commit b082fb39c29c7717e1c29eaddb4eaf1f9b95ad23
Author: Jaromir Hradilek <jhradile(a)redhat.com>
Date: Mon Jan 24 19:07:39 2011 +0100
Implemented the reviewed table of contents.
Dear translators,
if you are reading this message, please, do not hate me for this change.
Trust me, my intention was not to make your life any harder, but I am
really convinced that this change is worth all the troubles.
Nevertheless, accept my sincere apologies.
Kind regards,
Jaromir Hradilek
...T.xml => Automatic_Bug_Reporting_Tool_ABRT.xml} | 4 +-
...mated_Tasks.xml => Automating_System_Tasks.xml} | 8 +-
en-US/{The_BIND_DNS_Server.xml => BIND.xml} | 276 ++++-------------
...guration.xml => Configuring_Authentication.xml} | 12 +-
...guration_Protocol_DHCP.xml => DHCP_Servers.xml} | 9 +-
en-US/DNS_Servers.xml | 176 +++++++++++
en-US/Date_and_Time_Configuration.xml | 4 +-
en-US/Deployment_Guide.xml | 223 +++++---------
en-US/Directory_Servers.xml | 8 +
en-US/FTP.xml | 69 ++--
en-US/File_and_Print_Servers.xml | 8 +
en-US/Introduction.xml | 73 +++--
en-US/{Email.xml => Mail_Servers.xml} | 11 +-
...nd_Groups.xml => Managing_Users_and_Groups.xml} | 4 +-
...etwork_Configuration.xml => NetworkManager.xml} | 7 +-
en-US/Network_Interfaces.xml | 6 +-
...ctory_Access_Protocol_LDAP.xml => OpenLDAP.xml} | 74 +++---
en-US/OpenSSH.xml | 4 +-
en-US/PackageKit.xml | 2 +-
en-US/Printer_Configuration.xml | 41 ++--
en-US/RPM.xml | 6 +-
en-US/Samba.xml | 165 +++++-----
...ss_to_Services.xml => Services_and_Daemons.xml} | 4 +-
...Information.xml => System_Monitoring_Tools.xml} | 5 +-
en-US/The_Apache_HTTP_Server.xml | 330 ++++++++++----------
en-US/The_X_Window_System.xml | 8 +-
en-US/The_kdump_Crash_Recovery_Service.xml | 4 +-
en-US/The_proc_File_System.xml | 4 +-
en-US/The_sysconfig_Directory.xml | 18 +-
...iles.xml => Viewing_and_Managing_Log_Files.xml} | 4 +-
en-US/Web_Servers.xml | 18 +
31 files changed, 785 insertions(+), 800 deletions(-)
---
diff --git a/en-US/ABRT.xml b/en-US/Automatic_Bug_Reporting_Tool_ABRT.xml
similarity index 99%
rename from en-US/ABRT.xml
rename to en-US/Automatic_Bug_Reporting_Tool_ABRT.xml
index fb2cc5d..e928396 100644
--- a/en-US/ABRT.xml
+++ b/en-US/Automatic_Bug_Reporting_Tool_ABRT.xml
@@ -2,7 +2,7 @@
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
<chapter id="ch-abrt">
- <title>ABRT</title>
+ <title>Automatic Bug-Reporting Tool (ABRT)</title>
<section>
<title>Overview</title>
<para>
@@ -734,7 +734,7 @@ WatchCrashdumpArchiveDir = /var/spool/abrt-upload/
</listitem>
<listitem>
<para>
- Determine your preferred upload mechanism; for example, <systemitem
class="protocol">FTP</systemitem> or <systemitem
class="protocol">SCP</systemitem>. For more information on how to
configure <systemitem class="protocol">FTP</systemitem>, refer to
<xref linkend="ch-FTP"/>. For more information on how to configure
<systemitem class="protocol">SCP</systemitem>, refer to <xref
linkend="s2-ssh-clients-scp"/>.
+ Determine your preferred upload mechanism; for example, <systemitem
class="protocol">FTP</systemitem> or <systemitem
class="protocol">SCP</systemitem>. For more information on how to
configure <systemitem class="protocol">FTP</systemitem>, refer to
<xref linkend="s1-FTP" />. For more information on how to configure
<systemitem class="protocol">SCP</systemitem>, refer to <xref
linkend="s2-ssh-clients-scp"/>.
</para>
<para>
For security reasons, make sure that uploads can only be performed by a
specific user and with a password. The rest of the document assumes that the username used
for uploads is <systemitem class="username">USERNAME</systemitem>
and the password is <literal>PASSWORD</literal>. If you do not already have a
suitable username which can be used to perform uploads under, you may use the
<systemitem class="username">abrt</systemitem> user which already
exists on every system where <application>ABRT</application> is installed.
diff --git a/en-US/Automated_Tasks.xml b/en-US/Automating_System_Tasks.xml
similarity index 98%
rename from en-US/Automated_Tasks.xml
rename to en-US/Automating_System_Tasks.xml
index 42dbb6f..6b366d6 100644
--- a/en-US/Automated_Tasks.xml
+++ b/en-US/Automating_System_Tasks.xml
@@ -1,8 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="ch-Automated_Tasks">
- <title>Automated Tasks</title>
+<chapter id="ch-Automating_System_Tasks">
+ <title>Automating System Tasks</title>
<indexterm significance="normal">
<primary>Automated Tasks</primary>
</indexterm>
@@ -27,7 +27,7 @@
<para>To use the cron service, the <filename>cronie</filename> RPM
package must be installed and the <command>crond</command> service must be
running. <filename>anacron</filename> is a sub-package of
<filename>cronie</filename>. To determine if these packages are installed, use
the <command>rpm -q cronie cronie-anacron</command> command. </para>
<section id="s2-autotasks-cron-service">
<title>Starting and Stopping the Service</title>
- <para>To determine if the service is running, use the command
<command>/sbin/service crond status</command>. To start the cron service, use
the command <command>/sbin/service crond start</command>. To stop the service,
use the command <command>/sbin/service crond stop</command>. It is recommended
that you start the service at boot time. Refer to <xref
linkend="ch-Controlling_Access_to_Services"/> for details on starting the
cron service automatically at boot time.</para>
+ <para>To determine if the service is running, use the command
<command>/sbin/service crond status</command>. To start the cron service, use
the command <command>/sbin/service crond start</command>. To stop the service,
use the command <command>/sbin/service crond stop</command>. It is recommended
that you start the service at boot time. Refer to <xref
linkend="ch-Services_and_Daemons" /> for details on starting the cron service
automatically at boot time.</para>
</section>
<section id="s2-configuring-anacron-jobs">
<title>Configuring Anacron Jobs</title>
@@ -385,7 +385,7 @@ minute hour day month day of week user command
</section>
<section id="s2-autotasks-at-batch-service">
<title>Starting and Stopping the Service</title>
- <para>To start the <command>at</command> service, use the command
<command>/sbin/service atd start</command>. To stop the service, use the
command <command>/sbin/service atd stop</command>. It is recommended that you
start the service at boot time. Refer to <xref
linkend="ch-Controlling_Access_to_Services"/> for details on starting the
cron service automatically at boot time.</para>
+ <para>To start the <command>at</command> service, use the command
<command>/sbin/service atd start</command>. To stop the service, use the
command <command>/sbin/service atd stop</command>. It is recommended that you
start the service at boot time. Refer to <xref
linkend="ch-Services_and_Daemons" /> for details on starting the cron service
automatically at boot time.</para>
</section>
</section>
<section id="s1-autotasks-additional-resources">
diff --git a/en-US/The_BIND_DNS_Server.xml b/en-US/BIND.xml
similarity index 89%
rename from en-US/The_BIND_DNS_Server.xml
rename to en-US/BIND.xml
index 67aaae8..dca773e 100644
--- a/en-US/The_BIND_DNS_Server.xml
+++ b/en-US/BIND.xml
@@ -1,20 +1,8 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="ch-The_BIND_DNS_Server">
- <title>The BIND DNS Server</title>
- <indexterm>
- <primary>DNS</primary>
- <secondary>definition</secondary>
- <seealso>BIND</seealso>
- </indexterm>
- <indexterm>
- <primary>nameserver</primary>
- <see>DNS</see>
- </indexterm>
- <para>
- <systemitem class="protocol">DNS</systemitem> (Domain Name
System), also known as a <firstterm>nameserver</firstterm>, is a network
system that associates hostnames with their respective IP addresses. For users, this has
the advantage that they can refer to machines on the network by names that are usually
easier to remember than the numerical network addresses. For system administrators, using
the nameserver allows them to change the IP address for a host without ever affecting the
name-based queries, or to decide which machines handle these queries.
- </para>
+<section id="s1-BIND">
+ <title>BIND</title>
<indexterm>
<primary>Berkeley Internet Name Domain</primary>
<see>BIND</see>
@@ -22,163 +10,7 @@
<para>
This chapter covers <systemitem
class="service">BIND</systemitem> (Berkeley Internet Name Domain), the
DNS server included in &MAJOROS;. It focuses on the structure of its configuration
files, and describes how to administer it both locally and remotely.
</para>
- <section id="s1-bind-introduction">
- <title>Introduction to DNS</title>
- <indexterm>
- <primary>root nameserver</primary>
- <see>BIND</see>
- </indexterm>
- <para>
- DNS is usually implemented using one or more centralized servers that are
authoritative for certain domains. When a client host requests information from a
nameserver, it usually connects to port 53. The nameserver then attempts to resolve the
name requested. If it does not have an authoritative answer, or does not already have the
answer cached from an earlier query, it queries other nameservers, called
<firstterm>root nameservers</firstterm>, to determine which nameservers are
authoritative for the name in question, and then queries them to get the requested name.
- </para>
- <section id="s2-bind-introduction-zones">
- <title>Nameserver Zones</title>
- <indexterm>
- <primary>BIND</primary>
- <secondary>resource record</secondary>
- </indexterm>
- <indexterm>
- <primary>resource record</primary>
- <see>BIND</see>
- </indexterm>
- <indexterm>
- <primary>fully qualified domain name</primary>
- </indexterm>
- <indexterm>
- <primary><acronym>FQDN</acronym></primary>
- <see>fully qualified domain name</see>
- </indexterm>
- <para>
- In a DNS server such as BIND, all information is stored in basic data elements
called <firstterm>resource records</firstterm> (RR). The resource record is
usually a <firstterm>fully qualified domain name</firstterm> (FQDN) of a host,
and is broken down into multiple sections organized into a tree-like hierarchy. This
hierarchy consists of a main trunk, primary branches, secondary branches, and so on.
- </para>
- <example id="example-bind-introduction-zones-rr">
- <title>A simple resource record</title>
- <screen>bob.sales.example.com</screen>
- </example>
- <indexterm>
- <primary>BIND</primary>
- <secondary>zones</secondary>
- <tertiary>description</tertiary>
- </indexterm>
- <para>
- Each level of the hierarchy is divided by a period (that is,
<literal>.</literal>). In <xref
linkend="example-bind-introduction-zones-rr" />,
<literal>com</literal> defines the <firstterm>top-level
domain</firstterm>, <literal>example</literal> its subdomain, and
<literal>sales</literal> the subdomain of
<literal>example</literal>. In this case, <literal>bob</literal>
identifies a resource record that is part of the <systemitem
class="domainname">sales.example.com</systemitem> domain. With the
exception of the part furthest to the left (that is, <literal>bob</literal>),
each of these sections is called a <firstterm>zone</firstterm> and defines a
specific <firstterm>namespace</firstterm>.
- </para>
- <indexterm>
- <primary>BIND</primary>
- <secondary>types</secondary>
- <tertiary>primary (master) nameserver</tertiary>
- </indexterm>
- <indexterm>
- <primary>BIND</primary>
- <secondary>types</secondary>
- <tertiary>secondary (slave) nameserver</tertiary>
- </indexterm>
- <para>
- Zones are defined on authoritative nameservers through the use of
<firstterm>zone files</firstterm>, which contain definitions of the resource
records in each zone. Zone files are stored on <firstterm>primary
nameservers</firstterm> (also called <firstterm>master
nameservers</firstterm>), where changes are made to the files, and
<firstterm>secondary nameservers</firstterm> (also called
<firstterm>slave nameservers</firstterm>), which receive zone definitions from
the primary nameservers. Both primary and secondary nameservers are authoritative for the
zone and look the same to clients. Depending on the configuration, any nameserver can also
serve as a primary or secondary server for multiple zones at the same time.
- </para>
- </section>
- <section id="s2-bind-introduction-nameservers">
- <title>Nameserver Types</title>
- <para>
- There are two nameserver configuration types:
- </para>
- <variablelist>
- <varlistentry>
- <term>
- <indexterm>
- <primary>BIND</primary>
- <secondary>types</secondary>
- <tertiary>authoritative nameserver</tertiary>
- </indexterm>
- <indexterm>
- <primary>authoritative nameserver</primary>
- <see>BIND</see>
- </indexterm>
- <indexterm>
- <primary>BIND</primary>
- <secondary>types</secondary>
- <tertiary>primary (master) nameserver</tertiary>
- </indexterm>
- <indexterm>
- <primary>primary nameserver</primary>
- <see>BIND</see>
- </indexterm>
- <indexterm>
- <primary>BIND</primary>
- <secondary>types</secondary>
- <tertiary>secondary (slave) nameserver</tertiary>
- </indexterm>
- <indexterm>
- <primary>secondary nameserver</primary>
- <see>BIND</see>
- </indexterm>
- authoritative
- </term>
- <listitem>
- <para>
- Authoritative nameservers answer to resource records that are part of their
zones only. This category includes both primary (master) and secondary (slave)
nameservers.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
- <indexterm>
- <primary>BIND</primary>
- <secondary>types</secondary>
- <tertiary>recursive nameserver</tertiary>
- </indexterm>
- <indexterm>
- <primary>recursive nameserver</primary>
- <see>BIND</see>
- </indexterm>
- recursive
- </term>
- <listitem>
- <para>
- Recursive nameservers offer resolution services, but they are not
authoritative for any zone. Answers for all resolutions are cached in a memory for a fixed
period of time, which is specified by the retrieved resource record.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
- <para>
- Although a nameserver can be both authoritative and recursive at the same time,
it is recommended not to combine the configuration types. To be able to perform their
work, authoritative servers should be available to all clients all the time. On the other
hand, since the recursive lookup takes far more time than authoritative responses,
recursive servers should be available to a restricted number of clients only, otherwise
they are prone to distributed denial of service (DDoS) attacks.
- </para>
- </section>
- <section id="s2-bind-introduction-bind">
- <title>BIND as a Nameserver</title>
- <indexterm>
- <primary>BIND</primary>
- <secondary>utilities</secondary>
- <tertiary><systemitem
class="service">named</systemitem></tertiary>
- </indexterm>
- <indexterm>
- <primary>BIND</primary>
- <secondary>utilities</secondary>
- <tertiary><command>rndc</command></tertiary>
- </indexterm>
- <indexterm>
- <primary>BIND</primary>
- <secondary>utilities</secondary>
- <tertiary><command>dig</command></tertiary>
- </indexterm>
- <indexterm>
- <primary><systemitem
class="service">named</systemitem></primary>
- <see>BIND</see>
- </indexterm>
- <indexterm>
- <primary><command>rndc</command></primary>
- <see>BIND</see>
- </indexterm>
- <indexterm>
- <primary><command>dig</command></primary>
- <see>BIND</see>
- </indexterm>
- <para>
- BIND consists of a set of DNS-related programs. It contains a monolithic
nameserver called <systemitem class="service">named</systemitem>, an
administration utility called <command>rndc</command>, and a debugging tool
called <command>dig</command>. Refer to <xref
linkend="ch-Controlling_Access_to_Services" /> for more information on how to
run a service in &MAJOROS;.
- </para>
- </section>
- </section>
- <section id="s1-bind-namedconf">
+ <section id="s2-bind-namedconf">
<title>Configuring the <command>named</command>
Service</title>
<indexterm significance="preferred">
<primary>BIND</primary>
@@ -261,7 +93,7 @@
If you have installed the <package>bind-chroot</package> package, the
BIND service will run in the <filename
class="directory">/var/named/chroot</filename> environment. In that
case, the initialization script will mount the above configuration files using the
<command>mount --bind</command> command, so that you can manage the
configuration outside this environment.
</para>
</note>
- <section id="s2-bind-namedconf-state">
+ <section id="s3-bind-namedconf-state">
<title>Common Statement Types</title>
<para>
The following types of statements are commonly used in
<filename>/etc/named.conf</filename>:
@@ -586,7 +418,7 @@ options {
</para>
</important>
<para>
- Refer to the <citetitle>BIND 9 Administrator Reference
Manual</citetitle> referenced in <xref linkend="s2-bind-installed-docs"
/>, and the <filename>named.conf</filename> manual page for a complete list
of available options.
+ Refer to the <citetitle>BIND 9 Administrator Reference
Manual</citetitle> referenced in <xref linkend="s3-bind-installed-docs"
/>, and the <filename>named.conf</filename> manual page for a complete list
of available options.
</para>
<example id="example-bind-namedconf-common-options">
<title>Using the <option>options</option>
statement</title>
@@ -629,7 +461,7 @@ options {
The <replaceable>zone-name</replaceable> attribute is
particularly important, as it is the default value assigned for the
<option>$ORIGIN</option> directive used within the corresponding zone file
located in the <filename>/var/named/</filename> directory. The <systemitem
class="service">named</systemitem> daemon appends the name of the zone
to any non-fully qualified domain name listed in the zone file. For example, if a
<option>zone</option> statement defines the namespace for
<literal>example.com</literal>, use <literal>example.com</literal>
as the <replaceable>zone-name</replaceable> so that it is placed at the end of
hostnames within the <literal>example.com</literal> zone file.
</para>
<para>
- For more information about zone files, refer to <xref
linkend="s1-bind-zone" />.
+ For more information about zone files, refer to <xref
linkend="s2-bind-zone" />.
</para>
<table id="table-bind-namedconf-common-zone">
<title>Commonly used options</title>
@@ -672,7 +504,7 @@ options {
Specifies which hosts are allowed to dynamically update
information in their zone. The default option is to deny all dynamic update requests.
</para>
<para>
- Note that you should be careful when allowing hosts to update
information about their zone. Do not set IP addresses in this option unless the server is
in the trusted network. Instead, use TSIG key as described in <xref
linkend="s2-bind-features-tsig" />.
+ Note that you should be careful when allowing hosts to update
information about their zone. Do not set IP addresses in this option unless the server is
in the trusted network. Instead, use TSIG key as described in <xref
linkend="s3-bind-features-tsig" />.
</para>
</entry>
</row>
@@ -796,7 +628,7 @@ options {
</varlistentry>
</variablelist>
</section>
- <section id="s2-bind-namedconf-state-other">
+ <section id="s3-bind-namedconf-state-other">
<title>Other Statement Types</title>
<para>
The following types of statements are less commonly used in
<filename>/etc/named.conf</filename>:
@@ -816,7 +648,7 @@ options {
The <option>controls</option> statement allows you to configure
various security requirements necessary to use the <command>rndc</command>
command to administer the <systemitem
class="service">named</systemitem> service.
</para>
<para>
- Refer to <xref linkend="s1-bind-rndc" /> for more
information on the <command>rndc</command> utility and its usage.
+ Refer to <xref linkend="s2-bind-rndc" /> for more
information on the <command>rndc</command> utility and its usage.
</para>
</listitem>
</varlistentry>
@@ -846,7 +678,7 @@ options {
</listitem>
</itemizedlist>
<para>
- Refer to <xref linkend="s1-bind-rndc" /> for more
information on the <command>rndc</command> utility and its usage.
+ Refer to <xref linkend="s2-bind-rndc" /> for more
information on the <command>rndc</command> utility and its usage.
</para>
</listitem>
</varlistentry>
@@ -867,7 +699,7 @@ options {
By default, <systemitem
class="service">named</systemitem> sends standard messages to the
<systemitem class="service">rsyslog</systemitem> daemon, which
places them in <filename>/var/log/messages</filename>. Several standard
channels are built into BIND with various severity levels, such as
<literal>default_syslog</literal> (which handles informational logging
messages) and <literal>default_debug</literal> (which specifically handles
debugging messages). A default category, called <literal>default</literal>,
uses the built-in channels to do normal logging without any special configuration.
</para>
<para>
- Customizing the logging process can be a very detailed process and is
beyond the scope of this chapter. For information on creating custom BIND logs, refer to
the <citetitle>BIND 9 Administrator Reference Manual</citetitle> referenced in
<xref linkend="s2-bind-installed-docs"/>.
+ Customizing the logging process can be a very detailed process and is
beyond the scope of this chapter. For information on creating custom BIND logs, refer to
the <citetitle>BIND 9 Administrator Reference Manual</citetitle> referenced in
<xref linkend="s3-bind-installed-docs"/>.
</para>
</listitem>
</varlistentry>
@@ -900,7 +732,7 @@ options {
</term>
<listitem>
<para>
- The <option>trusted-keys</option> statement allows you to
specify assorted public keys used for secure DNS (DNSSEC). Refer to <xref
linkend="s2-bind-features-dnssec" /> for more information on this topic.
+ The <option>trusted-keys</option> statement allows you to
specify assorted public keys used for secure DNS (DNSSEC). Refer to <xref
linkend="s3-bind-features-dnssec" /> for more information on this topic.
</para>
</listitem>
</varlistentry>
@@ -921,13 +753,13 @@ options {
Multiple views can be used as long as their names are unique. The
<option>match-clients</option> option allows you to specify the IP addresses
that apply to a particular view. If the <option>options</option> statement is
used within a view, it overrides the already configured global options. Finally, most
<option>view</option> statements contain multiple
<option>zone</option> statements that apply to the
<option>match-clients</option> list.
</para>
<para>
- Note that the order in which the <option>view</option>
statements are listed is important, as the first statement that matches a particular
client's IP address is used. For more information on this topic, refer to <xref
linkend="s2-bind-features-views" />.
+ Note that the order in which the <option>view</option>
statements are listed is important, as the first statement that matches a particular
client's IP address is used. For more information on this topic, refer to <xref
linkend="s3-bind-features-views" />.
</para>
</listitem>
</varlistentry>
</variablelist>
</section>
- <section id="s2-bind-namedconf-comm">
+ <section id="s3-bind-namedconf-comm">
<title>Comment Tags</title>
<indexterm>
<primary>BIND</primary>
@@ -968,7 +800,7 @@ options {
</variablelist>
</section>
</section>
- <section id="s1-bind-zone">
+ <section id="s2-bind-zone">
<title>Editing Zone Files</title>
<indexterm>
<primary>BIND</primary>
@@ -991,7 +823,7 @@ options {
<tertiary><filename
class="directory">/var/named/data/</filename></tertiary>
</indexterm>
<para>
- As outlined in <xref linkend="s2-bind-introduction-zones" />, zone
files contain information about a namespace. They are stored in the <systemitem
class="service">named</systemitem> working directory located in
<filename class="directory">/var/named/</filename> by default, and
each zone file is named according to the <option>file</option> option in the
<option>zone</option> statement, usually in a way that relates to the domain
in question and identifies the file as containing zone data, such as
<filename>example.com.zone</filename>.
+ As outlined in <xref linkend="s2-dns-introduction-zones" />, zone
files contain information about a namespace. They are stored in the <systemitem
class="service">named</systemitem> working directory located in
<filename class="directory">/var/named/</filename> by default, and
each zone file is named according to the <option>file</option> option in the
<option>zone</option> statement, usually in a way that relates to the domain
in question and identifies the file as containing zone data, such as
<filename>example.com.zone</filename>.
</para>
<table id="table-bind-zone-files">
<title>The <systemitem
class="service">named</systemitem> service zone files</title>
@@ -1049,7 +881,7 @@ options {
<para>
All directives and resource records should be entered on individual lines.
</para>
- <section id="s2-bind-zone-directives">
+ <section id="s3-bind-zone-directives">
<title>Common Directives</title>
<para>
Directives begin with the dollar sign character (that is,
<literal>$</literal>) followed by the name of the directive, and usually
appear at the top of the file. The following directives are commonly used in zone files:
@@ -1120,7 +952,7 @@ options {
</varlistentry>
</variablelist>
</section>
- <section id="s3-bind-zone-rr">
+ <section id="s4-bind-zone-rr">
<title>Common Resource Records</title>
<para>
The following resource records are commonly used in zone files:
@@ -1267,7 +1099,7 @@ IN NS dns2.example.com.</screen>
The <replaceable>last-IP-digit</replaceable> directive is the
last number in an IP address, and the
<replaceable>FQDN-of-system</replaceable> is a fully qualified domain name
(FQDN).
</para>
<para>
- <command>PTR</command> records are primarily used for reverse
name resolution, as they point IP addresses back to a particular name. Refer to <xref
linkend="s2-bind-configuration-zone-reverse" /> for more examples of
<command>PTR</command> records in use.
+ <command>PTR</command> records are primarily used for reverse
name resolution, as they point IP addresses back to a particular name. Refer to <xref
linkend="s3-bind-configuration-zone-reverse" /> for more examples of
<command>PTR</command> records in use.
</para>
</listitem>
</varlistentry>
@@ -1445,7 +1277,7 @@ IN NS dns2.example.com.</screen>
</varlistentry>
</variablelist>
</section>
- <section id="s2-bind-zone-comm">
+ <section id="s3-bind-zone-comm">
<title>Comment Tags</title>
<indexterm>
<primary>BIND</primary>
@@ -1457,12 +1289,12 @@ IN NS dns2.example.com.</screen>
</para>
<screen> 604800 ; expire after 1 week</screen>
</section>
- <section id="s2-bind-zone-examples">
+ <section id="s3-bind-zone-examples">
<title>Example Usage</title>
<para>
The following examples show the basic usage of zone files.
</para>
- <section id="s3-bind-zone-examples-basic">
+ <section id="s4-bind-zone-examples-basic">
<title>A Simple Zone File</title>
<indexterm>
<primary>BIND</primary>
@@ -1531,7 +1363,7 @@ www IN CNAME
services.example.com.
allow-update { none; };
};</screen>
</section>
- <section id="s2-bind-configuration-zone-reverse">
+ <section id="s3-bind-configuration-zone-reverse">
<title>A Reverse Name Resolution Zone File</title>
<indexterm>
<primary>BIND</primary>
@@ -1580,7 +1412,7 @@ $TTL 86400
</section>
</section>
</section>
- <section id="s1-bind-rndc">
+ <section id="s2-bind-rndc">
<title>Using the <command>rndc</command> Utility</title>
<indexterm significance="preferred">
<primary>BIND</primary>
@@ -1591,7 +1423,7 @@ $TTL 86400
The <command>rndc</command> utility is a command line tool that allows
you to administer the <systemitem class="service">named</systemitem>
service, both locally and from a remote machine. Its usage is as follows:
</para>
<screen><command>rndc</command>
[<replaceable>option</replaceable>...]
<replaceable>command</replaceable>
[<replaceable>command-option</replaceable>]</screen>
- <section id="s2-bind-rndc-configuration">
+ <section id="s3-bind-rndc-configuration">
<title>Configuring the Utility</title>
<para>
To prevent unauthorized access to the service, <systemitem
class="service">named</systemitem> must be configured to listen on the
selected port (that is, <literal>953</literal> by default), and an identical
key must be used by both the service and the <command>rndc</command> utility.
@@ -1658,10 +1490,10 @@ $TTL 86400
The <command>rndc</command> configuration is located in
<filename>/etc/rndc.conf</filename>. If the file does not exist, the utility
will use the key located in <filename>/etc/rndc.key</filename>, which was
generated automatically during the installation process using the
<command>rndc-confgen -a</command> command.
</para>
<para>
- The <systemitem class="service">named</systemitem> service
is configured using the <option>controls</option> statement in the
<filename>/etc/named.conf</filename> configuration file as described in
<xref linkend="s2-bind-namedconf-state-other" />. Unless this statement is
present, only the connections from the loopback address (that is, <systemitem
class="ipaddress">127.0.0.1</systemitem>) will be allowed, and the key
located in <filename>/etc/rndc.key</filename> will be used.
+ The <systemitem class="service">named</systemitem> service
is configured using the <option>controls</option> statement in the
<filename>/etc/named.conf</filename> configuration file as described in
<xref linkend="s3-bind-namedconf-state-other" />. Unless this statement is
present, only the connections from the loopback address (that is, <systemitem
class="ipaddress">127.0.0.1</systemitem>) will be allowed, and the key
located in <filename>/etc/rndc.key</filename> will be used.
</para>
<para>
- For more information on this topic, refer to manual pages and the
<citetitle>BIND 9 Administrator Reference Manual</citetitle> listed in
<xref linkend="s1-bind-additional-resources"/>.
+ For more information on this topic, refer to manual pages and the
<citetitle>BIND 9 Administrator Reference Manual</citetitle> listed in
<xref linkend="s2-bind-additional-resources"/>.
</para>
<important>
<title>Important: Set the Correct Permissions</title>
@@ -1671,7 +1503,7 @@ $TTL 86400
<screen>~]# <command>chmod o-rwx
/etc/rndc.key</command></screen>
</important>
</section>
- <section id="s2-bind-rndc-status">
+ <section id="s3-bind-rndc-status">
<title>Checking the Service Status</title>
<para>
To check the current status of the <systemitem
class="service">named</systemitem> service, use the following command:
@@ -1690,7 +1522,7 @@ recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running</screen>
</section>
- <section id="s2-bind-rndc-reload">
+ <section id="s3-bind-rndc-reload">
<title>Reloading the Configuration and Zones</title>
<para>
To reload both the configuration file and zones, type the following at a shell
prompt:
@@ -1722,7 +1554,7 @@ zone reload up-to-date</screen>
The zone reload and thaw was successful.</screen>
</note>
</section>
- <section id="s2-bind-rndc-sign">
+ <section id="s3-bind-rndc-sign">
<title>Updating Zone Keys</title>
<para>
To update the DNSSEC keys and sign the zone, use the
<command>sign</command> command. For example:
@@ -1738,7 +1570,7 @@ The zone reload and thaw was successful.</screen>
auto-dnssec maintain;
};</screen>
</section>
- <section id="s2-bind-rndc-validation">
+ <section id="s3-bind-rndc-validation">
<title>Enabling the DNSSEC Validation</title>
<para>
To enable the DNSSEC validation, type the following at a shell prompt:
@@ -1749,21 +1581,21 @@ The zone reload and thaw was successful.</screen>
</para>
<screen>~]# <command>rndc validation
off</command></screen>
<para>
- Refer to the <option>options</option> statement described in <xref
linkend="s2-bind-namedconf-state" /> for information on how configure this
option in <filename>/etc/named.conf</filename>.
+ Refer to the <option>options</option> statement described in <xref
linkend="s3-bind-namedconf-state" /> for information on how configure this
option in <filename>/etc/named.conf</filename>.
</para>
</section>
- <section id="s2-bind-rndc-querylog">
+ <section id="s3-bind-rndc-querylog">
<title>Enabling the Query Logging</title>
<para>
To enable (or disable in case it is currently enabled) the query logging, run the
following command:
</para>
<screen>~]# <command>rndc querylog</command></screen>
<para>
- To check the current setting, use the <command>status</command>
command as described in <xref linkend="s2-bind-rndc-status" />.
+ To check the current setting, use the <command>status</command>
command as described in <xref linkend="s3-bind-rndc-status" />.
</para>
</section>
</section>
- <section id="s1-bind-dig">
+ <section id="s2-bind-dig">
<title>Using the <command>dig</command> Utility</title>
<indexterm significance="preferred">
<primary>BIND</primary>
@@ -1775,9 +1607,9 @@ The zone reload and thaw was successful.</screen>
</para>
<screen><command>dig</command>
[@<replaceable>server</replaceable>]
[<replaceable>option</replaceable>...]
<replaceable>name</replaceable>
<replaceable>type</replaceable></screen>
<para>
- Refer to <xref linkend="s3-bind-zone-rr" /> for a list of common
<replaceable>type</replaceable>s.
+ Refer to <xref linkend="s4-bind-zone-rr" /> for a list of common
<replaceable>type</replaceable>s.
</para>
- <section id="s2-bind-dig-ns">
+ <section id="s3-bind-dig-ns">
<title>Looking Up a Nameserver</title>
<para>
To look up a nameserver for a particular domain, use the command in the following
form:
@@ -1809,7 +1641,7 @@
example.com. 99374 IN NS
b.iana-servers.net.
;; MSG SIZE rcvd: 77</screen>
</example>
</section>
- <section id="s2-bind-dig-a">
+ <section id="s3-bind-dig-a">
<title>Looking Up an IP Address</title>
<para>
To look up an IP address assigned to a particular domain, use the command in the
following form:
@@ -1844,7 +1676,7 @@
example.com. 99175 IN NS
b.iana-servers.net.
;; MSG SIZE rcvd: 93</screen>
</example>
</section>
- <section id="s2-bind-dig-x">
+ <section id="s3-bind-dig-x">
<title>Looking Up a Hostname</title>
<para>
To look up a hostname for a particular IP address, use the command in the
following form:
@@ -1891,7 +1723,7 @@
ns.icann.org. 12884 IN A 192.0.34.126
</example>
</section>
</section>
- <section id="s1-bind-features">
+ <section id="s2-bind-features">
<title>Advanced Features of BIND</title>
<para>
Most BIND implementations only use the <systemitem
class="service">named</systemitem> service to provide name resolution
services or to act as an authority for a particular domain. However, BIND version 9 has a
number of advanced features that allow for a more secure and efficient DNS service.
@@ -1903,9 +1735,9 @@
ns.icann.org. 12884 IN A 192.0.34.126
</para>
</important>
<para>
- All of the features mentioned are discussed in greater detail in the
<citetitle>BIND 9 Administrator Reference Manual</citetitle> referenced in
<xref linkend="s2-bind-installed-docs" />.
+ All of the features mentioned are discussed in greater detail in the
<citetitle>BIND 9 Administrator Reference Manual</citetitle> referenced in
<xref linkend="s3-bind-installed-docs" />.
</para>
- <section id="s2-bind-features-views">
+ <section id="s3-bind-features-views">
<title>Multiple Views</title>
<indexterm>
<primary>BIND</primary>
@@ -1919,7 +1751,7 @@
ns.icann.org. 12884 IN A 192.0.34.126
To configure multiple views, add the <command>view</command>
statement to the <filename>/etc/named.conf</filename> configuration file. Use
the <option>match-clients</option> option to match IP addresses or entire
networks and give them special options and zone data.
</para>
</section>
- <section id="s2-bind-features-ixfr">
+ <section id="s3-bind-features-ixfr">
<title>Incremental Zone Transfers (IXFR)</title>
<indexterm>
<primary>BIND</primary>
@@ -1938,7 +1770,7 @@
ns.icann.org. 12884 IN A 192.0.34.126
Note that IXFR is only available when using dynamic updating to make changes to
master zone records. If manually editing zone files to make changes,
<firstterm>Automatic Zone Transfer</firstterm>
(<firstterm>AXFR</firstterm>) is used.
</para>
</section>
- <section id="s2-bind-features-tsig">
+ <section id="s3-bind-features-tsig">
<title>Transaction SIGnatures (TSIG)</title>
<indexterm>
<primary>BIND</primary>
@@ -1958,7 +1790,7 @@
ns.icann.org. 12884 IN A 192.0.34.126
</para>
</important>
</section>
- <section id="s2-bind-features-dnssec">
+ <section id="s3-bind-features-dnssec">
<title>DNS Security Extensions (DNSSEC)</title>
<indexterm>
<primary>BIND</primary>
@@ -1974,10 +1806,10 @@
ns.icann.org. 12884 IN A 192.0.34.126
<tertiary><command>dig</command></tertiary>
</indexterm>
<para>
- Note that to debug a DNSSEC-signed domain or a DNSSEC-aware resolver, you can use
the <command>dig</command> utility as described in <xref
linkend="s1-bind-dig" />. Useful options are
<option>+dnssec</option> (requests DNSSEC-related resource records by setting
the DNSSEC OK bit), <option>+cd</option> (tells recursive nameserver not to
validate the response), and <option>+bufsize=512</option> (changes the packet
size to 512B to get through some firewalls).
+ Note that to debug a DNSSEC-signed domain or a DNSSEC-aware resolver, you can use
the <command>dig</command> utility as described in <xref
linkend="s2-bind-dig" />. Useful options are
<option>+dnssec</option> (requests DNSSEC-related resource records by setting
the DNSSEC OK bit), <option>+cd</option> (tells recursive nameserver not to
validate the response), and <option>+bufsize=512</option> (changes the packet
size to 512B to get through some firewalls).
</para>
</section>
- <section id="s2-bind-features-ipv6">
+ <section id="s3-bind-features-ipv6">
<title>Internet Protocol version 6 (IPv6)</title>
<indexterm>
<primary>BIND</primary>
@@ -1989,7 +1821,7 @@
ns.icann.org. 12884 IN A 192.0.34.126
</para>
</section>
</section>
- <section id="s1-bind-mistakes">
+ <section id="s2-bind-mistakes">
<title>Common Mistakes to Avoid</title>
<indexterm>
<primary>BIND</primary>
@@ -2039,12 +1871,12 @@
ns.icann.org. 12884 IN A 192.0.34.126
</varlistentry>
</variablelist>
</section>
- <section id="s1-bind-additional-resources">
+ <section id="s2-bind-additional-resources">
<title>Additional Resources</title>
<para>
The following sources of information provide additional resources regarding BIND.
</para>
- <section id="s2-bind-installed-docs">
+ <section id="s3-bind-installed-docs">
<title>Installed Documentation</title>
<indexterm>
<primary>BIND</primary>
@@ -2142,7 +1974,7 @@
ns.icann.org. 12884 IN A 192.0.34.126
</varlistentry>
</variablelist>
</section>
- <section id="s2-bind-useful-websites">
+ <section id="s3-bind-useful-websites">
<title>Useful Websites</title>
<indexterm>
<primary>BIND</primary>
@@ -2160,7 +1992,7 @@
ns.icann.org. 12884 IN A 192.0.34.126
</varlistentry>
</variablelist>
</section>
- <section id="s2-bind-related-books">
+ <section id="s3-bind-related-books">
<title>Related Books</title>
<indexterm>
<primary>BIND</primary>
@@ -2187,4 +2019,4 @@
ns.icann.org. 12884 IN A 192.0.34.126
</variablelist>
</section>
</section>
-</chapter>
+</section>
diff --git a/en-US/Authentication_Configuration.xml
b/en-US/Configuring_Authentication.xml
similarity index 99%
rename from en-US/Authentication_Configuration.xml
rename to en-US/Configuring_Authentication.xml
index 53a0466..c4e2baa 100644
--- a/en-US/Authentication_Configuration.xml
+++ b/en-US/Configuring_Authentication.xml
@@ -1,8 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="ch-Authentication_Configuration">
- <title>Authentication Configuration</title>
+<chapter id="ch-Configuring_Authentication">
+ <title>Configuring Authentication</title>
<section id="sect-The_Authentication_Configuration_Tool">
<title>The Authentication Configuration Tool</title>
<indexterm significance="normal">
@@ -92,12 +92,12 @@
</para>
</important>
<para>
- For more information about CA Certificates, refer to <xref
linkend="s2-apache-mod_ssl-certificates" />.
+ For more information about CA Certificates, refer to <xref
linkend="s3-apache-mod_ssl-certificates" />.
</para>
</listitem>
</itemizedlist>
<para>The <filename>openldap-clients</filename> package must be
installed for this option to work.</para>
- <para>For more information about LDAP, refer to <xref
linkend="ch-Lightweight_Directory_Access_Protocol_LDAP"/>
+ <para>For more information about LDAP, refer to <xref
linkend="s1-OpenLDAP" />.
</para>
<para>
LDAP provides the following methods of authentication:
@@ -233,7 +233,7 @@
</listitem>
<listitem>
<para>
- <guilabel>Winbind Domain Controllers</guilabel> — Use this option
to specify which domain controller <command>winbind</command> should use. For
more information about domain controllers, please refer to <xref
linkend="s2-samba-domain-controller"/>.
+ <guilabel>Winbind Domain Controllers</guilabel> — Use this option
to specify which domain controller <command>winbind</command> should use. For
more information about domain controllers, please refer to <xref
linkend="s3-samba-domain-controller"/>.
</para>
</listitem>
<listitem>
@@ -248,7 +248,7 @@
</itemizedlist>
- <para>For more information about the <command>winbindd</command>
service, refer to <xref linkend="s1-samba-daemons"/>.
+ <para>For more information about the <command>winbindd</command>
service, refer to <xref linkend="s2-samba-daemons"/>.
</para>
<indexterm significance="normal">
<primary>
diff --git a/en-US/Dynamic_Host_Configuration_Protocol_DHCP.xml b/en-US/DHCP_Servers.xml
similarity index 99%
rename from en-US/Dynamic_Host_Configuration_Protocol_DHCP.xml
rename to en-US/DHCP_Servers.xml
index 0ebc2ca..87723dd 100644
--- a/en-US/Dynamic_Host_Configuration_Protocol_DHCP.xml
+++ b/en-US/DHCP_Servers.xml
@@ -1,9 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
- id="ch-Dynamic_Host_Configuration_Protocol_DHCP">
- <title>Dynamic Host Configuration Protocol (DHCP)</title>
+<chapter id="ch-DHCP_Servers">
+ <title>DHCP Servers</title>
<indexterm
significance="normal">
<primary>DHCP</primary>
@@ -251,7 +250,7 @@ group {
<para>To start the DHCP service, use the command <command>/sbin/service
dhcpd start</command>. To stop the DHCP server, use the command
<command>/sbin/service dhcpd stop</command>.</para>
<para>
By default, the DHCP service does not start at boot time. To configure the daemon to
start automatically at boot time, refer to <xref
- linkend="ch-Controlling_Access_to_Services"/>.</para>
+ linkend="ch-Services_and_Daemons" />.</para>
<indexterm
significance="normal">
<primary>
@@ -374,7 +373,7 @@ ONBOOT=yes
</listitem>
</itemizedlist>
<para>If you prefer using a graphical interface, refer to <xref
- linkend="ch-Network_Configuration"/> for instructions on using the
<application>Network Administration Tool</application> to configure a network
interface to use DHCP.</para>
+ linkend="ch-NetworkManager" /> for instructions on using the
<application>Network Administration Tool</application> to configure a network
interface to use DHCP.</para>
<note>
<title>Tip</title>
<para>For advanced configurations of client DHCP options such as protocol
timing, lease requirements and requests, dynamic DNS support, aliases, as well as a wide
variety of values to override, prepend, or append to client-side configurations, refer to
the <command>dhclient</command> and
<command>dhclient.conf</command> man pages.</para>
diff --git a/en-US/DNS_Servers.xml b/en-US/DNS_Servers.xml
new file mode 100644
index 0000000..82fc818
--- /dev/null
+++ b/en-US/DNS_Servers.xml
@@ -0,0 +1,176 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+%BOOK_ENTITIES;
+]>
+<chapter id="ch-DNS_Servers">
+ <title>DNS Servers</title>
+ <indexterm>
+ <primary>DNS</primary>
+ <secondary>definition</secondary>
+ <seealso>BIND</seealso>
+ </indexterm>
+ <indexterm>
+ <primary>nameserver</primary>
+ <see>DNS</see>
+ </indexterm>
+ <para>
+ <systemitem class="protocol">DNS</systemitem> (Domain Name
System), also known as a <firstterm>nameserver</firstterm>, is a network
system that associates hostnames with their respective IP addresses. For users, this has
the advantage that they can refer to machines on the network by names that are usually
easier to remember than the numerical network addresses. For system administrators, using
the nameserver allows them to change the IP address for a host without ever affecting the
name-based queries, or to decide which machines handle these queries.
+ </para>
+ <section id="s1-Introduction_to_DNS">
+ <title>Introduction to DNS</title>
+ <indexterm>
+ <primary>root nameserver</primary>
+ <see>BIND</see>
+ </indexterm>
+ <para>
+ DNS is usually implemented using one or more centralized servers that are
authoritative for certain domains. When a client host requests information from a
nameserver, it usually connects to port 53. The nameserver then attempts to resolve the
name requested. If it does not have an authoritative answer, or does not already have the
answer cached from an earlier query, it queries other nameservers, called
<firstterm>root nameservers</firstterm>, to determine which nameservers are
authoritative for the name in question, and then queries them to get the requested name.
+ </para>
+ <section id="s2-dns-introduction-zones">
+ <title>Nameserver Zones</title>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>resource record</secondary>
+ </indexterm>
+ <indexterm>
+ <primary>resource record</primary>
+ <see>BIND</see>
+ </indexterm>
+ <indexterm>
+ <primary>fully qualified domain name</primary>
+ </indexterm>
+ <indexterm>
+ <primary><acronym>FQDN</acronym></primary>
+ <see>fully qualified domain name</see>
+ </indexterm>
+ <para>
+ In a DNS server such as BIND, all information is stored in basic data elements
called <firstterm>resource records</firstterm> (RR). The resource record is
usually a <firstterm>fully qualified domain name</firstterm> (FQDN) of a host,
and is broken down into multiple sections organized into a tree-like hierarchy. This
hierarchy consists of a main trunk, primary branches, secondary branches, and so on.
+ </para>
+ <example id="example-dns-introduction-zones-rr">
+ <title>A simple resource record</title>
+ <screen>bob.sales.example.com</screen>
+ </example>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>zones</secondary>
+ <tertiary>description</tertiary>
+ </indexterm>
+ <para>
+ Each level of the hierarchy is divided by a period (that is,
<literal>.</literal>). In <xref
linkend="example-dns-introduction-zones-rr" />,
<literal>com</literal> defines the <firstterm>top-level
domain</firstterm>, <literal>example</literal> its subdomain, and
<literal>sales</literal> the subdomain of
<literal>example</literal>. In this case, <literal>bob</literal>
identifies a resource record that is part of the <systemitem
class="domainname">sales.example.com</systemitem> domain. With the
exception of the part furthest to the left (that is, <literal>bob</literal>),
each of these sections is called a <firstterm>zone</firstterm> and defines a
specific <firstterm>namespace</firstterm>.
+ </para>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>types</secondary>
+ <tertiary>primary (master) nameserver</tertiary>
+ </indexterm>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>types</secondary>
+ <tertiary>secondary (slave) nameserver</tertiary>
+ </indexterm>
+ <para>
+ Zones are defined on authoritative nameservers through the use of
<firstterm>zone files</firstterm>, which contain definitions of the resource
records in each zone. Zone files are stored on <firstterm>primary
nameservers</firstterm> (also called <firstterm>master
nameservers</firstterm>), where changes are made to the files, and
<firstterm>secondary nameservers</firstterm> (also called
<firstterm>slave nameservers</firstterm>), which receive zone definitions from
the primary nameservers. Both primary and secondary nameservers are authoritative for the
zone and look the same to clients. Depending on the configuration, any nameserver can also
serve as a primary or secondary server for multiple zones at the same time.
+ </para>
+ </section>
+ <section id="s2-dns-introduction-nameservers">
+ <title>Nameserver Types</title>
+ <para>
+ There are two nameserver configuration types:
+ </para>
+ <variablelist>
+ <varlistentry>
+ <term>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>types</secondary>
+ <tertiary>authoritative nameserver</tertiary>
+ </indexterm>
+ <indexterm>
+ <primary>authoritative nameserver</primary>
+ <see>BIND</see>
+ </indexterm>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>types</secondary>
+ <tertiary>primary (master) nameserver</tertiary>
+ </indexterm>
+ <indexterm>
+ <primary>primary nameserver</primary>
+ <see>BIND</see>
+ </indexterm>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>types</secondary>
+ <tertiary>secondary (slave) nameserver</tertiary>
+ </indexterm>
+ <indexterm>
+ <primary>secondary nameserver</primary>
+ <see>BIND</see>
+ </indexterm>
+ authoritative
+ </term>
+ <listitem>
+ <para>
+ Authoritative nameservers answer to resource records that are part of their
zones only. This category includes both primary (master) and secondary (slave)
nameservers.
+ </para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>types</secondary>
+ <tertiary>recursive nameserver</tertiary>
+ </indexterm>
+ <indexterm>
+ <primary>recursive nameserver</primary>
+ <see>BIND</see>
+ </indexterm>
+ recursive
+ </term>
+ <listitem>
+ <para>
+ Recursive nameservers offer resolution services, but they are not
authoritative for any zone. Answers for all resolutions are cached in a memory for a fixed
period of time, which is specified by the retrieved resource record.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ <para>
+ Although a nameserver can be both authoritative and recursive at the same time,
it is recommended not to combine the configuration types. To be able to perform their
work, authoritative servers should be available to all clients all the time. On the other
hand, since the recursive lookup takes far more time than authoritative responses,
recursive servers should be available to a restricted number of clients only, otherwise
they are prone to distributed denial of service (DDoS) attacks.
+ </para>
+ </section>
+ <section id="s2-dns-introduction-bind">
+ <title>BIND as a Nameserver</title>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>utilities</secondary>
+ <tertiary><systemitem
class="service">named</systemitem></tertiary>
+ </indexterm>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>utilities</secondary>
+ <tertiary><command>rndc</command></tertiary>
+ </indexterm>
+ <indexterm>
+ <primary>BIND</primary>
+ <secondary>utilities</secondary>
+ <tertiary><command>dig</command></tertiary>
+ </indexterm>
+ <indexterm>
+ <primary><systemitem
class="service">named</systemitem></primary>
+ <see>BIND</see>
+ </indexterm>
+ <indexterm>
+ <primary><command>rndc</command></primary>
+ <see>BIND</see>
+ </indexterm>
+ <indexterm>
+ <primary><command>dig</command></primary>
+ <see>BIND</see>
+ </indexterm>
+ <para>
+ BIND consists of a set of DNS-related programs. It contains a monolithic
nameserver called <systemitem class="service">named</systemitem>, an
administration utility called <command>rndc</command>, and a debugging tool
called <command>dig</command>. Refer to <xref
linkend="ch-Services_and_Daemons" /> for more information on how to run a
service in &MAJOROS;.
+ </para>
+ </section>
+ </section>
+ <xi:include href="BIND.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+</chapter>
diff --git a/en-US/Date_and_Time_Configuration.xml
b/en-US/Date_and_Time_Configuration.xml
index b9b55f7..f0ce8ec 100644
--- a/en-US/Date_and_Time_Configuration.xml
+++ b/en-US/Date_and_Time_Configuration.xml
@@ -1,7 +1,7 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="chap-Date_and_Time_Configuration">
+<chapter id="ch-Date_and_Time_Configuration">
<title>Date and Time Configuration</title>
<para>
This chapter covers setting the system date and time in &MAJOROS;, both manually
and using the Network Time Protocol (<abbrev>NTP</abbrev>), as well as setting
the adequate time zone. Two methods are covered: setting the date and time using the
<application>Date/Time Properties</application> tool, and doing so on the
command line.
@@ -294,7 +294,7 @@ Wed Jun 2 11:58:48 CEST 2010</screen>
</para>
<screen>~]# <command>chkconfig ntpdate
on</command></screen>
<para>
- For more information about system services and their setup, see <xref
linkend="ch-Controlling_Access_to_Services" />.
+ For more information about system services and their setup, see <xref
linkend="ch-Services_and_Daemons" />.
</para>
<note>
<title>Note</title>
diff --git a/en-US/Deployment_Guide.xml b/en-US/Deployment_Guide.xml
index 64896c2..c0c3c2f 100644
--- a/en-US/Deployment_Guide.xml
+++ b/en-US/Deployment_Guide.xml
@@ -1,158 +1,101 @@
-<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<book
- status="draft">
- <xi:include
- href="Book_Info.xml"
-
xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <xi:include
- href="Preface.xml"
-
xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <!-- DEPLOYMENT GUIDE CONTENT -->
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Introduction.xml"/>
- <part
- id="pt-pkg-management">
+<book status="draft">
+ <!-- TITLE PAGE -->
+ <xi:include href="Book_Info.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <!-- FRONT MATTER -->
+ <xi:include href="Preface.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Introduction.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <!-- MAIN CONTENT -->
+ <part id="part-Basic_System_Configuration">
+ <title>Basic System Configuration</title>
+ <partintro>
+ <para>
+ This part covers basic system administration tasks such as keyboard
configuration, date and time configuration, and managing users and groups.
+ </para>
+ </partintro>
+ <xi:include href="Keyboard_Configuration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Date_and_Time_Configuration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Managing_Users_and_Groups.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <!-- Gaining Privileges -->
+ </part>
+ <part id="part-Package_Management">
<title>Package Management</title>
<partintro>
- <para>All software on a &MAJOROS; system is divided into RPM packages,
which can be installed, upgraded, or removed. This part describes how to manage packages
on &MAJOROS; using the <application>Yum</application> and
<application>RPM</application> package managers and the
<application>PackageKit</application> suite of graphical package management
tools.</para>
+ <para>
+ All software on a &MAJOROS; system is divided into RPM packages, which can be
installed, upgraded, or removed. This part describes how to manage packages on
&MAJOROS; using the <application>Yum</application> and the
<application>PackageKit</application> suite of graphical package management
tools.
+ </para>
+ </partintro>
+ <!-- Product Subscriptions and Entitlements -->
+ <xi:include href="Yum.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="PackageKit.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ </part>
+ <part id="part-Networking">
+ <title>Networking</title>
+ <partintro>
+ <para>
+ This part describes how to configure the network on &MAJOROS;.
+ </para>
</partintro>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Yum.xml" />
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="PackageKit.xml" />
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="RPM.xml"/>
- <!-- RHEL6: silas: removing outdated RHEL5 RHN chapter: see bug 618878 for
replacement chapter progress
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Red_Hat_Network.xml"/>-->
+ <xi:include href="NetworkManager.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Network_Interfaces.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
- <part
- id="pt-network-related-config">
- <title>Network-Related Configuration</title>
+ <part id="part-Infrastructure_Services">
+ <title>Infrastructure Services</title>
<partintro>
- <para>After explaining how to configure the network, this part discusses
topics related to networking such as how to allow remote logins, share files and
directories over the network, and set up a Web server.</para>
+ <para>
+ This part provides information how to configure services and daemons, configure
authentication, and enable remote logins.
+ </para>
</partintro>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Network_Interfaces.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Network_Configuration.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Controlling_Access_to_Services.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="The_BIND_DNS_Server.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="OpenSSH.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Samba.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Dynamic_Host_Configuration_Protocol_DHCP.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="The_Apache_HTTP_Server.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="FTP.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Email.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Lightweight_Directory_Access_Protocol_LDAP.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Authentication_Configuration.xml"/>
+ <xi:include href="Services_and_Daemons.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Configuring_Authentication.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="OpenSSH.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
- <part
- id="pt-sysconfig">
- <title>System Configuration</title>
+ <part id="part-Servers">
+ <title>Servers</title>
<partintro>
- <para>Part of a system administrator's job is configuring the system for
various tasks, types of users, and hardware configurations. This section explains how to
configure a &MAJOROS; system.</para>
+ <para>
+ This part discusses various topics related to servers such as how to set up a Web
server or share files and directories over the network.
+ </para>
</partintro>
- <!-- RHEL6: silas: removing the Console Access chapter as per BZ#561643
- This chapter will be replaced by one or more (of a combination of) ConsoleKit,
PolicyKit and sudo chapters/sections (bugs 617222, 617221, 617224)
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Console_Access.xml"/>-->
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="The_proc_File_System.xml" />
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="The_sysconfig_Directory.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Date_and_Time_Configuration.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Keyboard_Configuration.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="The_X_Window_System.xml"/>
- <!--<xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Configuring_the_X_Window_System.xml"/>-->
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Users_and_Groups.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Printer_Configuration.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Automated_Tasks.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Log_Files.xml"/>
+ <xi:include href="DHCP_Servers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="DNS_Servers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Web_Servers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Mail_Servers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Directory_Servers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="File_and_Print_Servers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
- <part
- id="pt-system-monitoring">
- <title>System Monitoring</title>
+ <part id="part-Monitoring_and_Automation">
+ <title>Monitoring and Automation</title>
<partintro>
- <para>System administrators also monitor system performance. &MAJOROS;
contains tools to assist administrators with these tasks.</para>
+ <para>
+ This part describes various tools that allow system administrators to monitor
system performance, automate system tasks, and report bugs.
+ </para>
</partintro>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Gathering_System_Information.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="OProfile.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="ABRT.xml" />
+ <xi:include href="System_Monitoring_Tools.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Viewing_and_Managing_Log_Files.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Automating_System_Tasks.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Automatic_Bug_Reporting_Tool_ABRT.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="OProfile.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
- <part
- id="pt-kernel-configuration">
- <title>Kernel and Driver Configuration</title>
+ <part id="part-Kernel_Module_and_Driver_Configuration">
+ <title>Kernel, Module and Driver Configuration</title>
<partintro>
- <para>System administrators can learn about and customize their kernels.
&MAJOROS; contains kernel tools to assist administrators with their
customizations.</para>
+ <para>
+ This part covers various tools that assist administrators with kernel
customization.
+ </para>
</partintro>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Manually_Upgrading_the_Kernel.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="Working_with_Kernel_Modules.xml"/>
- <xi:include
-
xmlns:xi="http://www.w3.org/2001/XInclude"
- href="The_kdump_Crash_Recovery_Service.xml"/>
+ <xi:include href="Manually_Upgrading_the_Kernel.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Working_with_Kernel_Modules.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="The_kdump_Crash_Recovery_Service.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
</part>
- <!-- END OF DEPLOYMENT GUIDE CONTENT -->
- <xi:include
- href="Revision_History.xml"
-
xmlns:xi="http://www.w3.org/2001/XInclude"></xi:include>
- <index></index>
+ <!-- APPENDIXES -->
+ <xi:include href="RPM.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="The_X_Window_System.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="The_sysconfig_Directory.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="The_proc_File_System.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Revision_History.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <!-- INDEX -->
+ <index />
</book>
diff --git a/en-US/Directory_Servers.xml b/en-US/Directory_Servers.xml
new file mode 100644
index 0000000..22a3095
--- /dev/null
+++ b/en-US/Directory_Servers.xml
@@ -0,0 +1,8 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+<chapter id="ch-Directory-Servers">
+ <title>Directory Servers</title>
+ <!-- TODO: Write an introduction. -->
+ <xi:include href="OpenLDAP.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+</chapter>
diff --git a/en-US/FTP.xml b/en-US/FTP.xml
index a1e57f2..c056bf1 100644
--- a/en-US/FTP.xml
+++ b/en-US/FTP.xml
@@ -1,8 +1,7 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
- id="ch-FTP">
+<section id="s1-FTP">
<title>FTP</title>
<indexterm
significance="normal">
@@ -19,7 +18,7 @@
<para><firstterm>File Transfer Protocol</firstterm> (<systemitem
class="protocol">FTP</systemitem>) is one of the oldest and most
commonly used protocols found on the Internet today. Its purpose is to reliably transfer
files between computer hosts on a network without requiring the user to log directly into
the remote host or have knowledge of how to use the remote system. It allows users to
access files on remote systems using a standard set of simple commands.</para>
<para>This chapter outlines the basics of the <systemitem
class="protocol">FTP</systemitem> protocol, as well as configuration
options for the primary <systemitem
class="protocol">FTP</systemitem> server shipped with &MAJOROS;,
<firstterm><command>vsftpd</command></firstterm>.</para>
<section
- id="s1-ftp-protocol">
+ id="s2-ftp-protocol">
<title>The File Transfer Protocol</title>
<indexterm
significance="normal">
@@ -39,7 +38,7 @@
-->
<para>However, because <systemitem
class="protocol">FTP</systemitem> is so prevalent on the Internet, it
is often required to share files to the public. System administrators, therefore, should
be aware of the <systemitem class="protocol">FTP</systemitem>
protocol's unique characteristics.</para>
<section
- id="s2-ftp-protocol-multiport">
+ id="s3-ftp-protocol-multiport">
<title>Multiple Ports, Multiple Modes</title>
<indexterm
significance="normal">
@@ -75,14 +74,14 @@
<listitem>
<para>Passive mode, like active mode, is initiated by the
<systemitem class="protocol">FTP</systemitem> client application.
When requesting data from the server, the <systemitem
class="protocol">FTP</systemitem> client indicates it wants to access
the data in passive mode and the server provides the <systemitem
class="protocol">IP</systemitem> address and a random, unprivileged
port (greater than <constant>1024</constant>) on the server. The client then
connects to that port on the server to download the requested information.</para>
<para>While passive mode resolves issues for client-side firewall
interference with data connections, it can complicate administration of the server-side
firewall. You can reduce the number of open ports on a server by limiting the range of
unprivileged ports on the <systemitem
class="protocol">FTP</systemitem> server. This also simplifies the
process of configuring firewall rules for the server. Refer to <xref
- linkend="s2-ftp-vsftpd-conf-opt-net"/> for more information
about limiting passive ports.</para>
+ linkend="s3-ftp-vsftpd-conf-opt-net"/> for more information
about limiting passive ports.</para>
</listitem>
</varlistentry>
</variablelist>
</section>
</section>
<section
- id="s1-ftp-servers">
+ id="s2-ftp-servers">
<title>FTP Servers</title>
<indexterm
significance="normal">
@@ -127,7 +126,7 @@
</listitem>
</itemizedlist>
<section
- id="s2-ftp-servers-vsftpd">
+ id="s3-ftp-servers-vsftpd">
<title>
<command>vsftpd</command>
</title>
@@ -169,7 +168,7 @@
</section>
</section>
<section
- id="s2-ftp-vsftpd-conf">
+ id="s3-ftp-vsftpd-conf">
<title>Files Installed with <command>vsftpd</command>
</title>
<indexterm
@@ -185,7 +184,7 @@
<listitem>
<para>
<filename>/etc/rc.d/init.d/vsftpd</filename> — The
<emphasis>initialization script</emphasis>
(<firstterm>initscript</firstterm>) used by the
<command>/sbin/service</command> command to start, stop, or reload
<command>vsftpd</command>. Refer to <xref
- linkend="s1-ftp-vsftpd-start"/> for more information about using
this script.</para>
+ linkend="s2-ftp-vsftpd-start"/> for more information about using
this script.</para>
</listitem>
<listitem>
<para>
@@ -194,7 +193,7 @@
<listitem>
<para>
<filename>/etc/vsftpd/vsftpd.conf</filename> — The configuration
file for <command>vsftpd</command>. Refer to <xref
- linkend="s1-ftp-vsftpd-conf"/> for a list of important options
contained within this file.</para>
+ linkend="s2-ftp-vsftpd-conf"/> for a list of important options
contained within this file.</para>
</listitem>
<listitem>
<para>
@@ -211,7 +210,7 @@
</itemizedlist>
</section>
<section
- id="s1-ftp-vsftpd-start">
+ id="s2-ftp-vsftpd-start">
<title>Starting and Stopping <command>vsftpd</command>
</title>
<indexterm
@@ -270,9 +269,9 @@
</screen>
<para>
By default, the <command>vsftpd</command> service does
<emphasis>not</emphasis> start automatically at boot time. To configure the
<command>vsftpd</command> service to start at boot time, use an initscript
utility, such as <command>/sbin/chkconfig</command>,
<application>/usr/sbin/ntsysv</application>, or the
<application>Services Configuration Tool</application> program. Refer to
<xref
- linkend="ch-Controlling_Access_to_Services"/> for more information
regarding these tools.</para>
+ linkend="ch-Services_and_Daemons" /> for more information regarding
these tools.</para>
<section
- id="s2-ftp-vsftpd-start-multi">
+ id="s3-ftp-vsftpd-start-multi">
<title>Starting Multiple Copies of <command>vsftpd</command>
</title>
<indexterm
@@ -290,13 +289,13 @@
<secondary>multihome configuration</secondary>
</indexterm>
<para>Sometimes one computer is used to serve multiple <systemitem
class="protocol">FTP</systemitem> domains. This is a technique called
<firstterm>multihoming</firstterm>. One way to multihome using
<command>vsftpd</command> is by running multiple copies of the daemon, each
with its own configuration file.</para>
- <para>To do this, first assign all relevant <systemitem
class="protocol">IP</systemitem> addresses to network devices or alias
network devices on the system. Refer to <xref
linkend="ch-Network_Configuration"/> for more information about configuring
network devices and device aliases. Additional information about network configuration
scripts can be found in <xref
linkend="ch-Network_Interfaces"/>.</para>
- <para>Next, the DNS server for the <systemitem
class="protocol">FTP</systemitem> domains must be configured to
reference the correct machine. For information about BIND and its configuration files,
refer to <xref linkend="ch-The_BIND_DNS_Server"/>.</para>
+ <para>To do this, first assign all relevant <systemitem
class="protocol">IP</systemitem> addresses to network devices or alias
network devices on the system. Refer to <xref linkend="ch-NetworkManager"
/> for more information about configuring network devices and device aliases.
Additional information about network configuration scripts can be found in <xref
linkend="ch-Network_Interfaces"/>.</para>
+ <para>Next, the DNS server for the <systemitem
class="protocol">FTP</systemitem> domains must be configured to
reference the correct machine. For information about BIND and its configuration files,
refer to <xref linkend="s1-BIND" />.</para>
<para>
If there is more configuration files present in the
<filename>/etc/vsftpd</filename> directory, calling
<command>service vsftpd start</command> results in the
<filename>/etc/rc.d/init.d/vsftpd</filename> initscript starting the same
number of processes as the number of configuration files. Each configuration file must
have a unique name in the <filename>/etc/vsftpd/</filename> directory and must
be readable and writable only by root.
</para>
<!-- <para>For <command>vsftpd</command> to answer requests on
different <systemitem class="protocol">IP</systemitem> addresses,
multiple copies of the daemon must be running. The first copy must be run using the
<command>vsftpd</command> initscripts, as outlined in <xref
- linkend="s1-ftp-vsftpd-start"/>. This copy uses the standard
configuration file,
<filename>/etc/vsftpd/vsftpd.conf</filename>.</para>
+ linkend="s2-ftp-vsftpd-start"/>. This copy uses the standard
configuration file,
<filename>/etc/vsftpd/vsftpd.conf</filename>.</para>
<para>Each additional <systemitem
class="protocol">FTP</systemitem> site must have a configuration file
with a unique name in the <filename>/etc/vsftpd/</filename> directory, such as
<filename>/etc/vsftpd/vsftpd-site-2.conf</filename>. Each configuration file
must be readable and writable only by root. Within each configuration file for each
<systemitem class="protocol">FTP</systemitem> server listening on an
<systemitem class="protocol">IPv4</systemitem> network, the
following directive must be unique:</para>
<screen>
<command>listen_address=<replaceable><N.N.N.N></replaceable>
@@ -333,12 +332,12 @@
</listitem>
</itemizedlist>
<para>For a detailed list of directives available within
<command>vsftpd</command>'s configuration file, refer to <xref
- linkend="s1-ftp-vsftpd-conf"/>.</para>
+ linkend="s2-ftp-vsftpd-conf"/>.</para>
<para>To configure any additional servers to start automatically at boot
time, add the above command to the end of the
<filename>/etc/rc.local</filename> file.</para> -->
</section>
</section>
<section
- id="s1-ftp-vsftpd-conf">
+ id="s2-ftp-vsftpd-conf">
<title>
<command>vsftpd</command> Configuration Options</title>
<indexterm
@@ -377,7 +376,7 @@
</important>
<para>The following is a list of some of the more important directives within
<filename>/etc/vsftpd/vsftpd.conf</filename>. All directives not explicitly
found or commented out within <command>vsftpd</command>'s configuration
file are set to their default value.</para>
<section
- id="s2-ftp-vsftpd-conf-opt-daemon">
+ id="s3-ftp-vsftpd-conf-opt-daemon">
<title>Daemon Options</title>
<indexterm
significance="normal">
@@ -407,7 +406,7 @@
</itemizedlist>
</section>
<section
- id="s2-ftp-vsftpd-conf-opt-login">
+ id="s3-ftp-vsftpd-conf-opt-login">
<title>Log In Options and Access Controls</title>
<indexterm
significance="normal">
@@ -432,7 +431,7 @@
<command>anonymous_enable</command> — When enabled, anonymous
users are allowed to log in. The usernames
<computeroutput>anonymous</computeroutput> and
<computeroutput>ftp</computeroutput> are accepted.</para>
<para>The default value is
<command>YES</command>.</para>
<para>Refer to <xref
- linkend="s2-ftp-vsftpd-conf-opt-anon"/> for a list of
directives affecting anonymous users.</para>
+ linkend="s3-ftp-vsftpd-conf-opt-anon"/> for a list of
directives affecting anonymous users.</para>
</listitem>
<listitem>
<para>
@@ -464,7 +463,7 @@
<command>local_enable</command> — When enabled, local users are
allowed to log into the system.</para>
<para>The default value is
<command>YES</command>.</para>
<para>Refer to <xref
- linkend="s2-ftp-vsftpd-conf-opt-usr"/> for a list of
directives affecting local users.</para>
+ linkend="s3-ftp-vsftpd-conf-opt-usr"/> for a list of
directives affecting local users.</para>
</listitem>
<listitem>
<para>
@@ -509,7 +508,7 @@
</itemizedlist>
</section>
<section
- id="s2-ftp-vsftpd-conf-opt-anon">
+ id="s3-ftp-vsftpd-conf-opt-anon">
<title>Anonymous User Options</title>
<indexterm
significance="normal">
@@ -560,7 +559,7 @@
</itemizedlist>
</section>
<section
- id="s2-ftp-vsftpd-conf-opt-usr">
+ id="s3-ftp-vsftpd-conf-opt-usr">
<title>Local User Options</title>
<indexterm
significance="normal">
@@ -630,7 +629,7 @@
</itemizedlist>
</section>
<section
- id="s2-ftp-vsftpd-conf-opt-dir">
+ id="s3-ftp-vsftpd-conf-opt-dir">
<title>Directory Options</title>
<indexterm
significance="normal">
@@ -680,7 +679,7 @@
</itemizedlist>
</section>
<section
- id="s2-ftp-vsftpd-conf-opt-file">
+ id="s3-ftp-vsftpd-conf-opt-file">
<title>File Transfer Options</title>
<indexterm
significance="normal">
@@ -715,7 +714,7 @@
</itemizedlist>
</section>
<section
- id="s2-ftp-vsftpd-conf-opt-log">
+ id="s3-ftp-vsftpd-conf-opt-log">
<title>Logging Options</title>
<indexterm
significance="normal">
@@ -771,7 +770,7 @@
</important>
</section>
<section
- id="s2-ftp-vsftpd-conf-opt-net">
+ id="s3-ftp-vsftpd-conf-opt-net">
<title>Network Options</title>
<indexterm
significance="normal">
@@ -825,7 +824,7 @@
<note>
<title>Tip</title>
<para>If running multiple copies of
<command>vsftpd</command> serving different <systemitem
class="protocol">IP</systemitem> addresses, the configuration file for
each copy of the <command>vsftpd</command> daemon must have a different value
for this directive. Refer to <xref
- linkend="s2-ftp-vsftpd-start-multi"/> for more information
about multihomed <systemitem class="protocol">FTP</systemitem>
servers.</para>
+ linkend="s3-ftp-vsftpd-start-multi"/> for more information
about multihomed <systemitem class="protocol">FTP</systemitem>
servers.</para>
</note>
</listitem>
<listitem>
@@ -835,7 +834,7 @@
<note>
<title>Tip</title>
<para>If running multiple copies of
<command>vsftpd</command> serving different <systemitem
class="protocol">IP</systemitem> addresses, the configuration file for
each copy of the <command>vsftpd</command> daemon must have a different value
for this directive. Refer to <xref
- linkend="s2-ftp-vsftpd-start-multi"/> for more information
about multihomed <systemitem class="protocol">FTP</systemitem>
servers.</para>
+ linkend="s3-ftp-vsftpd-start-multi"/> for more information
about multihomed <systemitem class="protocol">FTP</systemitem>
servers.</para>
</note>
</listitem>
<listitem>
@@ -896,7 +895,7 @@
</section>
</section>
<section
- id="s1-ftp-resources">
+ id="s2-ftp-resources">
<title>Additional Resources</title>
<indexterm
significance="normal">
@@ -907,7 +906,7 @@
</indexterm>
<para>For more information about <command>vsftpd</command>, refer
to the following resources.</para>
<section
- id="s2-ftp-installed-documentation">
+ id="s3-ftp-installed-documentation">
<title>Installed Documentation</title>
<indexterm
significance="normal">
@@ -956,7 +955,7 @@
</itemizedlist>
</section>
<section
- id="s2-ftp-useful-websites">
+ id="s3-ftp-useful-websites">
<title>Useful Websites</title>
<indexterm
significance="normal">
@@ -985,4 +984,4 @@
</itemizedlist>
</section>
</section>
-</chapter>
+</section>
diff --git a/en-US/File_and_Print_Servers.xml b/en-US/File_and_Print_Servers.xml
new file mode 100644
index 0000000..7024c5a
--- /dev/null
+++ b/en-US/File_and_Print_Servers.xml
@@ -0,0 +1,8 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<chapter id="ch-File_and_Print_Servers">
+ <title>File and Print Servers</title>
+ <!-- TODO: Write a proper introduction. -->
+ <xi:include href="Samba.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="FTP.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+ <xi:include href="Printer_Configuration.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+</chapter>
diff --git a/en-US/Introduction.xml b/en-US/Introduction.xml
index e7270f7..f2aec5b 100644
--- a/en-US/Introduction.xml
+++ b/en-US/Introduction.xml
@@ -1,67 +1,88 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<preface
- id="ch-intro">
+<preface id="ch-intro">
<title>Introduction</title>
- <indexterm
- significance="normal">
+ <indexterm significance="normal">
<primary>introduction</primary>
</indexterm>
- <para>Welcome to the <citetitle>&MAJOROSVER; Deployment
Guide</citetitle>.</para>
- <para>The <citetitle>Deployment Guide</citetitle> contains
information on how to customize your &MAJOROSVER; system to fit your needs. If you are
looking for a comprehensive, task-oriented guide for configuring and customizing your
system, this is the manual for you.</para>
- <para>This manual discusses many intermediate topics such as the
following:</para>
+ <para>
+ Welcome to the <citetitle>&MAJOROSVER; Deployment Guide</citetitle>.
+ </para>
+ <para>
+ The <citetitle>Deployment Guide</citetitle> contains information on how
to customize your &MAJOROSVER; system to fit your needs. If you are looking for a
comprehensive, task-oriented guide for configuring and customizing your system, this is
the manual for you.
+ </para>
+ <para>
+ This manual discusses many intermediate topics such as the following:
+ </para>
<itemizedlist>
<listitem>
- <para>Installing and managing packages using the graphical
<application>PackageKit</application> and command line
<application>Yum</application> package managers</para>
+ <para>
+ Installing and managing packages using the graphical
<application>PackageKit</application> and command line
<application>Yum</application> package managers
+ </para>
</listitem>
<listitem>
- <para>Setting up a network—from establishing an Ethernet connection using
<application>NetworkManager</application> to configuring channel bonding
interfaces to increase server bandwidth</para>
+ <para>
+ Setting up a network—from establishing an Ethernet connection using
<application>NetworkManager</application> to configuring channel bonding
interfaces to increase server bandwidth
+ </para>
</listitem>
<listitem>
- <para>Configuring <systemitem
class="service">DHCP</systemitem>,
<application>BIND</application>,
<application>Apache</application>,
<application>Postfix</application>,
<application>Sendmail</application> and other enterprise-class servers and
software</para>
+ <para>
+ Configuring <systemitem class="service">DHCP</systemitem>,
<application>BIND</application>,
<application>Apache</application>,
<application>Postfix</application>,
<application>Sendmail</application> and other enterprise-class servers and
software
+ </para>
</listitem>
<listitem>
- <para>Gathering information about your system, including obtaining user-space
crash data with the <application>Automatic Bug Reporting Tool</application>,
and kernel-space crash data with <systemitem
- class="service">kdump</systemitem></para>
+ <para>
+ Gathering information about your system, including obtaining user-space crash
data with the <application>Automatic Bug Reporting Tool</application>, and
kernel-space crash data with <systemitem
class="service">kdump</systemitem>
+ </para>
</listitem>
<listitem>
- <para>Easily working with kernel modules and upgrading the
kernel</para>
+ <para>
+ Easily working with kernel modules and upgrading the kernel
+ </para>
</listitem>
</itemizedlist>
- <para>This manual is divided into the following main categories:</para>
+ <para>
+ This manual is divided into the following main categories:
+ </para>
<itemizedlist>
<listitem>
<para>
- <xref
- linkend="pt-pkg-management"/>
+ <xref linkend="part-Basic_System_Configuration" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <xref linkend="part-Package_Management" />
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <xref linkend="part-Networking" />
</para>
</listitem>
<listitem>
<para>
- <xref
- linkend="pt-network-related-config"/>
+ <xref linkend="part-Infrastructure_Services" />
</para>
</listitem>
<listitem>
<para>
- <xref
- linkend="pt-sysconfig"/>
+ <xref linkend="part-Servers" />
</para>
</listitem>
<listitem>
<para>
- <xref
- linkend="pt-system-monitoring"/>
+ <xref linkend="part-Monitoring_and_Automation" />
</para>
</listitem>
<listitem>
<para>
- <xref
- linkend="pt-kernel-configuration"/>
+ <xref linkend="part-Kernel_Module_and_Driver_Configuration" />
</para>
</listitem>
</itemizedlist>
- <para>This guide assumes you have a basic understanding of your &MAJOROS;
system. If you need help installing &MAJOROS;, refer to the
<citetitle>&MAJOROSVER; Installation Guide</citetitle>.</para>
-
+ <para>
+ This guide assumes you have a basic understanding of your &MAJOROS; system. If
you need help installing &MAJOROS;, refer to the <citetitle>&MAJOROSVER;
Installation Guide</citetitle>.
+ </para>
</preface>
diff --git a/en-US/Email.xml b/en-US/Mail_Servers.xml
similarity index 99%
rename from en-US/Email.xml
rename to en-US/Mail_Servers.xml
index 1d9a9b8..2e7863c 100644
--- a/en-US/Email.xml
+++ b/en-US/Mail_Servers.xml
@@ -1,9 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
- id="ch-email">
- <title>Email</title>
+<chapter id="ch-Mail_Servers">
+ <title>Mail Servers</title>
<indexterm
significance="normal">
<primary>email</primary>
@@ -386,7 +385,7 @@ search_base = dc=<replaceable>example</replaceable>,
dc=<replaceable>com</replac
The /<filename>etc/postfix/ldap-aliases.cf</filename> file
can specify various parameters, including parameters that enable <systemitem
class="protocol">LDAP</systemitem> <systemitem
class="protocol">SSL</systemitem> and <systemitem
class="protocol">STARTTLS</systemitem>. For more information, refer to
the <command>ldap_table(5)</command> man page.
</para>
</note>
- <para>For more information on <systemitem
class="protocol">LDAP</systemitem>, refer to <xref
linkend="ch-Lightweight_Directory_Access_Protocol_LDAP"/>.
+ <para>For more information on <systemitem
class="protocol">LDAP</systemitem>, refer to <xref
linkend="s1-OpenLDAP" />.
</para>
</section>
</section>
@@ -609,7 +608,7 @@ FEATURE('ldap_routing')dnl
<para>Next, recreate the
<filename>/etc/mail/sendmail.cf</filename> file by running the
<command>m4</command> macro processor and again restarting Sendmail. Refer to
<xref
linkend="s3-email-mta-sendmail-changes"/> for
instructions.</para>
<para>For more information on <systemitem
class="protocol">LDAP</systemitem>, refer to <xref
-
linkend="ch-Lightweight_Directory_Access_Protocol_LDAP"/>.</para>
+ linkend="s1-OpenLDAP" />.</para>
</section>
</section>
<section
@@ -1331,7 +1330,7 @@ poll
mail.domain2.com
<para>To start the <systemitem
class="daemon">spamd</systemitem> daemon, type the following
command:</para>
<screen>~]# <command>service spamassassin
start</command>
</screen>
- <para>To start the SpamAssassin daemon when the system is booted, use an
initscript utility, such as the <application>Services Configuration
Tool</application> (<command>system-config-services</command>), to turn
on the <computeroutput>spamassassin</computeroutput> service. Refer to
<xref linkend="ch-Controlling_Access_to_Services"/> for more information
about starting and stopping services.</para>
+ <para>To start the SpamAssassin daemon when the system is booted, use an
initscript utility, such as the <application>Services Configuration
Tool</application> (<command>system-config-services</command>), to turn
on the <computeroutput>spamassassin</computeroutput> service. Refer to
<xref linkend="ch-Services_and_Daemons" /> for more information about
starting and stopping services.</para>
<para>To configure Procmail to use the SpamAssassin client application
instead of the Perl script, place the following line near the top of the
<filename>~/.procmailrc</filename> file. For a system-wide configuration,
place it in <filename>/etc/procmailrc</filename>:</para>
<screen>
<command>INCLUDERC=/etc/mail/spamassassin/spamassassin-spamc.rc</command>
diff --git a/en-US/Users_and_Groups.xml b/en-US/Managing_Users_and_Groups.xml
similarity index 99%
rename from en-US/Users_and_Groups.xml
rename to en-US/Managing_Users_and_Groups.xml
index e8a33de..7cfef83 100644
--- a/en-US/Users_and_Groups.xml
+++ b/en-US/Managing_Users_and_Groups.xml
@@ -1,8 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="Users_and_Groups">
- <title>Users and Groups</title>
+<chapter id="ch-Managing_Users_and_Groups">
+ <title> Managing Users and Groups</title>
<indexterm significance="normal">
<primary>groups</primary>
<secondary>introducing</secondary>
diff --git a/en-US/Network_Configuration.xml b/en-US/NetworkManager.xml
similarity index 99%
rename from en-US/Network_Configuration.xml
rename to en-US/NetworkManager.xml
index 9b69636..e6c933c 100644
--- a/en-US/Network_Configuration.xml
+++ b/en-US/NetworkManager.xml
@@ -23,9 +23,8 @@ Wired
PPP Settings
IPv4 Settings
-->
-<chapter
- id="ch-Network_Configuration">
- <title>Network Configuration</title>
+<chapter id="ch-NetworkManager">
+ <title>NetworkManager</title>
<para>
<application>NetworkManager</application> is a dynamic network control
and configuration system that attempts to keep network devices and connections up and
active when they are available. <application>NetworkManager</application>
consists of a core daemon, a GNOME Notification Area applet that provides network status
information, and graphical configuration tools that can create, edit and remove
connections and interfaces. <application>NetworkManager</application> can be
used to configure the following types of connections: Ethernet, wireless, mobile broadband
(such as cellular 3G), and <systemitem
class="protocol">DSL</systemitem>
@@ -52,7 +51,7 @@ NetworkManager (pid 1527) is running...
<screen>~]# <command>chkconfig NetworkManager
on</command>
</screen>
<para>For more information on starting, stopping and managing services and
runlevels, refer to <xref
- linkend="ch-Controlling_Access_to_Services"/>.</para>
+ linkend="ch-Services_and_Daemons" />.</para>
</section>
<section
id="sec-Interacting_with_NetworkManager">
diff --git a/en-US/Network_Interfaces.xml b/en-US/Network_Interfaces.xml
index bf84af7..0eba286 100644
--- a/en-US/Network_Interfaces.xml
+++ b/en-US/Network_Interfaces.xml
@@ -114,7 +114,7 @@
role="bold">not</emphasis> be edited manually. <!--
RHEL5: ddomingo(a)redhat.com: string removed as per Harald Hoyer <string> In
addition, any use of the <application>Network Administration
Tool</application> (even launching the application) will override any directives
previously set in
<filename>/etc/sysconfig/network-scripts</filename>.</string>
-->Using only one method for network configuration is strongly encouraged, due to the
risk of configuration deletion.</para>
<para>
For more information about configuring network interfaces using the
<application>Network Administration Tool</application>, refer to <xref
- linkend="ch-Network_Configuration"/>
+ linkend="ch-NetworkManager" />.
</para>
</warning>
</section>
@@ -162,7 +162,7 @@ BOOTPROTO=dhcp
ONBOOT=yes</screen>
<para>
The <application>Network Administration Tool</application>
(<command>system-config-network</command>) is an easy way to make changes to
the various network interface configuration files (refer to <xref
- linkend="ch-Network_Configuration"/> for detailed instructions on
using this tool).</para>
+ linkend="ch-NetworkManager" /> for detailed instructions on using
this tool).</para>
<para>However, it is also possible to manually edit the configuration files
for a given network interface.</para>
<para>Below is a listing of the configurable parameters in an Ethernet
interface configuration file:</para>
<!-- RHEL5: added BONDING_OPTS as per BZ#221423 -->
@@ -525,7 +525,7 @@ BOOTPROTO=dhcp</screen>
<para>This way a user can bring up the <filename>eth0</filename>
interface using the <command>/sbin/ifup eth0-user</command> command because
the configuration options from <filename>ifcfg-eth0</filename> and
<filename>ifcfg-eth0-user</filename> are combined. While this is a very basic
example, this method can be used with a variety of options and interfaces.</para>
<para>
The easiest way to create alias and clone interface configuration files is to use the
graphical <application>Network Administration Tool</application>. For more
information on using this tool, refer to <xref
- linkend="ch-Network_Configuration"/>.</para>
+ linkend="ch-NetworkManager" />.</para>
</section>
<section
id="s2-networkscripts-interfaces-ppp0">
diff --git a/en-US/Lightweight_Directory_Access_Protocol_LDAP.xml b/en-US/OpenLDAP.xml
similarity index 96%
rename from en-US/Lightweight_Directory_Access_Protocol_LDAP.xml
rename to en-US/OpenLDAP.xml
index d1dae92..6c628cf 100644
--- a/en-US/Lightweight_Directory_Access_Protocol_LDAP.xml
+++ b/en-US/OpenLDAP.xml
@@ -1,8 +1,8 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="ch-Lightweight_Directory_Access_Protocol_LDAP">
- <title>Lightweight Directory Access Protocol (LDAP)</title>
+<section id="s1-OpenLDAP">
+ <title>OpenLDAP</title>
<para>
<systemitem class="protocol">LDAP</systemitem> (Lightweight
Directory Access Protocol) is a set of open protocols used to access centrally stored
information over a network. It is based on the <systemitem
class="protocol">X.500</systemitem> standard for directory sharing, but
is less complex and resource-intensive. For this reason, LDAP is sometimes referred to as
<quote>X.500 Lite</quote>.
</para>
@@ -13,9 +13,9 @@
LDAP is commonly used as a virtual phone directory, allowing users to easily access
contact information for other users. Additionally, it can refer a user to another LDAP
servers throughout the world, and thus provide an ad-hoc global repository of information.
However, it is most frequently used within individual organizations such as universities,
government departments, and private companies.
</para>
<para>
- This chapter cover the installation and configuration of <application>OpenLDAP
2.4</application>, an open source implementation of the LDAPv2 and LDAPv3
protocols.
+ This section covers the installation and configuration of <application>OpenLDAP
2.4</application>, an open source implementation of the LDAPv2 and LDAPv3
protocols.
</para>
- <section id="s1-ldap-introduction">
+ <section id="s2-ldap-introduction">
<title>Introduction to LDAP</title>
<para>
Using a client/server architecture, LDAP provides reliable means to create a
central information directory accessible from the network. When a client attempts to
modify information within this directory, the server verifies the user has permission to
make the change, and then adds or updates the entry as requested. To ensure the
communication is secure, the <firstterm>Secure Sockets Layer</firstterm>
(<acronym>SSL</acronym>) or <firstterm>Transport Layer
Security</firstterm> (<acronym>TLS</acronym>) cryptographic protocols
can be used to prevent an attacker from intercepting the transmission.
@@ -23,7 +23,7 @@
<para>
The LDAP server supports several database systems, which gives administrators the
flexibility to choose the best suited solution for the type of information they are
planning to serve. Because of a well-defined client <firstterm>Application
Programming Interface</firstterm> (<acronym>API</acronym>), the number
of applications able to communicate with an LDAP server is numerous, and increasing in
both quantity and quality.
</para>
- <section id="s2-ldap-terminology">
+ <section id="s3-ldap-terminology">
<title>LDAP Terminology</title>
<para>
The following is a list of LDAP-specific terms that are used within this
chapter:
@@ -68,7 +68,7 @@
</varlistentry>
</variablelist>
</section>
- <section id="s2-ldap-features">
+ <section id="s3-ldap-features">
<title>OpenLDAP Features</title>
<para>
The OpenLDAP suite provides a number of important features:
@@ -106,7 +106,7 @@
</listitem>
</itemizedlist>
</section>
- <section id="s2-ldap-setup">
+ <section id="s3-ldap-setup">
<title>OpenLDAP Server Setup</title>
<para>
The typical steps to set up an LDAP server on &MAJOROS; are as follows:
@@ -114,17 +114,17 @@
<procedure>
<step>
<para>
- Install the OpenLDAP suite. Refer to <xref
linkend="s1-ldap-installation" /> for more information on required packages.
+ Install the OpenLDAP suite. Refer to <xref
linkend="s2-ldap-installation" /> for more information on required packages.
</para>
</step>
<step>
<para>
- Edit the LDIF files in the <filename
class="directory">/etc/openldap/slapd.d/</filename> directory as
described in <xref linkend="s1-ldap-configuration" />.
+ Edit the LDIF files in the <filename
class="directory">/etc/openldap/slapd.d/</filename> directory as
described in <xref linkend="s2-ldap-configuration" />.
</para>
</step>
<step>
<para>
- Start the <systemitem
class="service">slapd</systemitem> service as described in <xref
linkend="s1-ldap-running" />.
+ Start the <systemitem
class="service">slapd</systemitem> service as described in <xref
linkend="s2-ldap-running" />.
</para>
</step>
<step>
@@ -140,7 +140,7 @@
</procedure>
</section>
</section>
- <section id="s1-ldap-installation">
+ <section id="s2-ldap-installation">
<title>Installing the OpenLDAP Suite</title>
<para>
The suite of OpenLDAP libraries and tools is provided by the following packages:
@@ -263,7 +263,7 @@
<para>
Note that you must have superuser privileges (that is, you must be logged in as
<systemitem class="username">root</systemitem>) to run this command.
For more information on how to install new packages in &MAJOROS;, refer to <xref
linkend="sec-Installing" />.
</para>
- <section id="s2-ldap-packages-openldap-servers">
+ <section id="s3-ldap-packages-openldap-servers">
<title>Overview of OpenLDAP Server Utilities</title>
<para>
To perform administrative tasks, the
<package>openldap-servers</package> package installs the following utilities
along with the <systemitem class="service">slapd</systemitem>
service:
@@ -385,11 +385,11 @@
<screen>~]# <command>service slapd stop</command>
Stopping slapd: [ OK ]</screen>
<para>
- For more information on how to start, stop, restart, and check the current
status of the <systemitem class="service">slapd</systemitem>
service, refer to <xref linkend="s1-ldap-running" />.
+ For more information on how to start, stop, restart, and check the current
status of the <systemitem class="service">slapd</systemitem>
service, refer to <xref linkend="s2-ldap-running" />.
</para>
</warning>
</section>
- <section id="s2-ldap-packages-openldap-clients">
+ <section id="s3-ldap-packages-openldap-clients">
<title>Overview of OpenLDAP Client Utilities</title>
<para>
The <package>openldap-clients</package> package installs the
following utilities which can be used to add, modify, and delete entries in an LDAP
directory:
@@ -497,14 +497,14 @@ Stopping slapd: [ OK
]</screen>
With the exception of <command>ldapsearch</command>, each of these
utilities is more easily used by referencing a file containing the changes to be made
rather than typing a command for each entry to be changed within an LDAP directory. The
format of such a file is outlined in the man page for each utility.
</para>
</section>
- <section id="s2-ldap-packages-applications">
+ <section id="s3-ldap-packages-applications">
<title>Overview of Common LDAP Client Applications</title>
<para>
Although there are various graphical LDAP clients capable of creating and
modifying directories on the server, none of them is included in &MAJOROS;. Popular
applications that can access directories in a read-only mode include
<application>Mozilla Thunderbird</application>,
<application>Evolution</application>, or
<application>Ekiga</application>.
</para>
</section>
</section>
- <section id="s1-ldap-configuration">
+ <section id="s2-ldap-configuration">
<title>Configuring an OpenLDAP Server</title>
<para>
OpenLDAP configuration files are installed into the
<filename>/etc/openldap/</filename> directory. The following is a brief list
highlighting the most important directories and files:
@@ -556,7 +556,7 @@ Stopping slapd: [ OK
]</screen>
Note that OpenLDAP no longer reads its configuration from the
<filename>/etc/openldap/slapd.conf</filename> file. Instead, it uses a
configuration database located in the <filename
class="directory">/etc/openldap/slapd.d/</filename> directory. If you
have an existing <filename>slapd.conf</filename> file from a previous
installation, you can convert it to the new format by running the following command:
</para>
<screen>~]# <command>slaptest -f /etc/openldap/slapd.conf -F
/etc/openldap/slapd.d/</command></screen>
- <section id="s2-ldap-configuration-global">
+ <section id="s3-ldap-configuration-global">
<title>Changing the Global Configuration</title>
<para>
The <filename>/etc/openldap/slapd.d/cn=config.ldif</filename> file
contains global configuration options for the LDAP server. The following directives are
commonly used in this file:
@@ -802,7 +802,7 @@ Stopping slapd: [ OK
]</screen>
</varlistentry>
</variablelist>
</section>
- <section id="s2-ldap-configuration-database">
+ <section id="s3-ldap-configuration-database">
<title>Changing the Database-Specific Configuration</title>
<para>
By default, the OpenLDAP server uses Berkeley DB (BDB) as a database back end.
The configuration for this database is stored in the
<filename>/etc/openldap/slapd.d/cn=config/olcDatabase={1}bdb.ldif</filename>
file, and commonly contains the following directives:
@@ -878,7 +878,7 @@ Re-enter new password:
</varlistentry>
</variablelist>
</section>
- <section id="s2-ldap-configuration-schema">
+ <section id="s3-ldap-configuration-schema">
<title>Working with Schema Files</title>
<para>
The <filename>/etc/openldap/schema/</filename> directory contains
LDAP definitions, previously located in the <filename>slapd.at.conf</filename>
and <filename>slapd.oc.conf</filename> files, with the attribute syntax
definitions and object class definitions located in the different schema files. The schema
definitions that are hard-coded in <systemitem
class="service">slapd</systemitem> are now covered by the
<filename>cn=schema</filename> entry located in the <filename
class="directory">/etc/openldap/slapd.d/cn=config/</filename>
directory.
@@ -894,12 +894,12 @@ Re-enter new password:
</para>
</section>
</section>
- <section id="s1-ldap-running">
+ <section id="s2-ldap-running">
<title>Running an OpenLDAP Server</title>
<para>
- This section describes how to start, stop, restart, and check the current status of
the <application>Standalone LDAP Daemon</application>. For more information on
how to manage system services in general, refer to <xref
linkend="ch-Controlling_Access_to_Services" />.
+ This section describes how to start, stop, restart, and check the current status of
the <application>Standalone LDAP Daemon</application>. For more information on
how to manage system services in general, refer to <xref
linkend="ch-Services_and_Daemons" />.
</para>
- <section id="s2-ldap-running-starting">
+ <section id="s3-ldap-running-starting">
<title>Starting the Service</title>
<para>
To run the <systemitem class="service">slapd</systemitem>
service, type the following at a shell prompt:
@@ -914,7 +914,7 @@ Starting slapd: [ OK
]</screen>
Note that you can also use the <application>Service
Configuration</application> utility as described in <xref
linkend="s3-services-serviceconf-enabling" />.
</para>
</section>
- <section id="s2-ldap-running-stopping">
+ <section id="s3-ldap-running-stopping">
<title>Stopping the Service</title>
<para>
To stop the running <systemitem
class="service">slapd</systemitem> service, type the following at a
shell prompt:
@@ -929,7 +929,7 @@ Stopping slapd: [ OK
]</screen>
Alternatively, you can use the <application>Service
Configuration</application> utility as described in <xref
linkend="s3-services-serviceconf-disabling" />.
</para>
</section>
- <section id="s2-ldap-running-restarting">
+ <section id="s3-ldap-running-restarting">
<title>Restarting the Service</title>
<para>
To restart the running <systemitem
class="service">slapd</systemitem> service, type the following at a
shell prompt:
@@ -941,7 +941,7 @@ Starting slapd: [ OK
]</screen>
This stops the service, and then starts it again. Use this command to reload the
configuration.
</para>
</section>
- <section id="s2-ldap-running-status">
+ <section id="s3-ldap-running-status">
<title>Checking the Service Status</title>
<para>
To check whether the service is running, type the following at a shell prompt:
@@ -950,21 +950,21 @@ Starting slapd: [ OK
]</screen>
slapd (pid 3672) is running...</screen>
</section>
</section>
- <section id="s1-ldap-pam">
+ <section id="s2-ldap-pam">
<title>Configuring a System to Authenticate Using OpenLDAP</title>
<para>
- In order to configure a system to authenticate using OpenLDAP, make sure that the
appropriate packages are installed on both LDAP server and client machines. For
information on how to set up the server, follow the instructions in <xref
linkend="s1-ldap-installation" /> and <xref
linkend="s1-ldap-configuration" />. On a client, type the following at a
shell prompt:
+ In order to configure a system to authenticate using OpenLDAP, make sure that the
appropriate packages are installed on both LDAP server and client machines. For
information on how to set up the server, follow the instructions in <xref
linkend="s2-ldap-installation" /> and <xref
linkend="s2-ldap-configuration" />. On a client, type the following at a
shell prompt:
</para>
<screen>~]# <command>yum install openldap openldap-clients
nss-pam-ldapd</command></screen>
<para>
- Note that this section provides a brief overview only. Unless you are an OpenLDAP
expert, refer to <xref linkend="s1-ldap-resources" /> for more detailed
information.
+ Note that this section provides a brief overview only. Unless you are an OpenLDAP
expert, refer to <xref linkend="s2-ldap-resources" /> for more detailed
information.
</para>
- <section id="s2-ldap-pam">
+ <section id="s3-ldap-pam">
<title>Using LDAP with PAM</title>
<para>
&MAJOROS; allows you to configure standard PAM-enabled applications to use
LDAP for authentication. To do so, select
<menuchoice><guimenu>System</guimenu><guisubmenu>Administration</guisubmenu><guimenuitem>Authentication</guimenuitem></menuchoice>
from the panel (or type <command>system-config-authentication</command> at a
shell prompt) to start the <application>Authentication
Configuration</application>, and enter the superuser password when prompted. Then
select the <guimenuitem>LDAP</guimenuitem> option from the
<guilabel>User Account Database</guilabel> pulldown list, adjust the
additional options, and click <guibutton>Apply</guibutton> to confirm your
changes.
</para>
- <figure id="s2-ldap-pam-authentication_configuration">
+ <figure id="fig-ldap-pam-authentication_configuration">
<title>Using the <application>Authentication
Configuration</application> utility</title>
<mediaobject>
<imageobject>
@@ -981,7 +981,7 @@ slapd (pid 3672) is running...</screen>
For more information about configuring PAM, refer to the <citetitle
pubwork="chapter">Pluggable Authentication Modules (PAM)</citetitle>
chapter of the &MAJOROSVER; <citetitle>Security Guide</citetitle> and the
PAM man pages.
</para>
</section>
- <section id="s2-ldap-migrationtools">
+ <section id="s3-ldap-migrationtools">
<title>Migrating Old Authentication Information to LDAP Format</title>
<para>
The <package>migrationtools</package> package provides a set of shell
and Perl scripts to help you migrate authentication information into an LDAP format. To
install this package, type the following at a shell prompt:
@@ -1092,12 +1092,12 @@ $DEFAULT_BASE = "dc=example,dc=com";</screen>
</para>
</section>
</section>
- <section id="s1-ldap-resources">
+ <section id="s2-ldap-resources">
<title>Additional Resources</title>
<para>
The following resources offer additional information on the Lightweight Directory
Access Protocol. Before configuring LDAP on your system, it is highly recommended that you
review these resources, especially the <citetitle pubwork="book">OpenLDAP
Software Administrator's Guide</citetitle>.
</para>
- <section id="s2-ldap-installed-docs">
+ <section id="s3-ldap-installed-docs">
<title>Installed Documentation</title>
<para>
The following documentation is installed with the
<package>openldap-servers</package> package:
@@ -1229,7 +1229,7 @@ $DEFAULT_BASE = "dc=example,dc=com";</screen>
</varlistentry>
</variablelist>
</section>
- <section id="s2-ldap-additional-resources-web">
+ <section id="s3-ldap-additional-resources-web">
<title>Useful Websites</title>
<variablelist>
<varlistentry>
@@ -1266,7 +1266,7 @@ $DEFAULT_BASE = "dc=example,dc=com";</screen>
</varlistentry>
</variablelist>
</section>
- <section id="s2-ldap-related-books">
+ <section id="s3-ldap-related-books">
<title>Related Books</title>
<variablelist>
<varlistentry>
@@ -1296,4 +1296,4 @@ $DEFAULT_BASE = "dc=example,dc=com";</screen>
</variablelist>
</section>
</section>
-</chapter>
+</section>
diff --git a/en-US/OpenSSH.xml b/en-US/OpenSSH.xml
index 8c6a262..17c4c2d 100644
--- a/en-US/OpenSSH.xml
+++ b/en-US/OpenSSH.xml
@@ -506,7 +506,7 @@ Password:</screen>
</para>
<screen>~]# <command>chkconfig sshd on</command></screen>
<para>
- This will enable the service for all runlevels. For more configuration options,
refer to <xref linkend="ch-Controlling_Access_to_Services" /> for the
detailed information on how to manage services.
+ This will enable the service for all runlevels. For more configuration options,
refer to <xref linkend="ch-Services_and_Daemons" /> for the detailed
information on how to manage services.
</para>
<para>
Note that if you reinstall the system, a new set of identification keys will be
created. As a result, clients who had connected to the system with any of the OpenSSH
tools before the reinstall will see the following message:
@@ -542,7 +542,7 @@ It is also possible that the RSA host key has just been
changed.</screen>
~]# <command>chkconfig rlogin off</command>
~]# <command>chkconfig vsftpd off</command></screen>
<para>
- For more information on runlevels and configuring services in general, refer to
<xref linkend="ch-Controlling_Access_to_Services" />.
+ For more information on runlevels and configuring services in general, refer to
<xref linkend="ch-Services_and_Daemons" />.
</para>
</section>
<section id="s2-ssh-configuration-keypairs">
diff --git a/en-US/PackageKit.xml b/en-US/PackageKit.xml
index 2bf9c5b..0968c51 100644
--- a/en-US/PackageKit.xml
+++ b/en-US/PackageKit.xml
@@ -661,7 +661,7 @@
<para>The <command>packagekitd</command> daemon runs outside the
user session and communicates with the various graphical front ends. The
<command>packagekitd</command> daemon<footnote
id="footnote-Daemons"><para>System daemons are typically
long-running processes that provide services to the user or to other programs, and which
are started, often at boot time, by special initialization scripts (often shortened to
<emphasis>init scripts</emphasis>). Daemons respond to the
<command>service</command> command and can be turned on or off permanently by
using the <command>chkconfig on</command> or <command>chkconfig
off</command>commands. They can typically be recognized by a
<quote><emphasis>d</emphasis>
</quote> appended to their name, such as the
<command>packagekitd</command> daemon. Refer to <xref
- linkend="ch-Controlling_Access_to_Services"/> for information
about system services.</para>
+ linkend="ch-Services_and_Daemons"/> for information about system
services.</para>
</footnote>
communicates via the <application>DBus</application> system message bus with
another back end, which utilizes <application>Yum</application>'s Python
API to perform queries and make changes to the sytem. On Linux systems other than Red Hat
and Fedora, <command>packagekitd</command> can communicate with other back
ends that are able to utilize the native package manager for that system. This modular
architecture provides the abstraction necessary for the graphical interfaces to work with
many different package managers to perform essentially the same types of package
management tasks. Learning how to use the
<application>PackageKit</application> front ends means that you can use the
same familiar graphical interface across many different Linux distributions, even when
they utilize a native package manager other than
<application>Yum</application>.</para>
<para>In addition, <application>PackageKit</application>'s
separation of concerns provides reliability in that a crash of one of the GUI windows—or
even the user's X Window session—will not affect any package management tasks being
supervised by the <command>packagekitd</command> daemon, which runs outside of
the user session.</para>
diff --git a/en-US/Printer_Configuration.xml b/en-US/Printer_Configuration.xml
index f972a63..80a5421 100644
--- a/en-US/Printer_Configuration.xml
+++ b/en-US/Printer_Configuration.xml
@@ -1,8 +1,7 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
- id="ch-Printer_Configuration">
+<section id="s1-Printer_Configuration">
<title>Printer Configuration</title>
<indexterm
significance="normal">
@@ -104,7 +103,7 @@
<para>Clicking the <guibutton>Apply</guibutton> button prompts the
printer daemon to restart with the changes you have configured.</para>
<para>Clicking the <guibutton>Revert</guibutton> button discards
unapplied changes.</para>
<section
- id="s1-printing-local-printer">
+ id="s2-printing-local-printer">
<title>Adding a Local Printer</title>
<indexterm
significance="normal">
@@ -160,10 +159,10 @@
</mediaobject>
</figure>
<para>Next, select the printer type. Refer to <xref
- linkend="s1-printing-select-model"/> for details.</para>
+ linkend="s2-printing-select-model"/> for details.</para>
</section>
<section
- id="s1-printing-ipp-printer">
+ id="s2-printing-ipp-printer">
<title>Adding an IPP Printer</title>
<indexterm
significance="normal">
@@ -211,10 +210,10 @@
</figure>
<para>Click <guibutton>Forward</guibutton> to
continue.</para>
<para>Next, select the printer type. Refer to <xref
- linkend="s1-printing-select-model"/> for details.</para>
+ linkend="s2-printing-select-model"/> for details.</para>
</section>
<section
- id="s1-printing-smb-printer">
+ id="s2-printing-smb-printer">
<title>Adding a Samba (SMB) Printer</title>
<indexterm
significance="normal">
@@ -262,7 +261,7 @@
<para>Enter the <guilabel>Password</guilabel> (if required) for the
user specified in the <guilabel>Username</guilabel> field.</para>
<para>You can then test the connection by clicking
<guibutton>Verify</guibutton>. Upon successful verification, a dialog box
appears confirming printer share accessibility.</para>
<para>Next, select the printer type. Refer to <xref
- linkend="s1-printing-select-model"/> for details.</para>
+ linkend="s2-printing-select-model"/> for details.</para>
<warning>
<title>Warning</title>
<para>Samba printer usernames and passwords are stored in the printer server
as unencrypted files readable by root and lpd. Thus, other users that have root access to
the printer server can view the username and password you use to access the Samba
printer.</para>
@@ -271,7 +270,7 @@
</warning>
</section>
<section
- id="s1-printing-jetdirect-printer">
+ id="s2-printing-jetdirect-printer">
<title>Adding a JetDirect Printer</title>
<indexterm
significance="normal">
@@ -316,10 +315,10 @@
</listitem>
</itemizedlist>
<para>Next, select the printer type. Refer to <xref
- linkend="s1-printing-select-model"/> for details.</para>
+ linkend="s2-printing-select-model"/> for details.</para>
</section>
<section
- id="s1-printing-select-model">
+ id="s2-printing-select-model">
<title>Selecting the Printer Model and Finishing</title>
<para>Once you have properly selected a printer queue type, you can choose
either option:</para>
<itemizedlist>
@@ -353,15 +352,15 @@
<para>The recommended printed driver is automatically selected based on the
printer model you chose. The print driver processes the data that you want to print into a
format the printer can understand. Since a local printer is attached directly to your
computer, you need a printer driver to process the data that is sent to the
printer.</para>
<para>If you have a PPD file for the device (usually provided by the
manufacturer), you can select it by choosing <guilabel>Provide PPD
file</guilabel>. You can then browse the filesystem for the PPD file by clicking
<guibutton>Browse</guibutton>.</para>
<section
- id="s2-printing-confirm">
+ id="s3-printing-confirm">
<title>Confirming Printer Configuration</title>
<para>The last step is to confirm your printer configuration. Click
<guibutton>Apply</guibutton> to add the print queue if the settings are
correct. Click <guibutton>Back</guibutton> to modify the printer
configuration.</para>
<para>After applying the changes, print a test page to ensure the
configuration is correct. Refer to <xref
- linkend="s1-printing-test-page"/> for details.</para>
+ linkend="s2-printing-test-page"/> for details.</para>
</section>
</section>
<section
- id="s1-printing-test-page">
+ id="s2-printing-test-page">
<title>Printing a Test Page</title>
<indexterm
significance="normal">
@@ -372,7 +371,7 @@
<para>If you change the print driver or modify the driver options, you should
print a test page to test the different configuration.</para>
</section>
<section
- id="s1-printing-edit">
+ id="s2-printing-edit">
<title>Modifying Existing Printers</title>
<indexterm
significance="normal">
@@ -495,7 +494,7 @@
</section>
</section>
<section
- id="s1-printing-managing">
+ id="s2-printing-managing">
<title>Managing Print Jobs</title>
<indexterm
significance="normal">
@@ -557,11 +556,11 @@ active user@localhost+902 A 902 sample.txt 2050 01:20:46
<para>You can also print a file directly from a shell prompt. For example, the
command <command>lpr sample.txt</command> prints the text file
<filename>sample.txt</filename>. The print filter determines what type of file
it is and converts it into a format the printer can understand.</para>
</section>
<section
- id="s1-printing-additional-resources">
+ id="s2-printing-additional-resources">
<title>Additional Resources</title>
<para>To learn more about printing on &MAJOROS;, refer to the following
resources.</para>
<section
- id="s2-printing-installed-docs">
+ id="s3-printing-installed-docs">
<title>Installed Documentation</title>
<itemizedlist>
<listitem>
@@ -591,7 +590,7 @@ active user@localhost+902 A 902 sample.txt 2050 01:20:46
</itemizedlist>
</section>
<section
- id="s2-printing-useful-websites">
+ id="s3-printing-useful-websites">
<title>Useful Websites</title>
<itemizedlist>
<listitem>
@@ -607,4 +606,4 @@ active user@localhost+902 A 902 sample.txt 2050 01:20:46
</itemizedlist>
</section>
</section>
-</chapter>
+</section>
diff --git a/en-US/RPM.xml b/en-US/RPM.xml
index 29e60b7..bbb34ce 100644
--- a/en-US/RPM.xml
+++ b/en-US/RPM.xml
@@ -1,7 +1,7 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
+<appendix
id="ch-RPM">
<title>RPM</title>
<indexterm>
@@ -787,4 +787,4 @@ your system.</screen>
</variablelist>
</section>
</section>
-</chapter>
+</appendix>
diff --git a/en-US/Samba.xml b/en-US/Samba.xml
index 82466b9..fd67630 100644
--- a/en-US/Samba.xml
+++ b/en-US/Samba.xml
@@ -1,8 +1,7 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
- id="ch-Samba">
+<section id="ch-Samba">
<title>Samba</title>
<indexterm
significance="normal">
@@ -45,11 +44,11 @@
</listitem>
<listitem>
<para>Two new documents developed by the
Samba.org team, which include a
400+ page reference manual, and a 300+ page implementation and integration manual. For
more information about these published titles, refer to <xref
- linkend="s2-samba-resources-published"/>.</para>
+ linkend="s3-samba-resources-published"/>.</para>
</listitem>
</itemizedlist>
<section
- id="s2-samba-abilities">
+ id="s3-samba-abilities">
<title>Samba Features</title>
<indexterm
significance="normal">
@@ -97,7 +96,7 @@
</section>
</section>
<section
- id="s1-samba-daemons">
+ id="s2-samba-daemons">
<title>Samba Daemons and Related Services</title>
<indexterm
significance="normal">
@@ -106,7 +105,7 @@
</indexterm>
<para>The following is a brief introduction to the individual Samba daemons and
services.</para>
<section
- id="s2-samba-services">
+ id="s3-samba-services">
<title>Samba Daemons</title>
<indexterm
significance="normal">
@@ -116,7 +115,7 @@
</indexterm>
<para>Samba is comprised of three daemons
(<command>smbd</command>, <command>nmbd</command>, and
<command>winbindd</command>). Three services
(<command>smb</command>, <command>nmbd</command>, and
<command>winbind</command>) control how the daemons are started, stopped, and
other service-related features. These services act as different init scripts. Each daemon
is listed in detail below, as well as which specific service has control over
it.</para>
<formalpara
- id="s3-samba-daemon-smbd">
+ id="s4-samba-daemon-smbd">
<title>
<command>smbd</command>
</title>
@@ -130,7 +129,7 @@
</formalpara>
<para>The <command>smbd</command> daemon is controlled by the
<command>smb</command> service.</para>
<formalpara
- id="s3-samba-daemon-nmbd">
+ id="s4-samba-daemon-nmbd">
<title>
<command>nmbd</command>
</title>
@@ -144,7 +143,7 @@
</formalpara>
<para>The <command>nmbd</command> daemon is controlled by the
<command>nmb</command> service.</para>
<formalpara
- id="s3-samba-daemon-winbindd">
+ id="s4-samba-daemon-winbindd">
<title>
<command>winbindd</command>
</title>
@@ -160,14 +159,14 @@
<note>
<title>Note</title>
<para>You may refer to <xref
- linkend="s1-samba-programs"/> for a list of utilities included
in the Samba distribution.</para>
+ linkend="s2-samba-programs"/> for a list of utilities included
in the Samba distribution.</para>
</note>
</section>
<!-- RHEL5: ddomingo(a)redhat.com: why is this not allowing build?
- <para>Please refer to <xref linkend="s1-samba-programs"/> for a
list of utilities included in the Samba distribution.</para> -->
+ <para>Please refer to <xref linkend="s2-samba-programs"/> for a
list of utilities included in the Samba distribution.</para> -->
</section>
<section
- id="s1-samba-connect-share">
+ id="s2-samba-connect-share">
<title>Connecting to a Samba Share</title>
<indexterm
significance="normal">
@@ -223,7 +222,7 @@
</command>
</screen>
<section
- id="s2-samba-connect-share-cmdline">
+ id="s3-samba-connect-share-cmdline">
<title>Command Line</title>
<indexterm
significance="normal">
@@ -268,7 +267,7 @@
<para>To exit <command>smbclient</command>, type
<userinput>exit</userinput> at the <prompt>smb:\></prompt>
prompt.</para>
</section>
<section
- id="s1-samba-mounting">
+ id="s2-samba-mounting">
<title>Mounting the Share</title>
<indexterm
significance="normal">
@@ -319,7 +318,7 @@
</section>
<!-- RHEL5: ddomingo(a)redhat.com: moved SAMBA config guide to here -->
<section
- id="s1-samba-configuring">
+ id="s2-samba-configuring">
<title>Configuring a Samba Server</title>
<indexterm
significance="normal">
@@ -334,7 +333,7 @@
</indexterm>
<para>The default configuration file
(<filename>/etc/samba/smb.conf</filename>) allows users to view their home
directories as a Samba share. It also shares all printers configured for the system as
Samba shared printers. In other words, you can attach a printer to the system and print to
it from the Windows machines on your network.</para>
<section
- id="s2-samba-configuring-gui">
+ id="s3-samba-configuring-gui">
<title>Graphical Configuration</title>
<indexterm
significance="normal">
@@ -344,7 +343,7 @@
<para>
To configure Samba using a graphical interface, use one of the available Samba
graphical user interfaces. A list of available GUIs can be found at <ulink
url="http://www.samba.org/samba/GUI/">http://www.samba.org/s...;.
</para>
- <!-- RHEL6 mprpic: system-config-samba deprecated <para>To configure Samba
using a graphical interface, use the <application>Samba Server Configuration
Tool</application>. For command line configuration, skip to <xref
linkend="s2-samba-configuring-cmdline"/>.</para>
+ <!-- RHEL6 mprpic: system-config-samba deprecated <para>To configure Samba
using a graphical interface, use the <application>Samba Server Configuration
Tool</application>. For command line configuration, skip to <xref
linkend="s3-samba-configuring-cmdline"/>.</para>
<para>The <application>Samba Server Configuration
Tool</application> is a graphical interface for managing Samba shares, users, and
basic server settings. It modifies the configuration files in the
<filename>/etc/samba/</filename> directory. Any changes to these files not
made using the application are preserved.</para>
<para>To use this application, you must be running the X Window System, have
root privileges, and have the <filename>system-config-samba</filename> RPM
package installed. To start the <application>Samba Server Configuration
Tool</application> from the desktop, go to the
<menuchoice><guimenu>System</guimenu>
<guimenuitem>Administration</guimenuitem> <guimenuitem>Server
Settings</guimenuitem>
<guimenuitem>Samba</guimenuitem></menuchoice> on the GNOME panel or type
the <command>system-config-samba</command> command at a shell prompt (for
example, in an XTerm or a GNOME terminal).</para>
<figure
@@ -372,7 +371,7 @@
<para>The <application>Samba Server Configuration
Tool</application> does not display shared printers or the default stanza that
allows users to view their own home directories on the Samba server.</para>
</note>
<section
- id="s3-samba-gui-server-settings">
+ id="s4-samba-gui-server-settings">
<title>Configuring Server Settings</title>
<indexterm
significance="normal">
@@ -444,14 +443,14 @@
<listitem>
<para>
<guilabel>User</guilabel> — (Default) Samba users must
provide a valid username and password on a per Samba server basis. Select this option if
you want the <guilabel>Windows Username</guilabel> option to work. Refer to
<xref
- linkend="s3-samba-gui-users"/> for
details.</para>
+ linkend="s4-samba-gui-users"/> for
details.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
<guilabel>Encrypt Passwords</guilabel> — This option must be
enabled if the clients are connecting from a system with Windows 98, Windows NT 4.0 with
Service Pack 3, or other more recent versions of Microsoft Windows. The passwords are
transfered between the server and the client in an encrypted format instead of as a
plain-text word that can be intercepted. This corresponds to the <command>encrypted
passwords</command> option. Refer to <xref
- linkend="s2-samba-encrypted-passwords"/> for more
information about encrypted Samba passwords.</para>
+ linkend="s3-samba-encrypted-passwords"/> for more
information about encrypted Samba passwords.</para>
</listitem>
<listitem>
<para>
@@ -461,7 +460,7 @@
<para>After clicking <guibutton>OK</guibutton>, the changes are
written to the configuration file and the daemon is restarted; thus, the changes take
effect immediately.</para>
</section>
<section
- id="s3-samba-gui-users">
+ id="s4-samba-gui-users">
<title>Managing Samba Users</title>
<indexterm
significance="normal">
@@ -492,7 +491,7 @@
<para>The users are modified immediately after clicking the
<guibutton>OK</guibutton> button.</para>
</section>
<section
- id="s3-samba-gui-add-share">
+ id="s4-samba-gui-add-share">
<title>Adding a Share</title>
<indexterm
significance="normal">
@@ -544,7 +543,7 @@
</section> -->
</section>
<section
- id="s2-samba-configuring-cmdline">
+ id="s3-samba-configuring-cmdline">
<title>Command Line Configuration</title>
<indexterm
significance="normal">
@@ -575,7 +574,7 @@ create mask = 0765
<para>The above example allows the users <command>tfox</command>
and <command>carole</command> to read and write to the directory
<filename>/home/share</filename>, on the Samba server, from a Samba
client.</para>
</section>
<section
- id="s2-samba-encrypted-passwords">
+ id="s3-samba-encrypted-passwords">
<title>Encrypted Passwords</title>
<para>Encrypted passwords are enabled by default because it is more secure to
do so. To create a user with an encrypted password, use the command
<command>smbpasswd -a
<replaceable><username></replaceable>
</command>.</para>
@@ -623,7 +622,7 @@ create mask = 0765
</section>
</section>
<section
- id="s1-samba-startstop">
+ id="s2-samba-startstop">
<title>Starting and Stopping Samba</title>
<indexterm
significance="normal">
@@ -681,11 +680,11 @@ create mask = 0765
<screen>~]# <command>service smb reload</command>
</screen>
<para>By default, the <command>smb</command> service does
<emphasis>not</emphasis> start automatically at boot time. To configure Samba
to start at boot time, use an initscript utility, such as
<command>/sbin/chkconfig</command>,
<command>/usr/sbin/ntsysv</command>, or the <application>Services
Configuration Tool</application> program. Refer to <xref
- linkend="ch-Controlling_Access_to_Services"/> for more information
regarding these tools.</para>
+ linkend="ch-Services_and_Daemons" /> for more information regarding
these tools.</para>
</section>
<!-- RHEL5: ddomingo(a)redhat.com: config guide used to be here, moved to before
"Starting & Stopping" -->
<section
- id="s1-samba-servers">
+ id="s2-samba-servers">
<title>Samba Server Types and the <filename>smb.conf</filename>
File</title>
<indexterm
significance="normal">
@@ -700,7 +699,7 @@ create mask = 0765
<para>Samba configuration is straightforward. All modifications to Samba are
done in the <filename>/etc/samba/smb.conf</filename> configuration file.
Although the default <filename>smb.conf</filename> file is well documented, it
does not address complex topics such as LDAP, Active Directory, and the numerous domain
controller implementations.</para>
<para>The following sections describe the different ways a Samba server can be
configured. Keep in mind your needs and the changes required to the
<filename>/etc/samba/smb.conf</filename> file for a successful
configuration.</para>
<section
- id="s2-samba-standalone">
+ id="s3-samba-standalone">
<title>Stand-alone Server</title>
<indexterm
significance="normal">
@@ -709,9 +708,9 @@ create mask = 0765
<tertiary>Stand Alone</tertiary>
</indexterm>
<para>A stand-alone server can be a workgroup server or a member of a
workgroup environment. A stand-alone server is not a domain controller and does not
participate in a domain in any way. The following examples include several anonymous
share-level security configurations and one user-level security configuration. For more
information on share-level and user-level security modes, refer to <xref
- linkend="s1-samba-security-modes"/>.</para>
+ linkend="s2-samba-security-modes"/>.</para>
<section
- id="s3-samba-standalone-anonreadonly">
+ id="s4-samba-standalone-anonreadonly">
<title>Anonymous Read-Only</title>
<indexterm
significance="normal">
@@ -733,7 +732,7 @@ guest only = Yes
</screen>
</section>
<section
- id="s3-samba-standalone-anonreadwrite">
+ id="s4-samba-standalone-anonreadwrite">
<title>Anonymous Read/Write</title>
<indexterm
significance="normal">
@@ -761,7 +760,7 @@ guest ok = Yes
</screen>
</section>
<section
- id="s3-samba-standalone-anonprint">
+ id="s4-samba-standalone-anonprint">
<title>Anonymous Print Server</title>
<indexterm
significance="normal">
@@ -789,7 +788,7 @@ browseable = Yes
</screen>
</section>
<section
- id="s3-samba-standalone-readwriteall">
+ id="s4-samba-standalone-readwriteall">
<title>Secure Read/Write File and Print Server</title>
<indexterm
significance="normal">
@@ -831,7 +830,7 @@ browseable = Yes
</section>
</section>
<section
- id="s2-samba-domain-member">
+ id="s3-samba-domain-member">
<title>Domain Member Server</title>
<indexterm
significance="normal">
@@ -841,7 +840,7 @@ browseable = Yes
</indexterm>
<para>A domain member, while similar to a stand-alone server, is logged into
a domain controller (either Windows or Samba) and is subject to the domain's security
rules. An example of a domain member server would be a departmental server running Samba
that has a machine account on the Primary Domain Controller (PDC). All of the
department's clients still authenticate with the PDC, and desktop profiles and all
network policy files are included. The difference is that the departmental server has the
ability to control printer and network shares.</para>
<section
- id="s3-samba-domain-member-ads">
+ id="s4-samba-domain-member-ads">
<title>Active Directory Domain Member Server</title>
<indexterm
significance="normal">
@@ -895,7 +894,7 @@ password server =
kerberos.example.com
</note>
</section>
<section
- id="s3-samba-domain-member-nt4">
+ id="s4-samba-domain-member-nt4">
<title>Windows NT4-based Domain Member Server</title>
<indexterm
significance="normal">
@@ -935,7 +934,7 @@ guest ok = Yes
</section>
</section>
<section
- id="s2-samba-domain-controller">
+ id="s3-samba-domain-controller">
<title>Domain Controller</title>
<indexterm
significance="normal">
@@ -950,7 +949,7 @@ guest ok = Yes
<para>Samba cannot exist in a mixed Samba/Windows domain controller
environment (Samba cannot be a BDC of a Windows PDC or vice versa). Alternatively, Samba
PDCs and BDCs <emphasis>can</emphasis> coexist.</para>
</important>
<section
- id="s3-samba-pdc-tdbsam">
+ id="s4-samba-pdc-tdbsam">
<title>Primary Domain Controller (PDC) using
<command>tdbsam</command>
</title>
<indexterm
@@ -961,7 +960,7 @@ guest ok = Yes
</tertiary>
</indexterm>
<para>The simplest and most common implementation of a Samba PDC uses the
new default <command>tdbsam</command> password database back end. Replacing
the aging <command>smbpasswd</command> back end,
<command>tdbsam</command> has numerous improvements that are explained in more
detail in <xref
- linkend="s1-samba-account-info-dbs"/>. The <command>passdb
backend</command> directive controls which back end is to be used for the
PDC.</para>
+ linkend="s2-samba-account-info-dbs"/>. The <command>passdb
backend</command> directive controls which back end is to be used for the
PDC.</para>
<para>The following <filename>/etc/samba/smb.conf</filename>
file shows a sample configuration needed to implement a
<command>tdbsam</command> password database back end.
</para>
<screen>
@@ -1189,7 +1188,7 @@ idmap gid = 15000-20000 ...
</section>
</section>
<section
- id="s1-samba-security-modes">
+ id="s2-samba-security-modes">
<title>Samba Security Modes</title>
<indexterm
significance="normal">
@@ -1199,7 +1198,7 @@ idmap gid = 15000-20000 ...
<para>There are only two types of security modes for Samba,
<emphasis>share-level</emphasis> and
<emphasis>user-level</emphasis>, which are collectively known as
<emphasis><firstterm>security levels</firstterm>
</emphasis>. Share-level security can only be implemented in one way, while
user-level security can be implemented in one of four different ways. The different ways
of implementing a security level are called <emphasis><firstterm>security
modes</firstterm></emphasis>.</para>
<section
- id="s2-samba-user-level">
+ id="s3-samba-user-level">
<title>User-Level Security</title>
<indexterm
significance="normal">
@@ -1217,9 +1216,9 @@ security = user
</screen>
<para>The following sections describe other implementations of user-level
security.</para>
<!-- RHEL5: ddomingo(a)redhat.com: moving this closing section tag down, to nest
all other User-Level Security modes; also added above para for better transition
- </section> --><!-- RHEL5: ddomingo(a)redhat.com: <section
id="s2-samba-share-level"> used to be here -->
+ </section> --><!-- RHEL5: ddomingo(a)redhat.com: <section
id="s3-samba-share-level"> used to be here -->
<section
- id="s2-samba-domain-security-mode">
+ id="s3-samba-domain-security-mode">
<title>Domain Security Mode (User-Level Security)</title>
<indexterm
significance="normal">
@@ -1237,7 +1236,7 @@ workgroup = MARKETING
</screen>
</section>
<section
- id="s2-samba-ads-security-mode">
+ id="s3-samba-ads-security-mode">
<title>Active Directory Security Mode (User-Level Security)</title>
<indexterm
significance="normal">
@@ -1257,7 +1256,7 @@ password server =
kerberos.example.com
</screen>
</section>
<section
- id="s2-samba-server-security-mode">
+ id="s3-samba-server-security-mode">
<title>Server Security Mode (User-Level Security)</title>
<indexterm
significance="normal">
@@ -1283,7 +1282,7 @@ password server = "NetBIOS_of_Domain_Controller"
<!-- RHEL5: ddomingo(a)redhat.com: the following section tag nests all other
User-Level Security modes -->
</section>
<section
- id="s2-samba-share-level">
+ id="s3-samba-share-level">
<title>Share-Level Security</title>
<indexterm
significance="normal">
@@ -1302,7 +1301,7 @@ security = share
</section>
</section>
<section
- id="s1-samba-account-info-dbs">
+ id="s2-samba-account-info-dbs">
<title>Samba Account Information Databases</title>
<indexterm
significance="normal">
@@ -1312,7 +1311,7 @@ security = share
<para>The latest release of Samba offers many new features including new
password database back ends not previously available. Samba version 3.0.0 fully supports
all databases used in previous versions of Samba. However, although supported, many back
ends may not be suitable for production use.</para>
<para>The following is a list different back ends you can use with Samba. Other
back ends not listed here may also be available.</para>
<!-- RHEL5: tech review: merge 2 sections!
- <section id="s2-samba-backwardcompat-backends">
+ <section id="s3-samba-backwardcompat-backends">
<title>Backward Compatible Backends</title> -->
<indexterm
significance="normal">
@@ -1409,7 +1408,7 @@ security = share
<!-- RHEL5: tech review: merge!
</variablelist>
</section>
- <section id="s2-samba-new-backends">
+ <section id="s3-samba-new-backends">
<title>New Backends</title>
<variablelist> -->
<varlistentry>
@@ -1426,10 +1425,10 @@ security = share
<command>ldapsam</command>
</term>
<listitem>
- <para>The <command>ldapsam</command> back end provides an
optimal distributed account installation method for Samba. LDAP is optimal because of its
ability to replicate its database to any number of servers such as the
<application>Red Hat Directory Server</application> or an
<application>OpenLDAP Server</application>. LDAP databases are light-weight
and scalable, and as such are preferred by large enterprises. Installation and
configuration of directory servers is beyond the scope of this chapter. For more
information on the <application>Red Hat Directory Server</application>, refer
to the <citetitle>Red Hat Directory Server 8.2 Deployment
Guide</citetitle><!-- TBD6: link to the Red Hat Directory Server 8.2 DG -->.
For more information on LDAP, refer to <xref
linkend="ch-Lightweight_Directory_Access_Protocol_LDAP"/></para>
+ <para>The <command>ldapsam</command> back end provides an
optimal distributed account installation method for Samba. LDAP is optimal because of its
ability to replicate its database to any number of servers such as the
<application>Red Hat Directory Server</application> or an
<application>OpenLDAP Server</application>. LDAP databases are light-weight
and scalable, and as such are preferred by large enterprises. Installation and
configuration of directory servers is beyond the scope of this chapter. For more
information on the <application>Red Hat Directory Server</application>, refer
to the <citetitle>Red Hat Directory Server 8.2 Deployment
Guide</citetitle><!-- TBD6: link to the Red Hat Directory Server 8.2 DG -->.
For more information on LDAP, refer to <xref linkend="s1-OpenLDAP"
/>.</para>
<para>If you are upgrading from a previous version of Samba to 3.0, note
that the
<filename>/usr/share/doc/samba-<replaceable><version></replaceable>/LDAP/samba.schema</filename>
has changed. This file contains the <firstterm>attribute syntax
definitions</firstterm> and <firstterm>objectclass
definitions</firstterm> that the <command>ldapsam</command> back end
will need in order to function properly.</para>
<para>As such, if you are using the
<command>ldapsam</command> back end for your Samba server, you will need to
configure <command>slapd</command> to include this schema file. Refer to
<xref
- linkend="s2-ldap-configuration-schema"/> for directions on how
to do this.</para>
+ linkend="s3-ldap-configuration-schema"/> for directions on how
to do this.</para>
<note>
<title>Note</title>
<para>You need to have the
<filename>openldap-server</filename> package installed if you want to use the
<command>ldapsam</command> back end.</para>
@@ -1463,7 +1462,7 @@ security = share
<!-- RHEL5: tech review: cut (closing tag) </section> -->
</section>
<section
- id="s1-samba-network-browsing">
+ id="s2-samba-network-browsing">
<title>Samba Network Browsing</title>
<indexterm
significance="normal">
@@ -1484,7 +1483,7 @@ security = share
<para>Network browsing capabilities require NetBIOS over <systemitem
class="protocol">TCP</systemitem>/<systemitem
class="protocol">IP</systemitem>. NetBIOS-based networking uses
broadcast (<systemitem class="protocol">UDP</systemitem>) messaging
to accomplish browse list management. Without NetBIOS and WINS as the primary method for
<systemitem class="protocol">TCP</systemitem>/<systemitem
class="protocol">IP</systemitem> hostname resolution, other methods
such as static files (<filename>/etc/hosts</filename>) or <systemitem
class="protocol">DNS</systemitem>, must be used.</para>
<para>A domain master browser collates the browse lists from local master
browsers on all subnets so that browsing can occur between workgroups and subnets. Also,
the domain master browser should preferably be the local master browser for its own
subnet.</para>
<!-- RHEL5: tech review: cut! less trouble!
- <section id="s2-samba-workgroup-browsing">
+ <section id="s3-samba-workgroup-browsing">
<title>Workgroup Browsing</title>
<indexterm significance="normal">
<primary>Samba</primary>
@@ -1527,7 +1526,7 @@ os level = 0</screen>
</section>
-->
<section
- id="s2-samba-domain-browsing">
+ id="s3-samba-domain-browsing">
<title>Domain Browsing</title>
<indexterm
significance="normal">
@@ -1542,7 +1541,7 @@ os level = 0</screen>
<para>For subnets that do not include the Windows server PDC, a Samba server
can be implemented as a local master browser. Configuring the
<filename>/etc/samba/smb.conf</filename> file for a local master browser (or
no browsing at all) in a domain controller environment is the same as workgroup
configuration.</para>
</section>
<section
- id="s2-samba-wins">
+ id="s3-samba-wins">
<title>WINS (Windows Internet Name Server)</title>
<indexterm
significance="normal">
@@ -1569,7 +1568,7 @@ wins support = Yes
</section>
</section>
<section
- id="s1-samba-cups">
+ id="s2-samba-cups">
<title>Samba with CUPS Printing Support</title>
<indexterm
significance="normal">
@@ -1581,7 +1580,7 @@ wins support = Yes
<para>Samba allows client machines to share printers connected to the Samba
server, as well as send Linux documents to Windows printer shares. Although there are
other printing systems that function with &MAJOROS;, CUPS (Common UNIX Print System)
is the recommended printing system due to its close integration with Samba.</para>
-->
<section
- id="s2-samba-cups-smb.conf">
+ id="s3-samba-cups-smb.conf">
<title>Simple <filename>smb.conf</filename>
Settings</title>
<indexterm
significance="normal">
@@ -1616,7 +1615,7 @@ printer admin = ed, john
</section>
</section>
<section
- id="s1-samba-programs">
+ id="s2-samba-programs">
<title>Samba Distribution Programs</title>
<indexterm
significance="normal">
@@ -1624,7 +1623,7 @@ printer admin = ed, john
<secondary>Programs</secondary>
</indexterm>
<formalpara
- id="s2-samba-programs-findsmb">
+ id="s3-samba-programs-findsmb">
<title>
<filename>findsmb</filename>
</title>
@@ -1663,7 +1662,7 @@ IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
10.1.56.205 NANCYN +[MYGROUP] [Unix] [Samba 2.2.7a-security-rollup-fix]
</screen>
<!-- RHEL5: </section> --><!-- RHEL5: peer review: cut!
- <formalpara id="s2-samba-programs-make_smbcodepage">
+ <formalpara id="s3-samba-programs-make_smbcodepage">
<title><filename>make_smbcodepage</filename></title>
<indexterm significance="normal">
<primary>Samba</primary>
@@ -1677,7 +1676,7 @@ IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
<para><command>make_smbcodepage <replaceable><c|d>
<codepage_number> <inputfile>
<outputfile></replaceable></command></para>
</formalpara>
<para>The <command>make_smbcodepage</command> program compiles a
binary codepage file from a text-format definition. The reverse is also allowed by
decompiling a binary codepage file to a text-format definition. This obsolete program is
part of the internationalization features of previous versions of Samba which are included
by default with the current version of Samba.</para> --><!-- RHEL5:
</section> --><!-- RHEL5: tech review: cut!
- <formalpara id="s2-samba-programs-make_unicodemap">
+ <formalpara id="s3-samba-programs-make_unicodemap">
<title><filename>make_unicodemap</filename></title>
<indexterm significance="normal">
<primary>Samba</primary>
@@ -1692,7 +1691,7 @@ IP ADDR NETBIOS NAME WORKGROUP/OS/VERSION
</formalpara>
<para>The <command>make_unicodemap</command> program compiles binary
Unicode files from text files so Samba can display non-ASCII character sets. This obsolete
program was part of the internationalization features of previous versions of Samba which
are now included with the current release of Samba.</para> --><!-- RHEL5:
</section> -->
<formalpara
- id="s2-samba-programs-net">
+ id="s3-samba-programs-net">
<title>
<filename>net</filename>
</title>
@@ -1740,7 +1739,7 @@ lisa Sales
</screen>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-nmblookup">
+ id="s3-samba-programs-nmblookup">
<title>
<filename>nmblookup</filename>
</title>
@@ -1771,7 +1770,7 @@ querying trek on 10.1.59.255
</screen>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-pdbedit">
+ id="s3-samba-programs-pdbedit">
<title>
<filename>pdbedit</filename>
</title>
@@ -1850,7 +1849,7 @@ andriusb:505: lisa:504: kristin:506:
</screen>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-rpcclient">
+ id="s3-samba-programs-rpcclient">
<title>
<filename>rpcclient</filename>
</title>
@@ -1875,7 +1874,7 @@ andriusb:505: lisa:504: kristin:506:
<para>The <command>rpcclient</command> program issues
administrative commands using Microsoft RPCs, which provide access to the Windows
administration graphical user interfaces (GUIs) for systems management. This is most often
used by advanced users that understand the full complexity of Microsoft
RPCs.</para>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-smbcacls">
+ id="s3-samba-programs-smbcacls">
<title>
<filename>smbcacls</filename>
</title>
@@ -1900,7 +1899,7 @@ andriusb:505: lisa:504: kristin:506:
<para>The <command>smbcacls</command> program modifies Windows ACLs
on files and directories shared by a Samba server or a Windows server.</para>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-smbclient">
+ id="s3-samba-programs-smbclient">
<title>
<filename>smbclient</filename>
</title>
@@ -1925,7 +1924,7 @@ andriusb:505: lisa:504: kristin:506:
<para>The <command>smbclient</command> program is a versatile UNIX
client which provides functionality similar to
<command>ftp</command>.</para>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-smbcontrol">
+ id="s3-samba-programs-smbcontrol">
<title>
<filename>smbcontrol</filename>
</title>
@@ -1953,7 +1952,7 @@ andriusb:505: lisa:504: kristin:506:
</para>
<para>The <command>smbcontrol</command> program sends control
messages to running <command>smbd</command>,
<command>nmbd</command>, or <command>winbindd</command> daemons.
Executing <command>smbcontrol -i</command> runs commands interactively until a
blank line or a <parameter>'q'</parameter> is entered.</para>
<!-- RHEL5: </section> --><!-- RHEL5: tech review: remove!
- <formalpara id="s2-samba-programs-smbgroupedit">
+ <formalpara id="s3-samba-programs-smbgroupedit">
<title><filename>smbgroupedit</filename></title>
<indexterm significance="normal">
<primary>Samba</primary>
@@ -1967,7 +1966,7 @@ andriusb:505: lisa:504: kristin:506:
<para><command>smbgroupedit
<replaceable><options></replaceable></command></para>
</formalpara>
<para>The <command>smbgroupedit</command> program maps between Linux
groups and Windows groups. It also allows a Linux group to be a domain group.</para>
--><!-- RHEL5: </section> --><!-- RHEL5: ddomingo(a)redhat.com:
smbmount is gone! as per fenlason(a)redhat.com
- <section id="s2-samba-programs-smbmount">
+ <section id="s3-samba-programs-smbmount">
<title><filename>smbmount</filename></title>
<indexterm significance="normal">
<primary>Samba</primary>
@@ -1985,7 +1984,7 @@ andriusb:505: lisa:504: kristin:506:
<screen><userinput>smbmount //wakko/html /mnt/html -o
username=kristin</userinput> Password:
<userinput><password></userinput> [root@yakko /]#
<userinput>ls -l /mnt/html</userinput> total 0 -rwxr-xr-x 1 root root
0 Jan 29 08:09 index.html</screen>
</section> -->
<formalpara
- id="s2-samba-programs-smbpasswd">
+ id="s3-samba-programs-smbpasswd">
<title>
<filename>smbpasswd</filename>
</title>
@@ -2010,7 +2009,7 @@ andriusb:505: lisa:504: kristin:506:
<para>The <command>smbpasswd</command> program manages encrypted
passwords. This program can be run by a superuser to change any user's password as
well as by an ordinary user to change their own Samba password.</para>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-smbspool">
+ id="s3-samba-programs-smbspool">
<title>
<filename>smbspool</filename>
</title>
@@ -2035,7 +2034,7 @@ andriusb:505: lisa:504: kristin:506:
<para>The <command>smbspool</command> program is a CUPS-compatible
printing interface to Samba. Although designed for use with CUPS printers,
<command>smbspool</command> can work with non-CUPS printers as
well.</para>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-smbstatus">
+ id="s3-samba-programs-smbstatus">
<title>
<filename>smbstatus</filename>
</title>
@@ -2060,7 +2059,7 @@ andriusb:505: lisa:504: kristin:506:
<para>The <command>smbstatus</command> program displays the status
of current connections to a Samba server.</para>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-smbtar">
+ id="s3-samba-programs-smbtar">
<title>
<filename>smbtar</filename>
</title>
@@ -2085,7 +2084,7 @@ andriusb:505: lisa:504: kristin:506:
<para>The <command>smbtar</command> program performs backup and
restores of Windows-based share files and directories to a local tape archive. Though
similar to the <command>tar</command> command, the two are not
compatible.</para>
<!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-testparm">
+ id="s3-samba-programs-testparm">
<title>
<filename>testparm</filename>
</title>
@@ -2151,7 +2150,7 @@ Press enter to see a dump of your service definitions
guest only = Yes
</screen>
<!-- RHEL5: </section> --><!-- RHEL5: tech review: cut!
- <formalpara id="s2-samba-programs-testprns">
+ <formalpara id="s3-samba-programs-testprns">
<title><filename>testprns</filename></title>
<indexterm significance="normal">
<primary>Samba</primary>
@@ -2167,7 +2166,7 @@ Press enter to see a dump of your service definitions
<para>The <command>testprns</command> program checks if
<option>printername</option> is valid and exists in the
<filename>printcap</filename>. If the
<option>printcapname</option> is not specified, the default specified in the
Samba or <filename>printcap</filename> configuration files is
used.</para> --><!-- RHEL5: </section> -->
<formalpara
- id="s2-samba-programs-wbinfo">
+ id="s3-samba-programs-wbinfo">
<title>
<filename>wbinfo</filename>
</title>
@@ -2193,7 +2192,7 @@ Press enter to see a dump of your service definitions
<!-- RHEL5: </section> -->
</section>
<section
- id="s1-samba-resources">
+ id="s2-samba-resources">
<title>Additional Resources</title>
<indexterm
significance="normal">
@@ -2202,7 +2201,7 @@ Press enter to see a dump of your service definitions
</indexterm>
<para>The following sections give you the means to explore Samba in greater
detail.</para>
<section
- id="s2-samba-resources-installed">
+ id="s3-samba-resources-installed">
<title>Installed Documentation</title>
<indexterm
significance="normal">
@@ -2254,7 +2253,7 @@ Press enter to see a dump of your service definitions
</itemizedlist>
</section>
<section
- id="s2-samba-resources-published">
+ id="s3-samba-resources-published">
<title>Related Books</title>
<indexterm
significance="normal">
@@ -2278,7 +2277,7 @@ Press enter to see a dump of your service definitions
</itemizedlist>
</section>
<section
- id="s2-samba-resources-community">
+ id="s3-samba-resources-community">
<title>Useful Websites</title>
<indexterm
significance="normal">
@@ -2303,4 +2302,4 @@ Press enter to see a dump of your service definitions
</itemizedlist>
</section>
</section>
-</chapter>
+</section>
diff --git a/en-US/Controlling_Access_to_Services.xml b/en-US/Services_and_Daemons.xml
similarity index 99%
rename from en-US/Controlling_Access_to_Services.xml
rename to en-US/Services_and_Daemons.xml
index ca21a24..dd36719 100644
--- a/en-US/Controlling_Access_to_Services.xml
+++ b/en-US/Services_and_Daemons.xml
@@ -1,8 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="ch-Controlling_Access_to_Services">
- <title>Controlling Access to Services</title>
+<chapter id="ch-Services_and_Daemons">
+ <title>Services and Daemons</title>
<indexterm>
<primary>services configuration</primary>
</indexterm>
diff --git a/en-US/Gathering_System_Information.xml b/en-US/System_Monitoring_Tools.xml
similarity index 99%
rename from en-US/Gathering_System_Information.xml
rename to en-US/System_Monitoring_Tools.xml
index d7c98e5..d052e29 100644
--- a/en-US/Gathering_System_Information.xml
+++ b/en-US/System_Monitoring_Tools.xml
@@ -1,9 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
- id="ch-Gathering_System_Information">
- <title>Gathering System Information</title>
+<chapter id="ch-System_Monitoring_Tools">
+ <title>System Monitoring Tools</title>
<indexterm
significance="normal">
<primary>system information</primary>
diff --git a/en-US/The_Apache_HTTP_Server.xml b/en-US/The_Apache_HTTP_Server.xml
index 6489e9f..4660247 100644
--- a/en-US/The_Apache_HTTP_Server.xml
+++ b/en-US/The_Apache_HTTP_Server.xml
@@ -1,174 +1,160 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="ch-The_Apache_HTTP_Server">
+<section id="s1-The_Apache_HTTP_Server">
<title>The Apache HTTP Server</title>
<indexterm>
- <primary>HTTP server</primary>
- <see><application>Apache HTTP Server</application></see>
- </indexterm>
- <indexterm>
- <primary>web server</primary>
+ <primary><systemitem
class="service">httpd</systemitem></primary>
<see><application>Apache HTTP Server</application></see>
</indexterm>
<para>
- <systemitem class="protocol">HTTP</systemitem> (Hypertext
Transfer Protocol) server, or a <firstterm>web server</firstterm>, is a
network service that serves content to a client over the web. This typically means web
pages, but any other documents can be served as well.
+ This section focuses on the <application>Apache HTTP Server
2.2</application>, a robust, full-featured open source web server developed by the
<ulink
url="http://www.apache.org/">Apache Software
Foundation</ulink>, that is included in &MAJOROSVER;. It describes the basic
configuration of the <systemitem class="service">httpd</systemitem>
service, and covers advanced topics such as adding server modules, setting up virtual
hosts, or configuring the secure HTTP server.
</para>
- <indexterm>
- <primary><systemitem
class="service">httpd</systemitem></primary>
- <see><application>Apache HTTP Server</application></see>
- </indexterm>
<para>
- This chapter focuses on the <application>Apache HTTP Server
2.2</application>, a robust, full-featured open source web server developed by the
<ulink
url="http://www.apache.org/">Apache Software
Foundation</ulink>, that is included in &MAJOROSVER;. It describes the basic
configuration of the <systemitem class="service">httpd</systemitem>
service, and covers advanced topics such as adding server modules, setting up virtual
hosts, or configuring the secure HTTP server.
+ There are important differences between the Apache HTTP Server 2.2 and version 2.0,
and if you are upgrading from a previous release of &MAJOROS;, you will need to update
the <systemitem class="service">httpd</systemitem> service
configuration accordingly. This section reviews some of the newly added features, outlines
important changes, and guides you through the update of older configuration files.
</para>
- <section id="s1-apache-version2">
- <title>The Apache HTTP Server 2.2</title>
+ <section id="s2-apache-version2-features">
+ <title>New Features</title>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>version 2.2</secondary>
+ <tertiary>features</tertiary>
+ </indexterm>
<para>
- There are important differences between the Apache HTTP Server 2.2 and version 2.0,
and if you are upgrading from a previous release of &MAJOROS;, you will need to update
the <systemitem class="service">httpd</systemitem> service
configuration accordingly. This section reviews some of the newly added features, outlines
important changes, and guides you through the update of older configuration files.
+ The Apache HTTP Server version 2.2 introduces the following enhancements:
</para>
- <section id="s2-apache-version2-features">
- <title>New Features</title>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>version 2.2</secondary>
- <tertiary>features</tertiary>
- </indexterm>
- <para>
- The Apache HTTP Server version 2.2 introduces the following enhancements:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>modules</secondary>
- <tertiary><systemitem
class="resource">mod_cache</systemitem></tertiary>
- </indexterm>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>modules</secondary>
- <tertiary><systemitem
class="resource">mod_disk_cache</systemitem></tertiary>
- </indexterm>
- Improved caching modules, that is, <systemitem
class="resource">mod_cache</systemitem> and <systemitem
class="resource">mod_disk_cache</systemitem>.
- </para>
- </listitem>
- <listitem>
- <para>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>modules</secondary>
- <tertiary><systemitem
class="resource">mod_proxy_balancer</systemitem></tertiary>
- </indexterm>
- Support for proxy load balancing, that is, the <systemitem
class="resource">mod_proxy_balancer</systemitem> module.
- </para>
- </listitem>
- <listitem>
- <para>
- Support for large files on 32-bit architectures, allowing the web server to
handle files greater than 2GB.
- </para>
- </listitem>
- <listitem>
- <para>
- A new structure for authentication and authorization support, replacing the
authentication modules provided in previous versions.
- </para>
- </listitem>
- </itemizedlist>
- </section>
- <section id="s2-apache-version2-changes">
- <title>Notable Changes</title>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>version 2.2</secondary>
- <tertiary>changes</tertiary>
- </indexterm>
- <para>
- Since version 2.0, few changes have been made to the default <systemitem
class="service">httpd</systemitem> service configuration:
- </para>
- <itemizedlist>
- <listitem>
- <para>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>modules</secondary>
- <tertiary><systemitem
class="resource">mod_cern_meta</systemitem></tertiary>
- </indexterm>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>modules</secondary>
- <tertiary><systemitem
class="resource">mod_asis</systemitem></tertiary>
- </indexterm>
- The following modules are no longer loaded by default: <systemitem
class="resource">mod_cern_meta</systemitem> and <systemitem
class="resource">mod_asis</systemitem>.
- </para>
- </listitem>
- <listitem>
- <para>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>modules</secondary>
- <tertiary><systemitem
class="resource">mod_ext_filter</systemitem></tertiary>
- </indexterm>
- The following module is newly loaded by default: <systemitem
class="resource">mod_ext_filter</systemitem>.
- </para>
- </listitem>
- </itemizedlist>
- </section>
- <section id="s1-apache-version2-migrating">
- <title>Updating the Configuration</title>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>version 2.2</secondary>
- <tertiary>updating from version 2.0</tertiary>
- </indexterm>
- <para>
- To update the configuration files from the Apache HTTP Server version 2.0, take
the following steps:
- </para>
- <procedure>
- <step>
- <para>
- Make sure all module names are correct, since they may have changed. Adjust
the <option>LoadModule</option> directive for each module that has been
renamed.
- </para>
- </step>
- <step>
- <para>
- Recompile all third party modules before attempting to load them. This
typically means authentication and authorization modules.
- </para>
- </step>
- <step>
- <para>
- <indexterm>
- <primary><application>Apache HTTP
Server</application></primary>
- <secondary>modules</secondary>
- <tertiary><systemitem
class="resource">mod_userdir</systemitem></tertiary>
- </indexterm>
- If you use the <systemitem
class="resource">mod_userdir</systemitem> module, make sure the
<option>UserDir</option> directive indicating a directory name (typically
<literal>public_html</literal>) is provided.
- </para>
- </step>
- <step>
- <para>
- If you use the Apache HTTP Secure Server, edit the
<filename>/etc/httpd/conf.d/ssl.conf</filename> to enable the Secure Sockets
Layer (SSL) protocol.
- </para>
- </step>
- </procedure>
- <para>
- Note that you can check the configuration for possible errors by using the
following command:
- </para>
- <screen>~]# <command>service httpd configtest</command>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>modules</secondary>
+ <tertiary><systemitem
class="resource">mod_cache</systemitem></tertiary>
+ </indexterm>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>modules</secondary>
+ <tertiary><systemitem
class="resource">mod_disk_cache</systemitem></tertiary>
+ </indexterm>
+ Improved caching modules, that is, <systemitem
class="resource">mod_cache</systemitem> and <systemitem
class="resource">mod_disk_cache</systemitem>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>modules</secondary>
+ <tertiary><systemitem
class="resource">mod_proxy_balancer</systemitem></tertiary>
+ </indexterm>
+ Support for proxy load balancing, that is, the <systemitem
class="resource">mod_proxy_balancer</systemitem> module.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Support for large files on 32-bit architectures, allowing the web server to
handle files greater than 2GB.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ A new structure for authentication and authorization support, replacing the
authentication modules provided in previous versions.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section id="s2-apache-version2-changes">
+ <title>Notable Changes</title>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>version 2.2</secondary>
+ <tertiary>changes</tertiary>
+ </indexterm>
+ <para>
+ Since version 2.0, few changes have been made to the default <systemitem
class="service">httpd</systemitem> service configuration:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>modules</secondary>
+ <tertiary><systemitem
class="resource">mod_cern_meta</systemitem></tertiary>
+ </indexterm>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>modules</secondary>
+ <tertiary><systemitem
class="resource">mod_asis</systemitem></tertiary>
+ </indexterm>
+ The following modules are no longer loaded by default: <systemitem
class="resource">mod_cern_meta</systemitem> and <systemitem
class="resource">mod_asis</systemitem>.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>modules</secondary>
+ <tertiary><systemitem
class="resource">mod_ext_filter</systemitem></tertiary>
+ </indexterm>
+ The following module is newly loaded by default: <systemitem
class="resource">mod_ext_filter</systemitem>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </section>
+ <section id="s2-apache-version2-migrating">
+ <title>Updating the Configuration</title>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>version 2.2</secondary>
+ <tertiary>updating from version 2.0</tertiary>
+ </indexterm>
+ <para>
+ To update the configuration files from the Apache HTTP Server version 2.0, take the
following steps:
+ </para>
+ <procedure>
+ <step>
+ <para>
+ Make sure all module names are correct, since they may have changed. Adjust the
<option>LoadModule</option> directive for each module that has been renamed.
+ </para>
+ </step>
+ <step>
+ <para>
+ Recompile all third party modules before attempting to load them. This
typically means authentication and authorization modules.
+ </para>
+ </step>
+ <step>
+ <para>
+ <indexterm>
+ <primary><application>Apache HTTP
Server</application></primary>
+ <secondary>modules</secondary>
+ <tertiary><systemitem
class="resource">mod_userdir</systemitem></tertiary>
+ </indexterm>
+ If you use the <systemitem
class="resource">mod_userdir</systemitem> module, make sure the
<option>UserDir</option> directive indicating a directory name (typically
<literal>public_html</literal>) is provided.
+ </para>
+ </step>
+ <step>
+ <para>
+ If you use the Apache HTTP Secure Server, edit the
<filename>/etc/httpd/conf.d/ssl.conf</filename> to enable the Secure Sockets
Layer (SSL) protocol.
+ </para>
+ </step>
+ </procedure>
+ <para>
+ Note that you can check the configuration for possible errors by using the
following command:
+ </para>
+ <screen>~]# <command>service httpd configtest</command>
Syntax OK</screen>
- <para>
- For more information on upgrading the Apache HTTP Server configuration from
version 2.0 to 2.2, refer to <ulink
url="http://httpd.apache.org/docs/2.2/upgrading.html" />.
- </para>
- </section>
+ <para>
+ For more information on upgrading the Apache HTTP Server configuration from version
2.0 to 2.2, refer to <ulink
url="http://httpd.apache.org/docs/2.2/upgrading.html" />.
+ </para>
</section>
- <section id="s1-apache-running">
+ <section id="s2-apache-running">
<title>Running the <systemitem
class="service">httpd</systemitem> Service</title>
<para>
This section describes how to start, stop, restart, and check the current status of
the Apache HTTP Server. To be able to use the <systemitem
class="service">httpd</systemitem> service, make sure you have the
<package>httpd</package> installed. You can do so by using the following
command:
</para>
<screen>~]# <command>yum install httpd</command></screen>
<para>
- For more information on the concept of runlevels and how to manage system services
in &MAJOROS; in general, refer to <xref
linkend="ch-Controlling_Access_to_Services" />.
+ For more information on the concept of runlevels and how to manage system services
in &MAJOROS; in general, refer to <xref linkend="ch-Services_and_Daemons"
/>.
</para>
- <section id="s2-apache-running-starting">
+ <section id="s3-apache-running-starting">
<title>Starting the Service</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -193,7 +179,7 @@ Starting httpd: [ OK
]</screen>
</para>
</note>
</section>
- <section id="s2-apache-running-stopping">
+ <section id="s3-apache-running-stopping">
<title>Stopping the Service</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -272,7 +258,7 @@ httpd (pid 19014) is running...</screen>
</para>
</section>
</section>
- <section id="s1-apache-editing">
+ <section id="s2-apache-editing">
<title>Editing the Configuration Files</title>
<para>
When the <systemitem class="service">httpd</systemitem>
service is started, by default, it reads the configuration from locations that are listed
in <xref linkend="table-apache-editing-files" />.
@@ -337,7 +323,7 @@ Syntax OK</screen>
<para>
To make the recovery from mistakes easier, it is recommended that you make a copy
of the original file before editing it.
</para>
- <section id="s2-apache-httpdconf-directives">
+ <section id="s3-apache-httpdconf-directives">
<title>Common <filename>httpd.conf</filename>
Directives</title>
<indexterm significance="preferred">
<primary><application>Apache HTTP
Server</application></primary>
@@ -2129,7 +2115,7 @@ ErrorDocument 404 /404-not_found.html</screen>
The <replaceable>name</replaceable> has to be a valid
identifier of the required module. The <replaceable>path</replaceable> refers
to an existing module file, and must be relative to the directory in which the libraries
are placed (that is, <filename
class="directory">/usr/lib/httpd/</filename> on 32-bit and <filename
class="directory">/usr/lib64/httpd/</filename> on 64-bit systems by
default).
</para>
<para>
- Refer to <xref linkend="s1-apache-dso" /> for more
information on the Apache HTTP Server's DSO support.
+ Refer to <xref linkend="s2-apache-dso" /> for more
information on the Apache HTTP Server's DSO support.
</para>
<example id="example-apache-httpdconf-loadmodule">
<title>Using the <option>LoadModule</option>
directive</title>
@@ -3295,7 +3281,7 @@ ErrorDocument 404 /404-not_found.html</screen>
</varlistentry>
</variablelist>
</section>
- <section id="s2-apache-sslconf-common">
+ <section id="s3-apache-sslconf-common">
<title>Common <filename>ssl.conf</filename>
Directives</title>
<para>
The <firstterm>Secure Sockets Layer</firstterm>
(<acronym>SSL</acronym>) directives allow you to customize the behavior of the
Apache HTTP Secure Server, and in most cases, they are configured appropriately during the
installation. Be careful when changing these settings, as incorrect configuration can lead
to security vulnerabilities.
@@ -3406,10 +3392,10 @@ ErrorDocument 404 /404-not_found.html</screen>
</varlistentry>
</variablelist>
<para>
- Note that for the <filename>/etc/httpd/conf.d/ssl.conf</filename>
file to be present, the <package>mod_ssl</package> needs to be installed.
Refer to <xref linkend="s1-apache-mod_ssl" /> for more information on how
to install and configure an SSL server.
+ Note that for the <filename>/etc/httpd/conf.d/ssl.conf</filename>
file to be present, the <package>mod_ssl</package> needs to be installed.
Refer to <xref linkend="s2-apache-mod_ssl" /> for more information on how
to install and configure an SSL server.
</para>
</section>
- <section id="s2-apache-mpm-common">
+ <section id="s3-apache-mpm-common">
<title>Common Multi-Processing Module Directives</title>
<para>
The <firstterm>Multi-Processing Module</firstterm>
(<acronym>MPM</acronym>) directives allow you to customize the behavior of a
particular MPM specific server-pool. Since its characteristics differ depending on which
MPM is used, the directives are embeded in <option>IfModule</option>. By
default, the server-pool is defined for both the <systemitem
class="resource">prefork</systemitem> and <systemitem
class="resource">worker</systemitem> MPMs.
@@ -3613,7 +3599,7 @@ ErrorDocument 404 /404-not_found.html</screen>
</variablelist>
</section>
</section>
- <section id="s1-apache-dso">
+ <section id="s2-apache-dso">
<title>Working with Modules</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -3628,7 +3614,7 @@ ErrorDocument 404 /404-not_found.html</screen>
<para>
Being a modular application, the <systemitem
class="service">httpd</systemitem> service is distributed along with a
number of <firstterm>Dynamic Shared Objects</firstterm>
(<acronym>DSO</acronym>s), which can be dynamically loaded or unloaded at
runtime as necessary. By default, these modules are located in <filename
class="directory">/usr/lib/httpd/modules/</filename> on 32-bit and in
<filename class="directory">/usr/lib64/httpd/modules/</filename> on
64-bit systems.
</para>
- <section id="s2-apache-dso-loading">
+ <section id="s3-apache-dso-loading">
<title>Loading a Module</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -3636,7 +3622,7 @@ ErrorDocument 404 /404-not_found.html</screen>
<tertiary>loading</tertiary>
</indexterm>
<para>
- To load a particular DSO module, use the <option>LoadModule</option>
directive as described in <xref linkend="s2-apache-httpdconf-directives"
/>. Note that modules provided by a separate package often have their own configuration
file in the <filename
class="directory">/etc/httpd/conf.d/</filename> directory.
+ To load a particular DSO module, use the <option>LoadModule</option>
directive as described in <xref linkend="s3-apache-httpdconf-directives"
/>. Note that modules provided by a separate package often have their own configuration
file in the <filename
class="directory">/etc/httpd/conf.d/</filename> directory.
</para>
<example id="example-apache-dso-loading">
<title>Loading the <systemitem
class="resource">mod_ssl</systemitem> DSO</title>
@@ -3646,7 +3632,7 @@ ErrorDocument 404 /404-not_found.html</screen>
Once you are finished, restart the web server to reload the configuration. Refer
to <xref linkend="s3-apache-running-restarting" /> for more information on
how to restart the <systemitem class="service">httpd</systemitem>
service.
</para>
</section>
- <section id="s2-apache-dso-writing">
+ <section id="s3-apache-dso-writing">
<title>Writing a Module</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -3669,7 +3655,7 @@ ErrorDocument 404 /404-not_found.html</screen>
</para>
</section>
</section>
- <section id="s1-apache-virtualhosts">
+ <section id="s2-apache-virtualhosts">
<title>Setting Up Virtual Hosts</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -3710,7 +3696,7 @@ ErrorDocument 404 /404-not_found.html</screen>
To activate a newly created virtual host, the web server has to be restarted first.
Refer to <xref linkend="s3-apache-running-restarting" /> for more
information on how to restart the <systemitem
class="service">httpd</systemitem> service.
</para>
</section>
- <section id="s1-apache-mod_ssl">
+ <section id="s2-apache-mod_ssl">
<title>Setting Up an SSL Server</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -3745,7 +3731,7 @@ ErrorDocument 404 /404-not_found.html</screen>
<para>
Unlike a regular HTTP connection that can be read and possibly modified by anybody
who is able to intercept it, the use of <systemitem
class="resource">mod_ssl</systemitem> prevents any inspection or
modification of the transmitted content. This section provides basic information on how to
enable this module in the Apache HTTP Server configuration, and guides you through the
process of generating private keys and self-signed certificates.
</para>
- <section id="s2-apache-mod_ssl-certificates">
+ <section id="s3-apache-mod_ssl-certificates">
<title>An Overview of Certificates and Security</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -3826,7 +3812,7 @@ ErrorDocument 404 /404-not_found.html</screen>
When setting up an SSL server, you need to generate a certificate request and a
private key, and then send the certificate request, proof of the company's identity,
and payment to a certificate authority. Once the CA verifies the certificate request and
your identity, it will send you a signed certificate you can use with your server.
Alternatively, you can create a self-signed certificate that does not contain a CA
signature, and thus should be used for testing purposes only.
</para>
</section>
- <section id="s2-apache-mod_ssl-enabling">
+ <section id="s3-apache-mod_ssl-enabling">
<title>Enabling the <systemitem
class="resource">mod_ssl</systemitem> Module</title>
<para>
If you intend to set up an SSL server, make sure you have the
<package>mod_ssl</package> (the <systemitem
class="resource">mod_ssl</systemitem> module) and
<package>openssl</package> (the OpenSSL toolkit) packages installed. To do so,
type the following at a shell prompt:
@@ -3841,7 +3827,7 @@ ErrorDocument 404 /404-not_found.html</screen>
This will create the <systemitem
class="resource">mod_ssl</systemitem> configuration file at
<filename>/etc/httpd/conf.d/ssl.conf</filename>, which is included in the main
Apache HTTP Server configuration file by default. For the module to be loaded, restart the
<systemitem class="service">httpd</systemitem> service as described
in <xref linkend="s3-apache-running-restarting" />.
</para>
</section>
- <section id="s2-apache-mod_ssl-keypair">
+ <section id="s3-apache-mod_ssl-keypair">
<title>Using an Existing Key and Certificate</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -3875,7 +3861,7 @@ ErrorDocument 404 /404-not_found.html</screen>
</listitem>
</orderedlist>
<para>
- In either of the above cases, you will need to obtain a new certificate. For more
information on this topic, refer to <xref linkend="s2-apache-mod_ssl-genkey"
/>.
+ In either of the above cases, you will need to obtain a new certificate. For more
information on this topic, refer to <xref linkend="s3-apache-mod_ssl-genkey"
/>.
</para>
<para>
If you wish to use an existing key and certificate, move the relevant files to
the <filename class="directory">/etc/pki/tls/private/</filename> and
<filename class="directory">/etc/pki/tls/certs/</filename>
directories respectively. You can do so by typing the following commands:
@@ -3896,7 +3882,7 @@ SSLCertificateKeyFile
/etc/pki/tls/private/<replaceable>hostname</replaceable>.k
~]# <command>mv /etc/httpd/conf/httpsd.crt
/etc/pki/tls/certs/penguin.example.com.crt</command></screen>
</example>
</section>
- <section id="s2-apache-mod_ssl-genkey">
+ <section id="s3-apache-mod_ssl-genkey">
<title>Generating a New Key and Certificate</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -4101,12 +4087,12 @@ SSLCertificateKeyFile
/etc/pki/tls/private/<replaceable>hostname</replaceable>.k
</para>
</section>
</section>
- <section id="s1-apache-resources">
+ <section id="s2-apache-resources">
<title>Additional Resources</title>
<para>
To learn more about the Apache HTTP Server, refer to the following resources.
</para>
- <section id="s2-apache-resources-installed">
+ <section id="s3-apache-resources-installed">
<title>Installed Documentation</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -4140,7 +4126,7 @@ SSLCertificateKeyFile
/etc/pki/tls/private/<replaceable>hostname</replaceable>.k
</varlistentry>
</variablelist>
</section>
- <section id="s2-apache-resources-web">
+ <section id="s3-apache-resources-web">
<title>Useful Websites</title>
<indexterm>
<primary><application>Apache HTTP
Server</application></primary>
@@ -4175,4 +4161,4 @@ SSLCertificateKeyFile
/etc/pki/tls/private/<replaceable>hostname</replaceable>.k
</variablelist>
</section>
</section>
-</chapter>
+</section>
diff --git a/en-US/The_X_Window_System.xml b/en-US/The_X_Window_System.xml
index 6868a28..e4345b3 100644
--- a/en-US/The_X_Window_System.xml
+++ b/en-US/The_X_Window_System.xml
@@ -1,7 +1,7 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
+<appendix
id="ch-The_X_Window_System">
<title>The X Window System</title>
<indexterm
@@ -932,7 +932,7 @@ widget_class "*" style "user-font"</screen>
<para>The X server looks for a font server specified in the
<command>FontPath</command> directive within the
<command>Files</command> section of the
<filename>/etc/X11/xorg.conf</filename> configuration file. Refer to <xref
linkend="s3-x-server-config-xorg.conf-files"/> for more
information about the <command>FontPath</command> entry.</para>
<para>The X server connects to the <command>xfs</command> server
on a specified port to acquire font information. For this reason, the
<command>xfs</command> service must be running for X to start. For more about
configuring services for a particular runlevel, refer to <xref
- linkend="ch-Controlling_Access_to_Services"/>.</para>
+ linkend="ch-Services_and_Daemons" />.</para>
<section
id="s3-x-fonts-xfs-config">
<title>
@@ -1255,4 +1255,4 @@ widget_class "*" style
"user-font"</screen>
</itemizedlist>
</section>
</section>
-</chapter>
+</appendix>
diff --git a/en-US/The_kdump_Crash_Recovery_Service.xml
b/en-US/The_kdump_Crash_Recovery_Service.xml
index d8766c9..b8b3513 100644
--- a/en-US/The_kdump_Crash_Recovery_Service.xml
+++ b/en-US/The_kdump_Crash_Recovery_Service.xml
@@ -102,7 +102,7 @@
To start the <systemitem
class="service">kdump</systemitem> daemon at boot time, click the
<guibutton>Apply</guibutton> button on the toolbar. This will enable the
service for runlevels <literal>2</literal>, <literal>3</literal>,
<literal>4</literal>, and <literal>5</literal>, and start it for
the current session. Similarly, clicking the <guibutton>Disable</guibutton>
button will disable it for all runlevels and stop the service immediately.
</para>
<para>
- For more information on runlevels and configuring services in general, refer to
<xref linkend="ch-Controlling_Access_to_Services" />.
+ For more information on runlevels and configuring services in general, refer to
<xref linkend="ch-Services_and_Daemons" />.
</para>
</section>
<section id="s3-kdump-configuration-gui-basic">
@@ -540,7 +540,7 @@ No kdump initial ramdisk found. [WARNING]
Rebuilding /boot/initrd-2.6.32-54.el6.i686kdump.img
Starting kdump: [ OK ]</screen>
<para>
- For more information on runlevels and configuring services in general, refer to
<xref linkend="ch-Controlling_Access_to_Services" />.
+ For more information on runlevels and configuring services in general, refer to
<xref linkend="ch-Services_and_Daemons" />.
</para>
</section>
</section>
diff --git a/en-US/The_proc_File_System.xml b/en-US/The_proc_File_System.xml
index 558d30a..351662b 100644
--- a/en-US/The_proc_File_System.xml
+++ b/en-US/The_proc_File_System.xml
@@ -1,7 +1,7 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
+<appendix
id="ch-proc">
<title>The <filename>proc</filename> File System</title>
<indexterm
@@ -5238,4 +5238,4 @@ kernel.sysrq = 1
</itemizedlist>
</simplesect>
</section>
-</chapter>
+</appendix>
diff --git a/en-US/The_sysconfig_Directory.xml b/en-US/The_sysconfig_Directory.xml
index bf07174..99116e0 100644
--- a/en-US/The_sysconfig_Directory.xml
+++ b/en-US/The_sysconfig_Directory.xml
@@ -1,7 +1,7 @@
<?xml version='1.0'?>
-<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+<!DOCTYPE appendix PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter
+<appendix
id="ch-The_sysconfig_Directory">
<title>The sysconfig Directory</title>
<indexterm>
@@ -351,7 +351,7 @@
</variablelist>
<para>
Refer to <xref
- linkend="ch-Authentication_Configuration" /> for more information
on this topic.
+ linkend="ch-Configuring_Authentication" /> for more information on
this topic.
</para>
</section>
<section
@@ -648,7 +648,7 @@
</variablelist>
<para>
Refer to <xref
- linkend="ch-Dynamic_Host_Configuration_Protocol_DHCP" /> for more
information on DHCP and its usage.
+ linkend="ch-DHCP_Servers" /> for more information on DHCP and its
usage.
</para>
</section>
<section
@@ -1301,7 +1301,7 @@
</variablelist>
<para>
Refer to <xref
- linkend="ch-Lightweight_Directory_Access_Protocol_LDAP" /> for
more information on LDAP and its configuration.
+ linkend="s1-OpenLDAP" /> for more information on LDAP and its
configuration.
</para>
</section>
<section
@@ -1366,7 +1366,7 @@
</variablelist>
<para>
Refer to <xref
- linkend="ch-The_BIND_DNS_Server" /> for more information on the
BIND DNS server and its configuration.
+ linkend="s1-BIND" /> for more information on the BIND DNS server
and its configuration.
</para>
</section>
<section
@@ -2034,7 +2034,7 @@
</variablelist>
<para>
Refer to <xref
- linkend="ch-Controlling_Access_to_Services" /> for more
information on how to configure the <command>xinetd</command> services.
+ linkend="ch-Services_and_Daemons" /> for more information on how
to configure the <command>xinetd</command> services.
</para>
</section>
</section>
@@ -2091,7 +2091,7 @@
<filename>/etc/sysconfig/networking/</filename>
directory</secondary>
</indexterm>
This directory is used by the <application>Network Administration
Tool</application> (<command>system-config-network</command>), and its
contents should not be edited manually. For more information about configuring network
interfaces using the <application>Network Administration Tool</application>,
refer to <xref
- linkend="ch-Network_Configuration" />.
+ linkend="ch-NetworkManager" />.
</para>
</listitem>
</varlistentry>
@@ -2199,4 +2199,4 @@
</variablelist>
</section>
</section>
-</chapter>
+</appendix>
diff --git a/en-US/Log_Files.xml b/en-US/Viewing_and_Managing_Log_Files.xml
similarity index 99%
rename from en-US/Log_Files.xml
rename to en-US/Viewing_and_Managing_Log_Files.xml
index f9c7c32..5abc0dc 100644
--- a/en-US/Log_Files.xml
+++ b/en-US/Viewing_and_Managing_Log_Files.xml
@@ -1,8 +1,8 @@
<?xml version='1.0'?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
]>
-<chapter id="ch-Log_Files">
- <title>Log Files</title>
+<chapter id="ch-Viewing_and_Managing_Log_Files">
+ <title>Viewing and Managing Log Files</title>
<indexterm significance="normal">
<primary>log files</primary>
<seealso>
diff --git a/en-US/Web_Servers.xml b/en-US/Web_Servers.xml
new file mode 100644
index 0000000..e9c5c3e
--- /dev/null
+++ b/en-US/Web_Servers.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+<chapter id="ch-Web_Servers">
+ <title>Web Servers</title>
+ <indexterm>
+ <primary>HTTP server</primary>
+ <see><application>Apache HTTP Server</application></see>
+ </indexterm>
+ <indexterm>
+ <primary>web server</primary>
+ <see><application>Apache HTTP Server</application></see>
+ </indexterm>
+ <para>
+ <systemitem class="protocol">HTTP</systemitem> (Hypertext
Transfer Protocol) server, or a <firstterm>web server</firstterm>, is a
network service that serves content to a client over the web. This typically means web
pages, but any other documents can be served as well.
+ </para>
+ <xi:include href="The_Apache_HTTP_Server.xml"
xmlns:xi="http://www.w3.org/2001/XInclude" />
+</chapter>