svn commit: r43018 - head/en_US.ISO8859-1/books/handbook/network-servers
Dru Lavigne
dru at FreeBSD.org
Mon Oct 21 22:51:20 UTC 2013
Author: dru
Date: Mon Oct 21 22:51:19 2013
New Revision: 43018
URL: http://svnweb.freebsd.org/changeset/doc/43018
Log:
White space fix only. Translators can ignore.
Modified:
head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml
==============================================================================
--- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Mon Oct 21 22:20:54 2013 (r43017)
+++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Mon Oct 21 22:51:19 2013 (r43018)
@@ -3006,134 +3006,136 @@ dhcpd_ifaces="dc0"</programlisting>
-->
<title>Domain Name System (<acronym>DNS</acronym>)</title>
- <indexterm><primary>BIND</primary></indexterm>
+ <indexterm><primary>BIND</primary></indexterm>
- <para>Domain Name System (<acronym>DNS</acronym>) is the protocol through which domain names are
- mapped to <acronym>IP</acronym> addresses, and vice versa. By default, &os; installs the Berkeley
- Internet Name Domain (<acronym>BIND</acronym>), which is the most common implementation
- of the <acronym>DNS</acronym> protocol. The &os; version provides enhanced security features, a new file
- system layout, and automated &man.chroot.8;
- configuration. BIND is maintained by the
- <ulink url="https://www.isc.org/">isc.org</ulink>.
- It is not necessary to run a name
- server to perform <acronym>DNS</acronym> lookups on a
- system.</para>
-
- <indexterm><primary>DNS</primary></indexterm>
- <para><acronym>DNS</acronym> is coordinated across the Internet
- through a somewhat complex system of authoritative root, Top
- Level Domain (<acronym>TLD</acronym>), and other smaller-scale
- name servers, which host and cache individual domain
- information. Table 28.4 describes some of the terms associated with <acronym>DNS</acronym>:</para>
-
- <indexterm><primary>resolver</primary></indexterm>
- <indexterm><primary>reverse
- <acronym>DNS</acronym></primary></indexterm>
- <indexterm><primary>root zone</primary></indexterm>
+ <para>Domain Name System (<acronym>DNS</acronym>) is the protocol
+ through which domain names are mapped to <acronym>IP</acronym>
+ addresses, and vice versa. By default, &os; installs the
+ Berkeley Internet Name Domain (<acronym>BIND</acronym>), which
+ is the most common implementation of the <acronym>DNS</acronym>
+ protocol. The &os; version provides enhanced security features,
+ a new file system layout, and automated &man.chroot.8;
+ configuration. BIND is maintained by the <ulink
+ url="https://www.isc.org/">isc.org</ulink>. It is not
+ necessary to run a name server to perform <acronym>DNS</acronym>
+ lookups on a system.</para>
+
+ <indexterm><primary>DNS</primary></indexterm>
+ <para><acronym>DNS</acronym> is coordinated across the Internet
+ through a somewhat complex system of authoritative root, Top
+ Level Domain (<acronym>TLD</acronym>), and other smaller-scale
+ name servers, which host and cache individual domain
+ information. Table 28.4 describes some of the terms associated
+ with <acronym>DNS</acronym>:</para>
+
+ <indexterm><primary>resolver</primary></indexterm>
+ <indexterm><primary>reverse
+ <acronym>DNS</acronym></primary></indexterm>
+ <indexterm><primary>root zone</primary></indexterm>
+
+ <table frame="none" pgwide="1">
+ <title><acronym>DNS</acronym> Terminology</title>
+
+ <tgroup cols="2">
+ <colspec colwidth="1*"/>
+ <colspec colwidth="3*"/>
+
+ <thead>
+ <row>
+ <entry>Term</entry>
+ <entry>Definition</entry>
+ </row>
+ </thead>
+
+ <tbody>
+ <row>
+ <entry>Forward <acronym>DNS</acronym></entry>
+ <entry>Mapping of hostnames to <acronym>IP</acronym>
+ addresses.</entry>
+ </row>
+
+ <row>
+ <entry>Origin</entry>
+ <entry>Refers to the domain covered in a particular zone
+ file.</entry>
+ </row>
+
+ <row>
+ <entry><application>named</application>, BIND</entry>
+ <entry>Common names for the BIND name server package
+ within &os;.</entry>
+ </row>
+
+ <row>
+ <entry>Resolver</entry>
+ <entry>A system process through which a machine queries
+ a name server for zone information.</entry>
+ </row>
+
+ <row>
+ <entry>Reverse <acronym>DNS</acronym></entry>
+ <entry>Mapping of <acronym>IP</acronym> addresses to
+ hostnames.</entry>
+ </row>
+
+ <row>
+ <entry>Root zone</entry>
+
+ <entry>The beginning of the Internet zone hierarchy. All
+ zones fall under the root zone, similar to how all files
+ in a file system fall under the root directory.</entry>
+ </row>
+
+ <row>
+ <entry>Zone</entry>
+ <entry>An individual domain, subdomain, or portion of the
+ <acronym>DNS</acronym> administered by the same
+ authority.</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
- <table frame="none" pgwide="1">
- <title><acronym>DNS</acronym> Terminology</title>
- <tgroup cols="2">
- <colspec colwidth="1*"/>
- <colspec colwidth="3*"/>
-
- <thead>
- <row>
- <entry>Term</entry>
- <entry>Definition</entry>
- </row>
- </thead>
-
- <tbody>
- <row>
- <entry>Forward <acronym>DNS</acronym></entry>
- <entry>Mapping of hostnames to <acronym>IP</acronym>
- addresses.</entry>
- </row>
-
- <row>
- <entry>Origin</entry>
- <entry>Refers to the domain covered in a particular zone
- file.</entry>
- </row>
-
- <row>
- <entry><application>named</application>, BIND</entry>
- <entry>Common names for the BIND name server package
- within &os;.</entry>
- </row>
-
- <row>
- <entry>Resolver</entry>
- <entry>A system process through which a machine queries
- a name server for zone information.</entry>
- </row>
-
- <row>
- <entry>Reverse <acronym>DNS</acronym></entry>
- <entry>Mapping of <acronym>IP</acronym> addresses to
- hostnames.</entry>
- </row>
-
- <row>
- <entry>Root zone</entry>
-
- <entry>The beginning of the Internet zone hierarchy.
- All zones fall under the root zone, similar to how
- all files in a file system fall under the root
- directory.</entry>
- </row>
-
- <row>
- <entry>Zone</entry>
- <entry>An individual domain, subdomain, or portion of
- the <acronym>DNS</acronym> administered by the same
- authority.</entry>
- </row>
- </tbody>
- </tgroup>
- </table>
-
- <indexterm>
- <primary>zones</primary>
- <secondary>examples</secondary>
- </indexterm>
-
- <para>Examples of zones:</para>
-
- <itemizedlist>
- <listitem>
- <para><hostid>.</hostid> is how the root zone is usually
- referred to in documentation.</para>
- </listitem>
-
- <listitem>
- <para><hostid>org.</hostid> is a Top Level Domain
- (<acronym>TLD</acronym>) under the root zone.</para>
- </listitem>
+ <indexterm>
+ <primary>zones</primary>
+ <secondary>examples</secondary>
+ </indexterm>
- <listitem>
- <para><hostid role="domainname">example.org.</hostid> is a
- zone under the <hostid>org.</hostid>
- <acronym>TLD</acronym>.</para>
- </listitem>
+ <para>Examples of zones:</para>
- <listitem>
- <para><hostid>1.168.192.in-addr.arpa</hostid> is a zone
- referencing all <acronym>IP</acronym> addresses which fall
- under the <hostid role="ipaddr">192.168.1.*</hostid>
- <acronym>IP</acronym> address space.</para>
- </listitem>
- </itemizedlist>
-
- <para>As one can see, the more specific part of a hostname
- appears to its left. For example,
- <hostid role="domainname">example.org.</hostid> is more
- specific than <hostid>org.</hostid>, as <hostid>org.</hostid>
- is more specific than the root zone. The layout of each part
- of a hostname is much like a file system: the
- <filename class="directory">/dev</filename> directory falls
- within the root, and so on.</para>
+ <itemizedlist>
+ <listitem>
+ <para><hostid>.</hostid> is how the root zone is usually
+ referred to in documentation.</para>
+ </listitem>
+
+ <listitem>
+ <para><hostid>org.</hostid> is a Top Level Domain
+ (<acronym>TLD</acronym>) under the root zone.</para>
+ </listitem>
+
+ <listitem>
+ <para><hostid role="domainname">example.org.</hostid> is a
+ zone under the <hostid>org.</hostid>
+ <acronym>TLD</acronym>.</para>
+ </listitem>
+
+ <listitem>
+ <para><hostid>1.168.192.in-addr.arpa</hostid> is a zone
+ referencing all <acronym>IP</acronym> addresses which fall
+ under the <hostid role="ipaddr">192.168.1.*</hostid>
+ <acronym>IP</acronym> address space.</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>As one can see, the more specific part of a hostname
+ appears to its left. For example, <hostid
+ role="domainname">example.org.</hostid> is more specific than
+ <hostid>org.</hostid>, as <hostid>org.</hostid> is more specific
+ than the root zone. The layout of each part of a hostname is
+ much like a file system: the <filename
+ class="directory">/dev</filename> directory falls within the
+ root, and so on.</para>
<sect2>
<title>Reasons to Run a Name Server</title>
@@ -4405,18 +4407,19 @@ $include Kexample.com.+005+nnnnn.ZSK.key
<secondary>setting up</secondary></indexterm>
<indexterm><primary>Apache</primary></indexterm>
- <para>The open source
- <application>Apache HTTP Server</application> is the most widely
- used web server. &os; does not install this web server by default,
- but it can be installed from the
- <filename role="package">www/apache24</filename> package or port.</para>
-
- <para>This section summarizes how to configure and start version 2.<replaceable>x</replaceable> of the
- <application>Apache HTTP Server</application>, the
- most widely used version, on &os;. For more detailed
- information about
- <application>Apache</application> 2.X and its configuration directives, refer to
- <ulink url="http://httpd.apache.org/">httpd.apache.org</ulink>.</para>
+ <para>The open source <application>Apache HTTP Server
+ </application> is the most widely used web server. &os; does
+ not install this web server by default, but it can be installed
+ from the <filename
+ role="package">www/apache24</filename> package or port.</para>
+
+ <para>This section summarizes how to configure and start version
+ 2.<replaceable>x</replaceable> of the <application>Apache HTTP
+ Server</application>, the most widely used version, on &os;.
+ For more detailed information about
+ <application>Apache</application> 2.X and its configuration
+ directives, refer to <ulink
+ url="http://httpd.apache.org/">httpd.apache.org</ulink>.</para>
<sect2>
<title>Configuring and Starting Apache</title>
@@ -4424,20 +4427,20 @@ $include Kexample.com.+005+nnnnn.ZSK.key
<indexterm><primary>Apache</primary>
<secondary>configuration file</secondary></indexterm>
- <para>In &os;, the main <application>Apache HTTP Server</application>
- configuration file is installed as
+ <para>In &os;, the main <application>Apache HTTP
+ Server</application> configuration file is installed as
<filename>/usr/local/etc/apache2<replaceable>x</replaceable>/httpd.conf</filename>.
- This ASCII text file begins
- comment lines with the <literal>#</literal>. The
- most frequently modified directives are:</para>
+ This ASCII text file begins comment lines with the
+ <literal>#</literal>. The most frequently modified directives
+ are:</para>
<variablelist>
<varlistentry>
<term><literal>ServerRoot "/usr/local"</literal></term>
<listitem>
- <para>Specifies the default directory hierarchy for
- the <application>Apache</application> installation.
+ <para>Specifies the default directory hierarchy for the
+ <application>Apache</application> installation.
Binaries are stored in the
<filename class="directory">bin</filename> and
<filename class="directory">sbin</filename>
@@ -4451,7 +4454,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key
<term><literal>ServerAdmin you at your.address</literal></term>
<listitem>
- <para>The email address to receive problems with the server. This address also appears on some
+ <para>The email address to receive problems with the
+ server. This address also appears on some
server-generated pages, such as error documents.</para>
</listitem>
</varlistentry>
@@ -4463,8 +4467,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key
<para>Allows an
administrator to set a host name which is sent back to
clients for the server. For example,
- <hostid>www</hostid> can be used instead of the actual host
- name.</para>
+ <hostid>www</hostid> can be used instead of the actual
+ host name.</para>
</listitem>
</varlistentry>
@@ -4487,8 +4491,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key
making changes. When the configuration of
<application>Apache</application>, is complete, save the
file and verify the configuration using apachectl(8).
- Running <command>apachectl configtest</command>
- should return <literal>Syntax OK</literal>.</para>
+ Running <command>apachectl configtest</command> should return
+ <literal>Syntax OK</literal>.</para>
<indexterm><primary>Apache</primary>
<secondary>starting or stopping</secondary></indexterm>
@@ -4507,16 +4511,17 @@ $include Kexample.com.+005+nnnnn.ZSK.key
<para>If <application>Apache</application> should be started
with non-default options, the following line may be added to
- <filename>/etc/rc.conf</filename> to specify the needed flags:</para>
+ <filename>/etc/rc.conf</filename> to specify the needed
+ flags:</para>
<programlisting>apache24_flags=""</programlisting>
<para>The <application>Apache</application> configuration can be
- tested for errors after making subsequent
- configuration changes while <command>httpd</command> is
- running. This can be done by the &man.rc.8; script directly,
- or by the &man.service.8; utility by issuing one of the
- following commands:</para>
+ tested for errors after making subsequent configuration
+ changes while <command>httpd</command> is running. This can
+ be done by the &man.rc.8; script directly, or by the
+ &man.service.8; utility by issuing one of the following
+ commands:</para>
<screen>&prompt.root; <userinput>service apache24 configtest</userinput></screen>
@@ -4873,66 +4878,72 @@ DocumentRoot /www/someotherdomain.tld
-->
<title>File Transfer Protocol (<acronym>FTP</acronym>)</title>
- <indexterm><primary><acronym>FTP</acronym> servers</primary></indexterm>
+ <indexterm><primary><acronym>FTP</acronym>
+ servers</primary></indexterm>
- <para>The File Transfer Protocol (<acronym>FTP</acronym>) provides users with a
- simple way to transfer files to and from an
- <acronym>FTP</acronym> server.
- &os; includes <acronym>FTP</acronym> server
- software, <application>ftpd</application>, in the base system.</para>
-
- <para>&os; provides several configuration files for controlling access
- to the <acronym>FTP</acronym> server. This section summarizes
- these files. Refer to &man.ftpd.8; for more details about the
- built-in <acronym>FTP</acronym> server.</para>
+ <para>The File Transfer Protocol (<acronym>FTP</acronym>) provides
+ users with a simple way to transfer files to and from an
+ <acronym>FTP</acronym> server. &os; includes
+ <acronym>FTP</acronym> server software,
+ <application>ftpd</application>, in the base system.</para>
+
+ <para>&os; provides several configuration files for controlling
+ access to the <acronym>FTP</acronym> server. This section
+ summarizes these files. Refer to &man.ftpd.8; for more details
+ about the built-in <acronym>FTP</acronym> server.</para>
- <sect2>
- <title>Configuration</title>
+ <sect2>
+ <title>Configuration</title>
<para>The most important configuration step is deciding which
- accounts will be allowed access to the <acronym>FTP</acronym> server. A
- &os; system has a number of system accounts which
- should not be allowed <acronym>FTP</acronym> access.
- The list of users disallowed any <acronym>FTP</acronym> access
- can be found in <filename>/etc/ftpusers</filename>.
- By
- default, it includes system accounts. Additional
- users that should not be
+ accounts will be allowed access to the <acronym>FTP</acronym>
+ server. A &os; system has a number of system accounts which
+ should not be allowed <acronym>FTP</acronym> access. The list
+ of users disallowed any <acronym>FTP</acronym> access can be
+ found in <filename>/etc/ftpusers</filename>. By default, it
+ includes system accounts. Additional users that should not be
allowed access to <acronym>FTP</acronym> can be added.</para>
<para>In some cases it may be desirable to restrict the access
of some users without preventing them completely from using
<acronym>FTP</acronym>. This can be accomplished be creating
- <filename>/etc/ftpchroot</filename> as described in &man.ftpchroot.5;. This file lists
- users and groups subject to <acronym>FTP</acronym> access restrictions.</para>
+ <filename>/etc/ftpchroot</filename> as described in
+ &man.ftpchroot.5;. This file lists users and groups subject
+ to <acronym>FTP</acronym> access restrictions.</para>
<indexterm>
<primary><acronym>FTP</acronym></primary>
<secondary>anonymous</secondary>
</indexterm>
- <para>To enable anonymous <acronym>FTP</acronym> access to the server, create a
- user named <username>ftp</username> on the &os; system. Users
- will then be able to log on to the <acronym>FTP</acronym> server with a username
- of <username>ftp</username> or <username>anonymous</username>. When prompted for the password,
- any input will be accepted, but by convention, an email address
- should be used as the password. The <acronym>FTP</acronym> server will
- call &man.chroot.2; when an anonymous user logs in, to
- restrict access to only the home directory of the
+ <para>To enable anonymous <acronym>FTP</acronym> access to the
+ server, create a user named <username>ftp</username> on the
+ &os; system. Users will then be able to log on to the
+ <acronym>FTP</acronym> server with a username of
+ <username>ftp</username> or <username>anonymous</username>.
+ When prompted for the password, any input will be accepted,
+ but by convention, an email address should be used as the
+ password. The <acronym>FTP</acronym> server will call
+ &man.chroot.2; when an anonymous user logs in, to restrict
+ access to only the home directory of the
<username>ftp</username> user.</para>
- <para>There are two text files that can be created to specify welcome messages to
- be displayed to <acronym>FTP</acronym> clients. The contents of
+ <para>There are two text files that can be created to specify
+ welcome messages to be displayed to <acronym>FTP</acronym>
+ clients. The contents of
<filename>/etc/ftpwelcome</filename> will be displayed to
users before they reach the login prompt. After a successful
login, the contents of
<filename>/etc/ftpmotd</filename> will be displayed. Note
that the path to this file is relative to the login
- environment, so the contents of <filename>~ftp/etc/ftpmotd</filename>
- would be displayed for anonymous users.</para>
-
- <para>Once the <acronym>FTP</acronym> server has been configured, set the appropriate variable in
- <filename>/etc/rc.conf</filename> to start the service during boot:</para>
+ environment, so the contents of
+ <filename>~ftp/etc/ftpmotd</filename> would be displayed for
+ anonymous users.</para>
+
+ <para>Once the <acronym>FTP</acronym> server has been
+ configured, set the appropriate variable in
+ <filename>/etc/rc.conf</filename> to start the service during
+ boot:</para>
<programlisting>ftpd_enable="YES"</programlisting>
@@ -4940,7 +4951,8 @@ DocumentRoot /www/someotherdomain.tld
<screen>&prompt.root; <userinput>service ftpd start</userinput></screen>
- <para>Test the connection to the <acronym>FTP</acronym> server by typing:</para>
+ <para>Test the connection to the <acronym>FTP</acronym> server
+ by typing:</para>
<screen>&prompt.user; <userinput>ftp localhost</userinput></screen>
@@ -4950,9 +4962,10 @@ DocumentRoot /www/someotherdomain.tld
<para>The <application>ftpd</application> daemon uses
&man.syslog.3; to log messages. By default, the system log
- daemon will write messages related to <acronym>FTP</acronym> in
- <filename>/var/log/xferlog</filename>. The location of
- the <acronym>FTP</acronym> log can be modified by changing the following line in
+ daemon will write messages related to <acronym>FTP</acronym>
+ in <filename>/var/log/xferlog</filename>. The location of
+ the <acronym>FTP</acronym> log can be modified by changing the
+ following line in
<filename>/etc/syslog.conf</filename>:</para>
<programlisting>ftp.info /var/log/xferlog</programlisting>
@@ -4963,14 +4976,15 @@ DocumentRoot /www/someotherdomain.tld
</indexterm>
<note>
- <para>Be aware of the potential problems involved with running
- an anonymous <acronym>FTP</acronym> server. In particular, think twice about
- allowing anonymous users to upload files. It may turn out
- that the <acronym>FTP</acronym> site becomes a forum for the trade of unlicensed
- commercial software or worse. If anonymous <acronym>FTP</acronym> uploads are
- required, then verify the permissions so that these files can
- not be read by other anonymous users until they have been
- reviewed by an administrator.</para>
+ <para>Be aware of the potential problems involved with running
+ an anonymous <acronym>FTP</acronym> server. In particular,
+ think twice about allowing anonymous users to upload files.
+ It may turn out that the <acronym>FTP</acronym> site becomes
+ a forum for the trade of unlicensed commercial software or
+ worse. If anonymous <acronym>FTP</acronym> uploads are
+ required, then verify the permissions so that these files
+ can not be read by other anonymous users until they have
+ been reviewed by an administrator.</para>
</note>
</sect2>
</sect1>
More information about the svn-doc-head
mailing list