| 3.t (77568) | 3.t (108533) |
|---|---|
| 1.\" Copyright (c) 1980, 1986, 1988, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 15 unchanged lines hidden (view full) --- 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" | 1.\" Copyright (c) 1980, 1986, 1988, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. --- 15 unchanged lines hidden (view full) --- 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" |
| 32.\" $FreeBSD: head/share/doc/smm/01.setup/3.t 77568 2001-06-01 04:53:13Z imp $ | 32.\" $FreeBSD: head/share/doc/smm/01.setup/3.t 108533 2003-01-01 18:49:04Z schweikh $ |
| 33.\" @(#)3.t 8.1 (Berkeley) 7/27/93 34.\" 35.ds lq `` 36.ds rq '' 37.ds RH "Upgrading a \*(Ps System 38.ds CF \*(Dy 39.Sh 1 "Upgrading a \*(Ps system" 40.PP --- 334 unchanged lines hidden (view full) --- 375through to the kernel. 376The kernel then uses that device as its root filesystem. 377Thus, for example, if you boot from 378.Pn /dev/\*(Dk1a , 379the kernel will use 380.Pn \*(Dk1a 381as its root filesystem. If 382.Pn /dev/\*(Dk1b | 33.\" @(#)3.t 8.1 (Berkeley) 7/27/93 34.\" 35.ds lq `` 36.ds rq '' 37.ds RH "Upgrading a \*(Ps System 38.ds CF \*(Dy 39.Sh 1 "Upgrading a \*(Ps system" 40.PP --- 334 unchanged lines hidden (view full) --- 375through to the kernel. 376The kernel then uses that device as its root filesystem. 377Thus, for example, if you boot from 378.Pn /dev/\*(Dk1a , 379the kernel will use 380.Pn \*(Dk1a 381as its root filesystem. If 382.Pn /dev/\*(Dk1b |
| 383is configured as a swap partition, | 383is configured as a swap partition, |
| 384it will be used as the initial swap area, 385otherwise the normal primary swap area (\c 386.Pn /dev/\*(Dk0b ) 387will be used. 388The \*(4B bootstrap is backward compatible with \*(Ps, 389so you can replace your old bootstrap if you use it 390to boot your first \*(4B kernel. 391However, the \*(Ps bootstrap cannot access \*(4B filesystems, --- 92 unchanged lines hidden (view full) --- 484.DS 485\fB#\fP \fImkdir /usr/convert\fP 486\fB#\fP \fIcd /usr/convert\fP 487\fB#\fP \fItar xp\fP 488.DE 489.PP 490The data files marked in the previous table with a dagger (\(dg) 491may be used without change from the previous system. | 384it will be used as the initial swap area, 385otherwise the normal primary swap area (\c 386.Pn /dev/\*(Dk0b ) 387will be used. 388The \*(4B bootstrap is backward compatible with \*(Ps, 389so you can replace your old bootstrap if you use it 390to boot your first \*(4B kernel. 391However, the \*(Ps bootstrap cannot access \*(4B filesystems, --- 92 unchanged lines hidden (view full) --- 484.DS 485\fB#\fP \fImkdir /usr/convert\fP 486\fB#\fP \fIcd /usr/convert\fP 487\fB#\fP \fItar xp\fP 488.DE 489.PP 490The data files marked in the previous table with a dagger (\(dg) 491may be used without change from the previous system. |
| 492Those data files marked with a double dagger (\(dd) have syntax | 492Those data files marked with a double dagger (\(dd) have syntax |
| 493changes or substantial enhancements. 494You should start with the \*(4B version and carefully 495integrate any local changes into the new file. 496Usually these local changes can be incorporated 497without conflict into the new file; 498some exceptions are noted below. 499The files marked with an asterisk (*) require 500particular attention and are discussed below. --- 99 unchanged lines hidden (view full) --- 600/etc/fstab /etc/fstab new format; see below 601/etc/inetd.conf /etc/inetd.conf pathnames of executables changed 602/etc/printcap /etc/printcap pathnames changed 603/etc/syslog.conf /etc/syslog.conf pathnames of log files changed 604/etc/ttys /etc/ttys pathnames of executables changed 605/etc/passwd /etc/master.passwd new format; see below 606/usr/lib/sendmail.cf /etc/sendmail.cf changed pathnames 607/usr/lib/aliases /etc/aliases may contain changed pathnames | 493changes or substantial enhancements. 494You should start with the \*(4B version and carefully 495integrate any local changes into the new file. 496Usually these local changes can be incorporated 497without conflict into the new file; 498some exceptions are noted below. 499The files marked with an asterisk (*) require 500particular attention and are discussed below. --- 99 unchanged lines hidden (view full) --- 600/etc/fstab /etc/fstab new format; see below 601/etc/inetd.conf /etc/inetd.conf pathnames of executables changed 602/etc/printcap /etc/printcap pathnames changed 603/etc/syslog.conf /etc/syslog.conf pathnames of log files changed 604/etc/ttys /etc/ttys pathnames of executables changed 605/etc/passwd /etc/master.passwd new format; see below 606/usr/lib/sendmail.cf /etc/sendmail.cf changed pathnames 607/usr/lib/aliases /etc/aliases may contain changed pathnames |
| 608/etc/*.pid /var/run/*.pid 609 | 608/etc/*.pid /var/run/*.pid 609 |
| 610.T& 611l l l 612lfC lfC l. 613New in \*(Ps-Tahoe \*(4B Comments 614_ _ _ 615/usr/games/dm.config /etc/dm.conf configuration for games (see \fIdm\fP\|(8)) 616/etc/zoneinfo/localtime /etc/localtime timezone configuration 617/etc/zoneinfo /usr/share/zoneinfo timezone configuration --- 236 unchanged lines hidden (view full) --- 854uucp 66 855nobody 32767 856.TE 857.DE 858The ``daemon'' user is used for daemon processes that 859do not need root privileges. 860The ``operator'' user-id is used as an account for dumpers 861so that they can log in without having the root password. | 610.T& 611l l l 612lfC lfC l. 613New in \*(Ps-Tahoe \*(4B Comments 614_ _ _ 615/usr/games/dm.config /etc/dm.conf configuration for games (see \fIdm\fP\|(8)) 616/etc/zoneinfo/localtime /etc/localtime timezone configuration 617/etc/zoneinfo /usr/share/zoneinfo timezone configuration --- 236 unchanged lines hidden (view full) --- 854uucp 66 855nobody 32767 856.TE 857.DE 858The ``daemon'' user is used for daemon processes that 859do not need root privileges. 860The ``operator'' user-id is used as an account for dumpers 861so that they can log in without having the root password. |
| 862By placing them in the ``operator'' group, | 862By placing them in the ``operator'' group, |
| 863they can get read access to the disks. 864The ``uucp'' login has existed long before \*(4B, 865and is noted here just to provide a common user-id. 866The password entry ``nobody'' has been added to specify 867the user with least privilege. The ``games'' user is a pseudo-user 868that controls access to game programs. 869.PP 870After installing your updated password file, you must run --- 126 unchanged lines hidden (view full) --- 997described as a dotted set of components. 998A new utility, 999.Xr sysctl (8), 1000retrieves kernel state and allows processes with appropriate 1001privilege to set kernel state. 1002.Sh 3 "Security" 1003.PP 1004The kernel runs with four different levels of security. | 863they can get read access to the disks. 864The ``uucp'' login has existed long before \*(4B, 865and is noted here just to provide a common user-id. 866The password entry ``nobody'' has been added to specify 867the user with least privilege. The ``games'' user is a pseudo-user 868that controls access to game programs. 869.PP 870After installing your updated password file, you must run --- 126 unchanged lines hidden (view full) --- 997described as a dotted set of components. 998A new utility, 999.Xr sysctl (8), 1000retrieves kernel state and allows processes with appropriate 1001privilege to set kernel state. 1002.Sh 3 "Security" 1003.PP 1004The kernel runs with four different levels of security. |
| 1005Any superuser process can raise the security level, but only | 1005Any superuser process can raise the security level, but only |
| 1006.Fn init (8) 1007can lower it. 1008Security levels are defined as follows: 1009.IP \-1 1010Permanently insecure mode \- always run system in level 0 mode. 1011.IP " 0" 1012Insecure mode \- immutable and append-only flags may be turned off. 1013All devices may be read or written subject to their permissions. --- 8 unchanged lines hidden (view full) --- 1022Highly secure mode \- same as secure mode, plus disks are always 1023read-only whether mounted or not. 1024This level precludes tampering with filesystems by unmounting them, 1025but also inhibits running 1026.Xr newfs (8) 1027while the system is multi-user. 1028See 1029.Xr chflags (1) | 1006.Fn init (8) 1007can lower it. 1008Security levels are defined as follows: 1009.IP \-1 1010Permanently insecure mode \- always run system in level 0 mode. 1011.IP " 0" 1012Insecure mode \- immutable and append-only flags may be turned off. 1013All devices may be read or written subject to their permissions. --- 8 unchanged lines hidden (view full) --- 1022Highly secure mode \- same as secure mode, plus disks are always 1023read-only whether mounted or not. 1024This level precludes tampering with filesystems by unmounting them, 1025but also inhibits running 1026.Xr newfs (8) 1027while the system is multi-user. 1028See 1029.Xr chflags (1) |
| 1030and the \-\fBo\fP option to | 1030and the \-\fBo\fP option to |
| 1031.Xr ls (1) 1032for information on setting and displaying the immutable and append-only 1033flags. 1034.PP 1035Normally, the system runs in level 0 mode while single user 1036and in level 1 mode while multiuser. 1037If the level 2 mode is desired while running multiuser, 1038it can be set in the startup script --- 121 unchanged lines hidden (view full) --- 1160and a family, 1161.Pn sa_family . 1162System calls that pass a 1163.I sockaddr 1164structure into the kernel (e.g. 1165.Fn sendto 1166and 1167.Fn connect ) | 1031.Xr ls (1) 1032for information on setting and displaying the immutable and append-only 1033flags. 1034.PP 1035Normally, the system runs in level 0 mode while single user 1036and in level 1 mode while multiuser. 1037If the level 2 mode is desired while running multiuser, 1038it can be set in the startup script --- 121 unchanged lines hidden (view full) --- 1160and a family, 1161.Pn sa_family . 1162System calls that pass a 1163.I sockaddr 1164structure into the kernel (e.g. 1165.Fn sendto 1166and 1167.Fn connect ) |
| 1168have a separate parameter that specifies the | 1168have a separate parameter that specifies the |
| 1169.I sockaddr 1170length, and thus it is not necessary to fill in the 1171.I sa_len 1172field for those system calls. 1173System calls that pass a 1174.I sockaddr | 1169.I sockaddr 1170length, and thus it is not necessary to fill in the 1171.I sa_len 1172field for those system calls. 1173System calls that pass a 1174.I sockaddr |
| 1175structure back from the kernel (e.g. | 1175structure back from the kernel (e.g. |
| 1176.Fn recvfrom 1177and 1178.Fn accept ) 1179receive a completely filled-in 1180.I sockaddr 1181structure, thus the length field is valid. 1182Because this would not work for old binaries, 1183the new library uses a different system call number. --- 130 unchanged lines hidden (view full) --- 1314filesystem have been written, 1315so we do not recommend it for production use. 1316See 1317.Xr newlfs (8), 1318.Xr mount_lfs (8) 1319and 1320.Xr lfs_cleanerd (8) 1321for more information. | 1176.Fn recvfrom 1177and 1178.Fn accept ) 1179receive a completely filled-in 1180.I sockaddr 1181structure, thus the length field is valid. 1182Because this would not work for old binaries, 1183the new library uses a different system call number. --- 130 unchanged lines hidden (view full) --- 1314filesystem have been written, 1315so we do not recommend it for production use. 1316See 1317.Xr newlfs (8), 1318.Xr mount_lfs (8) 1319and 1320.Xr lfs_cleanerd (8) 1321for more information. |
| 1322For a in-depth description of the implementation and performance | 1322For an in-depth description of the implementation and performance |
| 1323characteristics of log-structured filesystems in general, 1324and this one in particular, see Dr. Margo Seltzer's doctoral thesis, 1325available from the University of California Computer Science Department. 1326.PP 1327We have also added a memory-based filesystem that runs in 1328pageable memory, allowing large temporary filesystems without 1329requiring dedicated physical memory. 1330.PP | 1323characteristics of log-structured filesystems in general, 1324and this one in particular, see Dr. Margo Seltzer's doctoral thesis, 1325available from the University of California Computer Science Department. 1326.PP 1327We have also added a memory-based filesystem that runs in 1328pageable memory, allowing large temporary filesystems without 1329requiring dedicated physical memory. 1330.PP |
| 1331The local ``fast filesystem'' has been enhanced to do | 1331The local ``fast filesystem'' has been enhanced to do |
| 1332clustering that allows large pieces of files to be 1333allocated contiguously resulting in near doubling 1334of filesystem throughput. 1335The filesystem interface has been extended to allow 1336files and filesystems to grow to 2^63 bytes in size. 1337The quota system has been rewritten to support both 1338user and group quotas (simultaneously if desired). 1339Quota expiration is based on time rather than --- 10 unchanged lines hidden (view full) --- 1350the filesystem supports a new user-settable flag ``nodump''. 1351(File flags are set using the 1352.Xr chflags (1) 1353utility.) 1354When set on a file, 1355.Xr dump (8) 1356will omit the file from incremental backups 1357but retain them on full backups. | 1332clustering that allows large pieces of files to be 1333allocated contiguously resulting in near doubling 1334of filesystem throughput. 1335The filesystem interface has been extended to allow 1336files and filesystems to grow to 2^63 bytes in size. 1337The quota system has been rewritten to support both 1338user and group quotas (simultaneously if desired). 1339Quota expiration is based on time rather than --- 10 unchanged lines hidden (view full) --- 1350the filesystem supports a new user-settable flag ``nodump''. 1351(File flags are set using the 1352.Xr chflags (1) 1353utility.) 1354When set on a file, 1355.Xr dump (8) 1356will omit the file from incremental backups 1357but retain them on full backups. |
| 1358See the ``-h'' flag to | 1358See the ``-h'' flag to |
| 1359.Xr dump (8) 1360for details on how to change this default. 1361The ``nodump'' flag is usually set on core dumps, 1362system crash dumps, and object files generated by the compiler. 1363Note that the flag is not preserved when files are copied 1364so that installing an object file will cause it to be preserved. 1365.PP 1366The filesystem format used in \*(4B has several additions. --- 495 unchanged lines hidden (view full) --- 1862uname The POSIX 1003.2 system identification utility. 1863vis A filter for converting and displaying non-printable characters. 1864xargs The POSIX 1003.2 argument list constructor utility. 1865yacc A new, freely redistributable, significantly faster version. 1866.TE 1867.PP 1868The new versions of 1869.Xr lex (1) | 1359.Xr dump (8) 1360for details on how to change this default. 1361The ``nodump'' flag is usually set on core dumps, 1362system crash dumps, and object files generated by the compiler. 1363Note that the flag is not preserved when files are copied 1364so that installing an object file will cause it to be preserved. 1365.PP 1366The filesystem format used in \*(4B has several additions. --- 495 unchanged lines hidden (view full) --- 1862uname The POSIX 1003.2 system identification utility. 1863vis A filter for converting and displaying non-printable characters. 1864xargs The POSIX 1003.2 argument list constructor utility. 1865yacc A new, freely redistributable, significantly faster version. 1866.TE 1867.PP 1868The new versions of 1869.Xr lex (1) |
| 1870(``flex'') and | 1870(``flex'') and |
| 1871.Xr yacc (1) 1872(``zoo'') should be installed early on if attempting to 1873cross-compile \*(4B on another system. 1874Note that the new 1875.Xr lex 1876program is not completely backward compatible with historic versions of 1877.Xr lex , 1878although it is believed that all documented features are supported. --- 5 unchanged lines hidden (view full) --- 1884The ``fstype'' and ``prune'' options can be used together to prevent 1885find from crossing NFS mount points. 1886See 1887.Pn /etc/daily 1888for an example of their use. 1889.Sh 2 "Hints on converting from \*(Ps to \*(4B" 1890.PP 1891This section summarizes changes between | 1871.Xr yacc (1) 1872(``zoo'') should be installed early on if attempting to 1873cross-compile \*(4B on another system. 1874Note that the new 1875.Xr lex 1876program is not completely backward compatible with historic versions of 1877.Xr lex , 1878although it is believed that all documented features are supported. --- 5 unchanged lines hidden (view full) --- 1884The ``fstype'' and ``prune'' options can be used together to prevent 1885find from crossing NFS mount points. 1886See 1887.Pn /etc/daily 1888for an example of their use. 1889.Sh 2 "Hints on converting from \*(Ps to \*(4B" 1890.PP 1891This section summarizes changes between |
| 1892\*(Ps and \*(4B that are likely to | 1892\*(Ps and \*(4B that are likely to |
| 1893cause difficulty in doing the conversion. 1894It does not include changes in the network; 1895see section 5 for information on setting up the network. 1896.PP 1897Since the stat st_size field is now 64-bits instead of 32, 1898doing something like: 1899.DS 1900.ft CW --- 102 unchanged lines hidden --- | 1893cause difficulty in doing the conversion. 1894It does not include changes in the network; 1895see section 5 for information on setting up the network. 1896.PP 1897Since the stat st_size field is now 64-bits instead of 32, 1898doing something like: 1899.DS 1900.ft CW --- 102 unchanged lines hidden --- |