3.t

早期freebsd实现

and read the manual pages for the commands contained in it
before trying to merge your local copy.
Note in particular that
.Xr ifconfig
has had many changes,
and that host names are now fully specified as domain-style names
(e.g., vangogh.CS.Berkeley.EDU) for the benefit of the name server.
.PP
Some of the commands previously in
.Pn /etc/daily
have been moved to
.Pn /etc/security ,
and several new functions have been added to
.Pn /etc/security
to do nightly security checks on the system.
The script
.Pn /etc/daily
runs
.Pn /etc/security
each night, and mails the output to the super-user.
Some of the checks done by
.Pn /etc/security
are:
.DS
\(bu Syntax errors in the password and group files.
\(bu Duplicate user and group names and id's.
\(bu Dangerous search paths and umask values for the superuser.
\(bu Dangerous values in various initialization files.
\(bu Dangerous .rhosts files.
\(bu Dangerous directory and file ownership or permissions.
\(bu Globally exported filesystems.
\(bu Dangerous owners or permissions for special devices.
.DE
In addition, it reports any changes to setuid and setgid files, special
devices, or the files in
.Pn /etc/changelist
since the last run of
.Pn /etc/security .
Backup copies of the files are saved in
.Pn /var/backups .
Finally, the system binaries are checksummed and their permissions
validated against the
.Xr mtree (8)
specifications in
.Pn /etc/mtree .
.PP
The C-library and system binaries on the distribution tape
are compiled with new versions of
.Xr gethostbyname
and
.Xr gethostbyaddr
that use the name server,
.Xr named (8).
If you have only a small network and are not connected
to a large network, you can use the distributed library routines without
any problems; they use a linear scan of the host table
.Pn /etc/hosts
if the name server is not running.
If you are on the Internet or have a large local network,
it is recommend that you set up
and use the name server.
For instructions on how to set up the necessary configuration files,
refer to ``Name Server Operations Guide for BIND'' (SMM:10).
Several programs rely on the host name returned by
.Xr gethostname
to determine the local domain name.
.PP
If you are using the name server, your
.Xr sendmail
configuration file will need some updates to accommodate it.
See the ``Sendmail Installation and Operation Guide'' (SMM:8) and
the sample
.Xr sendmail
configuration files in
.Pn /usr/src/usr.sbin/sendmail/cf .
The aliases file,
.Pn /etc/aliases
has also been changed to add certain well-known addresses.
.Sh 3 "Shadow password files"
.PP
The password file format adds change and expiration fields
and its location has changed to protect
the encrypted passwords stored there.
The actual password file is now stored in
.Pn /etc/master.passwd .
The hashed dbm password files do not contain encrypted passwords,
but contain the file offset to the entry with the password in
.Pn /etc/master.passwd
(that is readable only by root).
Thus, the
.Fn getpwnam
and
.Fn getpwuid
functions will no longer return an encrypted password string to non-root
callers.
An old-style passwd file is created in
.Pn /etc/passwd
by the
.Xr vipw (8)
and
.Xr pwd_mkdb (8)
programs.
See also
.Xr passwd (5).
.PP
Several new users have also been added to the group of ``well-known'' users in
.Pn /etc/passwd .
The current list is:
.DS
.TS
l c.
name	number
_
root	0
daemon	1
operator	2
bin	3
games	7
uucp	66
nobody	32767
.TE
.DE
The ``daemon'' user is used for daemon processes that
do not need root privileges.
The ``operator'' user-id is used as an account for dumpers
so that they can log in without having the root password.
By placing them in the ``operator'' group, 
they can get read access to the disks.
The ``uucp'' login has existed long before \*(4B,
and is noted here just to provide a common user-id.
The password entry ``nobody'' has been added to specify
the user with least privilege.  The ``games'' user is a pseudo-user
that controls access to game programs.
.PP
After installing your updated password file, you must run
.Xr pwd_mkdb (8)
to create the password database.
Note that
.Xr pwd_mkdb (8)
is run whenever
.Xr vipw (8)
is run.
.Sh 3 "The \f(CW/var\fP filesystem"
.PP
The spooling directories saved on tape may be restored in their
eventual resting places without too much concern.  Be sure to
use the `\-p' option to
.Xr tar (1)
so that files are recreated with the same file modes.
The following commands provide a guide for copying spool and log files from
an existing system into a new
.Pn /var
filesystem.
At least the following directories should already exist on
.Pn /var :
.Pn output ,
.Pn log ,
.Pn backups
and
.Pn db .
.LP
.DS
.ft CW
SRC=/oldroot/usr

cd $SRC; tar cf - msgs preserve | (cd /var && tar xpf -)
.DE
.DS
.ft CW
# copy $SRC/spool to /var
cd $SRC/spool
tar cf - at mail rwho | (cd /var && tar xpf -)
tar cf - ftp mqueue news secretmail uucp uucppublic | \e
	(cd /var/spool && tar xpf -)
.DE
.DS
.ft CW
# everything else in spool is probably a printer area
mkdir .save
mv at ftp mail mqueue rwho secretmail uucp uucppublic .save
tar cf - * | (cd /var/spool/output && tar xpf -)
mv .save/* .
rmdir .save
.DE
.DS
.ft CW
cd /var/spool/mqueue
mv syslog.7 /var/log/maillog.7
mv syslog.6 /var/log/maillog.6
mv syslog.5 /var/log/maillog.5
mv syslog.4 /var/log/maillog.4
mv syslog.3 /var/log/maillog.3
mv syslog.2 /var/log/maillog.2
mv syslog.1 /var/log/maillog.1
mv syslog.0 /var/log/maillog.0
mv syslog /var/log/maillog
.DE
.DS
.ft CW
# move $SRC/adm to /var
cd $SRC/adm
tar cf - . | (cd /var/account && tar  xpf -)
cd /var/account
rm -f msgbuf
mv messages messages.[0-9] ../log
mv wtmp wtmp.[0-9] ../log
mv lastlog ../log
.DE
.Sh 2 "Bug fixes and changes between \*(Ps and \*(4B"
.PP
The major new facilities available in the \*(4B release are
a new virtual memory system,
the addition of ISO/OSI networking support,
a new virtual filesystem interface supporting filesystem stacking,
a freely redistributable implementation of NFS,
a log-structured filesystem,
enhancement of the local filesystems to support
files and filesystems that are up to 2^63 bytes in size,
enhanced security and system management support,
and the conversion to and addition of the IEEE Std1003.1 (``POSIX'')
facilities and many of the IEEE Std1003.2 facilities.
In addition, many new utilities and additions to the C
library are present as well.
The kernel sources have been reorganized to collect all machine-dependent
files for each architecture under one directory,
and most of the machine-independent code is now free of code
conditional on specific machines.
The user structure and process structure have been reorganized
to eliminate the statically-mapped user structure and to make most
of the process resources shareable by multiple processes.
The system and include files have been converted to be compatible
with ANSI C, including function prototypes for most of the exported
functions.
There are numerous other changes throughout the system.
.Sh 3 "Changes to the kernel"
.PP
This release includes several important structural kernel changes.
The kernel uses a new internal system call convention;
the use of global (``u-dot'') variables for parameters and error returns
has been eliminated,
and interrupted system calls no longer abort using non-local goto's (longjmp's).
A new sleep interface separates signal handling from scheduling priority,
returning characteristic errors to abort or restart the current system call.
This sleep call also passes a string describing the process state,
that is used by the ps(1) program.
The old sleep interface can be used only for non-interruptible sleeps.
The sleep interface (\fItsleep\fP) can be used at any priority,
but is only interruptible if the PCATCH flag is set.
When interrupted, \fItsleep\fP returns EINTR or ERESTART.
.PP
Many data structures that were previously statically allocated
are now allocated dynamically.
These structures include mount entries, file entries,
user open file descriptors, the process entries, the vnode table,
the name cache, and the quota structures.
.PP
To protect against indiscriminate reading or writing of kernel
memory, all writing and most reading of kernel data structures
must be done using a new ``sysctl'' interface.
The information to be accessed is described through an extensible
``Management Information Base'' (MIB) style name,
described as a dotted set of components.
A new utility,
.Xr sysctl (8),
retrieves kernel state and allows processes with appropriate
privilege to set kernel state.
.Sh 3 "Security"
.PP
The kernel runs with four different levels of security.
Any superuser process can raise the security level, but only 
.Fn init (8)
can lower it.
Security levels are defined as follows:
.IP \-1
Permanently insecure mode \- always run system in level 0 mode.
.IP "  0"
Insecure mode \- immutable and append-only flags may be turned off.
All devices may be read or written subject to their permissions.
.IP "  1"
Secure mode \- immutable and append-only flags may not be cleared;
disks for mounted filesystems,
.Pn /dev/mem ,
and
.Pn /dev/kmem
are read-only.
.IP "  2"
Highly secure mode \- same as secure mode, plus disks are always
read-only whether mounted or not.
This level precludes tampering with filesystems by unmounting them,
but also inhibits running
.Xr newfs (8)
while the system is multi-user.
See
.Xr chflags (1)
and the \-\fBo\fP option to 
.Xr ls (1)
for information on setting and displaying the immutable and append-only
flags.
.PP
Normally, the system runs in level 0 mode while single user
and in level 1 mode while multiuser.
If the level 2 mode is desired while running multiuser,
it can be set in the startup script
.Pn /etc/rc
using
.Xr sysctl (1).
If it is desired to run the system in level 0 mode while multiuser,
the administrator must build a kernel with the variable
.Li securelevel
in the kernel source file
.Pn /sys/kern/kern_sysctl.c
initialized to \-1.
.Sh 4 "Virtual memory changes"
.PP
The new virtual memory implementation is derived from the Mach
operating system developed at Carnegie-Mellon,
and was ported to the BSD kernel at the University of Utah.
It is based on the 2.0 release of Mach
(with some bug fixes from the 2.5 and 3.0 releases)
and retains many of its essential features such as
the separation of the machine dependent and independent layers
(the ``pmap'' interface),
efficient memory utilization using copy-on-write
and other lazy-evaluation techniques,
and support for large, sparse address spaces.
It does not include the ``external pager'' interface instead using
a primitive internal pager interface.
The Mach virtual memory system call interface has been replaced with the
``mmap''-based interface described in the ``Berkeley Software
Architecture Manual'' (see UNIX Programmer's Manual,
Supplementary Documents, PSD:5).
The interface is similar to the interfaces shipped
by several commercial vendors such as Sun, USL, and Convex Computer Corp.
The integration of the new virtual memory is functionally complete,
but still has serious performance problems under heavy memory load.
The internal kernel interfaces have not yet been completed
and the memory pool and buffer cache have not been merged.
Some additional caveats:
.IP \(bu
Since the code is based on the 2.0 release of Mach,
bugs and misfeatures of the BSD version should not be considered
short-comings of the current Mach virtual memory system.
.IP \(bu
Because of the disjoint virtual memory (page) and IO (buffer) caches,
it is possible to see inconsistencies if using both the mmap and
read/write interfaces on the same file simultaneously.
.IP \(bu
Swap space is allocated on-demand rather than up front and no
allocation checks are performed so it is possible to over-commit
memory and eventually deadlock.
.IP \(bu
The semantics of the
.Xr vfork (2)
system call are slightly different.
The synchronization between parent and child is preserved,
but the memory sharing aspect is not.
In practice this has been enough for backward compatibility,
but newer code should just use
.Xr fork (2).
.Sh 4 "Networking additions and changes"
.PP
The ISO/OSI Networking consists of a kernel implementation of
transport class 4 (TP-4),
connectionless networking protocol (CLNP),
and 802.3-based link-level support (hardware-compatible with Ethernet\**).
.FS
Ethernet is a trademark of the Xerox Corporation.