可在下列網址找到最新版 (也是更新最頻繁的版本)<uri xlink:href="http://www.FreeBSD.org/">http://www.FreeBSD.org/</uri></para>
</sect2>
</sect1>
</chapter>

793
zh_TW.UTF-8/books/handbook/jails/chapter.xml
View file

@ -1,793 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.15
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="jails">
<info><title>Jails</title>
<authorgroup>
<author><personname><firstname>Matteo</firstname><surname>Riondato</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<indexterm><primary>jails</primary></indexterm>
<sect1 xml:id="jails-synopsis">
<title>概述</title>
<para>本章將介紹 &os; jail 為何,以及如何運用之法。
Jails 有時也常被認為是 <emphasis>chroot 環境</emphasis>
的加強型替代品之一,它對系統管理者而言是非常好用的工具,
此外,它的一些基本用法對進階使用者而言,也是相當有用。</para>
<para>讀完這章,您將了解︰</para>
<itemizedlist>
<listitem>
<para>jail 是什麼,以及它在 &os; 上可以發揮的作用。</para>
</listitem>
<listitem>
<para>如何編譯、啟動、停止 jail。</para>
</listitem>
<listitem>
<para>jail 管理的基本概念:包括從 jail 內部或主機本身。</para>
</listitem>
</itemizedlist>
<para>其他有用的 jail 相關資源還有:</para>
<itemizedlist>
<listitem>
<para>&man.jail.8; 線上說明。 這是有關 <command>jail</command>
的完整說明 &mdash; &os; 內的啟動、停止、控制 &os; jail
相關管理工具。</para>
</listitem>
<listitem>
<para>郵遞論壇(mailing lists)及舊信檔案館(archives)。
&a.mailman.lists; 所提供的 &a.questions; 及其他郵遞論壇的舊信
,已有包括一堆 jail 的有用資料。 通常,搜尋舊信或者在
&a.questions.name; 上發問,也相當有效。</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="jails-terms">
<title>Jail 相關術語</title>
<para>為協助更容易理解 &os; 系統的 jail 相關部分,
以及它們與 &os; 其他部分的相互作用關係,
以下列出本章將使用的術語:</para>
<variablelist>
<varlistentry>
<term>&man.chroot.2; (指令)</term>
<listitem>
<para>&os; 的 system call 之一,其作用為改變 process
及其衍生 process 所能運用的根目錄 (<filename>/</filename>
dir)。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>&man.chroot.2; (環境)</term>
<listitem>
<para>指在 <quote>chroot</quote> 中運行的 process 環境。
這包括了類似檔案系統的可見部分、可用的 UID、GID、網路卡及其他 IPC
機制等資源。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>&man.jail.8; (command)</term>
<listitem>
<para>允許程式在 jail 環境下執行的系統管理工具。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>host (系統、process、帳號等等)</term>
<listitem>
<para>jail 環境的控制系統。 host 系統可以使用全部可用的硬體資源,
並能控制 jail 環境內外的 process。 host 系統與 jail 最大的差別在於
:在 host 系統中的 superuser processes 並不像在 jail
環境那樣處處受到一堆限制。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>hosted (系統、process、帳號等等)</term>
<listitem>
<para>可用資源受到 &os; jail 限制的 process、帳號、或其他設備資源
</para>
</listitem>
</varlistentry>
</variablelist>
</sect1>
<sect1 xml:id="jails-intro">
<title>背景故事</title>
<para>由於系統管理是困難又繁瑣的工作,因此人們開發許多好用工具,
以讓管理工作更加簡單輕鬆。 這些改善通常是讓系統能夠以更簡單的方式安裝、
設定、維護,而有些改善目標則是系統安全的正確設定,使其能真正發揮原本用途,
而非陷入安全風險之中。</para>
<para>&os; 系統所提供的一種用於強化安全的工具就是 <emphasis>jail</emphasis>
。 Jail 是由 &a.phk;&os;&nbsp;4.X 開始導入,而在 &os;&nbsp;5.X
受到許多重大改良而集大成,成為強大而靈活的子系統,目前仍在持續開發、
以提高其可用性、效能與安全。</para>
<sect2 xml:id="jails-what">
<title>何為 Jail</title>
<para>BSD-like 作業系統自 4.2BSD 起即提供 &man.chroot.2;
&man.chroot.8; 可用來變更一組 process 的根目錄位置,
藉此建立與實體系統中相隔離的安全環境。 處於 chrooted 環境的
process 會無法存取世外的檔案或資源。 由於此因素,
故即使攻擊者攻破某個處於 chroot 環境的 service也不能攻破整個系統。
&man.chroot.8; 對於那些不太需要彈性或複雜又高級的簡單應用而言相當好用。
另外,在引入 chroot 概念的過程中,曾經發現許多可脫逃 chroot 環境的方式,
儘管這些問題在較新版本的 &os; kernel 均已修正,但很明顯地 &man.chroot.2;
絕非用於強化安全的理想解決方案。 因此,
勢必得實作新的子系統來解決這些問題。</para>
<para>這就是為何要開發 <emphasis>jail</emphasis> 的最主要原因。</para>
<para>Jail 在各種方式分進合擊,改進傳統 &man.chroot.2; 環境的概念。
在傳統的 &man.chroot.2; 環境中,只限制 process 對於檔案系統的存取部分,
而系統資源的其他部分(例如系統帳號、執行中的 process、網路子系統)則是由
chroot process 與 host 系統的其他 process 一起共享。
Jail 以『虛擬化』來擴展這模型,不單只有檔案系統的存取,還延伸到
系統帳號、&os; kernel 的網路子系統及其他系統資源的虛擬化。
關於這些 jail 環境存取的細微調控,請參閱 <xref linkend="jails-tuning"/></para>
<para>jail 具有下列四項特色:</para>
<itemizedlist>
<listitem>
<para>目錄子樹(directory subtree) &mdash; 也就是進入 jail 的起點。
一旦進入 jail 之後process 就不再被允許跳到 subtree 以外。
&amp;傳統會影響到 &man.chroot.2; 最初設計的安全問題,就不會再影響
&os; jail。</para>
</listitem>
<listitem>
<para>主機名稱(hostname) &mdash; 用於 jail 的 hostname。 由於
jail 主要用於網路服務,因此若各 jail 皆有名稱,
對於系統管理工作的簡化會相當有效。</para>
</listitem>
<listitem>
<para><acronym>IP</acronym> address &mdash; 是用來給 jail 使用,
並且在 jail 生命週期內都無法變更。 通常 jail 的 IP address
是現有網卡的 alias address但這並不是必須的。</para>
</listitem>
<listitem>
<para>指令(Command) &mdash; 準備在 jail 內執行的完整路徑。 這指令是相對於
jail 環境的根目錄,視 jail 環境的類型不同,而有所差異。</para>
</listitem>
</itemizedlist>
<para>除了上述之外jail 也可擁有自己的帳號及 <systemitem class="username">root</systemitem>
帳號。 當然,這裡的<systemitem class="username">root</systemitem> 權力會受制於 jail 環境內。
並且從 host 系統的角度來看jail 的 <systemitem class="username">root</systemitem>
並非無所不能的帳號。 此外 jail 的 <systemitem class="username">root</systemitem>
並不能執行其對於 &man.jail.8; 環境以外的一些關鍵性操作。
關於 <systemitem class="username">root</systemitem> 的能力與限制,將於稍後的
<xref linkend="jails-tuning"/> 介紹之。</para>
</sect2>
</sect1>
<sect1 xml:id="jails-build">
<title>建立和控制 Jail</title>
<para>有些系統管理者把 jail 分為下列兩種:<quote>complete(完全)</quote>
jail &mdash; 通常包括完整的 &os; 系統;另一種則為
<quote>service(服務)</quote> jail &mdash;
專門只跑某單一可能要用特殊權限的程式或 service。 這只是一種概念上的區分
,並不影響如何建立 jail 的過程。 至於如何建立 jail 在 &man.jail.8;
內有更詳細的說明:</para>
<screen>&prompt.root; <userinput>setenv D /here/is/the/jail</userinput>
&prompt.root; <userinput>mkdir -p $D</userinput> <co xml:id="jailpath"/>
&prompt.root; <userinput>cd /usr/src</userinput>
&prompt.root; <userinput>make world DESTDIR=$D</userinput> <co xml:id="jailworld"/>
&prompt.root; <userinput>cd etc/</userinput> <footnote><para>&os; 6.0(含)
之後就不需這步驟。</para></footnote>
&prompt.root; <userinput>make distribution DESTDIR=$D</userinput> <co xml:id="jaildistrib"/>
&prompt.root; <userinput>mount -t devfs $D/dev</userinput> <co xml:id="jaildevfs"/></screen>
<calloutlist>
<callout arearefs="jailpath">
<para>首先就是先為 jail 找個家。 該路徑是在 host 系統中的 jail
實體位置。 習慣是放在 <filename>/usr/jail/jailname</filename>
<replaceable>jailname</replaceable> 請替換為該 jail 的 hostname
以便辨別。 通常 <filename>/usr</filename>
會有足夠空間來存放 jail 檔案系統,對於 <quote>complete</quote> jail
而言,它通常包括了 &os; 預設安裝 base system 所有檔案的拷貝檔。</para>
</callout>
<callout arearefs="jailworld">
<para>該指令將會在 jail 目錄中安裝所需的 binary、library、manual 說明等
。 這些是以傳統的 &os; 方式完成 &mdash; 即首先先編譯所有檔案,
接著再裝到目的地。</para>
</callout>
<callout arearefs="jaildistrib">
<para>使用 <buildtarget>distribution</buildtarget> 這個
<application>make</application> target 來裝所有會用到的設定檔。
簡單來說該動作就是把 <filename>/usr/src/etc/</filename> 複製到 jail 環境內的
<filename>/etc</filename>,也就是
<filename>$D/etc/</filename></para>
</callout>
<callout arearefs="jaildevfs">
<para>對於 jail 環境而言,&man.devfs.8; 檔案系統的掛載並非必須,
但另一方面,幾乎所有應用程式都會需要存取至少一個設備(device)
這主要取決於該程式目的而定。 控制 jail 所能存取的設備非常重要,
因為不正確的設定,會讓攻擊者對 jail 有機可趁。 至於如何透過
&man.devfs.8; 來控制的規則,可以參閱 &man.devfs.8;
&man.devfs.conf.5; 說明。</para>
</callout>
</calloutlist>
<para>裝好 jail 之後,就可以用 &man.jail.8; 工具。 &man.jail.8;
需要四項必填參數,這些參數在 <xref linkend="jails-what"/> 有介紹過。
除了這四個參數之外,還可以指定其他參數,像是以特定帳號在 jail 中執行
process。 <option><replaceable>command</replaceable></option>
參數取決於 jail 類型而定;對於 <emphasis>virtual system(虛擬系統)
</emphasis>,那麼就選擇 <filename>/etc/rc</filename>
因為它會完成真正 &os; 系統啟動所需的操作。 對於 <emphasis>service(服務)
</emphasis> jail 而言,執行的指令取決於將在 jail 內執行的 service
或應用程式而定。</para>
<para>Jail 通常要在系統開機時啟動,因此 &os;<filename>rc</filename>
機制提供一些便利的方式來簡化這些工作:</para>
<procedure>
<step>
<para>開機時要啟動的 jail 清單要加到 &man.rc.conf.5; 設定檔:</para>
<programlisting>jail_enable="YES" # 若設為 NO 則表示不自動啟動 jail
jail_list="<replaceable>www</replaceable>" # 若有許多 jail 則請以空白隔開來寫</programlisting>
</step>
<step>
<para>對於每一筆在 <varname>jail_list</varname> 所列出的 jail
也要在 &man.rc.conf.5; 做出相對應的設定:</para>
<programlisting>jail_<replaceable>www</replaceable>_rootdir="/usr/jail/www" # jail 的根目錄
jail_<replaceable>www</replaceable>_hostname="<replaceable>www</replaceable>.example.org" # jail 的 hostname
jail_<replaceable>www</replaceable>_ip="192.168.0.10" # jail 的 IP address
jail_<replaceable>www</replaceable>_devfs_enable="YES" # 在 jail 內 mount devfs
jail_<replaceable>www</replaceable>_devfs_ruleset="<replaceable>www_ruleset</replaceable>" # jail 內所用的 devfs 規則表</programlisting>
<para>&man.rc.conf.5; 所預設的 jail 啟動設定會跑
<filename>/etc/rc</filename> 內的 jail script也就是說會假設 jail
是完整的虛擬系統。 若要用 service jail 類型,則要另外指定啟動指令,
方法是設定對應的
<varname>jail_<replaceable>jailname</replaceable>_exec_start</varname>
設定。</para>
<note>
<para>若欲知道所有可用的選項清單,請參閱 &man.rc.conf.5; 說明。</para>
</note>
</step>
</procedure>
<para>也可以透過手動執行 <filename>/etc/rc.d/jail</filename> script
來啟動或停止 <filename>rc.conf</filename> 所設定的 jail</para>
<screen>&prompt.root; <userinput>/etc/rc.d/jail start www</userinput>
&prompt.root; <userinput>/etc/rc.d/jail stop www</userinput></screen>
<para>目前尚無任何方法來很乾淨地關閉 &man.jail.8;
此乃因為正常用來關閉系統的指令,目前尚不能在 jail 中使用。 目前關閉 jail
最佳的方式,是在 jail 內執行下列指令,或者 jail 外面透過 &man.jexec.8;
執行下列指令:</para>
<screen>&prompt.root; <userinput>sh /etc/rc.shutdown</userinput></screen>
<para>詳情請參閱 &man.jail.8; 說明。</para>
</sect1>
<sect1 xml:id="jails-tuning">
<title>微調與管理</title>
<para>可以為 jail 設定許多不同選項,並讓 &os; 的 host 系統與 jail
以各種不同方式組合搭配,以符合更多的應用用途。 本節要介紹的是:</para>
<itemizedlist>
<listitem>
<para>用以微調 jail 行為與安全限制的選項。</para>
</listitem>
<listitem>
<para>可透過 &os; Ports Collection 安裝的高階 jail 管理程式,
搭配這些程式可以達到一些 jail-based 解決方案。</para>
</listitem>
</itemizedlist>
<sect2 xml:id="jails-tuning-utilities">
<title>&os; 所提供的 jail tuning 工具</title>
<para>對於 jail 設定的微調,基本上都是透過設定 &man.sysctl.8; 變數來完成。
系統提供一組 sysctl 的特殊子樹,全部相關的選項都在該子樹內,也就是
&os; kernel 中的 <varname>security.jail.*</varname> 子樹。
下面則是與 jail 相關的主要 sysctl 設定及預設值,這些名稱都相當容易理解,
如欲更進一步的資訊,請參閱 &man.jail.8;&man.sysctl.8; 說明:</para>
<itemizedlist>
<listitem>
<para><varname>security.jail.set_hostname_allowed:
1</varname></para>
</listitem>
<listitem>
<para><varname>security.jail.socket_unixiproute_only:
1</varname></para>
</listitem>
<listitem>
<para><varname>security.jail.sysvipc_allowed:
0</varname></para>
</listitem>
<listitem>
<para><varname>security.jail.enforce_statfs:
2</varname></para>
</listitem>
<listitem>
<para><varname>security.jail.allow_raw_sockets:
0</varname></para>
</listitem>
<listitem>
<para><varname>security.jail.chflags_allowed:
0</varname></para>
</listitem>
<listitem>
<para><varname>security.jail.jailed: 0</varname></para>
</listitem>
</itemizedlist>
<para>系統管理者可在 <emphasis>host system</emphasis>
透過修改這些設定值來增加、取消 Jail 內 <systemitem class="username">root</systemitem>
帳號的預設限制。 請注意:有些限制是不能取消,在 &man.jail.8; 環境的
<systemitem class="username">root</systemitem> 不能掛載或卸載檔案系統。 此外亦不能載入、
卸載 &man.devfs.8; 規則、設定防火牆規則,或執行其他需修改 kernel
資料的管理作業,例如設定 kernel 的 <varname>securelevel</varname>
值。</para>
<para>&os; base system 內附一些基本工具,可用來查閱目前使用中的 jail、
並接上(attach) jail 以執行管理指令。 &man.jls.8;&man.jexec.8;
均屬於 &os; base system 之一,可用來執行一些簡單工作:</para>
<itemizedlist>
<listitem>
<para>列出有在使用的 jail 及其相對應的 jail identifier
(<acronym>JID</acronym>)、<acronym>IP</acronym> address、
hostname、路徑。</para>
</listitem>
<listitem>
<para>接上(Attach)正在運作中的 jail並在其中執行指令以進行管理工作。
這點在當 <systemitem class="username">root</systemitem> 想乾淨關閉 jail 時相當有用,
&man.jexec.8; 也可用在 jail 中啟動 shell 以便對其進行管理,
比如:</para>
<screen>&prompt.root; <userinput>jexec 1 tcsh</userinput></screen>
</listitem>
</itemizedlist>
</sect2>
<sect2 xml:id="jails-tuning-admintools">
<title>&os; Ports Collection 所提供的高階管理工具</title>
<para>在諸多 third-party 所提供的 jail 管理工具當中,<package>sysutils/jailutils</package> 是最完整也最好用的。
該套件是由一系列 &man.jail.8; 管理小工具所組成的。 詳情請參閱其網站介紹
</para>
</sect2>
</sect1>
<sect1 xml:id="jails-application">
<title>Jail 的應用</title>
<sect2 xml:id="jails-service-jails">
<info><title>Service Jails</title>
<authorgroup>
<author><personname><firstname>Daniel</firstname><surname>Gerzo</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<para>本節主要以 &a.simon; 寫的 <uri xlink:href="http://simon.nitro.dk/service-jails.html">http://simon.nitro.dk/service-jails.html</uri> 為主,加上
Ken Tom <email>locals@gmail.com</email> 所更新的文章。
本節介紹如何設定 &os;&man.jail.8; 功能來增加額外的安全層面。
這部分假設您系統跑的是 RELENG_6_0 或更新的版本,
並且對本章先前部分均能理解。</para>
<sect3 xml:id="jails-service-jails-design">
<title>Design</title>
<para>Jail 的主要問題之一在於如何對其進行更新、升級和管理。
由於每個 jail 都是從頭重新編譯,對於單一 jail 而言,
升級也許還不是很嚴重的問題,因為更新、升級並不會太麻煩。
但對於一堆 jail 而言,升級不僅會耗費太多時間,並相當枯燥乏味。</para>
<warning>
<para>這些設定的前提是您對 &os; 使用、功能運用上有相當的經驗,
若下面的設定對您來說太過複雜,建議您該考慮用較簡易的系統,像是
<package>sysutils/ezjail</package>,其提供更簡單的
&os; jail 管理方式。</para>
</warning>
<para>基本的想法是在不同的 jail 中儘量以安全的方式來共用資源
&mdash; 採用唯讀的 &man.mount.nullfs.8; 掛載,來讓升級更簡單,
並把各個 service 放到不同的 jail 的作法會更加可行。 此外,
其也提供對於如何增加、刪除、升級 jail 的簡便方式。</para>
<note>
<para>service 常見的例子包括:
<acronym>HTTP</acronym> server、<acronym>DNS</acronym>
server、<acronym>SMTP</acronym> server 等等。</para>
</note>
<para>本節介紹的設定目的在於:</para>
<itemizedlist>
<listitem>
<para>建立簡易且容易理解的 jail 架構。 也就是說
<emphasis>不必</emphasis>為每個 jail 都執行完整的 installworld
</para>
</listitem>
<listitem>
<para>讓 jail 的新增、移除更簡單。</para>
</listitem>
<listitem>
<para>讓 jail 的更新、升級更輕鬆。</para>
</listitem>
<listitem>
<para>可以跑自行打造的 &os; 分支。</para>
</listitem>
<listitem>
<para>對安全有更偏執狂的追求,儘可能降低被攻陷的可能。</para>
</listitem>
<listitem>
<para>儘量節省空間與 inode。</para>
</listitem>
</itemizedlist>
<para>如同先前所提到的,這設計主要是靠把唯讀的主要模版
(也就是大家所熟知的 <application>nullfs</application>)掛載到每個
jail並且讓每個 jail 有個可讀、寫的設備,這設備可以是獨立實體硬碟、
、分割區、或以 vnode 為後端的 &man.md.4; 設備。 在本例當中,
我們採用可讀寫的 <application>nullfs</application> 掛載。</para>
<para>下面的表則介紹檔案系統的配置:</para>
<itemizedlist>
<listitem>
<para>每個 jail 都會掛載到 <filename>/home/j</filename> 底下的其中一個目錄。</para>
</listitem>
<listitem>
<para><filename>/home/j/mroot</filename> 則是每個
jail 共用的模版,並對於所有 jail 而言都是唯讀。</para>
</listitem>
<listitem>
<para>每個 jail 在 <filename>/home/j</filename>
底下都有一個相對應的空目錄。</para>
</listitem>
<listitem>
<para>每個 jail 都會有 <filename>/s</filename> 目錄,
該目錄會連到系統的可讀寫部分。</para>
</listitem>
<listitem>
<para>每個 jail 都會在 <filename>/home/j/skel</filename> 目錄建立自屬的可讀寫空間
</para>
</listitem>
<listitem>
<para>每個 jailspace (各 jail 可讀寫的部分) 都建在 <filename>/home/js</filename>&gt;</para>
</listitem>
</itemizedlist>
<note>
<para>這邊假設所有 jail 都放在
<filename>/home</filename> 分割區。 當然,
也可以依自身需求更改,但接下來的例子中,
也要記得修改相對應的地方。</para>
</note>
<!-- Insert an image or drawing here to illustrate the example. -->
</sect3>
<sect3 xml:id="jails-service-jails-template">
<title>建立模版</title>
<para>本節將逐步介紹如何建立 jail 要用的唯讀主模版。</para>
<para>建議先把 &os; 系統升級到最新的 -RELEASE 分支,至於如何做請參閱
Handbook 的
<link xlink:href="&url.books.handbook;/makeworld.html">相關章節</link>
當更新完成之後,就要進行 buildworld 程序,此外還要裝 <package>sysutils/cpdup</package> 套件。
我們將用 &man.portsnap.8; 來下載 &os; Ports Collection
在 Handbook 中 <xref linkend="ports-using-portsnap-method"/>
有相關介紹,初學者可以看看。</para>
<procedure>
<step>
<para>首先,先建立唯讀的目錄結構給 jail 放 &os; binary
接著到 &os; source tree 目錄,並安裝 jail 模版:</para>
<screen>&prompt.root; <userinput>mkdir -p /home/j/mroot</userinput>
&prompt.root; <userinput>cd /usr/src</userinput>
&prompt.root; <userinput>make installworld DESTDIR=/home/j/mroot</userinput></screen>
</step>
<step>
<para>接著跟 &os; source tree 一樣,也把 &os; Ports Collection
放一份供 jail 使用,以備 <application>mergemaster</application>
</para>
<screen>&prompt.root; <userinput>cd /home/j/mroot</userinput>
&prompt.root; <userinput>mkdir usr/ports</userinput>
&prompt.root; <userinput>portsnap -p /home/j/mroot/usr/ports fetch extract</userinput>
&prompt.root; <userinput>cpdup /usr/src /home/j/mroot/usr/src</userinput></screen>
</step>
<step>
<para>建立可讀寫部分的骨架:</para>
<screen>&prompt.root; <userinput>mkdir /home/j/skel /home/j/skel/home /home/j/skel/usr-X11R6 /home/j/skel/distfiles</userinput>
&prompt.root; <userinput>mv etc /home/j/skel</userinput>
&prompt.root; <userinput>mv usr/local /home/j/skel/usr-local</userinput>
&prompt.root; <userinput>mv tmp /home/j/skel</userinput>
&prompt.root; <userinput>mv var /home/j/skel</userinput>
&prompt.root; <userinput>mv root /home/j/skel</userinput></screen>
</step>
<step>
<para><application>mergemaster</application> 來裝漏掉的設定檔。
接下來刪除 <application>mergemaster</application>
所建立的多餘目錄:</para>
<screen>&prompt.root; <userinput>mergemaster -t /home/j/skel/var/tmp/temproot -D /home/j/skel -i</userinput>
&prompt.root; <userinput>cd /home/j/skel</userinput>
&prompt.root; <userinput>rm -R bin boot lib libexec mnt proc rescue sbin sys usr dev</userinput></screen>
</step>
<step>
<para>現在把可讀寫的檔案系統以 symlink 方式連到唯讀的檔案系統。
請確認 symbolic link 是否有正確連到 <filename>s/</filename> 目錄,若目錄建立方式不對,
或指向位置不對,可能會導致安裝失敗。</para>
<screen>&prompt.root; <userinput>cd /home/j/mroot</userinput>
&prompt.root; <userinput>mkdir s</userinput>
&prompt.root; <userinput>ln -s s/etc etc</userinput>
&prompt.root; <userinput>ln -s s/home home</userinput>
&prompt.root; <userinput>ln -s s/root root</userinput>
&prompt.root; <userinput>ln -s ../s/usr-local usr/local</userinput>
&prompt.root; <userinput>ln -s ../s/usr-X11R6 usr/X11R6</userinput>
&prompt.root; <userinput>ln -s ../../s/distfiles usr/ports/distfiles</userinput>
&prompt.root; <userinput>ln -s s/tmp tmp</userinput>
&prompt.root; <userinput>ln -s s/var var</userinput></screen>
</step>
<step>
<para>最後則是新增 <filename>/home/j/skel/etc/make.conf</filename>
,並填入以下內容:</para>
<programlisting>WRKDIRPREFIX?= /s/portbuild</programlisting>
<para>要設定 <literal>WRKDIRPREFIX</literal> 才可以讓各 jail
得以順利編譯 &os; ports。請記住 ports 目錄是屬唯讀檔案系統。
而搭配自訂的 <literal>WRKDIRPREFIX</literal> 才可以讓各 jail
在可讀寫空間進行編譯。</para>
</step>
</procedure>
</sect3>
<sect3 xml:id="jails-service-jails-creating">
<title>建立 Jail</title>
<para>現在已經有完整的 &os; jail 模版,可以在
<filename>/etc/rc.conf</filename> 內做相關設定。
下面這例子則示範如何建立 3 個 jail<quote>NS</quote>
<quote>MAIL</quote><quote>WWW</quote></para>
<procedure>
<step>
<para><filename>/etc/fstab</filename> 加上下列設定,
以便讓系統自動掛載各 jail 所需的唯讀模版與讀寫空間:</para>
<programlisting>/home/j/mroot /home/j/ns nullfs ro 0 0
/home/j/mroot /home/j/mail nullfs ro 0 0
/home/j/mroot /home/j/www nullfs ro 0 0
/home/js/ns /home/j/ns/s nullfs rw 0 0
/home/js/mail /home/j/mail/s nullfs rw 0 0
/home/js/www /home/j/www/s nullfs rw 0 0</programlisting>
<note>
<para>分割區的 pass number 標示為 0 就不會在開機時做 &man.fsck.8;
檢查;而分割區的 dump number 標示為 0 則不會被 &man.dump.8;
所備份。
我們並不希望
<application>fsck</application> 檢查
<application>nullfs</application> 的掛載,或者讓
<application>dump</application> 備份 jail 內唯讀的 nullfs 掛載。
這也就是為何上述 <filename>fstab</filename>
每行設定後面都有兩欄為 <quote>0&nbsp;0</quote></para>
</note>
</step>
<step>
<para><filename>/etc/rc.conf</filename> 內設定 jail</para>
<programlisting>jail_enable="YES"
jail_set_hostname_allow="NO"
jail_list="ns mail www"
jail_ns_hostname="ns.example.org"
jail_ns_ip="192.168.3.17"
jail_ns_rootdir="/usr/home/j/ns"
jail_ns_devfs_enable="YES"
jail_mail_hostname="mail.example.org"
jail_mail_ip="192.168.3.18"
jail_mail_rootdir="/usr/home/j/mail"
jail_mail_devfs_enable="YES"
jail_www_hostname="www.example.org"
jail_www_ip="62.123.43.14"
jail_www_rootdir="/usr/home/j/www"
jail_www_devfs_enable="YES"</programlisting>
<warning>
<para>之所以要把
<varname>jail_<replaceable>name</replaceable>_rootdir</varname>
<filename>/home</filename> 改為 <filename>/usr/home</filename> 的原因在於 &os;
預設安裝的 <filename>/home</filename> 目錄其實只是指向 <filename>/usr/home</filename> 的 symbolic link。 而
<varname>jail_<replaceable>name</replaceable>_rootdir</varname>
變數須為 <emphasis>實體目錄</emphasis> 而非 symbolic link
否則 jail 會拒絕啟動。 可以用 &man.realpath.1;
來決定該變數。 詳情請參閱 &os;-SA-07:01.jail 安全通告。</para>
</warning>
</step>
<step>
<para>替每個 jail 建立必須的唯讀檔案系統掛載點:</para>
<screen>&prompt.root; <userinput>mkdir /home/j/ns /home/j/mail /home/j/www</userinput></screen>
</step>
<step>
<para>為每個 jail 安裝可讀寫的模版。 請注意這時要用 <package>sysutils/cpdup</package>
,它能確保每個目錄都有正確複製。</para>
<!-- keramida: Why is cpdup required here? Doesn't cpio(1)
already include adequate functionality for performing this
job *and* have the advantage of being part of the base
system of FreeBSD? -->
<screen>&prompt.root; <userinput>mkdir /home/js</userinput>
&prompt.root; <userinput>cpdup /home/j/skel /home/js/ns</userinput>
&prompt.root; <userinput>cpdup /home/j/skel /home/js/mail</userinput>
&prompt.root; <userinput>cpdup /home/j/skel /home/js/www</userinput></screen>
</step>
<step>
<para>如此一來就已完成 jail 環境建立,可以準備好要用了。
請先為各 jail 掛載所須的檔案系統,再用
<filename>/etc/rc.d/jail</filename> script 來啟動:</para>
<screen>&prompt.root; <userinput>mount -a</userinput>
&prompt.root; <userinput>/etc/rc.d/jail start</userinput></screen>
</step>
</procedure>
<para>現在 jail 應該就會啟動了。 若要檢查是否有正常啟動,可以用
&man.jls.8; 指令來看,該指令的執行結果應該類似下面:</para>
<screen>&prompt.root; <userinput>jls</userinput>
JID IP Address Hostname Path
3 192.168.3.17 ns.example.org /home/j/ns
2 192.168.3.18 mail.example.org /home/j/mail
1 62.123.43.14 www.example.org /home/j/www</screen>
<para>此時就可以登入各 jail 並新增帳號與設定相關 service 要用的 daemon
。 上面的 <literal>JID</literal> 欄代表正在運作中的 jail 編號。
可用下列指令以在 <literal>JID</literal> 編號 3 的 jail
執行管理工作:</para>
<screen>&prompt.root; <userinput>jexec 3 tcsh</userinput></screen>
</sect3>
<sect3 xml:id="jails-service-jails-upgrading">
<title>升級</title>
<para>有時由於安全問題或者 jail 內要用新功能,而需要把 &os;
系統升級到更新。 這種安裝設計方式讓既有的 jail 升級變得更加容易。
jail 也可以把 service 停機時間(downtime)降到最低,因為 jail
只需在最後關鍵才需要重開。 此外,萬一新版有問題的話,
它也提供輕鬆回溯到舊版的功能。</para>
<procedure>
<step>
<para>首先是照一般方式來升級 host system再新增臨時的唯讀模版
<filename>/home/j/mroot2</filename></para>
<screen>&prompt.root; <userinput>mkdir /home/j/mroot2</userinput>
&prompt.root; <userinput>cd /usr/src</userinput>
&prompt.root; <userinput>make installworld DESTDIR=/home/j/mroot2</userinput>
&prompt.root; <userinput>cd /home/j/mroot2</userinput>
&prompt.root; <userinput>cpdup /usr/src usr/src</userinput>
&prompt.root; <userinput>mkdir s</userinput></screen>
<para>同樣地,在執行 <buildtarget>installworld</buildtarget>
時會建立一些用不著的目錄,請把這些砍掉:</para>
<screen>&prompt.root; <userinput>chflags -R 0 var</userinput>
&prompt.root; <userinput>rm -R etc var root usr/local tmp</userinput></screen>
</step>
<step>
<para>重新建立到主系統的可讀寫空間 symlink</para>
<screen>&prompt.root; <userinput>ln -s s/etc etc</userinput>
&prompt.root; <userinput>ln -s s/root root</userinput>
&prompt.root; <userinput>ln -s s/home home</userinput>
&prompt.root; <userinput>ln -s ../s/usr-local usr/local</userinput>
&prompt.root; <userinput>ln -s ../s/usr-X11R6 usr/X11R6</userinput>
&prompt.root; <userinput>ln -s s/tmp tmp</userinput>
&prompt.root; <userinput>ln -s s/var var</userinput></screen>
</step>
<step>
<para>現在可以關閉 jail</para>
<screen>&prompt.root; <userinput>/etc/rc.d/jail stop</userinput></screen>
</step>
<step>
<para>卸載原先的檔案系統:</para>
<!-- keramida: Shouldn't we suggest a short script-based
loop here, instead of tediously copying the same commands
multiple times? -->
<screen>&prompt.root; <userinput>umount /home/j/ns/s</userinput>
&prompt.root; <userinput>umount /home/j/ns</userinput>
&prompt.root; <userinput>umount /home/j/mail/s</userinput>
&prompt.root; <userinput>umount /home/j/mail</userinput>
&prompt.root; <userinput>umount /home/j/www/s</userinput>
&prompt.root; <userinput>umount /home/j/www</userinput></screen>
<note>
<para>可讀寫空間(<filename>/s</filename>)
是掛載在唯讀檔案系統底下,故要先卸載。</para>
</note>
</step>
<step>
<para>把舊的唯讀系統搬走,換成新的。 如此一來,
可同時保留先前系統的備份,以備萬一升級後有問題可回復。
這邊的命名方式採新唯讀檔案系統的建立時間,此外原先 &os;
Ports Collection 直接搬到新的檔案系統,以節省硬碟空間與 inode
</para>
<screen>&prompt.root; <userinput>cd /home/j</userinput>
&prompt.root; <userinput>mv mroot mroot.20060601</userinput>
&prompt.root; <userinput>mv mroot2 mroot</userinput>
&prompt.root; <userinput>mv mroot.20060601/usr/ports mroot/usr</userinput></screen>
</step>
<step>
<para>現在新的唯讀模版準備好了,只剩下重新掛載以及啟動 jail</para>
<screen>&prompt.root; <userinput>mount -a</userinput>
&prompt.root; <userinput>/etc/rc.d/jail start</userinput></screen>
</step>
</procedure>
<para>最後以 &man.jls.8; 來檢查 jail 是否均正常啟動。
別忘了要在各 jail 內執行 mergemaster還有相關設定檔以及
rc.d scripts 均要更新。</para>
</sect3>
</sect2>
</sect1>
</chapter>

15
zh_TW.UTF-8/books/handbook/kernelconfig/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= kernelconfig/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1387
zh_TW.UTF-8/books/handbook/kernelconfig/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/l10n/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= l10n/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

884
zh_TW.UTF-8/books/handbook/l10n/chapter.xml
View file

@ -1,884 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.119
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="l10n">
<info><title>語系設定 - I18N/L10N 用法與設定</title>
<authorgroup>
<author><personname><firstname>Andrey</firstname><surname>Chernov</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
<authorgroup>
<author><personname><firstname>Michael C.</firstname><surname>Wu</surname></personname><contrib>Rewritten by </contrib></author>
<!-- 30 Nv 2000 -->
</authorgroup>
</info>
<sect1 xml:id="l10n-synopsis">
<title>概述</title>
<para>由於 FreeBSD 是分佈全世界的使用者及志工所支持的計畫,本章主要探討的是
FreeBSD 的國際化、本土化議題,以便讓母語不是英語系的人也能順利完成各項工作。
在作業系統、應用程式兩種層面,主要都是透過 i18n 標準來實作的,所以,
這裡我們將會介紹大致運作方式。</para>
<para>讀完這章,您將了解︰</para>
<itemizedlist>
<listitem><para>各種不同的語言與地區設定如何在作業系統上進行編碼。</para></listitem>
<listitem><para>如何設定登入用的 shell 語系環境。</para></listitem>
<listitem><para>如何將你的 console 設為英語以外的語系設定。</para></listitem>
<listitem><para>如何使用不同語系的設定,來讓 X Window 運作更親切。</para></listitem>
<listitem><para>哪邊可以找到更多與 i18n 規格相容的應用程式規格資料。</para></listitem>
</itemizedlist>
<para>在開始閱讀這章之前,您需要︰</para>
<itemizedlist>
<listitem><para>知道如何以 ports/packages 來安裝應用程式(<xref linkend="ports"/>)。</para></listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="l10n-basics">
<title>L10N 基礎概念</title>
<sect2>
<title>什麼是 I18N/L10N?</title>
<indexterm>
<primary>internationalization</primary>
<see>localization</see>
</indexterm>
<indexterm><primary>localization</primary></indexterm>
<para>程式開發人員習慣把 internationalization 縮寫為 I18N中間的數字 18 乃是最前與最後面字母之間的字母個數總和,
而 L10N 也是以一樣的方式,是 <quote>localization</quote> 的縮寫。
只要有符合 I18N/L10N 規格、協定的應用程式,就可以讓使用者依各自語系而作設定。</para>
<para>I18N 應用程式是以 I18N 開發工具來進行開發的,
它可以讓程式開發人員透過寫簡單的文字檔,就可以把執行畫面上的選單、訊息翻譯為各語系的版本。
我們強烈建議程式開發人員遵循這個遊戲規則。</para>
</sect2>
<sect2>
<title>為何該使用 I18N/L10N</title>
<para>只要有符合 I18N/L10N 標準,就可以輕鬆地看、輸入、處理非英文的資料。</para>
</sect2>
<sect2>
<title>I18N 支援哪些語系?</title>
<para>I18N 和 L10N 並非 FreeBSD 所特有的,目前這世界上的幾乎任一主要語系都有支援,
像是:中文、德文、日文、韓文、法文、俄文、越南文等等。</para>
</sect2>
</sect1>
<sect1 xml:id="using-localization">
<title>使用語系設定(Localization)</title>
<para>I18N 和 L10N 並非 FreeBSD 所特有的,而是共通的遊戲規則。
我們鼓勵你在 FreeBSD 世界中同樣遵守這項遊戲規則。</para>
<indexterm><primary>locale</primary></indexterm>
<para>Locale 設定由三個部分所組成:語言代碼(Language Code)、國碼(Country Code)、編碼(Encoding)。
所以Locale 的設定名稱就是由這三個一起組成:</para>
<programlisting><replaceable>語言代碼</replaceable>_<replaceable>國碼</replaceable>.<replaceable>編碼</replaceable></programlisting>
<sect2>
<title>語言、國碼</title>
<indexterm><primary>language codes</primary></indexterm>
<indexterm><primary>country codes</primary></indexterm>
<para>使用者必須要先知道這些特定的國碼、語言代碼(國碼會告訴應用程式該使用哪一種語言)
才能讓 FreeBSD 或其他支援 I18N 的 &unix; 類系統作 locale 相關設定。
此外,網頁瀏覽器(borwser)、SMTP/POP 主機、Web 主機等也都以這架構為主。
下面是如何使用『語言代碼、國碼』的例子:</para>
<informaltable frame="none" pgwide="1">
<tgroup cols="2">
<thead>
<row>
<entry>語言代碼/國碼</entry>
<entry>簡介</entry>
</row>
</thead>
<tbody>
<row>
<entry>en_US</entry>
<entry>英文(美國)</entry>
</row>
<row>
<entry>ru_RU</entry>
<entry>俄文(俄國)</entry>
</row>
<row>
<entry>zh_TW</entry>
<entry>正體中文(台灣)</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</sect2>
<sect2>
<title>編碼</title>
<indexterm><primary>encodings</primary></indexterm>
<indexterm><primary>ASCII</primary></indexterm>
<para>有些語言並非採用 ASCII 編碼,可能是: 8-bit、wide
或 multibyte 字元,詳情請參閱 &man.multibyte.3;
較古早的程式可能無法正確判別、或誤判為特殊控制字元。而較新的程式都可以辨認
8-bit 字元。 由於各程式的作法不一,使用者可能需要在編譯程式時,加上
wide 或 multibyte 字元的支援設定,或是正確調整才行。
要輸入、處理 wide 或 multibyte 字元的話,可多多利用 <link xlink:href="&url.base;/ports/index.html">FreeBSD Ports Collection</link> 內有各國語言版本的程式。
詳情請參閱 FreeBSD 各 port 中的 I18N 相關文件。</para>
<para>Specifically, the user needs to look at the application
documentation to decide on how to configure it correctly or to
pass correct values into the configure/Makefile/compiler.</para>
<para>Some things to keep in mind are:</para>
<itemizedlist>
<listitem>
<para>Language specific single C chars character sets
(see &man.multibyte.3;), e.g.
ISO8859-1, ISO8859-15, KOI8-R, CP437.</para>
</listitem>
<listitem>
<para>Wide or multibyte encodings, e.g. EUC, Big5.</para>
</listitem>
</itemizedlist>
<para>You can check the active list of character sets at the
<link xlink:href="http://www.iana.org/assignments/character-sets">IANA Registry</link>.</para>
<note>
<para>&os; use X11-compatible locale encodings instead.</para>
</note>
</sect2>
<sect2>
<title>I18N Applications</title>
<para>In the FreeBSD Ports and Package system, I18N applications
have been named with <literal>I18N</literal> in their names for
easy identification. However, they do not always support the
language needed.</para>
</sect2>
<sect2 xml:id="setting-locale">
<title>Setting Locale</title>
<para>Usually it is sufficient to export the value of the locale name
as <envar>LANG</envar> in the login shell. This could be done in
the user's <filename>~/.login_conf</filename> file or in the
startup file of the user's shell (<filename>~/.profile</filename>,
<filename>~/.bashrc</filename>, <filename>~/.cshrc</filename>).
There is no need to set the locale subsets such as
<envar>LC_CTYPE</envar>, <envar>LC_CTIME</envar>. Please
refer to language-specific FreeBSD documentation for more
information.</para>
<para>You should set the following two environment variables in your configuration
files:</para>
<itemizedlist>
<listitem>
<para><envar>LANG</envar> for &posix;<indexterm><primary>POSIX</primary></indexterm> &man.setlocale.3; family
functions</para>
</listitem>
<listitem>
<para><envar>MM_CHARSET</envar> for applications' MIME<indexterm><primary>MIME</primary></indexterm> character
set</para>
</listitem>
</itemizedlist>
<para>This includes the user shell configuration, the specific application
configuration, and the X11 configuration.</para>
<sect3>
<title>Setting Locale Methods</title>
<indexterm><primary>locale</primary></indexterm>
<indexterm><primary>login class</primary></indexterm>
<para>There are two methods for setting locale, and both are
described below. The first (recommended one) is by assigning
the environment variables in <link linkend="login-class">login
class</link>, and the second is by adding the environment
variable assignments to the system's shell <link linkend="startup-file">startup file</link>.</para>
<sect4 xml:id="login-class">
<title>Login Classes Method</title>
<para>This method allows environment variables needed for locale
name and MIME character sets to be assigned once for every
possible shell instead of adding specific shell assignments to
each shell's startup file. <link linkend="usr-setup">User
Level Setup</link> can be done by an user himself and <link linkend="adm-setup">Administrator Level Setup</link> require
superuser privileges.</para>
<sect5 xml:id="usr-setup">
<title>User Level Setup</title>
<para>Here is a minimal example of a
<filename>.login_conf</filename> file in user's home
directory which has both variables set for Latin-1
encoding:</para>
<programlisting>me:\
:charset=ISO-8859-1:\
:lang=de_DE.ISO8859-1:</programlisting>
<indexterm><primary>Traditional Chinese</primary><secondary>BIG-5 encoding</secondary></indexterm>
<para>Here is an example of a
<filename>.login_conf</filename> that sets the variables
for Traditional Chinese in BIG-5 encoding. Notice the many
more variables set because some software does not respect
locale variables correctly for Chinese, Japanese, and Korean.</para>
<programlisting>#Users who do not wish to use monetary units or time formats
#of Taiwan can manually change each variable
me:\
:lang=zh_TW.Big5:\
:lc_all=zh_TW.Big:\
:lc_collate=zh_TW.Big5:\
:lc_ctype=zh_TW.Big5:\
:lc_messages=zh_TW.Big5:\
:lc_monetary=zh_TW.Big5:\
:lc_numeric=zh_TW.Big5:\
:lc_time=zh_TW.Big5:\
:charset=big5:\
:xmodifiers="@im=xcin": #Setting the XIM Input Server</programlisting>
<para>See <link linkend="adm-setup">Administrator Level
Setup</link> and &man.login.conf.5; for more details.</para>
</sect5>
<sect5 xml:id="adm-setup">
<title>Administrator Level Setup</title>
<para>Verify that the user's login class in
<filename>/etc/login.conf</filename> sets the correct
language. Make sure these settings
appear in <filename>/etc/login.conf</filename>:</para>
<programlisting><replaceable>language_name</replaceable>:<replaceable>accounts_title</replaceable>:\
:charset=<replaceable>MIME_charset</replaceable>:\
:lang=<replaceable>locale_name</replaceable>:\
:tc=default:</programlisting>
<para>So sticking with our previous example using Latin-1, it
would look like this:</para>
<programlisting>german:German Users Accounts:\
:charset=ISO-8859-1:\
:lang=de_DE.ISO8859-1:\
:tc=default:</programlisting>
<para>Before changing users Login Classes execute
the following command</para>
<screen>&prompt.root; <userinput>cap_mkdb /etc/login.conf</userinput></screen>
<para>to make new configuration in
<filename>/etc/login.conf</filename> visible to the system.</para>
<bridgehead renderas="sect4">Changing Login Classes with &man.vipw.8;</bridgehead>
<indexterm>
<primary><command>vipw</command></primary>
</indexterm>
<para>Use <command>vipw</command> to add new users, and make
the entry look like this:</para>
<programlisting>user:password:1111:11:<replaceable>language</replaceable>:0:0:User Name:/home/user:/bin/sh</programlisting>
<bridgehead renderas="sect4">Changing Login Classes with &man.adduser.8;</bridgehead>
<indexterm>
<primary><command>adduser</command></primary>
</indexterm>
<indexterm><primary>login class</primary></indexterm>
<para>Use <command>adduser</command> to add new users, and do
the following:</para>
<itemizedlist>
<listitem>
<para>Set <literal>defaultclass =
language</literal> in
<filename>/etc/adduser.conf</filename>. Keep in mind
you must enter a <literal>default</literal> class for
all users of other languages in this case.</para>
</listitem>
<listitem>
<para>An alternative variant is answering the specified
language each time that
<screen><prompt>Enter login class: default []: </prompt></screen>
appears from &man.adduser.8;.</para>
</listitem>
<listitem>
<para>Another alternative is to use the following for each
user of a different language that you wish to
add:</para>
<screen>&prompt.root; <userinput>adduser -class language</userinput></screen>
</listitem>
</itemizedlist>
<bridgehead renderas="sect4">Changing Login Classes with &man.pw.8;</bridgehead>
<indexterm>
<primary><command>pw</command></primary>
</indexterm>
<para>If you use &man.pw.8; for adding new users, call it in
this form:</para>
<screen>&prompt.root; <userinput>pw useradd user_name -L language</userinput></screen>
</sect5>
</sect4>
<sect4 xml:id="startup-file">
<title>Shell Startup File Method</title>
<note>
<para>This method is not recommended because it requires a
different setup for each possible shell program chosen. Use
the <link linkend="login-class">Login Class Method</link>
instead.</para>
</note>
<indexterm><primary>MIME</primary></indexterm>
<indexterm><primary>locale</primary></indexterm>
<para>To add the locale name and MIME character set, just set
the two environment variables shown below in the
<filename>/etc/profile</filename> and/or
<filename>/etc/csh.login</filename> shell startup files. We
will use the German language as an example below:</para>
<para>In <filename>/etc/profile</filename>:</para>
<programlisting><envar>LANG=de_DE.ISO8859-1; export LANG</envar>
<envar>MM_CHARSET=ISO-8859-1; export MM_CHARSET</envar></programlisting>
<para>Or in <filename>/etc/csh.login</filename>:</para>
<programlisting><envar>setenv LANG de_DE.ISO8859-1</envar>
<envar>setenv MM_CHARSET ISO-8859-1</envar></programlisting>
<para>Alternatively, you can add the above instructions to
<filename>/usr/share/skel/dot.profile</filename> (similar to
what was used in <filename>/etc/profile</filename> above), or
<filename>/usr/share/skel/dot.login</filename> (similar to
what was used in <filename>/etc/csh.login</filename>
above).</para>
<para>For X11:</para>
<para>In <filename>$HOME/.xinitrc</filename>:</para>
<programlisting><envar>LANG=de_DE.ISO8859-1; export LANG</envar></programlisting>
<para>Or:</para>
<programlisting><envar>setenv LANG de_DE.ISO8859-1</envar></programlisting>
<para>Depending on your shell (see above).</para>
</sect4>
</sect3>
</sect2>
<sect2 xml:id="setting-console">
<title>Console Setup</title>
<para>For all single C chars character sets, set the correct
console fonts in <filename>/etc/rc.conf</filename> for the
language in question with:</para>
<programlisting>font8x16=<replaceable>font_name</replaceable>
font8x14=<replaceable>font_name</replaceable>
font8x8=<replaceable>font_name</replaceable></programlisting>
<para>The <replaceable>font_name</replaceable> here is taken from
the <filename>/usr/share/syscons/fonts</filename> directory,
without the <filename>.fnt</filename> suffix.</para>
<indexterm>
<primary><application>sysinstall</application></primary>
</indexterm>
<indexterm><primary>keymap</primary></indexterm>
<indexterm><primary>screenmap</primary></indexterm>
<para>Also be sure to set the correct keymap and screenmap for your
single C chars character set through
<command>sysinstall</command> (<command>/stand/sysinstall</command>
in &os; versions older than 5.2).
Once inside <application>sysinstall</application>, choose <guimenuitem>Configure</guimenuitem>, then
<guimenuitem>Console</guimenuitem>. Alternatively, you can add the
following to <filename>/etc/rc.conf</filename>:</para>
<programlisting>scrnmap=<replaceable>screenmap_name</replaceable>
keymap=<replaceable>keymap_name</replaceable>
keychange="<replaceable>fkey_number sequence</replaceable>"</programlisting>
<para>The <replaceable>screenmap_name</replaceable> here is taken
from the <filename>/usr/share/syscons/scrnmaps</filename>
directory, without the <filename>.scm</filename> suffix. A
screenmap with a corresponding mapped font is usually needed as a
workaround for expanding bit 8 to bit 9 on a VGA adapter's font
character matrix in pseudographics area, i.e., to move letters out
of that area if screen font uses a bit 8 column.</para>
<para>If you have the <application>moused</application> daemon
enabled by setting the following
in your <filename>/etc/rc.conf</filename>:</para>
<programlisting>moused_enable="YES"</programlisting>
<para>then examine the mouse cursor information in the next
paragraph.</para>
<indexterm>
<primary><application>moused</application></primary>
</indexterm>
<para>By default the mouse cursor of the &man.syscons.4; driver occupies the
0xd0-0xd3 range in the character set. If your language uses this
range, you need to move the cursor's range outside of it. To enable
the workaround for &os;, add the following line to
<filename>/etc/rc.conf</filename>:</para>
<programlisting>mousechar_start=3</programlisting>
<para>The <replaceable>keymap_name</replaceable> here is taken from
the <filename>/usr/share/syscons/keymaps</filename> directory,
without the <filename>.kbd</filename> suffix. If you are
uncertain which keymap to use, you use can &man.kbdmap.1; to test
keymaps without rebooting.</para>
<para>The <literal>keychange</literal> is usually needed to program
function keys to match the selected terminal type because
function key sequences cannot be defined in the key map.</para>
<para>Also be sure to set the correct console terminal type in
<filename>/etc/ttys</filename> for all <literal>ttyv*</literal>
entries. Current pre-defined correspondences are:</para>
<informaltable frame="none" pgwide="1">
<tgroup cols="2">
<thead>
<row>
<entry>Character Set</entry>
<entry>Terminal Type</entry>
</row>
</thead>
<tbody>
<row>
<entry>ISO8859-1 or ISO8859-15</entry>
<entry><literal>cons25l1</literal></entry>
</row>
<row>
<entry>ISO8859-2</entry>
<entry><literal>cons25l2</literal></entry>
</row>
<row>
<entry>ISO8859-7</entry>
<entry><literal>cons25l7</literal></entry>
</row>
<row>
<entry>KOI8-R</entry>
<entry><literal>cons25r</literal></entry>
</row>
<row>
<entry>KOI8-U</entry>
<entry><literal>cons25u</literal></entry>
</row>
<row>
<entry>CP437 (VGA default)</entry>
<entry><literal>cons25</literal></entry>
</row>
<row>
<entry>US-ASCII</entry>
<entry><literal>cons25w</literal></entry>
</row>
</tbody>
</tgroup>
</informaltable>
<para>For wide or multibyte characters languages, use the correct
FreeBSD port in your
<filename>/usr/ports/language</filename>
directory. Some ports appear as console while the system sees it
as serial vtty's, hence you must reserve enough vtty's for both
X11 and the pseudo-serial console. Here is a partial list of
applications for using other languages in console:</para>
<informaltable frame="none" pgwide="1">
<tgroup cols="2">
<thead>
<row>
<entry>Language</entry>
<entry>Location</entry>
</row>
</thead>
<tbody>
<row>
<entry>Traditional Chinese (BIG-5)</entry>
<entry><package>chinese/big5con</package></entry>
</row>
<row>
<entry>Japanese</entry>
<entry><package>japanese/kon2-16dot</package> or
<package>japanese/mule-freewnn</package></entry>
</row>
<row>
<entry>Korean</entry>
<entry><package>korean/han</package></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</sect2>
<sect2>
<title>X11 Setup</title>
<para>Although X11 is not part of the FreeBSD Project, we have
included some information here for FreeBSD users. For more
details, refer to the <link xlink:href="http://www.x.org/">&xorg;
web site</link> or whichever X11 Server you use.</para>
<para>In <filename>~/.Xresources</filename>, you can additionally
tune application specific I18N settings (e.g., fonts, menus,
etc.).</para>
<sect3>
<title>Displaying Fonts</title>
<indexterm><primary>X11 True Type font server</primary></indexterm>
<para>Install <application>&xorg;</application> server
(<package>x11-servers/xorg-server</package>)
or <application>&xfree86;</application> server
(<package>x11-servers/XFree86-4-Server</package>),
then install the language &truetype; fonts. Setting the correct
locale should allow you to view your selected language in menus
and such.</para>
</sect3>
<sect3>
<title>Inputting Non-English Characters</title>
<indexterm><primary>X11 Input Method (XIM)</primary></indexterm>
<para>The X11 Input Method (XIM) Protocol is a new standard for
all X11 clients. All X11 applications should be written as XIM
clients that take input from XIM Input servers. There are
several XIM servers available for different languages.</para>
</sect3>
</sect2>
<sect2>
<title>Printer Setup</title>
<para>Some single C chars character sets are usually hardware
coded into printers. Wide or multibyte
character sets require special setup and we recommend using
<application>apsfilter</application>. You may also convert the
document to &postscript; or PDF formats using language specific
converters.</para>
</sect2>
<sect2>
<title>Kernel and File Systems</title>
<para>The FreeBSD fast filesystem (FFS) is 8-bit clean, so it can be used
with any single C chars character set (see &man.multibyte.3;),
but there is no character set
name stored in the filesystem; i.e., it is raw 8-bit and does not
know anything about encoding order. Officially, FFS does not
support any form of wide or multibyte character sets yet. However, some
wide or multibyte character sets have independent patches for FFS
enabling such support. They are only temporary unportable
solutions or hacks and we have decided to not include them in the
source tree. Refer to respective languages' web sites for more
information and the patch files.</para>
<indexterm><primary>DOS</primary></indexterm>
<indexterm><primary>Unicode</primary></indexterm>
<para>The FreeBSD &ms-dos; filesystem has the configurable ability to
convert between &ms-dos;, Unicode character sets and chosen
FreeBSD filesystem character sets. See &man.mount.msdos.8; for
details.</para>
</sect2>
</sect1>
<sect1 xml:id="l10n-compiling">
<title>Compiling I18N Programs</title>
<para>Many FreeBSD Ports have been ported with I18N support. Some
of them are marked with -I18N in the port name. These and many
other programs have built in support for I18N and need no special
consideration.</para>
<indexterm>
<primary><application>MySQL</application></primary>
</indexterm>
<para>However, some applications such as
<application>MySQL</application> need to be have the
<filename>Makefile</filename> configured with the specific
charset. This is usually done in the
<filename>Makefile</filename> or done by passing a value to
<application>configure</application> in the source.</para>
</sect1>
<sect1 xml:id="lang-setup">
<title>Localizing FreeBSD to Specific Languages</title>
<sect2 xml:id="ru-localize">
<info><title>Russian Language (KOI8-R Encoding)</title>
<authorgroup>
<author><personname><firstname>Andrey</firstname><surname>Chernov</surname></personname><contrib>Originally contributed by </contrib></author>
</authorgroup>
</info>
<indexterm>
<primary>localization</primary>
<secondary>Russian</secondary>
</indexterm>
<para>For more information about KOI8-R encoding, see the <link xlink:href="http://koi8.pp.ru/">KOI8-R References
(Russian Net Character Set)</link>.</para>
<sect3>
<title>Locale Setup</title>
<para>Put the following lines into your
<filename>~/.login_conf</filename> file:</para>
<programlisting>me:My Account:\
:charset=KOI8-R:\
:lang=ru_RU.KOI8-R:</programlisting>
<para>See earlier in this chapter for examples of setting up the
<link linkend="setting-locale">locale</link>.</para>
</sect3>
<sect3>
<title>Console Setup</title>
<itemizedlist>
<listitem>
<para>Add the following line
to your <filename>/etc/rc.conf</filename> file:</para>
<programlisting>mousechar_start=3</programlisting>
</listitem>
<listitem>
<para>Also, use following settings in
<filename>/etc/rc.conf</filename>:</para>
<programlisting>keymap="ru.koi8-r"
scrnmap="koi8-r2cp866"
font8x16="cp866b-8x16"
font8x14="cp866-8x14"
font8x8="cp866-8x8"</programlisting>
</listitem>
<listitem>
<para>For each <literal>ttyv*</literal> entry in
<filename>/etc/ttys</filename>, use
<literal>cons25r</literal> as the terminal type.</para>
</listitem>
</itemizedlist>
<para>See earlier in this chapter for examples of setting up the
<link linkend="setting-console">console</link>.</para>
</sect3>
<sect3>
<title>Printer Setup</title>
<indexterm><primary>printers</primary></indexterm>
<para>Since most printers with Russian characters come with
hardware code page CP866, a special output filter is needed
to convert from KOI8-R to CP866. Such a filter is installed by
default as <filename>/usr/libexec/lpr/ru/koi2alt</filename>.
A Russian printer <filename>/etc/printcap</filename> entry
should look like:</para>
<programlisting>lp|Russian local line printer:\
:sh:of=/usr/libexec/lpr/ru/koi2alt:\
:lp=/dev/lpt0:sd=/var/spool/output/lpd:lf=/var/log/lpd-errs:</programlisting>
<para>See &man.printcap.5; for a detailed description.</para>
</sect3>
<sect3>
<title>&ms-dos; FS and Russian Filenames</title>
<para>The following example &man.fstab.5; entry enables support
for Russian filenames in mounted &ms-dos; filesystems:</para>
<programlisting>/dev/ad0s2 /dos/c msdos rw,-Wkoi2dos,-Lru_RU.KOI8-R 0 0</programlisting>
<para>The option <option>-L</option> selects the locale name
used, and <option>-W</option> sets the character conversion
table. To use the <option>-W</option> option, be sure to
mount <filename>/usr</filename> before the &ms-dos; partition
because the conversion tables are located in
<filename>/usr/libdata/msdosfs</filename>. For more
information, see the &man.mount.msdos.8; manual
page.</para>
</sect3>
<sect3>
<title>X11 Setup</title>
<orderedlist>
<listitem>
<para>Do <link linkend="setting-locale">non-X locale
setup</link> first as described.</para>
</listitem>
<listitem>
<para>If you use <application>&xorg;</application>,
install
<package>x11-fonts/xorg-fonts-cyrillic</package>
package.</para>
<para>Check the <literal>"Files"</literal> section
in your <filename>/etc/X11/xorg.conf</filename> file.
The following
lines must be added <emphasis>before</emphasis> any other
<literal>FontPath</literal> entries:</para>
<programlisting>FontPath "/usr/X11R6/lib/X11/fonts/cyrillic/misc"
FontPath "/usr/X11R6/lib/X11/fonts/cyrillic/75dpi"
FontPath "/usr/X11R6/lib/X11/fonts/cyrillic/100dpi"</programlisting>
<para>If you use a high resolution video mode, swap the 75 dpi
and 100 dpi lines.</para>
</listitem>
<listitem>
<para>To activate a Russian keyboard, add the following to the
<literal>"Keyboard"</literal> section of your
<filename>xorg.conf</filename> file.</para>
<programlisting>Option "XkbLayout" "us,ru"
Option "XkbOptions" "grp:toggle"</programlisting>
<para>Also make sure that <literal>XkbDisable</literal> is
turned off (commented out) there.</para>
<para>For <literal>grp:caps_toggle</literal>
the RUS/LAT switch will be <keycap>CapsLock</keycap>.
The old <keycap>CapsLock</keycap> function is still
available via <keycombo action="simul"><keycap>Shift</keycap><keycap>CapsLock</keycap></keycombo> (in LAT mode
only). For <literal>grp:toggle</literal>
the RUS/LAT switch will be <keycap>Right Alt</keycap>.
<literal>grp:caps_toggle</literal> does not work in
<application>&xorg;</application> for unknown reason.</para>
<para>If you have <quote>&windows;</quote> keys on your keyboard,
and notice that some non-alphabetical keys are mapped
incorrectly in RUS mode, add the following line in your
<filename>xorg.conf</filename> file.</para>
<programlisting>Option "XkbVariant" ",winkeys"</programlisting>
<note>
<para>The Russian XKB keyboard may not work with non-localized
applications.</para>
</note>
</listitem>
</orderedlist>
<note>
<para>Minimally localized applications
should call a <function>XtSetLanguageProc (NULL, NULL,
NULL);</function> function early in the program.</para>
<para>See <link xlink:href="http://koi8.pp.ru/xwin.html">
KOI8-R for X Window</link> for more instructions on
localizing X11 applications.</para>
</note>
</sect3>
</sect2>
<sect2>
<title>Traditional Chinese Localization for Taiwan</title>
<indexterm>
<primary>localization</primary>
<secondary>Traditional Chinese</secondary>
</indexterm>
<para>The FreeBSD-Taiwan Project has an Chinese HOWTO for
FreeBSD at <uri xlink:href="http://netlab.cse.yzu.edu.tw/~statue/freebsd/zh-tut/">http://netlab.cse.yzu.edu.tw/~statue/freebsd/zh-tut/</uri>
using many Chinese ports.
Current editor for the <literal>FreeBSD Chinese HOWTO</literal> is
Shen Chuan-Hsing <email>statue@freebsd.sinica.edu.tw</email>.
</para>
<para>Chuan-Hsing Shen <email>statue@freebsd.sinica.edu.tw</email> has
created the <link xlink:href="http://netlab.cse.yzu.edu.tw/~statue/cfc/">
Chinese FreeBSD Collection (CFC)</link> using FreeBSD-Taiwan's
<literal>zh-L10N-tut</literal>. The packages and the script files
are available at <uri xlink:href="ftp://freebsd.csie.nctu.edu.tw/pub/taiwan/CFC/">ftp://freebsd.csie.nctu.edu.tw/pub/taiwan/CFC/</uri>.</para>
</sect2>
<sect2>
<title>German Language Localization (for All ISO 8859-1
Languages)</title>
<indexterm>
<primary>localization</primary>
<secondary>German</secondary>
</indexterm>
<para>Slaven Rezic <email>eserte@cs.tu-berlin.de</email> wrote a
tutorial how to use umlauts on a FreeBSD machine. The tutorial
is written in German and available at
<uri xlink:href="http://www.de.FreeBSD.org/de/umlaute/">http://www.de.FreeBSD.org/de/umlaute/</uri>.</para>
</sect2>
<sect2>
<title>Japanese and Korean Language Localization</title>
<indexterm>
<primary>localization</primary>
<secondary>Japanese</secondary>
</indexterm>
<indexterm>
<primary>localization</primary>
<secondary>Korean</secondary>
</indexterm>
<para>For Japanese, refer to
<uri xlink:href="http://www.jp.FreeBSD.org/">http://www.jp.FreeBSD.org/</uri>,
and for Korean, refer to
<uri xlink:href="http://www.kr.FreeBSD.org/">http://www.kr.FreeBSD.org/</uri>.</para>
</sect2>
<sect2>
<title>Non-English FreeBSD Documentation</title>
<para>Some FreeBSD contributors have translated parts of FreeBSD to
other languages. They are available through links on the <link xlink:href="&url.base;/index.html">main site</link> or in
<filename>/usr/share/doc</filename>.</para>
</sect2>
</sect1>
</chapter>

15
zh_TW.UTF-8/books/handbook/linuxemu/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= linuxemu/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1174
zh_TW.UTF-8/books/handbook/linuxemu/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/mac/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= mac/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

2274
zh_TW.UTF-8/books/handbook/mac/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/mail/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= mail/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

2227
zh_TW.UTF-8/books/handbook/mail/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/mirrors/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= mirrors/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

936
zh_TW.UTF-8/books/handbook/mirrors/chapter.xml
View file

@ -1,936 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
The FreeBSD Traditional Chinese Project
$FreeBSD$
Original revision: r46052
-->
<appendix xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="mirrors">
<title>取得 &os; 的方式</title>
<sect1 xml:id="mirrors-cdrom">
<title><acronym>CD</acronym>
<acronym>DVD</acronym> 合集</title>
<para>&os; <acronym>CD</acronym><acronym>DVD</acronym> 合集
可以從這些網路零售商取得:</para>
<itemizedlist>
<listitem>
<address>&os; Mall, Inc.
<street>2420 Sand Creek Rd C-1 #347</street>
<city>Brentwood</city>, <state>CA</state>
<postcode>94513</postcode>
<country>USA</country>
Phone: <phone>+1 925 240-6652</phone>
Fax: <fax>+1 925 674-0821</fax>
Email: <email>info@freebsdmall.com</email>
WWW: <otheraddr
xlink:href="http://www.freebsdmall.com/">http://www.freebsdmall.com/</otheraddr>
</address>
</listitem>
<listitem>
<address>Getlinux
<street>78 Rue de la Croix Rochopt</street>
<city>&Eacute;pinay-sous-S&eacute;nart</city>
<postcode>91860</postcode>
<country>France</country>
Email: <email>contact@getlinux.fr</email>
WWW: <otheraddr
xlink:href="http://www.getlinux.fr">http://www.getlinux.fr/</otheraddr>
</address>
</listitem>
<listitem>
<address>Dr. Hinner EDV
<street>Kochelseestr. 11</street>
<postcode>D-81371</postcode> <city>M&uuml;nchen</city>
<country>Germany</country>
Phone: <phone>(0177) 428 419 0</phone>
Email: <email>infow@hinner.de</email>
WWW: <otheraddr
xlink:href="http://www.hinner.de/linux/freebsd.html">http://www.hinner.de/linux/freebsd.html</otheraddr>
</address>
</listitem>
<!--
This site is just showing the Apache test page.
<listitem>
<address>
Linux Distro UK
<street>42 Wharfedale Road</street>
<city>Margate</city>
<postcode>CT9 2TB</postcode>
<country>United Kingdom</country>
WWW: <otheraddr
xlink:href="https://linux-distro.co.uk/">https://linux-distro.co.uk/</otheraddr>
</address>
</listitem>
This site doesn't have any products newer than 8.1 which is now EOL'd
<listitem>
<address>The Linux Emporium
<street>The Techno Centre, Puma Way</street>
<city>Parkside</city>
<postcode>CV1 2TT</postcode>
<country>United Kingdom</country>
Phone: <phone>+44 (0)247 615 8121</phone>
Fax: <fax>+44 1491 837016</fax>
WWW: <otheraddr
xlink:href="http://www.linuxemporium.co.uk/products/bsd/">http://www.linuxemporium.co.uk/products/bsd/</otheraddr>
</address>
</listitem>
-->
<listitem>
<address>Linux Center
<street>Galernaya Street, 55</street>
<city>Saint-Petersburg</city>
<postcode>190000</postcode>
<country>Russia</country>
Phone: <phone>+7-812-309-06-86</phone>
Email: <email>info@linuxcenter.ru</email>
WWW: <otheraddr
xlink:href="http://linuxcenter.ru/shop/freebsd">http://linuxcenter.ru/shop/freebsd</otheraddr>
</address>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="mirrors-ftp">
<title><acronym>FTP</acronym></title>
<para>The official sources for &os; are available via anonymous
<acronym>FTP</acronym> from a worldwide set of mirror sites.
The site <uri
xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/">ftp://ftp.FreeBSD.org/pub/FreeBSD/</uri>
is well connected and allows a large number of connections to
it, but you are probably better off finding a
<quote>closer</quote> mirror site (especially if you decide to
set up some sort of mirror site).</para>
<para>Additionally, &os; is available via anonymous
<acronym>FTP</acronym> from the following mirror sites. If you
choose to obtain &os; via anonymous <acronym>FTP</acronym>,
please try to use a site near you. The mirror sites listed as
<quote>Primary Mirror Sites</quote> typically have the entire
&os; archive (all the currently available versions for each of
the architectures) but you will probably have faster download
times from a site that is in your country or region. The
regional sites carry the most recent versions for the most
popular architecture(s) but might not carry the entire &os;
archive. All sites provide access via anonymous
<acronym>FTP</acronym> but some sites also provide access via
other methods. The access methods available for each site are
provided in parentheses after the hostname.</para>
&chap.mirrors.ftp.index.inc;
&chap.mirrors.lastmod.inc;
&chap.mirrors.ftp.inc;
</sect1>
<sect1 xml:id="ctm">
<title>Using CTM</title>
<indexterm>
<primary>CTM</primary>
</indexterm>
<para><application>CTM</application> is a method for keeping a
remote directory tree in sync with a central one. It is built
into &os; and can be used to synchronize a system with &os;'s
source repositories. It supports synchronization of an entire
repository or just a specified set of branches.</para>
<para><application>CTM</application> is specifically designed for
use on lousy or non-existent TCP/IP connections and provides
the ability for changes to be automatically sent by email. It
requires the user to obtain up to three deltas per day for the
most active branches. Update sizes are always kept as small as
possible and are typically less than 5K. About one in very ten
updates is 10-50K in size, and there will occasionally be an
update larger than 100K+.</para>
<para>When using <application>CTM</application> to track &os;
development, refer to the caveats related to working directly
from the development sources rather than a pre-packaged release.
These are discussed in <link linkend="current-stable">Tracking
a Development Branch</link>.</para>
<para>Little documentation exists on the process of creating
deltas or using <application>CTM</application> for other
purposes. Contact the &a.ctm-users.name; mailing list for
answers to questions on using
<application>CTM</application>.</para>
<sect2 xml:id="mirrors-ctm">
<title>Getting Deltas</title>
<para>The <quote>deltas</quote> used by
<application>CTM</application> can be obtained either through
anonymous <acronym>FTP</acronym> or email.</para>
<para><acronym>FTP</acronym> deltas can be obtained from the
following mirror sites. When using anonymous
<acronym>FTP</acronym> to obtain
<application>CTM</application> deltas, select a mirror that is
geographically nearby. In case of problems, contact the
&a.ctm-users.name; mailing list.</para>
<variablelist>
<varlistentry>
<term>California, Bay Area, official source</term>
<listitem>
<itemizedlist>
<listitem>
<para><uri
xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/development/CTM/">ftp://ftp.FreeBSD.org/pub/FreeBSD/development/CTM/</uri></para>
</listitem>
<listitem>
<para><uri
xlink:href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CTM/">ftp://ftp.FreeBSD.org/pub/FreeBSD/CTM/</uri></para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>South Africa, backup server for old deltas</term>
<listitem>
<itemizedlist>
<listitem>
<para><uri
xlink:href="ftp://ftp.za.FreeBSD.org/pub/FreeBSD/CTM/">ftp://ftp.za.FreeBSD.org/pub/FreeBSD/CTM/</uri></para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>Taiwan/R.O.C.</term>
<listitem>
<itemizedlist>
<listitem>
<para><uri
xlink:href="ftp://ctm.tw.FreeBSD.org/pub/FreeBSD/development/CTM/">ftp://ctm.tw.FreeBSD.org/pub/FreeBSD/development/CTM/</uri></para>
</listitem>
<listitem>
<para><uri
xlink:href="ftp://ctm2.tw.FreeBSD.org/pub/FreeBSD/development/CTM/">ftp://ctm2.tw.FreeBSD.org/pub/FreeBSD/development/CTM/</uri></para>
</listitem>
<listitem>
<para><uri
xlink:href="ftp://ctm3.tw.FreeBSD.org/pub/FreeBSD/development/CTM/">ftp://ctm3.tw.FreeBSD.org/pub/FreeBSD/development/CTM/</uri></para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
</variablelist>
<para>To instead receive deltas through email, subscribe to one
of the <literal>ctm-src</literal> distribution lists available
from <uri
xlink:href="http://lists.freebsd.org/mailman/listinfo">http://lists.freebsd.org/mailman/listinfo</uri>.
For example, &a.ctm-src-cur.name; supports the head
development branch and &a.ctm-src-9.name; supports the 9.X
release branch.</para>
<para>As <application>CTM</application> updates arrive through
email, use <command>ctm_rmail</command> to unpack and apply
them. This command can be run directly from an entry in
<filename>/etc/aliases</filename> in order to automate this
process. Refer to &man.ctm.rmail.1; for more details.</para>
<note>
<para>Regardless of the method which is used to get deltas,
<application>CTM</application> users should subscribe
to the &a.ctm-announce.name; mailing list as this is the
only mechanism by which <application>CTM</application>
announcements are posted.</para>
</note>
</sect2>
<sect2>
<title><application>CTM</application> Usage</title>
<para>Before <application>CTM</application> deltas can be used
for the first time, a starting point must be produced.</para>
<para>One method is to apply a <quote>starter</quote> delta to
an empty directory. A starter delta can be recognized by the
<filename>XEmpty</filename> in its name, such as
<filename>src-cur.3210XEmpty.gz</filename>. The designation
following the <literal>X</literal> corresponds to the origin
of the initial <quote>seed</quote>, where
<filename>Empty</filename> is an empty directory. As a rule,
a base transition from <literal>Empty</literal> is produced
every 100 deltas. Be aware that starter deltas are large and
70 to 80 Megabytes of <command>gzip</command>'d data is common
for the <filename>XEmpty</filename> deltas.</para>
<para>Another method is to copy or extract an initial source
from a RELEASE media as this can save a significant transfer
of data from the Internet.</para>
<para>Once a base delta has been created, apply all deltas with
higher numbers. To apply the deltas:</para>
<screen>&prompt.root; <userinput>cd /directory/to/store/the/stuff</userinput>
&prompt.root; <userinput>ctm -v -v /directory/which/stores/the/deltas/src-xxx.*</userinput></screen>
<para>Multiple deltas can be applied with a single command as
they will be processed one at a time and any deltas that are
already applied will be ignored.
<application>CTM</application> understands
<command>gzip</command> compressed deltas, which saves disk
space.</para>
<para>To verify a delta without applying it, include
<option>-c</option> in the command line.
<application>CTM</application> will not actually modify the
local tree but will instead verify the integrity of the delta
to see if it would apply cleanly. Refer to &man.ctm.1; for
more information about available options and an overview of
the process <application>CTM</application> uses when applying
deltas.</para>
<para>To keep the local source tree up-to-date, every time a
new delta becomes available, apply it through
<application>CTM</application>.</para>
<para>Once applied, it is recommended to not delete the deltas
if it is a burden to download them again. This way, a local
copy is available in case it is needed for future disaster
recovery.</para>
</sect2>
<sect2>
<title>Keeping Local Changes</title>
<para>Developers often experiment with and
change files in their local source tree.
<application>CTM</application> supports local modifications in
a limited way: before checking for the presence of a file,
it first looks for a file with the same name and a
<filename>.ctm</filename> extension. If this file exists,
<application>CTM</application> will operate on it instead of
the original filename.</para>
<para>This behavior provides a simple way to maintain local
changes. Before modifying a file, make a copy with a
<filename>.ctm</filename> suffix. Make any changes to the
original filename, knowing that
<application>CTM</application> will only apply updates to the
file with the <filename>.ctm</filename> suffix.</para>
</sect2>
<sect2>
<title>Other <application>CTM</application> Options</title>
<variablelist>
<varlistentry>
<term>Finding Out Exactly What Would Be Touched by an
Update</term>
<listitem>
<para>To determine the list of changes that
<application>CTM</application> will make to the local
source repository, use <option>-l</option>. This option
is useful for creating logs of the changes or when
performing pre- or post-processing on any of the
modified files.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Making Backups Before Updating</term>
<listitem>
<para>To backup all of the files that would be changed by
a <application>CTM</application> update, specify
<option>-B
<replaceable>backup-file</replaceable></option>. This
option tells <application>CTM</application> to backup
all files touched by the applied
<application>CTM</application> delta to
<filename>backup-file</filename>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Restricting the Files Touched by an Update</term>
<listitem>
<para>To restrict the scope of a given
<application>CTM</application> update, or to extract
just a few files from a sequence of deltas, filtering
regular expressions can be specified using
<option>-e</option>, which specifies which files to
process, or <option>-x</option>, which specifies which
files to ignore.</para>
<para>For example, to extract an up-to-date copy of
<filename>lib/libc/Makefile</filename> from a collection
of saved <application>CTM</application> deltas:</para>
<screen>&prompt.root; <userinput>cd /directory/to/extract/to/</userinput>
&prompt.root; <userinput>ctm -e '^lib/libc/Makefile' /directory/which/stores/the/deltas/src-xxx.*</userinput></screen>
<para>For every file specified in a
<application>CTM</application> delta,
<option>-e</option> and <option>-x</option> are
applied in the order given on the command line. A file
is processed by <application>CTM</application> only if
it is marked as eligible after all <option>-e</option>
and <option>-x</option> options are applied.</para>
</listitem>
</varlistentry>
</variablelist>
</sect2>
<!--
Comment out for now until these can be verified.
<sect2>
<title>Future Plans for <application>CTM</application></title>
<para>Tons of them:</para>
<itemizedlist>
<listitem>
<para>Use some kind of authentication into the
<application>CTM</application> system, so as to allow
detection of spoofed <application>CTM</application>
updates.</para>
</listitem>
<listitem>
<para>Clean up the options to
<application>CTM</application>, they became confusing and
counter intuitive.</para>
</listitem>
</itemizedlist>
<para>There is a sequence of deltas for the
<literal>ports</literal> collection too, but interest has not
been all that high yet.</para>
</sect2>
-->
</sect1>
<sect1 xml:id="svn">
<title>Using <application>Subversion</application></title>
<indexterm>
<primary>Subversion</primary>
</indexterm>
<sect2 xml:id="svn-intro">
<title>Introduction</title>
<para>As of July 2012, &os; uses
<application>Subversion</application> as the primary version
control system for storing all of &os;'s source code,
documentation, and the Ports Collection.</para>
<note>
<para><application>Subversion</application> is generally a
developer tool. Most users should use
<command>freebsd-update</command> (<xref
linkend="updating-upgrading-freebsdupdate"/>) to update
the &os; base system, and <command>portsnap</command> (<xref
linkend="ports-using"/>) to update the &os; Ports
Collection.</para>
</note>
<para>This chapter demonstrates how to install
<application>Subversion</application> on a &os; system and
then use it to create a local copy of a &os; repository. It
includes a list of the available &os;
<application>Subversion</application> mirrors and resources to
additional information on how to use
<application>Subversion</application>.</para>
</sect2>
<sect2 xml:id="svn-install">
<title>Installation</title>
<para><application>Subversion</application> must be installed
before it can be used to check out the contents of any of the
repositories. If a copy of the ports tree is already present,
one can install <application>Subversion</application> like
this:</para>
<screen>&prompt.root; <userinput>cd /usr/ports/devel/subversion</userinput>
&prompt.root; <userinput>make install clean</userinput></screen>
<para>If the ports tree is not available,
<application>Subversion</application> can be installed as a
package:</para>
<screen>&prompt.root; <userinput>pkg install devel/subversion</userinput></screen>
</sect2>
<sect2 xml:id="svn-usage">
<title>Running <application>Subversion</application></title>
<para>The <command>svn</command> command is used to fetch a
clean copy of the sources into a local directory. The files
in this directory are called a <emphasis>local working
copy</emphasis>.</para>
<warning>
<para><emphasis>Move or delete the local directory before
using <command>checkout</command>.</emphasis></para>
<para>Checkout over an existing
non-<command>svn</command> directory can cause conflicts
between the existing files and those brought in from the
repository.</para>
</warning>
<para><application>Subversion</application> uses
<acronym>URL</acronym>s to designate a repository, taking the
form of <replaceable>protocol://hostname/path</replaceable>.
Mirrors may support different protocols as specified below.
The first component of the path is the &os; repository to
access. There are three different repositories,
<literal>base</literal> for the &os; base system source code,
<literal>ports</literal> for the Ports Collection, and
<literal>doc</literal> for documentation. For example, the
URL
<literal>svn://svn0.us-east.FreeBSD.org/ports/head/</literal>
specifies the main branch of the ports repository on the
<systemitem
class="fqdomainname">svn0.us-east.FreeBSD.org</systemitem>
mirror, using the <literal>svn</literal> protocol.</para>
<para>A checkout from a given repository is performed with a
command like this:</para>
<screen>&prompt.root; <userinput>svn checkout <replaceable>svn-mirror</replaceable>/<replaceable>repository</replaceable>/<replaceable>branch</replaceable> <replaceable>lwcdir</replaceable></userinput></screen>
<para>where:</para>
<itemizedlist>
<listitem>
<para><replaceable>svn-mirror</replaceable> is a URL for one
of the <link linkend="svn-mirrors">Subversion mirror
sites</link>.</para>
</listitem>
<listitem>
<para><replaceable>repository</replaceable> is one of the
Project repositories, i.e., <literal>base</literal>,
<literal>ports</literal>, or
<literal>doc</literal>.</para>
</listitem>
<listitem>
<para><replaceable>branch</replaceable> depends on the
repository used. <literal>ports</literal> and
<literal>doc</literal> are mostly updated in the
<literal>head</literal> branch, while
<literal>base</literal> maintains the latest version of
-CURRENT under <literal>head</literal> and the respective
latest versions of the -STABLE branches under
<literal>stable/8</literal> (for
8.<replaceable>x</replaceable>),
<literal>stable/9</literal>
(9.<replaceable>x</replaceable>) and
<literal>stable/10</literal>
(10.<replaceable>x</replaceable>).</para>
</listitem>
<listitem>
<para><replaceable>lwcdir</replaceable> is the target
directory where the contents of the specified branch
should be placed. This is usually
<filename>/usr/ports</filename> for
<literal>ports</literal>,
<filename>/usr/src</filename> for
<literal>base</literal>, and
<filename>/usr/doc</filename> for
<literal>doc</literal>.</para>
</listitem>
</itemizedlist>
<para>This example checks out the Ports Collection from the
western US repository using the <acronym>HTTPS</acronym>
protocol, placing the local working copy in
<filename>/usr/ports</filename>. If
<filename>/usr/ports</filename> is already
present but was not created by <command>svn</command>,
remember to rename or delete it before the checkout.</para>
<screen>&prompt.root; <userinput>svn checkout <replaceable>https://svn0.us-west.FreeBSD.org</replaceable>/ports/head /usr/ports</userinput></screen>
<para>Because the initial checkout has to download the full
branch of the remote repository, it can take a while. Please
be patient.</para>
<para>After the initial checkout, the local working copy can be
updated by running:</para>
<screen>&prompt.root; <userinput>svn update <replaceable>lwcdir</replaceable></userinput></screen>
<para>To update
<filename>/usr/ports</filename> created in
the example above, use:</para>
<screen>&prompt.root; <userinput>svn update /usr/ports</userinput></screen>
<para>The update is much quicker than a checkout, only
transferring files that have changed.</para>
<para>An alternate way of updating the local working copy after
checkout is provided by the <filename>Makefile</filename> in
the <filename>/usr/ports</filename>,
<filename>/usr/src</filename>, and
<filename>/usr/doc</filename> directories.
Set <varname>SVN_UPDATE</varname> and use the
<buildtarget>update</buildtarget> target. For example, to
update <filename>/usr/src</filename>:</para>
<screen>&prompt.root; <userinput>cd /usr/src</userinput>
&prompt.root; <userinput>make update SVN_UPDATE=yes</userinput></screen>
</sect2>
<sect2 xml:id="svn-mirrors">
<title><application>Subversion</application> Mirror
Sites</title>
<indexterm>
<primary>Subversion Repository</primary>
<secondary>Mirror Sites</secondary>
</indexterm>
<para>All mirrors carry all repositories.</para>
<para>The master &os; <application>Subversion</application>
server, <systemitem
class="fqdomainname">svn.FreeBSD.org</systemitem>, is
publicly accessible, read-only. That may change in the
future, so users are encouraged to use one of the official
mirrors. To view the &os;
<application>Subversion</application> repositories through a
browser, use <link
xlink:href="http://svnweb.FreeBSD.org/">http://svnweb.FreeBSD.org/</link>.</para>
<note>
<para>The &os; <application>Subversion</application> mirror
network is still in its early days, and will likely change.
Do not count on this list of mirrors being static. In
particular, the <acronym>SSL</acronym> certificates of the
servers will likely change at some point.</para>
</note>
<informaltable>
<tgroup cols="4">
<colspec colwidth="3*"/>
<colspec colwidth="1*"/>
<colspec colwidth="2*"/>
<colspec colwidth="10*"/>
<thead>
<row>
<entry>Name</entry>
<entry>Protocols</entry>
<entry>Location</entry>
<entry><acronym>SSL</acronym> Fingerprint</entry>
</row>
</thead>
<tbody>
<row>
<entry><systemitem
class="fqdomainname">svn0.us-west.FreeBSD.org</systemitem></entry>
<entry><literal>svn</literal>, <link
xlink:href="http://svn0.us-west.FreeBSD.org/"><literal>http</literal></link>,
<link
xlink:href="https://svn0.us-west.FreeBSD.org/"><literal>https</literal></link></entry>
<entry>USA, California</entry>
<entry>SHA1
<literal>1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61</literal></entry>
</row>
<row>
<entry><systemitem
class="fqdomainname">svn0.us-east.FreeBSD.org</systemitem></entry>
<entry><literal>svn</literal>, <link
xlink:href="http://svn0.us-east.FreeBSD.org/"><literal>http</literal></link>,
<link
xlink:href="https://svn0.us-east.FreeBSD.org/"><literal>https</literal></link>,
<literal>rsync</literal></entry>
<entry>USA, New Jersey</entry>
<entry>SHA1
<literal>1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61</literal></entry>
</row>
<row>
<entry><systemitem
class="fqdomainname">svn0.eu.FreeBSD.org</systemitem></entry>
<entry><literal>svn</literal>, <link
xlink:href="http://svn0.eu.FreeBSD.org/"><literal>http</literal></link>,
<link
xlink:href="https://svn0.eu.FreeBSD.org/"><literal>https</literal></link>,
<literal>rsync</literal></entry>
<entry>Europe, UK</entry>
<entry>SHA1
<literal>39:B0:53:35:CE:60:C7:BB:00:54:96:96:71:10:94:BB:CE:1C:07:A7</literal></entry>
</row>
<row>
<entry><systemitem
class="fqdomainname">svn0.ru.FreeBSD.org</systemitem></entry>
<entry><literal>svn</literal>, <link
xlink:href="http://svn0.ru.FreeBSD.org/"><literal>http</literal></link>,
<link
xlink:href="https://svn0.ru.FreeBSD.org/"><literal>https</literal></link>,
<literal>rsync</literal></entry>
<entry>Russia, Moscow</entry>
<entry>SHA1
<literal>F6:44:AA:B9:03:89:0E:3E:8C:4D:4D:14:F0:27:E6:C7:C1:8B:17:C5</literal></entry>
</row>
</tbody>
</tgroup>
</informaltable>
<para><acronym>HTTPS</acronym> is the preferred protocol,
providing protection against another computer pretending to be
the &os; mirror (commonly known as a <quote>man in the
middle</quote> attack) or otherwise trying to send bad
content to the end user.</para>
<para xml:id="svn-mirrors-fingerprint">On the first connection
to an <acronym>HTTPS</acronym> mirror, the user will be asked
to verify the server <emphasis>fingerprint</emphasis>:</para>
<screen>Error validating server certificate for 'https://svn0.us-west.freebsd.org:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
- The certificate hostname does not match.
Certificate information:
- Hostname: svnmir.ysv.FreeBSD.org
- Valid: from Jul 29 22:01:21 2013 GMT until Dec 13 22:01:21 2040 GMT
- Issuer: clusteradm, FreeBSD.org, (null), CA, US (clusteradm@FreeBSD.org)
- Fingerprint: 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61
(R)eject, accept (t)emporarily or accept (p)ermanently?</screen>
<para>Compare the fingerprint shown to those listed in the table
above. If the fingerprint matches, the server security
certificate can be accepted temporarily or permanently. A
temporary certificate will expire after a single session with
the server, and the verification step will be repeated on the
next connection. Accepting the certificate permanently will
store the authentication credentials in
<filename>~/.subversion/auth/</filename> and the user will not
be asked to verify the fingerprint again until the certificate
expires.</para>
<para>If <literal>https</literal> cannot be used due to firewall
or other problems, <literal>svn</literal> is the next choice,
with slightly faster transfers. When neither can be used, use
<literal>http</literal>.</para>
</sect2>
<sect2>
<title>For More Information</title>
<para>For other information about using
<application>Subversion</application>, please see the
<quote>Subversion Book</quote>, titled
<link xlink:href="http://svnbook.red-bean.com/">Version
Control with Subversion</link>, or the <link
xlink:href="http://subversion.apache.org/docs/">Subversion
Documentation</link>.</para>
</sect2>
</sect1>
<sect1 xml:id="mirrors-rsync">
<title>Using <application>rsync</application></title>
<para>The following sites make &os; available through the rsync
protocol. The <application>rsync</application> utility works in
much the same way as the &man.rcp.1; command, but has more
options and uses the rsync remote-update protocol which
transfers only the differences between two sets of files, thus
greatly speeding up the synchronization over the network. This
is most useful if you are a mirror site for the &os;
<acronym>FTP</acronym> server, or the CVS repository. The
<application>rsync</application> suite is available for many
operating systems, on &os;, see the <package>net/rsync</package>
port or use the package.</para>
<variablelist>
<varlistentry>
<term>Czech Republic</term>
<listitem>
<para>rsync://ftp.cz.FreeBSD.org/</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>ftp: A partial mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
<listitem>
<para>&os;: A full mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>Netherlands</term>
<listitem>
<para>rsync://ftp.nl.FreeBSD.org/</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>&os;: A full mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>Russia</term>
<listitem>
<para>rsync://ftp.mtu.ru/</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>&os;: A full mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
<listitem>
<para>&os;-Archive: The mirror of &os; Archive
<acronym>FTP</acronym> server.</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>Sweden</term>
<listitem>
<para>rsync://ftp4.se.freebsd.org/</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>&os;: A full mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>Taiwan</term>
<listitem>
<para>rsync://ftp.tw.FreeBSD.org/</para>
<para>rsync://ftp2.tw.FreeBSD.org/</para>
<para>rsync://ftp6.tw.FreeBSD.org/</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>&os;: A full mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>United Kingdom</term>
<listitem>
<para>rsync://rsync.mirrorservice.org/</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>ftp.freebsd.org: A full mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
<varlistentry>
<term>United States of America</term>
<listitem>
<para>rsync://ftp-master.FreeBSD.org/</para>
<para>This server may only be used by &os; primary mirror
sites.</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>&os;: The master archive of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
<listitem>
<para>acl: The &os; master ACL list.</para>
</listitem>
</itemizedlist>
<para>rsync://ftp13.FreeBSD.org/</para>
<para>Available collections:</para>
<itemizedlist>
<listitem>
<para>&os;: A full mirror of the &os;
<acronym>FTP</acronym> server.</para>
</listitem>
</itemizedlist>
</listitem>
</varlistentry>
</variablelist>
</sect1>
</appendix>

15
zh_TW.UTF-8/books/handbook/multimedia/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= multimedia/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1741
zh_TW.UTF-8/books/handbook/multimedia/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/network-servers/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= network-servers/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

5790
zh_TW.UTF-8/books/handbook/network-servers/chapter.xml
View file

File diff suppressed because it is too large Load diff

18
zh_TW.UTF-8/books/handbook/pgpkeys/Makefile
View file

@ -1,18 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
# $FreeBSD$
#
CHAPTERS= pgpkeys/chapter.xml
PGPKEYS!= perl -ne 'm/\"([\w-]+.key)\"/ && print "$$1\n"' \
${DOC_PREFIX}/share/pgpkeys/pgpkeys.ent
SRCS+= ${PGPKEYS}
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

41
zh_TW.UTF-8/books/handbook/pgpkeys/chapter.xml
View file

@ -1,41 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.285
-->
<!--
Do not edit this file except as instructed by the addkey.sh script.
See the README file in doc/share/pgpkeys for instructions.
-->
<appendix xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="pgpkeys">
<title>PGP Keys</title>
<indexterm><primary>pgp keys</primary></indexterm>
<para>In case you need to verify a signature or send encrypted email
to one of the officers or developers a number of keys are provided
here for your convenience. A complete keyring of <systemitem class="fqdomainname">FreeBSD.org</systemitem>
users is available for download from <link xlink:href="&url.base;/doc/pgpkeyring.txt">http://www.FreeBSD.org/doc/pgpkeyring.txt</link>.</para>
<sect1 xml:id="pgpkeys-officers">
<title>Officers</title>
&section.pgpkeys-officers;
</sect1>
<sect1 xml:id="pgpkeys-core">
<title>Core Team Members</title>
&section.pgpkeys-core;
</sect1>
<sect1 xml:id="pgpkeys-developers">
<title>Developers</title>
&section.pgpkeys-developers;
</sect1>
</appendix>

15
zh_TW.UTF-8/books/handbook/ports/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= ports/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1588
zh_TW.UTF-8/books/handbook/ports/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/ppp-and-slip/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= ppp-and-slip/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

3116
zh_TW.UTF-8/books/handbook/ppp-and-slip/chapter.xml
View file

File diff suppressed because it is too large Load diff

548
zh_TW.UTF-8/books/handbook/preface/preface.xml
View file

@ -1,548 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
$FreeBSD$
Original revision: r46055
-->
<preface xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="book-preface">
<title></title>
<bridgehead xml:id="preface-audience" renderas="sect1">給讀者的話</bridgehead>
<para>若您是第一次接觸 FreeBSD 的新手,可以在本書第一部分找到 FreeBSD 的安裝方法,同時會逐步介紹 &unix;
的基礎概念與一些常用、共通的東西。而閱讀這部分並不難,只需要您有探索的精神和接受新概念。</para>
<para>讀完這些之後,手冊中的第二部分花很長篇幅介紹的各種廣泛主題,相當值得系統管理者去注意。
在閱讀這些章節的內容時所需要的背景知識,都註釋在該章的大綱裡面,若不熟的話,可在閱讀前先預習一番。</para>
<para>延伸閱讀方面,可參閱 <xref linkend="bibliography"/></para>
<bridgehead xml:id="preface-changes-from2" renderas="sect1">第三版的主要修訂</bridgehead>
<para>您目前看到的這本手冊第三版是 FreeBSD 文件計劃的成員歷時兩年完成的心血之作。
新版的主要修訂部分,如下:</para>
<itemizedlist>
<listitem>
<para><xref linkend="config-tuning"/>, 設定與效能調校(Tuning),該章節針對新內容作更新,比如:
ACPI 電源管理、cron、以及其他更多的 kernel tuning 選項說明內容。</para>
</listitem>
<listitem>
<para><xref linkend="security"/>, 系統安全篇,該章節增加了虛擬私人網路(VPN)、檔案系統的存取控制(ACL),以及安全公告(Security
Advisories)的內容。</para>
</listitem>
<listitem>
<para><xref linkend="mac"/>, 集權式存取控制(MAC)是本版所增加的章節。本章介紹:什麼是 MAC 機制?以及如何運用它來使您的 FreeBSD 系統更安全。</para>
</listitem>
<listitem>
<para><xref linkend="disks"/>, 儲存設備篇新增了像是USB 隨身碟、檔案系統快照(snapshot)、檔案系統配額(quota)
、檔案及網路的備援檔案系統、以及如何對硬碟分割區作加密等詳解。</para>
</listitem>
<listitem>
<para><xref linkend="ppp-and-slip"/>PPP 及 SLIP 一章中增加了故障排除的說明。</para>
</listitem>
<listitem>
<para><xref linkend="mail"/>電子郵件一章中新增有關如何使用其它的 MTA 程式、SMTP 認証、UUCP、fecthmail、procmail 的運用以及其它進階專題。</para>
</listitem>
<listitem>
<para><xref linkend="network-servers"/>, 網路伺服器篇,是新版中全新的一章。這一章介紹了如何架設 Apache HTTP 伺服器、FTPd以及用於支援
Microsoft Windows client 的 Samba 伺服器。其中有些段落來自原先的<xref linkend="advanced-networking"/>進階網路應用一章。</para>
</listitem>
<listitem>
<para><xref linkend="advanced-networking"/>進階網路應用一章新增有關在 FreeBSD 中使用藍芽設備、安裝無線網路以及使用 ATM(Asynchronous Transfer Mode)
網路的介紹。</para>
</listitem>
<listitem>
<para>增加了一份詞彙表(Glossary),用以說明全書中出現的術語。</para>
</listitem>
<listitem>
<para>重新美編書中所列的圖表。</para>
</listitem>
</itemizedlist>
<bridgehead xml:id="preface-changes" renderas="sect1">第二版的主要修訂</bridgehead>
<para>本手冊的第二版是 FreeBSD 文件計劃的成員歷時兩年完成的心血之作。第二版包含了如下的主要變動︰</para>
<!-- Talk a little about justification and other stylesheet changes? -->
<itemizedlist>
<listitem>
<para>增加完整的目錄索引。</para>
</listitem>
<listitem>
<para>所有的 ASCII 圖表均改成圖檔格式的圖表。</para>
</listitem>
<listitem>
<para>每個章節均加入概述,以便快速的瀏覽該章節內容摘要、讀者所欲了解的部分。</para>
</listitem>
<listitem>
<para>內容架構重新組織成三大部分: <quote>開始使用 FreeBSD</quote>, <quote>系統管理</quote>, and
<quote>附錄</quote></para>
</listitem>
<listitem>
<para><xref linkend="basics"/>(<quote>&unix; 基礎概念篇</quote>)新增了 processes, daemons
和 signals 的介紹。</para>
</listitem>
<listitem>
<para><xref linkend="ports"/> (<quote>軟體套件管理篇</quote>)新增了介紹如何管理 binary package 套件的資訊。</para>
</listitem>
<listitem>
<para><xref linkend="x11"/> (<quote>X Window 視窗系統篇</quote>) 經過全面改寫,著重於在 &xfree86; 4.X 上的流行 x11-wm像是
<application>KDE</application><application>GNOME</application></para>
</listitem>
<listitem>
<para><xref linkend="boot"/> (<quote>FreeBSD 開機流程篇</quote>)更新相關內容。</para>
</listitem>
<listitem>
<para><xref linkend="disks"/> (<quote>儲存設備篇(Storage)</quote>) 分別以兩個章節 <quote>Disks</quote>
<quote>Backups</quote> 來撰寫。我們認為這樣子會比單一章節來得容易瞭解。還有關於 RAID(包含硬體、軟體RAID) 的段落也新增上去了。</para>
</listitem>
<listitem>
<para><xref linkend="serialcomms"/>(<quote>Serial 通訊篇</quote>)架構重新改寫,並更新至 FreeBSD 4.X/5.X 的內容。</para>
</listitem>
<listitem>
<para><xref linkend="ppp-and-slip"/> (<quote>PPP 及 SLIP</quote>)有相當程度的更新。</para>
</listitem>
<listitem>
<para><xref linkend="advanced-networking"/>(<quote>進階網路應用篇</quote>)加入許多新內容。</para>
</listitem>
<listitem>
<para><xref linkend="mail"/> (<quote>電子郵件篇</quote>)大量新增了設定 <application>sendmail</application> 的介紹。</para>
</listitem>
<listitem>
<para><xref linkend="linuxemu"/> (<quote>&linux; 相容篇</quote>) 增加許多有關安裝
<application>&oracle;</application>
<application>&sap.r3;</application> 的介紹。</para>
</listitem>
<listitem>
<para>此外,第二版還新加章節,以介紹下列專題:</para>
<itemizedlist>
<listitem>
<para><xref linkend="config-tuning"/>, 設定與效能調校(Tuning)。</para>
</listitem>
<listitem>
<para><xref linkend="multimedia"/>, 多媒體影音娛樂(Multimedia)。</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
<bridgehead xml:id="preface-overview" renderas="sect1">本書架構</bridgehead>
<para>本書主要分為五大部分,第一部份『開始使用』:介紹 FreeBSD 的安裝、基本操作。
讀者可根據自己的程度,循序或者跳過一些熟悉的主題來閱讀;
第二部分『常用操作』:介紹 FreeBSD 常用功能,這部分可以不按順序來讀。
每章前面都會有概述,概述會描述本章節涵蓋的內容和讀者應該已知的,
這主要是讓讀者可以挑喜歡的章節閱讀;
第三部分『系統管理』:介紹 FreeBSD 老手所感興趣的各種專題部分;
第四部分『網路通訊』:則包括網路和各式 Server 專題;而第五部分『附錄』:是各種有關 FreeBSD 的資源。</para>
<variablelist>
<!-- Part I - Introduction -->
<varlistentry>
<term><emphasis><xref linkend="introduction"/>, 簡介篇</emphasis></term>
<listitem>
<para>向新手介紹 FreeBSD。該篇說明了 FreeBSD 計劃的歷史、目標和開發模式。</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="basics"/>, &unix; 基礎概念篇</emphasis></term>
<listitem>
<para>Covers the basic commands and functionality of the
FreeBSD operating system. If you are familiar with &linux; or
another flavor of &unix; then you can probably skip this
chapter.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="ports"/>, 軟體套件管理篇</emphasis></term>
<listitem>
<para>Covers the installation of third-party software with
both FreeBSD's innovative <quote>Ports Collection</quote> and standard
binary packages.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="x11"/>, X Window 視窗系統篇</emphasis></term>
<listitem>
<para>Describes the X Window System in general and using
X11 on FreeBSD in particular. Also describes common
desktop environments such as <application>KDE</application> and <application>GNOME</application>.</para>
</listitem>
</varlistentry>
<!-- Part II Common Tasks -->
<varlistentry>
<term><emphasis><xref linkend="desktop"/>, Desktop Applications</emphasis></term>
<listitem>
<para>Lists some common desktop applications, such as web browsers
and productivity suites, and describes how to install them on
FreeBSD.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="multimedia"/>, Multimedia</emphasis></term>
<listitem>
<para>Shows how to set up sound and video playback support for your
system. Also describes some sample audio and video applications.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="kernelconfig"/>, Configuring the FreeBSD
Kernel</emphasis></term>
<listitem>
<para>Explains why you might need to configure a new kernel
and provides detailed instructions for configuring, building,
and installing a custom kernel.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="printing"/>, 列印篇</emphasis></term>
<listitem>
<para>Describes managing printers on FreeBSD, including
information about banner pages, printer accounting, and
initial setup.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="linuxemu"/>, &linux; Binary Compatibility</emphasis></term>
<listitem>
<para>Describes the &linux; compatibility features of FreeBSD.
Also provides detailed installation instructions for many
popular &linux; applications such as <application>&oracle;</application>, <application>&sap.r3;</application>, and
<application>&mathematica;</application>.</para>
</listitem>
</varlistentry>
<!-- Part III - System Administration -->
<varlistentry>
<term><emphasis><xref
linkend="config-tuning"/></emphasis></term>
<listitem>
<para>Describes the parameters available for system
administrators to tune a &os; system for optimum
performance. Also describes the various configuration files
used in &os; and where to find them.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="boot"/></emphasis></term>
<listitem>
<para>Describes the &os; boot process and explains how to
control this process with configuration options.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="security"/></emphasis></term>
<listitem>
<para>Describes many different tools available to help keep
your &os; system secure, including Kerberos, IPsec and
OpenSSH.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="jails"/></emphasis></term>
<listitem>
<para>Describes the jails framework, and the improvements of
jails over the traditional chroot support of &os;.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="mac"/></emphasis></term>
<listitem>
<para>Explains what Mandatory Access Control (MAC) is and
how this mechanism can be used to secure a &os;
system.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="audit"/></emphasis></term>
<listitem>
<para>Describes what &os; Event Auditing is, how it can be
installed, configured, and how audit trails can be inspected
or monitored.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="disks"/></emphasis></term>
<listitem>
<para>Describes how to manage storage media and filesystems
with &os;. This includes physical disks, RAID arrays,
optical and tape media, memory-backed disks, and network
filesystems.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="geom"/></emphasis></term>
<listitem>
<para>Describes what the GEOM framework in &os; is and how
to configure various supported RAID levels.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="filesystems"/></emphasis></term>
<listitem>
<para>Examines support of non-native file systems in &os;,
like the Z File System from &sun;.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref
linkend="virtualization"/></emphasis></term>
<listitem>
<para>Describes what virtualization systems offer, and how
they can be used with &os;.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="l10n"/></emphasis></term>
<listitem>
<para>Describes how to use &os; in languages other than
English. Covers both system and application level
localization.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref
linkend="updating-upgrading"/></emphasis></term>
<listitem>
<para>Explains the differences between &os;-STABLE,
&os;-CURRENT, and &os; releases. Describes which users
would benefit from tracking a development system and
outlines that process. Covers the methods users may take
to update their system to the latest security
release.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="dtrace"/></emphasis></term>
<listitem>
<para>Describes how to configure and use the &dtrace; tool
from &sun; in &os;. Dynamic tracing can help locate
performance issues, by performing real time system
analysis.</para>
</listitem>
</varlistentry>
<!-- Part IV - Network Communications -->
<varlistentry>
<term><emphasis><xref linkend="serialcomms"/>, Serial Communications</emphasis></term>
<listitem>
<para>Explains how to connect terminals and modems to your
FreeBSD system for both dial in and dial out connections.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="ppp-and-slip"/>, PPP and SLIP</emphasis></term>
<listitem>
<para>Describes how to use PPP, SLIP, or PPP over Ethernet to
connect to remote systems with FreeBSD.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="mail"/>, Electronic Mail</emphasis></term>
<listitem>
<para>Explains the different components of an email server and
dives into simple configuration topics for the most popular
mail server software:
<application>sendmail</application>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="network-servers"/>, Network Servers</emphasis></term>
<listitem>
<para>Provides detailed instructions and example configuration
files to set up your FreeBSD machine as a network filesystem
server, domain name server, network information system
server, or time synchronization server.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="firewalls"/>, Firewalls</emphasis></term>
<listitem>
<para>Explains the philosophy behind software-based firewalls and
provides detailed information about the configuration of the
different firewalls available for FreeBSD.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="advanced-networking"/>, Advanced Networking</emphasis></term>
<listitem>
<para>Describes many networking topics, including sharing an
Internet connection with other computers on your LAN, advanced
routing topics, wireless networking, bluetooth, ATM, IPv6, and
much more.</para>
</listitem>
</varlistentry>
<!-- Part V - Appendices -->
<varlistentry>
<term><emphasis><xref linkend="mirrors"/>, Obtaining FreeBSD </emphasis></term>
<listitem>
<para>Lists different sources for obtaining FreeBSD media on CDROM
or DVD as well as different sites on the Internet that allow
you to download and install FreeBSD.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="bibliography"/>, Bibliography </emphasis></term>
<listitem>
<para>This book touches on many different subjects that may
leave you hungry for a more detailed explanation. The
bibliography lists many excellent books that are referenced in
the text.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="eresources"/>, Resources on the Internet</emphasis></term>
<listitem>
<para>Describes the many forums available for FreeBSD users to
post questions and engage in technical conversations about
FreeBSD.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><emphasis><xref linkend="pgpkeys"/>, PGP Keys</emphasis></term>
<listitem>
<para>Lists the PGP fingerprints of several FreeBSD Developers.</para>
</listitem>
</varlistentry>
</variablelist>
<bridgehead xml:id="preface-conv" renderas="sect1">本書的編排體裁</bridgehead>
<para>為方便閱讀本書,以下是一些本書所遵循的編排體裁:</para>
<bridgehead xml:id="preface-conv-typographic" renderas="sect2">文字編排體裁</bridgehead>
<variablelist>
<varlistentry>
<term><emphasis>斜體字(Italic)</emphasis></term>
<listitem>
<para><emphasis>斜體字型(Italic)</emphasis> 用於:檔名、目錄、網址(URL)、
強調語氣、以及第一次提及的技術詞彙。</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>定寬字(Monospace)</literal></term>
<listitem>
<para><literal>定寬字(Monospace)</literal> 用於:
錯誤訊息、指令、環境變數、port 名稱、主機名稱(hostname)、帳號、群組、設備(device)名稱、變數、
程式碼等。</para>
</listitem>
</varlistentry>
<varlistentry>
<term><application>粗體字型(Bold)</application></term>
<listitem>
<para><application>粗體字</application>表示:應用程式、命令、按鍵。</para>
</listitem>
</varlistentry>
</variablelist>
<!-- Var list -->
<bridgehead xml:id="preface-conv-commands" renderas="sect2">使用者輸入</bridgehead>
<para>鍵盤輸入以 <keycap>粗體字(Bold)</keycap> 表示,以便與一般文字做區隔。
組合鍵是指同時按下一些按鍵,我們以 `<literal>+</literal>' 來表示連接,像是:</para>
<para>
<keycombo action="simul">
<keycap>Ctrl</keycap>
<keycap>Alt</keycap>
<keycap>Del</keycap>
</keycombo>
</para>
<para>也就是說,一起按 <keycap>Ctrl</keycap> 鍵、
<keycap>Alt</keycap> 鍵,以及 <keycap>Del</keycap> 鍵。</para>
<para>若要逐一按鍵,那麼會以逗號(,)來表示,像是:</para>
<para>
<keycombo action="simul">
<keycap>Ctrl</keycap>
<keycap>X</keycap>
</keycombo>,
<keycombo action="simul">
<keycap>Ctrl</keycap>
<keycap>S</keycap>
</keycombo>
</para>
<para>也就是說:先同時按下 <keycap>Ctrl</keycap><keycap>X</keycap> 鍵,
然後放開後再同時按 <keycap>Ctrl</keycap><keycap>S</keycap> 鍵。</para>
<!-- How to type in key stokes, etc.. -->
<bridgehead xml:id="preface-conv-examples" renderas="sect2">舉個實例</bridgehead>
<para>下面例子以 <filename>E:\&gt;</filename>
為開頭的代表 &ms-dos; 指令部分。 若沒有特殊情況的話,這些指令應該是在 &microsoft.windows; 環境的
<quote>命令提示字元(Command Prompt)</quote> 內執行。</para>
<screen><prompt>E:\&gt;</prompt> <userinput>tools\fdimage floppies\kern.flp A:</userinput></screen>
<para>例子若是先以 &prompt.root; 為開頭再接指令的話,就是指在 FreeBSD 中以 root 權限來下命令。
你可以先以 <systemitem class="username">root</systemitem>登入系統並下指令,或是以你自己的帳號登入,並使用
&man.su.1; 來取得 root 權限。</para>
<screen>&prompt.root; <userinput>dd if=kern.flp of=/dev/fd0</userinput></screen>
<para>例子若是先以 &prompt.user; 為開頭再接指令的話,就是指在 FreeBSD 中以一般帳號來下命令即可。
除非有提到其他用法,否則都是預設為 C-shell(csh/tcsh) 語法,用來設定環境變數以及下其他指令的意思。</para>
<screen>&prompt.user; <userinput>top</userinput></screen>
<bridgehead xml:id="preface-acknowledgements" renderas="sect1">致謝</bridgehead>
<para>您所看到的這本書是經過數百個分散在世界各地的人所努力而來的結果。
無論他們只是糾正一些錯誤或提交完整的章節,所有的點滴貢獻都是非常寶貴有用的。</para>
<para>也有一些公司透過提供資金讓作者專注於撰稿、提供出版資金等模式來支持文件的寫作。
其中BSDi (之後併入 <link xlink:href="http://www.windriver.com">Wind River Systems</link>)
資助 FreeBSD 文件計劃成員來專職改善這本書直到 2000 年 3 月第一版的出版。(ISBN 1-57176-241-8)
Wind River Systems 同時資助其他作者來對輸出架構做很多改進,以及給文章增加一些附加章節。這項工作結束於
2001 年 11 月第二版。(ISBN 1-57176-303-1)
在 2003-2004 兩年中,<link xlink:href="http://www.freebsdmall.com">FreeBSD Mall</link> 把報酬支付給改進這本手冊以使第三版印刷版本能夠出版的志工。
</para>
</preface>

15
zh_TW.UTF-8/books/handbook/printing/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= printing/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

4737
zh_TW.UTF-8/books/handbook/printing/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/security/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= security/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

3953
zh_TW.UTF-8/books/handbook/security/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/serialcomms/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= serialcomms/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

2856
zh_TW.UTF-8/books/handbook/serialcomms/chapter.xml
View file

File diff suppressed because it is too large Load diff

72
zh_TW.UTF-8/books/handbook/txtfiles.ent
View file

@ -1,72 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Creates entities for each .txt screenshot that is included in the
Handbook.
Each entity is named txt.dir.foo, where dir is the directory in
which it is stored, and foo is its filename, without the '.txt'
extension.
Entities should be listed in alphabetical order.
$FreeBSD$
Original revision: 1.4
-->
<!ENTITY txt.install.adduser1 SYSTEM "install/adduser1.txt">
<!ENTITY txt.install.adduser2 SYSTEM "install/adduser2.txt">
<!ENTITY txt.install.adduser3 SYSTEM "install/adduser3.txt">
<!ENTITY txt.install.boot-mgr SYSTEM "install/boot-mgr.txt">
<!ENTITY txt.install.config-country SYSTEM "install/config-country.txt">
<!ENTITY txt.install.console-saver1 SYSTEM "install/console-saver1.txt">
<!ENTITY txt.install.console-saver2 SYSTEM "install/console-saver2.txt">
<!ENTITY txt.install.console-saver3 SYSTEM "install/console-saver3.txt">
<!ENTITY txt.install.console-saver4 SYSTEM "install/console-saver4.txt">
<!ENTITY txt.install.disklabel-auto SYSTEM "install/disklabel-auto.txt">
<!ENTITY txt.install.disklabel-ed1 SYSTEM "install/disklabel-ed1.txt">
<!ENTITY txt.install.disklabel-ed2 SYSTEM "install/disklabel-ed2.txt">
<!ENTITY txt.install.disklabel-fs SYSTEM "install/disklabel-fs.txt">
<!ENTITY txt.install.disklabel-root1 SYSTEM "install/disklabel-root1.txt">
<!ENTITY txt.install.disklabel-root2 SYSTEM "install/disklabel-root2.txt">
<!ENTITY txt.install.disklabel-root3 SYSTEM "install/disklabel-root3.txt">
<!ENTITY txt.install.dist-set SYSTEM "install/dist-set.txt">
<!ENTITY txt.install.dist-set2 SYSTEM "install/dist-set2.txt">
<!ENTITY txt.install.docmenu1 SYSTEM "install/docmenu1.txt">
<!ENTITY txt.install.ed0-conf SYSTEM "install/ed0-conf.txt">
<!ENTITY txt.install.ed0-conf2 SYSTEM "install/ed0-conf2.txt">
<!ENTITY txt.install.edit-inetd-conf SYSTEM "install/edit-inetd-conf.txt">
<!ENTITY txt.install.fdisk-drive1 SYSTEM "install/fdisk-drive1.txt">
<!ENTITY txt.install.fdisk-drive2 SYSTEM "install/fdisk-drive2.txt">
<!ENTITY txt.install.fdisk-edit1 SYSTEM "install/fdisk-edit1.txt">
<!ENTITY txt.install.fdisk-edit2 SYSTEM "install/fdisk-edit2.txt">
<!ENTITY txt.install.ftp-anon1 SYSTEM "install/ftp-anon1.txt">
<!ENTITY txt.install.ftp-anon2 SYSTEM "install/ftp-anon2.txt">
<!ENTITY txt.install.hdwrconf SYSTEM "install/hdwrconf.txt">
<!ENTITY txt.install.keymap SYSTEM "install/keymap.txt">
<!ENTITY txt.install.main-doc SYSTEM "install/main-doc.txt">
<!ENTITY txt.install.main-keymap SYSTEM "install/main-keymap.txt">
<!ENTITY txt.install.main-options SYSTEM "install/main-options.txt">
<!ENTITY txt.install.main-std SYSTEM "install/main-std.txt">
<!ENTITY txt.install.main1 SYSTEM "install/main1.txt">
<!ENTITY txt.install.mainexit SYSTEM "install/mainexit.txt">
<!ENTITY txt.install.media SYSTEM "install/media.txt">
<!ENTITY txt.install.mouse1 SYSTEM "install/mouse1.txt">
<!ENTITY txt.install.mouse2 SYSTEM "install/mouse2.txt">
<!ENTITY txt.install.mouse3 SYSTEM "install/mouse3.txt">
<!ENTITY txt.install.mouse4 SYSTEM "install/mouse4.txt">
<!ENTITY txt.install.mouse5 SYSTEM "install/mouse5.txt">
<!ENTITY txt.install.mouse6 SYSTEM "install/mouse6.txt">
<!ENTITY txt.install.nfs-server-edit SYSTEM "install/nfs-server-edit.txt">
<!ENTITY txt.install.options SYSTEM "install/options.txt">
<!ENTITY txt.install.pkg-cat SYSTEM "install/pkg-cat.txt">
<!ENTITY txt.install.pkg-confirm SYSTEM "install/pkg-confirm.txt">
<!ENTITY txt.install.pkg-install SYSTEM "install/pkg-install.txt">
<!ENTITY txt.install.pkg-sel SYSTEM "install/pkg-sel.txt">
<!ENTITY txt.install.probstart SYSTEM "install/probstart.txt">
<!ENTITY txt.install.security SYSTEM "install/security.txt">
<!ENTITY txt.install.sysinstall-exit SYSTEM "install/sysinstall-exit.txt">
<!ENTITY txt.install.timezone1 SYSTEM "install/timezone1.txt">
<!ENTITY txt.install.timezone2 SYSTEM "install/timezone2.txt">
<!ENTITY txt.install.timezone3 SYSTEM "install/timezone3.txt">
<!ENTITY txt.install.userconfig SYSTEM "../../../share/images/books/handbook/install/userconfig.txt">
<!ENTITY txt.install.userconfig2 SYSTEM "../../../share/images/books/handbook/install/userconfig2.txt">

15
zh_TW.UTF-8/books/handbook/users/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= users/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

940
zh_TW.UTF-8/books/handbook/users/chapter.xml
View file

@ -1,940 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
$FreeBSD$
Original revision: 1.58
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="users">
<info><title>使用者與基本帳號管理</title>
<authorgroup>
<author><personname><firstname>Neil</firstname><surname>Blakey-Milner</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<sect1 xml:id="users-synopsis">
<title>概述</title>
<para>FreeBSD 允許多個使用者同時使用電腦。 當然,
這並不是很多人同時坐在同一台電腦前
<footnote>
<para>Well..除非您連接 multiple terminals這種情況我們會在 <xref linkend="serialcomms"/> 講到。</para>
</footnote>,而是其他使用者可以透過網路來使用同一台電腦以完成他們的工作。
要使用系統的話,那麼每個人都得有一個帳號。</para>
<para>讀完這章,您將了解:</para>
<itemizedlist>
<listitem>
<para>在 FreeBSD 系統上不同帳號之間的區別。</para>
</listitem>
<listitem>
<para>如何增加帳號。</para>
</listitem>
<listitem>
<para>如何刪除帳號。</para>
</listitem>
<listitem>
<para>如何更改帳號的基本資料,像是帳號全名,或是使用的 shell
種類。</para>
</listitem>
<listitem>
<para>如何針對帳號、群組來設限,比如:允許存取記憶體或 CPU
資源多寡等。</para>
</listitem>
<listitem>
<para>如何運用群組,來更容易地管理帳號。</para>
</listitem>
</itemizedlist>
<para>在開始閱讀這章之前,您需要:</para>
<itemizedlist>
<listitem>
<para>瞭解 &unix; 及 FreeBSD (<xref linkend="basics"/>)的基礎概念。</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="users-introduction">
<title>介紹</title>
<para>系統的所有存取是經由帳號來進行,而所有的程式 process
是由使用者來進行,所以使用者及帳號的管理,乃是 FreeBSD
系統上不可或缺的重點。</para>
<para>所有於 FreeBSD 系統中的帳號皆包含下列相關資訊用來辨識身份。</para>
<variablelist>
<varlistentry>
<term>使用者名稱</term>
<listitem>
<para>使用者名稱要輸入在 <prompt>login:</prompt> 提示出現後。
使用者名稱必須是獨一無二,
不能有重複的使用者名稱。
至於如何建立有效使用者名稱的規則,請參閱 &man.passwd.5; 說明,
通常使用者名稱是以八個以內的小寫字母所組成。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>密碼</term>
<listitem>
<para>每個帳號都可擁有一組密碼。 密碼也可以不設,
如此就不需密碼即可登入系統,但通常這並非妙策,
每個帳號都應設定一組密碼。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>使用者代號 (User ID, UID)</term>
<listitem>
<para>UID 是系統用來辨識使用者的數字,通常範圍是從 0 到 65535 <footnote xml:id="users-largeuidgid">
<para>UID/GID 最大可使用至 4294967295但這樣的 ID
可能會對已假設範圍的軟體造成嚴重問題。</para>
</footnote>。 FreeBSD 內部是使用 UID 來辨識使用者 &mdash;
FreeBSD 在執行任何指定使用者的指令之前,都會先把使用者名稱轉換為
UID。 也就是說,比如可以有數個不同的使用者名稱,
但是都使用同一個 UID對 FreeBSD 來說,這些帳號都只代表同一使用者。
不過,實際上需要這樣做的可能性不大。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>群組代號 (Group ID, GID)</term>
<listitem>
<para>GID 是系統用來辨識使用者所屬群組的數字,通常範圍是從 0 到 65535<footnoteref linkend="users-largeuidgid"/>
。 用群組來控制資源存取,可有效減少一些設定檔的大小。
此外,使用者還可以同時屬於多個不同的群組。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>登入分類(Login classes)</term>
<listitem>
<para>
登入分類是群組的延伸機制,
提供了不同的使用者更彈性的。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>密碼變更期限</term>
<listitem>
<para>FreeBSD 預設並不要求使用者週期性的更改密碼。您可以強制某些或
全部的使用者在指定的期間過後必須更改密碼。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>帳號期限</term>
<listitem>
<para>FreeBSD 的帳號沒有預設的期限,如果您已知道帳號的使用期限,
例如,學校中提供學生使用的帳號,可在建立帳號時指定帳號的期限。
當帳號過期後會無法登入系統,但該帳號的目錄及檔案則會保留。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>使用者全名</term>
<listitem>
<para>FreeBSD 的帳號使用使用者名稱用來辨識,但使用者名稱並不一定代表
真實使用者的姓名。為帳號所需的相關資訊。</para>
</listitem>
</varlistentry>
<varlistentry>
<term>家目錄</term>
<listitem>
<para>家目錄為使用者登入系統時的所在目錄的完整路徑。
通常會將所有使用者的家目錄放置於
<filename>/home/使用者名稱</filename>
<filename>/usr/home/使用者名稱</filename>
使用者可以將其個人的資料放置於其家目錄之中,並可以在此目錄底下
建立新的目錄</para>
</listitem>
</varlistentry>
<varlistentry>
<term>使用者 Shell</term>
<listitem>
<para>Shell 提供預設的環境讓使用者與系統互動。
Shell 擁有數種不同的種類, 可供進階使用者依使用習慣選擇。</para>
</listitem>
</varlistentry>
</variablelist>
<!--
Superuser: 系統管理者帳號
System users: 系統帳號
user accounts: 使用者帳號
-->
<para>帳號主要分為下列三類: <link linkend="users-superuser">系統管理者帳號</link>, <link linkend="users-system">系統帳號</link>,及 <link linkend="users-user">使用者帳號</link>。 系統管理者帳號的帳號
通常為 <systemitem class="username">root</systemitem>,擁有最大的權限來管理系統。
系統帳號用來執行伺服器服務。最後,使用者帳號供真正的使用者使用,
可登入、讀信等等。</para>
</sect1>
<sect1 xml:id="users-superuser">
<title>系統管理者帳號</title>
<indexterm>
<primary>accounts</primary>
<secondary>superuser (root)</secondary>
</indexterm>
<para>The superuser account, usually called
<systemitem class="username">root</systemitem>, comes preconfigured to facilitate
system administration, and should not be used for day-to-day
tasks like sending and receiving mail, general exploration of
the system, or programming.</para>
<para>This is because the superuser, unlike normal user accounts,
can operate without limits, and misuse of the superuser account
may result in spectacular disasters. User accounts are unable
to destroy the system by mistake, so it is generally best to use
normal user accounts whenever possible, unless you especially
need the extra privilege.</para>
<para>You should always double and triple-check commands you issue
as the superuser, since an extra space or missing character can
mean irreparable data loss.</para>
<para>So, the first thing you should do after reading this
chapter is to create an unprivileged user account for yourself
for general usage if you have not already. This applies equally
whether you are running a multi-user or single-user machine.
Later in this chapter, we discuss how to create additional
accounts, and how to change between the normal user and
superuser.</para>
</sect1>
<sect1 xml:id="users-system">
<title>系統帳號</title>
<indexterm>
<primary>accounts</primary>
<secondary>system</secondary>
</indexterm>
<para>System users are those used to run services such as DNS,
mail, web servers, and so forth. The reason for this is
security; if all services ran as the superuser, they could
act without restriction.</para>
<indexterm>
<primary>accounts</primary>
<secondary><systemitem class="username">daemon</systemitem></secondary>
</indexterm>
<indexterm>
<primary>accounts</primary>
<secondary><systemitem class="username">operator</systemitem></secondary>
</indexterm>
<para>Examples of system users are <systemitem class="username">daemon</systemitem>,
<systemitem class="username">operator</systemitem>, <systemitem class="username">bind</systemitem> (for
the Domain Name Service), <systemitem class="username">news</systemitem>, and
<systemitem class="username">www</systemitem>.</para>
<indexterm>
<primary>accounts</primary>
<secondary><systemitem class="username">nobody</systemitem></secondary>
</indexterm>
<para><systemitem class="username">nobody</systemitem> is the generic unprivileged
system user. However, it is important to keep in mind that the
more services that use <systemitem class="username">nobody</systemitem>, the more
files and processes that user will become associated with, and
hence the more privileged that user becomes.</para>
</sect1>
<sect1 xml:id="users-user">
<title>使用者帳號</title>
<indexterm>
<primary>accounts</primary>
<secondary>user</secondary>
</indexterm>
<para>User accounts are the primary means of access for real
people to the system, and these accounts insulate the user and
the environment, preventing the users from damaging the system
or other users, and allowing users to customize their
environment without affecting others.</para>
<para>Every person accessing your system should have a unique user
account. This allows you to find out who is doing what, prevent
people from clobbering each others' settings or reading each
others' mail, and so forth.</para>
<para>Each user can set up their own environment to accommodate
their use of the system, by using alternate shells, editors, key
bindings, and language.</para>
</sect1>
<sect1 xml:id="users-modifying">
<title>更改帳號</title>
<indexterm>
<primary>accounts</primary>
<secondary>modifying</secondary>
</indexterm>
<para>&unix; 的環境之中提供了各式不同的指令管理使用者帳號,
以下為較常使用的指令摘要及更詳細的使用範例。
</para>
<informaltable frame="none" pgwide="1">
<tgroup cols="2">
<colspec colwidth="1*"/>
<colspec colwidth="2*"/>
<thead>
<row>
<entry>指令</entry>
<entry>摘要</entry>
</row>
</thead>
<tbody>
<row>
<entry>&man.adduser.8;</entry>
<entry>新增使用者。</entry>
</row>
<row>
<entry>&man.rmuser.8;</entry>
<entry>移除使用者。</entry>
</row>
<row>
<entry>&man.chpass.1;</entry>
<entry>更改使用者資料。</entry>
</row>
<row>
<entry>&man.passwd.1;</entry>
<entry>更改使用者密碼。</entry>
</row>
<row>
<entry>&man.pw.8;</entry>
<entry>修改使用者的各種資料。</entry>
</row>
</tbody>
</tgroup>
</informaltable>
<sect2 xml:id="users-adduser">
<title><command>adduser</command></title>
<indexterm>
<primary>accounts</primary>
<secondary>adding</secondary>
</indexterm>
<indexterm>
<primary><command>adduser</command></primary>
</indexterm>
<indexterm>
<primary><filename>/usr/share/skel</filename></primary>
</indexterm>
<indexterm><primary>skeleton directory</primary></indexterm>
<para>&man.adduser.8; 是一支新增使用者的簡單程式。
它會建立資料於系統的 <filename>passwd</filename>
<filename>group</filename>
檔案之中。 同時也會建立使用者的家目錄,從 <filename>
/usr/share/skel</filename> 複製預設的組態檔(<quote>dotfiles</quote>)
並可以選擇性的郵件通知新使用者歡迎訊息。</para>
<example>
<title>&os; 內新增使用者</title>
<screen>&prompt.root; <userinput>adduser</userinput>
Username: <userinput>jru</userinput>
Full name: <userinput>J. Random User</userinput>
Uid (Leave empty for default):
Login group [jru]:
Login group is jru. Invite jru into other groups? []: <userinput>wheel</userinput>
Login class [default]:
Shell (sh csh tcsh zsh nologin) [sh]: <userinput>zsh</userinput>
Home directory [/home/jru]:
Use password-based authentication? [yes]:
Use an empty password? (yes/no) [no]:
Use a random password? (yes/no) [no]:
Enter password:
Enter password again:
Lock out the account after creation? [no]:
Username : jru
Password : ****
Full Name : J. Random User
Uid : 1001
Class :
Groups : jru wheel
Home : /home/jru
Shell : /usr/local/bin/zsh
Locked : no
OK? (yes/no): <userinput>yes</userinput>
adduser: INFO: Successfully added (jru) to the user database.
Add another user? (yes/no): <userinput>no</userinput>
Goodbye!
&prompt.root;</screen>
</example>
<note>
<para>您輸入的密碼並不會回應到螢幕,所以不會以星號顯示
。 請確定您所輸入的密碼無誤。</para>
</note>
</sect2>
<sect2 xml:id="users-rmuser">
<title><command>rmuser</command></title>
<indexterm><primary><command>rmuser</command></primary></indexterm>
<indexterm>
<primary>accounts</primary>
<secondary>removing</secondary>
</indexterm>
<para>您可以使用 &man.rmuser.8; 來將使用者從系統之中完全移除
&man.rmuser.8; 會執行以下動作:</para>
<procedure>
<step>
<para>移除該使用者的 &man.crontab.1; 資料 (如果存在)。</para>
</step>
<step>
<para>移除所有屬於該使用者的 &man.at.1; 工作。</para>
</step>
<step>
<para>中止所有該使用者擁有的程序。</para>
</step>
<step>
<para>移除系統本機密碼檔中該使用者的資料。</para>
</step>
<step>
<para>移除該使用者的家目錄 (如果為該使用者所有)。</para>
</step>
<step>
<para>移除 <filename>/var/mail</filename> 中屬於該使用者的郵件。</para>
</step>
<step>
<para>移除暫存空間 (如: <filename>/tmp</filename>) 中所有屬於該使用者的檔案。</para>
</step>
<step>
<para>最後,在 <filename>/etc/group</filename> 檔內移除該使用者帳號。
</para>
<note>
<para>若該群組已無成員,或者是群組名稱與該使用者名稱相同時,
則群組將會被移除; 此操作會與 &man.adduser.8;
所建立的帳號群組相對應。</para>
</note>
</step>
</procedure>
<para>&man.rmuser.8; 無法移除系統管理者帳號帳號,
因為這即代表嚴重的破壞行為。</para>
<para>為了確認您的操作,預設採互動模式。</para>
<example>
<title><command>rmuser</command> 帳號移除</title>
<screen>&prompt.root; <userinput>rmuser jru</userinput>
Matching password entry:
jru:*:1001:1001::0:0:J. Random User:/home/jru:/usr/local/bin/zsh
Is this the entry you wish to remove? <userinput>y</userinput>
Remove user's home directory (/home/jru)? <userinput>y</userinput>
Updating password file, updating databases, done.
Updating group file: trusted (removing group jru -- personal group is empty) done.
Removing user's incoming mail file /var/mail/jru: done.
Removing files belonging to jru from /tmp: done.
Removing files belonging to jru from /var/tmp: done.
Removing files belonging to jru from /var/tmp/vi.recover: done.
&prompt.root;</screen>
</example>
</sect2>
<sect2 xml:id="users-chpass">
<title><command>chpass</command></title>
<indexterm><primary><command>chpass</command></primary></indexterm>
<para>&man.chpass.1; 可更改使用者資料如: 密碼、Shell及個人資訊。</para>
<para>僅系統管理者即系統管理者帳號可利用 &man.chpass.1; 更改其他使用者的資訊及密碼</para>
<para>除了指定使用者名稱,當不加參數時,&man.chpass.1; 會將使用者資訊顯示於編輯器當中。
並於使用者離開編輯器時更新使用者資訊。</para>
<note>
<para>若您並非系統管理者帳號,在離開編輯器前會詢問您的密碼。</para>
</note>
<example>
<title>系統管理者帳號 <command>chpass</command></title>
<screen>#Changing user database information for jru.
Login: jru
Password: *
Uid [#]: 1001
Gid [# or name]: 1001
Change [month day year]:
Expire [month day year]:
Class:
Home directory: /home/jru
Shell: /usr/local/bin/zsh
Full Name: J. Random User
Office Location:
Office Phone:
Home Phone:
Other information:</screen>
</example>
<para>一般使用者僅可更改自己的少部份資訊。</para>
<example>
<title>一般使用者 <command>chpass</command></title>
<screen>#Changing user database information for jru.
Shell: /usr/local/bin/zsh
Full Name: J. Random User
Office Location:
Office Phone:
Home Phone:
Other information:</screen>
</example>
<note>
<para>&man.chfn.1;&man.chsh.1; 即為 &man.chpass.1;,也同
&man.ypchpass.1;&man.ypchfn.1;&man.ypchsh.1;
NIS 支援是自動的,所以無需在指令前加上 <literal>yp</literal>
若這會困擾您,請不必擔心,<xref linkend="network-servers"/> 將函蓋 NIS 的部份的說明。</para>
</note>
</sect2>
<sect2 xml:id="users-passwd">
<title><command>passwd</command></title>
<indexterm><primary><command>passwd</command></primary></indexterm>
<indexterm>
<primary>accounts</primary>
<secondary>changing password</secondary>
</indexterm>
<para>&man.passwd.1; 是更改密碼常用的方式,除了超級管理者可更改其他使用者的密碼外
使用者僅能更改自己的密碼。</para>
<note>
<para>為了避免意外或未經同意的修改,在更新密碼前需輸入原密碼。</para>
</note>
<example>
<title>更改您的密碼</title>
<screen>&prompt.user; <userinput>passwd</userinput>
Changing local password for jru.
Old password:
New password:
Retype new password:
passwd: updating the database...
passwd: done</screen>
</example>
<example>
<title>以系統管理者帳號去更改其他使用者的密碼</title>
<screen>&prompt.root; <userinput>passwd jru</userinput>
Changing local password for jru.
New password:
Retype new password:
passwd: updating the database...
passwd: done</screen>
</example>
<note>
<para>&man.chpass.1;
&man.yppasswd.1; 即為 &man.passwd.1;,皆支援 NIS。</para>
</note>
</sect2>
<sect2 xml:id="users-pw">
<title><command>pw</command></title>
<indexterm><primary><command>pw</command></primary></indexterm>
<para>&man.pw.8; 用來建立、移除、修改及查詢使用者及群組。
其功能即為系統使用者及群組檔案的前端。&man.pw.8; 擁有大量的指令參數
較適合使用於 shell script 中,對新手來說會此指令較其他指令複雜許多。
</para>
</sect2>
</sect1>
<sect1 xml:id="users-limiting">
<title>使用者資源限制</title>
<indexterm><primary>limiting users</primary></indexterm>
<indexterm>
<primary>accounts</primary>
<secondary>limiting</secondary>
</indexterm>
<!--
login class: 登入分級
login capability: 登入容量
-->
<para>
若您擁有許多使用者,接下會想到該如何限制使用的資源。
FreeBSD 提供管理者許多方法來限制系統的資源給每個人使用。
這些限制分為兩個部份: 磁碟限額,以及其他資源限制。
</para>
<indexterm><primary>quotas</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>quotas</secondary>
</indexterm>
<indexterm><primary>disk quotas</primary></indexterm>
<para>磁碟限額可以限制使用者的磁碟用量,
它提供了一種方法可以快速的檢查並計算用量
而不需每次重新計算,
關於磁碟限額將於 <xref linkend="quotas"/> 會討論。</para>
<para>其他資源限制包含了 CPU、記憶體、以及其他每個使用者可使用
的資源做限制,這些限制可使用 Login class 來定義並於在本章討論。</para>
<indexterm>
<primary><filename>/etc/login.conf</filename></primary>
</indexterm>
<para>Login class 定義於
<filename>/etc/login.conf</filename>。 明確語意不會在本節說明
但詳細的描述會在 &man.login.conf.5; 文件中。 每使用者預設被
分配到一個 Login class 中 (預設為 <literal>default</literal>)
而每個 Login class 都有其資源的限制(Login capabilitiy)。
Login capabilitiy 以 <literal>名稱=值</literal> 成對,
<replaceable>名稱</replaceable> 代表資源的種類,而 <replaceable></replaceable>
為任意的字串,為對應名稱的參數。 設定 Login class 及 Login capability 相當簡單,並同樣在
&man.login.conf.5; 中詳細說明。</para>
<note>
<para>系統不會直接讀取 <filename>/etc/login.conf</filename> 的組態
而是讀取提供查詢較快的 <filename>/etc/login.conf.db</filename> 資料庫檔。
要從 <filename>/etc/login.conf</filename> 產生 <filename>/etc/login.conf.db</filename>
需要執行以下指令:</para>
<screen>&prompt.root; <userinput>cap_mkdb /etc/login.conf</userinput></screen>
</note>
<para>資源限制於一般的 Login capability 有兩點不同。
第一,每種限制分為軟性限制及硬性限制。
軟性限制可由使用者或應用程式調整,但不能高於硬性限制。
後者限制可被使用者降低,但無法再提高。
第二,多數資源限制是針對每個使用者的個別行程限制,而不是使用者的所有行程。
注意,這些差異是由指定的限制程式托管,並非實作於 Login capability 的架構
(例如,這些不是 <emphasis>真正</emphasis> 登入容量的特例)。</para>
<para>另外,為了避免麻煩,以下為幾個常用的資源限制
(剩下及其他的 Login capability 可在 &man.login.conf.5; 中找到說明)。</para>
<variablelist>
<varlistentry>
<term><literal>coredumpsize</literal></term>
<listitem>
<indexterm><primary>coredumpsize</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>coredumpsize</secondary>
</indexterm>
<para>The limit on the size of a core file generated by a program
is, for obvious reasons, subordinate to other limits on disk
usage (e.g., <literal>filesize</literal>, or disk quotas).
Nevertheless, it is often used as a less-severe method of
controlling disk space consumption: since users do not generate
core files themselves, and often do not delete them, setting this
may save them from running out of disk space should a large
program (e.g., <application>emacs</application>) crash.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>cputime</literal></term>
<listitem>
<indexterm><primary>cputime</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>cputime</secondary>
</indexterm>
<para>This is the maximum amount of CPU time a user's process may
consume. Offending processes will be killed by the kernel.</para>
<note>
<para>This is a limit on CPU <emphasis>time</emphasis>
consumed, not percentage of the CPU as displayed in some
fields by &man.top.1; and &man.ps.1;. A limit on the
latter is, at the time of this writing, not possible, and
would be rather useless: a compiler&mdash;probably a
legitimate task&mdash;can easily use almost 100% of a CPU
for some time.</para>
</note>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>filesize</literal></term>
<listitem>
<indexterm><primary>filesize</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>filesize</secondary>
</indexterm>
<para>This is the maximum size of a file the user may possess.
Unlike <link linkend="quotas">disk quotas</link>, this limit is
enforced on individual files, not the set of all files a user
owns.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>maxproc</literal></term>
<listitem>
<indexterm><primary>maxproc</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>maxproc</secondary>
</indexterm>
<para>This is the maximum number of processes a user may be
running. This includes foreground and background processes
alike. For obvious reasons, this may not be larger than the
system limit specified by the <varname>kern.maxproc</varname>
&man.sysctl.8;. Also note that setting this
too small may hinder a
user's productivity: it is often useful to be logged in
multiple times or execute pipelines. Some tasks, such as
compiling a large program, also spawn multiple processes (e.g.,
&man.make.1;, &man.cc.1;, and other intermediate
preprocessors).</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>memorylocked</literal></term>
<listitem>
<indexterm><primary>memorylocked</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>memorylocked</secondary>
</indexterm>
<para>This is the maximum amount a memory a process may have
requested to be locked into main memory (e.g., see
&man.mlock.2;). Some system-critical programs, such as
&man.amd.8;, lock into main memory such that in the event
of being swapped out, they do not contribute to
a system's trashing in time of trouble.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>memoryuse</literal></term>
<listitem>
<indexterm><primary>memoryuse</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>memoryuse</secondary>
</indexterm>
<para>This is the maximum amount of memory a process may consume
at any given time. It includes both core memory and swap
usage. This is not a catch-all limit for restricting memory
consumption, but it is a good start.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>openfiles</literal></term>
<listitem>
<indexterm><primary>openfiles</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>openfiles</secondary>
</indexterm>
<para>This is the maximum amount of files a process may have
open. In FreeBSD, files are also used to represent sockets and
IPC channels; thus, be careful not to set this too low. The
system-wide limit for this is defined by the
<varname>kern.maxfiles</varname> &man.sysctl.8;.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>sbsize</literal></term>
<listitem>
<indexterm><primary>sbsize</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>sbsize</secondary>
</indexterm>
<para>This is the limit on the amount of network memory, and thus
mbufs, a user may consume. This originated as a response to an
old DoS attack by creating a lot of sockets, but can be
generally used to limit network communications.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>stacksize</literal></term>
<listitem>
<indexterm><primary>stacksize</primary></indexterm>
<indexterm>
<primary>limiting users</primary>
<secondary>stacksize</secondary>
</indexterm>
<para>This is the maximum size a process' stack may grow to.
This alone is not sufficient to limit the amount of memory a
program may use; consequently, it should be used in conjunction
with other limits.</para>
</listitem>
</varlistentry>
</variablelist>
<para>There are a few other things to remember when setting resource
limits. Following are some general tips, suggestions, and
miscellaneous comments.</para>
<itemizedlist>
<listitem>
<para>Processes started at system startup by
<filename>/etc/rc</filename> are assigned to the
<literal>daemon</literal> login class.</para>
</listitem>
<listitem>
<para>Although the <filename>/etc/login.conf</filename> that comes
with the system is a good source of reasonable values for most
limits, only you, the administrator, can know what is appropriate
for your system. Setting a limit too high may open your system
up to abuse, while setting it too low may put a strain on
productivity.</para>
</listitem>
<listitem>
<para>Users of the X Window System (X11) should probably be granted
more resources than other users. X11 by itself takes a lot of
resources, but it also encourages users to run more programs
simultaneously.</para>
</listitem>
<listitem>
<para>Remember that many limits apply to individual processes, not
the user as a whole. For example, setting
<varname>openfiles</varname> to 50 means
that each process the user runs may open up to 50 files. Thus,
the gross amount of files a user may open is the value of
<literal>openfiles</literal> multiplied by the value of
<literal>maxproc</literal>. This also applies to memory
consumption.</para>
</listitem>
</itemizedlist>
<para>For further information on resource limits and login classes and
capabilities in general, please consult the relevant manual pages:
&man.cap.mkdb.1;, &man.getrlimit.2;, &man.login.conf.5;.</para>
</sect1>
<sect1 xml:id="users-groups">
<title>群組</title>
<indexterm><primary>groups</primary></indexterm>
<indexterm>
<primary><filename>/etc/groups</filename></primary>
</indexterm>
<indexterm>
<primary>accounts</primary>
<secondary>groups</secondary>
</indexterm>
<para>A group is simply a list of users. Groups are identified by
their group name and GID (Group ID). In FreeBSD (and most other &unix; like
systems), the two factors the kernel uses to decide whether a process
is allowed to do something is its user ID and list of groups it
belongs to. Unlike a user ID, a process has a list of groups
associated with it. You may hear some things refer to the <quote>group ID</quote>
of a user or process; most of the time, this just means the first
group in the list.</para>
<para>The group name to group ID map is in
<filename>/etc/group</filename>. This is a plain text file with four
colon-delimited fields. The first field is the group name, the
second is the encrypted password, the third the group ID, and the
fourth the comma-delimited list of members. It can safely be edited
by hand (assuming, of course, that you do not make any syntax
errors!). For a more complete description of the syntax, see the
&man.group.5; manual page.</para>
<para>If you do not want to edit <filename>/etc/group</filename>
manually, you can use the &man.pw.8; command to add and edit groups.
For example, to add a group called <systemitem class="groupname">teamtwo</systemitem> and
then confirm that it exists you can use:</para>
<example>
<title>Adding a Group Using &man.pw.8;</title>
<screen>&prompt.root; <userinput>pw groupadd teamtwo</userinput>
&prompt.root; <userinput>pw groupshow teamtwo</userinput>
teamtwo:*:1100:</screen>
</example>
<para>The number <literal>1100</literal> above is the group ID of the
group <systemitem class="groupname">teamtwo</systemitem>. Right now,
<systemitem class="groupname">teamtwo</systemitem> has no members, and is thus rather
useless. Let's change that by inviting <systemitem class="username">jru</systemitem> to
the <systemitem class="groupname">teamtwo</systemitem> group.</para>
<example>
<title>Adding Somebody to a Group Using &man.pw.8;</title>
<screen>&prompt.root; <userinput>pw groupmod teamtwo -M jru</userinput>
&prompt.root; <userinput>pw groupshow teamtwo</userinput>
teamtwo:*:1100:jru</screen>
</example>
<para>The argument to the <option>-M</option> option is a
comma-delimited list of users who are members of the group. From the
preceding sections, we know that the password file also contains a
group for each user. The latter (the user) is automatically added to
the group list by the system; the user will not show up as a member
when using the <option>groupshow</option> command to &man.pw.8;,
but will show up when the information is queried via &man.id.1; or
similar tool. In other words, &man.pw.8; only manipulates the
<filename>/etc/group</filename> file; it will never attempt to read
additionally data from <filename>/etc/passwd</filename>.</para>
<example>
<title>Using &man.id.1; to Determine Group Membership</title>
<screen>&prompt.user; <userinput>id jru</userinput>
uid=1001(jru) gid=1001(jru) groups=1001(jru), 1100(teamtwo)</screen>
</example>
<para>As you can see, <systemitem class="username">jru</systemitem> is a member of the
groups <systemitem class="groupname">jru</systemitem> and
<systemitem class="groupname">teamtwo</systemitem>.</para>
<para>For more information about &man.pw.8;, see its manual page, and
for more information on the format of
<filename>/etc/group</filename>, consult the &man.group.5; manual
page.</para>
</sect1>
</chapter>

15
zh_TW.UTF-8/books/handbook/vinum/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= vinum/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1458
zh_TW.UTF-8/books/handbook/vinum/chapter.xml
View file

File diff suppressed because it is too large Load diff

15
zh_TW.UTF-8/books/handbook/virtualization/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= virtualization/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

885
zh_TW.UTF-8/books/handbook/virtualization/chapter.xml
View file

@ -1,885 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
The FreeBSD Documentation Project
The FreeBSD Traditional Chinese Documentation Project
$FreeBSD$
Original revision: 1.16
-->
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="virtualization">
<info><title>Virtualization(虛擬機器)</title>
<authorgroup>
<author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<sect1 xml:id="virtualization-synopsis">
<title>Synopsis</title>
<para>虛擬機器軟體可以讓同一台機器得以同時執行多種作業系統。 在 PC 上,
通常這類系統都是在宿主(host)機器上裝虛擬機器軟體,來跑一堆 guest OS
</para>
<para>讀完這章,您將了解︰</para>
<itemizedlist>
<listitem>
<para>host OS 以及 guest OS 的區別。</para>
</listitem>
<listitem>
<para>如何在搭載 &intel; CPU 的 &apple; &macintosh; 電腦上安裝 FreeBSD
</para>
</listitem>
<listitem>
<para>如何在 Linux 上以 <application>&xen;</application> 來安裝
FreeBSD。</para>
</listitem>
<listitem>
<para>如何在 &microsoft.windows; 上以 <application>Virtual PC</application>
安裝 FreeBSD。</para>
</listitem>
<listitem>
<para>如何在虛擬機器對 FreeBSD 系統作性能調校,以取得最佳效能。</para>
</listitem>
</itemizedlist>
<para>在開始閱讀這章之前,您需要︰</para>
<itemizedlist>
<listitem>
<para>瞭解 &unix; 及 FreeBSD 相關基本概念
(<xref linkend="basics"/>)。</para>
</listitem>
<listitem><para>知道如何安裝 FreeBSD(<xref linkend="bsdinstall"/>)。</para></listitem>
<listitem><para>知道如何設定網路(<xref linkend="advanced-networking"/>)。</para></listitem>
<listitem><para>知道如何以 ports/packages 來安裝應用程式
(<xref linkend="ports"/>)。</para></listitem>
</itemizedlist>
</sect1>
<sect1 xml:id="virtualization-guest">
<title>安裝 FreeBSD 為 Guest OS</title>
<sect2 xml:id="virtualization-guest-parallels">
<title>MacOS 上的 Parallels</title>
<para>&mac; 版的 <application>Parallels Desktop</application>
乃是可用於搭配 &intel; CPU 以及 &macos; 10.4.6 以上的 &apple; &mac;
電腦的商業軟體。 FreeBSD 是其有完整支援的 guest OS 之一。 在
&macos; X 裝好 <application>Parallels</application> 後,
必須針對所欲安裝的 guest OS 來作相關的虛擬機器設定。</para>
<sect3 xml:id="virtualization-guest-parallels-install">
<title>在 Parallels/&macos; X 上安裝 FreeBSD</title>
<para>&macos; X/<application>Parallels</application> 上安裝 FreeBSD
的第一步是新增虛擬機器。 如下所示,在提示視窗內請將
<guimenu>Guest OS Type</guimenu> 勾選為
<guimenuitem>FreeBSD</guimenuitem></para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd1"/>
</imageobject>
</mediaobject>
<para>並依據自身需求來規劃硬碟容量跟記憶體的分配。 對大多數在
<application>Parallels</application> 使用的情況而言,大約 4GB
硬碟以及 512MB RAM 就夠用了:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd2"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd3"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd4"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd5"/>
</imageobject>
</mediaobject>
<para>接下來,選擇網路種類以及網路卡:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd6"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd7"/>
</imageobject>
</mediaobject>
<para>最後,儲存設定檔就完成設定了:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd8"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd9"/>
</imageobject>
</mediaobject>
<para>在 FreeBSD 虛擬機器新增後,就可以繼續以其安裝 FreeBSD。
安裝方面,比較好的作法是使用官方的 FreeBSD 光碟或者從官方 FTP
站下載 ISO image 檔。 若您的 &mac; 本機已經有該 ISO 檔,
或者 &mac; 的光碟機內有放安裝片,那麼就可以在 FreeBSD 的
<application>Parallels</application> 視窗右下角按下光碟片圖示。
接著會出現一個視窗,可以把虛擬機器內的光碟機設定到該 ISO 檔,
或者是實體光碟機。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd11"/>
</imageobject>
</mediaobject>
<para>設好光碟片來源之後,就可以按下重開機圖示以重開 FreeBSD
虛擬機器。 <application>Parallels</application> 會以特殊 BIOS
開機,並與普通的 BIOS 一樣會先檢查是否有光碟機。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd10"/>
</imageobject>
</mediaobject>
<para>此時,它就會找到 FreeBSD 安裝片,並開始安裝過程。 這時候也可順便裝
<application>&xorg;</application> 但先不要進行相關設定。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd12"/>
</imageobject>
</mediaobject>
<para>完成安裝過程之後,就可以重開剛裝的 FreeBSD 虛擬機器。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/parallels-freebsd13"/>
</imageobject>
</mediaobject>
</sect3>
<sect3 xml:id="virtualization-guest-parallels-configure">
<title>&macos; X/Parallels 上設定 FreeBSD</title>
<para>把 FreeBSD 成功裝到 &macos; X 的
<application>Parallels</application> 之後,還需要作一些設定步驟,
以便將虛擬機器內的 FreeBSD 最佳化。</para>
<procedure>
<step>
<title>設定 boot loader 參數</title>
<para>最重要的步驟乃是藉由調降 <option>kern.hz</option> 來降低
<application>Parallels</application> 環境內 FreeBSD 的 CPU
佔用率。 可以在 <filename>/boot/loader.conf</filename>
內加上下列設定即可:</para>
<programlisting>kern.hz=100</programlisting>
<para>若不作這設定,那麼光是 idle 狀態的 FreeBSD
(<application>Parallels</application> guest OS)
就會在僅單一處理器的 &imac; 上佔了大約 15% 的 CPU 佔用率。
作上述修改之後,佔用率就會降至大約 5%。</para>
</step>
<step>
<title>設定新的 kernel 設定檔</title>
<para>可以放心把所有 SCSI、FireWire、USB
相關設備都移除。 <application>Parallels</application>
有提供 &man.ed.4; 的虛擬網卡,因此,除了 &man.ed.4; 以及
&man.miibus.4; 以外的其他網路卡也都可以從 kernel 中移除。</para>
</step>
<step>
<title>設定網路</title>
<para>可以替虛擬機器簡單用 DHCP 來設定與 &mac; 相同的 LAN
網路環境,只要在 <filename>/etc/rc.conf</filename>
內加上 <literal>ifconfig_ed0="DHCP"</literal> 即可完成。
其他進階的網路設定方式,請參考 <xref linkend="advanced-networking"/></para>
</step>
</procedure>
</sect3>
</sect2>
<sect2 xml:id="virtualization-guest-xen">
<info><title>在 Linux 透過 &xen; 跑 FreeBSD</title>
<authorgroup>
<author><personname><firstname>Fukang</firstname><surname>Chen (Loader)</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
</info>
<para><application>&xen;</application> hypervisor 乃是開放源碼的
paravirtualization 產品,並由商業公司(XenSource)提供支援。
Guest OS 通常被稱為 domU domains而 host OS 則是被稱為 dom0。
在 Linux 上建立 FreeBSD 虛擬機器的第一步,則是安裝 Linux dom0 的
<application>&xen;</application>。 在本例中, host OS 乃是 Slackware
Linux。</para>
<sect3 xml:id="xen-slackware-dom0">
<title>在 Linux dom0 上設定 &xen; 3</title>
<procedure>
<step>
<title>從 XenSource 網站下載 &xen; 3.0</title>
<para><uri xlink:href="http://www.xensource.com/">http://www.xensource.com/</uri> 下載
<link xlink:href="http://bits.xensource.com/oss-xen/release/3.0.4-1/src.tgz/xen-3.0.4_1-src.tgz">xen-3.0.4_1-src.tgz</link></para>
</step>
<step>
<title>解壓縮</title>
<screen>&prompt.root; <userinput>cd xen-3.0.4_1-src</userinput>
&prompt.root; <userinput>KERNELS="linux-2.6-xen0 linux-2.6-xenU" make world</userinput>
&prompt.root; <userinput>make install</userinput></screen>
<note>
<para>為 dom0 重新編譯 kernel</para>
<screen>&prompt.root; <userinput>cd xen-3.0.4_1-src/linux-2.6.16.33-xen0</userinput>
&prompt.root; <userinput>make menuconfig</userinput>
&prompt.root; <userinput>make</userinput>
&prompt.root; <userinput>make install</userinput></screen>
<para>舊版的 <application>&xen;</application> 可能需要用
<command>make ARCH=xen menuconfig</command></para>
</note>
</step>
<step>
<title>增加選項到 Grub 的 menu.lst 選單</title>
<para>修改 <filename>/boot/grub/menu.lst</filename>
加上下列設定:</para>
<programlisting>title Xen-3.0.4
root (hd0,0)
kernel /boot/xen-3.0.4-1.gz dom0_mem=262144
module /boot/vmlinuz-2.6.16.33-xen0 root=/dev/hda1 ro</programlisting>
</step>
<step>
<title>重開機並進入 &xen;</title>
<para>首先,修改
<filename>/etc/xen/xend-config.sxp</filename>
加上下列設定:</para>
<programlisting>(network-script 'network-bridge netdev=eth0')</programlisting>
<para>接下來,就可以啟動 <application>&xen;</application></para>
<screen>&prompt.root; <userinput>/etc/init.d/xend start</userinput>
&prompt.root; <userinput>/etc/init.d/xendomains start</userinput></screen>
<para>現在 dom0 已經開始運作:</para>
<screen>&prompt.root; <userinput>xm list</userinput>
Name ID Mem VCPUs State Time(s)
Domain-0 0 256 1 r----- 54452.9</screen>
</step>
</procedure>
</sect3>
<sect3>
<title>FreeBSD 7-CURRENT domU</title>
<para><link xlink:href="http://www.fsmware.com/">http://www.fsmware.com/</link>
下載搭配 <application>&xen; 3.0</application> 的 FreeBSD domU
kernel 相關檔案</para>
<itemizedlist>
<listitem>
<para><link xlink:href="http://www.fsmware.com/xenofreebsd/7.0/download/kernel-current">kernel-current</link></para>
</listitem>
<listitem>
<para><link xlink:href="http://www.fsmware.com/xenofreebsd/7.0/download/mdroot-7.0.bz2">mdroot-7.0.bz2</link></para>
</listitem>
<listitem>
<para><link xlink:href="http://www.fsmware.com/xenofreebsd/7.0/download/config/xmexample1.bsd">xmexample1.bsd</link></para>
</listitem>
</itemizedlist>
<para><filename>xmexample1.bsd</filename> 設定檔放到
<filename>/etc/xen/</filename>,並修改 kernel 及 disk image 相關位置。
以下是示範的例子:</para>
<programlisting>kernel = "/opt/kernel-current"
memory = 256
name = "freebsd"
vif = [ '' ]
disk = [ 'file:/opt/mdroot-7.0,hda1,w' ]
#on_crash = 'preserve'
extra = "boot_verbose"
extra += ",boot_single"
extra += ",kern.hz=100"
extra += ",vfs.root.mountfrom=ufs:/dev/xbd769a"</programlisting>
<para>其中 <filename>mdroot-7.0.bz2</filename> 檔要記得解壓縮之。</para>
<para>接下來,要修改 <filename>kernel-current</filename> 設定檔的
__xen_guest 小節,並加上 <application>&xen; 3.0.3</application> 所需的
VIRT_BASE</para>
<screen>&prompt.root; <userinput>objcopy kernel-current -R __xen_guest</userinput>
&prompt.root; <userinput>perl -e 'print "LOADER=generic,GUEST_OS=freebsd,GUEST_VER=7.0,XEN_VER=xen-3.0,BSD_SYMTAB,VIRT_BASE=0xC0000000\x00"' &gt; tmp</userinput>
&prompt.root; <userinput>objcopy kernel-current --add-section __xen_guest=tmp</userinput></screen>
<screen>&prompt.root; <userinput>objdump -j __xen_guest -s kernel-current</userinput>
kernel-current: file format elf32-i386
Contents of section __xen_guest:
0000 4c4f4144 45523d67 656e6572 69632c47 LOADER=generic,G
0010 55455354 5f4f533d 66726565 6273642c UEST_OS=freebsd,
0020 47554553 545f5645 523d372e 302c5845 GUEST_VER=7.0,XE
0030 4e5f5645 523d7865 6e2d332e 302c4253 N_VER=xen-3.0,BS
0040 445f5359 4d544142 2c564952 545f4241 D_SYMTAB,VIRT_BA
0050 53453d30 78433030 30303030 3000 SE=0xC0000000. </screen>
<para>現在可以新增並啟動 domU 囉:</para>
<screen>&prompt.root; <userinput>xm create /etc/xen/xmexample1.bsd -c</userinput>
Using config file "/etc/xen/xmexample1.bsd".
Started domain freebsd
WARNING: loader(8) metadata is missing!
Copyright (c) 1992-2006 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 7.0-CURRENT #113: Wed Jan 4 06:25:43 UTC 2006
kmacy@freebsd7.gateway.2wire.net:/usr/home/kmacy/p4/freebsd7_xen3/src/sys/i386-xen/compile/XENCONF
WARNING: DIAGNOSTIC option enabled, expect reduced performance.
Xen reported: 1796.927 MHz processor.
Timecounter "ixen" frequency 1796927000 Hz quality 0
CPU: Intel(R) Pentium(R) 4 CPU 1.80GHz (1796.93-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf29 Stepping = 9
Features=0xbfebfbff&lt;FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,
DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE&gt;
Features2=0x4400&lt;CNTX-ID,&lt;b14&gt;&gt;
real memory = 265244672 (252 MB)
avail memory = 255963136 (244 MB)
xc0: &lt;Xen Console&gt; on motherboard
cpu0 on motherboard
Timecounters tick every 10.000 msec
[XEN] Initialising virtual ethernet driver.
xn0: Ethernet address: 00:16:3e:6b:de:3a
[XEN]
Trying to mount root from ufs:/dev/xbd769a
WARNING: / was not properly dismounted
Loading configuration files.
No suitable dump device was found.
Entropy harvesting: interrupts ethernet point_to_point kickstart.
Starting file system checks:
/dev/xbd769a: 18859 files, 140370 used, 113473 free (10769 frags, 12838 blocks, 4.2% fragmentation)
Setting hostname: demo.freebsd.org.
lo0: flags=8049&lt;UP,LOOPBACK,RUNNING,MULTICAST&gt; mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
Additional routing options:.
Mounting NFS file systems:.
Starting syslogd.
/etc/rc: WARNING: Dump device does not exist. Savecore not run.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/X11R6/lib /usr/local/lib
a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout /usr/X11R6/lib/aout
Starting usbd.
usb: Kernel module not available: No such file or directory
Starting local daemons:.
Updating motd.
Starting sshd.
Initial i386 initialization:.
Additional ABI support: linux.
Starting cron.
Local package initialization:.
Additional TCP options:.
Starting background file system checks in 60 seconds.
Sun Apr 1 02:11:43 UTC 2007
FreeBSD/i386 (demo.freebsd.org) (xc0)
login: </screen>
<para>現在 domU 應該可以跑 &os;&nbsp;7.0-CURRENT kernel</para>
<screen>&prompt.root; <userinput>uname -a</userinput>
FreeBSD demo.freebsd.org 7.0-CURRENT FreeBSD 7.0-CURRENT #113: Wed Jan 4 06:25:43 UTC 2006
kmacy@freebsd7.gateway.2wire.net:/usr/home/kmacy/p4/freebsd7_xen3/src/sys/i386-xen/compile/XENCONF i386</screen>
<para>接下來是設定 domU 的網路,&os; domU 會用代號為
<filename>xn0</filename> 的特殊網路卡:</para>
<screen>&prompt.root; <userinput>ifconfig xn0 10.10.10.200 netmask 255.0.0.0</userinput>
&prompt.root; <userinput>ifconfig</userinput>
xn0: flags=843&lt;UP,BROADCAST,RUNNING,SIMPLEX&gt; mtu 1500
inet 10.10.10.200 netmask 0xff000000 broadcast 10.255.255.255
ether 00:16:3e:6b:de:3a
lo0: flags=8049&lt;UP,LOOPBACK,RUNNING,MULTICAST&gt; mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000 </screen>
<para>在 dom0 Slackware 上應該會出現一些 <application>&xen;</application>
專用的網路卡:</para>
<screen>&prompt.root; <userinput>ifconfig</userinput>
eth0 Link encap:Ethernet HWaddr 00:07:E9:A0:02:C2
inet addr:10.10.10.130 Bcast:0.0.0.0 Mask:255.0.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:815 errors:0 dropped:0 overruns:0 frame:0
TX packets:1400 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:204857 (200.0 KiB) TX bytes:129915 (126.8 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:99 errors:0 dropped:0 overruns:0 frame:0
TX packets:99 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9744 (9.5 KiB) TX bytes:9744 (9.5 KiB)
peth0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:1853349 errors:0 dropped:0 overruns:0 frame:0
TX packets:952923 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2432115831 (2.2 GiB) TX bytes:86528526 (82.5 MiB)
Base address:0xc000 Memory:ef020000-ef040000
vif0.1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:1400 errors:0 dropped:0 overruns:0 frame:0
TX packets:815 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:129915 (126.8 KiB) TX bytes:204857 (200.0 KiB)
vif1.0 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:2 errors:0 dropped:157 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:140 (140.0 b) TX bytes:158 (158.0 b)
xenbr1 Link encap:Ethernet HWaddr FE:FF:FF:FF:FF:FF
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:112 (112.0 b) TX bytes:0 (0.0 b)</screen>
<screen>&prompt.root; <userinput>brctl show</userinput>
bridge name bridge id STP enabled interfaces
xenbr1 8000.feffffffffff no vif0.1
peth0
vif1.0</screen>
</sect3>
</sect2>
<sect2 xml:id="virtualization-guest-virtualpc">
<title>&windows; 上的 Virtual PC</title>
<para><application>Virtual PC</application>&microsoft;
&windows; 軟體產品,可以免費下載使用。 相關系統需求,請參閱 <link xlink:href="http://www.microsoft.com/windows/downloads/virtualpc/sysreq.mspx">
system requirements</link> 說明。 在 &microsoft.windows; 裝完
<application>Virtual PC</application> 之後,
必須針對所欲安裝的虛擬機器來作相關設定。</para>
<sect3 xml:id="virtualization-guest-virtualpc-install">
<title>在 Virtual PC/&microsoft.windows; 上安裝 FreeBSD</title>
<para>&microsoft.windows;/<application>Virtual PC</application>
上安裝 FreeBSD 的第一步是新增虛擬機器。 如下所示,
在提示視窗內請選擇 <guimenuitem>Create a virtual
machine</guimenuitem></para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd1"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd2"/>
</imageobject>
</mediaobject>
<para>然後在 <guimenuitem>Operating system</guimenuitem> 處選
<guimenuitem>Other</guimenuitem></para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd3"/>
</imageobject>
</mediaobject>
<para>並依據自身需求來規劃硬碟容量跟記憶體的分配。
對大多數在 <application>Virtual PC</application> 使用 FreeBSD
的情況而言,大約 4GB 硬碟空間以及 512MB RAM 就夠用了:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd4"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd5"/>
</imageobject>
</mediaobject>
<para>儲存設定檔:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd6"/>
</imageobject>
</mediaobject>
<para>接下來選剛剛所新增的 FreeBSD 虛擬機器,並按下
<guimenu>Settings</guimenu>,以設定網路種類以及網路卡:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd7"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd8"/>
</imageobject>
</mediaobject>
<para>在 FreeBSD 虛擬機器新增後,就可以繼續以其安裝 FreeBSD。
安裝方面,比較好的作法是使用官方的 FreeBSD 光碟或者從官方 FTP
站下載 ISO image 檔。 若您的 &windows; 檔案系統內已經有該 ISO
檔, 或者光碟機內有放安裝片,那麼就可以在 FreeBSD
虛擬機器上連按兩下,以開始啟動。 接著在
<application>Virtual PC</application> 視窗內按
<guimenu>CD</guimenu> 再按 <guimenu>Capture ISO Image...</guimenu>
。 接著會出現一個視窗,可以把虛擬機器內的光碟機設定到該 ISO 檔,
或者是實體光碟機。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd9"/>
</imageobject>
</mediaobject>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd10"/>
</imageobject>
</mediaobject>
<para>設好光碟片來源之後,就可以重開機,也就是先按
<guimenu>Action</guimenu> 再按 <guimenu>Reset</guimenu> 即可。
<application>Virtual PC</application> 會以特殊 BIOS 開機,並與普通
BIOS 一樣會先檢查是否有光碟機。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd11"/>
</imageobject>
</mediaobject>
<para>此時,它就會找到 FreeBSD 安裝片,並開始安裝過程。 這時候也可順便裝
<application>&xorg;</application> 但先不要進行相關設定。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd12"/>
</imageobject>
</mediaobject>
<para>完成安裝之後,記得把光碟片退出或者 ISO image 退片。 最後,
把裝好的 FreeBSD 虛擬機器重開機即可。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/virtualpc-freebsd13"/>
</imageobject>
</mediaobject>
</sect3>
<sect3 xml:id="virtualization-guest-virtualpc-configure">
<title>調整 &microsoft.windows;/Virtual PC 上的 FreeBSD</title>
<para>&microsoft.windows; 上以 <application>Virtual
PC</application> 裝好 FreeBSD 後,還需要作一些設定步驟,
以便將虛擬機器內的 FreeBSD 最佳化。</para>
<procedure>
<step>
<title>設定 boot loader 參數</title>
<para>最重要的步驟乃是藉由調降 <option>kern.hz</option> 來降低
<application>Virtual PC</application> 環境內 FreeBSD 的 CPU
佔用率。 可以在 <filename>/boot/loader.conf</filename>
內加上下列設定即可:</para>
<programlisting>kern.hz=100</programlisting>
<para>若不作這設定,那麼光是 idle 狀態的 FreeBSD
<application>Virtual PC</application> guest OS
就會在僅單一處理器的電腦上佔了大約 40% 的 CPU 佔用率。
作上述修改之後,佔用率就會降至大約 3%。</para>
</step>
<step>
<title>設定新的 kernel 設定檔</title>
<para>可以放心把所有 SCSI、FireWire、USB 相關設備都移除。
<application>Virtual PC</application> 有提供 &man.de.4;
的虛擬網卡,因此除了 &man.de.4; 以及 &man.miibus.4;
以外的其他網路卡也都可以從 kernel 中移除。</para>
</step>
<step>
<title>設定網路</title>
<para>可以替虛擬機器簡單用 DHCP 來設定與 host(&microsoft.windows;)
相同的 LAN 網路環境,只要在 <filename>/etc/rc.conf</filename>
加上 <literal>ifconfig_de0="DHCP"</literal> 即可完成。
其他進階的網路設定方式,請參閱 <xref linkend="advanced-networking"/></para>
</step>
</procedure>
</sect3>
</sect2>
<sect2 xml:id="virtualization-guest-vmware">
<title>在 MacOS 上的 VMware</title>
<para>&mac; 上的 <application>VMWare Fusion</application> 乃是可用於搭配
&intel; CPU 以及 &macos; 10.4.9 之 &apple; &mac; 以上的 &apple; &mac;
電腦之商業軟體。 FreeBSD 是其有完整支援的 guest OS 之一。 在 &macos;
X 上裝完 <application>VMWare Fusion</application> 之後,
必須針對所欲安裝的 guest OS 來作相關的虛擬機器設定。</para>
<sect3 xml:id="virtualization-guest-vmware-install">
<title>在 VMWare/&macos; X 上安裝 FreeBSD</title>
<para>首先執行 VMWare Fusion而其 Virtual Machine Library
也會隨之一併載入,這時請按 "New" 來建立 VM(虛擬機器)</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd01"/>
</imageobject>
</mediaobject>
<para>接著會有 New Virtual Machine Assistant 來協助您建立 VM請按
Continue 繼續:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd02"/>
</imageobject>
</mediaobject>
<para><guimenuitem>Operating System</guimenuitem>
<guimenuitem>Other</guimenuitem>,以及 <guimenu>Version</guimenu>
處請選擇是否要
<guimenuitem>FreeBSD</guimenuitem>
<guimenuitem>FreeBSD 64-bit</guimenuitem>,這部份請依自身需求是否有要
64-bit 支援而定:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd03"/>
</imageobject>
</mediaobject>
<para>接著設定 VM image 檔要存到何處,以及決定名稱:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd04"/>
</imageobject>
</mediaobject>
<para>決定該 VM 的虛擬硬碟要用多大:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd05"/>
</imageobject>
</mediaobject>
<para>選擇要裝 VM 的方式為何,要用 ISO image 檔或者光碟機:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd06"/>
</imageobject>
</mediaobject>
<para>按 Finish 以完畢,接著就會啟動該 VM</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd07"/>
</imageobject>
</mediaobject>
<para>接著就照以往安裝 &os; 的方式來裝,若不熟的話請參閱
<xref linkend="bsdinstall"/></para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd08"/>
</imageobject>
</mediaobject>
<para>裝完之後,就可以修改一些 VM 設定,像是記憶體大小:</para>
<note>
<para>VM 在運作之時,不能修改 VM 的硬體設定。</para>
</note>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd09"/>
</imageobject>
</mediaobject>
<para>調整 VM 的 CPU 數量:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd10"/>
</imageobject>
</mediaobject>
<para>光碟機狀態,通常不再需要用的時候,就可以切斷其與 VM 的連接:</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd11"/>
</imageobject>
</mediaobject>
<para>最後要改的則是 VM 的網路設定。 若除了 Host OS 之外的機器也能連到
VM那麼請選 <guimenuitem>Connect directly to the physical network
(Bridged)</guimenuitem>,否則就選 <guimenuitem>Share the host's
internet connection (NAT)</guimenuitem> 即可讓 VM 連到 Internet
但外面則無法連入該 VM。</para>
<mediaobject>
<imageobject>
<imagedata fileref="virtualization/vmware-freebsd12"/>
</imageobject>
</mediaobject>
<para>改完上述設定之後,就可以啟動新裝妥的 FreeBSD 虛擬機器。</para>
</sect3>
<sect3 xml:id="virtualization-guest-vmware-configure">
<title>調整 &macos; X/VMWare 上的 FreeBSD</title>
<para>把 FreeBSD 成功裝到 &macos; X 的 <application>VMWare</application>
之後,還需要作一些設定步驟, 以便將虛擬機器內的 FreeBSD 最佳化。</para>
<procedure>
<step>
<title>設定 boot loader 參數</title>
<para>最重要的步驟乃是藉由調降 <option>kern.hz</option> 來降低
<application>VMWare</application> 環境內 FreeBSD 的 CPU 佔用率。
可以在 <filename>/boot/loader.conf</filename>
內加上下列設定即可:</para>
<programlisting>kern.hz=100</programlisting>
<para>若不作這設定,那麼光是 idle 狀態的 FreeBSD
(<application>VMWare</application> guest OS) 就會在僅單一處理器的
&imac; 上佔了大約 15% 的 CPU 佔用率。 作上述修改之後,
佔用率就會降至大約 5%。</para>
</step>
<step>
<title>設定新的 kernel 設定檔</title>
<para>可以放心把所有 FireWire、USB 相關設備都移除。
<application>VMWare</application> 有提供 &man.em.4; 的虛擬網卡,
因此,除了 &man.em.4; 以及 &man.miibus.4; 以外的其他網路卡,
也都可以從 kernel 中移除。</para>
</step>
<step>
<title>設定網路</title>
<para>可以替虛擬機器簡單用 DHCP 來設定與 host &mac; 相同的 LAN
網路環境,只要在 <filename>/etc/rc.conf</filename> 加上
<literal>ifconfig_em0="DHCP"</literal> 即可。
其他進階的網路設定方式,請參考 <xref linkend="advanced-networking"/></para>
</step>
</procedure>
</sect3>
</sect2>
</sect1>
<sect1 xml:id="virtualization-host">
<title>以 FreeBSD 為 Host OS</title>
<para>目前,尚未有任何虛擬機器軟體有官方支援 FreeBSD 作為 host OS
但蠻多人都有在用舊版 <application>VMware</application> 所提供的這項功能。
不過,目前已經有人為讓 <application>&xen;</application> 能夠以 FreeBSD
為 host OS 為目標,而進行相關工作。</para>
</sect1>
</chapter>

15
zh_TW.UTF-8/books/handbook/x11/Makefile
View file

@ -1,15 +0,0 @@
#
# Build the Handbook with just the content from this chapter.
#
# $FreeBSD$
#
CHAPTERS= x11/chapter.xml
VPATH= ..
MASTERDOC= ${.CURDIR}/../${DOC}.${DOCBOOKSUFFIX}
DOC_PREFIX?= ${.CURDIR}/../../../..
.include "../Makefile"

1515
zh_TW.UTF-8/books/handbook/x11/chapter.xml
View file

File diff suppressed because it is too large Load diff

4332
zh_TW.UTF-8/books/handbook/zfs/chapter.xml
View file

File diff suppressed because it is too large Load diff

24305
zh_TW.UTF-8/books/handbook/zh_TW.po
View file

File diff suppressed because it is too large Load diff