This patch does the following:

- makes 4.2 clearer and tightens some of the headings - removed reference to learn more about single-user mode as it didn't say anything more; instead, summarized single-user mode here - made intro to permissions clearer, the next patch will work on the rest of this section Approved by: bcr (mentor)
svn path=/head/; revision=42938
2013-10-11 12:21:57 +00:00 · 2013-10-11 12:21:57 +00:00 · f846d4ea99 · 2020-12-08 03:00:23 +00:00
commit f846d4ea99
parent 181f2d4d16
1 changed files with 137 additions and 133 deletions
--- a/en_US.ISO8859-1/books/handbook/basics/chapter.xml
+++ b/en_US.ISO8859-1/books/handbook/basics/chapter.xml
@ -6,16 +6,17 @@
 -->
 <chapter id="basics">
  <!--
  <chapterinfo>
    <authorgroup>
      <author>
 	<firstname>Chris</firstname>
 	<surname>Shumway</surname>
-	<contrib>Rewritten by </contrib>
+	<contrib>Rewritten by in Mar 2000</contrib>
      </author>
    </authorgroup>
    <!-- 10 Mar 2000 -->
  </chapterinfo>
  -->
  <title>UNIX Basics</title>
@ -31,8 +32,7 @@
    <itemizedlist>
      <listitem>
-	<para>How to use the <quote>virtual consoles</quote> of
+	<para>How to use and configure virtual consoles.</para>
 	  &os;.</para>
      </listitem>
      <listitem>
@ -80,17 +80,6 @@
    <indexterm><primary>virtual consoles</primary></indexterm>
    <indexterm><primary>terminals</primary></indexterm>
    <para>&os; can be used in various ways.  One of them is typing
      commands to a text terminal.  A lot of the flexibility and power
      of a &unix; operating system is readily available when using
      &os; this way.  This section describes what
      <quote>terminals</quote> and <quote>consoles</quote> are, and
      how to use them in &os;.</para>
    <sect2 id="consoles-intro">
      <title>The Console</title>
      <indexterm><primary>console</primary></indexterm>
      <para>Unless &os; has been configured to automatically start a
@ -107,39 +96,16 @@ login:</screen>
 	example is running a 64-bit version of &os;.  The hostname is
 	<hostid>pc3.example.org</hostid>, and
 	<devicename>ttyv0</devicename> indicates that this is the
-	system console.</para>
+	<quote>system console</quote>.  The second line is the login prompt.</para>
-      <para>The second line is the login prompt.  The next section
+      <para>Since &os; is a multiuser system, it needs some way to distinguish
-	describes how to log into &os; at this prompt.</para>
+	between different users.  This is accomplished by
-    </sect2>
+	requiring every user to log into the
 	system before gaining access to the programs on the system.  Every user has a
 	unique name <quote>username</quote> and a personal
 	<quote>password</quote>.</para>
-    <sect2 id="consoles-login">
+      <para>To log into the system console, type the username that was configured during system
      <title>Logging into &os;</title>
      <para>&os; is a multiuser, multiprocessing system.  This is the
 	formal description that is usually given to a system that can
 	be used by many different people, who simultaneously run a lot
 	of programs on a single machine.</para>
      <para>Every multiuser system needs some way to distinguish one
 	<quote>user</quote> from the rest.  In &os; (and all the
 	&unix;-like operating systems), this is accomplished by
 	requiring that every user must <quote>log into</quote> the
 	system before being able to run programs.  Every user has a
 	unique name (the <quote>username</quote>) and a personal,
 	secret key (the <quote>password</quote>).  &os; will ask for
 	these two before allowing a user to run any programs.</para>
      <indexterm><primary>startup scripts</primary></indexterm>
      <para>When a &os; system boots, startup scripts are
 	automatically executed in order to prepare the system and to
 	start any services which have been configured to start at
 	system boot.  Once the system finishes running its startup
 	scripts, it will present a login prompt:</para>
      <screen>login:</screen>
      <para>Type the username that was configured during system
 	installation, as described in
 	<xref linkend="bsdinstall-addusers"/>, and press
 	<keycap>Enter</keycap>.  Then enter the password associated
@ -149,58 +115,62 @@ login:</screen>
      <para>Once the correct password is input, the message of the
 	day (<acronym>MOTD</acronym>) will be displayed followed
-	by a command prompt (a <literal>#</literal>,
+	by a command prompt.  Depending upon the shell that was selected
-	<literal>$</literal>, or <literal>%</literal> character).  You
+	when the user was created, this prompt will be a <literal>#</literal>,
-	are now logged into the &os; console and ready to try the
+	<literal>$</literal>, or <literal>%</literal> character.  The
 	prompt indicates that the user is now logged into the &os; system console and ready to try the
 	available commands.</para>
    </sect2>
    <sect2 id="consoles-virtual">
      <title>Virtual Consoles</title>
-      <para>&os; can be configured to provide many virtual consoles
+      <para>While the system console can be used to interact with
-	for inputting commands.  Each virtual console has its own
+	the system, a user working from the command line at the
-	login prompt and output channel, and &os; takes care of
+	keyboard of a &os; system will typically instead log into a
-	properly redirecting keyboard input and monitor output as
+	virtual console.  This is because system messages are
-	switching occurs between virtual consoles.</para>
+	configured by default to display on the system console.
 	These messages will appear over the command or file that the
 	user is working on, making it difficult to concentrate on
 	the work at hand.</para>
-      <para>Special key combinations have been reserved by &os; for
+      <para>By default, &os; is configured to provide several virtual consoles
-	switching consoles.<footnote>
+	for inputting commands.  Each virtual console has its own
-	  <para>Refer to &man.syscons.4;, &man.atkbd.4;,
+	login prompt and shell and it is easy to switch between
-	    &man.vidcontrol.1; and &man.kbdcontrol.1; for a more
+	virtual consoles.  This essentially provides the command line
-	    technical description of the &os; console and its keyboard
+	equivalent of having several windows open at the same time
-	    drivers.</para></footnote>.  Use
+	in a graphical environment.</para>
-	<keycombo><keycap>Alt</keycap><keycap>F1</keycap></keycombo>,
+
-	<keycombo><keycap>Alt</keycap><keycap>F2</keycap></keycombo>,
+      <para>The key combinations <keycombo><keycap>Alt</keycap><keycap>F1</keycap></keycombo>
 	through
-	<keycombo><keycap>Alt</keycap><keycap>F8</keycap></keycombo>
+	<keycombo><keycap>Alt</keycap><keycap>F8</keycap></keycombo> have been reserved by &os; for
-	to switch to a different virtual console in &os;.</para>
+	switching between virtual consoles.  Use
 	<keycombo><keycap>Alt</keycap><keycap>F1</keycap></keycombo>
 	to switch to the system console (<devicename>ttyv0</devicename>),
 	<keycombo><keycap>Alt</keycap><keycap>F2</keycap></keycombo>
 	to access the first virtual console
 	(<devicename>ttyv1</devicename>),
 	<keycombo><keycap>Alt</keycap><keycap>F3</keycap></keycombo>
 	to access the second virtual console
 	(<devicename>ttyv2</devicename>), and so on.</para>
      <para>When switching from one console to the next, &os; takes
-	care of saving and restoring the screen output.  The result is
+	manages the screen output.  The result is
-	an <quote>illusion</quote> of having multiple
+	an illusion of having multiple
-	<quote>virtual</quote> screens and keyboards that can be used
+	virtual screens and keyboards that can be used
 	to type commands for &os; to run.  The programs that are
-	launched in one virtual console do not stop running when that
+	launched in one virtual console do not stop running when
-	console is not visible because the user has switched to a
+	the user switches to a
 	different virtual console.</para>
    </sect2>
-    <sect2 id="consoles-ttys">
+      <para>Refer to &man.syscons.4;, &man.atkbd.4;,
-      <title>The <filename>/etc/ttys</filename> File</title>
+	&man.vidcontrol.1; and &man.kbdcontrol.1; for a more
 	technical description of the &os; console and its keyboard
 	drivers.</para>
-      <para>By default, &os; is configured to start eight virtual
+      <para>In &os;, the number of available virtual
-	consoles.  The configuration can be customized to start
+	consoles is configured in this
-	more or fewer virtual consoles.  To change the number of and
+	section of
-	the settings of the virtual consoles, edit
+	<filename>/etc/ttys</filename>:</para>
 	<filename>/etc/ttys</filename>.</para>
      <para>Each uncommented line in <filename>/etc/ttys</filename>
 	(lines that do not start with a <literal>#</literal>
 	character) contains settings for a single terminal or virtual
 	console.  The default version configures nine virtual
 	consoles, and enables eight of them.  They are the lines that
 	start with <literal>ttyv</literal>:</para>
      <programlisting># name    getty                         type  status comments
 #
@ -215,19 +185,46 @@ ttyv6   "/usr/libexec/getty Pc"         cons25  on  secure
 ttyv7   "/usr/libexec/getty Pc"         cons25  on  secure
 ttyv8   "/usr/X11R6/bin/xdm -nodaemon"  xterm   off secure</programlisting>
      <para>To disable a virtual console, put a comment symbol (<literal>#</literal>)
 	at the beginning of the line representing that virtual console.
 	For example, to reduce the number of available virtual consoles
 	from eight to four, put a <literal>#</literal> in front of
 	the last four lines representing virtual consoles
 	<devicename>ttyv5</devicename> through
 	<devicename>ttyv8</devicename>.  <emphasis>Do not</emphasis>
 	comment out the line for the system console
 	<devicename>ttyv0</devicename>.  Note that the last virtual
 	console (<devicename>ttyv8</devicename>) is used to access
 	the graphical environment if <application>&xorg;</application>
 	has been installed and configured as described in <xref
 	  linkend="x11"/>.</para>
      <para>For a detailed description of every column in this file
 	and the available options for the virtual consoles, refer to
 	&man.ttys.5;.</para>
    </sect2>
    <sect2 id="consoles-singleuser">
-      <title>Single User Mode Console</title>
+      <title>Single User Mode</title>
-      <para>A detailed description of <quote>single user mode</quote>
+      <para>The &os; boot menu provides an option labelled as
-	can be found in <xref linkend="boot-singleuser"/>.  There is
+	<quote>Boot Single User</quote>.  If this option is selected,
-	only one console when &os; is in single user mode as no other
+	the system will boot into a special mode known as
-	virtual consoles are available in this mode.  The settings
+	<quote>single user mode</quote>.  This mode is typically used to
-	for single user mode are found in this section of
+	repair a system that will not boot or to reset the
 	<username>root</username> password when it is not known.
 	While in single user mode, networking and other
 	virtual consoles are not available.  However, full
 	<username>root</username> access to the system is available,
 	and by default, the <username>root</username> password is not
 	needed.  For these reasons, physical access to the keyboard
 	is needed to boot into this mode and determining who has physical
 	access to the keyboard is something to consider when securing
 	a &os; system.</para>
      <para>The settings which control
 	single user mode are found in this section of
 	<filename>/etc/ttys</filename>:</para>
      <programlisting># name  getty                           type  status  comments
@ -235,20 +232,25 @@ ttyv8   "/usr/X11R6/bin/xdm -nodaemon"  xterm   off secure</programlisting>
 # If console is marked "insecure", then init will ask for the root password
 # when going to single-user mode.
 console none                            unknown  off  secure</programlisting>
-
+	
      <para>By default, the status is set to <literal>secure</literal>.
 	  This assumes that who has physical access to the keyboard
 	  is either not important or it is controlled by a physical
 	  security policy.  If this setting is changed to
 	  <literal>insecure</literal>, the assumption is that the
 	  environment itself is insecure because anyone can access
 	  the keyboard.  When this line is changed to
 	  <literal>insecure</literal>, &os; will prompt for the
 	  <username>root</username> password when a user selects to boot into single
 	  user mode.
 	  </para>
      <note>
 	<para>As the comments above the <literal>console</literal>
 	  line indicate, editing <literal>secure</literal> to
 	  <literal>insecure</literal> will prompt for the
 	  <username>root</username> password when booting into single
 	  user mode.  The default setting enters single user mode
 	  without prompting for a password.</para>
 	<para><emphasis>Be careful when changing this setting to
-	    <literal>insecure</literal></emphasis>.  If the
+	    <literal>insecure</literal></emphasis>!  If the
 	  <username>root</username> password is forgotten, booting
 	  into single user mode is still possible, but may be
-	  difficult for someone who is not comfortable with the &os;
+	  difficult for someone who is not familiar with the &os;
 	  booting process.</para>
      </note>
    </sect2>
@ -289,44 +291,46 @@ console none                            unknown  off  secure</programlisting>
    <indexterm><primary>UNIX</primary></indexterm>
-    <para>&os;, being a direct descendant of BSD &unix;, is based on
+    <para>In &os;, every file and directory has an associated set of
-      several key &unix; concepts.  The first and most pronounced is
+      permissions and several utilities are available for viewing
-      that &os; is a multi-user operating system that can handle
+      and modifying these permissions.  Understanding how permissions
-      several users working simultaneously on completely unrelated
+      work is necessary to make sure that users are able to access
-      tasks.  The system is responsible for properly sharing and
+      the files that they need and are unable to improperly access
-      managing requests for hardware devices, peripherals, memory, and
+      the files used by the operating system or owned by other
-      CPU time fairly to each user.</para>
+      users.</para>
-    <para>Much more information about user accounts is in the chapter
+    <para>This section discusses the traditional &unix;
-      about <link linkend="users">accounts</link>.  It is important to
+	permissions used in &os;.  For finer grained file system access control,
-      understand that each person (user) who uses the computer should
+	refer to
-      be given their own username and password.  The system keeps
+	<xref linkend="fs-acl"/>.</para>
      track of the people using the computer based on this username.
      Since it is often the case that several people are working on
      the same project &unix; also provides groups.  Several users can
      be placed in the same group.</para>
-    <para>Because the system is capable of supporting multiple users,
+    <para>In &unix;, basic permissions are assigned using
-      everything the system manages has a set of permissions governing
+      three types of access: read, write, and execute.  These access
-      who can read, write, and execute the resource.  These
+      types are used to determine file access to the file's owner,
-      permissions are stored as three octets broken into three pieces,
+      group, and others (everyone else). The read, write, and execute
-      one for the owner of the file, one for the group that the file
+      permissions can be represented as the letters
-      belongs to, and one for everyone else.  This numerical
+      <literal>r</literal>, <literal>w</literal>, and
-      representation works like this:</para>
+      <literal>x</literal>.  They can also be represented as binary
-
+      numbers as each permission is either on or off
-    <note>
+      (<literal>0</literal>).  When represented as a number, the
-      <para>This section will discuss the traditional &unix;
+      order is always read as <literal>rwx</literal>, where
-	permissions.  For finer grained file system access control,
+      <literal>r</literal> has an on value of <literal>4</literal>,
-	see the
+      <literal>w</literal> has an on value of <literal>2</literal>
-	<link linkend="fs-acl">File System Access Control Lists</link>
+      and <literal>x</literal> has an on value of
-	section.</para>
+      <literal>1</literal>.</para>
    </note>
    <para>Table 4.1 summarizes the possible numeric and alphabetic
      possibilities.  When reading the <quote>Directory Listing</quote>
      column, a <literal>-</literal> is used to represent a permission
      that is set to off.</para>
    <indexterm><primary>permissions</primary></indexterm>
    <indexterm>
      <primary>file permissions</primary>
    </indexterm>
-    <informaltable frame="none" pgwide="1">
+    <table frame="none" pgwide="1">
      <title>&unix; Permissions</title>
      <tgroup cols="3">
 	<thead>
 	  <row>
@ -386,7 +390,7 @@ console none                            unknown  off  secure</programlisting>
 	  </row>
 	</tbody>
      </tgroup>
-    </informaltable>
+    </table>
    <indexterm>
      <primary>&man.ls.1;</primary>