svn commit: r43765 - head/en_US.ISO8859-1/articles/linux-users
Dru Lavigne
dru at FreeBSD.org
Tue Feb 4 17:15:34 UTC 2014
Author: dru
Date: Tue Feb 4 17:15:33 2014
New Revision: 43765
URL: http://svnweb.freebsd.org/changeset/doc/43765
Log:
First pass through next 1/3 of this article.
Sponsored by: iXsystems
Modified:
head/en_US.ISO8859-1/articles/linux-users/article.xml
Modified: head/en_US.ISO8859-1/articles/linux-users/article.xml
==============================================================================
--- head/en_US.ISO8859-1/articles/linux-users/article.xml Tue Feb 4 16:45:39 2014 (r43764)
+++ head/en_US.ISO8859-1/articles/linux-users/article.xml Tue Feb 4 17:15:33 2014 (r43765)
@@ -48,7 +48,7 @@
</sect1>
<sect1 xml:id="shells">
- <title>Shells: No Bash?</title>
+ <title>Default Shell</title>
<para>&linux; users are often surprised to find that
<application>Bash</application> is not the default shell in &os;.
@@ -160,13 +160,13 @@
</sect1>
<sect1 xml:id="startup">
- <title>System Startup: Where are the run-levels?</title>
+ <title>System Startup</title>
- <para>&linux; uses the SysV init system, whereas &os; uses the
- traditional BSD-style &man.init.8;. Under the BSD-style &man.init.8;
- there are no run-levels and no <filename>/etc/inittab</filename>,
- instead startup is controlled by the &man.rc.8; utility. The
- <filename>/etc/rc</filename> script reads
+ <para>Many &linux; distributions use the SysV init system, whereas &os; uses the
+ traditional BSD-style &man.init.8;. Under the BSD-style &man.init.8;,
+ there are no run-levels and <filename>/etc/inittab</filename> does not exist.
+ Instead, startup is controlled by &man.rc.8; scripts. At system boot,
+ <filename>/etc/rc</filename> reads
<filename>/etc/defaults/rc.conf</filename> and
<filename>/etc/rc.conf</filename> to determine which services are to be
started. The specified services are then started by running the
@@ -176,73 +176,63 @@
the scripts located in <filename>/etc/init.d/</filename> on &linux;
systems.</para>
- <sidebar>
- <para><emphasis>Why are there two locations for service initialization
- scripts?</emphasis> The scripts found in
+ <para>The scripts found in
<filename>/etc/rc.d/</filename> are for applications that are part of
- the <quote>base</quote> system. (&man.cron.8;, &man.sshd.8;,
- &man.syslog.3;, and others.) The scripts in
+ the <quote>base</quote> system, such as &man.cron.8;, &man.sshd.8;, and
+ &man.syslog.3;. The scripts in
<filename>/usr/local/etc/rc.d/</filename> are for user-installed
- applications such as <application>Apache</application>,
- <application>Squid</application>, etc.</para>
+ applications such as <application>Apache</application> and
+ <application>Squid</application>.</para>
- <para><emphasis>What is the difference between the <quote>base</quote>
- system and user-installed applications?</emphasis> FreeBSD is
- developed as a complete operating system. In other words, the
- kernel, system libraries, and userland utilities (such as &man.ls.1;,
- &man.cat.1;, &man.cp.1;, etc.) are developed and released together as
- one. This is what is referred to as the <quote>base</quote> system.
- The user-installed applications are applications that are not part of
- the <quote>base</quote> system, such as
- <application>Apache</application>, <application>X11</application>,
- <application>Mozilla Firefox</application>, etc. These
- user-installed applications are generally installed using &os;'s <link xlink:href="article.html#SOFTWARE">Packages and Ports Collection</link>.
+ <para>Since &os; is
+ developed as a complete operating system,
+ user-installed applications are not considered to be part of
+ the <quote>base</quote> system.
+ User-installed applications are generally installed using <link
+ xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/ports-using.html">Packages or Ports</link>.
In order to keep them separate from the <quote>base</quote> system,
- user-installed applications are normally installed under
- <filename>/usr/local/</filename>. Therefore the user-installed
+ user-installed applications are installed under
+ <filename>/usr/local/</filename>. Therefore, user-installed
binaries reside in <filename>/usr/local/bin/</filename>,
configuration files are in <filename>/usr/local/etc/</filename>,
and so on.</para>
- </sidebar>
- <para>Services are enabled by specifying
- <literal>ServiceName_enable="YES"</literal> in
- <filename>/etc/rc.conf</filename> (&man.rc.conf.5;). Take a look at
- <filename>/etc/defaults/rc.conf</filename> for the system defaults,
+ <para>Services are enabled by adding an entry for the service in
+ <filename>/etc/rc.conf</filename> . The system defaults are found in
+ <filename>/etc/defaults/rc.conf</filename> and
these default settings are overridden by settings in
- <filename>/etc/rc.conf</filename>. Also, when installing additional
- applications be sure to review the documentation to determine how to
+ <filename>/etc/rc.conf</filename>. Refer to &man.rc.conf.5; for
+ more information about the available entries. When installing additional
+ applications, review the application's install message to determine how to
enable any associated services.</para>
- <para>The following snippet from <filename>/etc/rc.conf</filename> enables
- &man.sshd.8; and <application>Apache 2.2</application>. It also
- specifies that <application>Apache</application> should be started
- with SSL.</para>
+ <para>The following entries in <filename>/etc/rc.conf</filename> enable
+ &man.sshd.8;, enable <application>Apache 2.4</application>, and
+ specify that <application>Apache</application> should be started
+ with <acronym>SSL</acronym>.</para>
<programlisting># enable SSHD
sshd_enable="YES"
# enable Apache with SSL
-apache22_enable="YES"
-apache22_flags="-DSSL"</programlisting>
+apache24_enable="YES"
+apache24_flags="-DSSL"</programlisting>
<para>Once a service has been enabled in <filename>/etc/rc.conf</filename>,
- the service can be started from the command line (without rebooting the
- system):</para>
+ it can be started without rebooting the
+ system:</para>
- <screen>&prompt.root; <userinput>/etc/rc.d/sshd start</userinput></screen>
+ <screen>&prompt.root; <userinput>service sshd start</userinput>
+ &prompt.root; <userinput>service apache24 start</userinput></screen>
- <para>If a service has not been enabled it can be started from the
- command line using <option>forcestart</option>:</para>
+ <para>If a service has not been enabled, it can be started from the
+ command line using <option>onestart</option>:</para>
- <screen>&prompt.root; <userinput>/etc/rc.d/sshd forcestart</userinput></screen>
+ <screen>&prompt.root; <userinput>service sshd onestart</userinput></screen>
</sect1>
<sect1 xml:id="network">
<title>Network configuration</title>
- <sect2 xml:id="interfaces">
- <title>Network Interfaces</title>
-
<para>Instead of a generic <emphasis>ethX</emphasis> identifier that
&linux; uses to identify a network interface, &os; uses the driver
name followed by a number as the identifier. The following output
@@ -262,75 +252,67 @@ em1: flags=8843<UP,BROADCAST,RUNNING,
ether 00:50:56:a7:03:2b
media: Ethernet autoselect (1000baseTX <full-duplex>)
status: active</screen>
- </sect2>
- <sect2 xml:id="ipaddress">
- <title>IP Configuration</title>
-
- <para>An IP address can be assigned to an interface using
- &man.ifconfig.8;. However, to remain persistent across reboots the
- IP configuration must be included in
+ <para>An <acronym>IP</acronym> address can be assigned to an interface using
+ &man.ifconfig.8;. To remain persistent across reboots, the
+ <acronym>IP</acronym> configuration must be included in
<filename>/etc/rc.conf</filename>. The following example
- specifies the hostname, IP address, and default gateway:</para>
+ specifies the hostname, <acronym>IP</acronym> address, and default gateway:</para>
<programlisting>hostname="server1.example.com"
-ifconfig_em0="inet 10.10.10.100 netmask 255.255.255.0"
+ifconfig_em0="inet 10.10.10.100 netmask 255.255.255.0"
defaultrouter="10.10.10.1"</programlisting>
- <para>Use the following to configure an interface for DHCP:</para>
+ <para>Use the following to instead configure an interface for <acronym>DHCP</acronym>:</para>
<programlisting>hostname="server1.example.com"
ifconfig_em0="DHCP"</programlisting>
-
- </sect2>
</sect1>
<sect1 xml:id="firewall">
<title>Firewall</title>
- <para>Like <application>IPTABLES</application> in &linux;, &os; also offers
- a kernel level firewall; actually &os; offers three firewalls:</para>
+ <para>&os; does not use &linux; <application>IPTABLES</application> for its firewall. Instead, &os; offers
+ a choice of three kernel level firewalls:</para>
<itemizedlist>
- <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html">IPFIREWALL</link></simpara></listitem>
- <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html">IPFILTER</link></simpara></listitem>
<listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-pf.html">PF</link></simpara></listitem>
+ <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf.html">IPFILTER</link></simpara></listitem>
+ <listitem><simpara><link xlink:href="&url.base;/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html">IPFW</link></simpara></listitem>
</itemizedlist>
- <para><application>IPFIREWALL</application> or
- <application>IPFW</application> (the command to manage an
- <application>IPFW</application> ruleset is &man.ipfw.8;) is the
- firewall developed and maintained by the &os; developers.
- <application>IPFW</application> can be paired with &man.dummynet.4; to
- provide traffic shaping capabilities and simulate different types of
- network connections.</para>
+ <para><application>PF</application> is
+ developed by the OpenBSD project and ported to &os;. <application>PF</application> was
+ created as a replacement for <application>IPFILTER</application> and
+ its syntax is similar to that of
+ <application>IPFILTER</application>. <application>PF</application> can
+ be paired with &man.altq.4; to provide <acronym>QoS</acronym> features.</para>
- <para>Sample <application>IPFW</application> rule to allow
- <application>SSH</application> in:</para>
+ <para>This sample <application>PF</application> entry allows inbound
+ <application>SSH</application>:</para>
- <programlisting>ipfw add allow tcp from any to me 22 in via $ext_if</programlisting>
+ <programlisting>pass in on $ext_if inet proto tcp from any to ($ext_if) port 22</programlisting>
- <para><application>IPFILTER</application> is the firewall application
- developed by Darren Reed. It is not specific to &os;, and has been
+ <para><application>IPFILTER</application> is the firewall application
+ developed by Darren Reed. It is not specific to &os; and has been
ported to several operating systems including NetBSD, OpenBSD, SunOS,
HP/UX, and Solaris.</para>
- <para>Sample <application>IPFILTER</application> command to allow
- <application>SSH</application> in:</para>
+ <para>The <application>IPFILTER</application> syntax to allow inbound
+ <application>SSH</application> is:</para>
<programlisting>pass in on $ext_if proto tcp from any to any port = 22</programlisting>
+
+ <para><application>IPFW</application> is the
+ firewall developed and maintained by &os;.
+ It can be paired with &man.dummynet.4; to
+ provide traffic shaping capabilities and simulate different types of
+ network connections.</para>
- <para>The last firewall application, <application>PF</application>, is
- developed by the OpenBSD project. <application>PF</application> was
- created as a replacement for <application>IPFILTER</application>. As
- such, the <application>PF</application> syntax is very similar to that of
- <application>IPFILTER</application>. <application>PF</application> can
- be paired with &man.altq.4; to provide QoS features.</para>
-
- <para>Sample <application>PF</application> command to allow
- <application>SSH</application> in:</para>
+ <para>The <application>IPFW</application> syntax to allow inbound
+ <application>SSH</application> would be:</para>
- <programlisting>pass in on $ext_if inet proto tcp from any to ($ext_if) port 22</programlisting>
+ <programlisting>ipfw add allow tcp from any to me 22 in via $ext_if</programlisting>
</sect1>
<sect1 xml:id="updates">
More information about the svn-doc-all
mailing list