mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-15 12:54:27 +00:00
Revise markup.
This commit is contained in:
parent
5cc415a9eb
commit
66f6e0e5df
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=162893
|
@ -33,24 +33,26 @@
|
|||
.Os
|
||||
.Sh NAME
|
||||
.Nm snmp_hostres
|
||||
.Nd "host resources module for snmpd.
|
||||
.Nd host resources module for
|
||||
.Xr bsnmpd 8
|
||||
.Sh LIBRARY
|
||||
.Pq begemotSnmpdModulePath."hostres" = "/usr/lib/snmp_hostres.so"
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm snmp_hostres
|
||||
.Nm
|
||||
module implements the HOST-RESOURCES-MIB as standardized in RFC 2790.
|
||||
.Sh RESTRICTIONS
|
||||
Not all information in the MIB is meaningful in FreeBSD or is available.
|
||||
The following variables are not implemented or carry no information:
|
||||
.Bl -tag -width "XXXXXXXXX"
|
||||
.Bl -tag -width indent
|
||||
.It Va hrFSType
|
||||
There are several types of file systems for which no appropriate OID
|
||||
exists yet which are supported by FreeBSD.
|
||||
For smbfs, procfs and devfs
|
||||
exists yet which are supported by
|
||||
.Fx .
|
||||
For smbfs, procfs and devfs ,
|
||||
.Va hrFSOther
|
||||
is returned.
|
||||
In all other cases
|
||||
In all other cases,
|
||||
.Va hrFSUnknown .
|
||||
.It Va hrFSBootable
|
||||
It is questionable what bootable means here.
|
||||
|
@ -59,17 +61,18 @@ or does it mean that there is something bootable?
|
|||
In either case this information is not available so this variable returns True
|
||||
for the root file system (which is not necessarily correct) and False for
|
||||
all others.
|
||||
.It Va hrFSLastFullBackupDate
|
||||
.It Va hrFSLastPartialBackupDate
|
||||
.It Va hrFSLastFullBackupDate , hrFSLastPartialBackupDate
|
||||
This is not available and always returns an empty string.
|
||||
Theoretically this could be retrieved from /etc/dumpdates, which would
|
||||
Theoretically, this could be retrieved from
|
||||
.Pa /etc/dumpdates ,
|
||||
which would
|
||||
hardly be correct given the different ways of doing backups.
|
||||
.It Va hrDiskStorageTable
|
||||
Floppy devices are currently not reported.
|
||||
Also the names of the disks are hard-coded in the module.
|
||||
.El
|
||||
.Sh FILES
|
||||
.Bl -tag -width "XXXXXXXXX"
|
||||
.Bl -tag -width indent
|
||||
.It Pa /usr/share/snmp/defs/hostres_tree.def
|
||||
The description of the MIB tree implemented by
|
||||
.Nm .
|
||||
|
@ -82,4 +85,4 @@ This is the MIB that is implemented by this module.
|
|||
.Xr gensnmptree 1 ,
|
||||
.Xr snmpmod 3
|
||||
.Sh AUTHORS
|
||||
.An Victor Cruceru Aq soc-victor@freebsd.org
|
||||
.An Victor Cruceru Aq soc-victor@FreeBSD.org
|
||||
|
|
|
@ -32,15 +32,17 @@
|
|||
.Nd "caching server daemon"
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl nst
|
||||
.Op Fl dnst
|
||||
.Op Fl i Ar cachename
|
||||
.Op Fl I Ar cachename
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
utility
|
||||
is the system caching daemon.
|
||||
It can cache almost all types of data and is basically intended to be used
|
||||
with the
|
||||
.Pa nsswitch
|
||||
.Nm nsswitch
|
||||
subsystem.
|
||||
The cache is actually per-user.
|
||||
This means that each user can work only with the
|
||||
|
@ -49,19 +51,19 @@ cache of other users.
|
|||
The
|
||||
.Nm
|
||||
utility supports two types of caching:
|
||||
.Bl -tag -width Pair
|
||||
.Bl -tag -width ".Sy Type"
|
||||
.It Sy Type
|
||||
.Sy Description
|
||||
.It Common caching
|
||||
Each cached element is the the key+value pair.
|
||||
Each cached element is the key+value pair.
|
||||
This type of caching supports policies which are applied when maximum
|
||||
number of cached elements is exceeded.
|
||||
Three policies are available:
|
||||
.Pa FIFO
|
||||
.Cm FIFO
|
||||
(first in - first out),
|
||||
.Pa LRU
|
||||
.Cm LRU
|
||||
(least recently used) and
|
||||
.Pa LFU
|
||||
.Cm LFU
|
||||
(least frequently used).
|
||||
This type of caching is used with the
|
||||
.Fn getXXXbyname
|
||||
|
@ -77,24 +79,26 @@ The
|
|||
.Nm
|
||||
utility is able not only to cache elements, but to perform the actual nsswitch
|
||||
lookups by itself.
|
||||
To enable this feature use the
|
||||
.Pa perform-actual-lookups
|
||||
parameter in the
|
||||
.Xr cached.conf 5
|
||||
To enable this feature, use the
|
||||
.Va perform-actual-lookups
|
||||
parameter in
|
||||
.Xr cached.conf 5 .
|
||||
.Pp
|
||||
The
|
||||
.Nm
|
||||
utility recognizes the following runtime options:
|
||||
.Bl -tag -width indent
|
||||
.\" .It Fl d
|
||||
.\" XXX Document me!
|
||||
.It Fl n
|
||||
Do not daemonize.
|
||||
Do not daemonize;
|
||||
.Nm
|
||||
will not fork or disconnect itself from the terminal.
|
||||
.It Fl s
|
||||
Single-threaded mode.
|
||||
Forces using only one thread for all processing purposes (it overrides
|
||||
the
|
||||
.Pa threads
|
||||
.Va threads
|
||||
parameter in the
|
||||
.Xr cached.conf 5
|
||||
file).
|
||||
|
@ -116,16 +120,17 @@ It asks the already running
|
|||
to invalidate the specified part of the cache of the
|
||||
calling user.
|
||||
For example, sometimes you may want to invalidate your
|
||||
.Pa hosts
|
||||
.Dq Li hosts
|
||||
cache.
|
||||
You can specify
|
||||
.Pa all
|
||||
.Dq Li all
|
||||
as the
|
||||
.Pa cachename
|
||||
.Ar cachename
|
||||
to invalidate your personal cache as a whole.
|
||||
You cannot use this option for the cachename, for which
|
||||
the
|
||||
.Pa perform-actual-lookups
|
||||
You cannot use this option for the
|
||||
.Ar cachename
|
||||
for which the
|
||||
.Va perform-actual-lookups
|
||||
option is enabled.
|
||||
.It Fl I Ar cachename
|
||||
Invalidates the cache for every user.
|
||||
|
@ -138,14 +143,14 @@ running
|
|||
to invalidate the specified part of the cache for
|
||||
every user.
|
||||
You can specify
|
||||
.Pa all
|
||||
.Dq Li all
|
||||
as the
|
||||
.Pa cachename
|
||||
.Ar cachename
|
||||
to invalidate the whole cache.
|
||||
Only the root can use this option.
|
||||
.El
|
||||
.Sh FILES
|
||||
.Bl -tag -width /etc/cached.conf -compact
|
||||
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||
.It Pa /etc/cached.conf
|
||||
The default configuration file.
|
||||
.El
|
||||
|
@ -153,8 +158,8 @@ The default configuration file.
|
|||
.Xr nsdispatch 3 ,
|
||||
.Xr cached.conf 5 ,
|
||||
.Xr nsswitch.conf 5
|
||||
.Sh "AUTHORS"
|
||||
.Sh AUTHORS
|
||||
.An Michael Bushkov Aq bushman@rsu.ru
|
||||
.Sh "BUGS"
|
||||
To report bugs or suggestions please mail me:
|
||||
.Aq bushman@rsu.ru
|
||||
.Sh BUGS
|
||||
Please send bug reports and suggestions to
|
||||
.Aq bushman@rsu.ru .
|
||||
|
|
|
@ -29,81 +29,120 @@
|
|||
.Os
|
||||
.Sh NAME
|
||||
.Nm cached.conf
|
||||
.Nd "caching daemon configuration file manual page"
|
||||
.Sh "DESCRIPTION"
|
||||
.Nd "caching daemon configuration file"
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
file
|
||||
is used by the
|
||||
.Xr cached 8
|
||||
daemon and is read on its startup.
|
||||
Its syntax is mostly similar to the nscd.conf syntax in Linux and Solaris.
|
||||
It has some differences, though - see them below.
|
||||
Its syntax is mostly similar to the
|
||||
.Pa nscd.conf
|
||||
syntax in
|
||||
.Tn Linux
|
||||
and
|
||||
.Tn Solaris .
|
||||
It has some differences, though \[em] see them below.
|
||||
.Pp
|
||||
Each line specifies either an attribute and a value, or an attribute,
|
||||
a cachename and a value.
|
||||
Usual cachenames are passwd, groups, hosts, services, protocols and rpc.
|
||||
You can also use any other cachename (for example, if some third-party
|
||||
Each line specifies either an attribute and a
|
||||
.Ar value ,
|
||||
or an attribute, a
|
||||
.Ar cachename
|
||||
and a
|
||||
.Ar value .
|
||||
Usual cachenames are
|
||||
.Dq Li passwd ,
|
||||
.Dq Li groups ,
|
||||
.Dq Li hosts ,
|
||||
.Dq Li services ,
|
||||
.Dq Li protocols
|
||||
and
|
||||
.Dq Li rpc .
|
||||
You can also use any other
|
||||
.Ar cachename
|
||||
(for example, if some third-party
|
||||
application uses nsswitch).
|
||||
.Pp
|
||||
.Bl -tag -width Pair
|
||||
.It Sy threads [value]
|
||||
.Bl -tag -width indent
|
||||
.It Va threads Op Ar value
|
||||
Number of threads, which would listen for connections and process requests.
|
||||
The minimum is 1.
|
||||
The default value is 8.
|
||||
.It Sy enable-cache [cachename] [yes|no]
|
||||
Enables or disables the cache for specified cachename.
|
||||
.It Sy positive-time-to-live [cachename] [value]
|
||||
.It Va enable-cache Oo Ar cachename Oc Op Cm yes | no
|
||||
Enables or disables the cache for specified
|
||||
.Ar cachename .
|
||||
.It Va positive-time-to-live Oo Ar cachename Oc Op Ar value
|
||||
Sets the TTL (time-to-live) for the specified cache in seconds.
|
||||
Larger values can increase system's performance, but they also can affect
|
||||
the cache coherence.
|
||||
The default value is 3600.
|
||||
.It Sy positive-policy [cachename] [fifo|lru|lfu]
|
||||
.It Va positive-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||
The policy that is applied to erase some of the cache elements, when the
|
||||
size limit of the given cachename is exceeded.
|
||||
Possible policies are: fifo (first-in-first-out), lru (least-recently-used),
|
||||
lfu (least-frequently-used).
|
||||
The default policy is lru.
|
||||
.It Sy negative-time-to-live [cachename] [value]
|
||||
size limit of the given
|
||||
.Ar cachename
|
||||
is exceeded.
|
||||
Possible policies are:
|
||||
.Cm fifo
|
||||
(first-in-first-out),
|
||||
.Cm lru
|
||||
(least-recently-used), and
|
||||
.Cm lfu
|
||||
(least-frequently-used).
|
||||
The default policy is
|
||||
.Cm lru .
|
||||
.It Va negative-time-to-live Oo Ar cachename Oc Op Ar value
|
||||
The TTL of the negative cached elements in seconds.
|
||||
The larger values can significantly increase system performance in some
|
||||
environments (when dealing with files with UIDs, which are not in system
|
||||
databases, for example).
|
||||
This number should be kept low to avoid the cache coherence problems.
|
||||
The default value is 60.
|
||||
.It Sy negative-policy [cachename] [fifo|lru|lfu]
|
||||
.It Va negative-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||
The same as the positive-policy, but this one is applied to the negative
|
||||
elements of the given cachename.
|
||||
elements of the given
|
||||
.Ar cachename .
|
||||
The default policy is fifo.
|
||||
.It Sy suggested-size [cachename] [value]
|
||||
.It Va suggested-size Oo Ar cachename Oc Op Ar value
|
||||
This is the internal hash table size.
|
||||
The value should be a prime number for optimum performance.
|
||||
You should only change this value when the number of cached elements is
|
||||
significantly (in 5-10 times) greater then the default hash table size (255).
|
||||
.It Sy keep-hot-count [cachename] [value]
|
||||
The size limit of the cache with the given cachename.
|
||||
.It Va keep-hot-count Oo Ar cachename Oc Op Ar value
|
||||
The size limit of the cache with the given
|
||||
.Ar cachename .
|
||||
When it is exceeded, the policy will be applied.
|
||||
The default value is 2048.
|
||||
.It Sy perform-actual-lookups [cachename] [yes|no]
|
||||
.It Va perform-actual-lookups Oo Ar cachename Oc Op Cm yes | no
|
||||
If enabled, the
|
||||
.Xr cached 8
|
||||
does not simply receive and cache the NSS-requests results, but performs
|
||||
all the lookups by itself and only returns the responses.
|
||||
If this feature is enabled, then for the given cachename
|
||||
If this feature is enabled, then for the given
|
||||
.Ar cachename
|
||||
.Xr cached 8
|
||||
will act similarly to the NSCD.
|
||||
.Pp
|
||||
.Pa NOTE:
|
||||
this feature is currently experimental - it supports only passwd, groups and
|
||||
services cachenames.
|
||||
.Sy NOTE :
|
||||
this feature is currently experimental \[em] it supports only
|
||||
.Dq Li passwd ,
|
||||
.Dq Li groups
|
||||
and
|
||||
.Dq Li services
|
||||
cachenames.
|
||||
.El
|
||||
.Sh "NOTES"
|
||||
You can use
|
||||
.Sq #
|
||||
.Sh NOTES
|
||||
You can use the
|
||||
.Ql #
|
||||
symbol at the beginning of the line for comments.
|
||||
.Sh "SEE ALSO"
|
||||
.Sh FILES
|
||||
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||
.It Pa /etc/cached.conf
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr cached 8
|
||||
.Sh "AUTHORS"
|
||||
Michael Bushkov
|
||||
.Aq bushman@rsu.ru
|
||||
.Sh "BUGS"
|
||||
To report bugs or suggestions please mail me
|
||||
.Sh AUTHORS
|
||||
.An Michael Bushkov
|
||||
.Aq bushman@rsu.ru
|
||||
.Sh BUGS
|
||||
Please send bug reports and suggestions to
|
||||
.Aq bushman@rsu.ru .
|
||||
|
|
|
@ -54,11 +54,13 @@ The packets are then dropped unless
|
|||
is used.
|
||||
.Pp
|
||||
The options are as follows:
|
||||
.Bl -tag -width Ds
|
||||
.Bl -tag -width indent
|
||||
.It Fl d
|
||||
Turns on extra debugging messages.
|
||||
.It Fl r
|
||||
Writes packets back to the divert socket.
|
||||
Writes packets back to the
|
||||
.Xr divert 4
|
||||
socket.
|
||||
.It Fl rr
|
||||
Indicates that it is okay to quit if
|
||||
.Ar maxbytes
|
||||
|
@ -66,7 +68,8 @@ or
|
|||
.Ar maxpkts
|
||||
are reached.
|
||||
Diverted packets will silently disappear if nothing is listening on the
|
||||
divert socket.
|
||||
.Xr divert 4
|
||||
socket.
|
||||
.It Fl b Ar maxbytes
|
||||
Stop dumping after
|
||||
.Ar maxbytes
|
||||
|
@ -90,23 +93,23 @@ The
|
|||
.Ar dumpfile
|
||||
argument is the path to the file to write captured packets to.
|
||||
Specify
|
||||
.Sq Li -
|
||||
.Sq Fl
|
||||
to write to stdout.
|
||||
.Sh EXIT STATUS
|
||||
.Ex -std
|
||||
.Sh EXAMPLES
|
||||
.Dl ipfwpcap -r 8091 divt.log &
|
||||
.Dl "ipfwpcap -r 8091 divt.log &"
|
||||
.Pp
|
||||
Starts
|
||||
.Nm
|
||||
as a background job listening to port 8091 and reflecting the packets
|
||||
back to the socket.
|
||||
.Pp
|
||||
.Dl ipfw add 2864 divert 8091 ip from 192.168.1.101
|
||||
.Dl "ipfw add 2864 divert 8091 ip from 192.0.2.101"
|
||||
.Pp
|
||||
Example
|
||||
.Xr ipfw 8
|
||||
rule to divert all packets from 192.168.1.101 to port 8091.
|
||||
rule to divert all packets from 192.0.2.101 to port 8091.
|
||||
See
|
||||
.Xr ipfw 8
|
||||
for details.
|
||||
|
|
|
@ -32,15 +32,17 @@
|
|||
.Nd "caching server daemon"
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl nst
|
||||
.Op Fl dnst
|
||||
.Op Fl i Ar cachename
|
||||
.Op Fl I Ar cachename
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
utility
|
||||
is the system caching daemon.
|
||||
It can cache almost all types of data and is basically intended to be used
|
||||
with the
|
||||
.Pa nsswitch
|
||||
.Nm nsswitch
|
||||
subsystem.
|
||||
The cache is actually per-user.
|
||||
This means that each user can work only with the
|
||||
|
@ -49,19 +51,19 @@ cache of other users.
|
|||
The
|
||||
.Nm
|
||||
utility supports two types of caching:
|
||||
.Bl -tag -width Pair
|
||||
.Bl -tag -width ".Sy Type"
|
||||
.It Sy Type
|
||||
.Sy Description
|
||||
.It Common caching
|
||||
Each cached element is the the key+value pair.
|
||||
Each cached element is the key+value pair.
|
||||
This type of caching supports policies which are applied when maximum
|
||||
number of cached elements is exceeded.
|
||||
Three policies are available:
|
||||
.Pa FIFO
|
||||
.Cm FIFO
|
||||
(first in - first out),
|
||||
.Pa LRU
|
||||
.Cm LRU
|
||||
(least recently used) and
|
||||
.Pa LFU
|
||||
.Cm LFU
|
||||
(least frequently used).
|
||||
This type of caching is used with the
|
||||
.Fn getXXXbyname
|
||||
|
@ -77,24 +79,26 @@ The
|
|||
.Nm
|
||||
utility is able not only to cache elements, but to perform the actual nsswitch
|
||||
lookups by itself.
|
||||
To enable this feature use the
|
||||
.Pa perform-actual-lookups
|
||||
parameter in the
|
||||
.Xr cached.conf 5
|
||||
To enable this feature, use the
|
||||
.Va perform-actual-lookups
|
||||
parameter in
|
||||
.Xr cached.conf 5 .
|
||||
.Pp
|
||||
The
|
||||
.Nm
|
||||
utility recognizes the following runtime options:
|
||||
.Bl -tag -width indent
|
||||
.\" .It Fl d
|
||||
.\" XXX Document me!
|
||||
.It Fl n
|
||||
Do not daemonize.
|
||||
Do not daemonize;
|
||||
.Nm
|
||||
will not fork or disconnect itself from the terminal.
|
||||
.It Fl s
|
||||
Single-threaded mode.
|
||||
Forces using only one thread for all processing purposes (it overrides
|
||||
the
|
||||
.Pa threads
|
||||
.Va threads
|
||||
parameter in the
|
||||
.Xr cached.conf 5
|
||||
file).
|
||||
|
@ -116,16 +120,17 @@ It asks the already running
|
|||
to invalidate the specified part of the cache of the
|
||||
calling user.
|
||||
For example, sometimes you may want to invalidate your
|
||||
.Pa hosts
|
||||
.Dq Li hosts
|
||||
cache.
|
||||
You can specify
|
||||
.Pa all
|
||||
.Dq Li all
|
||||
as the
|
||||
.Pa cachename
|
||||
.Ar cachename
|
||||
to invalidate your personal cache as a whole.
|
||||
You cannot use this option for the cachename, for which
|
||||
the
|
||||
.Pa perform-actual-lookups
|
||||
You cannot use this option for the
|
||||
.Ar cachename
|
||||
for which the
|
||||
.Va perform-actual-lookups
|
||||
option is enabled.
|
||||
.It Fl I Ar cachename
|
||||
Invalidates the cache for every user.
|
||||
|
@ -138,14 +143,14 @@ running
|
|||
to invalidate the specified part of the cache for
|
||||
every user.
|
||||
You can specify
|
||||
.Pa all
|
||||
.Dq Li all
|
||||
as the
|
||||
.Pa cachename
|
||||
.Ar cachename
|
||||
to invalidate the whole cache.
|
||||
Only the root can use this option.
|
||||
.El
|
||||
.Sh FILES
|
||||
.Bl -tag -width /etc/cached.conf -compact
|
||||
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||
.It Pa /etc/cached.conf
|
||||
The default configuration file.
|
||||
.El
|
||||
|
@ -153,8 +158,8 @@ The default configuration file.
|
|||
.Xr nsdispatch 3 ,
|
||||
.Xr cached.conf 5 ,
|
||||
.Xr nsswitch.conf 5
|
||||
.Sh "AUTHORS"
|
||||
.Sh AUTHORS
|
||||
.An Michael Bushkov Aq bushman@rsu.ru
|
||||
.Sh "BUGS"
|
||||
To report bugs or suggestions please mail me:
|
||||
.Aq bushman@rsu.ru
|
||||
.Sh BUGS
|
||||
Please send bug reports and suggestions to
|
||||
.Aq bushman@rsu.ru .
|
||||
|
|
|
@ -29,81 +29,120 @@
|
|||
.Os
|
||||
.Sh NAME
|
||||
.Nm cached.conf
|
||||
.Nd "caching daemon configuration file manual page"
|
||||
.Sh "DESCRIPTION"
|
||||
.Nd "caching daemon configuration file"
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
file
|
||||
is used by the
|
||||
.Xr cached 8
|
||||
daemon and is read on its startup.
|
||||
Its syntax is mostly similar to the nscd.conf syntax in Linux and Solaris.
|
||||
It has some differences, though - see them below.
|
||||
Its syntax is mostly similar to the
|
||||
.Pa nscd.conf
|
||||
syntax in
|
||||
.Tn Linux
|
||||
and
|
||||
.Tn Solaris .
|
||||
It has some differences, though \[em] see them below.
|
||||
.Pp
|
||||
Each line specifies either an attribute and a value, or an attribute,
|
||||
a cachename and a value.
|
||||
Usual cachenames are passwd, groups, hosts, services, protocols and rpc.
|
||||
You can also use any other cachename (for example, if some third-party
|
||||
Each line specifies either an attribute and a
|
||||
.Ar value ,
|
||||
or an attribute, a
|
||||
.Ar cachename
|
||||
and a
|
||||
.Ar value .
|
||||
Usual cachenames are
|
||||
.Dq Li passwd ,
|
||||
.Dq Li groups ,
|
||||
.Dq Li hosts ,
|
||||
.Dq Li services ,
|
||||
.Dq Li protocols
|
||||
and
|
||||
.Dq Li rpc .
|
||||
You can also use any other
|
||||
.Ar cachename
|
||||
(for example, if some third-party
|
||||
application uses nsswitch).
|
||||
.Pp
|
||||
.Bl -tag -width Pair
|
||||
.It Sy threads [value]
|
||||
.Bl -tag -width indent
|
||||
.It Va threads Op Ar value
|
||||
Number of threads, which would listen for connections and process requests.
|
||||
The minimum is 1.
|
||||
The default value is 8.
|
||||
.It Sy enable-cache [cachename] [yes|no]
|
||||
Enables or disables the cache for specified cachename.
|
||||
.It Sy positive-time-to-live [cachename] [value]
|
||||
.It Va enable-cache Oo Ar cachename Oc Op Cm yes | no
|
||||
Enables or disables the cache for specified
|
||||
.Ar cachename .
|
||||
.It Va positive-time-to-live Oo Ar cachename Oc Op Ar value
|
||||
Sets the TTL (time-to-live) for the specified cache in seconds.
|
||||
Larger values can increase system's performance, but they also can affect
|
||||
the cache coherence.
|
||||
The default value is 3600.
|
||||
.It Sy positive-policy [cachename] [fifo|lru|lfu]
|
||||
.It Va positive-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||
The policy that is applied to erase some of the cache elements, when the
|
||||
size limit of the given cachename is exceeded.
|
||||
Possible policies are: fifo (first-in-first-out), lru (least-recently-used),
|
||||
lfu (least-frequently-used).
|
||||
The default policy is lru.
|
||||
.It Sy negative-time-to-live [cachename] [value]
|
||||
size limit of the given
|
||||
.Ar cachename
|
||||
is exceeded.
|
||||
Possible policies are:
|
||||
.Cm fifo
|
||||
(first-in-first-out),
|
||||
.Cm lru
|
||||
(least-recently-used), and
|
||||
.Cm lfu
|
||||
(least-frequently-used).
|
||||
The default policy is
|
||||
.Cm lru .
|
||||
.It Va negative-time-to-live Oo Ar cachename Oc Op Ar value
|
||||
The TTL of the negative cached elements in seconds.
|
||||
The larger values can significantly increase system performance in some
|
||||
environments (when dealing with files with UIDs, which are not in system
|
||||
databases, for example).
|
||||
This number should be kept low to avoid the cache coherence problems.
|
||||
The default value is 60.
|
||||
.It Sy negative-policy [cachename] [fifo|lru|lfu]
|
||||
.It Va negative-policy Oo Ar cachename Oc Op Cm fifo | lru | lfu
|
||||
The same as the positive-policy, but this one is applied to the negative
|
||||
elements of the given cachename.
|
||||
elements of the given
|
||||
.Ar cachename .
|
||||
The default policy is fifo.
|
||||
.It Sy suggested-size [cachename] [value]
|
||||
.It Va suggested-size Oo Ar cachename Oc Op Ar value
|
||||
This is the internal hash table size.
|
||||
The value should be a prime number for optimum performance.
|
||||
You should only change this value when the number of cached elements is
|
||||
significantly (in 5-10 times) greater then the default hash table size (255).
|
||||
.It Sy keep-hot-count [cachename] [value]
|
||||
The size limit of the cache with the given cachename.
|
||||
.It Va keep-hot-count Oo Ar cachename Oc Op Ar value
|
||||
The size limit of the cache with the given
|
||||
.Ar cachename .
|
||||
When it is exceeded, the policy will be applied.
|
||||
The default value is 2048.
|
||||
.It Sy perform-actual-lookups [cachename] [yes|no]
|
||||
.It Va perform-actual-lookups Oo Ar cachename Oc Op Cm yes | no
|
||||
If enabled, the
|
||||
.Xr cached 8
|
||||
does not simply receive and cache the NSS-requests results, but performs
|
||||
all the lookups by itself and only returns the responses.
|
||||
If this feature is enabled, then for the given cachename
|
||||
If this feature is enabled, then for the given
|
||||
.Ar cachename
|
||||
.Xr cached 8
|
||||
will act similarly to the NSCD.
|
||||
.Pp
|
||||
.Pa NOTE:
|
||||
this feature is currently experimental - it supports only passwd, groups and
|
||||
services cachenames.
|
||||
.Sy NOTE :
|
||||
this feature is currently experimental \[em] it supports only
|
||||
.Dq Li passwd ,
|
||||
.Dq Li groups
|
||||
and
|
||||
.Dq Li services
|
||||
cachenames.
|
||||
.El
|
||||
.Sh "NOTES"
|
||||
You can use
|
||||
.Sq #
|
||||
.Sh NOTES
|
||||
You can use the
|
||||
.Ql #
|
||||
symbol at the beginning of the line for comments.
|
||||
.Sh "SEE ALSO"
|
||||
.Sh FILES
|
||||
.Bl -tag -width ".Pa /etc/cached.conf" -compact
|
||||
.It Pa /etc/cached.conf
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr cached 8
|
||||
.Sh "AUTHORS"
|
||||
Michael Bushkov
|
||||
.Aq bushman@rsu.ru
|
||||
.Sh "BUGS"
|
||||
To report bugs or suggestions please mail me
|
||||
.Sh AUTHORS
|
||||
.An Michael Bushkov
|
||||
.Aq bushman@rsu.ru
|
||||
.Sh BUGS
|
||||
Please send bug reports and suggestions to
|
||||
.Aq bushman@rsu.ru .
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd May 17, 2006
|
||||
.Dt NTP-KEYGEN. 8
|
||||
.Dt NTP-KEYGEN 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm ntp-keygen
|
||||
|
@ -10,27 +10,28 @@
|
|||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl deGgHIMnPT
|
||||
.Op Fl c Oo Cm RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 Oc
|
||||
.Op Fl c Ar scheme
|
||||
.Op Fl i Ar name
|
||||
.Op Fl p Ar password
|
||||
.Op Fl S Oo Cm RSA | DSA Oc
|
||||
.Op Fl S Op Cm RSA | DSA
|
||||
.Op Fl s Ar name
|
||||
.Op Fl v Ar nkeys
|
||||
|
||||
.Sh DESCRIPTION
|
||||
This program generates cryptographic data files used by the NTPv4
|
||||
authentication and identification schemes.
|
||||
It generates MD5 key files used in symmetric key cryptography.
|
||||
In addition, if the OpenSSL software library has been installed,
|
||||
it generates keys, certificate and identity files used in public key
|
||||
cryptography. These files are used for cookie encryption,
|
||||
cryptography.
|
||||
These files are used for cookie encryption,
|
||||
digital signature and challenge/response identification algorithms
|
||||
compatible with the Internet standard security infrastructure.
|
||||
.Pp
|
||||
All files are in PEM-encoded printable ASCII format,
|
||||
so they can be embedded as MIME attachments in mail to other sites
|
||||
and certificate authorities.
|
||||
By default, files are not encrypted. The
|
||||
By default, files are not encrypted.
|
||||
The
|
||||
.Fl p Ar password
|
||||
option specifies the write password and
|
||||
.Fl q Ar password
|
||||
|
@ -82,7 +83,8 @@ and generation date and time as comments.
|
|||
All files are installed by default in the keys directory
|
||||
.Pa /usr/local/etc ,
|
||||
which is normally in a shared filesystem
|
||||
in NFS-mounted networks. The actual location of the keys directory
|
||||
in NFS-mounted networks.
|
||||
The actual location of the keys directory
|
||||
and each file can be overridden by configuration commands,
|
||||
but this is not recommended.
|
||||
Normally, the files for each host are generated by that host
|
||||
|
@ -112,7 +114,8 @@ If a link is not present,
|
|||
.Xr ntpd 8
|
||||
extracts the filestamp from the file itself.
|
||||
This allows clients to verify that the file and generation times
|
||||
are always current. The
|
||||
are always current.
|
||||
The
|
||||
.Nm
|
||||
program uses the same timestamp extension for all files generated
|
||||
at one time, so each generation is distinct and can be readily
|
||||
|
@ -124,7 +127,8 @@ program is logged in directly as root.
|
|||
The recommended procedure is change to the keys directory,
|
||||
usually
|
||||
.Pa /ust/local/etc ,
|
||||
then run the program. When run for the first time,
|
||||
then run the program.
|
||||
When run for the first time,
|
||||
or if all
|
||||
.Cm ntpkey
|
||||
files have been removed,
|
||||
|
@ -205,7 +209,8 @@ The default cryptotype uses RSA encryption, MD5 message digest
|
|||
and TC identification.
|
||||
First, configure a NTP subnet including one or more low-stratum
|
||||
trusted hosts from which all other hosts derive synchronization
|
||||
directly or indirectly. Trusted hosts have trusted certificates;
|
||||
directly or indirectly.
|
||||
Trusted hosts have trusted certificates;
|
||||
all other hosts have nontrusted certificates.
|
||||
These hosts will automatically and dynamically build authoritative
|
||||
certificate trails to one or more trusted hosts.
|
||||
|
@ -295,7 +300,8 @@ A server can also be a client of another server,
|
|||
but a client can never be a server for another client.
|
||||
In general, trusted hosts and nontrusted hosts that operate
|
||||
as both server and client have parameter files that contain
|
||||
both server and client keys. Hosts that operate
|
||||
both server and client keys.
|
||||
Hosts that operate
|
||||
only as clients have key files that contain only client keys.
|
||||
.Pp
|
||||
The PC scheme supports only one trusted host in the group.
|
||||
|
@ -315,7 +321,8 @@ to the host key file and soft link
|
|||
.Pa ntpkey_cert_ Ns Ar bob
|
||||
to the private certificate file.
|
||||
Note the generic links are on bob, but point to files generated
|
||||
by trusted host alice. In this scheme it is not possible to refresh
|
||||
by trusted host alice.
|
||||
In this scheme it is not possible to refresh
|
||||
either the keys or certificates without copying them
|
||||
to all other hosts in the group.
|
||||
.Pp
|
||||
|
@ -335,7 +342,8 @@ and clients and install a soft link from the generic
|
|||
.Pa ntpkey_iff_ Ns Ar alice
|
||||
to this file.
|
||||
If there are no hosts restricted to operate only as clients,
|
||||
there is nothing further to do. As the IFF scheme is independent
|
||||
there is nothing further to do.
|
||||
As the IFF scheme is independent
|
||||
of keys and certificates, these files can be refreshed as needed.
|
||||
.Pp
|
||||
If a rogue client has the parameter file, it could masquerade
|
||||
|
@ -349,7 +357,8 @@ and pipe the output to a file or mail program.
|
|||
Copy or mail this file to all restricted clients.
|
||||
On these clients install a soft link from the generic
|
||||
.Pa ntpkey_iff_ Ns Ar alice
|
||||
to this file. To further protect the integrity of the keys,
|
||||
to this file.
|
||||
To further protect the integrity of the keys,
|
||||
each file can be encrypted with a secret password.
|
||||
.Pp
|
||||
For the GQ scheme proceed as in the TC scheme to generate keys
|
||||
|
@ -377,7 +386,8 @@ at the same time, keys and certificates can be regenerated as needed.
|
|||
For the MV scheme, proceed as in the TC scheme to generate keys
|
||||
and certificates for all group hosts.
|
||||
For illustration assume trish is the TA, alice one of several trusted hosts
|
||||
and bob one of her clients. On TA trish run
|
||||
and bob one of her clients.
|
||||
On TA trish run
|
||||
.Nm
|
||||
.Fl V Ar n
|
||||
.Fl p Ar password ,
|
||||
|
@ -410,8 +420,14 @@ As the MV scheme is independent of keys and certificates,
|
|||
these files can be refreshed as needed.
|
||||
.Ss Command Line Options
|
||||
.Bl -tag -width indent
|
||||
.It Fl c Oo Cm RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 | RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 Oc
|
||||
.It Fl c Ar scheme
|
||||
Select certificate message digest/signature encryption scheme.
|
||||
The
|
||||
.Ar scheme
|
||||
can be one of the following:
|
||||
. Cm RSA-MD2 , RSA-MD5 , RSA-SHA , RSA-SHA1 , RSA-MDC2 , RSA-RIPEMD160 , DSA-SHA ,
|
||||
or
|
||||
.Cm DSA-SHA1 .
|
||||
Note that RSA schemes must be used with a RSA sign key and DSA
|
||||
schemes must be used with a DSA sign key.
|
||||
The default without this option is
|
||||
|
@ -473,7 +489,8 @@ by the library routines.
|
|||
The OpenSSL library uses a designated random seed file for this purpose.
|
||||
The file must be available when starting the NTP daemon and
|
||||
.Nm
|
||||
program. If a site supports OpenSSL or its companion OpenSSH,
|
||||
program.
|
||||
If a site supports OpenSSL or its companion OpenSSH,
|
||||
it is very likely that means to do this are already available.
|
||||
.Pp
|
||||
It is important to understand that entropy must be evolved
|
||||
|
@ -490,7 +507,8 @@ usually called
|
|||
which must be available when starting the NTP daemon
|
||||
or the
|
||||
.Nm
|
||||
program. The NTP daemon will first look for the file
|
||||
program.
|
||||
The NTP daemon will first look for the file
|
||||
using the path specified by the
|
||||
.Ic randfile
|
||||
subcommand of the
|
||||
|
@ -530,7 +548,8 @@ printable ASCII format preceded and followed by MIME content identifier lines.
|
|||
The format of the symmetric keys file is somewhat different
|
||||
than the other files in the interest of backward compatibility.
|
||||
Since DES-CBC is deprecated in NTPv4, the only key format of interest
|
||||
is MD5 alphanumeric strings. Following hte heard the keys are
|
||||
is MD5 alphanumeric strings.
|
||||
Following hte heard the keys are
|
||||
entered one per line in the format
|
||||
.D1 Ar keyno type key
|
||||
where
|
||||
|
|
|
@ -35,9 +35,8 @@
|
|||
.Nm
|
||||
.Fl p
|
||||
.Nm
|
||||
.Op Fl d Ar name
|
||||
.Op Ar name Ns = Ns Ar value
|
||||
.Ar ...
|
||||
.Oo Fl d Ar name Oc Ar ...
|
||||
.Op Ar name Ns = Ns Ar value ...
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
|
@ -58,7 +57,8 @@ The following options are available:
|
|||
.It Fl d Ar name
|
||||
Delete the variable selected by
|
||||
.Ar name
|
||||
from the EEPROM or NVRAM. The
|
||||
from the EEPROM or NVRAM.
|
||||
The
|
||||
.Fl d
|
||||
flag can be specified multiple times, in which case multiple variables
|
||||
will be removed.
|
||||
|
@ -97,7 +97,6 @@ to
|
|||
.Dq Li 100 :
|
||||
.Pp
|
||||
.Dl "nvram -d foo -d bar baz=100"
|
||||
.Ed
|
||||
.Sh SEE ALSO
|
||||
.Xr powermac_nvram 4 ,
|
||||
.Xr eeprom 8
|
||||
|
@ -108,10 +107,10 @@ utility first appeared in
|
|||
.Fx 7.0 .
|
||||
It is inspired by the
|
||||
Darwin/Mac OS X
|
||||
.Xr nvram 8
|
||||
.Nm
|
||||
utility.
|
||||
.Sh AUTHORS
|
||||
.An Maxim Sobolev Aq sobomax@FreeBSD.org .
|
||||
.An Maxim Sobolev Aq sobomax@FreeBSD.org
|
||||
.Sh BUGS
|
||||
Currently,
|
||||
.Nm
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd August 08, 2006
|
||||
.Dd August 8, 2006
|
||||
.Dt SADE 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -45,23 +45,29 @@ behavior, where the main menu is presented.
|
|||
The
|
||||
.Nm
|
||||
utility aims to provide a handy tool for disk management
|
||||
tasks on an already installed system. The goal is to save
|
||||
some of the useful functionality of the old sysinstall, which
|
||||
tasks on an already installed system.
|
||||
The goal is to save
|
||||
some of the useful functionality of the old
|
||||
.Xr sysinstall 8
|
||||
which
|
||||
will be removed from the system in favor of the new installer.
|
||||
.\".Sh FILES
|
||||
.Sh SEE ALSO
|
||||
sysinstall(8)
|
||||
.Xr sysinstall 8
|
||||
.Sh HISTORY
|
||||
This version of
|
||||
.Nm
|
||||
first appeared in
|
||||
.Fx 7.0 . The code is extracted from the
|
||||
sysinstall
|
||||
.Fx 7.0 .
|
||||
The code is extracted from the
|
||||
.Xr sysinstall 8
|
||||
utility.
|
||||
.Sh AUTHORS
|
||||
.An Jordan K. Hubbard Aq jkh@FreeBSD.org
|
||||
.Sh BUGS
|
||||
The utility misses a lot of nice features, such as tools for
|
||||
manipulating gmirror or gvinum stuff. These will be added
|
||||
later.
|
||||
|
||||
manipulating
|
||||
.Xr gmirror 8
|
||||
or
|
||||
.Xr gvinum 8
|
||||
stuff.
|
||||
These will be added later.
|
||||
|
|
Loading…
Reference in a new issue