MF ISBN:

Merged /projects/print2013/en_US.ISO8859-1:r40693-40726 Merged /projects/ISBN_1-57176-407-0/en_US.ISO8859-1:r40727-41455, 41457-41469,41472-41477,41479-41513,41515-41521,41523-41577, 41579-41581,41583-42013 Notes: This merge entirely excludes the en_US/books/handbook/ppp-and-slip/ changes. They will need to be looked at a bit more closely. Note to translators: I am very, very sorry. There was no *clean* way to merge this as separate commits. Trust me, I tried. The revision logs for the ISBN branch should provide some insight to what content has changed. I am more than happy to help out here. Sorry :( Approved by: doceng (implicit)
svn path=/head/; revision=42014
2013-06-23 22:37:08 +00:00 · 2013-06-23 22:37:08 +00:00 · e05926f374 · 2020-12-08 03:00:23 +00:00
commit e05926f374
parent e7c0b1569a
16 changed files with 9363 additions and 9961 deletions
--- a/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/advanced-networking/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/audit/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/audit/chapter.xml
@ -60,8 +60,8 @@ requirements. -->
      </listitem>
      <listitem>
-	<para>How to configure Event Auditing on &os; for users
+	<para>How to configure Event Auditing on &os; for users and
-	  and processes.</para>
+	  processes.</para>
      </listitem>
      <listitem>
@ -85,8 +85,8 @@ requirements. -->
      </listitem>
      <listitem>
-	<para>Have some familiarity with security and how it
+	<para>Have some familiarity with security and how it pertains
-	  pertains to &os; (<xref linkend="security"/>).</para>
+	  to &os; (<xref linkend="security"/>).</para>
      </listitem>
    </itemizedlist>
@ -104,9 +104,9 @@ requirements. -->
 	Administrators should take into account disk space
 	requirements associated with high volume audit configurations.
 	For example, it may be desirable to dedicate a file system to
-	the <filename class="directory">/var/audit</filename> tree so that other file
+	the <filename class="directory">/var/audit</filename> tree
-	systems are not affected if the audit file system becomes
+	so that other file systems are not affected if the audit file
-	full.</para>
+	system becomes full.</para>
    </warning>
  </sect1>
@ -133,9 +133,9 @@ requirements. -->
      <listitem>
 	<para><emphasis>class</emphasis>: Event classes are named sets
 	  of related events, and are used in selection expressions.
-	  Commonly used classes of events include
+	  Commonly used classes of events include <quote>file
-	  <quote>file creation</quote> (fc), <quote>exec</quote> (ex)
+	    creation</quote> (fc), <quote>exec</quote> (ex) and
-	  and <quote>login_logout</quote> (lo).</para>
+	  <quote>login_logout</quote> (lo).</para>
      </listitem>
      <listitem>
@ -199,8 +199,8 @@ requirements. -->
    <programlisting>options	AUDIT</programlisting>
    <para>Rebuild and reinstall
-      the kernel via the normal process explained in
+      the kernel via the normal process explained in <xref
-      <xref linkend="kernelconfig"/>.</para>
+	linkend="kernelconfig"/>.</para>
    <para>Once an audit-enabled kernel is built, installed, and the
      system has been rebooted, enable the audit daemon by adding the
@ -249,10 +249,10 @@ requirements. -->
      <listitem>
 	<para><filename>audit_warn</filename> - A customizable shell
-	  script used by <application>auditd</application> to generate
+	  script used by &man.auditd.8; to generate warning messages
-	  warning messages in exceptional situations, such as when
+	  in exceptional situations, such as when space for audit
-	  space for audit records is running low or when the audit
+	  records is running low or when the audit trail file has
-	  trail file has been rotated.</para>
+	  been rotated.</para>
      </listitem>
    </itemizedlist>
@ -400,8 +400,8 @@ requirements. -->
      </itemizedlist>
      <para>These audit event classes may be customized by modifying
-	the <filename>audit_class</filename> and
+	the <filename>audit_class</filename> and <filename>audit_
-	<filename>audit_event</filename> configuration files.</para>
+	  event</filename> configuration files.</para>
      <para>Each audit class in the list is combined with a prefix
 	indicating whether successful/failed operations are matched,
@ -451,18 +451,16 @@ requirements. -->
      <title>Configuration Files</title>
      <para>In most cases, administrators will need to modify only two
-	files when configuring the audit system:
+	files when configuring the audit system: <filename>audit_
-	<filename>audit_control</filename> and
+	  control</filename> and <filename>audit_user</filename>.
-	<filename>audit_user</filename>.  The first controls
+	The first controls system-wide audit properties and policies;
-	system-wide audit properties and policies; the second may be
+	the second may be used to fine-tune auditing by user.</para>
 	used to fine-tune auditing by user.</para>
      <sect3 id="audit-auditcontrol">
 	<title>The <filename>audit_control</filename> File</title>
-	<para>The <filename>audit_control</filename> file specifies a
+	<para>A number of defaults for the audit subsystem are
-	  number of defaults for the audit subsystem.  Viewing the
+	  specified in <filename>audit_control</filename>:</para>
 	  contents of this file, we see the following:</para>
 	<programlisting>dir:/var/audit
 flags:lo
@ -471,7 +469,7 @@ naflags:lo
 policy:cnt
 filesz:0</programlisting>
-	<para>The <option>dir</option> option is used to set one or
+	<para>The <option>dir</option> entry is used to set one or
 	  more directories where audit logs will be stored.  If more
 	  than one directory entry appears, they will be used in order
 	  as they fill.  It is common to configure audit so that audit
@ -484,17 +482,17 @@ filesz:0</programlisting>
 	  example above, successful and failed login and logout events
 	  are audited for all users.</para>
-	<para>The <option>minfree</option> option defines the minimum
+	<para>The <option>minfree</option> entry defines the minimum
 	  percentage of free space for the file system where the audit
 	  trail is stored.  When this threshold is exceeded, a warning
 	  will be generated.  The above example sets the minimum free
 	  space to twenty percent.</para>
-	<para>The <option>naflags</option> option specifies audit
+	<para>The <option>naflags</option> entry specifies audit classes
-	  classes to be audited for non-attributed events, such as the
+	  to be audited for non-attributed events, such as the login
-	  login process and system daemons.</para>
+	  process and system daemons.</para>
-	<para>The <option>policy</option> option specifies a
+	<para>The <option>policy</option> entry specifies a
 	  comma-separated list of policy flags controlling various
 	  aspects of audit behavior.  The default
 	  <literal>cnt</literal> flag indicates that the system should
@ -504,7 +502,7 @@ filesz:0</programlisting>
 	  to the &man.execve.2; system call to be audited as part of
 	  command execution.</para>
-	<para>The <option>filesz</option> option specifies the maximum
+	<para>The <option>filesz</option> entry specifies the maximum
 	  size in bytes to allow an audit trail file to grow to before
 	  automatically terminating and rotating the trail file.  The
 	  default, 0, disables automatic log rotation.  If the
@ -516,25 +514,24 @@ filesz:0</programlisting>
      <sect3 id="audit-audituser">
 	<title>The <filename>audit_user</filename> File</title>
-	<para>The <filename>audit_user</filename> file permits the
+	<para>The administrator can specify further audit requirements
-	  administrator to specify further audit requirements for
+	  for specific users in <filename>audit_user</filename>.
-	  specific users.  Each line configures auditing for a user
+	  Each line configures auditing for a user via two fields:
-	  via two fields: the first is the
+	  the first is the <literal>alwaysaudit</literal> field,
-	  <literal>alwaysaudit</literal> field, which specifies a set
+	  which specifies a set of events that should always be
-	  of events that should always be audited for the user, and
+	  audited for the user, and the second is the
-	  the second is the <literal>neveraudit</literal> field, which
+	  <literal>neveraudit</literal> field, which specifies a set
-	  specifies a set of events that should never be audited for
+	  of events that should never be audited for the user.</para>
 	  the user.</para>
 	<para>The following example <filename>audit_user</filename>
-	  file audits login/logout events and successful command
+	  audits login/logout events and successful command
-	  execution for the <username>root</username> user, and audits
+	  execution for <username>root</username>, and audits
-	  file creation and successful command execution for the
+	  file creation and successful command execution for
-	  <username>www</username> user.  If used with the example
+	  <username>www</username>.  If used with the above example
-	  <filename>audit_control</filename> file above, the
+	  <filename>audit_control</filename>, the
 	  <literal>lo</literal> entry for <username>root</username> is
 	  redundant, and login/logout events will also be audited for
-	  the <username>www</username> user.</para>
+	  <username>www</username>.</para>
 	<programlisting>root:lo,+ex:no
 www:fc,+ex:no</programlisting>
@ -553,14 +550,13 @@ www:fc,+ex:no</programlisting>
 	&man.praudit.1; command converts trail files to a simple text
 	format; the &man.auditreduce.1; command may be used to reduce
 	the audit trail file for analysis, archiving, or printing
-	purposes.  <command>auditreduce</command> supports a variety
+	purposes.  A variety of selection parameters are supported by
-	of selection parameters, including event type, event class,
+	&man.auditreduce.1;, including event type, event class,
 	user, date or time of the event, and the file path or object
 	acted on.</para>
-      <para>For example, the <command>praudit</command> utility will
+      <para>For example, &man.praudit.1; will dump the entire
-	dump the entire contents of a specified audit log in plain
+	contents of a specified audit log in plain text:</para>
 	text:</para>
      <screen>&prompt.root; <userinput>praudit /var/audit/AUDITFILE</userinput></screen>
@ -569,11 +565,11 @@ www:fc,+ex:no</programlisting>
 	the audit log to dump.</para>
      <para>Audit trails consist of a series of audit records made up
-	of tokens, which <command>praudit</command> prints
+	of tokens, which &man.praudit.1; prints sequentially one per
-	sequentially one per line.  Each token is of a specific type,
+	line.  Each token is of a specific type, such as
-	such as <literal>header</literal> holding an audit record
+	<literal>header</literal> holding an audit record header, or
-	header, or <literal>path</literal> holding a file path from a
+	<literal>path</literal> holding a file path from a name
-	name lookup.  The following is an example of an
+	lookup.  The following is an example of an
 	<literal>execve</literal> event:</para>
      <programlisting>header,133,10,execve(2),0,Mon Sep 25 15:58:03 2006, + 384 msec
@ -605,9 +601,9 @@ trailer,133</programlisting>
 	successful execution, and the <literal>trailer</literal>
 	concludes the record.</para>
-      <para><command>praudit</command> also supports
+      <para><acronym>XML</acronym> output format is also supported by
-	an XML output format, which can be selected using the
+	&man.praudit.1;, and can be selected using
-	<option>-x</option> argument.</para>
+	<option>-x</option>.</para>
    </sect2>
    <sect2>
@ -619,20 +615,19 @@ trailer,133</programlisting>
      <screen>&prompt.root; <userinput>auditreduce -u trhodes /var/audit/AUDITFILE | praudit</userinput></screen>
-      <para>This will select all audit records produced for the user
+      <para>This will select all audit records produced for
-	<username>trhodes</username> stored in the
+	<username>trhodes</username> stored in
-	<filename><replaceable>AUDITFILE</replaceable></filename>
+	<filename><replaceable>AUDITFILE</replaceable></filename>.</para>
 	file.</para>
    </sect2>
    <sect2>
      <title>Delegating Audit Review Rights</title>
      <para>Members of the <groupname>audit</groupname> group are
-	given permission to read audit trails in
+	given permission to read audit trails in <filename
-	<filename class="directory">/var/audit</filename>; by default, this group is
+	  class="directory">/var/audit</filename>; by default, this
-	empty, so only the <username>root</username> user may read
+	group is empty, so only the <username>root</username> user
-	audit trails.  Users may be added to the
+	may read audit trails.  Users may be added to the
 	<groupname>audit</groupname> group in order to delegate audit
 	review rights to the user.  As the ability to track audit log
 	contents provides significant insight into the behavior of
@ -674,9 +669,9 @@ trailer,133</programlisting>
 	  SSH session, then a continuous stream of audit events will
 	  be generated at a high rate, as each event being printed
 	  will generate another event.  It is advisable to run
-	  <command>praudit</command> on an audit pipe device from
+	  &man.praudit.1; on an audit pipe device from sessions
-	  sessions without fine-grained I/O auditing in order to avoid
+	  without fine-grained I/O auditing in order to avoid this
-	  this happening.</para>
+	  happening.</para>
      </warning>
    </sect2>
@ -684,24 +679,23 @@ trailer,133</programlisting>
      <title>Rotating Audit Trail Files</title>
      <para>Audit trails are written to only by the kernel, and
-	managed only by the audit daemon,
+	managed only by the audit daemon, &man.auditd.8;.
-	<application>auditd</application>.  Administrators should not
+	Administrators should not attempt to use
-	attempt to use &man.newsyslog.conf.5; or other tools to
+	&man.newsyslog.conf.5; or other tools to directly rotate
-	directly rotate audit logs.  Instead, the
+	audit logs.  Instead, the &man.audit.8; management tool may
-	<command>audit</command> management tool may be used to shut
+	be used to shut down auditing, reconfigure the audit system,
-	down auditing, reconfigure the audit system, and perform log
+	and perform log rotation.  The following command causes the
-	rotation.  The following command causes the audit daemon to
+	audit daemon to create a new audit log and signal the kernel
-	create a new audit log and signal the kernel to switch to
+	to switch to using the new log.  The old log will be
-	using the new log.  The old log will be terminated and
+	terminated and renamed, at which point it may then be
-	renamed, at which point it may then be manipulated by the
+	manipulated by the administrator.</para>
 	administrator.</para>
      <screen>&prompt.root; <userinput>audit -n</userinput></screen>
      <warning>
-	<para>If the <application>auditd</application> daemon is not
+	<para>If &man.auditd.8; is not currently running, this
-	  currently running, this command will fail and an error
+	  command will fail and an error message will be
-	  message will be produced.</para>
+	  produced.</para>
      </warning>
      <para>Adding the following line to
@ -710,11 +704,11 @@ trailer,133</programlisting>
      <programlisting>0     */12       *       *       *       root    /usr/sbin/audit -n</programlisting>
-      <para>The change will take effect once you have saved the
+      <para>The change will take effect once you have saved the new
-	new <filename>/etc/crontab</filename>.</para>
+	<filename>/etc/crontab</filename>.</para>
      <para>Automatic rotation of the audit trail file based on file
-	size is possible via the <option>filesz</option> option in
+	size is possible using <option>filesz</option> in
 	&man.audit.control.5;, and is described in the configuration
 	files section of this chapter.</para>
    </sect2>
--- a/en_US.ISO8859-1/books/handbook/basics/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/basics/chapter.xml
@ -57,7 +57,7 @@
      </listitem>
      <listitem>
-	<para>What a shell is, and how to change your default login
+	<para>What a shell is, and how to change the default login
 	  environment.</para>
      </listitem>
@ -87,10 +87,10 @@
    <para>&os; can be used in various ways.  One of them is typing
      commands to a text terminal.  A lot of the flexibility and power
-      of a &unix; operating system is readily available at your hands
+      of a &unix; operating system is readily available when using
-      when using &os; this way.  This section describes what
+      &os; this way.  This section describes what
      <quote>terminals</quote> and <quote>consoles</quote> are, and
-      how you can use them in &os;.</para>
+      how to use them in &os;.</para>
    <sect2 id="consoles-intro">
      <title>The Console</title>
@ -144,15 +144,16 @@ login:</screen>
      <screen>login:</screen>
-      <para>Type the username that was configured during <link
+      <para>Type the username that was configured during system
-	  linkend="bsdinstall-addusers">system installation</link> and
+	installation, as described in <xref
-	press <keycap>Enter</keycap>.  Then enter the password
+	  linkend="bsdinstall-addusers"/>, and press
-	associated with the username and press <keycap>Enter</keycap>.
+	<keycap>Enter</keycap>.  Then enter the password associated
-	The password is <emphasis>not echoed</emphasis> for security
+	with the username and press <keycap>Enter</keycap>.  The
 	password is <emphasis>not echoed</emphasis> for security
 	reasons.</para>
-      <para>Once the correct password is input, the message of
+      <para>Once the correct password is input, the message of the
-	the day (<acronym>MOTD</acronym>) will be displayed followed
+	day (<acronym>MOTD</acronym>) will be displayed followed
 	by a command prompt (a <literal>#</literal>,
 	<literal>$</literal>, or <literal>%</literal> character).  You
 	are now logged into the &os; console and ready to try the
@ -165,8 +166,8 @@ login:</screen>
      <para>&os; can be configured to provide many virtual consoles
 	for inputting commands.  Each virtual console has its own
 	login prompt and output channel, and &os; takes care of
-	properly redirecting keyboard input and monitor output as you
+	properly redirecting keyboard input and monitor output as
-	switch between virtual consoles.</para>
+	switching occurs between virtual consoles.</para>
      <para>Special key combinations have been reserved by &os; for
 	switching consoles.<footnote>
@ -228,10 +229,10 @@ ttyv8   "/usr/X11R6/bin/xdm -nodaemon"  xterm   off secure</programlisting>
      <title>Single User Mode Console</title>
      <para>A detailed description of <quote>single user mode</quote>
-	can be found <link linkend="boot-singleuser">here</link>.
+	can be found in <xref linkend="boot-singleuser"/>.  There is
-	There is only one console when &os; is in single user mode as
+	only one console when &os; is in single user mode as no other
-	no other virtual consoles are available in this mode.  The
+	virtual consoles are available in this mode.  The settings
-	settings for single user mode are found in this section of
+	for single user mode are found in this section of
 	<filename>/etc/ttys</filename>:</para>
      <programlisting># name  getty                           type  status  comments
@ -249,11 +250,11 @@ console none                            unknown  off  secure</programlisting>
 	  without prompting for a password.</para>
 	<para><emphasis>Be careful when changing this setting to
-	    <literal>insecure</literal></emphasis>.  If you ever
+	    <literal>insecure</literal></emphasis>.  If the
-	  forget the <username>root</username> password, booting into
+	  <username>root</username> password is forgotten, booting
-	  single user mode is still possible, but may be difficult for
+	  into single user mode is still possible, but may be
-	  someone who is not comfortable with the &os; booting
+	  difficult for someone who is not comfortable with the &os;
-	  process.</para>
+	  booting process.</para>
      </note>
    </sect2>
@ -301,6 +302,15 @@ console none                            unknown  off  secure</programlisting>
      managing requests for hardware devices, peripherals, memory, and
      CPU time fairly to each user.</para>
    <para>Much more information about user accounts is in the chapter
      about <link linkend="users">accounts</link>.  It is important to
      understand that each person (user) who uses the computer should be
      given their own username and password.  The system keeps track
      of the people using the computer based on this username.  Since
      it is often the case that several people are working on the same
      project &unix; also provides groups.  Several users can be placed
      in the same group.</para>
    <para>Because the system is capable of supporting multiple users,
      everything the system manages has a set of permissions governing
      who can read, write, and execute the resource.  These
@ -382,7 +392,7 @@ console none                            unknown  off  secure</programlisting>
      </tgroup>
    </informaltable>
    <indexterm>
-      <primary><command>ls</command></primary>
+      <primary>&man.ls.1;</primary>
    </indexterm>
    <indexterm><primary>directories</primary></indexterm>
@ -424,10 +434,10 @@ total 530
      write, and execute permissions.  The executable bit for a
      directory has a slightly different meaning than that of files.
      When a directory is marked executable, it means it is possible
-      to change into that directory using
+      to change into that directory using &man.cd.1;.  This also
-      <application>cd</application>.  This also means that it is
+      means that it is possible to access the files within that
-      possible to access the files within that directory, subject to
+      directory, subject to the permissions on the files
-      the permissions on the files themselves.</para>
+      themselves.</para>
    <para>In order to perform a directory listing, the read permission
      must be set on the directory.  In order to delete a file that
@ -588,10 +598,9 @@ total 530
      <para>In addition to file permissions, &os; supports the use of
 	<quote>file flags</quote>.  These flags add an additional
-	level of security and control over files, but not
+	level of security and control over files, but not directories.
-	directories.  With file flags, even
+	With file flags, even <username>root</username> can be
-	<username>root</username> can be prevented from removing or
+	prevented from removing or altering files.</para>
 	altering files.</para>
      <para>File flags are modified using &man.chflags.1;.  For
 	example, to enable the system undeletable flag on the file
@ -669,7 +678,7 @@ total 530
      <para>Note that a <literal>s</literal> is now part of the
 	permission set designated for the file owner, replacing the
 	executable bit.  This allows utilities which need elevated
-	permissions, such as <command>passwd</command>.</para>
+	permissions, such as &man.passwd.1;.</para>
      <note>
 	<para>The <literal>nosuid</literal> &man.mount.8; option will
@ -680,10 +689,10 @@ total 530
      </note>
      <para>To view this in real time, open two terminals.  On
-	one, start the <command>passwd</command> process as a normal
+	one, type <command>passwd</command> as a normal user.
-	user.  While it waits for a new password, check the process
+	While it waits for a new password, check the process
 	table and look at the user information for
-	<command>passwd</command>:</para>
+	&man.passwd.1;:</para>
      <para>In terminal A:</para>
@ -697,9 +706,9 @@ Old Password:</screen>
      <screen>trhodes  5232  0.0  0.2  3420  1608   0  R+    2:10AM   0:00.00 grep passwd
 root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
-      <para>As stated above, the <command>passwd</command> is run
+      <para>Although &man.passwd.1; is run as a normal user, it is
-	by a normal user, but is using the effective
+	using the effective <acronym>UID</acronym> of
-	<acronym>UID</acronym> of <username>root</username>.</para>
+	<username>root</username>.</para>
      <para>The <literal>setgid</literal> permission performs the
 	same function as the <literal>setuid</literal> permission;
@ -709,8 +718,7 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	user who started the process.</para>
      <para>To set the <literal>setgid</literal> permission on a
-	file, provide <command>chmod</command> with a leading two
+	file, provide &man.chmod.1; with a leading two (2):</para>
 	(2):</para>
      <screen>&prompt.root; <userinput>chmod 2755 sgidexample.sh</userinput></screen>
@ -855,8 +863,7 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	    <row>
 	      <entry><filename
 		  class="directory">/etc/namedb/</filename></entry>
-	      <entry><command>named</command> configuration files.
+	      <entry>&man.named.8; configuration files.</entry>
 		Refer to &man.named.8; for details.</entry>
 	    </row>
 	    <row>
@ -870,8 +877,7 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	    <row>
 	      <entry><filename
 		  class="directory">/etc/ppp/</filename></entry>
-	      <entry><command>ppp</command> configuration files as
+	      <entry>&man.ppp.8; configuration files.</entry>
 		described in &man.ppp.8;.</entry>
 	    </row>
 	    <row>
@ -967,26 +973,26 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	      <entry><filename
 		  class="directory">/usr/local/</filename></entry>
 	      <entry>Local executables and libraries.  Also used as
-		the default destination for the &os; ports
+		the default destination for the &os; ports framework.
-		framework.  Within
+		Within <filename
-		<filename class="directory">/usr/local</filename>, the
+		  class="directory">/usr/local</filename>, the
 		general layout sketched out by &man.hier.7; for
 		<filename class="directory">/usr</filename> should be
 		used.  Exceptions are the man directory, which is
-		directly under
+		directly under <filename
-		<filename class="directory">/usr/local</filename>
+		  class="directory">/usr/local</filename>
-		rather than under
+		rather than under <filename
-		<filename class="directory">/usr/local/share</filename>,
+		  class="directory">/usr/local/share</filename>,
-		and the ports documentation is in
+		and the ports documentation is in <filename
-		<filename class="directory">share/doc/<replaceable>port</replaceable></filename>.</entry>
+		  class="directory">share/doc/<replaceable>port</replaceable></filename>.</entry>
 	    </row>
 	    <row>
 	      <entry><filename
 		  class="directory">/usr/obj/</filename></entry>
 	      <entry>Architecture-specific target tree produced by
-		building the
+		building the <filename
-		<filename class="directory">/usr/src</filename>
+		  class="directory">/usr/src</filename>
 		tree.</entry>
 	    </row>
@ -1051,8 +1057,8 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	      <entry><filename
 		  class="directory">/var/tmp/</filename></entry>
 	      <entry>Temporary files which are usually preserved
-		across a system reboot, unless
+		across a system reboot, unless <filename
-		<filename class="directory">/var</filename> is a
+		  class="directory">/var</filename> is a
 		memory-based file system.</entry>
 	    </row>
@ -1078,47 +1084,45 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    <para>Files are stored in directories.  A directory may contain no
      files, or it may contain many hundreds of files.  A directory
-      can also contain other directories, allowing you to build up a
+      can also contain other directories, allowing a hierarchy of
-      hierarchy of directories within one another in order to organize
+      directories within one another in order to organize
      data.</para>
    <para>Files and directories are referenced by giving the file or
      directory name, followed by a forward slash,
      <literal>/</literal>, followed by any other directory names that
-      are necessary.  For example, if the directory
+      are necessary.  For example, if the directory <filename
-      <filename class="directory">foo</filename> contains a directory
+	class="directory">foo</filename> contains a directory
      <filename class="directory">bar</filename> which contains the
      file <filename>readme.txt</filename>, the full name, or
      <firstterm>path</firstterm>, to the file is
      <filename>foo/bar/readme.txt</filename>.  Note that this is
-      different from &windows; which uses
+      different from &windows; which uses <literal>\</literal> to
-      <literal>\</literal> to separate file and directory
+      separate file and directory names.  &os; does not use drive
-      names.  &os; does not use drive letters, or other drive names in
+      letters, or other drive names in the path.  For example, one
-      the path.  For example, you would not type
+      would not type <filename>c:/foo/bar/readme.txt</filename> on
-      <filename>c:/foo/bar/readme.txt</filename> on &os;.</para>
+      &os;.</para>
    <para>Directories and files are stored in a file system.  Each
      file system contains exactly one directory at the very top
      level, called the <firstterm>root directory</firstterm> for that
-      file system.  This root directory can contain other
+      file system.  This root directory can contain other directories.
-      directories.  One file system is designated the
+      One file system is designated the <firstterm>root file
-      <firstterm>root file system</firstterm> or <literal>/</literal>.
+	system</firstterm> or <literal>/</literal>.  Every other file
-      Every other file system is <firstterm>mounted</firstterm> under
+      system is <firstterm>mounted</firstterm> under the root file
-      the root file system.  No matter how many disks you have on your
+      system.  No matter how many disks are on the &os; system, every
-      &os; system, every directory appears to be part of the same
+      directory appears to be part of the same disk.</para>
      disk.</para>
-    <para>Suppose you have three file systems, called
+    <para>Consider three file systems, called <literal>A</literal>,
-      <literal>A</literal>, <literal>B</literal>, and
+      <literal>B</literal>, and <literal>C</literal>.  Each file
-      <literal>C</literal>.  Each file system has one root directory,
+      system has one root directory, which contains two other
-      which contains two other directories, called
+      directories, called <literal>A1</literal>, <literal>A2</literal>
-      <literal>A1</literal>, <literal>A2</literal> (and likewise
+      (and likewise <literal>B1</literal>, <literal>B2</literal> and
      <literal>B1</literal>, <literal>B2</literal> and
      <literal>C1</literal>, <literal>C2</literal>).</para>
-    <para>Call <literal>A</literal> the root file system.  If you used
+    <para>Call <literal>A</literal> the root file system.  If
-      <command>ls</command> to view the contents of this directory you
+      &man.ls.1; is used to view the contents of this directory,
-      would see two subdirectories, <literal>A1</literal> and
+      it will show two subdirectories, <literal>A1</literal> and
      <literal>A2</literal>.  The directory tree looks like
      this:</para>
@ -1137,11 +1141,11 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    </mediaobject>
    <para>A file system must be mounted on to a directory in another
-      file system.  When mounting file system
+      file system.  When mounting file system <literal>B</literal>
-      <literal>B</literal> on to the directory <literal>A1</literal>,
+      on to the directory <literal>A1</literal>, the root directory
-      the root directory of <literal>B</literal> replaces
+      of <literal>B</literal> replaces <literal>A1</literal>, and
-      <literal>A1</literal>, and the directories in
+      the directories in <literal>B</literal> appear
-      <literal>B</literal> appear accordingly:</para>
+      accordingly:</para>
    <mediaobject>
      <imageobject>
@ -1163,10 +1167,9 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    <para>Any files that are in the <literal>B1</literal> or
      <literal>B2</literal> directories can be reached with the path
-      <filename class="directory">/A1/B1</filename> or
+      <filename class="directory">/A1/B1</filename> or <filename
-      <filename class="directory">/A1/B2</filename> as
+	class="directory">/A1/B2</filename> as necessary.  Any files
-      necessary.  Any files that were in
+      that were in <filename class="directory">/A1</filename> have
      <filename class="directory">/A1</filename> have
      been temporarily hidden.  They will reappear if
      <literal>B</literal> is <firstterm>unmounted</firstterm> from
      <literal>A</literal>.</para>
@ -1194,9 +1197,8 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    </mediaobject>
    <para>and the paths would be
-      <filename class="directory">/A2/B1</filename> and
+      <filename class="directory">/A2/B1</filename> and <filename
-      <filename class="directory">/A2/B2</filename>
+	class="directory">/A2/B2</filename> respectively.</para>
      respectively.</para>
    <para>File systems can be mounted on top of one another.
      Continuing the last example, the <literal>C</literal> file
@ -1252,10 +1254,6 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
      </textobject>
    </mediaobject>
    <para>Typically you create file systems when installing &os;
      and decide where to mount them, and then never change them
      unless you add a new disk.</para>
    <para>It is entirely possible to have one large root file system,
      and not need to create any others.  There are some drawbacks to
      this approach, and one advantage.</para>
@ -1268,9 +1266,9 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	  <firstterm>mount options</firstterm>.  For example, the root
 	  file system can be mounted read-only, making it impossible
 	  for users to inadvertently delete or edit a critical file.
-	  Separating user-writable file systems, such as
+	  Separating user-writable file systems, such as <filename
-	  <filename class="directory">/home</filename>, from other
+	    class="directory">/home</filename>, from other file
-	  file systems allows them to be mounted
+	  systems allows them to be mounted
 	  <firstterm>nosuid</firstterm>.  This option prevents the
 	  <firstterm>suid</firstterm>/<firstterm>guid</firstterm> bits
 	  on executables stored on the file system from taking effect,
@ -1287,9 +1285,9 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
      </listitem>
      <listitem>
-	<para>&os;'s file systems are very robust should you lose
+	<para>&os;'s file systems are robust if power is lost.
-	  power.  However, a power loss at a critical point could
+	  However, a power loss at a critical point could still
-	  still damage the structure of the file system.  By splitting
+	  damage the structure of the file system.  By splitting
 	  data over multiple file systems it is more likely that the
 	  system will still come up, making it easier to restore from
 	  backup as necessary.</para>
@ -1365,8 +1363,9 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	    <entry>Normally the same size as the enclosing slice.
 	      This allows utilities that need to work on the entire
 	      slice, such as a bad block scanner, to work on the
-	      <literal>c</literal> partition.  You would not normally
+	      <literal>c</literal> partition.  A file system would not
-	      create a file system on this partition.</entry>
+	      normally be
 	      created on this partition.</entry>
 	  </row>
 	  <row>
@ -1393,7 +1392,7 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
      <literal>s</literal>, starting at 1.  So
      <quote>da0<emphasis>s1</emphasis></quote> is the first slice on
      the first SCSI drive.  There can only be four physical slices on
-      a disk, but you can have logical slices inside physical slices
+      a disk, but there can be logical slices inside physical slices
      of the appropriate type.  These extended slices are numbered
      starting at 5, so <quote>ad0<emphasis>s5</emphasis></quote> is
      the first extended slice on the first IDE disk.  These devices
@ -1404,17 +1403,18 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
      <firstterm>partitions</firstterm>, which are represented as
      letters from <literal>a</literal> to <literal>h</literal>.  This
      letter is appended to the device name, so
-      <quote>da0<emphasis>a</emphasis></quote> is the <literal>a</literal> partition on
+      <quote>da0<emphasis>a</emphasis></quote> is the
-      the first <literal>da</literal> drive, which is <quote>dangerously
+      <literal>a</literal> partition on the first
-      dedicated</quote>. <quote>ad1s3<emphasis>e</emphasis></quote> is
+      <literal>da</literal> drive, which is <quote>dangerously
-      the fifth partition in the third slice of the second IDE disk
+	dedicated</quote>.  <quote>ad1s3<emphasis>e</emphasis></quote>
-      drive.</para>
+      is the fifth partition in the third slice of the second IDE
      disk drive.</para>
    <para>Finally, each disk on the system is identified.  A disk name
      starts with a code that indicates the type of disk, and then a
      number, indicating which disk it is.  Unlike slices, disk
-      numbering starts at 0.  Common codes that you will see are
+      numbering starts at 0.  Common codes are listed in <xref
-      listed in <xref linkend="basics-dev-codes"/>.</para>
+	linkend="basics-dev-codes"/>.</para>
    <para>When referring to a partition, include the disk name,
      <literal>s</literal>, the slice number, and then the partition
@ -1568,12 +1568,11 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    <para>The file system is best visualized as a tree,
      rooted, as it were, at <filename class="directory">/</filename>.
-      <filename class="directory">/dev</filename>,
+      <filename class="directory">/dev</filename>, <filename
-      <filename class="directory">/usr</filename>, and the
+	class="directory">/usr</filename>, and the other directories
-      other directories in the root directory are branches, which may
+      in the root directory are branches, which may have their own
-      have their own branches, such as
+      branches, such as <filename
-      <filename class="directory">/usr/local</filename>, and so
+	class="directory">/usr/local</filename>, and so on.</para>
      on.</para>
    <indexterm><primary>root file system</primary></indexterm>
    <para>There are various reasons to house some of these
@ -1583,14 +1582,13 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
      <filename class="directory">spool/</filename>, and various types
      of temporary files, and as such, may get filled up.  Filling up
      the root file system is not a good idea, so splitting <filename
-	class="directory">/var</filename> from
+	class="directory">/var</filename> from <filename
-      <filename class="directory">/</filename> is often
+	class="directory">/</filename> is often favorable.</para>
      favorable.</para>
    <para>Another common reason to contain certain directory trees on
      other file systems is if they are to be housed on separate
-      physical disks, or are separate virtual disks, such as
+      physical disks, or are separate virtual disks, such as Network
-      <link linkend="network-nfs">Network File System</link> mounts,
+      File System  mounts, described in <xref linkend="network-nfs"/>,
      or CDROM drives.</para>
    <sect2 id="disks-fstab">
@ -1601,7 +1599,7 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	<secondary>mounted with fstab</secondary>
      </indexterm>
-      <para>During the <link linkend="boot">boot process</link>,
+      <para>During the boot process (<xref linkend="boot"/>),
 	file systems listed in <filename>/etc/fstab</filename> are
 	automatically mounted except for the entries containing
 	<option>noauto</option>.  This file contains entries in the
@ -1641,8 +1639,8 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
 	  <term><literal>options</literal></term>
 	  <listitem>
-	    <para>Either <option>rw</option> for read-write
+	    <para>Either <option>rw</option> for read-write file
-	      file systems, or <option>ro</option> for read-only file
+	      systems, or <option>ro</option> for read-only file
 	      systems, followed by any other options that may be
 	      needed.  A common option is <option>noauto</option> for
 	      file systems not normally mounted during the boot
@ -1684,7 +1682,7 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    </sect2>
    <sect2 id="disks-mount">
-      <title>The <command>mount</command> Command</title>
+      <title>Using &man.mount.8;</title>
      <indexterm>
 	<primary>file systems</primary>
@ -1802,14 +1800,14 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    </sect2>
    <sect2 id="disks-umount">
-      <title>The <command>umount</command> Command</title>
+      <title>Using &man.umount.8;</title>
      <indexterm>
 	<primary>file systems</primary>
 	<secondary>unmounting</secondary>
      </indexterm>
-      <para>To unmount a filesystem use &man.umount.8;.  This command
+      <para>To unmount a file system use &man.umount.8;.  This command
 	takes one parameter which can be a mountpoint, device name,
 	<option>-a</option> or <option>-A</option>.</para>
@ -1836,27 +1834,27 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
      processes that are run by &os;.</para>
    <para>Each process is uniquely identified by a number called a
-      <firstterm>process ID</firstterm>
+      <firstterm>process ID</firstterm> (<acronym>PID</acronym>).
-      (<firstterm>PID</firstterm>).  Similar to files, each process
+      Similar to files, each process has one owner and group, and
-      has one owner and group, and the owner and group permissions are
+      the owner and group permissions are used to determine which
-      used to determine which files and devices the process can open.
+      files and devices the process can open.  Most processes also
-      Most processes also have a parent process that started them.
+      have a parent process that started them.  For example, the
-      For example, the shell is a process, and any command started in
+      shell is a process, and any command started in the shell is a
-      the shell is a process which has the shell as its parent
+      process which has the shell as its parent process.  The
-      process.  The exception is a special process called
+      exception is a special process called &man.init.8; which is
-      &man.init.8; which is always the first process to start at boot
+      always the first process to start at boot time and which always
-      time and which always has a PID of 1.</para>
+      has a <acronym>PID</acronym> of 1.</para>
    <para>To see the processes on the system, use &man.ps.1; and
      &man.top.1;.   To display a static list of the currently running
-      processes, their PIDs, how much memory they are using, and the
+      processes, their <acronym>PID</acronym>s, how much memory they
-      command they were started with, use <command>ps</command>.  To
+      are using, and the command they were started with, use
-      display all the running processes and update the display every
+      &man.ps.1;.  To display all the running processes and update
-      few seconds so that you can interactively see what the computer
+      the display every few seconds in order to interactively see
-      is doing, use <command>top</command>.</para>
+      what the computer is doing, use &man.top.1;.</para>
-    <para>By default, <command>ps</command> only shows the commands
+    <para>By default, &man.ps.1; only shows the commands that are
-      that are running and owned by the user.  For example:</para>
+      running and owned by the user.  For example:</para>
    <screen>&prompt.user; <userinput>ps</userinput>
  PID  TT  STAT      TIME COMMAND
@ -1877,15 +1875,16 @@ root     5211  0.0  0.2  3620  1724   2  I+    2:09AM   0:00.01 passwd</screen>
    <para>The output from &man.ps.1; is organized into a number of
      columns.  The <literal>PID</literal> column displays the process
-      ID.  PIDs are assigned starting at 1, go up to 99999, then wrap
+      ID.  <acronym>PID</acronym>s are assigned starting at 1, go up
-      around back to the beginning.  However, a PID is not reassigned
+      to 99999, then wrap around back to the beginning.  However, a
-      if it is already in use.  The <literal>TT</literal> column shows
+      <acronym>PID</acronym> is not reassigned if it is already in
-      the tty the program is running on and <literal>STAT</literal>
+      use.  The <literal>TT</literal> column shows the tty the program
-      shows the program's state.  <literal>TIME</literal> is the
+      is running on and <literal>STAT</literal> shows the program's
-      amount of time the program has been running on the CPU.  This is
+      state.  <literal>TIME</literal> is the amount of time the
-      usually not the elapsed time since the program was started, as
+      program has been running on the CPU.  This is usually not the
-      most programs spend a lot of time waiting for things to happen
+      elapsed time since the program was started, as most programs
-      before they need to spend time on the CPU.  Finally,
+      spend a lot of time waiting for things to happen before they
      need to spend time on the CPU.  Finally,
      <literal>COMMAND</literal> is the command that was used to start
      the program.</para>
@ -1920,25 +1919,25 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
 ...</screen>
    <para>The output is split into two sections.  The header (the
-      first five lines) shows the PID of the last process to run, the
+      first five lines) shows the <acronym>PID</acronym> of the last
-      system load averages (which are a measure of how busy the system
+      process to run, the system load averages (which are a measure
-      is), the system uptime (time since the last reboot) and the
+      of how busy the system is), the system uptime (time since the
-      current time.  The other figures in the header relate to how
+      last reboot) and the current time.  The other figures in the
-      many processes are running (47 in this case), how much memory
+      header relate to how many processes are running (47 in this
-      and swap space has been used, and how much time the system is
+      case), how much memory and swap space has been used, and how
-      spending in different CPU states.</para>
+      much time the system is spending in different CPU states.</para>
    <para>Below the header is a series of columns containing similar
-      information to the output from &man.ps.1;, such as the PID,
+      information to the output from &man.ps.1;, such as the
-      username, amount of CPU time, and the command that started the
+      <acronym>PID</acronym>, username, amount of CPU time, and the
-      process.  By default, &man.top.1; also displays the amount of
+      command that started the process.  By default, &man.top.1; also
-      memory space taken by the process.  This is split into two
+      displays the amount of memory space taken by the process.
-      columns: one for total size and one for resident size.  Total
+      This is split into two columns: one for total size and one for
-      size is how much memory the application has needed and the
+      resident size.  Total size is how much memory the application
-      resident size is how much it is actually using at the moment.
+      has needed and the resident size is how much it is actually
-      In this example, <application>mutt</application> has
+      using at the moment.  In this example,
-      required almost 8&nbsp;MB of RAM, but is currently only using
+      <application>mutt</application> has required almost 8&nbsp;MB
-      5&nbsp;MB.</para>
+      of RAM, but is currently only using 5&nbsp;MB.</para>
    <para>&man.top.1; automatically updates the display every two
      seconds.  A different interval can be specified with
@ -1966,14 +1965,13 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
    <para>There is a convention to name programs that normally run as
      daemons with a trailing <quote>d</quote>.
      <application>BIND</application> is the Berkeley Internet Name
-      Domain, but the actual program that executes is
+      Domain, but the actual program that executes is &man.named.8;.
-      <command>named</command>.  The <application>Apache</application>
+      The <application>Apache</application> web server program is
-      web server program is <command>httpd</command> and the
+      <command>httpd</command> and the line printer spooling daemon
-      line printer spooling daemon is <command>lpd</command>.  This is
+      is &man.lpd.8;.  This is only a naming convention.  For example,
-      only a naming convention.  For example, the main mail daemon for
+      the main mail daemon for the <application>Sendmail</application>
-      the <application>Sendmail</application> application is
+      application is &man.sendmail.8;, and not
-      <command>sendmail</command>, and not
+      <literal>maild</literal>.</para>
      <command>maild</command>.</para>
    <para>One way to communicate with a daemon, or any running
      process, is to send a <firstterm>signal</firstterm> using
@ -2035,15 +2033,15 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      <title>Sending a Signal to a Process</title>
      <para>This example shows how to send a signal to &man.inetd.8;.
-	The <command>inetd</command> configuration file is
+	The &man.inetd.8; configuration file is
-	<filename>/etc/inetd.conf</filename>, and
+	<filename>/etc/inetd.conf</filename>, and &man.inetd.8; will
-	<command>inetd</command> will re-read this configuration file
+	re-read this configuration file when it is sent a
-	when it is sent a <literal>SIGHUP</literal>.</para>
+	<literal>SIGHUP</literal>.</para>
      <step>
-	<para>Find the PID of the process you want to send the signal
+	<para>Find the <acronym>PID</acronym> of the process to send
-	  to using &man.pgrep.1;.  In this example, the PID for
+	  the signal to using &man.pgrep.1;.  In this example, the
-	  &man.inetd.8; is 198:</para>
+	  <acronym>PID</acronym> for &man.inetd.8; is 198:</para>
 	<screen>&prompt.user; <userinput>pgrep -l inetd</userinput>
 198  inetd -wW</screen>
@ -2060,12 +2058,13 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
 &prompt.root; <userinput>/bin/kill -s HUP 198</userinput></screen>
 	<para>Like most &unix; commands, &man.kill.1; will not print
-	  any output if it is successful.  If you send a signal to a
+	  any output if it is successful.  If a signal is sent to a
-	  process that you do not own, you will instead see
+	  process not owned by that user, the message
 	  <errorname>kill: <replaceable>PID</replaceable>: Operation
-	    not permitted</errorname>.  Mistyping the PID will either
+	    not permitted</errorname> will be displayed.  Mistyping
-	  send the signal to the wrong process, which could have
+	  the <acronym>PID</acronym> will either send the signal to
-	  negative results, or will send the signal to a PID that is
+	  the wrong process, which could have negative results, or
 	  will send the signal to a <acronym>PID</acronym> that is
 	  not currently in use, resulting in the error
 	  <errorname>kill: <replaceable>PID</replaceable>: No such
 	    process</errorname>.</para>
@ -2092,9 +2091,9 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
    <important>
      <para>Killing a random process on the system can be a bad idea.
-	In particular, &man.init.8;, PID 1, is special.  Running
+	In particular, &man.init.8;, <acronym>PID</acronym> 1, is
-	<command>/bin/kill -s KILL 1</command> is a quick, and
+	special.  Running <command>/bin/kill -s KILL 1</command> is
-	unrecommended, way to shutdown the system.
+	a quick, and unrecommended, way to shutdown the system.
 	<emphasis>Always</emphasis> double check the arguments to
 	&man.kill.1; <emphasis>before</emphasis> pressing
 	<keycap>Return</keycap>.</para>
@ -2112,14 +2111,14 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      them.  Many shells provide built in functions to help with
      everyday tasks such as file management, file globbing, command
      line editing, command macros, and environment variables.  &os;
-      comes with several shells, including <command>sh</command>, the
+      comes with several shells, including the Bourne shell
-      Bourne Shell, and <command>tcsh</command>, the improved C-shell.
+      (&man.sh.1;) and the extended C shell (&man.tcsh.1;).  Other
-      Other shells are available from the &os; Ports Collection, such
+      shells are available from the &os; Ports Collection, such as
-      as <command>zsh</command> and <command>bash</command>.</para>
+      <command>zsh</command> and <command>bash</command>.</para>
    <para>The shell that is used is really a matter of taste.  A C
      programmer might feel more comfortable with a C-like shell such
-      as <command>tcsh</command>.  A Linux user might prefer
+      as &man.tcsh.1;.  A &linux; user might prefer
      <command>bash</command>.  Each shell has unique properties that
      may or may not work with a user's preferred working environment,
      which is why there is a choice of which shell to use.</para>
@ -2176,7 +2175,8 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
 	  <row>
 	    <entry><envar>DISPLAY</envar></entry>
-	    <entry>Network name of the <application>Xorg</application>
+	    <entry>Network name of the
 	      <application>&xorg;</application>
 	      display to connect to, if available.</entry>
 	  </row>
@ -2231,13 +2231,13 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
    <indexterm><primary>Bourne shells</primary></indexterm>
    <para>How to set an environment variable differs between shells.
-      In <command>tcsh</command> and <command>csh</command>, use
+      In &man.tcsh.1; and &man.csh.1;, use
      <command>setenv</command> to set environment variables.  In
-      <command>sh</command> and <command>bash</command>, use
+      &man.sh.1; and <command>bash</command>, use
      <command>export</command> to set the current environment
      variables.  This example sets the default <envar>EDITOR</envar>
      to <filename>/usr/local/bin/emacs</filename> for the
-      <command>tcsh</command> shell:</para>
+      &man.tcsh.1; shell:</para>
    <screen>&prompt.user; <userinput>setenv EDITOR /usr/local/bin/emacs</userinput></screen>
@ -2254,13 +2254,12 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
    <para>Shells treat special characters, known as meta-characters,
      as special representations of data.  The most common
-      meta-character is <literal>*</literal>, which
+      meta-character is <literal>*</literal>, which represents any
-      represents any number of characters in a filename.
+      number of characters in a filename.  Meta-characters can be
-      Meta-characters can be used to perform filename globbing.  For
+      used to perform filename globbing.  For example, <command>echo
-      example, <command>echo *</command> is equivalent to
+	*</command> is equivalent to &man.ls.1; because the shell
-      <command>ls</command> because the shell takes all the files that
+      takes all the files that match <literal>*</literal> and
-      match <literal>*</literal> and <command>echo</command> lists
+      &man.echo.1; lists them on the command line.</para>
      them on the command line.</para>
    <para>To prevent the shell from interpreting a special character,
      escape it from the shell by starting it with a backslash
@ -2276,9 +2275,8 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
 	to use <command>chsh</command>.  Running this command will
 	open the editor that is configured in the
 	<envar>EDITOR</envar> environment variable, which by default
-	is set to <command>vi</command>.  Change
+	is set to &man.vi.1;.  Change the <quote>Shell:</quote> line
-	the <quote>Shell:</quote> line to the full path of the
+	to the full path of the new shell.</para>
 	new shell.</para>
      <para>Alternately, use <command>chsh -s</command> which will set
 	the specified shell without opening an editor.  For example,
@ -2289,15 +2287,15 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      <note>
 	<para>The new shell <emphasis>must</emphasis> be present in
 	  <filename>/etc/shells</filename>.  If the shell was
-	  installed from the &os; <link linkend="ports">Ports
+	  installed from the &os; Ports Collection as described in
-	    Collection</link>, it should be automatically added to
+	  <xref linkend="ports"/>, it should be automatically added
-	  this file.  If it is missing, add it using this
+	  to this file.  If it is missing, add it using this
 	  command, replacing the path with the path of the
 	  shell:</para>
 	<screen>&prompt.root; <userinput>echo <replaceable>/usr/local/bin/bash</replaceable> &gt;&gt; /etc/shells</userinput></screen>
-	<para>Then rerun <command>chsh</command>.</para>
+	<para>Then rerun &man.chsh.1;.</para>
      </note>
    </sect2>
  </sect1>
@ -2318,12 +2316,12 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
    </indexterm>
    <indexterm>
      <primary>editors</primary>
-      <secondary><command>ee</command></secondary>
+      <secondary>&man.ee.1;</secondary>
    </indexterm>
-    <para>A simple editor to learn is <application>ee</application>,
+    <para>A simple editor to learn is &man.ee.1;, which stands for
-      which stands for easy editor.  To start this editor, type
+      easy editor.  To start this editor, type <command>ee
-      <command>ee <replaceable>filename</replaceable></command> where
+	<replaceable>filename</replaceable></command> where
      <replaceable>filename</replaceable> is the name of the file to
      be edited.  Once inside the editor, all of the commands for
      manipulating the editor's functions are listed at the top of the
@ -2331,18 +2329,17 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      <keycap>Ctrl</keycap>, so <literal>^e</literal> expands to
      <keycombo
 	action="simul"><keycap>Ctrl</keycap><keycap>e</keycap></keycombo>.
-      To leave <application>ee</application>, press
+      To leave &man.ee.1;, press <keycap>Esc</keycap>, then choose
-      <keycap>Esc</keycap>, then choose the <quote>leave
+      the <quote>leave editor</quote> option from the main menu.
-	editor</quote> option from the main menu.  The editor will
+      The editor will prompt to save any changes if the file has been
      prompt you to save any changes if the file has been
      modified.</para>
    <indexterm>
-      <primary><command>vi</command></primary>
+      <primary>&man.vi.1;</primary>
    </indexterm>
    <indexterm>
      <primary>editors</primary>
-      <secondary><command>vi</command></secondary>
+      <secondary>&man.vi.1;</secondary>
    </indexterm>
    <indexterm>
      <primary><command>emacs</command></primary>
@ -2352,10 +2349,9 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      <secondary><command>emacs</command></secondary>
    </indexterm>
-    <para>&os; also comes with more powerful text editors such as
+    <para>&os; also comes with more powerful text editors, such as
-      <application>vi</application> as part of the base system.
+      &man.vi.1;, as part of the base system.  Other editors, like
-      Other editors, like <filename
+      <filename role="package">editors/emacs</filename> and
 	role="package">editors/emacs</filename> and
      <filename role="package">editors/vim</filename>, are part of the
      &os; Ports Collection.  These editors offer more functionality
      at the expense of being a more complicated to learn.  Learning a
@ -2366,8 +2362,7 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
    <para>Many applications which modify files or require typed input
      will automatically open a text editor.  To alter the default
      editor used, set the <envar>EDITOR</envar> environment
-      variable as described in the <link
+      variable as described in <xref linkend="shells"/>.</para>
 	linkend="shells">shells</link> section.</para>
  </sect1>
  <sect1 id="basics-devices">
@ -2393,8 +2388,23 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
  <sect1 id="binary-formats">
    <title>Binary Formats</title>
-    <para>To understand why &os; uses the &man.elf.5; format,the three
+    <para>Typically when a command is passed to the shell, the shell
-      currently <quote>dominant</quote> executable formats for &unix;
+      will arrange for an executable file to be loaded into memory and
      a new process is created.  Executable files can either be a binary
      file (usually created by the linker as part of compiling a program)
      or a shell script (text file to be interpreted by a binary file,
      like &man.sh.1; or &man.perl.1;).  The &man.file.1; command can
      usually determine what is inside a file.</para>
    <para>Binary files need to have a well defined format for the system
      to be able to use them properly.  Part of the file will be the
      executable machine code (the instructions that tell the CPU what
      to do), part of it will be data space with pre-defined values,
      part will be data space with no pre-defined values, etc.  Through
      time, different binary file formats have evolved.</para>
    <para>To understand why &os; uses the &man.elf.5; format, the three
      currently <quote>dominant</quote>, executable formats for &unix;
      must be described:</para>
    <itemizedlist>
@ -2441,8 +2451,8 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      the &man.a.out.5; format, a technology tried and proven through
      many generations of BSD releases, until the beginning of the 3.X
      branch.  Though it was possible to build and run native
-      <acronym>ELF</acronym> binaries and kernels on a &os;
+      <acronym>ELF</acronym> binaries and kernels on a &os; system
-      system for some time before that, &os; initially resisted the
+      for some time before that, &os; initially resisted the
      <quote>push</quote> to switch to <acronym>ELF</acronym> as the
      default format.  Why?  When Linux made its painful transition to
      <acronym>ELF</acronym>, it was due to their inflexible
@ -2502,9 +2512,8 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      programs rewrote them and added simpler support for building
      cross compilers and plugging in different formats.  Those who
      wanted to build cross compilers targeting &os; were out of luck
-      since the older sources that &os; had for
+      since the older sources that &os; had for &man.as.1; and
-      <application>as</application> and <application>ld</application>
+      &man.ld.1; were not up to the task.  The new GNU tools chain
      were not up to the task.  The new GNU tools chain
      (<application>binutils</application>) supports cross
      compiling, <acronym>ELF</acronym>, shared libraries, and C++
      extensions.  In addition, many vendors release
@ -2539,8 +2548,8 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      <screen>&prompt.user; <userinput>man <replaceable>command</replaceable></userinput></screen>
      <para>where <replaceable>command</replaceable> is the name of
-	the command you wish to learn about.  For example, to learn
+	the command to learn about.  For example, to learn more about
-	more about <command>ls</command>, type:</para>
+	&man.ls.1;, type:</para>
      <screen>&prompt.user; <userinput>man ls</userinput></screen>
@ -2587,21 +2596,19 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
      <para>In some cases, the same topic may appear in more than one
 	section of the online manual.  For example, there is a
-	<command>chmod</command> user command and a
+	&man.chmod.1; user command and a
-	<function>chmod()</function> system call.  To tell
+	<function>chmod()</function> system call.  To tell &man.man.1;
-	<command>man</command> which section to display, specify the
+	which section to display, specify the section number:</para>
 	section number:</para>
      <screen>&prompt.user; <userinput>man 1 chmod</userinput></screen>
      <para>This will display the manual page for the user command
-	<command>chmod</command>.  References to a particular section
+	&man.chmod.1;.  References to a particular section of the
-	of the online manual are traditionally placed in parenthesis
+	online manual are traditionally placed in parenthesis in
-	in written documentation, so &man.chmod.1; refers to the
+	written documentation, so &man.chmod.1; refers to the user
-	<command>chmod</command> user command and &man.chmod.2; refers
+	command and &man.chmod.2; refers to the system call.</para>
 	to the system call.</para>
-      <para>If you do not know the command name, use <command>man
+      <para>If the command name is unknown, use <command>man
 	  -k</command> to search for keywords in the command
 	descriptions:</para>
@ -2611,8 +2618,8 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
 	keyword <quote>mail</quote> in their descriptions.  This is
 	equivalent to using &man.apropos.1;.</para>
-      <para>To determine what the commands in
+      <para>To determine what the commands in <filename
-	<filename class="directory">/usr/bin</filename> do,
+	  class="directory">/usr/bin</filename> do,
 	type:</para>
      <screen>&prompt.user; <userinput>cd /usr/bin</userinput>
@ -2636,7 +2643,7 @@ Swap: 256M Total, 38M Used, 217M Free, 15% Inuse
 	by the Free Software Foundation (FSF).  In addition to manual
 	pages, these programs may include hypertext documents called
 	<literal>info</literal> files.  These can be viewed using
-	<command>info</command> or, if <filename
+	&man.info.1; or, if <filename
 	  role="package">editors/emacs</filename> is installed, the
 	info mode of <application>emacs</application>.</para>
--- a/en_US.ISO8859-1/books/handbook/boot/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/boot/chapter.xml
@ -16,9 +16,9 @@
    <para>The process of starting a computer and loading the operating
      system is referred to as <quote>the bootstrap process</quote>,
-      or simply <quote>booting</quote>.  &os;'s boot process
+      or simply <quote>booting</quote>.  &os;'s boot process provides
-      provides a great deal of flexibility in customizing what happens
+      a great deal of flexibility in customizing what happens when
-      when the system starts, including the ability to select from
+      the system starts, including the ability to select from
      different operating systems installed on the same computer,
      different versions of the same operating system, or a different
      installed kernel.</para>
@ -73,47 +73,54 @@
      to the mechanism used to load the operating system, which has
      become shortened to <quote>booting</quote>.</para>
-    <indexterm><primary>BIOS</primary></indexterm>
+    <indexterm><primary><acronym>BIOS</acronym></primary></indexterm>
    <indexterm>
      <primary>Basic Input/Output System</primary>
-      <see>BIOS</see>
+      <see><acronym>BIOS</acronym></see>
    </indexterm>
-    <para>On x86 hardware the Basic Input/Output System (BIOS) is
+    <para>On x86 hardware the Basic Input/Output System
-      responsible for loading the operating system.  To do this, the
+      (<acronym>BIOS</acronym>) is responsible for loading the
-      BIOS looks on the hard disk for the Master Boot Record (MBR),
+      operating system.  To do this, the <acronym>BIOS</acronym>
-      which must be located on a specific place on the disk.  The BIOS
+      looks on the hard disk for the Master Boot Record
-      has enough knowledge to load and run the MBR, and assumes that
+      (<acronym>MBR</acronym>), which must be located in a specific
-      the MBR can then carry out the rest of the tasks involved in
+      place on the disk.  The <acronym>BIOS</acronym> has enough
-      loading the operating system, possibly with the help of the
+      knowledge to load and run the <acronym>MBR</acronym>, and
-      BIOS.</para>
+      assumes that the <acronym>MBR</acronym> can then carry out the
      rest of the tasks involved in loading the operating system,
      possibly with the help of the <acronym>BIOS</acronym>.</para>
-    <indexterm><primary>Master Boot Record (MBR)</primary></indexterm>
+    <indexterm><primary>Master Boot Record
 	<acronym>MBR</acronym>)</primary></indexterm>
    <indexterm><primary>Boot Manager</primary></indexterm>
    <indexterm><primary>Boot Loader</primary></indexterm>
-    <para>The code within the MBR is usually referred to as a
+    <para>The code within the <acronym>MBR</acronym> is usually
-      <emphasis>boot manager</emphasis>, especially when it interacts
+      referred to as a <emphasis>boot manager</emphasis>, especially
-      with the user.  In this case the boot manager usually has more
+      when it interacts with the user.  In this case, the boot
-      code in the first <emphasis>track</emphasis> of the disk or
+      manager usually has more code in the first
-      within some OS's file system.  (A boot manager is sometimes also
+      <emphasis>track</emphasis> of the disk or within the file
-      called a <emphasis>boot loader</emphasis>, but &os; uses that
+      system of some operating systems.  A boot manager is sometimes
-      term for a later stage of booting.) Popular boot managers
+      also called a <emphasis>boot loader</emphasis>, but &os; uses
-      include <application>boot0</application> (aka
+      that term for a later stage of booting.  Popular boot managers
      include <application>boot0</application>, also called
      <application>Boot Easy</application>, the standard &os; boot
-      manager), <application>Grub</application>,
+      manager, <application>Grub</application>,
      <application>GAG</application>, and
-      <application>LILO</application>.  (Only
+      <application>LILO</application>.  Only
-      <application>boot0</application> fits within the MBR.)</para>
+      <application>boot0</application> fits within the
      <acronym>MBR</acronym>.</para>
-    <para>If only one operating system is installed, a standard PC MBR
+    <para>If only one operating system is installed, a standard PC
-      will suffice.  This MBR searches for the first bootable (active)
+      <acronym>MBR</acronym> will suffice.  This
      <acronym>MBR</acronym> searches for the first bootable (active)
      slice on the disk, and then runs the code on that slice to load
-      the remainder of the operating system.  By default, the MBR
+      the remainder of the operating system.  By default, the
-      installed by &man.fdisk.8; is such an MBR and is based on
+      <acronym>MBR</acronym> installed by &man.fdisk.8; is such an
      <acronym>MBR</acronym> and is based on
      <filename>/boot/mbr</filename>.</para>
    <para>If multiple operating systems are present, a different boot
@ -122,18 +129,18 @@
      boot managers are discussed in the next subsection.</para>
    <para>The remainder of the &os; bootstrap system is divided
-      into three stages.  The first stage is run by the MBR, which
+      into three stages.  The first stage is run by the
-      knows just enough to get the computer into a specific state and
+      <acronym>MBR</acronym>, which knows just enough to get the
-      run the second stage.  The second stage can do a little bit
+      computer into a specific state and run the second stage.  The
-      more, before running the third stage.  The third stage finishes
+      second stage can do a little bit more, before running the
-      the task of loading the operating system.  The work is split
+      third stage.  The third stage finishes the task of loading the
-      into three stages because PC standards put limits on the size of
+      operating system.  The work is split into three stages because
-      the programs that can be run at stages one and two.  Chaining
+      PC standards put limits on the size of the programs that can
-      the tasks together allows &os; to provide a more flexible
+      be run at stages one and two.  Chaining the tasks together
-      loader.</para>
+      allows &os; to provide a more flexible loader.</para>
    <indexterm><primary>kernel</primary></indexterm>
-    <indexterm><primary><command>init</command></primary></indexterm>
+    <indexterm><primary>&man.init.8;</primary></indexterm>
    <para>The kernel is then started and it begins to probe for
      devices and initialize them for use.  Once the kernel boot
@ -154,11 +161,11 @@
      <title>The Boot Manager</title>
      <indexterm><primary>Master Boot Record
-	  (MBR)</primary></indexterm>
+	  (<acronym>MBR</acronym>)</primary></indexterm>
-      <para>The code in the MBR or boot manager is sometimes referred
+      <para>The code in the <acronym>MBR</acronym> or boot manager is
-	to as <emphasis>stage zero</emphasis> of the boot process.
+	sometimes referred to as <emphasis>stage zero</emphasis> of
-	This section discusses two boot managers:
+	the boot process.  This section discusses two boot managers:
 	<application>boot0</application> and
 	<application>LILO</application>.</para>
@ -166,12 +173,12 @@
 	<title>The <application>boot0</application> Boot
 	  Manager:</title>
-	<para>The MBR installed by &os;'s installer or
+	<para>The <acronym>MBR</acronym> installed by &os;'s installer
-	  &man.boot0cfg.8; is based on
+	  or &man.boot0cfg.8; is based on
 	  <filename>/boot/boot0</filename>.  The size and capability
 	  of <application>boot0</application> is restricted to 446
 	  bytes due to the slice table and <literal>0x55AA</literal>
-	  identifier at the end of the MBR.  If
+	  identifier at the end of the <acronym>MBR</acronym>.  If
 	  <application>boot0</application> and multiple operating
 	  systems are installed, a message similar to this example
 	  will be displayed at boot time:</para>
@ -187,18 +194,22 @@ Default: F2</screen>
      </example>
      <para>Other operating systems, in particular &windows;, will
-	overwrite an existing MBR if they are installed after &os;.
+	overwrite an existing <acronym>MBR</acronym> if they are
-	If this happens, or you want to replace the existing MBR
+	installed after &os;.  If this happens, or to replace the
-	with the &os; MBR, use the following command:</para>
+	existing <acronym>MBR</acronym> with the &os;
 	<acronym>MBR</acronym>, use the following command:</para>
      <screen>&prompt.root; <userinput>fdisk -B -b /boot/boot0 <replaceable>device</replaceable></userinput></screen>
      <para>where <replaceable>device</replaceable> is the boot disk,
-	such as <devicename>ad0</devicename> for the first IDE disk,
+	such as <devicename>ad0</devicename> for the first
-	<devicename>ad2</devicename> for the first IDE disk on a
+	<acronym>IDE</acronym> disk, <devicename>ad2</devicename>
-	second IDE controller, or <devicename>da0</devicename>
+	for the first <acronym>IDE</acronym> disk on a second
-	for the first SCSI disk.  To create a custom configuration of
+	<acronym>IDE</acronym> controller, or
-	the MBR, refer to &man.boot0cfg.8;.</para>
+	<devicename>da0</devicename>
 	for the first <acronym>SCSI</acronym> disk.  To create a
 	custom configuration of the <acronym>MBR</acronym>, refer to
 	&man.boot0cfg.8;.</para>
      <formalpara>
 	<title>The LILO Boot Manager:</title>
@ -235,11 +246,11 @@ label=FreeBSD</programlisting>
 	constraints, they have been split into two, but are always
 	installed together.  They are copied from the combined
 	<filename>/boot/boot</filename> by the installer or
-	<application>bsdlabel</application>.</para>
+	&man.bsdlabel.8;.</para>
      <para>They are located outside file systems, in the first track
 	of the boot slice, starting with the first sector.  This is
-	where <link linkend="boot-boot0">boot0</link>, or any other
+	where boot0 (<xref linkend="boot-boot0"/>), or any other
 	boot manager, expects to find a program to run which will
 	continue the boot process.  The number of sectors used is
 	easily determined from the size of
@ -256,9 +267,9 @@ label=FreeBSD</programlisting>
 	can provide a simple interface to choose the kernel or loader
 	to run.</para>
-      <para><link linkend="boot-loader">loader</link> is much more
+      <para>However, &man.loader.8; is much more sophisticated and
-	sophisticated and provides a boot configuration which is run
+	provides a boot configuration which is run by
-	by <filename>boot2</filename>.</para>
+	<filename>boot2</filename>.</para>
      <example id="boot-boot2-example">
 	<title><filename>boot2</filename> Screenshot</title>
@ -276,7 +287,8 @@ boot:</screen>
      <para>where <replaceable>diskslice</replaceable> is the disk and
 	slice to boot from, such as <devicename>ad0s1</devicename>
-	for the first slice on the first IDE disk.</para>
+	for the first slice on the first <acronym>IDE</acronym>
 	disk.</para>
      <warning>
 	<title>Dangerously Dedicated Mode</title>
@ -557,10 +569,10 @@ boot:</screen>
 	  first is the default legacy virtual console command line
 	  environment.  After the system finishes booting, a console
 	  login prompt is presented.  The second environment is the
-	  graphical environment provided by
+	  graphical environment as described in <xref linkend="x11"/>.
-	  <link linkend="x11">Xorg</link>.  Refer to that chapter for
+	  Refer to that chapter for more information on how to install
-	  more information on how to install and configure a graphical
+	  and configure a graphical display manager and a graphical
-	  display manager and a graphical login manager.</para>
+	  login manager.</para>
 	<sect4 id="boot-splash-function">
 	  <title>Splash Screen Function</title>
@ -574,8 +586,8 @@ boot:</screen>
 	  <para>To use larger images, up to the maximum resolution of
 	    1024 by 768 pixels, load the <acronym>VESA</acronym>
-	    module during system boot.  For a <ulink
+	    module during system boot.  For a custom kernel, as
-	      url="kernelconfig">custom kernel</ulink>, include the
+	    described in <xref linkend="kernelconfig"/>, include the
 	    <literal>VESA</literal> kernel configuration option.
 	    Loading <acronym>VESA</acronym> support provides the
 	    ability to display a splash screen image that fills the
@ -666,8 +678,8 @@ bitmap_name="<replaceable>/boot/splash.bin</replaceable>"</programlisting>
 	    or
 	    <filename><replaceable>bluewave</replaceable>.pcx</filename>.</para>
-	  <para>Other interesting
+	  <para>Other interesting <filename>loader.conf</filename>
-	    <filename>loader.conf</filename> options include:</para>
+	    options include:</para>
 	  <variablelist>
 	    <varlistentry>
@ -710,10 +722,10 @@ bitmap_name="<replaceable>/boot/splash.bin</replaceable>"</programlisting>
      <secondary>boot interaction</secondary>
    </indexterm>
-    <para>Once the kernel is loaded by either the default <link
+    <para>Once the kernel is loaded by either the default loader
-	linkend="boot-loader">loader</link> or by <link
+      (<xref linkend="boot-loader"/>) or by boot2 (<xref
-	linkend="boot-boot1">boot2</link> which bypasses the loader,
+	linkend="boot-boot1"/>), which bypasses the loader, it
-      it examines its boot flags, if any, and adjusts its behavior as
+      examines any boot flags and adjusts its behavior as
      necessary.</para>
    <sect2 id="boot-kernel-bootflags">
@ -807,8 +819,9 @@ bitmap_name="<replaceable>/boot/splash.bin</replaceable>"</programlisting>
      <quote>device hints</quote>.  These <quote>device hints</quote>
      are used by device drivers for device configuration.</para>
-    <para>Device hints may also be specified at the <link
+    <para>Device hints may also be specified at the Stage 3 boot
-	linkend="boot-loader"> Stage 3 boot loader</link> prompt.
+      loader prompt, as demonstrated in <xref
 	linkend="boot-loader"/>.
      Variables can be added using <command>set</command>, removed
      with <command>unset</command>, and viewed
      <command>show</command>.  Variables set in
@ -882,7 +895,7 @@ bitmap_name="<replaceable>/boot/splash.bin</replaceable>"</programlisting>
    <title>Init: Process Control Initialization</title>
    <indexterm>
-      <primary><command>init</command></primary>
+      <primary>&man.init.8;</primary>
    </indexterm>
    <para>Once the kernel has finished booting, it passes control to
@ -897,10 +910,9 @@ bitmap_name="<replaceable>/boot/splash.bin</replaceable>"</programlisting>
      <para>The automatic reboot sequence makes sure that the file
 	systems available on the system are consistent.  If they are
 	not, and &man.fsck.8; cannot fix the inconsistencies of a UFS
-	file system, &man.init.8; drops the system into
+	file system, &man.init.8; drops the system into single-user
-	<link linkend="boot-singleuser">single-user mode</link> so
+	mode (<xref linkend="boot-singleuser"/>) so that the system
-	that the system administrator can resolve the problem
+	administrator can resolve the problem directly.</para>
 	directly.</para>
    </sect2>
    <sect2 id="boot-singleuser">
@ -909,14 +921,13 @@ bitmap_name="<replaceable>/boot/splash.bin</replaceable>"</programlisting>
      <indexterm><primary>single-user mode</primary></indexterm>
      <indexterm><primary>console</primary></indexterm>
-      <para>This mode can be reached through the <link
+      <para>This mode can be reached through the automatic reboot
-	  linkend="boot-autoreboot">automatic reboot sequence</link>,
+	sequence (<xref linkend="boot-autoreboot"/>), the user booting
-	the user booting with <option>-s</option>, or by setting
+	with <option>-s</option>, or by setting the <envar>boot_
-	the <envar>boot_single</envar> variable in
+	  single</envar> variable in &man.loader.8;.</para>
 	<command>loader</command>.</para>
      <para>It can also be reached by calling &man.shutdown.8; from
-	<link linkend="boot-multiuser">multi-user mode</link> without
+	multi-user mode (<xref linkend="boot-multiuser"/>) without
 	including <option>-r</option> or <option>-h</option>.</para>
      <para>If the system <literal>console</literal> is set to
@ -952,13 +963,13 @@ console none                            unknown off insecure</programlisting>
      <indexterm><primary>multi-user mode</primary></indexterm>
      <para>If &man.init.8; finds the file systems to be in order, or
-	once the user has finished their commands in <link
+	once the user has finished their commands in single-user
-	  linkend="boot-singleuser">single-user mode</link>, the
+	mode (<xref linkend="boot-singleuser"/>), the system enters
-	system enters multi-user mode, in which it starts the
+	multi-user mode, in which it starts the resource configuration
-	resource configuration of the system.</para>
+	of the system.</para>
      <sect3 id="boot-rc">
-	<title>Resource Configuration (rc)</title>
+	<title>Resource Configuration</title>
 	<indexterm><primary>rc files</primary></indexterm>
@ -983,7 +994,7 @@ console none                            unknown off insecure</programlisting>
    <title>Shutdown Sequence</title>
    <indexterm>
-      <primary><command>shutdown</command></primary>
+      <primary>&man.shutdown.8;</primary>
    </indexterm>
    <para>Upon controlled shutdown using &man.shutdown.8;,
@ -997,8 +1008,8 @@ console none                            unknown off insecure</programlisting>
      that support power management, use <command>shutdown -p
 	now</command> to turn the power off immediately.  To reboot a
      &os; system, use <command>shutdown -r now</command>.  One must
-      be <username>root</username> or a member of the
+      be <username>root</username> or a member of
-      <groupname>operator</groupname> group in order to run
+      <groupname>operator</groupname> in order to run
      &man.shutdown.8;.  One can also use &man.halt.8; and
      &man.reboot.8;.  Refer to their manual pages and to
      &man.shutdown.8; for more information.</para>
--- a/en_US.ISO8859-1/books/handbook/config/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/config/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/disks/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/disks/chapter.xml
@ -3690,42 +3690,33 @@ geli_da2_flags="-p -k /root/da2.key"</programlisting>
      <secondary>encrypting</secondary>
    </indexterm>
-    <para>Swap encryption in &os; is easy to configure.  Depending on
+    <para>Like the encryption of disk partitions, encryption of swap
-      which version of &os; is being used, different options are
+      space is used to protect sensitive information.  Consider an
-      available and configuration can vary slightly.  The &man.gbde.8;
+      application that deals with passwords.  As long as these
-      or &man.geli.8; encryption systems can be used for swap
+      passwords stay in physical memory, these passwords will not
-      encryption.  Both systems use the <filename>encswap</filename>
+      be written to disk and be cleared after a reboot.  If &os;
      starts swapping out memory pages to free
      space for other applications, the passwords may be written to
      the disk platters unencrypted.  Encrypting swap space can be a
      solution for this scenario.</para>
    <para>The &man.gbde.8; or &man.geli.8; encryption systems may be
      used for swap encryption.  Both systems use the
      <filename>encswap</filename>
      <link linkend="configtuning-rcd">rc.d</link> script.</para>
-    <sect2>
+    <note>
-      <title>Why Should Swap be Encrypted?</title>
+      <para>For the remainder of this section,
 	<devicename>ad0s1b</devicename> will be the swap
 	partition.</para>
    </note>
-      <para>Like the encryption of disk partitions, encryption of swap
+    <para>Swap partitions are not encrypted by default and should
-	space is used to protect sensitive information.  Consider an
+      be cleared of any sensitive data before continuing.  To
-	application that deals with passwords.  As long as these
+      overwrite the current swap parition with random garbage,
-	passwords stay in physical memory, all is well.  However, if
+      execute the following command:</para>
 	the operating system starts swapping out memory pages to free
 	space for other applications, the passwords may be written to
 	the disk platters unencrypted.  Encrypting swap space can be a
 	solution for this scenario.</para>
    </sect2>
-    <sect2>
+    <screen>&prompt.root; <userinput>dd if=/dev/random of=/dev/<replaceable>ad0s1b</replaceable> bs=1m</userinput></screen>
      <title>Preparation</title>
      <note>
 	<para>For the remainder of this section,
 	  <devicename>ad0s1b</devicename> will be the swap
 	  partition.</para>
      </note>
      <para>By default, swap is unencrypted.  It is possible that it
 	contains passwords or other sensitive data in cleartext.  To
 	rectify this, the data on the swap partition should be
 	overwritten with random garbage:</para>
      <screen>&prompt.root; <userinput>dd if=/dev/random of=/dev/ad0s1b bs=1m</userinput></screen>
    </sect2>
    <sect2>
      <title>Swap Encryption with &man.gbde.8;</title>
@ -3767,7 +3758,7 @@ geli_da2_flags="-p -k /root/da2.key"</programlisting>
    </sect2>
    <sect2>
-      <title>Verifying That it Works</title>
+      <title>Encrypted Swap Verification</title>
      <para>Once the system has rebooted, proper operation of the
 	encrypted swap can be verified using
--- a/en_US.ISO8859-1/books/handbook/eresources/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/eresources/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/install/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/install/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml
@ -695,7 +695,7 @@ options          NFS_ROOT          # NFS usable as /, requires NFSCLIENT</progra
    <para>Adds support for <ulink
 	url="http://en.wikipedia.org/wiki/GUID_Partition_Table">GUID
-	  Partition Tables</ulink> (<acronym>GPT</acronym>.  GPT
+	  Partition Tables</ulink> (<acronym>GPT</acronym>).  GPT
 	provides the ability to have a large number of partitions per
 	disk, 128 in the standard configuration.</para>
@ -778,29 +778,6 @@ options          NFS_ROOT          # NFS usable as /, requires NFSCLIENT</progra
      device nodes in <filename
 	class="directory">/dev</filename>.</para>
    <programlisting>options          ADAPTIVE_GIANT    # Giant mutex is adaptive.</programlisting>
    <para>Giant is the name of a mutual exclusion mechanism, a
      sleep mutex, that protects a large set of kernel resources.
      Today, this is an unacceptable performance bottleneck which
      is actively being replaced with locks that protect individual
      resources.  The <literal>ADAPTIVE_GIANT</literal> option causes
      Giant to be included in the set of mutexes adaptively spun on.
      When a thread wants to lock the Giant mutex, but it is already
      locked by a thread on another CPU, the first thread will keep
      running and wait for the lock to be released.  Normally, the
      thread would instead go back to sleep and wait for its next
      chance to run.  If unsure, leave this in.</para>
    <note>
      <para>Beginning with &os;&nbsp;8.0, all mutexes are adaptive by
 	default, unless explicitly set to non-adaptive by compiling
 	with the <literal>NO_ADAPTIVE_MUTEXES</literal> option.  As a
 	result, Giant is adaptive by default now, and the
 	<literal>ADAPTIVE_GIANT</literal> option has been removed
 	from the kernel configuration.</para>
    </note>
    <indexterm>
      <primary>kernel options</primary>
      <secondary>SMP</secondary>
@ -1441,7 +1418,7 @@ device          fwe           # Ethernet over FireWire (non-standard!)</programl
 	    mechanism for recovering from incompatible kernels.
 	    Simply choose the kernel to boot from at the &os; boot
 	    loader.  This can be accessed when the system boot menu
-	    appears by  selecting the <quote>Escape to a loader
+	    appears by selecting the <quote>Escape to a loader
 	      prompt</quote> option.  At the prompt, type
 	    <command>boot
 	      <replaceable>kernel.old</replaceable></command>, or
--- a/en_US.ISO8859-1/books/handbook/mac/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/mac/chapter.xml
@ -769,7 +769,7 @@ test: biba/high</screen>
  </sect1>
  <sect1 id="mac-seeotheruids">
-    <title>The &man.mac.seeotheruids.4; Module</title>
+    <title>The MAC See Other UIDs Policy</title>
    <indexterm>
      <primary>MAC See Other UIDs Policy</primary>
@ -824,7 +824,7 @@ test: biba/high</screen>
  </sect1>
  <sect1 id="mac-bsdextended">
-    <title>The &man.mac.bsdextended.4; Module</title>
+    <title>The MAC BSD Extended Policy</title>
    <indexterm>
      <primary>MAC</primary>
@ -904,7 +904,7 @@ test: biba/high</screen>
  </sect1>
  <sect1 id="mac-ifoff">
-    <title>The &man.mac.ifoff.4; Module</title>
+    <title>The MAC Interface Silencing Policy</title>
    <indexterm>
      <primary>MAC Interface Silencing Policy</primary>
@ -955,7 +955,7 @@ test: biba/high</screen>
  </sect1>
  <sect1 id="mac-portacl">
-    <title>The &man.mac.portacl.4; Module</title>
+    <title>The MAC Port Access Control List Policy</title>
    <indexterm>
      <primary>MAC Port Access Control List Policy</primary>
@ -1069,7 +1069,7 @@ net.inet.ip.portrange.reservedhigh=0</userinput></screen>
  </sect1>
  <sect1 id="mac-partition">
-    <title>The &man.mac.partition.4; Module</title>
+    <title>The MAC Partition Policy</title>
    <indexterm>
      <primary>MAC Process Partition Policy</primary>
@ -1807,141 +1807,137 @@ setpmac biba/10\(10-10\) /usr/local/etc/rc.d/nagios.sh forcestart</userinput></s
    <para>This section discusses common configuration issues.</para>
-    <sect2>
+    <itemizedlist>
-      <title><option>multilabel</option> cannot be enabled on
+      <listitem>
-	<filename>/</filename></title>
+	<para>The <option>multilabel</option> flag does not stay
 	  enabled on my root (<filename>/</filename>) partition!</para>
-      <para>The<option>multilabel</option> flag does not stay
+	<para>The following steps may resolve this transient
-	enabled on my root (<filename>/</filename>) partition!</para>
+	  error:</para>
        <procedure>
 	  <step>
 	    <para>Edit <filename>/etc/fstab</filename> and set the root
 	      partition to <option>ro</option> for read-only.</para>
 	  </step>
-      <para>The following steps may resolve this transient
+	  <step>
-	error:</para>
+	    <para>Reboot into single user mode.</para>
 	  </step>
-      <procedure>
+	  <step>
-	<step>
+	    <para>Run <command>tunefs</command> <option>-l
 	  <para>Edit <filename>/etc/fstab</filename> and set the root
 	    partition to <option>ro</option> for read-only.</para>
 	</step>
 	<step>
 	  <para>Reboot into single user mode.</para>
 	</step>
 	<step>
 	  <para>Run <command>tunefs</command> <option>-l
 	      enable</option>
-	    on <filename>/</filename>.</para>
+	      on <filename>/</filename>.</para>
-	</step>
+	  </step>
-	<step>
+	  <step>
-	  <para>Reboot the system.</para>
+	    <para>Reboot the system.</para>
-	</step>
+	  </step>
-	<step>
+	  <step>
-	  <para>Run <command>mount</command> <option>-urw</option>
+	    <para>Run <command>mount</command> <option>-urw</option>
-	    <filename>/</filename> and change the <option>ro</option>
+	      <filename>/</filename> and change the <option>ro</option>
-	    back to <option>rw</option> in
+	      back to <option>rw</option> in
-	    <filename>/etc/fstab</filename> and reboot the system
+	      <filename>/etc/fstab</filename> and reboot the system
-	    again.</para>
+	      again.</para>
-	</step>
+	  </step>
-	<step>
+	  <step>
-	  <para>Double-check the output from
+	    <para>Double-check the output from
-	    <command>mount</command> to ensure that
+	      <command>mount</command> to ensure that
-	    <option>multilabel</option> has been properly set on the
+	      <option>multilabel</option> has been properly set on the
-	    root file system.</para>
+	      root file system.</para>
-	</step>
+	  </step>
-      </procedure>
+	</procedure>
-    </sect2>
+      </listitem>
-    <sect2>
+      <listitem>
-      <title>Xorg Server Will Not Start After
+        <para>After establishing a secure environment with
-	<acronym>MAC</acronym></title>
+	  <acronym>MAC</acronym>, I am no longer able to start
 	  Xorg!</para>
-      <para>After establishing a secure environment with
+        <para>This could be caused by the <acronym>MAC</acronym>
-	<acronym>MAC</acronym>, I am no longer able to start
+	  <literal>partition</literal> policy or by a mislabeling in
-	Xorg!</para>
+	  one of the <acronym>MAC</acronym> labeling policies.  To
 	  debug, try the following:</para>
-      <para>This could be caused by the <acronym>MAC</acronym>
+	<procedure>
-	<literal>partition</literal> policy or by a mislabeling in
+	  <step>
-	one of the <acronym>MAC</acronym> labeling policies.  To
+	      <para>Check the error message; if the user is in the
-	debug, try the following:</para>
+	      <literal>insecure</literal> class, the
 	      <literal>partition</literal> policy may be the culprit.
 	      Try setting the user's class back to the
 	      <literal>default</literal> class and rebuild the database
 	      with <command>cap_mkdb</command>.  If this does not
 	      alleviate the problem, go to step two.</para>
 	  </step>
-      <procedure>
+	  <step>
-	<step>
+	    <para>Double-check the label policies.  Ensure that the
-	  <para>Check the error message; if the user is in the
+	      policies are set correctly for the user, the Xorg
-	    <literal>insecure</literal> class, the
+	      application, and the <filename
-	    <literal>partition</literal> policy may be the culprit.
+		class="directory">/dev</filename> entries.</para>
-	    Try setting the user's class back to the
+	  </step>
 	    <literal>default</literal> class and rebuild the database
 	    with <command>cap_mkdb</command>.  If this does not
 	    alleviate the problem, go to step two.</para>
 	</step>
-	<step>
+	  <step>
-	  <para>Double-check the label policies.  Ensure that the
+	    <para>If neither of these resolve the problem, send the
-	    policies are set correctly for the user, the Xorg
+	      error message and a description of the environment to
-	    application, and the <filename
+	      the &a.questions; mailing list.</para>
-	      class="directory">/dev</filename> entries.</para>
+	  </step>
-	</step>
+	</procedure>
      </listitem>
-	<step>
+      <listitem>
-	  <para>If neither of these resolve the problem, send the
+	<para>The error: <errorname>_secure_path: unable to stat
-	    error message and a description of the environment to
+	  .login_conf</errorname> shows up.</para>
 	    the &a.questions; mailing list.</para>
 	</step>
      </procedure>
    </sect2>
-    <sect2>
+        <para>When a user attempts to switch from the
-      <title>Error: &man..secure.path.3; cannot stat
+	  <username>root</username> user to another user in the system,
-	<filename>.login_conf</filename></title>
+	  the error message <errorname>_secure_path: unable to stat
      <para>When a user attempts to switch from the
 	<username>root</username> user to another user in the system,
 	the error message <errorname>_secure_path: unable to state
 	  .login_conf</errorname> appears.</para>
-      <para>This message is usually shown when the user has a higher
+	<para>This message is usually shown when the user has a higher
-	label setting than that of the user they are attempting to
+	  label setting than that of the user they are attempting to
-	become.  For instance, <username>joe</username> has a default
+	  become.  For instance, <username>joe</username> has a default
-	label of <option>biba/low</option>.  The
+	  label of <option>biba/low</option>.  The
-	<username>root</username> user, who has a label of
+	  <username>root</username> user, who has a label of
-	<option>biba/high</option>, cannot view
+	  <option>biba/high</option>, cannot view
-	<username>joe</username>'s home directory.  This will happen
+	  <username>joe</username>'s home directory.  This will happen
-	whether or not <username>root</username> has used
+	  whether or not <username>root</username> has used
-	<command>su</command> to become <username>joe</username> as
+	  <command>su</command> to become <username>joe</username> as
-	the Biba integrity model will not permit
+	  the Biba integrity model will not permit
-	<username>root</username> to view objects set at a lower
+	  <username>root</username> to view objects set at a lower
-	integrity level.</para>
+	  integrity level.</para>
-    </sect2>
+      </listitem>
-    <sect2>
+      <listitem>
-      <title>The <username>root</username> username is broken!</title>
+	<para>The system no longer recognizes the
 	  <username>root</username> user.</para>
-      <para>In normal or even single user mode, the
+	<para>In normal or even single user mode, the
-	<username>root</username> is not recognized,
+	  <username>root</username> is not recognized,
-	<command>whoami</command> returns 0 (zero), and
+	  <command>whoami</command> returns 0 (zero), and
-	<command>su</command> returns <errorname>who are
+	  <command>su</command> returns <errorname>who are
 	  you?</errorname>.</para>
-      <para>This can happen if a labeling policy has been disabled,
+	<para>This can happen if a labeling policy has been disabled,
-	either by a &man.sysctl.8; or the policy module was unloaded.
+	  either by a &man.sysctl.8; or the policy module was unloaded.
-	If the policy is disabled, the login capabilities database
+	  If the policy is disabled, the login capabilities database
-	needs to be reconfigured with <option>label</option> removed.
+	  needs to be reconfigured with <option>label</option> removed.
-	Double check <filename>login.conf</filename> to ensure that
+	  Double check <filename>login.conf</filename> to ensure that
-	all <option>label</option> options have been removed and
+	  all <option>label</option> options have been removed and
-	rebuild the database with <command>cap_mkdb</command>.</para>
+	  rebuild the database with <command>cap_mkdb</command>.</para>
-      <para>This may also happen if a policy restricts access to
+	<para>This may also happen if a policy restricts access to
-	<filename>master.passwd</filename>.  This is usually caused by
+	  <filename>master.passwd</filename>.  This is usually caused by
-	an administrator altering the file under a label which
+	  an administrator altering the file under a label which
-	conflicts with the general policy being used by the system.
+	  conflicts with the general policy being used by the system.
-	In these cases, the user information would be read by the
+	  In these cases, the user information would be read by the
-	system and access would be blocked as the file has inherited
+	  system and access would be blocked as the file has inherited
-	the new label.  Disable the policy using &man.sysctl.8; and
+	  the new label.  Disable the policy using &man.sysctl.8; and
-	everything should return to normal.</para>
+	  everything should return to normal.</para>
-    </sect2>
+      </listitem>
    </itemizedlist>
  </sect1>
 </chapter>
--- a/en_US.ISO8859-1/books/handbook/mail/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/mail/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/multimedia/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/ports/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/ports/chapter.xml
@ -347,22 +347,19 @@ Info:   Lists information about open files (similar to fstat(1))</screen>
    <title>Using Binary Packages</title>
-    <para>There are several different tools used to manage packages on
+    <para>At the present time, &os; is transitioning toward a new
-      &os;:</para>
+      method of package management.  Users of the latest releases
      may wish to investigate the benefits of using
      <link linkend="pkgng-intro">PKGng</link> to manage third
      party software on &os;.  For those not yet migrated to the
      <application>pkgng</application> tool, the tools discussed
      here may be used for managing the package database.  For
      simplicity, the <command>sysinstall</command> utility is
      also available post-install for package management.</para>
-    <itemizedlist>
+    <para>All package installation files are stored in the
-      <listitem>
+      package database directory,
-	<para>The <command>sysinstall</command> utility can be invoked
+      <filename class="directory">/var/db/pkg</filename>.</para>
 	  on a running system to install, delete, and list available
 	  and installed packages.  For more information, see
 	  <xref linkend="packages"/>.</para>
      </listitem>
      <listitem>
 	<para>The package management command line tools, which are
 	  the subject of the rest of this section.</para>
      </listitem>
    </itemizedlist>
    <sect2>
      <title>Installing a Package</title>
@ -579,14 +576,6 @@ docbook                     =
      <para>in this case, all packages whose names start with
 	<literal>xchat</literal> will be deleted.</para>
    </sect2>
    <sect2>
      <title>Miscellaneous</title>
      <para>All package information, including the file list and
 	descriptions of each installed package is stored within the
 	<filename>/var/db/pkg</filename> directory.</para>
    </sect2>
  </sect1>
  <sect1 id="pkgng-intro">
@ -1800,32 +1789,40 @@ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/ fetch</userinput></screen>
  </sect1>
  <sect1 id="ports-nextsteps">
-    <title>Post-installation Activities</title>
+    <title>Working With Installed Ports</title>
-    <para>After installing a new application you will normally want to
+    <para>Most third party applications will need some level of
-      read any documentation it may have included, edit any
+      configuration after they were installed.  This may be a simple
-      required configuration files, and ensure that the
+      configuration file alteration, or perhaps the application will
-      application's service starts at boot time.</para>
+      just generate a configuration file.  Most applications will
      have documentation installed into
      <filename class="directory">/usr/local/share/doc</filename> and
      manual pages.  This documentation should be consulted before
      continuing.  Some applications run services which must be added
      to the <filename>/etc/rc.conf</filename> file before
      starting.</para>
-    <para>The exact steps you need to take to configure each
+    <para>The following list contains useful information for
-      application will obviously be different.  However, if you have
+      post-install port management.  In several cases, finding
-      just installed a new application and are wondering
+      the location of binaries if they were installed outside
-      <quote>What now?</quote> these tips might help:</para>
+      of the <envar>PATH</envar>.  Users of &man.csh.1; should run
      <command>rehash</command> to rebuild the known binary
      list in the shells <envar>PATH</envar>.</para>
    <itemizedlist>
      <listitem>
-	<para>Use &man.pkg.info.1; to find out which files were
+	<para>The &man.pkg.info.1; command will print all installed
-	  installed, and where.  For example, if you have just
+	  files and their location.  For example, if the FooPackage
-	  installed FooPackage version 1.0.0, then this command</para>
+	  version 1.0.0 was just installed, then the following
 	  command will show all the files installed with the
 	  package.</para>
-	<screen>&prompt.root; <userinput>pkg_info -L foopackage-1.0.0 | less</userinput></screen>
+	<screen>&prompt.root; <userinput>pkg_info -L <replaceable>foopackage-1.0.0</replaceable> | less</userinput></screen>
-	<para>will show all the files installed by the package.  Pay
+	<para>Configuration files are always installed in
-	  special attention to files located in
+	  <filename class="directory">/usr/local/etc</filename>
-	  <filename>man/</filename>, which will be manual pages,
+	  and should definitely be consulted before attempting
-	  <filename>etc/</filename>, which will be configuration
+	  to use the new application.</para>
 	  files, and <filename>doc/</filename>, which will be more
 	  comprehensive documentation.</para>
 	<para>To determine which version of the application was
 	  installed:</para>
@ -1839,17 +1836,18 @@ ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/ fetch</userinput></screen>
      </listitem>
      <listitem>
-	<para>Once you have identified where the application's manual
+	<para>These commands will also show the names of any manual
-	  pages have been installed, review them using &man.man.1;.
+	  pages installed with the application.  This additional
-	  Review the sample configuration files and any additional
+	  documentation will now be available to the &man.man.1;
-	  documentation that may have been provided.</para>
+	  command.</para>
      </listitem>
      <listitem>
-	<para>If the application has a web site, check it for
+	<para>If the application has a web site, consult it for
-	  additional documentation, frequently asked questions, and so
+	  additional documentation or a frequently asked questions
-	  forth.  If you are not sure of the web site address it may
+	  page.  If the website is unknown, the following command
-	  be listed in the output from</para>
+	  will be useful to print out this information if it's
 	  available.</para>
 	<screen>&prompt.root; <userinput>pkg_info <replaceable>foopackage-1.0.0</replaceable></userinput></screen>
--- a/en_US.ISO8859-1/books/handbook/security/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/security/chapter.xml
--- a/en_US.ISO8859-1/books/handbook/users/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/users/chapter.xml
@ -1034,4 +1034,49 @@ uid=1001(jru) gid=1001(jru) groups=1001(jru), 1100(teamtwo)</screen>
      <filename>/etc/group</filename>, refer to &man.pw.8; and
      &man.group.5;.</para>
  </sect1>
  <sect1 id="users-becomesuper">
    <title>Becoming Superuser</title>
    <para>There are several ways to do things as the superuser.  The
      worst way is to log in as <username>root</username> directly.
      Usually very little activity requires <username>root</username>
      so logging off and logging in as <username>root</username>,
      performing tasks, then logging off and on again as a normal user
      is a waste of time.</para>
    <para>A better way is to use &man.su.1; without providing a login
      but using <literal>-</literal> to inherit the root environment.
      Not providing a login will imply super user.  For this to work
      the login that must be in the <groupname>wheel</groupname> group.
      An example of a typical software installation would involve the
      administrator unpacking the software as a normal user and then
      elevating their privileges for the build and installation of
      the software.</para>
    <example>
      <title>Install a Program As The Superuser</title>
      <screen>&prompt.user; <userinput>configure</userinput>
 &prompt.user; <userinput>make</userinput>
 &prompt.user; <userinput>su -</userinput>
 Password:
 &prompt.root; <userinput>make install</userinput>
 &prompt.root; <userinput>exit</userinput>
 &prompt.user;</screen>
    </example>
    <para>Note in this example the transition to
      <username>root</username> is less painful than logging off
      and back on twice.</para>
    <para>Using &man.su.1; works well for single systems or small
      networks with just one system administrator.  For more complex
      environments (or even for these simple environments)
      <command>sudo</command> should be used.  It is provided as a port,
      <filename role="package">security/sudo</filename>.  It allows for
      things like activity logging, granting users the ability to only
      run certain commands as the superuser, and several other
      options.</para>
  </sect1>
 </chapter>