Revise markup.
This commit is contained in:
parent
5cc415a9eb
commit
66f6e0e5df
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=162893
@ -33,24 +33,26 @@
|
|||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
.Nm snmp_hostres
|
.Nm snmp_hostres
|
||||||
.Nd "host resources module for snmpd.
|
.Nd host resources module for
|
||||||
|
.Xr bsnmpd 8
|
||||||
.Sh LIBRARY
|
.Sh LIBRARY
|
||||||
.Pq begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
|
.Pq begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
The
|
The
|
||||||
.Nm snmp_hostres
|
.Nm
|
||||||
module implements the HOST-RESOURCES-MIB as standardized in RFC 2790.
|
module implements the HOST-RESOURCES-MIB as standardized in RFC 2790.
|
||||||
.Sh RESTRICTIONS
|
.Sh RESTRICTIONS
|
||||||
Not all information in the MIB is meaningful in FreeBSD or is available.
|
Not all information in the MIB is meaningful in FreeBSD or is available.
|
||||||
The following variables are not implemented or carry no information:
|
The following variables are not implemented or carry no information:
|
||||||
.Bl -tag -width "XXXXXXXXX"
|
.Bl -tag -width indent
|
||||||
.It Va hrFSType
|
.It Va hrFSType
|
||||||
There are several types of file systems for which no appropriate OID
|
There are several types of file systems for which no appropriate OID
|
||||||
exists yet which are supported by FreeBSD.
|
exists yet which are supported by
|
||||||
For smbfs, procfs and devfs
|
.Fx .
|
||||||
|
For smbfs, procfs and devfs ,
|
||||||
.Va hrFSOther
|
.Va hrFSOther
|
||||||
is returned.
|
is returned.
|
||||||
In all other cases
|
In all other cases,
|
||||||
.Va hrFSUnknown .
|
.Va hrFSUnknown .
|
||||||
.It Va hrFSBootable
|
.It Va hrFSBootable
|
||||||
It is questionable what bootable means here.
|
It is questionable what bootable means here.
|
||||||
@ -59,17 +61,18 @@ or does it mean that there is something bootable?
|
|||||||
In either case this information is not available so this variable returns True
|
In either case this information is not available so this variable returns True
|
||||||
for the root file system (which is not necessarily correct) and False for
|
for the root file system (which is not necessarily correct) and False for
|
||||||
all others.
|
all others.
|
||||||
.It Va hrFSLastFullBackupDate
|
.It Va hrFSLastFullBackupDate , hrFSLastPartialBackupDate
|
||||||
.It Va hrFSLastPartialBackupDate
|
|
||||||
This is not available and always returns an empty string.
|
This is not available and always returns an empty string.
|
||||||
Theoretically this could be retrieved from /etc/dumpdates, which would
|
Theoretically, this could be retrieved from
|
||||||
|
.Pa /etc/dumpdates ,
|
||||||
|
which would
|
||||||
hardly be correct given the different ways of doing backups.
|
hardly be correct given the different ways of doing backups.
|
||||||
.It Va hrDiskStorageTable
|
.It Va hrDiskStorageTable
|
||||||
Floppy devices are currently not reported.
|
Floppy devices are currently not reported.
|
||||||
Also the names of the disks are hard-coded in the module.
|
Also the names of the disks are hard-coded in the module.
|
||||||
.El
|
.El
|
||||||
.Sh FILES
|
.Sh FILES
|
||||||
.Bl -tag -width "XXXXXXXXX"
|
.Bl -tag -width indent
|
||||||
.It Pa /usr/share/snmp/defs/hostres_tree.def
|
.It Pa /usr/share/snmp/defs/hostres_tree.def
|
||||||
The description of the MIB tree implemented by
|
The description of the MIB tree implemented by
|
||||||
.Nm .
|
.Nm .
|
||||||
@ -82,4 +85,4 @@ This is the MIB that is implemented by this module.
|
|||||||
.Xr gensnmptree 1 ,
|
.Xr gensnmptree 1 ,
|
||||||
.Xr snmpmod 3
|
.Xr snmpmod 3
|
||||||
.Sh AUTHORS
|
.Sh AUTHORS
|
||||||
.An Victor Cruceru Aq soc-victor@freebsd.org
|
.An Victor Cruceru Aq soc-victor@FreeBSD.org
|
||||||
|
@ -32,15 +32,17 @@
|
|||||||
.Nd "caching server daemon"
|
.Nd "caching server daemon"
|
||||||
.Sh SYNOPSIS
|
.Sh SYNOPSIS
|
||||||
.Nm
|
.Nm
|
||||||
.Op Fl nst
|
.Op Fl dnst
|
||||||
.Op Fl i Ar cachename
|
.Op Fl i Ar cachename
|
||||||
.Op Fl I Ar cachename
|
.Op Fl I Ar cachename
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
|
The
|
||||||
.Nm
|
.Nm
|
||||||
|
utility
|
||||||
is the system caching daemon.
|
is the system caching daemon.
|
||||||
It can cache almost all types of data and is basically intended to be used
|
It can cache almost all types of data and is basically intended to be used
|
||||||
with the
|
with the
|
||||||
.Pa nsswitch
|
.Nm nsswitch
|
||||||
subsystem.
|
subsystem.
|
||||||
The cache is actually per-user.
|
The cache is actually per-user.
|
||||||
This means that each user can work only with the
|
This means that each user can work only with the
|
||||||
@ -49,19 +51,19 @@ cache of other users.
|
|||||||
The
|
The
|
||||||
.Nm
|
.Nm
|
||||||
utility supports two types of caching:
|
utility supports two types of caching:
|
||||||
.Bl -tag -width Pair
|
.Bl -tag -width ".Sy Type"
|
||||||
.It Sy Type
|
.It Sy Type
|
||||||
.Sy Description
|
.Sy Description
|
||||||
.It Common caching
|
.It Common caching
|
||||||
Each cached element is the the key+value pair.
|
Each cached element is the key+value pair.
|
||||||
This type of caching supports policies which are applied when maximum
|
This type of caching supports policies which are applied when maximum
|
||||||
number of cached elements is exceeded.
|
number of cached elements is exceeded.
|
||||||
Three policies are available:
|
Three policies are available:
|
||||||
.Pa FIFO
|
.Cm FIFO
|
||||||
(first in - first out),
|
(first in - first out),
|
||||||
.Pa LRU
|
.Cm LRU
|
||||||
(least recently used) and
|
(least recently used) and
|
||||||
.Pa LFU
|
.Cm LFU
|
||||||
(least frequently used).
|
(least frequently used).
|
||||||
This type of caching is used with the
|
This type of caching is used with the
|
||||||
.Fn getXXXbyname
|
.Fn getXXXbyname
|
||||||
@ -77,24 +79,26 @@ The
|
|||||||
.Nm
|
.Nm
|
||||||
utility is able not only to cache elements, but to perform the actual nsswitch
|
utility is able not only to cache elements, but to perform the actual nsswitch
|
||||||
lookups by itself.
|
lookups by itself.
|
||||||
To enable this feature use the
|
To enable this feature, use the
|
||||||
.Pa perform-actual-lookups
|
.Va perform-actual-lookups
|
||||||
parameter in the
|
parameter in
|
||||||
.Xr cached.conf 5
|
.Xr cached.conf 5 .
|
||||||
.Pp
|
.Pp
|
||||||
The
|
The
|
||||||
.Nm
|
.Nm
|
||||||
utility recognizes the following runtime options:
|
utility recognizes the following runtime options:
|
||||||
.Bl -tag -width indent
|
.Bl -tag -width indent
|
||||||
|
.\" .It Fl d
|
||||||
|
.\" XXX Document me!
|
||||||
.It Fl n
|
.It Fl n
|
||||||
Do not daemonize.
|
Do not daemonize;
|
||||||
.Nm
|
.Nm
|
||||||
will not fork or disconnect itself from the terminal.
|
will not fork or disconnect itself from the terminal.
|
||||||
.It Fl s
|
.It Fl s
|
||||||
Single-threaded mode.
|
Single-threaded mode.
|
||||||
Forces using only one thread for all processing purposes (it overrides
|
Forces using only one thread for all processing purposes (it overrides
|
||||||
the
|
the
|
||||||
.Pa threads
|
.Va threads
|
||||||
parameter in the
|
parameter in the
|
||||||
.Xr cached.conf 5
|
.Xr cached.conf 5
|
||||||
file).
|
file).
|
||||||
@ -116,16 +120,17 @@ It asks the already running
|
|||||||
to invalidate the specified part of the cache of the
|
to invalidate the specified part of the cache of the
|
||||||
calling user.
|
calling user.
|
||||||
For example, sometimes you may want to invalidate your
|
For example, sometimes you may want to invalidate your
|
||||||
.Pa hosts
|
.Dq Li hosts
|
||||||
cache.
|
cache.
|
||||||
You can specify
|
You can specify
|
||||||
.Pa all
|
.Dq Li all
|
||||||
as the
|
as the
|
||||||
.Pa cachename
|
.Ar cachename
|
||||||
to invalidate your personal cache as a whole.
|
to invalidate your personal cache as a whole.
|
||||||
You cannot use this option for the cachename, for which
|
You cannot use this option for the
|
||||||
the
|
.Ar cachename
|
||||||
.Pa perform-actual-lookups
|
for which the
|
||||||
|
.Va perform-actual-lookups
|
||||||
option is enabled.
|
option is enabled.
|
||||||
.It Fl I Ar cachename
|
.It Fl I Ar cachename
|
||||||
Invalidates the cache for every user.
|
Invalidates the cache for every user.
|
||||||
@ -138,14 +143,14 @@ running
|
|||||||
to invalidate the specified part of the cache for
|
to invalidate the specified part of the cache for
|
||||||
every user.
|
every user.
|
||||||
You can specify
|
You can specify
|
||||||
.Pa all
|
.Dq Li all
|
||||||
as the
|
as the
|
||||||
.Pa cachename
|
.Ar cachename
|
||||||
to invalidate the whole cache.
|
to invalidate the whole cache.
|
||||||
Only the root can use this option.
|
Only the root can use this option.
|
||||||
.El
|
.El
|
||||||
.Sh FILES
|
.Sh FILES
|
||||||
.Bl -tag -width /etc/cached.conf -compact
|
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||||
.It Pa /etc/cached.conf
|
.It Pa /etc/cached.conf
|
||||||
The default configuration file.
|
The default configuration file.
|
||||||
.El
|
.El
|
||||||
@ -153,8 +158,8 @@ The default configuration file.
|
|||||||
.Xr nsdispatch 3 ,
|
.Xr nsdispatch 3 ,
|
||||||
.Xr cached.conf 5 ,
|
.Xr cached.conf 5 ,
|
||||||
.Xr nsswitch.conf 5
|
.Xr nsswitch.conf 5
|
||||||
.Sh "AUTHORS"
|
.Sh AUTHORS
|
||||||
.An Michael Bushkov Aq bushman@rsu.ru
|
.An Michael Bushkov Aq bushman@rsu.ru
|
||||||
.Sh "BUGS"
|
.Sh BUGS
|
||||||
To report bugs or suggestions please mail me:
|
Please send bug reports and suggestions to
|
||||||
.Aq bushman@rsu.ru
|
.Aq bushman@rsu.ru .
|
||||||
|
@ -29,81 +29,120 @@
|
|||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
.Nm cached.conf
|
.Nm cached.conf
|
||||||
.Nd "caching daemon configuration file manual page"
|
.Nd "caching daemon configuration file"
|
||||||
.Sh "DESCRIPTION"
|
.Sh DESCRIPTION
|
||||||
|
The
|
||||||
.Nm
|
.Nm
|
||||||
|
file
|
||||||
is used by the
|
is used by the
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
daemon and is read on its startup.
|
daemon and is read on its startup.
|
||||||
Its syntax is mostly similar to the nscd.conf syntax in Linux and Solaris.
|
Its syntax is mostly similar to the
|
||||||
It has some differences, though - see them below.
|
.Pa nscd.conf
|
||||||
|
syntax in
|
||||||
|
.Tn Linux
|
||||||
|
and
|
||||||
|
.Tn Solaris .
|
||||||
|
It has some differences, though \[em] see them below.
|
||||||
.Pp
|
.Pp
|
||||||
Each line specifies either an attribute and a value, or an attribute,
|
Each line specifies either an attribute and a
|
||||||
a cachename and a value.
|
.Ar value ,
|
||||||
Usual cachenames are passwd, groups, hosts, services, protocols and rpc.
|
or an attribute, a
|
||||||
You can also use any other cachename (for example, if some third-party
|
.Ar cachename
|
||||||
|
and a
|
||||||
|
.Ar value .
|
||||||
|
Usual cachenames are
|
||||||
|
.Dq Li passwd ,
|
||||||
|
.Dq Li groups ,
|
||||||
|
.Dq Li hosts ,
|
||||||
|
.Dq Li services ,
|
||||||
|
.Dq Li protocols
|
||||||
|
and
|
||||||
|
.Dq Li rpc .
|
||||||
|
You can also use any other
|
||||||
|
.Ar cachename
|
||||||
|
(for example, if some third-party
|
||||||
application uses nsswitch).
|
application uses nsswitch).
|
||||||
.Pp
|
.Bl -tag -width indent
|
||||||
.Bl -tag -width Pair
|
.It Va threads Op Ar value
|
||||||
.It Sy threads [value]
|
|
||||||
Number of threads, which would listen for connections and process requests.
|
Number of threads, which would listen for connections and process requests.
|
||||||
The minimum is 1.
|
The minimum is 1.
|
||||||
The default value is 8.
|
The default value is 8.
|
||||||
.It Sy enable-cache [cachename] [yes|no]
|
.It Va enable-cache Oo Ar cachename Oc Op Cm yes | no
|
||||||
Enables or disables the cache for specified cachename.
|
Enables or disables the cache for specified
|
||||||
.It Sy positive-time-to-live [cachename] [value]
|
.Ar cachename .
|
||||||
|
.It Va positive-time-to-live Oo Ar cachename Oc Op Ar value
|
||||||
Sets the TTL (time-to-live) for the specified cache in seconds.
|
Sets the TTL (time-to-live) for the specified cache in seconds.
|
||||||
Larger values can increase system's performance, but they also can affect
|
Larger values can increase system's performance, but they also can affect
|
||||||
the cache coherence.
|
the cache coherence.
|
||||||
The default value is 3600.
|
The default value is 3600.
|
||||||
.It Sy positive-policy [cachename] [fifo|lru|lfu]
|
.It Va positive-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||||
The policy that is applied to erase some of the cache elements, when the
|
The policy that is applied to erase some of the cache elements, when the
|
||||||
size limit of the given cachename is exceeded.
|
size limit of the given
|
||||||
Possible policies are: fifo (first-in-first-out), lru (least-recently-used),
|
.Ar cachename
|
||||||
lfu (least-frequently-used).
|
is exceeded.
|
||||||
The default policy is lru.
|
Possible policies are:
|
||||||
.It Sy negative-time-to-live [cachename] [value]
|
.Cm fifo
|
||||||
|
(first-in-first-out),
|
||||||
|
.Cm lru
|
||||||
|
(least-recently-used), and
|
||||||
|
.Cm lfu
|
||||||
|
(least-frequently-used).
|
||||||
|
The default policy is
|
||||||
|
.Cm lru .
|
||||||
|
.It Va negative-time-to-live Oo Ar cachename Oc Op Ar value
|
||||||
The TTL of the negative cached elements in seconds.
|
The TTL of the negative cached elements in seconds.
|
||||||
The larger values can significantly increase system performance in some
|
The larger values can significantly increase system performance in some
|
||||||
environments (when dealing with files with UIDs, which are not in system
|
environments (when dealing with files with UIDs, which are not in system
|
||||||
databases, for example).
|
databases, for example).
|
||||||
This number should be kept low to avoid the cache coherence problems.
|
This number should be kept low to avoid the cache coherence problems.
|
||||||
The default value is 60.
|
The default value is 60.
|
||||||
.It Sy negative-policy [cachename] [fifo|lru|lfu]
|
.It Va negative-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||||
The same as the positive-policy, but this one is applied to the negative
|
The same as the positive-policy, but this one is applied to the negative
|
||||||
elements of the given cachename.
|
elements of the given
|
||||||
|
.Ar cachename .
|
||||||
The default policy is fifo.
|
The default policy is fifo.
|
||||||
.It Sy suggested-size [cachename] [value]
|
.It Va suggested-size Oo Ar cachename Oc Op Ar value
|
||||||
This is the internal hash table size.
|
This is the internal hash table size.
|
||||||
The value should be a prime number for optimum performance.
|
The value should be a prime number for optimum performance.
|
||||||
You should only change this value when the number of cached elements is
|
You should only change this value when the number of cached elements is
|
||||||
significantly (in 5-10 times) greater then the default hash table size (255).
|
significantly (in 5-10 times) greater then the default hash table size (255).
|
||||||
.It Sy keep-hot-count [cachename] [value]
|
.It Va keep-hot-count Oo Ar cachename Oc Op Ar value
|
||||||
The size limit of the cache with the given cachename.
|
The size limit of the cache with the given
|
||||||
|
.Ar cachename .
|
||||||
When it is exceeded, the policy will be applied.
|
When it is exceeded, the policy will be applied.
|
||||||
The default value is 2048.
|
The default value is 2048.
|
||||||
.It Sy perform-actual-lookups [cachename] [yes|no]
|
.It Va perform-actual-lookups Oo Ar cachename Oc Op Cm yes | no
|
||||||
If enabled, the
|
If enabled, the
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
does not simply receive and cache the NSS-requests results, but performs
|
does not simply receive and cache the NSS-requests results, but performs
|
||||||
all the lookups by itself and only returns the responses.
|
all the lookups by itself and only returns the responses.
|
||||||
If this feature is enabled, then for the given cachename
|
If this feature is enabled, then for the given
|
||||||
|
.Ar cachename
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
will act similarly to the NSCD.
|
will act similarly to the NSCD.
|
||||||
.Pp
|
.Pp
|
||||||
.Pa NOTE:
|
.Sy NOTE :
|
||||||
this feature is currently experimental - it supports only passwd, groups and
|
this feature is currently experimental \[em] it supports only
|
||||||
services cachenames.
|
.Dq Li passwd ,
|
||||||
|
.Dq Li groups
|
||||||
|
and
|
||||||
|
.Dq Li services
|
||||||
|
cachenames.
|
||||||
.El
|
.El
|
||||||
.Sh "NOTES"
|
.Sh NOTES
|
||||||
You can use
|
You can use the
|
||||||
.Sq #
|
.Ql #
|
||||||
symbol at the beginning of the line for comments.
|
symbol at the beginning of the line for comments.
|
||||||
.Sh "SEE ALSO"
|
.Sh FILES
|
||||||
|
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||||
|
.It Pa /etc/cached.conf
|
||||||
|
.El
|
||||||
|
.Sh SEE ALSO
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
.Sh "AUTHORS"
|
.Sh AUTHORS
|
||||||
Michael Bushkov
|
.An Michael Bushkov
|
||||||
.Aq bushman@rsu.ru
|
|
||||||
.Sh "BUGS"
|
|
||||||
To report bugs or suggestions please mail me
|
|
||||||
.Aq bushman@rsu.ru
|
.Aq bushman@rsu.ru
|
||||||
|
.Sh BUGS
|
||||||
|
Please send bug reports and suggestions to
|
||||||
|
.Aq bushman@rsu.ru .
|
||||||
|
@ -54,11 +54,13 @@ The packets are then dropped unless
|
|||||||
is used.
|
is used.
|
||||||
.Pp
|
.Pp
|
||||||
The options are as follows:
|
The options are as follows:
|
||||||
.Bl -tag -width Ds
|
.Bl -tag -width indent
|
||||||
.It Fl d
|
.It Fl d
|
||||||
Turns on extra debugging messages.
|
Turns on extra debugging messages.
|
||||||
.It Fl r
|
.It Fl r
|
||||||
Writes packets back to the divert socket.
|
Writes packets back to the
|
||||||
|
.Xr divert 4
|
||||||
|
socket.
|
||||||
.It Fl rr
|
.It Fl rr
|
||||||
Indicates that it is okay to quit if
|
Indicates that it is okay to quit if
|
||||||
.Ar maxbytes
|
.Ar maxbytes
|
||||||
@ -66,7 +68,8 @@ or
|
|||||||
.Ar maxpkts
|
.Ar maxpkts
|
||||||
are reached.
|
are reached.
|
||||||
Diverted packets will silently disappear if nothing is listening on the
|
Diverted packets will silently disappear if nothing is listening on the
|
||||||
divert socket.
|
.Xr divert 4
|
||||||
|
socket.
|
||||||
.It Fl b Ar maxbytes
|
.It Fl b Ar maxbytes
|
||||||
Stop dumping after
|
Stop dumping after
|
||||||
.Ar maxbytes
|
.Ar maxbytes
|
||||||
@ -90,23 +93,23 @@ The
|
|||||||
.Ar dumpfile
|
.Ar dumpfile
|
||||||
argument is the path to the file to write captured packets to.
|
argument is the path to the file to write captured packets to.
|
||||||
Specify
|
Specify
|
||||||
.Sq Li -
|
.Sq Fl
|
||||||
to write to stdout.
|
to write to stdout.
|
||||||
.Sh EXIT STATUS
|
.Sh EXIT STATUS
|
||||||
.Ex -std
|
.Ex -std
|
||||||
.Sh EXAMPLES
|
.Sh EXAMPLES
|
||||||
.Dl ipfwpcap -r 8091 divt.log &
|
.Dl "ipfwpcap -r 8091 divt.log &"
|
||||||
.Pp
|
.Pp
|
||||||
Starts
|
Starts
|
||||||
.Nm
|
.Nm
|
||||||
as a background job listening to port 8091 and reflecting the packets
|
as a background job listening to port 8091 and reflecting the packets
|
||||||
back to the socket.
|
back to the socket.
|
||||||
.Pp
|
.Pp
|
||||||
.Dl ipfw add 2864 divert 8091 ip from 192.168.1.101
|
.Dl "ipfw add 2864 divert 8091 ip from 192.0.2.101"
|
||||||
.Pp
|
.Pp
|
||||||
Example
|
Example
|
||||||
.Xr ipfw 8
|
.Xr ipfw 8
|
||||||
rule to divert all packets from 192.168.1.101 to port 8091.
|
rule to divert all packets from 192.0.2.101 to port 8091.
|
||||||
See
|
See
|
||||||
.Xr ipfw 8
|
.Xr ipfw 8
|
||||||
for details.
|
for details.
|
||||||
|
@ -32,15 +32,17 @@
|
|||||||
.Nd "caching server daemon"
|
.Nd "caching server daemon"
|
||||||
.Sh SYNOPSIS
|
.Sh SYNOPSIS
|
||||||
.Nm
|
.Nm
|
||||||
.Op Fl nst
|
.Op Fl dnst
|
||||||
.Op Fl i Ar cachename
|
.Op Fl i Ar cachename
|
||||||
.Op Fl I Ar cachename
|
.Op Fl I Ar cachename
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
|
The
|
||||||
.Nm
|
.Nm
|
||||||
|
utility
|
||||||
is the system caching daemon.
|
is the system caching daemon.
|
||||||
It can cache almost all types of data and is basically intended to be used
|
It can cache almost all types of data and is basically intended to be used
|
||||||
with the
|
with the
|
||||||
.Pa nsswitch
|
.Nm nsswitch
|
||||||
subsystem.
|
subsystem.
|
||||||
The cache is actually per-user.
|
The cache is actually per-user.
|
||||||
This means that each user can work only with the
|
This means that each user can work only with the
|
||||||
@ -49,19 +51,19 @@ cache of other users.
|
|||||||
The
|
The
|
||||||
.Nm
|
.Nm
|
||||||
utility supports two types of caching:
|
utility supports two types of caching:
|
||||||
.Bl -tag -width Pair
|
.Bl -tag -width ".Sy Type"
|
||||||
.It Sy Type
|
.It Sy Type
|
||||||
.Sy Description
|
.Sy Description
|
||||||
.It Common caching
|
.It Common caching
|
||||||
Each cached element is the the key+value pair.
|
Each cached element is the key+value pair.
|
||||||
This type of caching supports policies which are applied when maximum
|
This type of caching supports policies which are applied when maximum
|
||||||
number of cached elements is exceeded.
|
number of cached elements is exceeded.
|
||||||
Three policies are available:
|
Three policies are available:
|
||||||
.Pa FIFO
|
.Cm FIFO
|
||||||
(first in - first out),
|
(first in - first out),
|
||||||
.Pa LRU
|
.Cm LRU
|
||||||
(least recently used) and
|
(least recently used) and
|
||||||
.Pa LFU
|
.Cm LFU
|
||||||
(least frequently used).
|
(least frequently used).
|
||||||
This type of caching is used with the
|
This type of caching is used with the
|
||||||
.Fn getXXXbyname
|
.Fn getXXXbyname
|
||||||
@ -77,24 +79,26 @@ The
|
|||||||
.Nm
|
.Nm
|
||||||
utility is able not only to cache elements, but to perform the actual nsswitch
|
utility is able not only to cache elements, but to perform the actual nsswitch
|
||||||
lookups by itself.
|
lookups by itself.
|
||||||
To enable this feature use the
|
To enable this feature, use the
|
||||||
.Pa perform-actual-lookups
|
.Va perform-actual-lookups
|
||||||
parameter in the
|
parameter in
|
||||||
.Xr cached.conf 5
|
.Xr cached.conf 5 .
|
||||||
.Pp
|
.Pp
|
||||||
The
|
The
|
||||||
.Nm
|
.Nm
|
||||||
utility recognizes the following runtime options:
|
utility recognizes the following runtime options:
|
||||||
.Bl -tag -width indent
|
.Bl -tag -width indent
|
||||||
|
.\" .It Fl d
|
||||||
|
.\" XXX Document me!
|
||||||
.It Fl n
|
.It Fl n
|
||||||
Do not daemonize.
|
Do not daemonize;
|
||||||
.Nm
|
.Nm
|
||||||
will not fork or disconnect itself from the terminal.
|
will not fork or disconnect itself from the terminal.
|
||||||
.It Fl s
|
.It Fl s
|
||||||
Single-threaded mode.
|
Single-threaded mode.
|
||||||
Forces using only one thread for all processing purposes (it overrides
|
Forces using only one thread for all processing purposes (it overrides
|
||||||
the
|
the
|
||||||
.Pa threads
|
.Va threads
|
||||||
parameter in the
|
parameter in the
|
||||||
.Xr cached.conf 5
|
.Xr cached.conf 5
|
||||||
file).
|
file).
|
||||||
@ -116,16 +120,17 @@ It asks the already running
|
|||||||
to invalidate the specified part of the cache of the
|
to invalidate the specified part of the cache of the
|
||||||
calling user.
|
calling user.
|
||||||
For example, sometimes you may want to invalidate your
|
For example, sometimes you may want to invalidate your
|
||||||
.Pa hosts
|
.Dq Li hosts
|
||||||
cache.
|
cache.
|
||||||
You can specify
|
You can specify
|
||||||
.Pa all
|
.Dq Li all
|
||||||
as the
|
as the
|
||||||
.Pa cachename
|
.Ar cachename
|
||||||
to invalidate your personal cache as a whole.
|
to invalidate your personal cache as a whole.
|
||||||
You cannot use this option for the cachename, for which
|
You cannot use this option for the
|
||||||
the
|
.Ar cachename
|
||||||
.Pa perform-actual-lookups
|
for which the
|
||||||
|
.Va perform-actual-lookups
|
||||||
option is enabled.
|
option is enabled.
|
||||||
.It Fl I Ar cachename
|
.It Fl I Ar cachename
|
||||||
Invalidates the cache for every user.
|
Invalidates the cache for every user.
|
||||||
@ -138,14 +143,14 @@ running
|
|||||||
to invalidate the specified part of the cache for
|
to invalidate the specified part of the cache for
|
||||||
every user.
|
every user.
|
||||||
You can specify
|
You can specify
|
||||||
.Pa all
|
.Dq Li all
|
||||||
as the
|
as the
|
||||||
.Pa cachename
|
.Ar cachename
|
||||||
to invalidate the whole cache.
|
to invalidate the whole cache.
|
||||||
Only the root can use this option.
|
Only the root can use this option.
|
||||||
.El
|
.El
|
||||||
.Sh FILES
|
.Sh FILES
|
||||||
.Bl -tag -width /etc/cached.conf -compact
|
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||||
.It Pa /etc/cached.conf
|
.It Pa /etc/cached.conf
|
||||||
The default configuration file.
|
The default configuration file.
|
||||||
.El
|
.El
|
||||||
@ -153,8 +158,8 @@ The default configuration file.
|
|||||||
.Xr nsdispatch 3 ,
|
.Xr nsdispatch 3 ,
|
||||||
.Xr cached.conf 5 ,
|
.Xr cached.conf 5 ,
|
||||||
.Xr nsswitch.conf 5
|
.Xr nsswitch.conf 5
|
||||||
.Sh "AUTHORS"
|
.Sh AUTHORS
|
||||||
.An Michael Bushkov Aq bushman@rsu.ru
|
.An Michael Bushkov Aq bushman@rsu.ru
|
||||||
.Sh "BUGS"
|
.Sh BUGS
|
||||||
To report bugs or suggestions please mail me:
|
Please send bug reports and suggestions to
|
||||||
.Aq bushman@rsu.ru
|
.Aq bushman@rsu.ru .
|
||||||
|
@ -29,81 +29,120 @@
|
|||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
.Nm cached.conf
|
.Nm cached.conf
|
||||||
.Nd "caching daemon configuration file manual page"
|
.Nd "caching daemon configuration file"
|
||||||
.Sh "DESCRIPTION"
|
.Sh DESCRIPTION
|
||||||
|
The
|
||||||
.Nm
|
.Nm
|
||||||
|
file
|
||||||
is used by the
|
is used by the
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
daemon and is read on its startup.
|
daemon and is read on its startup.
|
||||||
Its syntax is mostly similar to the nscd.conf syntax in Linux and Solaris.
|
Its syntax is mostly similar to the
|
||||||
It has some differences, though - see them below.
|
.Pa nscd.conf
|
||||||
|
syntax in
|
||||||
|
.Tn Linux
|
||||||
|
and
|
||||||
|
.Tn Solaris .
|
||||||
|
It has some differences, though \[em] see them below.
|
||||||
.Pp
|
.Pp
|
||||||
Each line specifies either an attribute and a value, or an attribute,
|
Each line specifies either an attribute and a
|
||||||
a cachename and a value.
|
.Ar value ,
|
||||||
Usual cachenames are passwd, groups, hosts, services, protocols and rpc.
|
or an attribute, a
|
||||||
You can also use any other cachename (for example, if some third-party
|
.Ar cachename
|
||||||
|
and a
|
||||||
|
.Ar value .
|
||||||
|
Usual cachenames are
|
||||||
|
.Dq Li passwd ,
|
||||||
|
.Dq Li groups ,
|
||||||
|
.Dq Li hosts ,
|
||||||
|
.Dq Li services ,
|
||||||
|
.Dq Li protocols
|
||||||
|
and
|
||||||
|
.Dq Li rpc .
|
||||||
|
You can also use any other
|
||||||
|
.Ar cachename
|
||||||
|
(for example, if some third-party
|
||||||
application uses nsswitch).
|
application uses nsswitch).
|
||||||
.Pp
|
.Bl -tag -width indent
|
||||||
.Bl -tag -width Pair
|
.It Va threads Op Ar value
|
||||||
.It Sy threads [value]
|
|
||||||
Number of threads, which would listen for connections and process requests.
|
Number of threads, which would listen for connections and process requests.
|
||||||
The minimum is 1.
|
The minimum is 1.
|
||||||
The default value is 8.
|
The default value is 8.
|
||||||
.It Sy enable-cache [cachename] [yes|no]
|
.It Va enable-cache Oo Ar cachename Oc Op Cm yes | no
|
||||||
Enables or disables the cache for specified cachename.
|
Enables or disables the cache for specified
|
||||||
.It Sy positive-time-to-live [cachename] [value]
|
.Ar cachename .
|
||||||
|
.It Va positive-time-to-live Oo Ar cachename Oc Op Ar value
|
||||||
Sets the TTL (time-to-live) for the specified cache in seconds.
|
Sets the TTL (time-to-live) for the specified cache in seconds.
|
||||||
Larger values can increase system's performance, but they also can affect
|
Larger values can increase system's performance, but they also can affect
|
||||||
the cache coherence.
|
the cache coherence.
|
||||||
The default value is 3600.
|
The default value is 3600.
|
||||||
.It Sy positive-policy [cachename] [fifo|lru|lfu]
|
.It Va positive-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||||
The policy that is applied to erase some of the cache elements, when the
|
The policy that is applied to erase some of the cache elements, when the
|
||||||
size limit of the given cachename is exceeded.
|
size limit of the given
|
||||||
Possible policies are: fifo (first-in-first-out), lru (least-recently-used),
|
.Ar cachename
|
||||||
lfu (least-frequently-used).
|
is exceeded.
|
||||||
The default policy is lru.
|
Possible policies are:
|
||||||
.It Sy negative-time-to-live [cachename] [value]
|
.Cm fifo
|
||||||
|
(first-in-first-out),
|
||||||
|
.Cm lru
|
||||||
|
(least-recently-used), and
|
||||||
|
.Cm lfu
|
||||||
|
(least-frequently-used).
|
||||||
|
The default policy is
|
||||||
|
.Cm lru .
|
||||||
|
.It Va negative-time-to-live Oo Ar cachename Oc Op Ar value
|
||||||
The TTL of the negative cached elements in seconds.
|
The TTL of the negative cached elements in seconds.
|
||||||
The larger values can significantly increase system performance in some
|
The larger values can significantly increase system performance in some
|
||||||
environments (when dealing with files with UIDs, which are not in system
|
environments (when dealing with files with UIDs, which are not in system
|
||||||
databases, for example).
|
databases, for example).
|
||||||
This number should be kept low to avoid the cache coherence problems.
|
This number should be kept low to avoid the cache coherence problems.
|
||||||
The default value is 60.
|
The default value is 60.
|
||||||
.It Sy negative-policy [cachename] [fifo|lru|lfu]
|
.It Va negative-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||||
The same as the positive-policy, but this one is applied to the negative
|
The same as the positive-policy, but this one is applied to the negative
|
||||||
elements of the given cachename.
|
elements of the given
|
||||||
|
.Ar cachename .
|
||||||
The default policy is fifo.
|
The default policy is fifo.
|
||||||
.It Sy suggested-size [cachename] [value]
|
.It Va suggested-size Oo Ar cachename Oc Op Ar value
|
||||||
This is the internal hash table size.
|
This is the internal hash table size.
|
||||||
The value should be a prime number for optimum performance.
|
The value should be a prime number for optimum performance.
|
||||||
You should only change this value when the number of cached elements is
|
You should only change this value when the number of cached elements is
|
||||||
significantly (in 5-10 times) greater then the default hash table size (255).
|
significantly (in 5-10 times) greater then the default hash table size (255).
|
||||||
.It Sy keep-hot-count [cachename] [value]
|
.It Va keep-hot-count Oo Ar cachename Oc Op Ar value
|
||||||
The size limit of the cache with the given cachename.
|
The size limit of the cache with the given
|
||||||
|
.Ar cachename .
|
||||||
When it is exceeded, the policy will be applied.
|
When it is exceeded, the policy will be applied.
|
||||||
The default value is 2048.
|
The default value is 2048.
|
||||||
.It Sy perform-actual-lookups [cachename] [yes|no]
|
.It Va perform-actual-lookups Oo Ar cachename Oc Op Cm yes | no
|
||||||
If enabled, the
|
If enabled, the
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
does not simply receive and cache the NSS-requests results, but performs
|
does not simply receive and cache the NSS-requests results, but performs
|
||||||
all the lookups by itself and only returns the responses.
|
all the lookups by itself and only returns the responses.
|
||||||
If this feature is enabled, then for the given cachename
|
If this feature is enabled, then for the given
|
||||||
|
.Ar cachename
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
will act similarly to the NSCD.
|
will act similarly to the NSCD.
|
||||||
.Pp
|
.Pp
|
||||||
.Pa NOTE:
|
.Sy NOTE :
|
||||||
this feature is currently experimental - it supports only passwd, groups and
|
this feature is currently experimental \[em] it supports only
|
||||||
services cachenames.
|
.Dq Li passwd ,
|
||||||
|
.Dq Li groups
|
||||||
|
and
|
||||||
|
.Dq Li services
|
||||||
|
cachenames.
|
||||||
.El
|
.El
|
||||||
.Sh "NOTES"
|
.Sh NOTES
|
||||||
You can use
|
You can use the
|
||||||
.Sq #
|
.Ql #
|
||||||
symbol at the beginning of the line for comments.
|
symbol at the beginning of the line for comments.
|
||||||
.Sh "SEE ALSO"
|
.Sh FILES
|
||||||
|
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||||
|
.It Pa /etc/cached.conf
|
||||||
|
.El
|
||||||
|
.Sh SEE ALSO
|
||||||
.Xr cached 8
|
.Xr cached 8
|
||||||
.Sh "AUTHORS"
|
.Sh AUTHORS
|
||||||
Michael Bushkov
|
.An Michael Bushkov
|
||||||
.Aq bushman@rsu.ru
|
|
||||||
.Sh "BUGS"
|
|
||||||
To report bugs or suggestions please mail me
|
|
||||||
.Aq bushman@rsu.ru
|
.Aq bushman@rsu.ru
|
||||||
|
.Sh BUGS
|
||||||
|
Please send bug reports and suggestions to
|
||||||
|
.Aq bushman@rsu.ru .
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.\"
|
.\"
|
||||||
.Dd May 17, 2006
|
.Dd May 17, 2006
|
||||||
.Dt NTP-KEYGEN. 8
|
.Dt NTP-KEYGEN 8
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
.Nm ntp-keygen
|
.Nm ntp-keygen
|
||||||
@ -10,27 +10,28 @@
|
|||||||
.Sh SYNOPSIS
|
.Sh SYNOPSIS
|
||||||
.Nm
|
.Nm
|
||||||
.Op Fl deGgHIMnPT
|
.Op Fl deGgHIMnPT
|
||||||
.Op Fl c Oo Cm RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 Oc
|
.Op Fl c Ar scheme
|
||||||
.Op Fl i Ar name
|
.Op Fl i Ar name
|
||||||
.Op Fl p Ar password
|
.Op Fl p Ar password
|
||||||
.Op Fl S Oo Cm RSA | DSA Oc
|
.Op Fl S Op Cm RSA | DSA
|
||||||
.Op Fl s Ar name
|
.Op Fl s Ar name
|
||||||
.Op Fl v Ar nkeys
|
.Op Fl v Ar nkeys
|
||||||
|
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
This program generates cryptographic data files used by the NTPv4
|
This program generates cryptographic data files used by the NTPv4
|
||||||
authentication and identification schemes.
|
authentication and identification schemes.
|
||||||
It generates MD5 key files used in symmetric key cryptography.
|
It generates MD5 key files used in symmetric key cryptography.
|
||||||
In addition, if the OpenSSL software library has been installed,
|
In addition, if the OpenSSL software library has been installed,
|
||||||
it generates keys, certificate and identity files used in public key
|
it generates keys, certificate and identity files used in public key
|
||||||
cryptography. These files are used for cookie encryption,
|
cryptography.
|
||||||
|
These files are used for cookie encryption,
|
||||||
digital signature and challenge/response identification algorithms
|
digital signature and challenge/response identification algorithms
|
||||||
compatible with the Internet standard security infrastructure.
|
compatible with the Internet standard security infrastructure.
|
||||||
.Pp
|
.Pp
|
||||||
All files are in PEM-encoded printable ASCII format,
|
All files are in PEM-encoded printable ASCII format,
|
||||||
so they can be embedded as MIME attachments in mail to other sites
|
so they can be embedded as MIME attachments in mail to other sites
|
||||||
and certificate authorities.
|
and certificate authorities.
|
||||||
By default, files are not encrypted. The
|
By default, files are not encrypted.
|
||||||
|
The
|
||||||
.Fl p Ar password
|
.Fl p Ar password
|
||||||
option specifies the write password and
|
option specifies the write password and
|
||||||
.Fl q Ar password
|
.Fl q Ar password
|
||||||
@ -82,7 +83,8 @@ and generation date and time as comments.
|
|||||||
All files are installed by default in the keys directory
|
All files are installed by default in the keys directory
|
||||||
.Pa /usr/local/etc ,
|
.Pa /usr/local/etc ,
|
||||||
which is normally in a shared filesystem
|
which is normally in a shared filesystem
|
||||||
in NFS-mounted networks. The actual location of the keys directory
|
in NFS-mounted networks.
|
||||||
|
The actual location of the keys directory
|
||||||
and each file can be overridden by configuration commands,
|
and each file can be overridden by configuration commands,
|
||||||
but this is not recommended.
|
but this is not recommended.
|
||||||
Normally, the files for each host are generated by that host
|
Normally, the files for each host are generated by that host
|
||||||
@ -112,7 +114,8 @@ If a link is not present,
|
|||||||
.Xr ntpd 8
|
.Xr ntpd 8
|
||||||
extracts the filestamp from the file itself.
|
extracts the filestamp from the file itself.
|
||||||
This allows clients to verify that the file and generation times
|
This allows clients to verify that the file and generation times
|
||||||
are always current. The
|
are always current.
|
||||||
|
The
|
||||||
.Nm
|
.Nm
|
||||||
program uses the same timestamp extension for all files generated
|
program uses the same timestamp extension for all files generated
|
||||||
at one time, so each generation is distinct and can be readily
|
at one time, so each generation is distinct and can be readily
|
||||||
@ -124,7 +127,8 @@ program is logged in directly as root.
|
|||||||
The recommended procedure is change to the keys directory,
|
The recommended procedure is change to the keys directory,
|
||||||
usually
|
usually
|
||||||
.Pa /ust/local/etc ,
|
.Pa /ust/local/etc ,
|
||||||
then run the program. When run for the first time,
|
then run the program.
|
||||||
|
When run for the first time,
|
||||||
or if all
|
or if all
|
||||||
.Cm ntpkey
|
.Cm ntpkey
|
||||||
files have been removed,
|
files have been removed,
|
||||||
@ -205,7 +209,8 @@ The default cryptotype uses RSA encryption, MD5 message digest
|
|||||||
and TC identification.
|
and TC identification.
|
||||||
First, configure a NTP subnet including one or more low-stratum
|
First, configure a NTP subnet including one or more low-stratum
|
||||||
trusted hosts from which all other hosts derive synchronization
|
trusted hosts from which all other hosts derive synchronization
|
||||||
directly or indirectly. Trusted hosts have trusted certificates;
|
directly or indirectly.
|
||||||
|
Trusted hosts have trusted certificates;
|
||||||
all other hosts have nontrusted certificates.
|
all other hosts have nontrusted certificates.
|
||||||
These hosts will automatically and dynamically build authoritative
|
These hosts will automatically and dynamically build authoritative
|
||||||
certificate trails to one or more trusted hosts.
|
certificate trails to one or more trusted hosts.
|
||||||
@ -295,7 +300,8 @@ A server can also be a client of another server,
|
|||||||
but a client can never be a server for another client.
|
but a client can never be a server for another client.
|
||||||
In general, trusted hosts and nontrusted hosts that operate
|
In general, trusted hosts and nontrusted hosts that operate
|
||||||
as both server and client have parameter files that contain
|
as both server and client have parameter files that contain
|
||||||
both server and client keys. Hosts that operate
|
both server and client keys.
|
||||||
|
Hosts that operate
|
||||||
only as clients have key files that contain only client keys.
|
only as clients have key files that contain only client keys.
|
||||||
.Pp
|
.Pp
|
||||||
The PC scheme supports only one trusted host in the group.
|
The PC scheme supports only one trusted host in the group.
|
||||||
@ -315,7 +321,8 @@ to the host key file and soft link
|
|||||||
.Pa ntpkey_cert_ Ns Ar bob
|
.Pa ntpkey_cert_ Ns Ar bob
|
||||||
to the private certificate file.
|
to the private certificate file.
|
||||||
Note the generic links are on bob, but point to files generated
|
Note the generic links are on bob, but point to files generated
|
||||||
by trusted host alice. In this scheme it is not possible to refresh
|
by trusted host alice.
|
||||||
|
In this scheme it is not possible to refresh
|
||||||
either the keys or certificates without copying them
|
either the keys or certificates without copying them
|
||||||
to all other hosts in the group.
|
to all other hosts in the group.
|
||||||
.Pp
|
.Pp
|
||||||
@ -335,7 +342,8 @@ and clients and install a soft link from the generic
|
|||||||
.Pa ntpkey_iff_ Ns Ar alice
|
.Pa ntpkey_iff_ Ns Ar alice
|
||||||
to this file.
|
to this file.
|
||||||
If there are no hosts restricted to operate only as clients,
|
If there are no hosts restricted to operate only as clients,
|
||||||
there is nothing further to do. As the IFF scheme is independent
|
there is nothing further to do.
|
||||||
|
As the IFF scheme is independent
|
||||||
of keys and certificates, these files can be refreshed as needed.
|
of keys and certificates, these files can be refreshed as needed.
|
||||||
.Pp
|
.Pp
|
||||||
If a rogue client has the parameter file, it could masquerade
|
If a rogue client has the parameter file, it could masquerade
|
||||||
@ -349,7 +357,8 @@ and pipe the output to a file or mail program.
|
|||||||
Copy or mail this file to all restricted clients.
|
Copy or mail this file to all restricted clients.
|
||||||
On these clients install a soft link from the generic
|
On these clients install a soft link from the generic
|
||||||
.Pa ntpkey_iff_ Ns Ar alice
|
.Pa ntpkey_iff_ Ns Ar alice
|
||||||
to this file. To further protect the integrity of the keys,
|
to this file.
|
||||||
|
To further protect the integrity of the keys,
|
||||||
each file can be encrypted with a secret password.
|
each file can be encrypted with a secret password.
|
||||||
.Pp
|
.Pp
|
||||||
For the GQ scheme proceed as in the TC scheme to generate keys
|
For the GQ scheme proceed as in the TC scheme to generate keys
|
||||||
@ -377,7 +386,8 @@ at the same time, keys and certificates can be regenerated as needed.
|
|||||||
For the MV scheme, proceed as in the TC scheme to generate keys
|
For the MV scheme, proceed as in the TC scheme to generate keys
|
||||||
and certificates for all group hosts.
|
and certificates for all group hosts.
|
||||||
For illustration assume trish is the TA, alice one of several trusted hosts
|
For illustration assume trish is the TA, alice one of several trusted hosts
|
||||||
and bob one of her clients. On TA trish run
|
and bob one of her clients.
|
||||||
|
On TA trish run
|
||||||
.Nm
|
.Nm
|
||||||
.Fl V Ar n
|
.Fl V Ar n
|
||||||
.Fl p Ar password ,
|
.Fl p Ar password ,
|
||||||
@ -410,8 +420,14 @@ As the MV scheme is independent of keys and certificates,
|
|||||||
these files can be refreshed as needed.
|
these files can be refreshed as needed.
|
||||||
.Ss Command Line Options
|
.Ss Command Line Options
|
||||||
.Bl -tag -width indent
|
.Bl -tag -width indent
|
||||||
.It Fl c Oo Cm RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 Oc
|
.It Fl c Ar scheme
|
||||||
Select certificate message digest/signature encryption scheme.
|
Select certificate message digest/signature encryption scheme.
|
||||||
|
The
|
||||||
|
.Ar scheme
|
||||||
|
can be one of the following:
|
||||||
|
. Cm RSA-MD2 , RSA-MD5 , RSA-SHA , RSA-SHA1 , RSA-MDC2 , RSA-RIPEMD160 , DSA-SHA ,
|
||||||
|
or
|
||||||
|
.Cm DSA-SHA1 .
|
||||||
Note that RSA schemes must be used with a RSA sign key and DSA
|
Note that RSA schemes must be used with a RSA sign key and DSA
|
||||||
schemes must be used with a DSA sign key.
|
schemes must be used with a DSA sign key.
|
||||||
The default without this option is
|
The default without this option is
|
||||||
@ -473,7 +489,8 @@ by the library routines.
|
|||||||
The OpenSSL library uses a designated random seed file for this purpose.
|
The OpenSSL library uses a designated random seed file for this purpose.
|
||||||
The file must be available when starting the NTP daemon and
|
The file must be available when starting the NTP daemon and
|
||||||
.Nm
|
.Nm
|
||||||
program. If a site supports OpenSSL or its companion OpenSSH,
|
program.
|
||||||
|
If a site supports OpenSSL or its companion OpenSSH,
|
||||||
it is very likely that means to do this are already available.
|
it is very likely that means to do this are already available.
|
||||||
.Pp
|
.Pp
|
||||||
It is important to understand that entropy must be evolved
|
It is important to understand that entropy must be evolved
|
||||||
@ -490,7 +507,8 @@ usually called
|
|||||||
which must be available when starting the NTP daemon
|
which must be available when starting the NTP daemon
|
||||||
or the
|
or the
|
||||||
.Nm
|
.Nm
|
||||||
program. The NTP daemon will first look for the file
|
program.
|
||||||
|
The NTP daemon will first look for the file
|
||||||
using the path specified by the
|
using the path specified by the
|
||||||
.Ic randfile
|
.Ic randfile
|
||||||
subcommand of the
|
subcommand of the
|
||||||
@ -530,7 +548,8 @@ printable ASCII format preceded and followed by MIME content identifier lines.
|
|||||||
The format of the symmetric keys file is somewhat different
|
The format of the symmetric keys file is somewhat different
|
||||||
than the other files in the interest of backward compatibility.
|
than the other files in the interest of backward compatibility.
|
||||||
Since DES-CBC is deprecated in NTPv4, the only key format of interest
|
Since DES-CBC is deprecated in NTPv4, the only key format of interest
|
||||||
is MD5 alphanumeric strings. Following hte heard the keys are
|
is MD5 alphanumeric strings.
|
||||||
|
Following hte heard the keys are
|
||||||
entered one per line in the format
|
entered one per line in the format
|
||||||
.D1 Ar keyno type key
|
.D1 Ar keyno type key
|
||||||
where
|
where
|
||||||
|
@ -35,9 +35,8 @@
|
|||||||
.Nm
|
.Nm
|
||||||
.Fl p
|
.Fl p
|
||||||
.Nm
|
.Nm
|
||||||
.Op Fl d Ar name
|
.Oo Fl d Ar name Oc Ar ...
|
||||||
.Op Ar name Ns = Ns Ar value
|
.Op Ar name Ns = Ns Ar value ...
|
||||||
.Ar ...
|
|
||||||
.Sh DESCRIPTION
|
.Sh DESCRIPTION
|
||||||
The
|
The
|
||||||
.Nm
|
.Nm
|
||||||
@ -58,7 +57,8 @@ The following options are available:
|
|||||||
.It Fl d Ar name
|
.It Fl d Ar name
|
||||||
Delete the variable selected by
|
Delete the variable selected by
|
||||||
.Ar name
|
.Ar name
|
||||||
from the EEPROM or NVRAM. The
|
from the EEPROM or NVRAM.
|
||||||
|
The
|
||||||
.Fl d
|
.Fl d
|
||||||
flag can be specified multiple times, in which case multiple variables
|
flag can be specified multiple times, in which case multiple variables
|
||||||
will be removed.
|
will be removed.
|
||||||
@ -97,7 +97,6 @@ to
|
|||||||
.Dq Li 100 :
|
.Dq Li 100 :
|
||||||
.Pp
|
.Pp
|
||||||
.Dl "nvram -d foo -d bar baz=100"
|
.Dl "nvram -d foo -d bar baz=100"
|
||||||
.Ed
|
|
||||||
.Sh SEE ALSO
|
.Sh SEE ALSO
|
||||||
.Xr powermac_nvram 4 ,
|
.Xr powermac_nvram 4 ,
|
||||||
.Xr eeprom 8
|
.Xr eeprom 8
|
||||||
@ -108,10 +107,10 @@ utility first appeared in
|
|||||||
.Fx 7.0 .
|
.Fx 7.0 .
|
||||||
It is inspired by the
|
It is inspired by the
|
||||||
Darwin/Mac OS X
|
Darwin/Mac OS X
|
||||||
.Xr nvram 8
|
.Nm
|
||||||
utility.
|
utility.
|
||||||
.Sh AUTHORS
|
.Sh AUTHORS
|
||||||
.An Maxim Sobolev Aq sobomax@FreeBSD.org .
|
.An Maxim Sobolev Aq sobomax@FreeBSD.org
|
||||||
.Sh BUGS
|
.Sh BUGS
|
||||||
Currently,
|
Currently,
|
||||||
.Nm
|
.Nm
|
||||||
|
@ -24,7 +24,7 @@
|
|||||||
.\"
|
.\"
|
||||||
.\" $FreeBSD$
|
.\" $FreeBSD$
|
||||||
.\"
|
.\"
|
||||||
.Dd August 08, 2006
|
.Dd August 8, 2006
|
||||||
.Dt SADE 8
|
.Dt SADE 8
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
@ -45,23 +45,29 @@ behavior, where the main menu is presented.
|
|||||||
The
|
The
|
||||||
.Nm
|
.Nm
|
||||||
utility aims to provide a handy tool for disk management
|
utility aims to provide a handy tool for disk management
|
||||||
tasks on an already installed system. The goal is to save
|
tasks on an already installed system.
|
||||||
some of the useful functionality of the old sysinstall, which
|
The goal is to save
|
||||||
|
some of the useful functionality of the old
|
||||||
|
.Xr sysinstall 8
|
||||||
|
which
|
||||||
will be removed from the system in favor of the new installer.
|
will be removed from the system in favor of the new installer.
|
||||||
.\".Sh FILES
|
|
||||||
.Sh SEE ALSO
|
.Sh SEE ALSO
|
||||||
sysinstall(8)
|
.Xr sysinstall 8
|
||||||
.Sh HISTORY
|
.Sh HISTORY
|
||||||
This version of
|
This version of
|
||||||
.Nm
|
.Nm
|
||||||
first appeared in
|
first appeared in
|
||||||
.Fx 7.0 . The code is extracted from the
|
.Fx 7.0 .
|
||||||
sysinstall
|
The code is extracted from the
|
||||||
|
.Xr sysinstall 8
|
||||||
utility.
|
utility.
|
||||||
.Sh AUTHORS
|
.Sh AUTHORS
|
||||||
.An Jordan K. Hubbard Aq jkh@FreeBSD.org
|
.An Jordan K. Hubbard Aq jkh@FreeBSD.org
|
||||||
.Sh BUGS
|
.Sh BUGS
|
||||||
The utility misses a lot of nice features, such as tools for
|
The utility misses a lot of nice features, such as tools for
|
||||||
manipulating gmirror or gvinum stuff. These will be added
|
manipulating
|
||||||
later.
|
.Xr gmirror 8
|
||||||
|
or
|
||||||
|
.Xr gvinum 8
|
||||||
|
stuff.
|
||||||
|
These will be added later.
|
||||||
|
Loading…
Reference in New Issue
Block a user