PageRenderTime 179ms CodeModel.GetById 21ms app.highlight 143ms RepoModel.GetById 2ms app.codeStats 0ms

/share/doc/smm/01.setup/3.t

https://bitbucket.org/freebsd/freebsd-head/
Unknown | 1994 lines | 1992 code | 2 blank | 0 comment | 0 complexity | 0d2f18479d75015e47ccc1ece64e98e0 MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1.\" Copyright (c) 1980, 1986, 1988, 1993
   2.\"	 The Regents of the University of California.  All rights reserved.
   3.\"
   4.\" Redistribution and use in source and binary forms, with or without
   5.\" modification, are permitted provided that the following conditions
   6.\" are met:
   7.\" 1. Redistributions of source code must retain the above copyright
   8.\"    notice, this list of conditions and the following disclaimer.
   9.\" 2. Redistributions in binary form must reproduce the above copyright
  10.\"    notice, this list of conditions and the following disclaimer in the
  11.\"    documentation and/or other materials provided with the distribution.
  12.\" 3. All advertising materials mentioning features or use of this software
  13.\"    must display the following acknowledgement:
  14.\"	This product includes software developed by the University of
  15.\"	California, Berkeley and its contributors.
  16.\" 4. Neither the name of the University nor the names of its contributors
  17.\"    may be used to endorse or promote products derived from this software
  18.\"    without specific prior written permission.
  19.\"
  20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  23.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  30.\" SUCH DAMAGE.
  31.\"
  32.\" $FreeBSD$
  33.\"	@(#)3.t	8.1 (Berkeley) 7/27/93
  34.\"
  35.ds lq ``
  36.ds rq ''
  37.ds RH "Upgrading a \*(Ps System
  38.ds CF \*(Dy
  39.Sh 1 "Upgrading a \*(Ps system"
  40.PP
  41This section describes the procedure for upgrading a \*(Ps
  42system to \*(4B.  This procedure may vary according to the version of
  43the system running before conversion.
  44If you are converting from a
  45System V system, some of this section will still apply (in particular,
  46the filesystem conversion).  However, many of the system configuration
  47files are different, and the executable file formats are completely
  48incompatible.
  49.PP
  50In particular be wary when using this information to upgrade
  51a \*(Ps HP300 system.
  52There are at least four different versions of ``\*(Ps'' out there:
  53.IP 1)
  54HPBSD 1.x from Utah.
  55.br
  56This was the original version of \*(Ps for HP300s from which the
  57other variants (and \*(4B) are derived.
  58It is largely a \*(Ps system with Sun's NFS 3.0 filesystem code and
  59some \*(Ps-Tahoe features (e.g. networking code).
  60Since the filesystem code is 4.2/4.3 vintage and the filesystem
  61hierarchy is largely \*(Ps, most of this section should apply.
  62.IP 2)
  63MORE/bsd from Mt. Xinu.
  64.br
  65This is a \*(Ps-Tahoe vintage system with Sun's NFS 4.0 filesystem code
  66upgraded with Tahoe UFS features.
  67The instructions for \*(Ps-Tahoe should largely apply.
  68.IP 3)
  69\*(Ps-Reno from CSRG.
  70.br
  71At least one site bootstrapped HP300 support from the Reno distribution.
  72The Reno filesystem code was somewhere between \*(Ps and \*(4B: the VFS switch
  73had been added but many of the UFS features (e.g. ``inline'' symlinks)
  74were missing.
  75The filesystem hierarchy reorganization first appeared in this release.
  76Be extremely careful following these instructions if you are
  77upgrading from the Reno distribution.
  78.IP 4)
  79HPBSD 2.0 from Utah.
  80.br
  81As if things were not bad enough already,
  82this release has the \*(4B filesystem and networking code
  83as well as some utilities, but still has a \*(Ps hierarchy.
  84No filesystem conversions are necessary for this upgrade,
  85but files will still need to be moved around.
  86.Sh 2 "Installation overview"
  87.PP
  88If you are running \*(Ps, upgrading your system
  89involves replacing your kernel and system utilities.
  90In general, there are three possible ways to install a new \*(Bs distribution:
  91(1) boot directly from the distribution tape, use it to load new binaries
  92onto empty disks, and then merge or restore any existing configuration files
  93and filesystems;
  94(2) use an existing \*(Ps or later system to extract the root and
  95.Pn /usr
  96filesystems from the distribution tape,
  97boot from the new system, then merge or restore existing
  98configuration files and filesystems; or
  99(3) extract the sources from the distribution tape onto an existing system,
 100and use that system to cross-compile and install \*(4B.
 101For this release, the second alternative is strongly advised,
 102with the third alternative reserved as a last resort.
 103In general, older binaries will continue to run under \*(4B,
 104but there are many exceptions that are on the critical path
 105for getting the system running.
 106Ideally, the new system binaries (root and
 107.Pn /usr
 108filesystems) should be installed on spare disk partitions,
 109then site-specific files should be merged into them.
 110Once the new system is up and fully merged, the previous root and
 111.Pn /usr
 112filesystems can be reused.
 113Other existing filesystems can be retained and used,
 114except that (as usual) the new
 115.Xr fsck
 116should be run before they are mounted.
 117.PP
 118It is \fBSTRONGLY\fP advised that you make full dumps of each filesystem
 119before beginning, especially any that you intend to modify in place
 120during the merge.
 121It is also desirable to run filesystem checks
 122of all filesystems to be converted to \*(4B before shutting down.
 123This is an excellent time to review your disk configuration
 124for possible tuning of the layout.
 125Most systems will need to provide a new filesystem for system use
 126mounted on
 127.Pn /var
 128(see below).
 129However, the
 130.Pn /tmp
 131filesystem can be an MFS virtual-memory-resident filesystem,
 132potentially freeing an existing disk partition.
 133(Additional swap space may be desirable as a consequence.)
 134See
 135.Xr mount_mfs (8).
 136.PP
 137The recommended installation procedure includes the following steps.
 138The order of these steps will probably vary according to local needs.
 139.IP \(bu
 140Extract root and
 141.Pn /usr
 142filesystems from the distribution tapes.
 143.IP \(bu
 144Extract kernel and/or user-level sources from the distribution tape
 145if space permits.
 146This can serve as the backup documentation as needed.
 147.IP \(bu
 148Configure and boot a kernel for the local system.
 149This can be delayed if the generic kernel from the distribution
 150supports enough hardware to proceed.
 151.IP \(bu
 152Build a skeletal
 153.Pn /var
 154filesystem (see
 155.Xr mtree (8)).
 156.IP \(bu
 157Merge site-dependent configuration files from
 158.Pn /etc
 159and
 160.Pn /usr/lib
 161into the new
 162.Pn /etc
 163directory.
 164Note that many file formats and contents have changed; see section 3.4
 165of this document.
 166.IP \(bu
 167Copy or merge files from
 168.Pn /usr/adm ,
 169.Pn /usr/spool ,
 170.Pn /usr/preserve ,
 171.Pn /usr/lib ,
 172and other locations into
 173.Pn /var .
 174.IP \(bu
 175Merge local macros, dictionaries, etc. into
 176.Pn /usr/share .
 177.IP \(bu
 178Merge and update local software to reflect the system changes.
 179.IP \(bu
 180Take off the rest of the morning, you've earned it!
 181.PP
 182Section 3.2 lists the files to be saved as part of the conversion process.
 183Section 3.3 describes the bootstrap process.
 184Section 3.4 discusses the merger of the saved files back into the new system.
 185Section 3.5 gives an overview of the major
 186bug fixes and changes between \*(Ps and \*(4B.
 187Section 3.6 provides general hints on possible problems to be
 188aware of when converting from \*(Ps to \*(4B.
 189.Sh 2 "Files to save"
 190.PP
 191The following list enumerates the standard set of files you will want to
 192save and suggests directories in which site-specific files should be present.
 193This list will likely be augmented with non-standard files you
 194have added to your system.
 195If you do not have enough space to create parallel
 196filesystems, you should create a
 197.Xr tar
 198image of the following files before the new filesystems are created.
 199The rest of this subsection describes where theses files
 200have moved and how they have changed.
 201.TS
 202lfC c l.
 203/.cshrc	\(dg	root csh startup script (moves to \f(CW/root/.cshrc\fP)
 204/.login	\(dg	root csh login script (moves to \f(CW/root/.login\fP)
 205/.profile	\(dg	root sh startup script (moves to \f(CW/root/.profile\fP)
 206/.rhosts	\(dg	for trusted machines and users (moves to \f(CW/root/.rhosts\fP)
 207/etc/disktab	\(dd	in case you changed disk partition sizes
 208/etc/fstab	*	disk configuration data
 209/etc/ftpusers	\(dg	for local additions
 210/etc/gettytab	\(dd	getty database
 211/etc/group	*	group data base
 212/etc/hosts	\(dg	for local host information
 213/etc/hosts.equiv	\(dg	for local host equivalence information
 214/etc/hosts.lpd	\(dg	printer access file
 215/etc/inetd.conf	*	Internet services configuration data
 216/etc/named*	\(dg	named configuration files
 217/etc/netstart	\(dg	network initialization
 218/etc/networks	\(dg	for local network information
 219/etc/passwd	*	user data base
 220/etc/printcap	*	line printer database
 221/etc/protocols	\(dd	in case you added any local protocols
 222/etc/rc	*	for any local additions
 223/etc/rc.local	*	site specific system startup commands
 224/etc/remote	\(dg	auto-dialer configuration
 225/etc/services	\(dd	for local additions
 226/etc/shells	\(dd	list of valid shells
 227/etc/syslog.conf	*	system logger configuration
 228/etc/securettys	*	merged into ttys
 229/etc/ttys	*	terminal line configuration data
 230/etc/ttytype	*	merged into ttys
 231/etc/termcap	\(dd	for any local entries that may have been added
 232/lib	\(dd	for any locally developed language processors
 233/usr/dict/*	\(dd	for local additions to words and papers
 234/usr/include/*	\(dd	for local additions
 235/usr/lib/aliases	*	mail forwarding data base (moves to \f(CW/etc/aliases\fP)
 236/usr/lib/crontab	*	cron daemon data base (moves to \f(CW/etc/crontab\fP)
 237/usr/lib/crontab.local	*	local cron daemon data base (moves to \f(CW/etc/crontab.local\fP)
 238/usr/lib/lib*.a	\(dg	for local libraries
 239/usr/lib/mail.rc	\(dg	system-wide mail(1) initialization (moves to \f(CW/etc/mail.rc\fP)
 240/usr/lib/sendmail.cf	*	sendmail configuration (moves to \f(CW/etc/sendmail.cf\fP)
 241/usr/lib/tmac/*	\(dd	for locally developed troff/nroff macros (moves to \f(CW/usr/share/tmac/*\fP)
 242/usr/lib/uucp/*	\(dg	for local uucp configuration files
 243/usr/man/manl	*	for manual pages for locally developed programs (moves to \f(CW/usr/local/man\fP)
 244/usr/spool/*	\(dg	for current mail, news, uucp files, etc. (moves to \f(CW/var/spool\fP)
 245/usr/src/local	\(dg	for source for locally developed programs
 246/sys/conf/HOST	\(dg	configuration file for your machine (moves to \f(CW/sys/<arch>/conf\fP)
 247/sys/conf/files.HOST	\(dg	list of special files in your kernel (moves to \f(CW/sys/<arch>/conf\fP)
 248/*/quotas	*	filesystem quota files (moves to \f(CW/*/quotas.user\fP)
 249.TE
 250.DS
 251\(dg\|Files that can be used from \*(Ps without change.
 252\(dd\|Files that need local changes merged into \*(4B files.
 253*\|Files that require special work to merge and are discussed in section 3.4.
 254.DE
 255.Sh 2 "Installing \*(4B"
 256.PP
 257The next step is to build a working \*(4B system.
 258This can be done by following the steps in section 2 of
 259this document for extracting the root and
 260.Pn /usr
 261filesystems from the distribution tape onto unused disk partitions.
 262For the SPARC, the root filesystem dump on the tape could also be
 263extracted directly.
 264For the HP300 and DECstation, the raw disk image can be copied
 265into an unused partition and this partition can then be dumped
 266to create an image that can be restored.
 267The exact procedure chosen will depend on the disk configuration
 268and the number of suitable disk partitions that may be used.
 269It is also desirable to run filesystem checks
 270of all filesystems to be converted to \*(4B before shutting down.
 271In any case, this is an excellent time to review your disk configuration
 272for possible tuning of the layout.
 273Section 2.5 and
 274.Xr config (8)
 275are required reading.
 276.LP
 277The filesystem in \*(4B has been reorganized in an effort to
 278meet several goals:
 279.IP 1)
 280The root filesystem should be small.
 281.IP 2)
 282There should be a per-architecture centrally-shareable read-only
 283.Pn /usr
 284filesystem.
 285.IP 3)
 286Variable per-machine directories should be concentrated below
 287a single mount point named
 288.Pn /var .
 289.IP 4)
 290Site-wide machine independent shareable text files should be separated
 291from architecture specific binary files and should be concentrated below
 292a single mount point named
 293.Pn /usr/share .
 294.LP
 295These goals are realized with the following general layouts.
 296The reorganized root filesystem has the following directories:
 297.TS
 298lfC l.
 299/etc	(config files)
 300/bin	(user binaries needed when single-user)
 301/sbin	(root binaries needed when single-user)
 302/local	(locally added binaries used only by this machine)
 303/tmp	(mount point for memory based filesystem)
 304/dev	(local devices)
 305/home	(mount point for AMD)
 306/var	(mount point for per-machine variable directories)
 307/usr	(mount point for multiuser binaries and files)
 308.TE
 309.LP
 310The reorganized
 311.Pn /usr
 312filesystem has the following directories:
 313.TS
 314lfC l.
 315/usr/bin	(user binaries)
 316/usr/contrib	(software contributed to \*(4B)
 317/usr/games	(binaries for games, score files in \f(CW/var\fP)
 318/usr/include	(standard include files)
 319/usr/lib	(lib*.a from old \f(CW/usr/lib\fP)
 320/usr/libdata	(databases from old \f(CW/usr/lib\fP)
 321/usr/libexec	(executables from old \f(CW/usr/lib\fP)
 322/usr/local	(locally added binaries used site-wide)
 323/usr/old	(deprecated binaries)
 324/usr/sbin	(root binaries)
 325/usr/share	(mount point for site-wide shared text)
 326/usr/src	(mount point for sources)
 327.TE
 328.LP
 329The reorganized
 330.Pn /usr/share
 331filesystem has the following directories:
 332.TS
 333lfC l.
 334/usr/share/calendar	(various useful calendar files)
 335/usr/share/dict	(dictionaries)
 336/usr/share/doc	(\*(4B manual sources)
 337/usr/share/games	(games text files)
 338/usr/share/groff_font	(groff font information)
 339/usr/share/man	(typeset manual pages)
 340/usr/share/misc	(dumping ground for random text files)
 341/usr/share/mk	(templates for \*(4B makefiles)
 342/usr/share/skel	(template user home directory files)
 343/usr/share/tmac	(various groff macro packages)
 344/usr/share/zoneinfo	(information on time zones)
 345.TE
 346.LP
 347The reorganized
 348.Pn /var
 349filesystem has the following directories:
 350.TS
 351lfC l.
 352/var/account	(accounting files, formerly \f(CW/usr/adm\fP)
 353/var/at	(\fIat\fP\|(1) spooling area)
 354/var/backups	(backups of system files)
 355/var/crash	(crash dumps)
 356/var/db	(system-wide databases, e.g. tags)
 357/var/games	(score files)
 358/var/log	(log files)
 359/var/mail	(users mail)
 360/var/obj	(hierarchy to build \f(CW/usr/src\fP)
 361/var/preserve	(preserve area for vi)
 362/var/quotas	(directory to store quota files)
 363/var/run	(directory to store *.pid files)
 364/var/rwho	(rwho databases)
 365/var/spool/ftp	(home directory for anonymous ftp)
 366/var/spool/mqueue	(sendmail spooling directory)
 367/var/spool/news	(news spooling area)
 368/var/spool/output	(printer spooling area)
 369/var/spool/uucp	(uucp spooling area)
 370/var/tmp	(disk-based temporary directory)
 371/var/users	(root of per-machine user home directories)
 372.TE
 373.PP
 374The \*(4B bootstrap routines pass the identity of the boot device
 375through to the kernel.
 376The kernel then uses that device as its root filesystem.
 377Thus, for example, if you boot from
 378.Pn /dev/\*(Dk1a ,
 379the kernel will use
 380.Pn \*(Dk1a
 381as its root filesystem. If
 382.Pn /dev/\*(Dk1b
 383is configured as a swap partition,
 384it will be used as the initial swap area,
 385otherwise the normal primary swap area (\c
 386.Pn /dev/\*(Dk0b )
 387will be used.
 388The \*(4B bootstrap is backward compatible with \*(Ps,
 389so you can replace your old bootstrap if you use it
 390to boot your first \*(4B kernel.
 391However, the \*(Ps bootstrap cannot access \*(4B filesystems,
 392so if you plan to convert your filesystems to \*(4B,
 393you must install a new bootstrap \fIbefore\fP doing the conversion.
 394Note that SPARC users cannot build a \*(4B compatible version
 395of the bootstrap, so must \fInot\fP convert their root filesystem
 396to the new \*(4B format.
 397.PP
 398Once you have extracted the \*(4B system and booted from it,
 399you will have to build a kernel customized for your configuration.
 400If you have any local device drivers,
 401they will have to be incorporated into the new kernel.
 402See section 4.1.3 and ``Building 4.3BSD UNIX Systems with Config'' (SMM:2).
 403.PP
 404If converting from \*(Ps, your old filesystems should be converted.
 405If you've modified the partition
 406sizes from the original \*(Ps ones, and are not already using the
 407\*(4B disk labels, you will have to modify the default disk partition
 408tables in the kernel.  Make the necessary table changes and boot
 409your custom kernel \fBBEFORE\fP trying to access any of your old
 410filesystems!  After doing this, if necessary, the remaining filesystems
 411may be converted in place by running the \*(4B version of
 412.Xr fsck (8)
 413on each filesystem and allowing it to make the necessary corrections.
 414The new version of
 415.Xr fsck
 416is more strict about the size of directories than
 417the version supplied with \*(Ps.
 418Thus the first time that it is run on a \*(Ps filesystem,
 419it will produce messages of the form:
 420.DS
 421\fBDIRECTORY ...: LENGTH\fP xx \fBNOT MULTIPLE OF 512 (ADJUSTED)\fP
 422.DE
 423Length ``xx'' will be the size of the directory;
 424it will be expanded to the next multiple of 512 bytes.
 425The new
 426.Xr fsck
 427will also set default \fIinterleave\fP and
 428\fInpsect\fP (number of physical sectors per track) values on older
 429filesystems, in which these fields were unused spares; this correction
 430will produce messages of the form:
 431.DS
 432\fBIMPOSSIBLE INTERLEAVE=0 IN SUPERBLOCK (SET TO DEFAULT)\fP\**
 433\fBIMPOSSIBLE NPSECT=0 IN SUPERBLOCK (SET TO DEFAULT)\fP
 434.DE
 435.FS
 436The defaults are to set \fIinterleave\fP to 1 and
 437\fInpsect\fP to \fInsect\fP.
 438This is correct on most drives;
 439it affects only performance (usually virtually unmeasurably).
 440.FE
 441Filesystems that have had their interleave and npsect values
 442set will be diagnosed by the old
 443.Xr fsck
 444as having a bad superblock; the old
 445.Xr fsck
 446will run only if given an alternate superblock
 447(\fIfsck \-b32\fP),
 448in which case it will re-zero these fields.
 449The \*(4B kernel will internally set these fields to their defaults
 450if fsck has not done so; again, the \fI\-b32\fP option may be
 451necessary for running the old
 452.Xr fsck .
 453.PP
 454In addition, \*(4B removes several limits on filesystem sizes
 455that were present in \*(Ps.
 456The limited filesystems
 457continue to work in \*(4B, but should be converted
 458as soon as it is convenient
 459by running
 460.Xr fsck
 461with the \fI\-c 2\fP option.
 462The sequence \fIfsck \-p \-c 2\fP will update them all,
 463fix the interleave and npsect fields,
 464fix any incorrect directory lengths,
 465expand maximum uid's and gid's to 32-bits,
 466place symbolic links less than 60 bytes into their inode,
 467and fill in directory type fields all at once.
 468The new filesystem formats are incompatible with older systems.
 469If you wish to continue using these filesystems with the older
 470systems you should make only the compatible changes using
 471\fIfsck \-c 1\fP.
 472.Sh 2 "Merging your files from \*(Ps into \*(4B"
 473.PP
 474When your system is booting reliably and you have the \*(4B root and
 475.Pn /usr
 476filesystems fully installed you will be ready
 477to continue with the next step in the conversion process,
 478merging your old files into the new system.
 479.PP
 480If you saved the files on a
 481.Xr tar
 482tape, extract them into a scratch directory, say
 483.Pn /usr/convert :
 484.DS
 485\fB#\fP \fImkdir /usr/convert\fP
 486\fB#\fP \fIcd /usr/convert\fP
 487\fB#\fP \fItar xp\fP
 488.DE
 489.PP
 490The data files marked in the previous table with a dagger (\(dg)
 491may be used without change from the previous system.
 492Those data files marked with a double dagger (\(dd) have syntax
 493changes or substantial enhancements.
 494You should start with the \*(4B version and carefully
 495integrate any local changes into the new file.
 496Usually these local changes can be incorporated
 497without conflict into the new file;
 498some exceptions are noted below.
 499The files marked with an asterisk (*) require
 500particular attention and are discussed below.
 501.PP
 502As described in section 3.3,
 503the most immediately obvious change in \*(4B is the reorganization
 504of the system filesystems.
 505Users of certain recent vendor releases have seen this general organization,
 506although \*(4B takes the reorganization a bit further.
 507The directories most affected are
 508.Pn /etc ,
 509that now contains only system configuration files;
 510.Pn /var ,
 511a new filesystem containing per-system spool and log files; and
 512.Pn /usr/share,
 513that contains most of the text files shareable across architectures
 514such as documentation and macros.
 515System administration programs formerly in
 516.Pn /etc
 517are now found in
 518.Pn /sbin
 519and
 520.Pn /usr/sbin .
 521Various programs and data files formerly in
 522.Pn /usr/lib
 523are now found in
 524.Pn /usr/libexec
 525and
 526.Pn /usr/libdata ,
 527respectively.
 528Administrative files formerly in
 529.Pn /usr/adm
 530are in
 531.Pn /var/account
 532and, similarly, log files are now in
 533.Pn /var/log .
 534The directory
 535.Pn /usr/ucb
 536has been merged into
 537.Pn /usr/bin ,
 538and the sources for programs in
 539.Pn /usr/bin
 540are in
 541.Pn /usr/src/usr.bin .
 542Other source directories parallel the destination directories;
 543.Pn /usr/src/etc
 544has been greatly expanded, and
 545.Pn /usr/src/share
 546is new.
 547The source for the manual pages, in general, are with the source
 548code for the applications they document.
 549Manual pages not closely corresponding to an application program
 550are found in
 551.Pn /usr/src/share/man .
 552The locations of all man pages is listed in
 553.Pn /usr/src/share/man/man0/man[1-8] .
 554The manual page
 555.Xr hier (7)
 556has been updated and made more detailed;
 557it is included in the printed documentation.
 558You should review it to familiarize yourself with the new layout.
 559.PP
 560A new utility,
 561.Xr mtree (8),
 562is provided to build and check filesystem hierarchies
 563with the proper contents, owners and permissions.
 564Scripts are provided in
 565.Pn /etc/mtree
 566(and
 567.Pn /usr/src/etc/mtree )
 568for the root,
 569.Pn /usr
 570and
 571.Pn /var
 572filesystems.
 573Once a filesystem has been made for
 574.Pn /var ,
 575.Xr mtree
 576can be used to create a directory hierarchy there
 577or you can simply use tar to extract the prototype from
 578the second file of the distribution tape.
 579.Sh 3 "Changes in the \f(CW/etc\fP directory"
 580.PP
 581The
 582.Pn /etc
 583directory now contains nearly all the host-specific configuration
 584files.
 585Note that some file formats have changed,
 586and those configuration files containing pathnames are nearly all affected
 587by the reorganization.
 588See the examples provided in
 589.Pn /etc
 590(installed from
 591.Pn /usr/src/etc )
 592as a guide.
 593The following table lists some of the local configuration files
 594whose locations and/or contents have changed.
 595.TS
 596l l l
 597lfC lfC l.
 598\*(Ps and Earlier	\*(4B	Comments
 599_	_	_
 600/etc/fstab	/etc/fstab	new format; see below
 601/etc/inetd.conf	/etc/inetd.conf	pathnames of executables changed
 602/etc/printcap	/etc/printcap	pathnames changed
 603/etc/syslog.conf	/etc/syslog.conf	pathnames of log files changed
 604/etc/ttys	/etc/ttys	pathnames of executables changed
 605/etc/passwd	/etc/master.passwd	new format; see below
 606/usr/lib/sendmail.cf	/etc/sendmail.cf	changed pathnames
 607/usr/lib/aliases	/etc/aliases	may contain changed pathnames
 608/etc/*.pid	/var/run/*.pid
 609
 610.T&
 611l l l
 612lfC lfC l.
 613New in \*(Ps-Tahoe	\*(4B	Comments
 614_	_	_
 615/usr/games/dm.config	/etc/dm.conf	configuration for games (see \fIdm\fP\|(8))
 616/etc/zoneinfo/localtime	/etc/localtime	timezone configuration
 617/etc/zoneinfo	/usr/share/zoneinfo	timezone configuration
 618.TE
 619.ne 1.5i
 620.TS
 621l l l
 622lfC lfC l.
 623	New in \*(4B	Comments
 624_	_	_
 625	/etc/aliases.db	database version of the aliases file
 626	/etc/amd-home	location database of home directories
 627	/etc/amd-vol	location database of exported filesystems
 628	/etc/changelist	\f(CW/etc/security\fP files to back up
 629	/etc/csh.cshrc	system-wide csh(1) initialization file
 630	/etc/csh.login	system-wide csh(1) login file
 631	/etc/csh.logout	system-wide csh(1) logout file
 632	/etc/disklabels	directory for saving disklabels
 633	/etc/exports	NFS list of export permissions
 634	/etc/ftpwelcome	message displayed for ftp users; see ftpd(8)
 635	/etc/man.conf	lists directories searched by \fIman\fP\|(1)
 636	/etc/mtree	directory for local mtree files; see mtree(8)
 637	/etc/netgroup	NFS group list used in \f(CW/etc/exports\fP
 638	/etc/pwd.db	non-secure hashed user data base file
 639	/etc/spwd.db	secure hashed user data base file
 640	/etc/security	daily system security checker
 641.TE
 642.PP
 643System security changes require adding several new ``well-known'' groups to
 644.Pn /etc/group .
 645The groups that are needed by the system as distributed are:
 646.TS
 647l n l.
 648name	number	purpose
 649_
 650wheel	0	users allowed superuser privilege
 651daemon	1	processes that need less than wheel privilege
 652kmem	2	read access to kernel memory
 653sys	3	access to kernel sources
 654tty	4	access to terminals
 655operator	5	read access to raw disks
 656bin	7	group for system binaries
 657news	8	group for news
 658wsrc	9	write access to sources
 659games	13	access to games
 660staff	20	system staff
 661guest	31	system guests
 662nobody	39	the least privileged group
 663utmp	45	access to utmp files
 664dialer	117	access to remote ports and dialers
 665.TE
 666Only users in the ``wheel'' group are permitted to
 667.Xr su
 668to ``root''.
 669Most programs that manage directories in
 670.Pn /var/spool
 671now run set-group-id to ``daemon'' so that users cannot
 672directly access the files in the spool directories.
 673The special files that access kernel memory,
 674.Pn /dev/kmem
 675and
 676.Pn /dev/mem ,
 677are made readable only by group ``kmem''.
 678Standard system programs that require this access are
 679made set-group-id to that group.
 680The group ``sys'' is intended to control access to kernel sources,
 681and other sources belong to group ``wsrc.''
 682Rather than make user terminals writable by all users,
 683they are now placed in group ``tty'' and made only group writable.
 684Programs that should legitimately have access to write on user terminals
 685such as
 686.Xr talkd
 687and
 688.Xr write
 689now run set-group-id to ``tty''.
 690The ``operator'' group controls access to disks.
 691By default, disks are readable by group ``operator'',
 692so that programs such as
 693.Xr dump
 694can access the filesystem information without being set-user-id to ``root''.
 695The
 696.Xr shutdown (8)
 697program is executable only by group operator
 698and is setuid to root so that members of group operator may shut down
 699the system without root access.
 700.PP
 701The ownership and modes of some directories have changed.
 702The
 703.Xr at
 704programs now run set-user-id ``root'' instead of ``daemon.''
 705Also, the uucp directory no longer needs to be publicly writable,
 706as
 707.Xr tip
 708reverts to privileged status to remove its lock files.
 709After copying your version of
 710.Pn /var/spool ,
 711you should do:
 712.DS
 713\fB#\fP \fIchown \-R root /var/spool/at\fP
 714\fB#\fP \fIchown \-R uucp:daemon /var/spool/uucp\fP
 715\fB#\fP \fIchmod \-R o\-w /var/spool/uucp\fP
 716.DE
 717.PP
 718The format of the cron table,
 719.Pn /etc/crontab ,
 720has been changed to specify the user-id that should be used to run a process.
 721The userid ``nobody'' is frequently useful for non-privileged programs.
 722Local changes are now put in a separate file,
 723.Pn /etc/crontab.local .
 724.PP
 725Some of the commands previously in
 726.Pn /etc/rc.local
 727have been moved to
 728.Pn /etc/rc ;
 729several new functions are now handled by
 730.Pn /etc/rc ,
 731.Pn /etc/netstart
 732and
 733.Pn /etc/rc.local .
 734You should look closely at the prototype version of these files
 735and read the manual pages for the commands contained in it
 736before trying to merge your local copy.
 737Note in particular that
 738.Xr ifconfig
 739has had many changes,
 740and that host names are now fully specified as domain-style names
 741(e.g., vangogh.CS.Berkeley.EDU) for the benefit of the name server.
 742.PP
 743Some of the commands previously in
 744.Pn /etc/daily
 745have been moved to
 746.Pn /etc/security ,
 747and several new functions have been added to
 748.Pn /etc/security
 749to do nightly security checks on the system.
 750The script
 751.Pn /etc/daily
 752runs
 753.Pn /etc/security
 754each night, and mails the output to the super-user.
 755Some of the checks done by
 756.Pn /etc/security
 757are:
 758.DS
 759\(bu Syntax errors in the password and group files.
 760\(bu Duplicate user and group names and id's.
 761\(bu Dangerous search paths and umask values for the superuser.
 762\(bu Dangerous values in various initialization files.
 763\(bu Dangerous .rhosts files.
 764\(bu Dangerous directory and file ownership or permissions.
 765\(bu Globally exported filesystems.
 766\(bu Dangerous owners or permissions for special devices.
 767.DE
 768In addition, it reports any changes to setuid and setgid files, special
 769devices, or the files in
 770.Pn /etc/changelist
 771since the last run of
 772.Pn /etc/security .
 773Backup copies of the files are saved in
 774.Pn /var/backups .
 775Finally, the system binaries are checksummed and their permissions
 776validated against the
 777.Xr mtree (8)
 778specifications in
 779.Pn /etc/mtree .
 780.PP
 781The C-library and system binaries on the distribution tape
 782are compiled with new versions of
 783.Xr gethostbyname
 784and
 785.Xr gethostbyaddr
 786that use the name server,
 787.Xr named (8).
 788If you have only a small network and are not connected
 789to a large network, you can use the distributed library routines without
 790any problems; they use a linear scan of the host table
 791.Pn /etc/hosts
 792if the name server is not running.
 793If you are on the Internet or have a large local network,
 794it is recommend that you set up
 795and use the name server.
 796For instructions on how to set up the necessary configuration files,
 797refer to ``Name Server Operations Guide for BIND'' (SMM:10).
 798Several programs rely on the host name returned by
 799.Xr gethostname
 800to determine the local domain name.
 801.PP
 802If you are using the name server, your
 803.Xr sendmail
 804configuration file will need some updates to accommodate it.
 805See the ``Sendmail Installation and Operation Guide'' (SMM:8) and
 806the sample
 807.Xr sendmail
 808configuration files in
 809.Pn /usr/src/usr.sbin/sendmail/cf .
 810The aliases file,
 811.Pn /etc/aliases
 812has also been changed to add certain well-known addresses.
 813.Sh 3 "Shadow password files"
 814.PP
 815The password file format adds change and expiration fields
 816and its location has changed to protect
 817the encrypted passwords stored there.
 818The actual password file is now stored in
 819.Pn /etc/master.passwd .
 820The hashed dbm password files do not contain encrypted passwords,
 821but contain the file offset to the entry with the password in
 822.Pn /etc/master.passwd
 823(that is readable only by root).
 824Thus, the
 825.Fn getpwnam
 826and
 827.Fn getpwuid
 828functions will no longer return an encrypted password string to non-root
 829callers.
 830An old-style passwd file is created in
 831.Pn /etc/passwd
 832by the
 833.Xr vipw (8)
 834and
 835.Xr pwd_mkdb (8)
 836programs.
 837See also
 838.Xr passwd (5).
 839.PP
 840Several new users have also been added to the group of ``well-known'' users in
 841.Pn /etc/passwd .
 842The current list is:
 843.DS
 844.TS
 845l c.
 846name	number
 847_
 848root	0
 849daemon	1
 850operator	2
 851bin	3
 852games	7
 853uucp	66
 854nobody	32767
 855.TE
 856.DE
 857The ``daemon'' user is used for daemon processes that
 858do not need root privileges.
 859The ``operator'' user-id is used as an account for dumpers
 860so that they can log in without having the root password.
 861By placing them in the ``operator'' group,
 862they can get read access to the disks.
 863The ``uucp'' login has existed long before \*(4B,
 864and is noted here just to provide a common user-id.
 865The password entry ``nobody'' has been added to specify
 866the user with least privilege.  The ``games'' user is a pseudo-user
 867that controls access to game programs.
 868.PP
 869After installing your updated password file, you must run
 870.Xr pwd_mkdb (8)
 871to create the password database.
 872Note that
 873.Xr pwd_mkdb (8)
 874is run whenever
 875.Xr vipw (8)
 876is run.
 877.Sh 3 "The \f(CW/var\fP filesystem"
 878.PP
 879The spooling directories saved on tape may be restored in their
 880eventual resting places without too much concern.  Be sure to
 881use the `\-p' option to
 882.Xr tar (1)
 883so that files are recreated with the same file modes.
 884The following commands provide a guide for copying spool and log files from
 885an existing system into a new
 886.Pn /var
 887filesystem.
 888At least the following directories should already exist on
 889.Pn /var :
 890.Pn output ,
 891.Pn log ,
 892.Pn backups
 893and
 894.Pn db .
 895.LP
 896.DS
 897.ft CW
 898SRC=/oldroot/usr
 899
 900cd $SRC; tar cf - msgs preserve | (cd /var && tar xpf -)
 901.DE
 902.DS
 903.ft CW
 904# copy $SRC/spool to /var
 905cd $SRC/spool
 906tar cf - at mail rwho | (cd /var && tar xpf -)
 907tar cf - ftp mqueue news secretmail uucp uucppublic | \e
 908	(cd /var/spool && tar xpf -)
 909.DE
 910.DS
 911.ft CW
 912# everything else in spool is probably a printer area
 913mkdir .save
 914mv at ftp mail mqueue rwho secretmail uucp uucppublic .save
 915tar cf - * | (cd /var/spool/output && tar xpf -)
 916mv .save/* .
 917rmdir .save
 918.DE
 919.DS
 920.ft CW
 921cd /var/spool/mqueue
 922mv syslog.7 /var/log/maillog.7
 923mv syslog.6 /var/log/maillog.6
 924mv syslog.5 /var/log/maillog.5
 925mv syslog.4 /var/log/maillog.4
 926mv syslog.3 /var/log/maillog.3
 927mv syslog.2 /var/log/maillog.2
 928mv syslog.1 /var/log/maillog.1
 929mv syslog.0 /var/log/maillog.0
 930mv syslog /var/log/maillog
 931.DE
 932.DS
 933.ft CW
 934# move $SRC/adm to /var
 935cd $SRC/adm
 936tar cf - . | (cd /var/account && tar  xpf -)
 937cd /var/account
 938rm -f msgbuf
 939mv messages messages.[0-9] ../log
 940mv wtmp wtmp.[0-9] ../log
 941mv lastlog ../log
 942.DE
 943.Sh 2 "Bug fixes and changes between \*(Ps and \*(4B"
 944.PP
 945The major new facilities available in the \*(4B release are
 946a new virtual memory system,
 947the addition of ISO/OSI networking support,
 948a new virtual filesystem interface supporting filesystem stacking,
 949a freely redistributable implementation of NFS,
 950a log-structured filesystem,
 951enhancement of the local filesystems to support
 952files and filesystems that are up to 2^63 bytes in size,
 953enhanced security and system management support,
 954and the conversion to and addition of the IEEE Std1003.1 (``POSIX'')
 955facilities and many of the IEEE Std1003.2 facilities.
 956In addition, many new utilities and additions to the C
 957library are present as well.
 958The kernel sources have been reorganized to collect all machine-dependent
 959files for each architecture under one directory,
 960and most of the machine-independent code is now free of code
 961conditional on specific machines.
 962The user structure and process structure have been reorganized
 963to eliminate the statically-mapped user structure and to make most
 964of the process resources shareable by multiple processes.
 965The system and include files have been converted to be compatible
 966with ANSI C, including function prototypes for most of the exported
 967functions.
 968There are numerous other changes throughout the system.
 969.Sh 3 "Changes to the kernel"
 970.PP
 971This release includes several important structural kernel changes.
 972The kernel uses a new internal system call convention;
 973the use of global (``u-dot'') variables for parameters and error returns
 974has been eliminated,
 975and interrupted system calls no longer abort using non-local goto's (longjmp's).
 976A new sleep interface separates signal handling from scheduling priority,
 977returning characteristic errors to abort or restart the current system call.
 978This sleep call also passes a string describing the process state,
 979that is used by the ps(1) program.
 980The old sleep interface can be used only for non-interruptible sleeps.
 981The sleep interface (\fItsleep\fP) can be used at any priority,
 982but is only interruptible if the PCATCH flag is set.
 983When interrupted, \fItsleep\fP returns EINTR or ERESTART.
 984.PP
 985Many data structures that were previously statically allocated
 986are now allocated dynamically.
 987These structures include mount entries, file entries,
 988user open file descriptors, the process entries, the vnode table,
 989the name cache, and the quota structures.
 990.PP
 991To protect against indiscriminate reading or writing of kernel
 992memory, all writing and most reading of kernel data structures
 993must be done using a new ``sysctl'' interface.
 994The information to be accessed is described through an extensible
 995``Management Information Base'' (MIB) style name,
 996described as a dotted set of components.
 997A new utility,
 998.Xr sysctl (8),
 999retrieves kernel state and allows processes with appropriate
1000privilege to set kernel state.
1001.Sh 3 "Security"
1002.PP
1003The kernel runs with four different levels of security.
1004Any superuser process can raise the security level, but only
1005.Fn init (8)
1006can lower it.
1007Security levels are defined as follows:
1008.IP \-1
1009Permanently insecure mode \- always run system in level 0 mode.
1010.IP "  0"
1011Insecure mode \- immutable and append-only flags may be turned off.
1012All devices may be read or written subject to their permissions.
1013.IP "  1"
1014Secure mode \- immutable and append-only flags may not be cleared;
1015disks for mounted filesystems,
1016.Pn /dev/mem ,
1017and
1018.Pn /dev/kmem
1019are read-only.
1020.IP "  2"
1021Highly secure mode \- same as secure mode, plus disks are always
1022read-only whether mounted or not.
1023This level precludes tampering with filesystems by unmounting them,
1024but also inhibits running
1025.Xr newfs (8)
1026while the system is multi-user.
1027See
1028.Xr chflags (1)
1029and the \-\fBo\fP option to
1030.Xr ls (1)
1031for information on setting and displaying the immutable and append-only
1032flags.
1033.PP
1034Normally, the system runs in level 0 mode while single user
1035and in level 1 mode while multiuser.
1036If the level 2 mode is desired while running multiuser,
1037it can be set in the startup script
1038.Pn /etc/rc
1039using
1040.Xr sysctl (1).
1041If it is desired to run the system in level 0 mode while multiuser,
1042the administrator must build a kernel with the variable
1043.Li securelevel
1044in the kernel source file
1045.Pn /sys/kern/kern_sysctl.c
1046initialized to \-1.
1047.Sh 4 "Virtual memory changes"
1048.PP
1049The new virtual memory implementation is derived from the Mach
1050operating system developed at Carnegie-Mellon,
1051and was ported to the BSD kernel at the University of Utah.
1052It is based on the 2.0 release of Mach
1053(with some bug fixes from the 2.5 and 3.0 releases)
1054and retains many of its essential features such as
1055the separation of the machine dependent and independent layers
1056(the ``pmap'' interface),
1057efficient memory utilization using copy-on-write
1058and other lazy-evaluation techniques,
1059and support for large, sparse address spaces.
1060It does not include the ``external pager'' interface instead using
1061a primitive internal pager interface.
1062The Mach virtual memory system call interface has been replaced with the
1063``mmap''-based interface described in the ``Berkeley Software
1064Architecture Manual'' (see UNIX Programmer's Manual,
1065Supplementary Documents, PSD:5).
1066The interface is similar to the interfaces shipped
1067by several commercial vendors such as Sun, USL, and Convex Computer Corp.
1068The integration of the new virtual memory is functionally complete,
1069but still has serious performance problems under heavy memory load.
1070The internal kernel interfaces have not yet been completed
1071and the memory pool and buffer cache have not been merged.
1072Some additional caveats:
1073.IP \(bu
1074Since the code is based on the 2.0 release of Mach,
1075bugs and misfeatures of the BSD version should not be considered
1076short-comings of the current Mach virtual memory system.
1077.IP \(bu
1078Because of the disjoint virtual memory (page) and IO (buffer) caches,
1079it is possible to see inconsistencies if using both the mmap and
1080read/write interfaces on the same file simultaneously.
1081.IP \(bu
1082Swap space is allocated on-demand rather than up front and no
1083allocation checks are performed so it is possible to over-commit
1084memory and eventually deadlock.
1085.IP \(bu
1086The semantics of the
1087.Xr vfork (2)
1088system call are slightly different.
1089The synchronization between parent and child is preserved,
1090but the memory sharing aspect is not.
1091In practice this has been enough for backward compatibility,
1092but newer code should just use
1093.Xr fork (2).
1094.Sh 4 "Networking additions and changes"
1095.PP
1096The ISO/OSI Networking consists of a kernel implementation of
1097transport class 4 (TP-4),
1098connectionless networking protocol (CLNP),
1099and 802.3-based link-level support (hardware-compatible with Ethernet\**).
1100.FS
1101Ethernet is a trademark of the Xerox Corporation.
1102.FE
1103We also include support for ISO Connection-Oriented Network Service,
1104X.25, TP-0.
1105The session and presentation layers are provided outside
1106the kernel using the ISO Development Environment by Marshall Rose,
1107that is available via anonymous FTP
1108(but is not included on the distribution tape).
1109Included in this development environment are file
1110transfer and management (FTAM), virtual terminals (VT),
1111a directory services implementation (X.500),
1112and miscellaneous other utilities.
1113.PP
1114Kernel support for the ISO OSI protocols is enabled with the ISO option
1115in the kernel configuration file.
1116The
1117.Xr iso (4)
1118manual page describes the protocols and addressing;
1119see also
1120.Xr clnp (4),
1121.Xr tp (4)
1122and
1123.Xr cltp (4).
1124The OSI equivalent to ARP is ESIS (End System to Intermediate System Routing
1125Protocol); running this protocol is mandatory, however one can manually add
1126translations for machines that do not participate by use of the
1127.Xr route (8)
1128command.
1129Additional information is provided in the manual page describing
1130.Xr esis (4).
1131.PP
1132The command
1133.Xr route (8)
1134has a new syntax and several new capabilities:
1135it can install routes with a specified destination and mask,
1136and can change route characteristics such as hop count, packet size
1137and window size.
1138.PP
1139Several important enhancements have been added to the TCP/IP
1140protocols including TCP header prediction and
1141serial line IP (SLIP) with header compression.
1142The routing implementation has been completely rewritten
1143to use a hierarchical routing tree with a mask per route
1144to support the arbitrary levels of routing found in the ISO protocols.
1145The routing table also stores and caches route characteristics
1146to speed the adaptation of the throughput and congestion avoidance
1147algorithms.
1148.PP
1149The format of the
1150.I sockaddr
1151structure (the structure used to describe a generic network address with an
1152address family and family-specific data)
1153has changed from previous releases,
1154as have the address family-specific versions of this structure.
1155The
1156.I sa_family
1157family field has been split into a length,
1158.Pn sa_len ,
1159and a family,
1160.Pn sa_family .
1161System calls that pass a
1162.I sockaddr
1163structure into the kernel (e.g.
1164.Fn sendto
1165and
1166.Fn connect )
1167have a separate parameter that specifies the
1168.I sockaddr
1169length, and thus it is not necessary to fill in the
1170.I sa_len
1171field for those system calls.
1172System calls that pass a
1173.I sockaddr
1174structure back from the kernel (e.g.
1175.Fn recvfrom
1176and
1177.Fn accept )
1178receive a completely filled-in
1179.I sockaddr
1180structure, thus the length field is valid.
1181Because this would not work for old binaries,
1182the new library uses a different system call number.
1183Thus, most networking programs compiled under \*(4B are incompatible
1184with older systems.
1185.PP
1186Although this change is mostly source and binary compatible
1187with old programs, there are three exceptions.
1188Programs with statically initialized
1189.I sockaddr
1190structures
1191(usually the Internet form, a
1192.I sockaddr_in )
1193are not compatible.
1194Generally, such programs should be changed to fill in the structure
1195at run time, as C allows no way to initialize a structure without
1196assuming the order and number of fields.
1197Also, programs with use structures to describe a network packet format
1198that contain embedded
1199.I sockaddr
1200structures also require change; a definition of an
1201.I osockaddr
1202structure is provided for this purpose.
1203Finally, programs that use the
1204.Sm SIOCGIFCONF
1205ioctl to get a complete list of interface addresses
1206need to check the
1207.I sa_len
1208field when iterating through the array of addresses returned,
1209as not all the structures returned have the same length
1210(this variance in length is nearly guaranteed by the presence of link-layer
1211address structures).
1212.Sh 4 "Additions and changes to filesystems"
1213.PP
1214The \*(4B distribution contains most of the interfaces
1215specified in the IEEE Std1003.1 system interface standard.
1216Filesystem additions include IEEE Std1003.1 FIFOs,
1217byte-range file locking, and saved user and group identifiers.
1218.PP
1219A new virtual filesystem interface has been added to the
1220kernel to support multiple filesystems.
1221In comparison with other interfaces,
1222the Berkeley interface has been structured for more efficient support
1223of filesystems that maintain state (such as the local filesystem).
1224The interface has been extended with support for stackable
1225filesystems done at UCLA.
1226These extensions allow for filesystems to be layered on top of each
1227other and allow new vnode operations to be added without requiring
1228changes to existing filesystem implementations.
1229For example,
1230the umap filesystem (see
1231.Xr mount_umap (8))
1232is used to mount a sub-tree of an existing filesystem
1233that uses a different set of uids and gids than the local system.
1234Such a filesystem could be mounted from a remote site via NFS or it
1235could be a filesystem on removable media brought from some foreign
1236location that uses a different password file.
1237.PP
1238Other new filesystems that may be stacked include the loopback filesystem
1239.Xr mount_lofs (8),
1240and the kernel filesystem
1241.Xr mount_kernfs (8).
1242.PP
1243The buffer cache in the kernel is now organized as a file block cache
1244rather than a device block cache.
1245As a consequence, cached blocks from a file
1246and from the corresponding block device would no longer be kept consistent.
1247The block device thus has little remaining value.
1248Three changes have been made for these reasons:
1249.IP 1)
1250block devices may not be opened while they are mounted,
1251and may not be mounted while open, so that the two versions of cached
1252file blocks cannot be created,
1253.IP 2)
1254filesystem checks of the root now use the raw device
1255to access the root filesystem, and
1256.IP 3)
1257the root filesystem is initially mounted read-only
1258so that nothing can be written back to disk during or after change to
1259the raw filesystem by
1260.Xr fsck .
1261.LP
1262The root filesystem may be made writable while in single-user mode
1263with the command:
1264.DS
1265.ft CW
1266mount \-uw /
1267.DE
1268The mount command has an option to update the flags on a mounted filesystem,
1269including the ability to upgrade a filesystem from read-only to read-write
1270or downgrade it from read-write to read-only.
1271.PP
1272In addition to the local ``fast filesystem'',
1273we have added an implementation of the network filesystem (NFS)
1274that fully interoperates with the NFS shipped by Sun and its licensees.
1275Because our NFS implementation was implemented
1276by Rick Macklem of the University of Guelph
1277using only the publicly available NFS specification,
1278it does not require a license from Sun to use in source or binary form.
1279By default it runs over UDP to be compatible with Sun's implementation.
1280However, it can be configured on a per-mount basis to run over TCP.
1281Using TCP allows it to be used quickly and efficiently through
1282gateways and over long-haul networks.
1283Using an extended protocol, it supports Leases to allow a limited
1284callback mechanism that greatly reduces the network traffic necessary
1285to maintain cache consistency between the server and its clients.
1286Its use will be familiar to users of other implementations of NFS.
1287See the manual pages
1288.Xr mount (8),
1289.Xr mountd (8),
1290.Xr fstab (5),
1291.Xr exports (5),
1292.Xr netgroup (5),
1293.Xr nfsd (8),
1294.Xr nfsiod (8),
1295and
1296.Xr nfssvc (8).
1297and the document ``The 4.4BSD NFS Implementation'' (SMM:6)
1298for further information.
1299The format of
1300.Pn /etc/fstab
1301has changed from previous \*(Bs releases
1302to a blank-separated format to allow colons in pathnames.
1303.PP
1304A new local filesystem, the log-structured filesystem (LFS),
1305has been added to the system.
1306It provides near disk-speed output and fast crash recovery.
1307This work is based, in part, on the LFS filesystem created
1308for the Sprite operating system at Berkeley.
1309While the kernel implementation is almost complete,
1310only some of the utilities to support the
1311filesystem have been written,
1312so we do not recommend it for production use.
1313See
1314.Xr newlfs (8),
1315.Xr mount_lfs (8)
1316and
1317.Xr lfs_cleanerd (8)
1318for more information.
1319For an in-depth description of the implementation and performance
1320characteristics of log-structured filesystems in general,
1321and this one in particular, see Dr. Margo Seltzer's doctoral thesis,
1322available from the University of California Computer Science Department.
1323.PP
1324We have also added a memory-based filesystem that runs in
1325pageable memory, allowing large temporary filesystems without
1326requiring dedicated physical memory.
1327.PP
1328The local ``fast filesystem'' has been enhanced to do
1329clustering that allows large pieces of files to be
1330allocated contiguously resulting in near doubling
1331of filesystem throughput.
1332The filesystem interface has been extended to allow
1333files and filesystems to grow to 2^63 bytes in size.
1334The quota system has been rewritten to support both
1335user and group quotas (simultaneously if desired).
1336Quota expiration is based on time rather than
1337the previous metric of number of logins over quota.
1338This change makes quotas more useful on fileservers
1339onto which users seldom login.
1340.PP
1341The system security has been greatly enhanced by the
1342addition of additional file flags that permit a file to be
1343marked as immutable or append only.
1344Once set, these flags can only be cleared by the super-user
1345when the system is running in insecure mode (normally, single-user).
1346In addition to the immutable and append-only flags,
1347the filesystem supports a new user-settable flag ``nodump''.
1348(File flags are set using the
1349.Xr chflags (1)
1350utility.)
1351When set on a file,
1352.Xr dump (8)
1353will omit the file from incremental backups
1354but retain them on full backups.
1355See the ``-h'' flag to
1356.Xr dump (8)
1357for details on how to change this default.
1358The ``nodump'' flag is usually set on core dumps,
1359system crash dumps, and object files generated by the compiler.
1360Note that the flag is not preserved when files are copied
1361so that installing an object file will cause it to be preserved.
1362.PP
1363The filesystem format used in \*(4B has several additions.
1364Directory entries have an additional field,
1365.Pn d_type ,
1366that identifies the type of the entry
1367(normally found in the
1368.Pn st_mode
1369field of the
1370.Pn stat
1371structure).
1372This field is particularly useful for identifying
1373directories without the need to use
1374.Xr stat (2).
1375.PP
1376Short (less than sixty byte) symbolic links are now stored
1377in the inode itself rather than in a separate data block.
1378This saves disk space and makes access of symbolic links faster.
1379Short symbolic links are not given a special type,
1380so a user-level application is unaware of their special treatment.
1381Unlike pre-\*(4B systems, symbolic links do
1382not have an owner, group, access mode, times, etc.
1383Instead, these attributes are taken from the directory that contains the link.
1384The only attributes returned from an
1385.Xr lstat (2)
1386that refer to the symbolic link itself are the file type (S_IFLNK),
1387size, blocks, and link count

Large files files are truncated, but you can click here to view the full file