linux-from-scratch/glfs
1
0
Fork 0
mirror of https://github.com/Zeckmathederg/glfs.git synced 2025-01-24 23:32:12 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Finish formatting the "server" chapter

Browse Source 
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@22813 af4574ff-66df-0310-9fd7-8a98e5e911e0
This commit is contained in:
Pierre Labastie 2020-03-07 09:40:50 +00:00
parent 21a08bf2ee
commit 4472e9238f
12 changed files with 776 additions and 461 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
server/databases/lmdb.xml
View File

@ -81,7 +81,11 @@
<sect2 role="installation">
<title>Installation of lmdb</title>
<note><para>This package extracts to lmdb-LMDB_&lmdb-version;.</para></note>
<note>
<para>
This package extracts to lmdb-LMDB_&lmdb-version;.
</para>
</note>
<para>
Install <application>lmdb</application> by running the following

11
server/databases/mariadb.xml
View File

@ -72,9 +72,14 @@
</listitem>
</itemizedlist>
<note><para>The installed size of MariaDB is 473 MB, but this can be
reduced by about 200 MB, if desired, by removing the /usr/share/mysql/test
directory after installation.</para></note>
<note>
<para>
The installed size of MariaDB is 473 MB, but this can be
reduced by about 200 MB, if desired, by removing the <filename
class="directory">/usr/share/mysql/test</filename>
directory after installation.
</para>
</note>
<bridgehead renderas="sect3">MariaDB Dependencies</bridgehead>

444
server/databases/postgresql.xml
View File

@ -30,31 +30,45 @@
<sect2 role="package">
<title>Introduction to PostgreSQL</title>
<para><application>PostgreSQL</application> is an advanced
object-relational database management system (ORDBMS), derived
from the Berkeley Postgres database management system.</para>
<para>
<application>PostgreSQL</application> is an advanced
object-relational database management system (ORDBMS), derived
from the Berkeley Postgres database management system.
</para>
&lfs91_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Download (HTTP): <ulink url="&postgresql-download-http;"/></para>
<para>
Download (HTTP): <ulink url="&postgresql-download-http;"/>
</para>
</listitem>
<listitem>
<para>Download (FTP): <ulink url="&postgresql-download-ftp;"/></para>
<para>
Download (FTP): <ulink url="&postgresql-download-ftp;"/>
</para>
</listitem>
<listitem>
<para>Download MD5 sum: &postgresql-md5sum;</para>
<para>
Download MD5 sum: &postgresql-md5sum;
</para>
</listitem>
<listitem>
<para>Download size: &postgresql-size;</para>
<para>
Download size: &postgresql-size;
</para>
</listitem>
<listitem>
<para>Estimated disk space required: &postgresql-buildsize;</para>
<para>
Estimated disk space required: &postgresql-buildsize;
</para>
</listitem>
<listitem>
<para>Estimated build time: &postgresql-time;</para>
<para>
Estimated build time: &postgresql-time;
</para>
</listitem>
</itemizedlist>
@ -100,13 +114,19 @@
useradd -c "PostgreSQL Server" -g postgres -d /srv/pgsql/data \
-u 41 postgres</userinput></screen>
<note><para>There are several configuration items that add additional
functionality with optional packages to
<application>PostgreSQL</application>. Use <userinput>./configure
--help</userinput> to see a list.</para></note>
<note>
<para>
There are several configuration items that add additional
functionality with optional packages to
<application>PostgreSQL</application>. Use <command>./configure
--help</command> to see a list.
</para>
</note>
<para>Install <application>PostgreSQL</application> with the
following commands: </para>
<para>
Install <application>PostgreSQL</application> with the
following commands:
</para>
<screen><userinput>sed -i '/DEFAULT_PGSOCKET_DIR/s@/tmp@/run/postgresql@' src/include/pg_config_manual.h &amp;&amp;
@ -115,55 +135,61 @@ useradd -c "PostgreSQL Server" -g postgres -d /srv/pgsql/data \
--docdir=/usr/share/doc/postgresql-&postgresql-version; &amp;&amp;
make</userinput></screen>
<para>There are a number of programs in the
<filename class="directory">contrib/</filename> directory. If you are going
to run this installation as a server and wish to build some of them, enter
<command>make -C contrib</command> or
<command>make -C contrib/<replaceable>&lt;SUBDIR-NAME&gt;</replaceable></command> for each subdirectory.
<para>
There are a number of programs in the
<filename class="directory">contrib/</filename> directory. If you are
going to run this installation as a server and wish to build some of
them, enter <command>make -C contrib</command> or <command>make -C
contrib/<replaceable>&lt;SUBDIR-NAME&gt;</replaceable></command> for
each subdirectory.
</para>
<para>Tests must be run as an unprivileged user because they need to start a
temporary server and this is prevented as the root user. For the same reason,
you need to stop all PostgreSQL servers if any are running. If a previous
version of PostgreSQL is installed, it may be necessary to use
<command>--disable-rpath</command> with <command>configure</command> to
avoid failures, but <emphasis>installing the binaries created using this
switch is not recommended</emphasis>. To test the results, issue:
<command>make check</command>.</para>
<para>
Tests must be run as an unprivileged user because they need to start a
temporary server and this is prevented as the root user. For the same
reason, you need to stop all PostgreSQL servers if any are running. If a
previous version of PostgreSQL is installed, it may be necessary to use
<command>--disable-rpath</command> with <command>configure</command> to
avoid failures, but <emphasis>installing the binaries created using this
switch is not recommended</emphasis>. To test the results, issue:
<command>make check</command>.
</para>
<para>Now, as the <systemitem class="username">root</systemitem> user:</para>
<para>
Now, as the <systemitem class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>make install &amp;&amp;
make install-docs</userinput></screen>
<para>If you made any of the <filename class="directory">contrib/</filename>
programs, as the <systemitem class="username">root</systemitem> user:</para>
<para>
If you made any of the <filename class="directory">contrib/</filename>
programs, as the <systemitem class="username">root</systemitem> user:
</para>
<screen role="nodump"><userinput>make -C contrib/<replaceable>&lt;SUBDIR-NAME&gt;</replaceable> install</userinput></screen>
<para><emphasis>If you only intend to use
<application>PostgreSQL</application> as a client to connect to a server on
another machine, your installation is complete and you should not run the
remaining commands.</emphasis></para>
<tip>
<para>
If you only intend to use <application>PostgreSQL</application> as a
client to connect to a server on another machine, your installation is
complete and you should not run the remaining commands.
</para>
</tip>
<!-- 'Upgrading' seems to only ever exist in the docs for *previous* version -->
<!-- Obsolete: only if upgrading for versions prior to 9 <note>
<para>If you are upgrading an existing system and are going to install
the new files over the old ones, then you should back up your data, shut
down the old server and follow the instructions in <ulink
url="http://www.postgresql.org/docs/9.0/static/install-upgrading.html">the
official <application>PostgreSQL</application> documentation</ulink>.</para>
</note>-->
<para>Initialize a database cluster with the following commands issued by the
<systemitem class="username">root</systemitem> user:</para>
<para>
Initialize a database cluster with the following commands issued by the
<systemitem class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>install -v -dm700 /srv/pgsql/data &amp;&amp;
install -v -dm755 /run/postgresql &amp;&amp;
chown -Rv postgres:postgres /srv/pgsql /run/postgresql</userinput></screen>
<para>Now, initialize the database as the <systemitem
class="username">root</systemitem> user:</para>
<para>
Now, initialize the database as the <systemitem
class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>su - postgres -c '/usr/bin/initdb -D /srv/pgsql/data'</userinput></screen>
@ -180,25 +206,31 @@ chown -Rv postgres:postgres /srv/pgsql /run/postgresql</userinput></screen>
that they can work reliably-->.
</para>
<para><parameter>--docdir=/usr/share/doc/postgresql-&postgresql-version;</parameter>:
This switch puts the documentation in a versioned directory.</para>
<para><parameter>--enable-thread-safety</parameter>: This switch makes the
client libraries thread-safe by allowing concurrent threads in
<filename class="libraryfile">libpq</filename> and ECPG programs to safely
control their private connection handles.</para>
<para><option>--with-openssl</option>: builds the package with support for
<application>OpenSSL</application> encrypted connections.</para>
<para><option>--with-perl</option>: builds the PL/Perl server-side language.
<para>
<parameter>--enable-thread-safety</parameter>: This switch makes the
client libraries thread-safe by allowing concurrent threads in
<filename class="libraryfile">libpq</filename> and ECPG programs to
safely control their private connection handles.
</para>
<para><option>--with-python</option>: builds the PL/Python server-side
language. Add PYTHON=/usr/bin/python2 for Python2 support, otherwise
Python3 is used by default.</para>
<para>
<option>--with-openssl</option>: builds the package with support for
<application>OpenSSL</application> encrypted connections.
</para>
<para><option>--with-tcl</option>: builds the PL/Tcl server-side language.</para>
<para>
<option>--with-perl</option>: builds the PL/Perl server-side language.
</para>
<para>
<option>--with-python</option>: builds the PL/Python server-side
language. Add PYTHON=/usr/bin/python2 for Python2 support, otherwise
Python3 is used by default.
</para>
<para>
<option>--with-tcl</option>: builds the PL/Tcl server-side language.
</para>
</sect2>
@ -208,9 +240,11 @@ chown -Rv postgres:postgres /srv/pgsql /run/postgresql</userinput></screen>
<sect3 id="postgresql-config">
<title>Config Files</title>
<para><filename>$PGDATA/pg_ident.con</filename>,
<filename>$PGDATA/pg_hba.conf</filename> and
<filename>$PGDATA/postgresql.conf</filename></para>
<para>
<filename>$PGDATA/pg_ident.con</filename>,
<filename>$PGDATA/pg_hba.conf</filename>, and
<filename>$PGDATA/postgresql.conf</filename>
</para>
<indexterm zone="postgresql postgresql-config">
<primary sortas="e-A.PGDATA-pg_ident.con">$PGDATA/pg_indent.con</primary>
@ -224,14 +258,16 @@ chown -Rv postgres:postgres /srv/pgsql /run/postgresql</userinput></screen>
<primary sortas="e-A.PGDATA-postgresql.conf">$PGDATA/postgresql.conf</primary>
</indexterm>
<para>The <envar>PGDATA</envar> environment variable is used to
distinguish database clusters from one another by setting it to
the value of the directory which contains the cluster desired.
The three configuration files exist in every <filename
class="directory">PGDATA/</filename> directory. Details on the
format of the files and the options that can be set in each can
be found in <ulink
url="file:///usr/share/doc/postgresql-&postgresql-version;/html/index.html"/>.</para>
<para>
The <envar>PGDATA</envar> environment variable is used to
distinguish database clusters from one another by setting it to
the value of the directory which contains the cluster desired.
The three configuration files exist in every <filename
class="directory">PGDATA/</filename> directory. Details on the
format of the files and the options that can be set in each can
be found in <filename>
/usr/share/doc/postgresql-&postgresql-version;/html/index.html</filename>.
</para>
</sect3>
@ -239,13 +275,15 @@ chown -Rv postgres:postgres /srv/pgsql /run/postgresql</userinput></screen>
<title><phrase revision="sysv">Boot Script</phrase>
<phrase revision="systemd">Systemd Unit</phrase></title>
<para>Install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/postgresql</filename>
init script</phrase>
<phrase revision="systemd"><filename>postgresql.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.</para>
<para>
Install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/postgresql</filename>
init script</phrase>
<phrase revision="systemd"><filename>postgresql.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<indexterm zone="postgresql postgresql-init">
<primary sortas="f-postgresql">postgresql</primary>
@ -292,8 +330,8 @@ echo "insert into t1 values ('Jesse', 'Ontario');" \
echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></screen>
<para>
When you are done with testing, you can shut down the server, by issuing
as <systemitem class="username">root</systemitem>:
When you are done with testing, you can shut down the server, by
issuing as <systemitem class="username">root</systemitem>:
</para>
<screen role="root"><userinput>su - postgres -c "/usr/bin/pg_ctl stop -D /srv/pgsql/data"</userinput></screen>
@ -345,8 +383,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="clusterdb">
<term><command>clusterdb</command></term>
<listitem>
<para>is a utility for reclustering tables in a
<application>PostgreSQL</application> database.</para>
<para>
is a utility for reclustering tables in a
<application>PostgreSQL</application> database.
</para>
<indexterm zone="postgresql clusterdb">
<primary sortas="b-clusterdb">clusterdb</primary>
</indexterm>
@ -356,30 +396,23 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="createdb">
<term><command>createdb</command></term>
<listitem>
<para> creates a new <application>PostgreSQL</application>
database.</para>
<para>
creates a new <application>PostgreSQL</application>
database.
</para>
<indexterm zone="postgresql createdb">
<primary sortas="b-createdb">createdb</primary>
</indexterm>
</listitem>
</varlistentry>
<!-- <varlistentry id="createlang">
<term><command>createlang</command></term>
<listitem>
<para>defines a new <application>PostgreSQL</application> procedural
language.</para>
<indexterm zone="postgresql createlang">
<primary sortas="b-createlang">createlang</primary>
</indexterm>
</listitem>
</varlistentry>-->
<varlistentry id="createuser">
<term><command>createuser</command></term>
<listitem>
<para>defines a new <application>PostgreSQL</application>
user account.</para>
<para>
defines a new <application>PostgreSQL</application>
user account.
</para>
<indexterm zone="postgresql createuser">
<primary sortas="b-createuser">createuser</primary>
</indexterm>
@ -389,29 +422,21 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="dropdb">
<term><command>dropdb</command></term>
<listitem>
<para>removes a <application>PostgreSQL</application> database.</para>
<para>
removes a <application>PostgreSQL</application> database.
</para>
<indexterm zone="postgresql dropdb">
<primary sortas="b-dropdb">dropdb</primary>
</indexterm>
</listitem>
</varlistentry>
<!-- <varlistentry id="droplang">
<term><command>droplang</command></term>
<listitem>
<para>removes a <application>PostgreSQL</application> procedural
language.</para>
<indexterm zone="postgresql droplang">
<primary sortas="b-droplang">droplang</primary>
</indexterm>
</listitem>
</varlistentry> -->
<varlistentry id="dropuser">
<term><command>dropuser</command></term>
<listitem>
<para>removes a <application>PostgreSQL</application>
user account.</para>
<para>
removes a <application>PostgreSQL</application> user account.
</para>
<indexterm zone="postgresql dropuser">
<primary sortas="b-dropuser">dropuser</primary>
</indexterm>
@ -421,7 +446,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="ecpg">
<term><command>ecpg</command></term>
<listitem>
<para>is the embedded SQL preprocessor.</para>
<para>
is the embedded SQL preprocessor.
</para>
<indexterm zone="postgresql ecpg">
<primary sortas="b-ecpg">ecpg</primary>
</indexterm>
@ -431,7 +458,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="initdb">
<term><command>initdb</command></term>
<listitem>
<para>creates a new database cluster.</para>
<para>
creates a new database cluster.
</para>
<indexterm zone="postgresql initdb">
<primary sortas="b-initdb">initdb</primary>
</indexterm>
@ -441,8 +470,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="oid2name">
<term><command>oid2name</command></term>
<listitem>
<para>resolves OIDs (Object IDs) and file nodes in a PostgreSQL data
directory.</para>
<para>
resolves OIDs (Object IDs) and file nodes in a PostgreSQL data
directory.
</para>
<indexterm zone="postgresql oid2name">
<primary sortas="b-oid2name">oid2name</primary>
</indexterm>
@ -452,7 +483,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_archivecleanup">
<term><command>pg_archivecleanup</command></term>
<listitem>
<para>cleans up PostgreSQL WAL (write-ahead log) archive files.</para>
<para>
cleans up PostgreSQL WAL (write-ahead log) archive files.
</para>
<indexterm zone="postgresql pg_archivecleanup">
<primary sortas="b-pg_archivecleanup">pg_archivecleanup</primary>
</indexterm>
@ -462,8 +495,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_basebackup">
<term><command>pg_basebackup</command></term>
<listitem>
<para>takes base backups of a running
<application>PostgreSQL</application> cluster.</para>
<para>
takes base backups of a running
<application>PostgreSQL</application> cluster.
</para>
<indexterm zone="postgresql pg_basebackup">
<primary sortas="b-pg_basebackup">pg_basebackup</primary>
</indexterm>
@ -473,8 +508,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_config">
<term><command>pg_config</command></term>
<listitem>
<para>retrieves <application>PostgreSQL</application> version
information.</para>
<para>
retrieves <application>PostgreSQL</application> version
information.
</para>
<indexterm zone="postgresql pg_config">
<primary sortas="b-pg_config">pg_config</primary>
</indexterm>
@ -484,9 +521,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_controldata">
<term><command>pg_controldata</command></term>
<listitem>
<para>returns information initialized during
<command>initdb</command>, such as the catalog version and server
locale.</para>
<para>
returns information initialized during <command>initdb</command>,
such as the catalog version and server locale.
</para>
<indexterm zone="postgresql pg_controldata">
<primary sortas="b-pg_controldata">pg_controldata</primary>
</indexterm>
@ -496,7 +534,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_ctl">
<term><command>pg_ctl</command></term>
<listitem>
<para>controls stopping and starting the database server.</para>
<para>
controls stopping and starting the database server.
</para>
<indexterm zone="postgresql pg_ctl">
<primary sortas="b-pg_ctl">pg_ctl</primary>
</indexterm>
@ -506,8 +546,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_dump">
<term><command>pg_dump</command></term>
<listitem>
<para>dumps database data and metadata into scripts which are used
to recreate the database.</para>
<para>
dumps database data and metadata into scripts which are used
to recreate the database.
</para>
<indexterm zone="postgresql pg_dump">
<primary sortas="b-pg_dump">pg_dump</primary>
</indexterm>
@ -517,8 +559,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_dumpall">
<term><command>pg_dumpall</command></term>
<listitem>
<para>recursively calls <command>pg_dump</command> for each
database in a cluster.</para>
<para>
recursively calls <command>pg_dump</command> for each
database in a cluster.
</para>
<indexterm zone="postgresql pg_dumpall">
<primary sortas="b-pg_dumpall">pg_dumpall</primary>
</indexterm>
@ -528,7 +572,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_isready">
<term><command>pg_isready</command></term>
<listitem>
<para>check the connection status of a PostgreSQL server.</para>
<para>
checks the connection status of a PostgreSQL server.
</para>
<indexterm zone="postgresql pg_isready">
<primary sortas="b-pg_isready">pg_isready</primary>
</indexterm>
@ -550,7 +596,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_recvlogical">
<term><command>pg_recvlogical</command></term>
<listitem>
<para>controls PostgreSQL logical decoding streams.</para>
<para>
controls PostgreSQL logical decoding streams.
</para>
<indexterm zone="postgresql pg_recvlogical">
<primary sortas="b-pg_recvlogical">pg_recvlogical</primary>
</indexterm>
@ -560,8 +608,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_resetwal">
<term><command>pg_resetwal</command></term>
<listitem>
<para>resets the write-ahead log and other control information
of a PostgreSQL database cluseter.</para>
<para>
resets the write-ahead log and other control information
of a PostgreSQL database cluster.
</para>
<indexterm zone="postgresql pg_resetwal">
<primary sortas="b-pg_resetwal">pg_resetwal</primary>
</indexterm>
@ -571,8 +621,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_restore">
<term><command>pg_restore</command></term>
<listitem>
<para>creates databases from dump files created by
<command>pg_dump</command>.</para>
<para>
creates databases from dump files created by
<command>pg_dump</command>.
</para>
<indexterm zone="postgresql pg_restore">
<primary sortas="b-pg_restore">pg_restore</primary>
</indexterm>
@ -582,8 +634,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_rewind">
<term><command>pg_rewind</command></term>
<listitem>
<para>synchronizes a PostgreSQL data directory with another data
directory that was forked from the first one.</para>
<para>
synchronizes a PostgreSQL data directory with another data
directory that was forked from the first one.
</para>
<indexterm zone="postgresql pg_rewind">
<primary sortas="b-pg_rewind">pg_rewind</primary>
</indexterm>
@ -593,8 +647,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_standby">
<term><command>pg_standby</command></term>
<listitem>
<para>supports the creation of a PostgreSQL warm standby
server.</para>
<para>
supports the creation of a PostgreSQL warm standby server.
</para>
<indexterm zone="postgresql pg_standby">
<primary sortas="b-pg_standby">pg_standby</primary>
</indexterm>
@ -604,7 +659,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_test_fsync">
<term><command>pg_test_fsync</command></term>
<listitem>
<para>determine fastest wal_sync method for PostgreSQL.</para>
<para>
determines fastest wal_sync method for PostgreSQL.
</para>
<indexterm zone="postgresql pg_test_fsync">
<primary sortas="b-pg_test_fsync">pg_test_fsync</primary>
</indexterm>
@ -614,7 +671,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_test_timing">
<term><command>pg_test_timing</command></term>
<listitem>
<para>measure timing overhead.</para>
<para>
measures timing overhead.
</para>
<indexterm zone="postgresql pg_test_timing">
<primary sortas="b-pg_test_timing">pg_test_timing</primary>
</indexterm>
@ -624,7 +683,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_upgrade">
<term><command>pg_upgrade</command></term>
<listitem>
<para>upgrade a PostgreSQL server instance.</para>
<para>
upgrades a PostgreSQL server instance.
</para>
<indexterm zone="postgresql pg_upgrade">
<primary sortas="b-pg_upgrade">pg_upgrade</primary>
</indexterm>
@ -634,8 +695,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pg_waldump">
<term><command>pg_waldump</command></term>
<listitem>
<para>display a human-readable rendering of the write-ahead log of a
PostgreSQL database cluster.</para>
<para>
displays a human-readable rendering of the write-ahead log of a
PostgreSQL database cluster.
</para>
<indexterm zone="postgresql pg_waldump">
<primary sortas="b-pg_waldump">pg_waldump</primary>
</indexterm>
@ -645,7 +708,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pgbench">
<term><command>pgbench</command></term>
<listitem>
<para>run a benchmark test on PostgreSQL.</para>
<para>
runs a benchmark test on PostgreSQL.
</para>
<indexterm zone="postgresql pgbench">
<primary sortas="b-pgbench">pgbench</primary>
</indexterm>
@ -655,11 +720,13 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pltcl_delmod">
<term><command>pltcl_delmod</command></term>
<listitem>
<para>is a support script used to delete a module from a
PL/<application>Tcl</application> table. The command
requires the <ulink
url="http://flightaware.github.io/Pgtcl/">Pgtcl</ulink>
package to be installed also.</para>
<para>
is a support script used to delete a module from a
PL/<application>Tcl</application> table. The command
requires the <ulink
url="http://flightaware.github.io/Pgtcl/">Pgtcl</ulink>
package to be installed also.
</para>
<indexterm zone="postgresql pltcl_delmod">
<primary sortas="b-pltcl_delmod">pltcl_delmod</primary>
</indexterm>
@ -669,11 +736,13 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pltcl_listmod">
<term><command>pltcl_listmod</command></term>
<listitem>
<para>is a support script used to list the modules in a
PL/<application>Tcl</application> table. The command
requires the <ulink
url="http://gborg.postgresql.org/project/pgtcl/">Pgtcl</ulink>
package to be installed also.</para>
<para>
is a support script used to list the modules in a
PL/<application>Tcl</application> table. The command
requires the <ulink
url="http://gborg.postgresql.org/project/pgtcl/">Pgtcl</ulink>
package to be installed also.
</para>
<indexterm zone="postgresql pltcl_listmod">
<primary sortas="b-pltcl_listmod">pltcl_listmod</primary>
</indexterm>
@ -683,11 +752,13 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="pltcl_loadmod">
<term><command>pltcl_loadmod</command></term>
<listitem>
<para>is a support script used to load a module into a
PL/<application>Tcl</application> table. The command
requires the <ulink
url="http://gborg.postgresql.org/project/pgtcl/">Pgtcl</ulink>
package to be installed also.</para>
<para>
is a support script used to load a module into a
PL/<application>Tcl</application> table. The command
requires the <ulink
url="http://gborg.postgresql.org/project/pgtcl/">Pgtcl</ulink>
package to be installed also.
</para>
<indexterm zone="postgresql pltcl_loadmod">
<primary sortas="b-pltcl_loadmod">pltcl_loadmod</primary>
</indexterm>
@ -697,7 +768,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="postgres">
<term><command>postgres</command></term>
<listitem>
<para>is the PostgreSQL database server.</para>
<para>
is the PostgreSQL database server.
</para>
<indexterm zone="postgresql postgres">
<primary sortas="b-postgres">postgres</primary>
</indexterm>
@ -707,8 +780,10 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="postmaster">
<term><command>postmaster</command></term>
<listitem>
<para>(deprecated, a symlink to <command>postgres</command>) is a
multi-user database daemon.</para>
<para>
(deprecated, a symlink to <command>postgres</command>) is a
multi-user database daemon.
</para>
<indexterm zone="postgresql postmaster">
<primary sortas="b-postmaster">postmaster</primary>
</indexterm>
@ -718,7 +793,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="psql">
<term><command>psql</command></term>
<listitem>
<para>is a console based database shell.</para>
<para>
is a console based database shell.
</para>
<indexterm zone="postgresql psql">
<primary sortas="b-psql">psql</primary>
</indexterm>
@ -728,7 +805,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="reindexdb">
<term><command>reindexdb</command></term>
<listitem>
<para>is a utility for rebuilding indexes in a database.</para>
<para>
is a utility for rebuilding indexes in a database.
</para>
<indexterm zone="postgresql reindexdb">
<primary sortas="b-reindexdb">reindexdb</primary>
</indexterm>
@ -738,8 +817,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="vacuumdb">
<term><command>vacuumdb</command></term>
<listitem>
<para>compacts databases and generates statistics for the query
analyzer.</para>
<para>
compacts databases and generates statistics for the query analyzer.
</para>
<indexterm zone="postgresql vacuumdb">
<primary sortas="b-vacuumdb">vacuumdb</primary>
</indexterm>
@ -749,7 +829,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="vacuumlo">
<term><command>vacuumlo</command></term>
<listitem>
<para>remove orphaned large objects from a PostgreSQL database.</para>
<para>
removes orphaned large objects from a PostgreSQL database.
</para>
<indexterm zone="postgresql vacuumlo">
<primary sortas="b-vacuumlo">vacuumlo</primary>
</indexterm>
@ -759,7 +841,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="libecpg">
<term><filename class='libraryfile'>libecpg.{so,a}</filename></term>
<listitem>
<para>contains functions to support embedded SQL in C programs.</para>
<para>
contains functions to support embedded SQL in C programs.
</para>
<indexterm zone="postgresql libecpg">
<primary sortas="c-libecpg">libecpg.{so,a}</primary>
</indexterm>
@ -769,7 +853,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="libecpg_compat">
<term><filename class='libraryfile'>libecpg_compat.{so,a}</filename></term>
<listitem>
<para>is the ecpg compatibility library.</para>
<para>
is the ecpg compatibility library.
</para>
<indexterm zone="postgresql libecpg_compat">
<primary sortas="c-libecpg_compat">libecpg_compat.{so,a}</primary>
</indexterm>
@ -779,7 +865,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="libgport">
<term><filename class='libraryfile'>libgport.a</filename></term>
<listitem>
<para>is the port-specific subsystem of the Postgres backend.</para>
<para>
is the port-specific subsystem of the Postgres backend.
</para>
<indexterm zone="postgresql libgport">
<primary sortas="c-libgport">libgport.a</primary>
</indexterm>
@ -789,7 +877,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="libpgtypes">
<term><filename class='libraryfile'>libpgtypes.{so,a}</filename></term>
<listitem>
<para>contains functions for dealing with Postgres data types.</para>
<para>
contains functions for dealing with Postgres data types.
</para>
<indexterm zone="postgresql libpgtypes">
<primary sortas="c-libpgtypes">libpgtypes.{so,a}</primary>
</indexterm>
@ -799,7 +889,9 @@ echo "select * from t1;" | (su - postgres -c '/usr/bin/psql test')</userinput></
<varlistentry id="libpq">
<term><filename class='libraryfile'>libpq.{so,a}</filename></term>
<listitem>
<para>is the C programmer's API to Postgres.</para>
<para>
is the C programmer's API to Postgres.
</para>
<indexterm zone="postgresql libpq">
<primary sortas="c-libpq">libpq.{so,a}</primary>
</indexterm>

2
server/mail/exim.xml
View File

@ -414,7 +414,7 @@ exim -v -bi &amp;&amp;
<phrase revision="systemd"><filename>exim.service</filename>
unit</phrase>
included in the <xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<indexterm zone="exim exim-init">

2
server/mail/postfix.xml
View File

@ -437,7 +437,7 @@ EOF</userinput></screen>
<phrase revision="systemd"><filename>postfix.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<indexterm zone="postfix postfix-init">

2
server/mail/sendmail.xml
View File

@ -336,7 +336,7 @@ m4 m4/cf.m4 sendmail.mc > sendmail.cf</userinput></screen>
<phrase revision="systemd"><filename>sendmail.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<indexterm zone="sendmail sendmail-init">

10
server/major/apache.xml
View File

@ -162,8 +162,12 @@ make</userinput></screen>
Now, as the <systemitem class="username">root</systemitem> user:
</para>
<note><para>This package does not install properly using DESTDIR
techniques as an unpriviledged user.</para></note>
<note>
<para>
This package does not install properly using <envar>DESTDIR</envar>
techniques as an unpriviledged user.
</para>
</note>
<screen role="root"><userinput>make install &amp;&amp;
@ -282,7 +286,7 @@ chown -v -R apache:apache /srv/www</userinput></screen>
<phrase revision="systemd"><filename>httpd.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<indexterm zone="apache httpd-init">

378
server/major/bind.xml
View File

@ -29,40 +29,55 @@
<sect2 role="package">
<title>Introduction to BIND</title>
<para>The <application>BIND</application> package provides a DNS server
and client utilities. If you are only interested in the utilities, refer
to the <xref linkend="bind-utils"/>.</para>
<para>
The <application>BIND</application> package provides a DNS server
and client utilities. If you are only interested in the utilities, refer
to the <xref linkend="bind-utils"/>.
</para>
&lfs91_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Download (HTTP): <ulink url="&bind-download-http;"/></para>
<para>
Download (HTTP): <ulink url="&bind-download-http;"/>
</para>
</listitem>
<listitem>
<para>Download (FTP): <ulink url="&bind-download-ftp;"/></para>
<para>
Download (FTP): <ulink url="&bind-download-ftp;"/>
</para>
</listitem>
<listitem>
<para>Download MD5 sum: &bind-md5sum;</para>
<para>
Download MD5 sum: &bind-md5sum;
</para>
</listitem>
<listitem>
<para>Download size: &bind-size;</para>
<para>
Download size: &bind-size;
</para>
</listitem>
<listitem>
<para>Estimated disk space required: &bind-buildsize;</para>
<para>
Estimated disk space required: &bind-buildsize;
</para>
</listitem>
<listitem>
<para>Estimated build time: &bind-time;</para>
<para>
Estimated build time: &bind-time;
</para>
</listitem>
</itemizedlist>
<!--
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
<itemizedlist spacing='compact'>
<listitem>
<para>Optional patch (if net-tools is not installed):
<ulink
url="&patch-root;/bind-&bind-version;-use_iproute2-1.patch"/></para>
<para>
Optional patch (if net-tools is not installed): <ulink
url="&patch-root;/bind-&bind-version;-use_iproute2-1.patch"/>
</para>
</listitem>
</itemizedlist>
-->
@ -115,20 +130,26 @@
<sect2 role="installation">
<title>Installation of BIND</title>
<!--
<para>If you have chosen not to install net-tools, apply the iproute2
patch with the following command:</para>
<para>
If you have chosen not to install net-tools, apply the iproute2
patch with the following command:
</para>
<screen><userinput>patch -Np1 -i ../bind-&bind-version;-use_iproute2-1.patch</userinput></screen>
-->
<para>To ensure <application>BIND</application> will build dnssec-keymgr,
install a python module as the <systemitem
class="username">root</systemitem> user:</para>
<para>
To ensure <application>BIND</application> will build dnssec-keymgr,
install a python module as the <systemitem
class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>pip3 install ply</userinput></screen>
<para>Install <application>BIND</application> by running the
following commands:</para>
<para>
Install <application>BIND</application> by running the
following commands:
</para>
<screen><userinput>./configure --prefix=/usr \
--sysconfdir=/etc \
@ -138,32 +159,44 @@
--disable-static &amp;&amp;
make</userinput></screen>
<para>Issue the following commands to run the complete suite of tests.
First, as the <systemitem class="username">root</systemitem> user, set up
some test interfaces:</para>
<para>
Issue the following commands to run the complete suite of tests.
First, as the <systemitem class="username">root</systemitem> user, set up
some test interfaces:
</para>
<note><para>If IPv6 is not enabled in the kernel, there will be several
error messages: "RTNETLINK answers: Operation not permitted". These
messages do not affect the tests.</para></note>
<note>
<para>
If IPv6 is not enabled in the kernel, there will be several
error messages: "RTNETLINK answers: Operation not permitted". These
messages do not affect the tests.
</para>
</note>
<screen role="root"
remap="test"><userinput>bin/tests/system/ifconfig.sh up</userinput></screen>
<para>The test suite may indicate some skipped tests depending on
what configuration options are used. Some tests are marked <quote>UNTESTED
</quote> if <xref linkend="perl-net-dns"/> is not installed.
To run the tests, as an unprivileged user, execute:</para>
<para>
The test suite may indicate some skipped tests depending on
what configuration options are used. Some tests are marked
<quote>UNTESTED</quote> if <xref linkend="perl-net-dns"/> is not
installed. To run the tests, as an unprivileged user, execute:
</para>
<screen remap="test"><userinput>make -k check</userinput></screen>
<para>Again as <systemitem class="username">root</systemitem>, clean up the
test interfaces:</para>
<para>
Again as <systemitem class="username">root</systemitem>, clean up the
test interfaces:
</para>
<screen role="root"
remap="test"><userinput>bin/tests/system/ifconfig.sh down</userinput></screen>
<para>Finally, install the package as the <systemitem
class="username">root</systemitem> user:</para>
<para>
Finally, install the package as the <systemitem
class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>make install &amp;&amp;
@ -180,48 +213,65 @@ install -v -m644 doc/misc/{dnssec,ipv6,migrat*,options,rfc-compliance,roadmap
<sect2 role="commands">
<title>Command Explanations</title>
<para><parameter>--sysconfdir=/etc</parameter>: This parameter forces
<application>BIND</application> to look for configuration
files in <filename class='directory'>/etc</filename> instead of
<filename class='directory'>/usr/etc</filename>.</para>
<para>
<parameter>--sysconfdir=/etc</parameter>: This parameter forces
<application>BIND</application> to look for configuration
files in <filename class='directory'>/etc</filename> instead of
<filename class='directory'>/usr/etc</filename>.
</para>
<!-- No longer available as of 9.14.2
<para><parameter>- -enable-threads</parameter>: This parameter enables
multi-threading capability.</para>
<para>
<parameter>- -enable-threads</parameter>: This parameter enables
multi-threading capability.
</para>
-->
<para><parameter>--with-libtool</parameter>: This parameter forces the
building of dynamic libraries and links the installed binaries to these
libraries.</para>
<para>
<parameter>--with-libtool</parameter>: This parameter forces the
building of dynamic libraries and links the installed binaries to these
libraries.
</para>
<para><option>--with-libidn2</option>: This parameter enables
the IDNA2008 (Internationalized Domain Names in Applications)
support.</para>
<para>
<option>--with-libidn2</option>: This parameter enables
the IDNA2008 (Internationalized Domain Names in Applications)
support.
</para>
<!-- no longer available
<para><parameter>- -with-randomdev=/dev/urandom</parameter>: This parameter
specifes a non-blocking random device for use with digital signatures.</para>
<para>
<parameter>- -with-randomdev=/dev/urandom</parameter>: This parameter
specifes a non-blocking random device for use with digital signatures.
</para>
-->
<para><option>--enable-fetchlimit</option>: Use this option if you want
to be able to limit the rate of recursive client queries. This may be
useful on servers which receive a large number of queries.</para>
<para>
<option>--enable-fetchlimit</option>: Use this option if you want
to be able to limit the rate of recursive client queries. This may be
useful on servers which receive a large number of queries.
</para>
<para><option>--disable-linux-caps</option>: BIND can also be built without
capability support by using this option, at the cost of some loss of
security.</para>
<para>
<option>--disable-linux-caps</option>: BIND can also be built without
capability support by using this option, at the cost of some loss of
security.
</para>
<para><option>--with-dlz-{mysql,bdb,filesystem,ldap,odbc,stub}</option>: Use
one (or more) of those options to add Dynamically Loadable Zones support.
For more information refer to
<ulink url="http://bind-dlz.sourceforge.net/">bind-dlz.sourceforge.net</ulink>.
<para>
<option>--with-dlz-{mysql,bdb,filesystem,ldap,odbc,stub}</option>: Use
one (or more) of those options to add Dynamically Loadable Zones support.
For more information refer to <ulink
url="http://bind-dlz.sourceforge.net/">bind-dlz.sourceforge.net</ulink>.
</para>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../xincludes/static-libraries.xml"/>
<para><command>cd doc; install ...</command>: These commands install
additional package documentation. Omit any or all of these commands if
desired.</para>
<para>
<command>cd doc; install ...</command>: These commands install
additional package documentation. Omit any or all of these commands if
desired.
</para>
</sect2>
<sect2 role="configuration">
@ -230,11 +280,13 @@ install -v -m644 doc/misc/{dnssec,ipv6,migrat*,options,rfc-compliance,roadmap
<sect3 id="bind-config">
<title>Config files</title>
<para><filename>named.conf</filename>,
<filename>root.hints</filename>,
<filename>127.0.0</filename>,
<filename>rndc.conf</filename> and
<filename>resolv.conf</filename></para>
<para>
<filename>named.conf</filename>,
<filename>root.hints</filename>,
<filename>127.0.0</filename>,
<filename>rndc.conf</filename>, and
<filename>resolv.conf</filename>
</para>
<indexterm zone="bind bind-config">
<primary sortas="e-etc-named.conf">/etc/named.conf</primary>
@ -262,22 +314,28 @@ install -v -m644 doc/misc/{dnssec,ipv6,migrat*,options,rfc-compliance,roadmap
<sect3>
<title>Configuration Information</title>
<para><application>BIND</application> will be configured to run in a
<command>chroot</command> jail as an unprivileged user (<systemitem
class="username">named</systemitem>). This configuration is more secure
in that a DNS compromise can only affect a few files in the <systemitem
class="username">named</systemitem> user's <envar>HOME</envar>
directory.</para>
<para>
<application>BIND</application> will be configured to run in a
<command>chroot</command> jail as an unprivileged user (<systemitem
class="username">named</systemitem>). This configuration is more secure
in that a DNS compromise can only affect a few files in the <systemitem
class="username">named</systemitem> user's <envar>HOME</envar>
directory.
</para>
<para>Create the unprivileged user and group <systemitem
class="username">named</systemitem>:</para>
<para>
Create the unprivileged user and group <systemitem
class="username">named</systemitem>:
</para>
<screen role="root"><userinput>groupadd -g 20 named &amp;&amp;
useradd -c "BIND Owner" -g named -s /bin/false -u 20 named &amp;&amp;
install -d -m770 -o named -g named /srv/named</userinput></screen>
<para>Set up some files, directories and devices needed by
<application>BIND</application>:</para>
<para>
Set up some files, directories and devices needed by
<application>BIND</application>:
</para>
<screen role="root"><userinput>mkdir -p /srv/named &amp;&amp;
cd /srv/named &amp;&amp;
@ -287,16 +345,21 @@ mknod /srv/named/dev/urandom c 1 9 &amp;&amp;
chmod 666 /srv/named/dev/{null,urandom} &amp;&amp;
cp /etc/localtime etc</userinput></screen>
<para>The <filename>rndc.conf</filename> file contains information for
controlling <command>named</command> operations with the
<command>rndc</command> utility. Generate a key for use in the <filename>named.conf</filename> and <filename>rdnc.conf</filename> with the
<command>rndc-confgen</command> command:</para>
<para>
The <filename>rndc.conf</filename> file contains information for
controlling <command>named</command> operations with the
<command>rndc</command> utility. Generate a key for use in the
<filename>named.conf</filename> and <filename>rdnc.conf</filename>
with the <command>rndc-confgen</command> command:
</para>
<screen role="root"><userinput>rndc-confgen -a -b 512 -t /srv/named</userinput></screen>
<screen role="root"><userinput>rndc-confgen -a -b 512 -t /srv/named</userinput></screen>
<para>Complete the <filename>named.conf</filename> file from which
<command>named</command> will read the location of zone files, root
name servers and secure DNS keys:</para>
<para>
Complete the <filename>named.conf</filename> file from which
<command>named</command> will read the location of zone files, root
name servers and secure DNS keys:
</para>
<screen role="root"><?dbfo keep-together="auto"?><userinput>cat &gt;&gt; /srv/named/etc/named.conf &lt;&lt; "EOF"
<literal>options {
@ -352,7 +415,9 @@ logging {
};</literal>
EOF</userinput></screen>
<para>Create a zone file with the following contents:</para>
<para>
Create a zone file with the following contents:
</para>
<screen role="root"><userinput>cat &gt; /srv/named/etc/named/pz/127.0.0 &lt;&lt; "EOF"
<literal>$TTL 3D
@ -366,12 +431,16 @@ EOF</userinput></screen>
1 PTR localhost.</literal>
EOF</userinput></screen>
<para>Create the <filename>root.hints</filename> file with the following
commands:</para>
<para>
Create the <filename>root.hints</filename> file with the following
commands:
</para>
<note>
<para>Caution must be used to ensure there are no leading spaces in
this file.</para>
<para>
Caution must be used to ensure there are no leading spaces in
this file.
</para>
</note>
<screen role="root"><userinput>cat &gt; /srv/named/etc/named/root.hints &lt;&lt; "EOF"
@ -416,22 +485,28 @@ M.ROOT-SERVERS.NET. 6D IN A 202.12.27.33
M.ROOT-SERVERS.NET. 6D IN AAAA 2001:dc3::35</literal>
EOF</userinput></screen>
<para>The <filename>root.hints</filename> file is a list of root name
servers. This file must be updated periodically with the
<command>dig</command> utility. A current copy of root.hints can be
obtained from <ulink url="ftp://rs.internic.net/domain/named.root" />.
For details, consult the "BIND 9 Administrator Reference Manual", included
in every source archive of BIND 9 distributed by ISC, in HTML and PDF
formats, also available at
<ulink url="ftp://ftp.isc.org/isc/bind9/cur/&bind-minor-version;/doc/arm/Bv9ARM.html">
BIND 9 Administrator Reference Manual</ulink>.</para>
<para>
The <filename>root.hints</filename> file is a list of root name
servers. This file must be updated periodically with the
<command>dig</command> utility. A current copy of root.hints can be
obtained from <ulink url="ftp://rs.internic.net/domain/named.root" />.
For details, consult the "BIND 9 Administrator Reference Manual",
included in every source archive of BIND 9 distributed by ISC, in HTML
and PDF formats, also available at <ulink
url="ftp://ftp.isc.org/isc/bind9/cur/&bind-minor-version;/doc/arm/Bv9ARM.html">
BIND 9 Administrator Reference Manual</ulink>.
</para>
<para>Create or modify <filename>resolv.conf</filename> to use the new
name server with the following commands:</para>
<para>
Create or modify <filename>resolv.conf</filename> to use the new
name server with the following commands:
</para>
<note>
<para>Replace <replaceable>&lt;yourdomain.com&gt;</replaceable> with
your own valid domain name.</para>
<para>
Replace <replaceable>&lt;yourdomain.com&gt;</replaceable> with
your own valid domain name.
</para>
</note>
<screen role="root"><userinput>cp /etc/resolv.conf /etc/resolv.conf.bak &amp;&amp;
@ -440,8 +515,10 @@ cat &gt; /etc/resolv.conf &lt;&lt; "EOF"
nameserver 127.0.0.1</literal>
EOF</userinput></screen>
<para>Set permissions on the <command>chroot</command> jail with the
following command:</para>
<para>
Set permissions on the <command>chroot</command> jail with the
following command:
</para>
<screen role="root"><userinput>chown -R named:named /srv/named</userinput></screen>
@ -451,13 +528,15 @@ EOF</userinput></screen>
<title><phrase revision="sysv">Boot Script</phrase>
<phrase revision="systemd">Systemd Unit</phrase></title>
<para>To start the DNS server at boot, install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/bind</filename> init
script</phrase>
<phrase revision="systemd"><filename>named.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.</para>
<para>
To start the DNS server at boot, install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/bind</filename> init
script</phrase>
<phrase revision="systemd"><filename>named.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<indexterm zone="bind bind-init">
<primary sortas="f-bind">bind</primary>
@ -466,8 +545,9 @@ EOF</userinput></screen>
<screen role="root" revision="sysv"><userinput>make install-bind</userinput></screen>
<screen role="root" revision="systemd"><userinput>make install-named</userinput></screen>
<para>Now start <application>BIND</application> with
the following command:</para>
<para>
Now start <application>BIND</application> with the following command:
</para>
<screen role="root" revision="sysv"><userinput>/etc/rc.d/init.d/bind start</userinput></screen>
<screen role="root" revision="systemd"><userinput>systemctl start named</userinput></screen>
@ -477,22 +557,28 @@ EOF</userinput></screen>
<sect3>
<title>Testing BIND</title>
<para>Test out the new <application>BIND</application> 9 installation.
First query the local host address with <command>dig</command>:</para>
<para>
Test out the new <application>BIND</application> 9 installation.
First query the local host address with <command>dig</command>:
</para>
<screen><userinput>dig -x 127.0.0.1</userinput></screen>
<para>Now try an external name lookup, taking note of the speed
difference in repeated lookups due to the caching. Run the
<command>dig</command> command twice on the same address:</para>
<para>
Now try an external name lookup, taking note of the speed
difference in repeated lookups due to the caching. Run the
<command>dig</command> command twice on the same address:
</para>
<screen><userinput>dig www.&lfs-domainname; &amp;&amp;
dig www.&lfs-domainname;</userinput></screen>
<para>You can see almost instantaneous results with the named caching
lookups. Consult the <application>BIND</application> Administrator
Reference Manual located at <filename>doc/arm/Bv9ARM.html</filename>
in the package source tree, for further configuration options.</para>
<para>
You can see almost instantaneous results with the named caching
lookups. Consult the <application>BIND</application> Administrator
Reference Manual located at <filename>doc/arm/Bv9ARM.html</filename>
in the package source tree, for further configuration options.
</para>
</sect3>
@ -582,7 +668,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="dig">
<term><command>dig</command></term>
<listitem>
<para>interrogates DNS servers.</para>
<para>
interrogates DNS servers.
</para>
<indexterm zone="bind dig">
<primary sortas="b-dig">dig</primary>
</indexterm>
@ -656,7 +744,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="dnssec-keygen">
<term><command>dnssec-keygen</command></term>
<listitem>
<para>is a key generator for secure DNS.</para>
<para>
is a key generator for secure DNS.
</para>
<indexterm zone="bind dnssec-keygen">
<primary sortas="b-dnssec-keygen">dnssec-keygen</primary>
</indexterm>
@ -690,7 +780,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="dnssec-signzone">
<term><command>dnssec-signzone</command></term>
<listitem>
<para>generates signed versions of zone files.</para>
<para>
generates signed versions of zone files.
</para>
<indexterm zone="bind dnssec-signzone">
<primary sortas="b-dnssec-signzone">dnssec-signzone</primary>
</indexterm>
@ -726,7 +818,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="host">
<term><command>host</command></term>
<listitem>
<para>is a utility for DNS lookups.</para>
<para>
is a utility for DNS lookups.
</para>
<indexterm zone="bind host">
<primary sortas="b-host">host</primary>
</indexterm>
@ -760,7 +854,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="lwresd">
<term><command>lwresd</command></term>
<listitem>
<para>is a caching-only name server for local process use.</para>
<para>
is a caching-only name server for local process use.
</para>
<indexterm zone="bind lwresd">
<primary sortas="b-lwresd">lwresd</primary>
</indexterm>
@ -770,7 +866,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="named">
<term><command>named</command></term>
<listitem>
<para>is the name server daemon.</para>
<para>
is the name server daemon.
</para>
<indexterm zone="bind named">
<primary sortas="b-named">named</primary>
</indexterm>
@ -780,8 +878,10 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="named-checkconf">
<term><command>named-checkconf</command></term>
<listitem>
<para>checks the syntax of <filename>named.conf</filename>
files.</para>
<para>
checks the syntax of <filename>named.conf</filename>
files.
</para>
<indexterm zone="bind named-checkconf">
<primary sortas="b-named-checkconf">named-checkconf</primary>
</indexterm>
@ -791,7 +891,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="named-checkzone">
<term><command>named-checkzone</command></term>
<listitem>
<para>checks zone file validity.</para>
<para>
checks zone file validity.
</para>
<indexterm zone="bind named-checkzone">
<primary sortas="b-named-checkzone">named-checkzone</primary>
</indexterm>
@ -851,7 +953,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="nslookup">
<term><command>nslookup</command></term>
<listitem>
<para>is a program used to query Internet domain nameservers.</para>
<para>
is a program used to query Internet domain nameservers.
</para>
<indexterm zone="bind nslookup">
<primary sortas="b-nslookup">nslookup</primary>
</indexterm>
@ -861,7 +965,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="nsupdate">
<term><command>nsupdate</command></term>
<listitem>
<para>is used to submit DNS update requests.</para>
<para>
is used to submit DNS update requests.
</para>
<indexterm zone="bind nsupdate">
<primary sortas="b-nsupdate">nsupdate</primary>
</indexterm>
@ -871,7 +977,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="rndc">
<term><command>rndc</command></term>
<listitem>
<para>controls the operation of <application>BIND</application>.</para>
<para>
controls the operation of <application>BIND</application>.
</para>
<indexterm zone="bind rndc">
<primary sortas="b-rndc">rndc</primary>
</indexterm>
@ -881,7 +989,9 @@ dig www.&lfs-domainname;</userinput></screen>
<varlistentry id="rndc-confgen">
<term><command>rndc-confgen</command></term>
<listitem>
<para>generates <filename>rndc.conf</filename> files.</para>
<para>
generates <filename>rndc.conf</filename> files.
</para>
<indexterm zone="bind rndc-confgen">
<primary sortas="b-rndc-confgen">rndc-confgen</primary>
</indexterm>

6
server/major/major.xml
View File

@ -15,8 +15,10 @@ $Date$
<title>Major Servers</title>
<para>Major servers are the programs that provide content or services
to users or other programs.</para>
<para>
Major servers are the programs that provide content or services
to users or other programs.
</para>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="apache.xml"/>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="bind.xml"/>

178
server/major/proftpd.xml
View File

@ -29,31 +29,45 @@
<sect2 role="package">
<title>Introduction to ProFTPD</title>
<para>The <application>ProFTPD</application> package contains a secure
and highly configurable FTP daemon. This is useful for serving large
file archives over a network.</para>
<para>
The <application>ProFTPD</application> package contains a secure
and highly configurable FTP daemon. This is useful for serving large
file archives over a network.
</para>
&lfs91_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Download (HTTP): <ulink url="&proftpd-download-http;"/></para>
<para>
Download (HTTP): <ulink url="&proftpd-download-http;"/>
</para>
</listitem>
<listitem>
<para>Download (FTP): <ulink url="&proftpd-download-ftp;"/></para>
<para>
Download (FTP): <ulink url="&proftpd-download-ftp;"/>
</para>
</listitem>
<listitem>
<para>Download MD5 sum: &proftpd-md5sum;</para>
<para>
Download MD5 sum: &proftpd-md5sum;
</para>
</listitem>
<listitem>
<para>Download size: &proftpd-size;</para>
<para>
Download size: &proftpd-size;
</para>
</listitem>
<listitem>
<para>Estimated disk space required: &proftpd-buildsize;</para>
<para>
Estimated disk space required: &proftpd-buildsize;
</para>
</listitem>
<listitem>
<para>Estimated build time: &proftpd-time;</para>
<para>
Estimated build time: &proftpd-time;
</para>
</listitem>
</itemizedlist>
<!--
@ -88,9 +102,11 @@
<sect2 role="installation">
<title>Installation of ProFTPD</title>
<para>For security reasons, you should install
<application>ProFTPD</application> using an unprivileged user and group.
As the <systemitem class="username">root</systemitem> user:</para>
<para>
For security reasons, you should install
<application>ProFTPD</application> using an unprivileged user and group.
As the <systemitem class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>groupadd -g 46 proftpd &amp;&amp;
useradd -c proftpd -d /srv/ftp -g proftpd \
@ -107,15 +123,21 @@ echo /usr/bin/proftpdshell &gt;&gt; /etc/shells</userinput></screen>
<screen><userinput remap="pre">patch -Np1 -i ../proftpd-&proftpd-version;-consolidated_fixes-1.patch</userinput></screen>
-->
<para>Install <application>ProFTPD</application> as an unprivileged user by
running the following commands:</para>
<para>
Install <application>ProFTPD</application> as an unprivileged user by
running the following commands:
</para>
<screen><userinput>./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var/run &amp;&amp;
make</userinput></screen>
<para>This packages does not come with a usable test suite.</para>
<para>
This packages does not come with a usable test suite.
</para>
<para>Now, as the <systemitem class="username">root</systemitem> user:</para>
<para>
Now, as the <systemitem class="username">root</systemitem> user:
</para>
<screen role="root"><userinput>make install &amp;&amp;
install -d -m755 /usr/share/doc/proftpd-&proftpd-version; &amp;&amp;
@ -126,26 +148,35 @@ cp -Rv doc/* /usr/share/doc/proftpd-&proftpd-version;</userinput></screen>
<sect2 role="commands">
<title>Command Explanations</title>
<para><command>install -v -d -m775 -o proftpd -g proftpd
/srv/ftp</command>: Create the home directory for
<application>ProFTPD</application>.</para>
<para>
<command>install -v -d -m775 -o proftpd -g proftpd /srv/ftp</command>:
Create the home directory for <application>ProFTPD</application>.
</para>
<para><command>ln -v -s /bin/false /usr/bin/proftpdshell</command>:
Set the default shell as a link to an invalid shell.</para>
<para>
<command>ln -v -s /bin/false /usr/bin/proftpdshell</command>:
Set the default shell as a link to an invalid shell.
</para>
<para><command>echo /usr/bin/proftpdshell &gt;&gt;
/etc/shells</command>: Fake a valid shell for compatibility purposes.</para>
<para>
<command>echo /usr/bin/proftpdshell &gt;&gt; /etc/shells</command>:
Fake a valid shell for compatibility purposes.
</para>
<note>
<para>The above two commands can be omitted if the following directive is
placed in the configuration file:</para>
<para>
The above two commands can be omitted if the following directive is
placed in the configuration file:
</para>
<screen><literal>RequireValidShell off</literal></screen>
<para>By default, proftpd will require that users logging in have valid
shells. The RequireValidShell directive turns off this requirement. This
is only recommended if you are setting up your FTP server exclusively
for anonymous downloads.</para>
<para>
By default, proftpd will require that users logging in have valid
shells. The RequireValidShell directive turns off this requirement.
This is only recommended if you are setting up your FTP server
exclusively for anonymous downloads.
</para>
</note>
<note>
@ -165,7 +196,9 @@ cp -Rv doc/* /usr/share/doc/proftpd-&proftpd-version;</userinput></screen>
<sect3 id='proftpd-config'>
<title>Config Files</title>
<para><filename>/etc/proftpd.conf</filename></para>
<para>
<filename>/etc/proftpd.conf</filename>
</para>
<indexterm zone="proftpd proftpd-config">
<primary sortas="e-etc-proftpd">/etc/proftpd.conf</primary>
@ -176,11 +209,13 @@ cp -Rv doc/* /usr/share/doc/proftpd-&proftpd-version;</userinput></screen>
<sect3>
<title>Configuration Information</title>
<para>This is a simple, download-only sample configuration. See the
<application>ProFTPD</application> documentation in
<filename class="directory">/usr/share/doc/proftpd</filename> and
consult the website at <ulink url="http://www.proftpd.org/"/> for
example configurations.</para>
<para>
This is a simple, download-only sample configuration. See the
<application>ProFTPD</application> documentation in
<filename class="directory">/usr/share/doc/proftpd</filename> and
consult the website at <ulink url="http://www.proftpd.org/"/> for
example configurations.
</para>
<screen role="root"><?dbfo keep-together="auto"?><userinput>cat &gt; /etc/proftpd.conf &lt;&lt; "EOF"
<literal># This is a basic ProFTPD configuration file
@ -246,14 +281,16 @@ EOF</userinput></screen>
<title><phrase revision="sysv">Boot Script</phrase>
<phrase revision="systemd">Systemd Unit</phrase></title>
<para>Install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/proftpd</filename>
init script</phrase>
<phrase revision="systemd"><filename>proftpd.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/>
package.</para>
<para>
Install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/proftpd</filename>
init script</phrase>
<phrase revision="systemd"><filename>proftpd.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/>
package:
</para>
<indexterm zone="proftpd proftpd-init">
<primary sortas="f-proftpd">proftpd</primary>
@ -295,7 +332,9 @@ EOF</userinput></screen>
<varlistentry id="proftpd-prog">
<term><command>proftpd</command></term>
<listitem>
<para>is the FTP daemon.</para>
<para>
is the FTP daemon.
</para>
<indexterm zone="proftpd proftpd-prog">
<primary sortas="b-proftpd">proftpd</primary>
</indexterm>
@ -305,7 +344,9 @@ EOF</userinput></screen>
<varlistentry id="ftpcount">
<term><command>ftpcount</command></term>
<listitem>
<para>shows the current number of connections.</para>
<para>
shows the current number of connections.
</para>
<indexterm zone="proftpd ftpcount">
<primary sortas="b-ftpcount">ftpcount</primary>
</indexterm>
@ -315,7 +356,9 @@ EOF</userinput></screen>
<varlistentry id="ftpdctl">
<term><command>ftpdctl</command></term>
<listitem>
<para>is used to control the proftpd daemon while it is running.</para>
<para>
is used to control the proftpd daemon while it is running.
</para>
<indexterm zone="proftpd ftpdctl">
<primary sortas="b-ftpdctl">ftpdctl</primary>
</indexterm>
@ -325,8 +368,10 @@ EOF</userinput></screen>
<varlistentry id="ftpasswd">
<term><command>ftpasswd</command></term>
<listitem>
<para>is a Perl script designed to create and manage
AuthUserFiles and AuthGroupFiles of the correct format for proftpd.</para>
<para>
is a Perl script designed to create and manage
AuthUserFiles and AuthGroupFiles of the correct format for proftpd.
</para>
<indexterm zone="proftpd ftpasswd">
<primary sortas="b-ftpasswd">ftpasswd</primary>
</indexterm>
@ -336,7 +381,8 @@ EOF</userinput></screen>
<varlistentry id="ftpmail">
<term><command>ftpmail</command></term>
<listitem>
<para>is a Perl script for sending email based on the proftpd TransferLog.
<para>
is a Perl script for sending email based on the proftpd TransferLog.
</para>
<indexterm zone="proftpd ftpmail">
<primary sortas="b-ftpmail">ftpmail</primary>
@ -347,9 +393,11 @@ EOF</userinput></screen>
<varlistentry id="ftpquota">
<term><command>ftpquota</command></term>
<listitem>
<para>is a Perl script designed to create and manage limits and tally
files for the mod_quotatab + mod_quotatab_file module combination
for proftpd.</para>
<para>
is a Perl script designed to create and manage limits and tally
files for the mod_quotatab + mod_quotatab_file module combination
for proftpd.
</para>
<indexterm zone="proftpd ftpquota">
<primary sortas="b-ftpquota">ftpquota</primary>
</indexterm>
@ -359,7 +407,9 @@ EOF</userinput></screen>
<varlistentry id="ftpscrub">
<term><command>ftpscrub</command></term>
<listitem>
<para>provides a way to scrub the scoreboard file on demand.</para>
<para>
provides a way to scrub the scoreboard file on demand.
</para>
<indexterm zone="proftpd ftpscrub">
<primary sortas="b-ftpscrub">ftpscrub</primary>
</indexterm>
@ -369,8 +419,10 @@ EOF</userinput></screen>
<varlistentry id="ftpshut">
<term><command>ftpshut</command></term>
<listitem>
<para>shuts down all <application>proftpd</application> servers
at a given time.</para>
<para>
shuts down all <application>proftpd</application> servers
at a given time.
</para>
<indexterm zone="proftpd ftpshut">
<primary sortas="b-ftpshut">ftpshut</primary>
</indexterm>
@ -380,7 +432,9 @@ EOF</userinput></screen>
<varlistentry id="ftptop">
<term><command>ftptop</command></term>
<listitem>
<para>displays running status on connections.</para>
<para>
displays running status on connections.
</para>
<indexterm zone="proftpd ftptop">
<primary sortas="b-ftptop">ftptop</primary>
</indexterm>
@ -390,7 +444,9 @@ EOF</userinput></screen>
<varlistentry id="ftpwho">
<term><command>ftpwho</command></term>
<listitem>
<para>shows current process information for each session.</para>
<para>
shows current process information for each session.
</para>
<indexterm zone="proftpd ftpwho">
<primary sortas="b-ftpwho">ftpwho</primary>
</indexterm>
@ -400,9 +456,11 @@ EOF</userinput></screen>
<varlistentry id="prxs">
<term><command>prxs</command></term>
<listitem>
<para>is a Perl script designed to compile and install third-party
modules, from source code, as DSO modules for the installed
proftpd.</para>
<para>
is a Perl script designed to compile and install third-party
modules, from source code, as DSO modules for the installed
proftpd.
</para>
<indexterm zone="proftpd prxs">
<primary sortas="b-prxs">prxs</primary>
</indexterm>

196
server/major/vsftpd.xml
View File

@ -30,31 +30,45 @@
<sect2 role="package">
<title>Introduction to vsftpd</title>
<para>The <application>vsftpd</application> package contains a very
secure and very small FTP daemon. This is useful for serving files
over a network.</para>
<para>
The <application>vsftpd</application> package contains a very
secure and very small FTP daemon. This is useful for serving files
over a network.
</para>
&lfs91_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Download (HTTP): <ulink url="&vsftpd-download-http;"/></para>
<para>
Download (HTTP): <ulink url="&vsftpd-download-http;"/>
</para>
</listitem>
<listitem>
<para>Download (FTP): <ulink url="&vsftpd-download-ftp;"/></para>
<para>
Download (FTP): <ulink url="&vsftpd-download-ftp;"/>
</para>
</listitem>
<listitem>
<para>Download MD5 sum: &vsftpd-md5sum;</para>
<para>
Download MD5 sum: &vsftpd-md5sum;
</para>
</listitem>
<listitem>
<para>Download size: &vsftpd-size;</para>
<para>
Download size: &vsftpd-size;
</para>
</listitem>
<listitem>
<para>Estimated disk space required: &vsftpd-buildsize;</para>
<para>
Estimated disk space required: &vsftpd-buildsize;
</para>
</listitem>
<listitem>
<para>Estimated build time: &vsftpd-time;</para>
<para>
Estimated build time: &vsftpd-time;
</para>
</listitem>
</itemizedlist>
@ -79,11 +93,13 @@
<sect2 role="installation">
<title>Installation of vsftpd</title>
<para>For security reasons, running <application>vsftpd</application>
as an unprivileged user and group is encouraged. Also, a user should be
created to map anonymous users. As the <systemitem
class="username">root</systemitem> user, create the needed directories,
users, and groups with the following commands:</para>
<para>
For security reasons, running <application>vsftpd</application>
as an unprivileged user and group is encouraged. Also, a user should be
created to map anonymous users. As the <systemitem
class="username">root</systemitem> user, create the needed directories,
users, and groups with the following commands:
</para>
<screen role="root"><userinput>install -v -d -m 0755 &vsftpd-empty; &amp;&amp;
install -v -d -m 0755 /home/ftp &amp;&amp;
@ -92,22 +108,23 @@ groupadd -g 45 ftp &amp;&amp;
useradd -c "vsftpd User" -d /dev/null -g vsftpd -s /bin/false -u 47 vsftpd &amp;&amp;
useradd -c anonymous_user -d /home/ftp -g ftp -s /bin/false -u 45 ftp</userinput></screen>
<!--
<para>If you did not install the optional <application>libcap2</application> package,
run the following to avoid a build error:</para>
<screen><userinput>sed -i -e 's|#define VSF_SYSDEP_HAVE_LIBCAP|//&amp;|' sysdeputil.c</userinput></screen>-->
<para>Build <application>vsftpd</application> as an unprivileged user
using the following command:</para>
<para>
Build <application>vsftpd</application> as an unprivileged user
using the following command:
</para>
<screen><userinput>make</userinput></screen>
<para>This package does not come with a test suite.</para>
<para>
This package does not come with a test suite.
</para>
<para>Once again, become the <systemitem class="username">root</systemitem>
user and install <application>vsftpd</application> with the following
commands:</para>
<para>
Once again, become the <systemitem class="username">root</systemitem>
user and install <application>vsftpd</application> with the following
commands:
</para>
<screen role="root"><userinput>install -v -m 755 vsftpd /usr/sbin/vsftpd &amp;&amp;
install -v -m 644 vsftpd.8 /usr/share/man/man8 &amp;&amp;
@ -119,30 +136,40 @@ install -v -m 644 vsftpd.conf /etc</userinput></screen>
<sect2 role="commands">
<title>Command Explanations</title>
<para><command>install -v -d ...</command>: This creates the
directory that anonymous users will use (<filename
class='directory'>/home/ftp</filename>)
and the directory the daemon will chroot into
(<filename class='directory'>&vsftpd-empty;</filename>).</para>
<para>
<command>install -v -d ...</command>: This creates the
directory that anonymous users will use (<filename
class='directory'>/home/ftp</filename>)
and the directory the daemon will chroot into
(<filename class='directory'>&vsftpd-empty;</filename>).
</para>
<note>
<para><filename class="directory">/home/ftp</filename> should not be
owned by the user <systemitem class="username">vsftpd</systemitem>,
or the user <systemitem class="username">ftp</systemitem>.</para>
<para>
<filename class="directory">/home/ftp</filename> should not be
owned by the user <systemitem class="username">vsftpd</systemitem>,
or the user <systemitem class="username">ftp</systemitem>.
</para>
</note>
<para><command>echo "#define VSF_BUILD_TCPWRAPPERS" >>builddefs.h</command>:
Use this prior to <command>make</command> to add support for
<application>tcpwrappers</application>.</para>
<para>
<command>echo "#define VSF_BUILD_TCPWRAPPERS" >>builddefs.h</command>:
Use this prior to <command>make</command> to add support for
<application>tcpwrappers</application>.
</para>
<para><command>echo "#define VSF_BUILD_SSL" >>builddefs.h</command>:
Use this prior to <command>make</command> to add support for SSL.</para>
<para>
<command>echo "#define VSF_BUILD_SSL" >>builddefs.h</command>:
Use this prior to <command>make</command> to add support for SSL.
</para>
<para><command>install -v -m ...</command>:
The <filename>Makefile</filename> uses non-standard installation paths.
These commands install the files in
<filename class='directory'>/usr</filename> and
<filename class='directory'>/etc</filename>.</para>
<para>
<command>install -v -m ...</command>:
The <filename>Makefile</filename> uses non-standard installation paths.
These commands install the files in
<filename class='directory'>/usr</filename> and
<filename class='directory'>/etc</filename>.
</para>
</sect2>
@ -152,7 +179,9 @@ install -v -m 644 vsftpd.conf /etc</userinput></screen>
<sect3 id="vsftpd-config">
<title>Config Files</title>
<para><filename>/etc/vsftpd.conf</filename></para>
<para>
<filename>/etc/vsftpd.conf</filename>
</para>
<indexterm zone="vsftpd vsftpd-config">
<primary sortas="e-etc-vsftpd.conf">/etc/vsftpd.conf</primary>
@ -163,16 +192,17 @@ install -v -m 644 vsftpd.conf /etc</userinput></screen>
<sect3>
<title>Configuration Information</title>
<para><application>vsftpd</application> comes with a basic
anonymous-only configuration file that was copied to
<filename class='directory'>/etc</filename> above. While still as
<systemitem class="username">root</systemitem>, this file should be
modified because it is now recommended to run <command>vsftpd</command>
in standalone mode. <!-- as opposed to
<command>inetd</command>/<command>xinetd</command> mode. -->Also, you
should specify the privilege separation user created above. Finally,
you should specify the <command>chroot</command> directory.
<command>man vsftpd.conf</command> will give you all the details.</para>
<para>
<application>vsftpd</application> comes with a basic
anonymous-only configuration file that was copied to
<filename class='directory'>/etc</filename> above. While still as
<systemitem class="username">root</systemitem>, this file should be
modified because it is now recommended to run <command>vsftpd</command>
in standalone mode. Also, you
should specify the privilege separation user created above. Finally,
you should specify the <command>chroot</command> directory.
<command>man vsftpd.conf</command> will give you all the details.
</para>
<screen role="root"><userinput>cat &gt;&gt; /etc/vsftpd.conf &lt;&lt; "EOF"
<literal>background=YES
@ -182,32 +212,38 @@ secure_chroot_dir=&vsftpd-empty;</literal>
EOF</userinput></screen>
<!-- recheck this issue when vsftpd is updated -->
<para>The vsftpd daemon uses seccomp to improve security by default.
But it's known to cause vsftpd unable to handle ftp
<literal>LIST</literal> command with recent kernel versions. Append
a line to <filename>/etc/vsftpd.conf</filename> (as the
<systemitem class="username">root</systemitem> user) to disable
seccomp and workaround this issue:</para>
<para>
The vsftpd daemon uses seccomp to improve security by default.
But it's known to cause vsftpd unable to handle ftp
<literal>LIST</literal> command with recent kernel versions. Append
a line to <filename>/etc/vsftpd.conf</filename> (as the
<systemitem class="username">root</systemitem> user) to disable
seccomp and workaround this issue:
</para>
<screen role="root"><userinput>cat &gt;&gt; /etc/vsftpd.conf &lt;&lt; "EOF"
<literal>seccomp_sandbox=NO</literal>
EOF</userinput></screen>
<para>To enable local logins, append the following to the
<filename>/etc/vsftpd.conf</filename> file (as the
<systemitem class="username">root</systemitem> user):</para>
<para>
To enable local logins, append the following to the
<filename>/etc/vsftpd.conf</filename> file (as the
<systemitem class="username">root</systemitem> user):
</para>
<screen role="root"><userinput>cat &gt;&gt; /etc/vsftpd.conf &lt;&lt; "EOF"
<literal>local_enable=YES</literal>
EOF</userinput></screen>
<para>In addition, if using <application>Linux-PAM</application> and
<application>vsftpd</application> with local user logins, you will need
a <application>Linux-PAM</application> configuration file. As the
<systemitem class="username">root</systemitem> user, create the
<filename>/etc/pam.d/vsftpd</filename> file, and add the needed
configuration changes for <application>Linux-PAM</application> session
support using the following commands:</para>
<para>
In addition, if using <application>Linux-PAM</application> and
<application>vsftpd</application> with local user logins, you will need
a <application>Linux-PAM</application> configuration file. As the
<systemitem class="username">root</systemitem> user, create the
<filename>/etc/pam.d/vsftpd</filename> file, and add the needed
configuration changes for <application>Linux-PAM</application> session
support using the following commands:
</para>
<screen role="root"><userinput>cat &gt; /etc/pam.d/vsftpd &lt;&lt; "EOF" &amp;&amp;
<literal># Begin /etc/pam.d/vsftpd
@ -231,13 +267,15 @@ EOF</userinput></screen>
<title><phrase revision="sysv">Boot Script</phrase>
<phrase revision="systemd">Systemd Unit</phrase></title>
<para>Install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/vsftpd</filename> init
script</phrase>
<phrase revision="systemd"><filename>vsftpd.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.</para>
<para>
Install the
<phrase revision="sysv"><filename>/etc/rc.d/init.d/vsftpd</filename>
init script</phrase>
<phrase revision="systemd"><filename>vsftpd.service</filename>
unit</phrase> included in the
<xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<screen role="root"><userinput>make install-vsftpd</userinput></screen>
@ -268,7 +306,9 @@ EOF</userinput></screen>
<varlistentry id="vsftpd-prog">
<term><command>vsftpd</command></term>
<listitem>
<para>is the FTP daemon.</para>
<para>
is the FTP daemon.
</para>
<indexterm zone="vsftpd vsftpd-prog">
<primary sortas="b-vsftpd">vsftpd</primary>
</indexterm>

2
server/other/unbound.xml
View File

@ -242,7 +242,7 @@ install -v -m644 doc/html/* /usr/share/doc/unbound-&unbound-version;</userinput>
<phrase revision="systemd"><filename>unbound.service</filename>
unit</phrase> included
in the <xref linkend="bootscripts" revision="sysv"/>
<xref linkend="systemd-units" revision="systemd"/> package.
<xref linkend="systemd-units" revision="systemd"/> package:
</para>
<indexterm zone="unbound unbound-init">