From b2aa95b56c95707c7d7a8ae257370da3acc14f76 Mon Sep 17 00:00:00 2001 From: Marc Fonvieille Date: Sun, 12 Aug 2007 12:59:21 +0000 Subject: [PATCH] - Re-add without any change "Configure Additional Network Services" section (see previous commit to understand why); - Add some links to help navigation when one reaches the "Existing Install" section. --- .../books/handbook/install/chapter.sgml | 263 +++++++++++++++++- 1 file changed, 261 insertions(+), 2 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/install/chapter.sgml b/en_US.ISO8859-1/books/handbook/install/chapter.sgml index cc0199e591..6c471d2305 100644 --- a/en_US.ISO8859-1/books/handbook/install/chapter.sgml +++ b/en_US.ISO8859-1/books/handbook/install/chapter.sgml @@ -3449,7 +3449,7 @@ Retype new password : Exiting Install - If you need to configure additional network devices or + If you need to configure additional network services or any other configuration, you can do it at this point or after installation with sysinstall (/stand/sysinstall in &os; versions older @@ -3491,7 +3491,266 @@ Retype new password : be removed from drive (quickly). The system will reboot so watch for any error messages that - may appear. + may appear, see for more + details. + + + + + + + Tom + Rhodes + Contributed by + + + + Configure Additional Network Services + + Configuring network services can be a daunting + task for new users if they lack previous + knowledge in this area. Networking, including the Internet, + is critical to all modern operating systems including &os;; + as a result, it is very useful to have some understanding + &os;'s extensive networking capabilities. Doing this + during the installation will ensure users have some + understanding of the various services available to them. + + Network services are programs that accept input from + anywhere on the network. Every effort is made to make sure + these programs will not do anything harmful. + Unfortunately, programmers are not perfect and through time + there have been cases where bugs in network services have been + exploited by attackers to do bad things. It is important that + you only enable the network services you know that you need. If + in doubt it is best if you do not enable a network service until + you find out that you do need it. You can always enable it + later by re-running sysinstall or by + using the features provided by the + /etc/rc.conf file. + + Selecting the Networking option will display + a menu similar to the one below: + +
+ Network Configuration Upper-level + + + + + + +
+ + The first option, Interfaces, was previously covered during + the , thus this option can + safely be ignored. + + Selecting the AMD option adds + support for the BSD automatic mount utility. + This is usually used in conjunction with the + NFS protocol (see below) + for automatically mounting remote file systems. + No special configuration is required here. + + Next in line is the AMD Flags + option. When selected, a menu will pop up for you + to enter specific AMD flags. + The menu already contains a set of default options: + + -a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map + + The option sets the default mount + location which is specified here as + /.amd_mnt. The + option specifies the default log file; + however, when syslogd is used all log + activity will be sent to the system log daemon. The + /host directory is used + to mount an exported file system from a remote + host, while /net + directory is used to mount an exported file system from an + IP address. The + /etc/amd.map file defines the default + options for AMD exports. + + + FTP + anonymous + + + The Anon FTP option permits anonymous + FTP connections. Select this option to + make this machine an anonymous FTP server. + Be aware of the security risks involved with this option. + Another menu will be displayed to explain the security risks + and configuration in depth. + + The Gateway configuration menu will set + the machine up to be a gateway as explained previously. This + can be used to unset the Gateway option if you accidentally + selected it during the installation process. + + The Inetd option can be used to configure + or completely disable the &man.inetd.8; daemon as discussed + above. + + The Mail option is used to configure the system's + default MTA or Mail Transfer Agent. + Selecting this option will bring up the following menu: + +
+ Select a default MTA + + + + + + +
+ + Here you are offered a choice as to which + MTA to install + and set as the default. An MTA is nothing + more than a mail server which delivers email to users on the + system or the Internet. + + Selecting Sendmail will install + the popular sendmail server which + is the &os; default. The Sendmail local option + will set sendmail to be the default + MTA, but disable its ability to receive + incoming email from the Internet. The other options here, + Postfix and + Exim act similar to + Sendmail. They both deliver + email; however, some users prefer these alternatives to the + sendmail + MTA. + + After selecting an MTA, or choosing + not to select an MTA, the network configuration menu will appear + with the next option being NFS client. + + The NFS client option will + configure the system to communicate with a server via + NFS. An NFS server + makes file systems available to other machines on the + network via the NFS protocol. If this is + a stand-alone machine, this option can remain unselected. + The system may require more configuration later; see + for more + information about client and server configuration. + + Below that option is the NFS server + option, permitting you to set the system up as an + NFS server. This adds the required + information to start up the RPC remote + procedure call services. RPC is used to + coordinate connections between hosts and programs. + + Next in line is the Ntpdate option, + which deals with time synchronization. When selected, a menu + like the one below shows up: + +
+ Ntpdate Configuration + + + + + + +
+ + From this menu, select the server which is the closest + to your location. Selecting a close one will make the time + synchronization more accurate as a server further from your + location may have more connection latency. + + The next option is the PCNFSD selection. + This option will install the + net/pcnfsd package from + the Ports Collection. This is a useful utility which provides + NFS authentication services for systems which + are unable to provide their own, such as Microsoft's + &ms-dos; operating system. + + Now you must scroll down a bit to see the other + options: + +
+ Network Configuration Lower-level + + + + + + +
+ + The &man.rpcbind.8;, &man.rpc.statd.8;, and + &man.rpc.lockd.8; utilities are all used for Remote Procedure + Calls (RPC). + The rpcbind utility manages communication + between NFS servers and clients, and is + required for NFS servers to operate + correctly. The rpc.statd daemon interacts + with the rpc.statd daemon on other hosts to + provide status monitoring. The reported status is usually held + in the /var/db/statd.status file. The + next option listed here is the rpc.lockd + option, which, when selected, will provide file locking + services. This is usually used with + rpc.statd to monitor what hosts are + requesting locks and how frequently they request them. + While these last two options are marvelous for debugging, they + are not required for NFS servers and clients + to operate correctly. + + As you progress down the list the next item here is + Routed, which is the routing daemon. The + &man.routed.8; utility manages network routing tables, + discovers multicast routers, and supplies a copy of the routing + tables to any physically connected host on the network upon + request. This is mainly used for machines which act as a + gateway for the local network. When selected, a menu will be + presented requesting the default location of the utility. + The default location is already defined for you and can be + selected with the Enter key. You will then + be presented with yet another menu, this time asking for the + flags you wish to pass on to routed. The + default is and it should already appear + on the screen. + + Next in line is the Rwhod option which, + when selected, will start the &man.rwhod.8; daemon + during system initialization. The rwhod + utility broadcasts system messages across the network + periodically, or collects them when in consumer + mode. More information can be found in the &man.ruptime.1; and + &man.rwho.1; manual pages. + + The next to the last option in the list is for the + &man.sshd.8; daemon. This is the secure shell server for + OpenSSH and it is highly recommended + over the standard telnet and + FTP servers. The sshd + server is used to create a secure connection from one host to + another by using encrypted connections. + + Finally there is the TCP Extensions + option. This enables the TCP Extensions + defined in RFC 1323 and + RFC 1644. While on many hosts this can + speed up connections, it can also cause some connections to be + dropped. It is not recommended for servers, but may be + beneficial for stand alone machines. + + Now that you have configured the network services, you can + scroll up to the very top item which is Exit + and continue on to the next configuration section. +