svn commit: r44323 - head/en_US.ISO8859-1/books/handbook/disks
Dru Lavigne
dru at FreeBSD.org
Fri Mar 21 20:34:39 UTC 2014
Author: dru
Date: Fri Mar 21 20:34:38 2014
New Revision: 44323
URL: http://svnweb.freebsd.org/changeset/doc/44323
Log:
Initial prep work for Storage chapter.
Many more commits to come.
Sponsored by: iXsystems
Modified:
head/en_US.ISO8859-1/books/handbook/disks/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/disks/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 19:53:55 2014 (r44322)
+++ head/en_US.ISO8859-1/books/handbook/disks/chapter.xml Fri Mar 21 20:34:38 2014 (r44323)
@@ -602,9 +602,6 @@ umass0: detached</screen>
<secondary>creating</secondary>
</indexterm>
- <sect2>
- <title>Introduction</title>
-
<para>CD media provide a number of features that differentiate
them from conventional disks. Initially, they were not
writable by the user. They are designed so that they can be
@@ -663,7 +660,6 @@ umass0: detached</screen>
<application>K3b</application> require the
<link linkend="atapicam">ATAPI/CAM module</link> with ATAPI
hardware.</para>
- </sect2>
<sect2 xml:id="mkisofs">
<title><application>mkisofs</application></title>
@@ -1136,9 +1132,6 @@ cd0: Attempt to query device size failed
<secondary>burning</secondary>
</indexterm>
- <sect2>
- <title>Introduction</title>
-
<para>Compared to the CD, the DVD is the next generation of
optical media storage technology. The DVD can hold more data
than any CD and is the standard for video publishing.</para>
@@ -1195,7 +1188,6 @@ cd0: Attempt to query device size failed
the DVD-Video player are compatible with the media under
consideration.</para>
</note>
- </sect2>
<sect2>
<title>Configuration</title>
@@ -1513,19 +1505,12 @@ cd0: Attempt to query device size failed
<secondary>DVD-RAM</secondary>
</indexterm>
- <sect3>
- <title>Configuration</title>
-
<para>DVD-RAM writers can use either a SCSI or ATAPI
interface. For ATAPI devices, DMA access has to be
enabled by adding the following line to
<filename>/boot/loader.conf</filename>:</para>
<programlisting>hw.ata.atapi_dma="1"</programlisting>
- </sect3>
-
- <sect3>
- <title>Preparing the Media</title>
<para>A DVD-RAM can be seen as a removable hard drive. Like
any other hard drive, the DVD-RAM must be formatted before
@@ -1538,10 +1523,6 @@ cd0: Attempt to query device size failed
<para>The DVD device, <filename>acd0</filename>, must be
changed according to the configuration.</para>
- </sect3>
-
- <sect3>
- <title>Using the Media</title>
<para>Once the DVD-RAM has been formatted, it can be mounted
as a normal hard drive:</para>
@@ -1550,7 +1531,6 @@ cd0: Attempt to query device size failed
<para>Once mounted, the DVD-RAM will be both readable and
writeable.</para>
- </sect3>
</sect2>
</sect1>
@@ -2660,30 +2640,35 @@ Filesystem 1K-blocks Used Avail Capacity
<title>Disk Encryption with
<application>gbde</application></title>
- <procedure>
- <step>
- <para>Configuring <application>gbde</application> requires
- superuser privileges.</para>
-
- <screen>&prompt.user; <userinput>su -</userinput>
-Password:</screen>
- </step>
+ <para><application>gbde</application> encrypts the sector payload using 128-bit
+ AES in CBC mode. Each sector on the disk is encrypted with
+ a different AES key. For more information on the
+ cryptographic design, including how the sector keys are
+ derived from the user-supplied passphrase, refer to
+ &man.gbde.4;.</para>
- <step>
- <para>If using a custom kernel configuration file, ensure it
- contains this line:</para>
+ <note>
+ <para>&man.sysinstall.8; is incompatible with
+ <application>gbde</application>-encrypted devices. All
+ <filename>*.bde</filename>
+ devices must be detached from the kernel before starting
+ &man.sysinstall.8; or it will crash during its initial
+ probing for devices. To detach the encrypted device used in
+ the example, use the following command:</para>
- <para><literal>options GEOM_BDE</literal></para>
+ <screen>&prompt.root; <userinput>gbde detach /dev/ad4s1c</userinput></screen>
+ </note>
- <para>If the kernel already contains this support, use
- <command>kldload</command> to load &man.gbde.4;:</para>
+ <para>&os; provides a kernel module for
+ <application>gbde</application> which can be loaded with
+ this command:</para>
<screen>&prompt.root; <userinput>kldload geom_bde</userinput></screen>
- </step>
- </procedure>
- <sect3>
- <title>Preparing the Encrypted Hard Drive</title>
+ <para>If using a custom kernel configuration file, ensure it
+ contains this line:</para>
+
+ <para><literal>options GEOM_BDE</literal></para>
<para>The following example demonstrates adding a new hard
drive to a system that will hold a single encrypted
@@ -2856,7 +2841,6 @@ Filesystem Size Used Avail Cap
/dev/ad4s1c.bde 150G 4.1K 138G 0% /private</screen>
</step>
</procedure>
- </sect3>
<sect3>
<title>Mounting Existing Encrypted File Systems</title>
@@ -2900,9 +2884,6 @@ Filesystem Size Used Avail Cap
</step>
</procedure>
- <sect4>
- <title>Automatically Mounting Encrypted Partitions</title>
-
<para>It is possible to create a script to automatically
attach, check, and mount an encrypted partition, but for
security reasons the script should not contain the
@@ -2924,34 +2905,6 @@ gbde_lockdir="/etc/gbde"</programlisting
<application>gbde</application> encrypted partition will
be mounted automatically. This can be useful when using
<application>gbde</application> on laptops.</para>
- </sect4>
- </sect3>
-
- <sect3>
- <title>Cryptographic Protections Employed by
- <command>gbde</command></title>
-
- <para>&man.gbde.8; encrypts the sector payload using 128-bit
- AES in CBC mode. Each sector on the disk is encrypted with
- a different AES key. For more information on the
- cryptographic design, including how the sector keys are
- derived from the user-supplied passphrase, refer to
- &man.gbde.4;.</para>
- </sect3>
-
- <sect3>
- <title>Compatibility Issues</title>
-
- <para>&man.sysinstall.8; is incompatible with
- <application>gbde</application>-encrypted devices. All
- <filename>*.bde</filename>
- devices must be detached from the kernel before starting
- &man.sysinstall.8; or it will crash during its initial
- probing for devices. To detach the encrypted device used in
- the example, use the following command:</para>
-
- <screen>&prompt.root; <userinput>gbde detach /dev/ad4s1c</userinput></screen>
-
</sect3>
</sect2>
@@ -3331,9 +3284,6 @@ Device 1K-blocks Used Av
<secondary>high availability</secondary>
</indexterm>
- <sect2>
- <title>Synopsis</title>
-
<para>High availability is one of the main requirements in
serious business applications and highly-available storage is
a key component in such environments. Highly Available
@@ -3396,7 +3346,6 @@ Device 1K-blocks Used Av
GmbH</link> and <link
xlink:href="http://www.transip.nl/">TransIP
BV</link>.</para>
- </sect2>
<sect2>
<title>HAST Features</title>
@@ -3496,9 +3445,6 @@ Device 1K-blocks Used Av
is not up-to-date or an I/O error occurs. In such case, the
read operation is sent to the secondary node.</para>
- <sect3>
- <title>Synchronization and Replication Modes</title>
-
<para><acronym>HAST</acronym> tries to provide fast failure
recovery. For this reason, it is very important to reduce
synchronization time after a node's outage. To provide fast
@@ -3539,7 +3485,6 @@ Device 1K-blocks Used Av
latency is too high for other modes.</para>
</listitem>
</itemizedlist>
- </sect3>
</sect2>
<sect2>
@@ -3912,9 +3857,6 @@ esac</programlisting>
<sect2>
<title>Troubleshooting</title>
- <sect3>
- <title>General Troubleshooting Tips</title>
-
<para><acronym>HAST</acronym> should generally work without
issues. However, as with any other software product, there
may be times when it does not work as supposed. The sources
@@ -3930,7 +3872,6 @@ esac</programlisting>
obtained this way. Consider also using
<literal>-F</literal>, which starts &man.hastd.8; in the
foreground.</para>
- </sect3>
<sect3 xml:id="disks-hast-sb">
<title>Recovering from the Split-brain Condition</title>
More information about the svn-doc-all
mailing list