diff options
| author | Jacob McDonnell <jacob@jacobmcdonnell.com> | 2026-04-25 19:59:05 -0400 |
|---|---|---|
| committer | Jacob McDonnell <jacob@jacobmcdonnell.com> | 2026-04-25 19:59:05 -0400 |
| commit | 1f19f33e45791ea59aed048796fc68672c6723a5 (patch) | |
| tree | 54625fba89e91d1c2177801ec635e8528bba937f /static/freebsd/man7 | |
| parent | ac5e55f5f2af5b92794c2aded46c6bae85b5f5ed (diff) | |
docs: Removed Precompiled HTML
Diffstat (limited to 'static/freebsd/man7')
35 files changed, 0 insertions, 10692 deletions
diff --git a/static/freebsd/man7/arch.7 3.html b/static/freebsd/man7/arch.7 3.html deleted file mode 100644 index 8172456e..00000000 --- a/static/freebsd/man7/arch.7 3.html +++ /dev/null @@ -1,967 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">ARCH(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">ARCH(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">arch</code> — - <span class="Nd">Architecture-specific details</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">Differences between CPU architectures and platforms supported by - <span class="Ux">FreeBSD</span>.</p> -<section class="Ss"> -<h2 class="Ss" id="Introduction"><a class="permalink" href="#Introduction">Introduction</a></h2> -<p class="Pp">This document is a quick reference of key ABI details of - <span class="Ux">FreeBSD</span> architecture ports. For full details consult - the processor-specific ABI supplement documentation.</p> -<p class="Pp">If not explicitly mentioned, sizes are in bytes. The architecture - details in this document apply to <span class="Ux">FreeBSD 13.0</span> and - later, unless otherwise noted.</p> -<p class="Pp"><span class="Ux">FreeBSD</span> uses a flat address space. - Variables of types <var class="Vt">unsigned long</var>, - <var class="Vt">ptraddr_t</var>, and <var class="Vt">size_t</var> have the - same representation.</p> -<p class="Pp">In order to maximize compatibility with future pointer integrity - mechanisms, manipulations of pointers as integers should be performed via - <var class="Vt">uintptr_t</var> or <var class="Vt">intptr_t</var> and no - other types as these types are the only integer types where the C standard - guarantees that a pointer may be cast to it and then cast back to the - original type. On CHERI systems, <var class="Vt">uintptr_t</var> and - <var class="Vt">intptr_t</var> are defined as - <var class="Vt">__uintcap_t</var> and <var class="Vt">__intcap_t</var> which - represent capabilities that can be manipulated by integer operations. - Pointers should not be cast to <var class="Vt">long</var>, - <var class="Vt">ptrdiff_t</var>, or <var class="Vt">size_t</var> if they - will later be cast back to a pointer that is expected to be dereferenceable - as they remain bare integer types on all architectures.</p> -<p class="Pp">On some architectures, e.g., AIM variants of - <code class="Dv">powerpc64</code>, the kernel uses a separate address space. - On other architectures, kernel and a user mode process share a single - address space. The kernel is located at the highest addresses.</p> -<p class="Pp">On each architecture, the main user mode thread's stack starts - near the highest user address and grows down.</p> -<p class="Pp"><span class="Ux">FreeBSD</span> architecture support varies by - release. This table shows currently supported CPU architectures along with - the first <span class="Ux">FreeBSD</span> release to support each - architecture.</p> -<table class="Bl-column Bd-indent"> - <tr id="Architecture"> - <td><a class="permalink" href="#Architecture"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#Initial"><b class="Sy" id="Initial">Initial - Release</b></a></td> - </tr> - <tr> - <td>aarch64</td> - <td>11.0</td> - </tr> - <tr> - <td>aarch64c</td> - <td>16.0 (planned)</td> - </tr> - <tr> - <td>amd64</td> - <td>5.1</td> - </tr> - <tr> - <td>armv7</td> - <td>12.0</td> - </tr> - <tr> - <td>powerpc64</td> - <td>9.0</td> - </tr> - <tr> - <td>powerpc64le</td> - <td>13.0</td> - </tr> - <tr> - <td>riscv64</td> - <td>12.0</td> - </tr> - <tr> - <td>riscv64c</td> - <td>16.0 (planned)</td> - </tr> -</table> -<p class="Pp">Discontinued architectures are shown in the following table.</p> -<table class="Bl-column Bd-indent"> - <tr id="Architecture~2"> - <td><a class="permalink" href="#Architecture~2"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#Initial~2"><b class="Sy" id="Initial~2">Initial - Release</b></a></td> - <td><a class="permalink" href="#Final"><b class="Sy" id="Final">Final - Release</b></a></td> - </tr> - <tr> - <td>alpha</td> - <td>3.2</td> - <td>6.4</td> - </tr> - <tr> - <td>arm</td> - <td>6.0</td> - <td>12.4</td> - </tr> - <tr> - <td>armeb</td> - <td>8.0</td> - <td>11.4</td> - </tr> - <tr> - <td>armv6</td> - <td>10.0</td> - <td>14.x</td> - </tr> - <tr> - <td>ia64</td> - <td>5.0</td> - <td>10.4</td> - </tr> - <tr> - <td>i386</td> - <td>1.0</td> - <td>14.x</td> - </tr> - <tr> - <td>mips</td> - <td>8.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mipsel</td> - <td>9.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mipselhf</td> - <td>12.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mipshf</td> - <td>12.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mipsn32</td> - <td>9.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mips64</td> - <td>9.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mips64el</td> - <td>9.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mips64elhf</td> - <td>12.0</td> - <td>13.5</td> - </tr> - <tr> - <td>mips64hf</td> - <td>12.0</td> - <td>13.5</td> - </tr> - <tr> - <td>pc98</td> - <td>2.2</td> - <td>11.4</td> - </tr> - <tr> - <td>powerpc</td> - <td>6.0</td> - <td>14.x</td> - </tr> - <tr> - <td>powerpcspe</td> - <td>12.0</td> - <td>14.x</td> - </tr> - <tr> - <td>riscv64sf</td> - <td>12.0</td> - <td>13.5</td> - </tr> - <tr> - <td>sparc64</td> - <td>5.0</td> - <td>12.4</td> - </tr> -</table> -</section> -<section class="Ss"> -<h2 class="Ss" id="Type_sizes"><a class="permalink" href="#Type_sizes">Type - sizes</a></h2> -<p class="Pp">All <span class="Ux">FreeBSD</span> architectures use some variant - of the ELF (see <a class="Xr">elf(5)</a>) - <a class="permalink" href="#Application"><b class="Sy" id="Application">Application - Binary Interface</b></a> (ABI) for the machine processor. Supported ABIs can - be divided into three main groups:</p> -<dl class="Bl-tag"> - <dt id="ILP32"><a class="permalink" href="#ILP32"><code class="Dv">ILP32</code></a></dt> - <dd><var class="Vt">int</var>, <var class="Vt">intptr_t</var>, - <var class="Vt">long</var>, and <var class="Vt">void *</var> types machine - representations all have 4-byte size.</dd> - <dt id="LP64"><a class="permalink" href="#LP64"><code class="Dv">LP64</code></a></dt> - <dd><var class="Vt">int</var> type machine representation uses 4 bytes, while - <var class="Vt">intptr_t</var>, <var class="Vt">long</var>, and - <var class="Vt">void *</var> are 8 bytes.</dd> - <dt id="L64PC128"><a class="permalink" href="#L64PC128"><code class="Dv">L64PC128</code></a></dt> - <dd><var class="Vt">int</var> type machine representation uses 4 bytes. - <var class="Vt">long</var> type machine representation uses 8 bytes. - <var class="Vt">intptr_t</var> and <var class="Vt">void *</var> are 16 - byte capabilities.</dd> -</dl> -<p class="Pp">Some machines support more than one - <span class="Ux">FreeBSD</span> ABI. Typically these are 64-bit machines, - where the “native” <code class="Dv">LP64</code> execution - environment is accompanied by the “legacy” - <code class="Dv">ILP32</code> environment, which was the historical 32-bit - predecessor for 64-bit evolution. Examples are:</p> -<table class="Bl-column Bd-indent"> - <tr id="LP64~2"> - <td><a class="permalink" href="#LP64~2"><b class="Sy">LP64</b></a></td> - <td><b class="Sy">ILP32 counterpart</b></td> - </tr> - <tr id="amd64"> - <td><a class="permalink" href="#amd64"><code class="Dv">amd64</code></a></td> - <td><a class="permalink" href="#i386"><code class="Dv" id="i386">i386</code></a></td> - </tr> - <tr id="powerpc64"> - <td><a class="permalink" href="#powerpc64"><code class="Dv">powerpc64</code></a></td> - <td><a class="permalink" href="#powerpc"><code class="Dv" id="powerpc">powerpc</code></a></td> - </tr> - <tr id="aarch64"> - <td><a class="permalink" href="#aarch64"><code class="Dv">aarch64</code></a></td> - <td><a class="permalink" href="#armv7"><code class="Dv" id="armv7">armv7</code></a></td> - </tr> -</table> -<p class="Pp"><code class="Dv">aarch64</code> will support execution of - <code class="Dv">armv7</code> binaries if the CPU implements - <code class="Dv">AArch32</code> execution state. Binaries targeting - <code class="Dv">armv6</code> and earlier are no longer supported by - <span class="Ux">FreeBSD</span>.</p> -<p class="Pp">Architectures with 128-bit capabilities support both a - “native” <code class="Dv">L64PC128</code> execution - environment and a <code class="Dv">LP64</code> environment:</p> -<table class="Bl-column Bd-indent"> - <tr id="L64PC128~2"> - <td><a class="permalink" href="#L64PC128~2"><b class="Sy">L64PC128</b></a></td> - <td><b class="Sy">LP64 counterpart</b></td> - </tr> - <tr id="aarch64c"> - <td><a class="permalink" href="#aarch64c"><code class="Dv">aarch64c</code></a></td> - <td><a class="permalink" href="#aarch64~2"><code class="Dv" id="aarch64~2">aarch64</code></a></td> - </tr> - <tr id="riscv64c"> - <td><a class="permalink" href="#riscv64c"><code class="Dv">riscv64c</code></a></td> - <td><a class="permalink" href="#riscv64"><code class="Dv" id="riscv64">riscv64</code></a></td> - </tr> -</table> -<p class="Pp">On all supported architectures:</p> -<table class="Bl-column Bd-indent"> - <tr id="Type"> - <td><a class="permalink" href="#Type"><b class="Sy">Type</b></a></td> - <td><a class="permalink" href="#Size"><b class="Sy" id="Size">Size</b></a></td> - </tr> - <tr> - <td>short</td> - <td>2</td> - </tr> - <tr> - <td>int</td> - <td>4</td> - </tr> - <tr> - <td>long long</td> - <td>8</td> - </tr> - <tr> - <td>float</td> - <td>4</td> - </tr> - <tr> - <td>double</td> - <td>8</td> - </tr> -</table> -<p class="Pp">Integers are represented in two's complement. Alignment of integer - and pointer types is natural, that is, the address of the variable must be - congruent to zero modulo the type size. The sole exception is that - <code class="Dv">i386</code> requires only 4-byte alignment for 64-bit - integers.</p> -<p class="Pp">Machine-dependent type sizes:</p> -<table class="Bl-column Bd-indent"> - <tr id="Architecture~3"> - <td><a class="permalink" href="#Architecture~3"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#long"><b class="Sy" id="long">long</b></a></td> - <td><a class="permalink" href="#void"><b class="Sy" id="void">void - *</b></a></td> - <td><b class="Sy">long double</b></td> - <td><a class="permalink" href="#time_t"><b class="Sy" id="time_t">time_t</b></a></td> - </tr> - <tr> - <td>aarch64</td> - <td>8</td> - <td>8</td> - <td>16</td> - <td>8</td> - </tr> - <tr> - <td>aarch64c</td> - <td>8</td> - <td>16</td> - <td>16</td> - <td>8</td> - </tr> - <tr> - <td>amd64</td> - <td>8</td> - <td>8</td> - <td>16</td> - <td>8</td> - </tr> - <tr> - <td>armv7</td> - <td>4</td> - <td>4</td> - <td>8</td> - <td>8</td> - </tr> - <tr> - <td>i386</td> - <td>4</td> - <td>4</td> - <td>12</td> - <td>4</td> - </tr> - <tr> - <td>powerpc</td> - <td>4</td> - <td>4</td> - <td>8</td> - <td>8</td> - </tr> - <tr> - <td>powerpcspe</td> - <td>4</td> - <td>4</td> - <td>8</td> - <td>8</td> - </tr> - <tr> - <td>powerpc64</td> - <td>8</td> - <td>8</td> - <td>8</td> - <td>8</td> - </tr> - <tr> - <td>powerpc64le</td> - <td>8</td> - <td>8</td> - <td>8</td> - <td>8</td> - </tr> - <tr> - <td>riscv64</td> - <td>8</td> - <td>8</td> - <td>16</td> - <td>8</td> - </tr> - <tr> - <td>riscv64c</td> - <td>8</td> - <td>16</td> - <td>16</td> - <td>8</td> - </tr> -</table> -<p class="Pp"><b class="Sy">time_t</b> is 8 bytes on all supported architectures - except i386.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Endianness_and_Char_Signedness"><a class="permalink" href="#Endianness_and_Char_Signedness">Endianness - and Char Signedness</a></h2> -<table class="Bl-column Bd-indent"> - <tr id="Architecture~4"> - <td><a class="permalink" href="#Architecture~4"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#Endianness"><b class="Sy" id="Endianness">Endianness</b></a></td> - <td><a class="permalink" href="#char"><b class="Sy" id="char">char - Signedness</b></a></td> - </tr> - <tr> - <td>aarch64</td> - <td>little</td> - <td>unsigned</td> - </tr> - <tr> - <td>aarch64c</td> - <td>little</td> - <td>unsigned</td> - </tr> - <tr> - <td>amd64</td> - <td>little</td> - <td>signed</td> - </tr> - <tr> - <td>armv7</td> - <td>little</td> - <td>unsigned</td> - </tr> - <tr> - <td>i386</td> - <td>little</td> - <td>signed</td> - </tr> - <tr> - <td>powerpc</td> - <td>big</td> - <td>unsigned</td> - </tr> - <tr> - <td>powerpcspe</td> - <td>big</td> - <td>unsigned</td> - </tr> - <tr> - <td>powerpc64</td> - <td>big</td> - <td>unsigned</td> - </tr> - <tr> - <td>powerpc64le</td> - <td>little</td> - <td>unsigned</td> - </tr> - <tr> - <td>riscv64</td> - <td>little</td> - <td>signed</td> - </tr> - <tr> - <td>riscv64c</td> - <td>little</td> - <td>signed</td> - </tr> -</table> -</section> -<section class="Ss"> -<h2 class="Ss" id="Page_Size"><a class="permalink" href="#Page_Size">Page - Size</a></h2> -<table class="Bl-column Bd-indent"> - <tr id="Architecture~5"> - <td><a class="permalink" href="#Architecture~5"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#Page"><b class="Sy" id="Page">Page - Sizes</b></a></td> - </tr> - <tr> - <td>aarch64</td> - <td>4K, 64K, 2M, 1G</td> - </tr> - <tr> - <td>aarch64c</td> - <td>4K, 64K, 2M, 1G</td> - </tr> - <tr> - <td>amd64</td> - <td>4K, 2M, 1G</td> - </tr> - <tr> - <td>armv7</td> - <td>4K, 1M</td> - </tr> - <tr> - <td>i386</td> - <td>4K, 2M (PAE), 4M</td> - </tr> - <tr> - <td>powerpc</td> - <td>4K</td> - </tr> - <tr> - <td>powerpcspe</td> - <td>4K</td> - </tr> - <tr> - <td>powerpc64</td> - <td>4K</td> - </tr> - <tr> - <td>powerpc64le</td> - <td>4K</td> - </tr> - <tr> - <td>riscv64</td> - <td>4K, 2M, 1G</td> - </tr> - <tr> - <td>riscv64c</td> - <td>4K, 2M, 1G</td> - </tr> -</table> -</section> -<section class="Ss"> -<h2 class="Ss" id="User_Address_Space_Layout"><a class="permalink" href="#User_Address_Space_Layout">User - Address Space Layout</a></h2> -<table class="Bl-column Bd-indent"> - <tr id="Architecture~6"> - <td><a class="permalink" href="#Architecture~6"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#Maximum"><b class="Sy" id="Maximum">Maximum - Address</b></a></td> - <td><a class="permalink" href="#Address"><b class="Sy" id="Address">Address - Space Size</b></a></td> - </tr> - <tr> - <td>aarch64</td> - <td>0x0001000000000000</td> - <td>256TiB</td> - </tr> - <tr> - <td>aarch64c</td> - <td>0x0001000000000000</td> - <td>256TiB</td> - </tr> - <tr> - <td>amd64 (LA48)</td> - <td>0x0000800000000000</td> - <td>128TiB</td> - </tr> - <tr> - <td>amd64 (LA57)</td> - <td>0x0100000000000000</td> - <td>64PiB</td> - </tr> - <tr> - <td>armv7</td> - <td>0xbfc00000</td> - <td>3GiB</td> - </tr> - <tr> - <td>i386</td> - <td>0xffc00000</td> - <td>4GiB</td> - </tr> - <tr> - <td>powerpc</td> - <td>0xfffff000</td> - <td>4GiB</td> - </tr> - <tr> - <td>powerpcspe</td> - <td>0x7ffff000</td> - <td>2GiB</td> - </tr> - <tr> - <td>powerpc64</td> - <td>0x000fffffc0000000</td> - <td>4PiB</td> - </tr> - <tr> - <td>powerpc64le</td> - <td>0x000fffffc0000000</td> - <td>4PiB</td> - </tr> - <tr> - <td>riscv64 (Sv39)</td> - <td>0x0000004000000000</td> - <td>256GiB</td> - </tr> - <tr> - <td>riscv64c (Sv39)</td> - <td>0x0000004000000000</td> - <td>256GiB</td> - </tr> - <tr> - <td>riscv64 (Sv48)</td> - <td>0x0000800000000000</td> - <td>128TiB</td> - </tr> - <tr> - <td>riscv64c (Sv48)</td> - <td>0x0000800000000000</td> - <td>128TiB</td> - </tr> -</table> -<p class="Pp">The layout of a process' address space can be queried via the - <code class="Dv">KERN_PROC_VM_LAYOUT</code> <a class="Xr">sysctl(3)</a> - MIB.</p> -<p class="Pp" id="vm.pmap.la57">Historically, amd64 CPUs were limited to a - 48-bit virtual address space. Newer CPUs support 5-level page tables, which - extend the significant bits of addresses to 57 bits (LA57 mode). The address - space layout is determined by the CPU's support for LA57. Setting the - <a class="permalink" href="#vm.pmap.la57"><b class="Sy">vm.pmap.la57</b></a> - tunable to 0 forces the system into 4-level paging mode, even on hardware - that supports 5-level paging. In this mode, all processes get a 48-bit - address space. The - <a class="permalink" href="#vm.pmap.prefer_la48_uva"><b class="Sy" id="vm.pmap.prefer_la48_uva">vm.pmap.prefer_la48_uva</b></a> - tunable determines whether processes running on a LA57 system are limited to - a 48-bit address space by default. Some applications make use of unused - upper bits in pointer values to store information, and thus implicitly - assume they are running in LA48 mode. To avoid breaking compatibility, all - processes run in LA48 mode by default. The <a class="Xr">elfctl(1)</a> - utility can be used to request LA48 or LA57 mode for specific executables. - Similarly, <a class="Xr">proccontrol(1)</a> can be used to configure the - address space layout when executing a process.</p> -<p class="Pp" id="vm.pmap.mode">The RISC-V specification permits 3-level (Sv39), - 4-level (Sv48), and 5-level (Sv57) page tables. Hardware is only required to - implement Sv39; implementations which support Sv48 must also support Sv39, - and implementations which support Sv57 must also support Sv48. The - <a class="permalink" href="#vm.pmap.mode"><b class="Sy">vm.pmap.mode</b></a> - tunable can be used to select the layout. <span class="Ux">FreeBSD</span> - currently supports Sv39 and Sv48 and defaults to using Sv39.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Floating_Point"><a class="permalink" href="#Floating_Point">Floating - Point</a></h2> -<table class="Bl-column Bd-indent"> - <tr id="Architecture~7"> - <td><a class="permalink" href="#Architecture~7"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#float,"><b class="Sy" id="float,">float, - double</b></a></td> - <td><b class="Sy">long double</b></td> - </tr> - <tr> - <td>aarch64</td> - <td>hard</td> - <td>soft, quad precision</td> - </tr> - <tr> - <td>aarch64c</td> - <td>hard</td> - <td>soft, quad precision</td> - </tr> - <tr> - <td>amd64</td> - <td>hard</td> - <td>hard, 80 bit</td> - </tr> - <tr> - <td>armv7</td> - <td>hard</td> - <td>hard, double precision</td> - </tr> - <tr> - <td>i386</td> - <td>hard</td> - <td>hard, 80 bit</td> - </tr> - <tr> - <td>powerpc</td> - <td>hard</td> - <td>hard, double precision</td> - </tr> - <tr> - <td>powerpcspe</td> - <td>hard</td> - <td>hard, double precision</td> - </tr> - <tr> - <td>powerpc64</td> - <td>hard</td> - <td>hard, double precision</td> - </tr> - <tr> - <td>powerpc64le</td> - <td>hard</td> - <td>hard, double precision</td> - </tr> - <tr> - <td>riscv64</td> - <td>hard</td> - <td>hard, quad precision</td> - </tr> - <tr> - <td>riscv64c</td> - <td>hard</td> - <td>hard, quad precision</td> - </tr> -</table> -</section> -<section class="Ss"> -<h2 class="Ss" id="Default_Tool_Chain"><a class="permalink" href="#Default_Tool_Chain">Default - Tool Chain</a></h2> -<p class="Pp"><span class="Ux">FreeBSD</span> uses <a class="Xr">clang(1)</a> as - the default compiler on all supported CPU architectures, LLVM's - <a class="Xr">ld.lld(1)</a> as the default linker, and LLVM binary utilities - such as <a class="Xr">objcopy(1)</a> and <a class="Xr">readelf(1)</a>.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="MACHINE_ARCH_vs_MACHINE_CPUARCH_vs_MACHINE"><a class="permalink" href="#MACHINE_ARCH_vs_MACHINE_CPUARCH_vs_MACHINE">MACHINE_ARCH - vs MACHINE_CPUARCH vs MACHINE</a></h2> -<p class="Pp"><code class="Dv">MACHINE_CPUARCH</code> should be preferred in - Makefiles when the generic architecture is being tested. - <code class="Dv">MACHINE_ARCH</code> should be preferred when there is - something specific to a particular type of architecture where there is a - choice of many, or could be a choice of many. Use - <code class="Dv">MACHINE</code> when referring to the kernel, interfaces - dependent on a specific type of kernel or similar things like boot - sequences.</p> -<table class="Bl-column Bd-indent"> - <tr id="MACHINE"> - <td><a class="permalink" href="#MACHINE"><code class="Dv">MACHINE</code></a></td> - <td><a class="permalink" href="#MACHINE_CPUARCH"><code class="Dv" id="MACHINE_CPUARCH">MACHINE_CPUARCH</code></a></td> - <td><a class="permalink" href="#MACHINE_ARCH"><code class="Dv" id="MACHINE_ARCH">MACHINE_ARCH</code></a></td> - </tr> - <tr> - <td>arm64</td> - <td>aarch64</td> - <td>aarch64, aarch64c</td> - </tr> - <tr> - <td>amd64</td> - <td>amd64</td> - <td>amd64</td> - </tr> - <tr> - <td>arm</td> - <td>arm</td> - <td>armv7</td> - </tr> - <tr> - <td>i386</td> - <td>i386</td> - <td>i386</td> - </tr> - <tr> - <td>powerpc</td> - <td>powerpc</td> - <td>powerpc, powerpcspe, powerpc64, powerpc64le</td> - </tr> - <tr> - <td>riscv</td> - <td>riscv</td> - <td>riscv64, riscv64c</td> - </tr> -</table> -</section> -<section class="Ss"> -<h2 class="Ss" id="Predefined_Macros"><a class="permalink" href="#Predefined_Macros">Predefined - Macros</a></h2> -<p class="Pp">The compiler provides a number of predefined macros. Some of these - provide architecture-specific details and are explained below. Other macros, - including those required by the language standard, are not included - here.</p> -<p class="Pp">The full set of predefined macros can be obtained with this - command:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cc -x c -dM -E /dev/null</pre> -</div> -<p class="Pp">Common type size and endianness macros:</p> -<table class="Bl-column Bd-indent"> - <tr id="Macro"> - <td><a class="permalink" href="#Macro"><b class="Sy">Macro</b></a></td> - <td><a class="permalink" href="#Meaning"><b class="Sy" id="Meaning">Meaning</b></a></td> - </tr> - <tr id="__SIZEOF_LONG__"> - <td><a class="permalink" href="#__SIZEOF_LONG__"><code class="Dv">__SIZEOF_LONG__</code></a></td> - <td>size in bytes of long</td> - </tr> - <tr id="__SIZEOF_POINTER__"> - <td><a class="permalink" href="#__SIZEOF_POINTER__"><code class="Dv">__SIZEOF_POINTER__</code></a></td> - <td>size in bytes of intptr_t and pointers</td> - </tr> - <tr id="__SIZEOF_SIZE_T__"> - <td><a class="permalink" href="#__SIZEOF_SIZE_T__"><code class="Dv">__SIZEOF_SIZE_T__</code></a></td> - <td>size in bytes of size_t</td> - </tr> - <tr id="__LP64__"> - <td><a class="permalink" href="#__LP64__"><code class="Dv">__LP64__</code></a></td> - <td>64-bit (8-byte) long and pointer, 32-bit (4-byte) int</td> - </tr> - <tr id="__ILP32__"> - <td><a class="permalink" href="#__ILP32__"><code class="Dv">__ILP32__</code></a></td> - <td>32-bit (4-byte) int, long and pointer</td> - </tr> - <tr id="__CHERI__"> - <td><a class="permalink" href="#__CHERI__"><code class="Dv">__CHERI__</code></a></td> - <td>128-bit (16-byte) capability pointer, 64-bit (8-byte) long</td> - </tr> - <tr id="BYTE_ORDER"> - <td><a class="permalink" href="#BYTE_ORDER"><code class="Dv">BYTE_ORDER</code></a></td> - <td>Either <code class="Dv">BIG_ENDIAN or</code> - <code class="Dv">LITTLE_ENDIAN</code>.</td> - </tr> -</table> -<p class="Pp">Because systems were historically either - <code class="Dv">__ILP32__</code> or <code class="Dv">__LP64__</code> it has - been common for programmers to test only one and assume the other one in an - else branch. With the arrival of CHERI architectures, this is no longer the - case. <code class="Dv">__SIZEOF_*__</code> macros should be used instead. - New uses of <code class="Dv">__ILP32__</code> and - <code class="Dv">__LP64__</code> should be avoided. Compilers for CHERI - targets do not define <code class="Dv">__LP64__</code> as their pointers are - 128-bit capabilities.</p> -<p class="Pp">Architecture-specific macros:</p> -<table class="Bl-column Bd-indent"> - <tr id="Architecture~8"> - <td><a class="permalink" href="#Architecture~8"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#Predefined"><b class="Sy" id="Predefined">Predefined - macros</b></a></td> - </tr> - <tr id="__aarch64__"> - <td>aarch64</td> - <td><a class="permalink" href="#__aarch64__"><code class="Dv">__aarch64__</code></a></td> - </tr> - <tr id="__aarch64__~2"> - <td>aarch64c</td> - <td><a class="permalink" href="#__aarch64__~2"><code class="Dv">__aarch64__</code></a>, - <code class="Dv">__CHERI__</code></td> - </tr> - <tr id="__amd64__"> - <td>amd64</td> - <td><a class="permalink" href="#__amd64__"><code class="Dv">__amd64__</code></a>, - <code class="Dv">__x86_64__</code></td> - </tr> - <tr id="__arm__"> - <td>armv7</td> - <td><a class="permalink" href="#__arm__"><code class="Dv">__arm__</code></a>, - <code class="Dv">__ARM_ARCH >= 7</code></td> - </tr> - <tr id="__i386__"> - <td>i386</td> - <td><a class="permalink" href="#__i386__"><code class="Dv">__i386__</code></a></td> - </tr> - <tr id="__powerpc__"> - <td>powerpc</td> - <td><a class="permalink" href="#__powerpc__"><code class="Dv">__powerpc__</code></a></td> - </tr> - <tr id="__powerpc__~2"> - <td>powerpcspe</td> - <td><a class="permalink" href="#__powerpc__~2"><code class="Dv">__powerpc__</code></a>, - <code class="Dv">__SPE__</code></td> - </tr> - <tr id="__powerpc__~3"> - <td>powerpc64</td> - <td><a class="permalink" href="#__powerpc__~3"><code class="Dv">__powerpc__</code></a>, - <code class="Dv">__powerpc64__</code></td> - </tr> - <tr id="__powerpc__~4"> - <td>powerpc64le</td> - <td><a class="permalink" href="#__powerpc__~4"><code class="Dv">__powerpc__</code></a>, - <code class="Dv">__powerpc64__</code></td> - </tr> - <tr id="__riscv"> - <td>riscv64</td> - <td><a class="permalink" href="#__riscv"><code class="Dv">__riscv</code></a>, - <code class="Dv">__riscv_xlen == 64</code></td> - </tr> - <tr id="__riscv~2"> - <td>riscv64c</td> - <td><a class="permalink" href="#__riscv~2"><code class="Dv">__riscv</code></a>, - <code class="Dv">__riscv_xlen == 64</code>, - <code class="Dv">__CHERI__</code></td> - </tr> -</table> -<p class="Pp">Compilers may define additional variants of architecture-specific - macros. The macros above are preferred for use in - <span class="Ux">FreeBSD</span>.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Important_make_1_variables"><a class="permalink" href="#Important_make_1_variables">Important - <a class="Xr">make(1)</a> variables</a></h2> -<p class="Pp">Most of the externally settable variables are defined in the - <a class="Xr">build(7)</a> man page. These variables are not otherwise - documented and are used extensively in the build system.</p> -<dl class="Bl-tag"> - <dt id="MACHINE~2"><a class="permalink" href="#MACHINE~2"><code class="Dv">MACHINE</code></a></dt> - <dd>Represents the hardware platform. This is the same as the native - platform's <a class="Xr">uname(1)</a> <code class="Fl">-m</code> output. - It defines both the userland / kernel interface, as well as the bootloader - / kernel interface. It should only be used in these contexts. Each CPU - architecture may have multiple hardware platforms it supports where - <code class="Dv">MACHINE</code> differs among them. It is used to collect - together all the files from <a class="Xr">config(8)</a> to build the - kernel. It is often the same as <code class="Dv">MACHINE_ARCH</code> just - as one CPU architecture can be implemented by many different hardware - platforms, one hardware platform may support multiple CPU architecture - family members, though with different binaries. For example, - <code class="Dv">MACHINE</code> of i386 supported the IBM-AT hardware - platform while the <code class="Dv">MACHINE</code> of pc98 supported the - Japanese company NEC's PC-9801 and PC-9821 hardware platforms. Both of - these hardware platforms supported only the - <code class="Dv">MACHINE_ARCH</code> of i386 where they shared a common - ABI, except for certain kernel / userland interfaces relating to - underlying hardware platform differences in bus architecture, device - enumeration and boot interface. Generally, <code class="Dv">MACHINE</code> - should only be used in src/sys and src/stand or in system imagers or - installers.</dd> - <dt id="MACHINE_ARCH~2"><a class="permalink" href="#MACHINE_ARCH~2"><code class="Dv">MACHINE_ARCH</code></a></dt> - <dd>Represents the CPU processor architecture. This is the same as the native - platforms <a class="Xr">uname(1)</a> <code class="Fl">-p</code> output. It - defines the CPU instruction family supported. It may also encode a - variation in the byte ordering of multi-byte integers (endian). It may - also encode a variation in the size of the integer or pointer. It may also - encode a ISA revision. It may also encode hard versus soft floating point - ABI and usage. It may also encode a variant ABI when the other factors do - not uniquely define the ABI. It, along with - <code class="Dv">MACHINE</code>, defines the ABI used by the system. - Generally, the plain CPU name specifies the most common (or at least - first) variant of the CPU. This is why powerpc and powerpc64 imply 'big - endian' while armv7 and aarch64 imply little endian. If we ever were to - support the so-called x32 ABI (using 32-bit pointers on the amd64 - architecture), it would most likely be encoded as amd64-x32. It is - unfortunate that amd64 specifies the 64-bit evolution of the x86 platform - (it matches the 'first rule') as almost everybody else uses x86_64. The - <span class="Ux">FreeBSD</span> port was so early, it predated processor - name standardization after Intel joined the market. At the time, each OS - selected its own conventions. Backwards compatibility means it is not easy - to change to the consensus name.</dd> - <dt id="MACHINE_CPUARCH~2"><a class="permalink" href="#MACHINE_CPUARCH~2"><code class="Dv">MACHINE_CPUARCH</code></a></dt> - <dd>Represents the source location for a given - <code class="Dv">MACHINE_ARCH</code>. It is generally the common prefix - for all the MACHINE_ARCH that share the same implementation, though - 'riscv' breaks this rule. While amd64 and i386 are closely related, - MACHINE_CPUARCH is not x86 for them. The <span class="Ux">FreeBSD</span> - source base supports amd64 and i386 with two distinct source bases living - in subdirectories named amd64 and i386 (though behind the scenes there's - some sharing that fits into this framework).</dd> - <dt id="CPUTYPE"><a class="permalink" href="#CPUTYPE"><code class="Dv">CPUTYPE</code></a></dt> - <dd>Sets the flavor of <code class="Dv">MACHINE_ARCH</code> to build. It is - used to optimize the build for a specific CPU / core that the binaries run - on. Generally, this does not change the ABI, though it can be a fine line - between optimization for specific cases.</dd> - <dt id="TARGET"><a class="permalink" href="#TARGET"><code class="Dv">TARGET</code></a></dt> - <dd>Used to set <code class="Dv">MACHINE</code> in the top level Makefile for - cross building. Unused outside of that scope. It is not passed down to the - rest of the build. Makefiles outside of the top level should not use it at - all (though some have their own private copy for historical reasons).</dd> - <dt id="TARGET_ARCH"><a class="permalink" href="#TARGET_ARCH"><code class="Dv">TARGET_ARCH</code></a></dt> - <dd>Used to set <code class="Dv">MACHINE_ARCH</code> by the top level Makefile - for cross building. Like <code class="Dv">TARGET</code>, it is unused - outside of that scope.</dd> -</dl> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">elfctl(1)</a>, <a class="Xr">proccontrol(1)</a>, - <a class="Xr">sysctl(3)</a>, <a class="Xr">src.conf(5)</a>, - <a class="Xr">build(7)</a>, <a class="Xr">simd(7)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">An <code class="Nm">arch</code> manual page appeared in - <span class="Ux">FreeBSD 11.1</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">November 27, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/ascii.7 3.html b/static/freebsd/man7/ascii.7 3.html deleted file mode 100644 index 81a207fc..00000000 --- a/static/freebsd/man7/ascii.7 3.html +++ /dev/null @@ -1,173 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">ASCII(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">ASCII(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">ascii</code> — <span class="Nd">octal, - hexadecimal, decimal and binary ASCII character sets</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <code class="Nm">octal</code> set:</p> -<div class="Bd Pp Li"> -<pre>000 NUL 001 SOH 002 STX 003 ETX 004 EOT 005 ENQ 006 ACK 007 BEL -010 BS 011 HT 012 LF 013 VT 014 FF 015 CR 016 SO 017 SI -020 DLE 021 DC1 022 DC2 023 DC3 024 DC4 025 NAK 026 SYN 027 ETB -030 CAN 031 EM 032 SUB 033 ESC 034 FS 035 GS 036 RS 037 US -040 SP 041 ! 042 " 043 # 044 $ 045 % 046 & 047 ' -050 ( 051 ) 052 * 053 + 054 , 055 - 056 . 057 / -060 0 061 1 062 2 063 3 064 4 065 5 066 6 067 7 -070 8 071 9 072 : 073 ; 074 < 075 = 076 > 077 ? -100 @ 101 A 102 B 103 C 104 D 105 E 106 F 107 G -110 H 111 I 112 J 113 K 114 L 115 M 116 N 117 O -120 P 121 Q 122 R 123 S 124 T 125 U 126 V 127 W -130 X 131 Y 132 Z 133 [ 134 \  135 ] 136 ^ 137 _ -140 ` 141 a 142 b 143 c 144 d 145 e 146 f 147 g -150 h 151 i 152 j 153 k 154 l 155 m 156 n 157 o -160 p 161 q 162 r 163 s 164 t 165 u 166 v 167 w -170 x 171 y 172 z 173 { 174 | 175 } 176 ~ 177 DEL</pre> -</div> -<p class="Pp">The <code class="Nm">hexadecimal</code> set:</p> -<div class="Bd Pp Li"> -<pre>00 NUL 01 SOH 02 STX 03 ETX 04 EOT 05 ENQ 06 ACK 07 BEL -08 BS 09 HT 0a LF 0b VT 0c FF 0d CR 0e SO 0f SI -10 DLE 11 DC1 12 DC2 13 DC3 14 DC4 15 NAK 16 SYN 17 ETB -18 CAN 19 EM 1a SUB 1b ESC 1c FS 1d GS 1e RS 1f US -20 SP 21 ! 22 " 23 # 24 $ 25 % 26 & 27 ' -28 ( 29 ) 2a * 2b + 2c , 2d - 2e . 2f / -30 0 31 1 32 2 33 3 34 4 35 5 36 6 37 7 -38 8 39 9 3a : 3b ; 3c < 3d = 3e > 3f ? -40 @ 41 A 42 B 43 C 44 D 45 E 46 F 47 G -48 H 49 I 4a J 4b K 4c L 4d M 4e N 4f O -50 P 51 Q 52 R 53 S 54 T 55 U 56 V 57 W -58 X 59 Y 5a Z 5b [ 5c \  5d ] 5e ^ 5f _ -60 ` 61 a 62 b 63 c 64 d 65 e 66 f 67 g -68 h 69 i 6a j 6b k 6c l 6d m 6e n 6f o -70 p 71 q 72 r 73 s 74 t 75 u 76 v 77 w -78 x 79 y 7a z 7b { 7c | 7d } 7e ~ 7f DEL</pre> -</div> -<p class="Pp">The <code class="Nm">decimal</code> set:</p> -<div class="Bd Pp Li"> -<pre> 0 NUL 1 SOH 2 STX 3 ETX 4 EOT 5 ENQ 6 ACK 7 BEL - 8 BS 9 HT 10 LF 11 VT 12 FF 13 CR 14 SO 15 SI - 16 DLE 17 DC1 18 DC2 19 DC3 20 DC4 21 NAK 22 SYN 23 ETB - 24 CAN 25 EM 26 SUB 27 ESC 28 FS 29 GS 30 RS 31 US - 32 SP 33 ! 34 " 35 # 36 $ 37 % 38 & 39 ' - 40 ( 41 ) 42 * 43 + 44 , 45 - 46 . 47 / - 48 0 49 1 50 2 51 3 52 4 53 5 54 6 55 7 - 56 8 57 9 58 : 59 ; 60 < 61 = 62 > 63 ? - 64 @ 65 A 66 B 67 C 68 D 69 E 70 F 71 G - 72 H 73 I 74 J 75 K 76 L 77 M 78 N 79 O - 80 P 81 Q 82 R 83 S 84 T 85 U 86 V 87 W - 88 X 89 Y 90 Z 91 [ 92 \  93 ] 94 ^ 95 _ - 96 ` 97 a 98 b 99 c 100 d 101 e 102 f 103 g -104 h 105 i 106 j 107 k 108 l 109 m 110 n 111 o -112 p 113 q 114 r 115 s 116 t 117 u 118 v 119 w -120 x 121 y 122 z 123 { 124 | 125 } 126 ~ 127 DEL</pre> -</div> -<p class="Pp">The <code class="Nm">binary</code> set:</p> -<div class="Bd Pp Li"> -<pre> 00 01 10 11 - -NUL SP @ ` 00000 -SOH ! A a 00001 -STX " B b 00010 -ETX # C c 00011 -EOT $ D d 00100 -ENQ % E e 00101 -ACK & F f 00110 -BEL ' G g 00111 - BS ( H h 01000 - HT ) I i 01001 - LF * J j 01010 - VT + K k 01011 - FF , L l 01100 - CR - M m 01101 - SO . N n 01110 - SI / O o 01111 -DLE 0 P p 10000 -DC1 1 Q q 10001 -DC2 2 R r 10010 -DC3 3 S s 10011 -DC4 4 T t 10100 -NAK 5 U u 10101 -SYN 6 V v 10110 -ETB 7 W w 10111 -CAN 8 X x 11000 - EM 9 Y y 11001 -SUB : Z z 11010 -ESC ; [ { 11011 - FS < \  | 11100 - GS = ] } 11101 - RS > ^ - 11110 - US ? _ DEL 11111</pre> -</div> -<p class="Pp">The full <code class="Nm">names</code> of the control character - set:</p> -<div class="Bd Pp Li"> -<pre>NUL NULl -SOH Start Of Heading -STX Start Of Text -ETX End Of Text -EOT End Of Transmission -ENQ ENQuiry -ACK ACKnowledge -BEL BELl - BS BackSpace - HT Horizontal Tab - LF Line Feed (new line) - VT Vertical Tab - FF new page Form Feed - CR Carriage Return - SO Shift Out - SI Shift In -DLE Data Link Escape -DC1 Device Control 1 -DC2 Device Control 2 -DC3 Device Control 3 -DC4 Device Control 4 -NAK Negative AcKnowledge -SYN SYNchronous idle -ETB End of Transmission Block -CAN CANcel - EM End of Medium -SUB SUBstitute -ESC ESCape - FS File Separator - GS Group Separator - RS Record Separator - US Unit Separator</pre> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/usr/share/misc/ascii</span></dt> - <dd style="width: auto;"> </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="STANDARDS"><a class="permalink" href="#STANDARDS">STANDARDS</a></h1> -<p class="Pp"><cite class="Rs"><span class="RsT">Information Systems - Coded - Character Sets - 7-Bit American National Standard Code for Information - Interchange (7-Bit ASCII)</span>, <span class="RsR">INCITS - 4-1986[R2017]</span>, <span class="RsQ">InterNational Committee for - Information Technology Standards</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">An <code class="Nm">ascii</code> manual page appeared in - <span class="Ux">Version 1 AT&T UNIX</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">January 4, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/bsd.snmpmod.mk.7 3.html b/static/freebsd/man7/bsd.snmpmod.mk.7 3.html deleted file mode 100644 index a7c894d5..00000000 --- a/static/freebsd/man7/bsd.snmpmod.mk.7 3.html +++ /dev/null @@ -1,85 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">BSD.SNMPMOD.MK(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">BSD.SNMPMOD.MK(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">bsd.snmpmod.mk</code> — - <span class="Nd">building modules for <a class="Xr">bsnmpd(1)</a></span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><code class="Fd">.include <bsd.snmpmod.mk></code></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The file - <code class="In"><<a class="In">bsd.snmpmod.mk</a>></code> simplifies - the building of modules for the Begemot SNMP daemon, - <a class="Xr">bsnmpd(1)</a>. It provides some common functions for building - a module and relies on - <code class="In"><<a class="In">bsd.lib.mk</a>></code>, which is - included by <code class="In"><<a class="In">bsd.snmpmod.mk</a>></code> - to actually build the shared library.</p> -<p class="Pp">The following <a class="Xr">make(1)</a> variables control the - special functions:</p> -<dl class="Bl-tag"> - <dt id="MOD"><var class="Va">MOD</var></dt> - <dd>The short name of the module. The name of the shared library will be - <span class="Pa">snmp_${MOD}.so</span>. There must exist a file - <span class="Pa">${MOD}_tree.def</span> for compilation with - <a class="Xr">gensnmptree(1)</a> which contains the definition of the MIB - tree implemented by the module.</dd> - <dt id="EXTRAMIBDEFS"><var class="Va">EXTRAMIBDEFS</var></dt> - <dd>A list of extra MIB definition files for <a class="Xr">gensnmptree(1)</a>. - This is optional. This file list is given to both calls to - <a class="Xr">gensnmptree(1)</a> <span class="No">—</span> the one - that extracts the symbols in <var class="Va">XSYM</var> from the MIB - definitions and the one that generates the table with OIDs served by this - module.</dd> - <dt id="EXTRAMIBSYMS"><var class="Va">EXTRAMIBSYMS</var></dt> - <dd>A list of extra MIB definition files for <a class="Xr">gensnmptree(1)</a>. - This is optional. This file list is given only to the call to - <a class="Xr">gensnmptree(1)</a> that extracts symbols from MIB definition - files. It is useful if there are dependencies on other MIBs or for - extracting global definitions for enumeration constants.</dd> - <dt id="XSYM"><var class="Va">XSYM</var></dt> - <dd>A list of symbols to be extracted from the MIB definition files by - <a class="Xr">gensnmptree(1)</a>. This is optional.</dd> - <dt id="DEFS"><var class="Va">DEFS</var></dt> - <dd>A list of MIB definition files to be installed. This is optional.</dd> - <dt id="BMIBS"><var class="Va">BMIBS</var></dt> - <dd>A list of textual MIBs to be installed. This is optional.</dd> -</dl> -<p class="Pp">Three files are automatically created from the MIB definition - files and the <var class="Va">XSYM</var> variable:</p> -<dl class="Bl-tag"> - <dt><span class="Pa">${MOD}_tree.c</span></dt> - <dd>This contains a table with the tree implemented by the module. It is - automatically included into the <var class="Va">SRCS</var> variable.</dd> - <dt><span class="Pa">${MOD}_tree.h</span></dt> - <dd>This contains preprocessor defines for all the OIDs defined by the module - and can be included in the module's source code.</dd> - <dt><span class="Pa">${MOD}_oid.h</span></dt> - <dd>OID preprocessor definitions for all the symbols listed in - <var class="Va">XSYMS</var>. This is to be included into the module's - source code.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">bsnmpd(1)</a>, <a class="Xr">gensnmptree(1)</a>, - <a class="Xr">snmpmod(3)</a></p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">January 8, 2008</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/build.7 3.html b/static/freebsd/man7/build.7 3.html deleted file mode 100644 index dc1b3a5c..00000000 --- a/static/freebsd/man7/build.7 3.html +++ /dev/null @@ -1,863 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">BUILD(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">BUILD(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">build</code> — <span class="Nd">general - instructions on how to build the <span class="Ux">FreeBSD</span> - system</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The sources for the <span class="Ux">FreeBSD</span> system and its - applications are contained in three directories, normally:</p> -<dl class="Bl-tag"> - <dt><span class="Pa">/usr/src</span></dt> - <dd>“base system”, loosely defined as everything required to - build the system to a useful state</dd> - <dt><span class="Pa">/usr/doc</span></dt> - <dd>system documentation, excluding manual pages</dd> - <dt><span class="Pa">/usr/ports</span></dt> - <dd>third-party software, with a consistent interface for building and - installing them; see <a class="Xr">ports(7)</a></dd> -</dl> -<p class="Pp">These directories may be initially empty or non-existent until - updated with Git (<span class="Pa">devel/git</span> from the - <span class="Ux">FreeBSD</span> Ports Collection).</p> -<p class="Pp">The <a class="Xr">make(1)</a> command is used in each of these - directories to build and install the things in that directory. Issuing the - <a class="Xr">make(1)</a> command in any directory issues the - <a class="Xr">make(1)</a> command recursively in all subdirectories. With no - target specified, the items in the directories are built and no further - action is taken.</p> -<p class="Pp">A source tree is allowed to be read-only. As described in - <a class="Xr">make(1)</a>, objects are usually built in a separate object - directory hierarchy specified by the environment variable - <var class="Va">MAKEOBJDIRPREFIX</var>, or under - <span class="Pa">/usr/obj</span> if variable - <var class="Va">MAKEOBJDIRPREFIX</var> is not set. The canonical object - directory is described in the documentation for the - <code class="Cm">buildworld</code> target below.</p> -<p class="Pp">The <code class="Nm">build</code> may be controlled by defining - <a class="Xr">make(1)</a> variables described in the - <a class="Sx" href="#ENVIRONMENT">ENVIRONMENT</a> section below, and by the - variables documented in <a class="Xr">make.conf(5)</a>.</p> -<p class="Pp">The default components included in the build are specified in the - file <span class="Pa">/etc/src.conf</span> in the source tree. To override - the default file, include the SRCCONF option in the make steps, pointing to - a custom src.conf file. For more information see - <a class="Xr">src.conf(5)</a>.</p> -<p class="Pp">The following list provides the names and actions for the targets - supported by the build system:</p> -<dl class="Bl-tag"> - <dt id="analyze"><a class="permalink" href="#analyze"><code class="Cm">analyze</code></a></dt> - <dd>Run Clang static analyzer against all objects and present output on - stdout.</dd> - <dt id="check"><a class="permalink" href="#check"><code class="Cm">check</code></a></dt> - <dd>Run tests for a given subdirectory. The default directory used is - <span class="Pa">${.OBJDIR}</span>, but the check directory can be changed - with <span class="Pa">${CHECKDIR}</span>.</dd> - <dt id="checkworld"><a class="permalink" href="#checkworld"><code class="Cm">checkworld</code></a></dt> - <dd>Run the <span class="Ux">FreeBSD</span> test suite on installed - world.</dd> - <dt id="clean"><a class="permalink" href="#clean"><code class="Cm">clean</code></a></dt> - <dd>Remove any files created during the build process.</dd> - <dt id="cleandepend"><a class="permalink" href="#cleandepend"><code class="Cm">cleandepend</code></a></dt> - <dd>Remove the <span class="Pa">${.OBJDIR}/${DEPENDFILE}*</span> files - generated by prior “<code class="Li">make</code>” and - “<code class="Li">make depend</code>” steps.</dd> - <dt id="cleandir"><a class="permalink" href="#cleandir"><code class="Cm">cleandir</code></a></dt> - <dd>Remove the canonical object directory if it exists, or perform actions - equivalent to “<code class="Li">make clean - cleandepend</code>” if it does not. This target will also remove an - <span class="Pa">obj</span> link in <span class="Pa">${.CURDIR}</span> if - that exists. - <p class="Pp">It is advisable to run “<code class="Li">make - cleandir</code>” twice: the first invocation will remove the - canonical object directory and the second one will clean up - <span class="Pa">${.CURDIR}</span>.</p> - </dd> - <dt id="depend"><a class="permalink" href="#depend"><code class="Cm">depend</code></a></dt> - <dd>Generate a list of build dependencies in file - <span class="Pa">${.OBJDIR}/${DEPENDFILE}</span>. Per-object dependencies - are generated at build time and stored in - <span class="Pa">${.OBJDIR}/${DEPENDFILE}.${OBJ}</span>.</dd> - <dt id="install"><a class="permalink" href="#install"><code class="Cm">install</code></a></dt> - <dd>Install the results of the build to the appropriate location in the - installation directory hierarchy specified in variable - <var class="Va">DESTDIR</var>.</dd> - <dt id="obj"><a class="permalink" href="#obj"><code class="Cm">obj</code></a></dt> - <dd>Create the canonical object directory associated with the current - directory.</dd> - <dt id="objlink"><a class="permalink" href="#objlink"><code class="Cm">objlink</code></a></dt> - <dd>Create a symbolic link to the canonical object directory in - <span class="Pa">${.CURDIR}</span>.</dd> - <dt id="tags"><a class="permalink" href="#tags"><code class="Cm">tags</code></a></dt> - <dd>Generate a tags file using the program specified in the - <a class="Xr">make(1)</a> variable <var class="Va">CTAGS</var>. The build - system supports <a class="Xr">ctags(1)</a> and <code class="Nm">GNU - Global</code>.</dd> -</dl> -<p class="Pp">The other supported targets under directory - <span class="Pa">/usr/src</span> are:</p> -<dl class="Bl-tag"> - <dt id="buildenv"><a class="permalink" href="#buildenv"><code class="Cm">buildenv</code></a></dt> - <dd>Spawn an interactive shell with environment variables set up for building - the system or individual components. For cross-building the target - architecture needs to be specified with <a class="Xr">make(1)</a> - variables <var class="Va">TARGET_ARCH</var> and - <var class="Va">TARGET</var>. - <p class="Pp">This target is only useful after a complete toolchain - (including the compiler, linker, assembler, headers and libraries) has - been built; see the <code class="Cm">toolchain</code> target below.</p> - <p class="Pp"><var class="Va">BUILDENV_SHELL</var>, which defaults to - <span class="Pa">/bin/sh</span>, is executed. This can be set to a - command that does something in this build environment, like cross build - an application. If that application has dependencies, though, the - <span class="Pa">devel/poudriere</span> package or port provides a more - generic solution.</p> - </dd> - <dt id="buildenvvars"><a class="permalink" href="#buildenvvars"><code class="Cm">buildenvvars</code></a></dt> - <dd>Print the shell variables that are set for a - <code class="Cm">buildenv</code> environment and exit.</dd> - <dt id="buildworld"><a class="permalink" href="#buildworld"><code class="Cm">buildworld</code></a></dt> - <dd>Build everything but the kernel, configure files in - <span class="Pa">etc</span>, and <span class="Pa">release</span>. The - object directory can be changed from the default - <span class="Pa">/usr/obj</span> by setting the - <span class="Pa">MAKEOBJDIRPREFIX</span> <a class="Xr">make(1)</a> - variable. The actual build location prefix used depends on the - <var class="Va">WITH_UNIFIED_OBJDIR</var> option from - <a class="Xr">src.conf(5)</a>. If enabled it is - <span class="Pa">${MAKEOBJDIRPREFIX}${.CURDIR}/${TARGET}.${TARGET_ARCH}</span> - for all builds. If disabled it is - <span class="Pa">${MAKEOBJDIRPREFIX}${.CURDIR}</span> for native builds, - and - <span class="Pa">${MAKEOBJDIRPREFIX}/${TARGET}.${TARGET_ARCH}${.CURDIR}</span> - for cross builds and native builds with variable - <var class="Va">CROSS_BUILD_TESTING</var> set.</dd> - <dt id="cleankernel"><a class="permalink" href="#cleankernel"><code class="Cm">cleankernel</code></a></dt> - <dd>Attempts to clean up targets built by a preceding - <code class="Cm">buildkernel</code>, or similar step, built from the same - source directory and <var class="Va">KERNCONF</var>.</dd> - <dt id="cleanworld"><a class="permalink" href="#cleanworld"><code class="Cm">cleanworld</code></a></dt> - <dd>Attempt to clean up targets built by a preceding - <code class="Cm">buildworld</code>, or similar step, built from this - source directory.</dd> - <dt id="cleanuniverse"><a class="permalink" href="#cleanuniverse"><code class="Cm">cleanuniverse</code></a></dt> - <dd>When <var class="Va">WITH_UNIFIED_OBJDIR</var> is enabled, attempt to - clean up targets built by a preceding <code class="Cm">buildworld</code>, - <code class="Cm">universe</code>, or similar step, for any architecture - built from this source directory.</dd> - <dt id="distributeworld"><a class="permalink" href="#distributeworld"><code class="Cm">distributeworld</code></a></dt> - <dd>Distribute everything compiled by a preceding - <code class="Cm">buildworld</code> step. Files are placed in the directory - hierarchy specified by <a class="Xr">make(1)</a> variable - <var class="Va">DISTDIR</var>. This target is used while building a - release; see <a class="Xr">release(7)</a>.</dd> - <dt id="native-xtools"><a class="permalink" href="#native-xtools"><code class="Cm">native-xtools</code></a></dt> - <dd>This target builds a cross-toolchain for the given - <b class="Sy">TARGET</b> and <b class="Sy">TARGET_ARCH</b>, as well as a - select list of static userland tools for the host system. This is intended - to be used in a jail where QEMU is used to improve performance by avoiding - emulating binaries that do not need to be emulated. - <b class="Sy">TARGET</b> and <b class="Sy">TARGET_ARCH</b> should be - defined.</dd> - <dt id="native-xtools-install"><a class="permalink" href="#native-xtools-install"><code class="Cm">native-xtools-install</code></a></dt> - <dd>Installs the results to <span class="Pa">${DESTDIR}/${NXTP}</span> where - <var class="Va">NXTP</var> defaults to <span class="Pa">nxb-bin</span>. - <b class="Sy">TARGET</b> and <b class="Sy">TARGET_ARCH</b> must be - defined.</dd> - <dt id="packages"><a class="permalink" href="#packages"><code class="Cm">packages</code></a></dt> - <dd>Create a <a class="Xr">freebsd-base(7)</a> package repository containing - packages that can be used to install or upgrade the base system. The - repository is created in the object directory, under - <span class="Pa">${REPODIR}/${PKG_ABI}</span> where - <code class="Ev">REPODIR</code> is the base directory where the repository - will be created, and <var class="Va">PKG_ABI</var> is the - <a class="Xr">pkg(7)</a> ABI for the build target, for example, - <span class="Pa">/usr/obj/${SRCDIR}/repo/FreeBSD:15:amd64</span>.</dd> - <dt id="packageworld"><a class="permalink" href="#packageworld"><code class="Cm">packageworld</code></a></dt> - <dd>Archive the results of <code class="Cm">distributeworld</code>, placing - the results in <var class="Va">DISTDIR</var>. This target is used while - building a <a class="Xr">release(7)</a> and is unrelated to building - <a class="Xr">freebsd-base(7)</a> packages.</dd> - <dt id="installworld"><a class="permalink" href="#installworld"><code class="Cm">installworld</code></a></dt> - <dd>Install everything built by a preceding <code class="Cm">buildworld</code> - step into the directory hierarchy pointed to by <a class="Xr">make(1)</a> - variable <var class="Va">DESTDIR</var>. - <p class="Pp">If installing onto an NFS file system and running - <a class="Xr">make(1)</a> with the <code class="Fl">-j</code> option, - make sure that <a class="Xr">rpc.lockd(8)</a> is running on both client - and server. See <a class="Xr">rc.conf(5)</a> on how to make it start at - boot time.</p> - </dd> - <dt id="toolchain"><a class="permalink" href="#toolchain"><code class="Cm">toolchain</code></a></dt> - <dd>Create the build toolchain needed to build the rest of the system. For - cross-architecture builds, this step creates a cross-toolchain.</dd> - <dt id="universe"><a class="permalink" href="#universe"><code class="Cm">universe</code></a></dt> - <dd>For each architecture, execute a <code class="Cm">buildworld</code> - followed by a <code class="Cm">buildkernel</code> for all kernels for that - architecture, including <span class="Pa">LINT</span>. This command takes a - long time.</dd> - <dt id="kernels"><a class="permalink" href="#kernels"><code class="Cm">kernels</code></a></dt> - <dd>Like <code class="Cm">universe</code> with - <var class="Va">WITHOUT_WORLDS</var> defined so only the kernels for each - architecture are built.</dd> - <dt id="worlds"><a class="permalink" href="#worlds"><code class="Cm">worlds</code></a></dt> - <dd>Like <code class="Cm">universe</code> with - <var class="Va">WITHOUT_KERNELS</var> defined so only the worlds for each - architecture are built.</dd> - <dt id="targets"><a class="permalink" href="#targets"><code class="Cm">targets</code></a></dt> - <dd>Print a list of supported <var class="Va">TARGET</var> / - <var class="Va">TARGET_ARCH</var> pairs for world and kernel targets.</dd> - <dt id="tinderbox"><a class="permalink" href="#tinderbox"><code class="Cm">tinderbox</code></a></dt> - <dd>Execute the same targets as <code class="Cm">universe</code>. In addition - print a summary of all failed targets at the end and exit with an error if - there were any.</dd> - <dt id="toolchains"><a class="permalink" href="#toolchains"><code class="Cm">toolchains</code></a></dt> - <dd>Create a build toolchain for each architecture supported by the build - system.</dd> - <dt id="xdev"><a class="permalink" href="#xdev"><code class="Cm">xdev</code></a></dt> - <dd>Builds and installs a cross-toolchain and sysroot for the given - <b class="Sy">TARGET</b> and <b class="Sy">TARGET_ARCH</b>. The sysroot - contains target library and headers. The target is an alias for - <code class="Cm">xdev-build</code> and - <code class="Cm">xdev-install</code>. The location of the files installed - can be controlled with <var class="Va">DESTDIR</var>. The target location - in <var class="Va">DESTDIR</var> is - <span class="Pa">${DESTDIR}/${XDTP}</span> where - <var class="Va">XDTP</var> defaults to - <span class="Pa">/usr/${XDDIR}</span> and <var class="Va">XDDIR</var> - defaults to <span class="Pa">${TARGET_ARCH}-freebsd</span>.</dd> - <dt id="update-packages"><a class="permalink" href="#update-packages"><code class="Cm">update-packages</code></a></dt> - <dd>Create or update the <a class="Xr">freebsd-base(7)</a> package repository - for the base system. If an old repository is being updated, then packages - whose contents have not changed since the previous version will be copied - into the new repository to avoid needless updating of the version - number.</dd> - <dt id="xdev-build"><a class="permalink" href="#xdev-build"><code class="Cm">xdev-build</code></a></dt> - <dd>Builds for the <code class="Cm">xdev</code> target.</dd> - <dt id="xdev-install"><a class="permalink" href="#xdev-install"><code class="Cm">xdev-install</code></a></dt> - <dd>Installs the files for the <code class="Cm">xdev</code> target.</dd> - <dt id="xdev-links"><a class="permalink" href="#xdev-links"><code class="Cm">xdev-links</code></a></dt> - <dd>Installs autoconf-style symlinks to - <span class="Pa">${DESTDIR}/usr/bin</span> pointing into the xdev - toolchain in <span class="Pa">${DESTDIR}/${XDTP}</span>.</dd> -</dl> -<p class="Pp">Kernel specific build targets in <span class="Pa">/usr/src</span> - are:</p> -<dl class="Bl-tag"> - <dt id="buildkernel"><a class="permalink" href="#buildkernel"><code class="Cm">buildkernel</code></a></dt> - <dd>Rebuild the kernel and the kernel modules. The object directory can be - changed from the default <span class="Pa">/usr/obj</span> by setting the - <span class="Pa">MAKEOBJDIRPREFIX</span> <a class="Xr">make(1)</a> - variable.</dd> - <dt id="installkernel"><a class="permalink" href="#installkernel"><code class="Cm">installkernel</code></a></dt> - <dd>Install the kernel and the kernel modules to directory - <span class="Pa">${DESTDIR}/boot/kernel</span>, renaming any pre-existing - directory with this name to <span class="Pa">kernel.old</span> if it - contained the currently running kernel. The target directory under - <span class="Pa">${DESTDIR}</span> may be modified using the - <var class="Va">INSTKERNNAME</var> or <var class="Va">KODIR</var> - <a class="Xr">make(1)</a> variables.</dd> - <dt id="distributekernel"><a class="permalink" href="#distributekernel"><code class="Cm">distributekernel</code></a></dt> - <dd>Install the kernel to the directory - <span class="Pa">${DISTDIR}/kernel/boot/kernel</span>. This target is used - while building a release; see <a class="Xr">release(7)</a>.</dd> - <dt id="packagekernel"><a class="permalink" href="#packagekernel"><code class="Cm">packagekernel</code></a></dt> - <dd>Archive the results of <code class="Cm">distributekernel</code>, placing - the results in <var class="Va">DISTDIR</var>. This target is used while - building a <a class="Xr">release(7)</a> and is unrelated to building - <a class="Xr">freebsd-base(7)</a> packages.</dd> - <dt id="kernel"><a class="permalink" href="#kernel"><code class="Cm">kernel</code></a></dt> - <dd>Equivalent to <code class="Cm">buildkernel</code> followed by - <code class="Cm">installkernel</code></dd> - <dt id="kernel-toolchain"><a class="permalink" href="#kernel-toolchain"><code class="Cm">kernel-toolchain</code></a></dt> - <dd>Rebuild the tools needed for kernel compilation. Use this if you did not - do a <code class="Cm">buildworld</code> first.</dd> - <dt id="reinstallkernel"><a class="permalink" href="#reinstallkernel"><code class="Cm">reinstallkernel</code></a></dt> - <dd>Reinstall the kernel and the kernel modules, overwriting the contents of - the target directory. As with the <code class="Cm">installkernel</code> - target, the target directory can be specified using the - <a class="Xr">make(1)</a> variable - <var class="Va">INSTKERNNAME</var>.</dd> -</dl> -<p class="Pp">Convenience targets for cleaning up the install destination - directory denoted by variable <var class="Va">DESTDIR</var> include:</p> -<dl class="Bl-tag"> - <dt id="check-old"><a class="permalink" href="#check-old"><code class="Cm">check-old</code></a></dt> - <dd>Print a list of old files and directories in the system.</dd> - <dt id="check-old-libs"><a class="permalink" href="#check-old-libs"><code class="Cm">check-old-libs</code></a></dt> - <dd>Print a list of obsolete base system libraries.</dd> - <dt id="delete-old"><a class="permalink" href="#delete-old"><code class="Cm">delete-old</code></a></dt> - <dd>Delete obsolete base system files and directories interactively. When - <code class="Li">-DBATCH_DELETE_OLD_FILES</code> is specified at the - command line, the delete operation will be non-interactive. The variables - <var class="Va">DESTDIR</var>, <var class="Va">TARGET_ARCH</var> and - <var class="Va">TARGET</var> should be set as with - “<code class="Li">make installworld</code>”.</dd> - <dt id="delete-old-libs"><a class="permalink" href="#delete-old-libs"><code class="Cm">delete-old-libs</code></a></dt> - <dd>Delete obsolete base system libraries interactively. This target should - only be used if no third party software uses these libraries. When - <code class="Li">-DBATCH_DELETE_OLD_FILES</code> is specified at the - command line, the delete operation will be non-interactive. The variables - <var class="Va">DESTDIR</var>, <var class="Va">TARGET_ARCH</var> and - <var class="Va">TARGET</var> should be set as with - “<code class="Li">make installworld</code>”.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="ENVIRONMENT"><a class="permalink" href="#ENVIRONMENT">ENVIRONMENT</a></h1> -<p class="Pp">Variables that influence all builds include:</p> -<dl class="Bl-tag"> - <dt id="DEBUG_FLAGS"><var class="Va">DEBUG_FLAGS</var></dt> - <dd>Defines a set of debugging flags that will be used to build all userland - binaries under <span class="Pa">/usr/src</span>. When - <var class="Va">DEBUG_FLAGS</var> is defined, the - <code class="Cm">install</code> and <code class="Cm">installworld</code> - targets install binaries from the current - <var class="Va">MAKEOBJDIRPREFIX</var> without stripping, so that - debugging information is retained in the installed binaries.</dd> - <dt id="DESTDIR"><var class="Va">DESTDIR</var></dt> - <dd>The directory hierarchy prefix where built objects will be installed. If - not set, <var class="Va">DESTDIR</var> defaults to the empty string. If - set, <var class="Va">DESTDIR</var> must specify an absolute path.</dd> - <dt id="MAKEOBJDIRPREFIX"><var class="Va">MAKEOBJDIRPREFIX</var></dt> - <dd>Defines the prefix for directory names in the tree of built objects. - Defaults to <span class="Pa">/usr/obj</span> if not defined. This variable - should only be set in the environment or - <span class="Pa">/etc/src-env.conf</span> and not via - <span class="Pa">/etc/make.conf</span> or - <span class="Pa">/etc/src.conf</span> or the command line. - <var class="Va">MAKEOBJDIRPREFIX</var> must specify an absolute path.</dd> - <dt id="WITHOUT_WERROR"><var class="Va">WITHOUT_WERROR</var></dt> - <dd>If defined, compiler warnings will not cause the build to halt, even if - the makefile says otherwise.</dd> - <dt id="WITH_CTF"><var class="Va">WITH_CTF</var></dt> - <dd>If defined, the build process will run the DTrace CTF conversion tools on - built objects.</dd> -</dl> -<p class="Pp">Additionally, builds in <span class="Pa">/usr/src</span> are - influenced by the following <a class="Xr">make(1)</a> variables:</p> -<dl class="Bl-tag"> - <dt id="CROSS_TOOLCHAIN"><var class="Va">CROSS_TOOLCHAIN</var></dt> - <dd>Requests use of an external toolchain to build either the world or kernel. - This value of this variable can either be the full path to a file, or the - base name of a file in - <span class="Pa">${LOCALBASE}/share/toolchains</span>. The file should be - a make file which sets variables to request an external toolchain such as - <var class="Va">XCC</var>. - <p class="Pp">External toolchains are available in ports for both LLVM and - GCC/binutils. For external toolchains available in ports, - <var class="Va">CROSS_TOOLCHAIN</var> should be set to the name of the - package. LLVM toolchain packages use the name llvm<major version>. - GCC toolchains provide separate packages for each architecture and use - the name ${MACHINE_ARCH}-gcc<major version>.</p> - </dd> - <dt id="INSTKERNNAME"><var class="Va">INSTKERNNAME</var></dt> - <dd>If set, specify an alternative name to build and install for the various - kernel make targets. Defaults to - “<code class="Li">kernel</code>”.</dd> - <dt id="KERNCONF"><var class="Va">KERNCONF</var></dt> - <dd>Specify one or more space-separated kernels to build and install for the - various kernel make targets. If multiple kernels are specified, the first - listed kernel installs to <span class="Pa">/boot/${INSTKERNNAME}</span>, - and subsequent kernels install to - <span class="Pa">/boot/${INSTKERNNAME}.NAME</span>. - <p class="Pp">If unset, it defaults to GENERIC, except on POWER - architectures, where it defaults to GENERIC64 for powerpc64, and - GENERIC64LE for powerpc64le.</p> - </dd> - <dt id="KERNBUILDDIR"><var class="Va">KERNBUILDDIR</var></dt> - <dd>Overrides the default directory to get all the opt_*.h files for building - a kernel module. Useful for stand-alone modules that depend on - <a class="Xr">config(8)</a> options. Automatically set for modules built - with a kernel.</dd> - <dt id="KERNCONFDIR"><var class="Va">KERNCONFDIR</var></dt> - <dd>Overrides the directory in which <var class="Va">KERNCONF</var> and any - files included by <var class="Va">KERNCONF</var> should be found. Defaults - to <span class="Pa">sys/${ARCH}/conf</span>.</dd> - <dt id="KERNFAST"><var class="Va">KERNFAST</var></dt> - <dd>If set, the build target <code class="Cm">buildkernel</code> defaults to - setting <var class="Va">NO_KERNELCLEAN</var>, - <var class="Va">NO_KERNELCONFIG</var>, and - <var class="Va">NO_KERNELOBJ</var>. When set to a value other than - <code class="Cm">1</code> then <var class="Va">KERNCONF</var> is set to - the value of <var class="Va">KERNFAST</var>.</dd> - <dt id="KODIR"><var class="Va">KODIR</var></dt> - <dd>If set, this variable specifies an alternative directory to install the - kernel.</dd> - <dt id="LOCAL_DIRS"><var class="Va">LOCAL_DIRS</var></dt> - <dd>If set, this variable supplies a list of additional directories relative - to the root of the source tree to build as part of the - <code class="Cm">everything</code> target. The directories are built in - parallel with each other, and with the base system directories. Insert a - <var class="Va">.WAIT</var> directive at the beginning of the - <var class="Va">LOCAL_DIRS</var> list to ensure all base system - directories are built first. <var class="Va">.WAIT</var> may also be used - as needed elsewhere within the list.</dd> - <dt id="LOCAL_ITOOLS"><var class="Va">LOCAL_ITOOLS</var></dt> - <dd>If set, this variable supplies a list of additional tools that are used by - the <code class="Cm">installworld</code> and - <code class="Cm">distributeworld</code> targets.</dd> - <dt id="LOCAL_LIB_DIRS"><var class="Va">LOCAL_LIB_DIRS</var></dt> - <dd>If set, this variable supplies a list of additional directories relative - to the root of the source tree to build as part of the - <code class="Cm">libraries</code> target. The directories are built in - parallel with each other, and with the base system libraries. Insert a - <var class="Va">.WAIT</var> directive at the beginning of the - <var class="Va">LOCAL_DIRS</var> list to ensure all base system libraries - are built first. <var class="Va">.WAIT</var> may also be used as needed - elsewhere within the list.</dd> - <dt id="LOCAL_MTREE"><var class="Va">LOCAL_MTREE</var></dt> - <dd>If set, this variable supplies a list of additional mtrees relative to the - root of the source tree to use as part of the - <code class="Cm">hierarchy</code> target.</dd> - <dt id="LOCAL_LEGACY_DIRS"><var class="Va">LOCAL_LEGACY_DIRS</var></dt> - <dd>If set, this variable supplies a list of additional directories relative - to the root of the source tree to build as part of the - <code class="Cm">legacy</code> target.</dd> - <dt id="LOCAL_BSTOOL_DIRS"><var class="Va">LOCAL_BSTOOL_DIRS</var></dt> - <dd>If set, this variable supplies a list of additional directories relative - to the root of the source tree to build as part of the - <code class="Cm">bootstrap-tools</code> target.</dd> - <dt id="LOCAL_TOOL_DIRS"><var class="Va">LOCAL_TOOL_DIRS</var></dt> - <dd>If set, this variable supplies a list of additional directories relative - to the root of the source tree to build as part of the - <code class="Cm">build-tools</code> target.</dd> - <dt id="LOCAL_XTOOL_DIRS"><var class="Va">LOCAL_XTOOL_DIRS</var></dt> - <dd>If set, this variable supplies a list of additional directories relative - to the root of the source tree to build as part of the - <code class="Cm">cross-tools</code> target.</dd> - <dt id="OBJROOT"><var class="Va">OBJROOT</var></dt> - <dd>The object directory root is defined as - <span class="Pa">${OBJDIR}/${SRCDIR}/</span>. See - <span class="Pa">share/mk/src.sys.obj.mk</span>.</dd> - <dt id="PKG_FORMAT"><var class="Va">PKG_FORMAT</var></dt> - <dd>Specify a package compression format when building - <a class="Xr">freebsd-base(7)</a> packages. Default: - ‘<code class="Li">tzst</code>’. Consider using - ‘<code class="Li">tar</code>’ to disable compression. - Accepted options are documented in the <code class="Fl">-f</code> - description of <a class="Xr">pkg-create(8)</a>.</dd> - <dt id="PORTS_MODULES"><var class="Va">PORTS_MODULES</var></dt> - <dd>A list of ports with kernel modules that should be built and installed as - part of the <code class="Cm">buildkernel</code> and - <code class="Cm">installkernel</code> process. This is currently - incompatible with building <a class="Xr">freebsd-base(7)</a> packages. - Each port must be specified as - <var class="Ar">category</var><code class="Li">/</code><var class="Ar">port</var>[<code class="Li">@</code><var class="Ar">flavor</var>], - e.g. - <div class="Bd Pp Li"> - <pre>PORTS_MODULES=graphics/gpu-firmware-intel-kmod@kabylake -PORTS_MODULES+=graphics/drm-66-kmod</pre> - </div> - </dd> - <dt id="LOCAL_MODULES"><var class="Va">LOCAL_MODULES</var></dt> - <dd>A list of external kernel modules that should be built and installed as - part of the <code class="Cm">buildkernel</code> and - <code class="Cm">installkernel</code> process. Defaults to the list of - sub-directories of <var class="Va">LOCAL_MODULES_DIR</var>.</dd> - <dt id="LOCAL_MODULES_DIR"><var class="Va">LOCAL_MODULES_DIR</var></dt> - <dd>The directory in which to search for the kernel modules specified by - <var class="Va">LOCAL_MODULES</var>. Each kernel module should consist of - a directory containing a makefile. Defaults to - <span class="Pa">${LOCALBASE}/sys/modules</span>.</dd> - <dt id="SRCCONF"><var class="Va">SRCCONF</var></dt> - <dd>Specify a file to override the default - <span class="Pa">/etc/src.conf</span>. The src.conf file controls the - components to build. See <a class="Xr">src.conf(5)</a></dd> - <dt id="REPODIR"><var class="Va">REPODIR</var></dt> - <dd>The root directory used to create the package repository for building - <a class="Xr">packages(7)</a>. Defaults to - <span class="Pa">${OBJROOT}/repo/</span>. This can also be set in - <a class="Xr">src-env.conf(5)</a>.</dd> - <dt id="STRIPBIN"><var class="Va">STRIPBIN</var></dt> - <dd>Command to use at install time when stripping binaries. Be sure to add any - additional tools required to run <var class="Va">STRIPBIN</var> to the - <var class="Va">LOCAL_ITOOLS</var> <a class="Xr">make(1)</a> variable - before running the <code class="Cm">distributeworld</code> or - <code class="Cm">installworld</code> targets. See - <a class="Xr">install(1)</a> for more details.</dd> - <dt id="SUBDIR_OVERRIDE"><var class="Va">SUBDIR_OVERRIDE</var></dt> - <dd>Override the default list of sub-directories and only build the - sub-directory named in this variable. If combined with - <code class="Cm">buildworld</code> then all libraries and includes, and - some of the build tools will still build as well. Specifying - <code class="Cm">-DNO_LIBS</code>, and <code class="Cm">-DWORLDFAST</code> - will only build the specified directory as was done historically. When - combined with <code class="Cm">buildworld</code> it is necessary to - override <var class="Va">LOCAL_LIB_DIRS</var> with any custom directories - containing libraries. This allows building a subset of the system in the - same way as <code class="Cm">buildworld</code> does using its sysroot - handling. This variable can also be useful when debugging failed builds. - <div class="Bd Pp Bd-indent Li"> - <pre>make some-target SUBDIR_OVERRIDE=foo/bar</pre> - </div> - </dd> - <dt id="SYSDIR"><var class="Va">SYSDIR</var></dt> - <dd>Specify the location of the kernel source to override the default - <span class="Pa">/usr/src/sys</span>. The kernel source is located in the - <span class="Pa">sys</span> subdirectory of the source tree checked out - from the <span class="Pa">src.git</span> repository.</dd> - <dt id="TARGET"><var class="Va">TARGET</var></dt> - <dd>The target hardware platform. This is analogous to the - “<code class="Nm">uname</code> <code class="Fl">-m</code>” - output. This is necessary to cross-build some target architectures. For - example, cross-building for ARM64 machines requires - <var class="Va">TARGET_ARCH</var>=<code class="Li">aarch64</code> and - <var class="Va">TARGET</var>=<code class="Li">arm64</code>. If not set, - <var class="Va">TARGET</var> defaults to the current hardware platform, - unless <var class="Va">TARGET_ARCH</var> is also set, in which case it - defaults to the appropriate value for that architecture.</dd> - <dt id="TARGET_ARCH"><var class="Va">TARGET_ARCH</var></dt> - <dd>The target machine processor architecture. This is analogous to the - “<code class="Nm">uname</code> <code class="Fl">-p</code>” - output. Set this to cross-build for a different architecture. If not set, - <var class="Va">TARGET_ARCH</var> defaults to the current machine - architecture, unless <var class="Va">TARGET</var> is also set, in which - case it defaults to the appropriate value for that platform. Typically, - one only needs to set <var class="Va">TARGET</var>.</dd> -</dl> -<p class="Pp">Builds under directory <span class="Pa">/usr/src</span> are also - influenced by defining one or more of the following symbols, using the - <code class="Fl">-D</code> option of <a class="Xr">make(1)</a>:</p> -<dl class="Bl-tag"> - <dt id="LOADER_DEFAULT_INTERP"><var class="Va">LOADER_DEFAULT_INTERP</var></dt> - <dd>Defines what interpreter the default loader program will have. Valid - values include “4th”, “lua”, and - “simp”. This creates the default link for - <span class="Pa">/boot/loader</span> to the loader with that interpreter. - It also determines what interpreter is compiled into - <span class="Pa">userboot</span>.</dd> - <dt id="NO_CLEANDIR"><var class="Va">NO_CLEANDIR</var></dt> - <dd>If set, the build targets that clean parts of the object tree use the - equivalent of “make clean” instead of “make - cleandir”.</dd> - <dt id="NO_CLEAN"><var class="Va">NO_CLEAN</var></dt> - <dd>If set, no object tree files are cleaned at all. This is the default when - <var class="Va">WITH_META_MODE</var> is used with - <a class="Xr">filemon(4)</a> loaded. See <a class="Xr">src.conf(5)</a> for - more details. Setting <var class="Va">NO_CLEAN</var> implies - <var class="Va">NO_KERNELCLEAN</var>, so when - <var class="Va">NO_CLEAN</var> is set no kernel objects are cleaned - either.</dd> - <dt id="NO_CTF"><var class="Va">NO_CTF</var></dt> - <dd>If set, the build process does not run the DTrace CTF conversion tools on - built objects.</dd> - <dt id="NO_SHARE"><var class="Va">NO_SHARE</var></dt> - <dd>If set, the build does not descend into the - <span class="Pa">/usr/src/share</span> subdirectory (i.e., manual pages, - locale data files, timezone data files and other - <span class="Pa">/usr/src/share</span> files will not be rebuild from - their sources).</dd> - <dt id="NO_KERNELCLEAN"><var class="Va">NO_KERNELCLEAN</var></dt> - <dd>If set, the build process does not run “make clean” as part - of the <code class="Cm">buildkernel</code> target.</dd> - <dt id="NO_KERNELCONFIG"><var class="Va">NO_KERNELCONFIG</var></dt> - <dd>If set, the build process does not run <a class="Xr">config(8)</a> as part - of the <code class="Cm">buildkernel</code> target.</dd> - <dt id="NO_KERNELOBJ"><var class="Va">NO_KERNELOBJ</var></dt> - <dd>If set, the build process does not run “make obj” as part of - the <code class="Cm">buildkernel</code> target.</dd> - <dt id="NO_LIBS"><var class="Va">NO_LIBS</var></dt> - <dd>If set, the libraries phase will be skipped.</dd> - <dt id="NO_OBJWALK"><var class="Va">NO_OBJWALK</var></dt> - <dd>If set, no object directories will be created. This should only be used if - object directories were created in a previous build and no new directories - are connected.</dd> - <dt id="UNIVERSE_TOOLCHAIN"><var class="Va">UNIVERSE_TOOLCHAIN</var></dt> - <dd>Requests use of the toolchain built as part of the - <code class="Cm">universe</code> target as an external toolchain.</dd> - <dt id="WORLDFAST"><var class="Va">WORLDFAST</var></dt> - <dd>If set, the build target <code class="Cm">buildworld</code> defaults to - setting <var class="Va">NO_CLEAN</var>, <var class="Va">NO_OBJWALK</var>, - and will skip most bootstrap phases. It will only bootstrap libraries and - build all of userland. This option should be used only when it is known - that none of the bootstrap needs changed and that no new directories have - been connected to the build.</dd> -</dl> -<p class="Pp">Builds under directory <span class="Pa">/usr/doc</span> are - influenced by the following <a class="Xr">make(1)</a> variables:</p> -<dl class="Bl-tag"> - <dt id="DOC_LANG"><var class="Va">DOC_LANG</var></dt> - <dd>If set, restricts the documentation build to the language subdirectories - specified as its content. The default action is to build documentation for - all languages.</dd> -</dl> -<p class="Pp">Builds using the <code class="Cm">universe</code> and related - targets are influenced by the following <a class="Xr">make(1)</a> - variables:</p> -<dl class="Bl-tag"> - <dt id="JFLAG"><var class="Va">JFLAG</var></dt> - <dd>Pass the value of this variable to each <a class="Xr">make(1)</a> - invocation used to build worlds and kernels. This can be used to enable - multiple jobs within a single architecture's build while still building - each architecture serially.</dd> - <dt id="MAKE_JUST_KERNELS"><var class="Va">MAKE_JUST_KERNELS</var></dt> - <dd>Only build kernels for each supported architecture.</dd> - <dt id="MAKE_JUST_WORLDS"><var class="Va">MAKE_JUST_WORLDS</var></dt> - <dd>Only build worlds for each supported architecture.</dd> - <dt id="WITHOUT_WORLDS"><var class="Va">WITHOUT_WORLDS</var></dt> - <dd>Only build kernels for each supported architecture.</dd> - <dt id="WITHOUT_KERNELS"><var class="Va">WITHOUT_KERNELS</var></dt> - <dd>Only build worlds for each supported architecture.</dd> - <dt id="UNIVERSE_TARGET"><var class="Va">UNIVERSE_TARGET</var></dt> - <dd>Execute the specified <a class="Xr">make(1)</a> target for each supported - architecture instead of the default action of building a world and one or - more kernels. This variable implies - <var class="Va">WITHOUT_KERNELS</var>.</dd> - <dt id="USE_GCC_TOOLCHAINS"><var class="Va">USE_GCC_TOOLCHAINS</var></dt> - <dd>Use external GCC toolchains to build the requested targets. If the - required toolchain package for a supported architecture is not installed, - the build for that architecture is skipped. - <p class="Pp">A specific version of GCC can be used by setting the value of - this variable to the desired version (for example, - “gcc14”); otherwise a default version of GCC is used.</p> - </dd> - <dt id="TARGETS"><var class="Va">TARGETS</var></dt> - <dd>Only build the listed targets instead of each supported architecture.</dd> - <dt id="EXTRA_TARGETS"><var class="Va">EXTRA_TARGETS</var></dt> - <dd>In addition to the supported architectures, build the semi-supported - architectures. A semi-supported architecture has build support in the - <span class="Ux">FreeBSD</span> tree, but receives significantly less - testing and is generally for fringe uses that do not have a wide - appeal.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/usr/doc/Makefile</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/doc/share/mk/doc.project.mk</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/ports/Mk/bsd.port.mk</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/ports/Mk/bsd.sites.mk</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/Makefile</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/Makefile.inc1</span></dt> - <dd><a class="Xr">make(1)</a> infrastructure for each tree</dd> - <dt><span class="Pa">/usr/ports/UPDATING</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/UPDATING</span></dt> - <dd>notable changes in each tree</dd> - <dt><span class="Pa">/usr/share/examples/etc/make.conf</span></dt> - <dd>example <a class="Xr">make.conf(5)</a></dd> - <dt><span class="Pa">/etc/src.conf</span></dt> - <dd>src build configuration, see <a class="Xr">src.conf(5)</a></dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<p class="Pp">This section describes best practices for common situations. When - manual intervention is necessary, it will be mentioned in - <span class="Pa">UPDATING</span>. Make sure you have full backups before - proceeding!</p> -<section class="Ss"> -<h2 class="Ss" id="Example_1:_Build_and_upgrade_system_in_place"><a class="permalink" href="#Example_1:_Build_and_upgrade_system_in_place">Example - 1: Build and upgrade system in place</a></h2> -<p class="Pp">If using installed drivers such as graphics or virtual machine - guest drivers, check out the <a class="Xr">ports(7)</a> tree, and specify - the drivers in <a class="Xr">src.conf(5)</a> so they are built and installed - automatically after the kernel:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>git clone https://git.FreeBSD.org/ports.git /usr/ports -cat << EOF >> /etc/src.conf -PORTS_MODULES+=graphics/drm-kmod emulators/virtualbox-ose-kmod -EOF</pre> -</div> -<p class="Pp">Check out the CURRENT branch, build it, and install, overwriting - the current system:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>git clone https://git.FreeBSD.org/src.git /usr/src -cd /usr/src -make buildworld buildkernel -make installkernel -shutdown -r now</pre> -</div> -<p class="Pp">For major version upgrades, boot into single-user mode. After - restarting, install userspace, and merge configurations. After verifying - that you do not need them, delete old files:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src -etcupdate -p -make installworld -etcupdate -B -make delete-old -shutdown -r now</pre> -</div> -<p class="Pp">After testing the new system and verifying that your applications - do not depend on them, delete the old libraries:</p> -<p class="Pp"></p> -<div class="Bd Bd-indent"><code class="Li">make delete-old-libs</code></div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Example_2:_Build_and_upgrade_a_custom_kernel"><a class="permalink" href="#Example_2:_Build_and_upgrade_a_custom_kernel">Example - 2: Build and upgrade a custom kernel</a></h2> -<p class="Pp">Create a custom kernel configuration, - <var class="Va">MYKERNEL</var>, by including an existing configuration and - using <code class="Cm">device</code>/<code class="Cm">nodevice</code> and - <code class="Cm">options</code>/<code class="Cm">nooption</code> to select - and configure components:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src -cat << EOF > sys/amd64/conf/MYKERNEL -include GENERIC -ident MYKERNEL -nodevice sound -EOF</pre> -</div> -<p class="Pp">After creating the new kernel configuration, build a fresh - toolchain, build the kernel, and install it directly, moving the old kernel - to <span class="Pa">/boot/kernel.old/</span>:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>make kernel-toolchain -make -DALWAYS_CHECK_MAKE buildkernel KERNCONF=MYKERNEL -make -DALWAYS_CHECK_MAKE installkernel KERNCONF=MYKERNEL -shutdown -r now</pre> -</div> -<p class="Pp">To package the kernel into a <a class="Xr">freebsd-base(7)</a> - package instead of installing it directly, use - <code class="Cm">update-packages</code> instead of - <code class="Cm">installkernel</code>:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>make buildworld buildkernel KERNCONF=MYKERNEL -make update-packages KERNCONF=MYKERNEL</pre> -</div> -<p class="Pp">To install the kernel directly to an alternate location, use the - <var class="Va">INSTKERNNAME</var> variable and boot it once to test via - <a class="Xr">nextboot(8)</a>:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>make installkernel KERNCONF=MYKERNEL INSTKERNNAME=testkernel -nextboot -k testkernel -shutdown -r now</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Example_3:_Build_and_upgrade_a_single_piece_of_userspace"><a class="permalink" href="#Example_3:_Build_and_upgrade_a_single_piece_of_userspace">Example - 3: Build and upgrade a single piece of userspace</a></h2> -<p class="Pp">Rebuild and reinstall a single piece of userspace, in this case - <a class="Xr">ls(1)</a>:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src/bin/ls -make clean all -make install</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Example_4:_Build_and_upgrade_a_loadable_kernel_module"><a class="permalink" href="#Example_4:_Build_and_upgrade_a_loadable_kernel_module">Example - 4: Build and upgrade a loadable kernel module</a></h2> -<p class="Pp">Rebuild and reinstall a single loadable kernel module, in this - case <a class="Xr">sound(4)</a>:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src/sys/modules/sound -make all install clean cleandepend KMODDIR=/boot/kernel</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Example_5:_Quickly_rebuild_a_kernel_in_place"><a class="permalink" href="#Example_5:_Quickly_rebuild_a_kernel_in_place">Example - 5: Quickly rebuild a kernel in place</a></h2> -<p class="Pp">Quickly rebuild and reinstall the kernel, only recompiling the - files changed since last build; note that this will only work if the full - kernel build has been completed in the past, not on a fresh source tree:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src -make kernel KERNFAST=1</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Example_6:_Cross-compiling_for_different_architectures"><a class="permalink" href="#Example_6:_Cross-compiling_for_different_architectures">Example - 6: Cross-compiling for different architectures</a></h2> -<p class="Pp">To rebuild parts of <span class="Ux">FreeBSD</span> for another - CPU architecture, first prepare your source tree by building the - cross-toolchain:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd src -make toolchain TARGET_ARCH=aarch64</pre> -</div> -<p class="Pp">The following sequence of commands can be used to cross-build the - system for the arm64 (aarch64) architecture on a different host - architecture, such as amd64:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src -make TARGET_ARCH=aarch64 buildworld buildkernel -make TARGET_ARCH=aarch64 DESTDIR=/client installworld installkernel</pre> -</div> -<p class="Pp">Afterwards, to build and install a single piece of userspace, - use:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd src/bin/ls -make buildenv TARGET_ARCH=aarch64 -make clean all install DESTDIR=/client</pre> -</div> -<p class="Pp">Likewise, to quickly rebuild and reinstall the kernel, use:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd src -make buildenv TARGET_ARCH=aarch64 -make kernel KERNFAST=1 DESTDIR=/client</pre> -</div> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="DIAGNOSTICS"><a class="permalink" href="#DIAGNOSTICS">DIAGNOSTICS</a></h1> -<dl class="Bl-diag"> - <dt>Bad system call (core dumped)</dt> - <dd></dd> - <dt>rescue/sh check failed, installation aborted</dt> - <dd> - <p class="Pp">The kernel was not updated due to incorrect build procedure. - Study the examples above.</p> - </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">cc(1)</a>, <a class="Xr">install(1)</a>, - <a class="Xr">make(1)</a>, <a class="Xr">make.conf(5)</a>, - <a class="Xr">src.conf(5)</a>, <a class="Xr">arch(7)</a>, - <a class="Xr">development(7)</a>, <a class="Xr">freebsd-base(7)</a>, - <a class="Xr">pkg(7)</a>, <a class="Xr">ports(7)</a>, - <a class="Xr">release(7)</a>, <a class="Xr">tests(7)</a>, - <a class="Xr">config(8)</a>, <a class="Xr">etcupdate(8)</a>, - <a class="Xr">nextboot(8)</a>, <a class="Xr">shutdown(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">build</code> manpage first appeared in - <span class="Ux">FreeBSD 4.3</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp"><span class="An">Mike W. Meyer</span> - <<a class="Mt" href="mailto:mwm@mired.org">mwm@mired.org</a>></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="CAVEATS"><a class="permalink" href="#CAVEATS">CAVEATS</a></h1> -<p class="Pp">Old objects can cause obscure build problems; try - ‘<code class="Li">make cleandir cleandir</code>’.</p> -<p class="Pp">Environment poisoning can cause obscure build problems; try - prefixing <a class="Xr">make(1)</a> commands with - ‘<code class="Li">env -i</code>’</p> -<p class="Pp">When doing a major release upgrade, booting into single user mode - for <code class="Cm">installworld</code> is required.</p> -<p class="Pp">Updating the boot <a class="Xr">loader(8)</a> is architecture - specific. Consult <a class="Xr">boot(8)</a> for your architecture for more - details.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">April 22, 2026</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/c.7 3.html b/static/freebsd/man7/c.7 3.html deleted file mode 100644 index 98bbcb70..00000000 --- a/static/freebsd/man7/c.7 3.html +++ /dev/null @@ -1,363 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">C(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">C(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">c</code>, <code class="Nm">c78</code>, - <code class="Nm">c89</code>, <code class="Nm">c90</code>, - <code class="Nm">c95</code>, <code class="Nm">c99</code>, - <code class="Nm">c11</code>, <code class="Nm">c17</code>, - <code class="Nm">c23</code>, <code class="Nm">c2y</code> — - <span class="Nd">The C programming language</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">C is a general purpose programming language, which has a strong - connection with the UNIX operating system and its derivatives, since the - vast majority of those systems were written in the C language. The C - language contains some basic ideas from the BCPL language through the B - language written by Ken Thompson in 1970 for the DEC PDP-7 machines. The - development of the UNIX operating system was started on a PDP-7 machine in - assembly language, but it made very difficult to port the existing code to - other systems.</p> -<p class="Pp">In 1972 Dennis M. Ritchie worked out the C programming language - for further development of the UNIX operating system. The idea was to - implement only the C compiler for different platforms, and implement most - part of the operating system in the new programming language to simplify the - portability between different architectures. It follows that C is very - eligible for (but not limited to) writing operating systems and low-level - applications.</p> -<p class="Pp">The C language did not have a specification or standardized - version for a long time. It went through a lot of changes and improvements - for ages. In 1978, Brian W. Kernighan and Dennis M. Ritchie published the - first book about C under the title "The C Programming Language". - We can think of this book as the first specification of the language. This - version is often referred as K&R C after the names of the authors. - Sometimes it is referred as C78, as well, after the publishing year of the - first edition of the book.</p> -<p class="Pp">It is important to notice, that the instruction set of the - language is limited to the most fundamental elements for simplicity. - Handling of the standard I/O and such common functions are implemented in - the libraries shipped with the compiler. As these functions are also widely - used, it was demanded to include into the description what requisites the - library should conform to, not just strictly the language itself. - Accordingly, the aforementioned standards cover the library elements, as - well. The elements of this standard library is still not enough for more - complicated tasks. In this case the provided system calls of the given - operating system can be used. To not lose the portability by using these - system calls, the POSIX (Portable Operating System Interface) standard - evolved. It describes what functions should be available to keep - portability. Note, that POSIX is not a C standard, but an operating system - standard and thus is beyond the scope of this manual. The standards - discussed below are all C standards and only cover the C programming - language and the accompanying library. All listed improvements for each - standard edition are taken from the official standard drafts. For further - details, check the publicly available drafts or purchase the published - standards — from either ISO or IEC resources.</p> -<p class="Pp">After the publication of the book mentioned before, the American - National Standards Institute (ANSI) started to work on standardizing the - language, and they announced ANSI X3.159-1989 in 1989. It is usually - referred to as ANSI C or C89. The main difference in this standard were the - function prototypes, which is a new way of declaring functions. With the - old-style function declarations, the compiler was unable to check the sanity - of the actual parameters at a function call. The old syntax was highly - error-prone because incompatible parameters were hard to detect in the - program code and the problem only showed up at run-time.</p> -<p class="Pp">In 1990, the International Organization for Standardization (ISO) - adopted the ANSI standard as ISO/IEC 9899:1990 in 1990. This is also - referred to as ISO C or C90. It only contains negligible minor modifications - against ANSI C, so the two standards often considered to be fully - equivalent. This was a very important milestone in the history of the C - language, but the development of the language did not stop.</p> -<p class="Pp">The ISO C standard was later extended with an amendment as ISO/IEC - 9899/AMD1 in 1995. This contained, for example, the wide-character support - in <code class="In"><<a class="In">wchar.h</a>></code> and - <code class="In"><<a class="In">wctype.h</a>></code>, and also - restricted character set support via diagraphs and - <code class="In"><<a class="In">iso646.h</a>></code>. This amendment - is usually referred to as C95. Two technical corrigenda were also published: - Technical Corrigendum 1 as ISO/IEC 9899/COR1 in 1994 and Technical - Corrigendum 2 as ISO/IEC 9899/COR2 in 1996. The continuous development and - growth made it necessary to work out a new standard, which contains the new - features and fixes the known defects and deficiencies of the language. As a - result, ISO/IEC 9899:1999 was born in 1999 as the second edition of the - standard. Similarly to the other standards, this is informally named after - the publication year as C99. The improvements include (but are not limited - to) the following:</p> -<ul class="Bl-bullet Bd-indent"> - <li>digraphs, trigraphs, and alternative spellings for the operators that use - non-ISO646 characters in - <code class="In"><<a class="In">iso646.h</a>></code></li> - <li>extended multibyte and wide character library support in - <code class="In"><<a class="In">wchar.h</a>></code> and - <code class="In"><<a class="In">wctype.h</a>></code></li> - <li>variable length arrays</li> - <li>flexible array members</li> - <li>complex (and imaginary) number arithmetic support in - <code class="In"><<a class="In">complex.h</a>></code></li> - <li>type-generic math macros in - <code class="In"><<a class="In">tgmath.h</a>></code></li> - <li>the long long int type and library functions</li> - <li>remove implicit int type</li> - <li>universal character names (\u and \U)</li> - <li>compound literals</li> - <li>remove implicit function declaration</li> - <li>BCPL style single-line comments</li> - <li>allow mixed declarations and code</li> - <li id="vscanf">the - <a class="permalink" href="#vscanf"><code class="Fn">vscanf</code></a>() - family of functions in - <code class="In"><<a class="In">stdio.h</a>></code> and - <code class="In"><<a class="In">wchar.h</a>></code></li> - <li>allow trailing comma in enum declaration</li> - <li>inline functions</li> - <li id="snprintf">the - <a class="permalink" href="#snprintf"><code class="Fn">snprintf</code></a>() - family of functions in - <code class="In"><<a class="In">stdio.h</a>></code></li> - <li>boolean type and macros in - <code class="In"><<a class="In">stdbool.h</a>></code></li> - <li>empty macro arguments</li> - <li>_Pragma preprocessing operator</li> - <li>__func__ predefined identifier</li> - <li>va_copy macro in - <code class="In"><<a class="In">stdarg.h</a>></code></li> - <li>additional strftime conversion specifiers</li> -</ul> -<p class="Pp">Later in 2011, the third edition of the standard, ISO/IEC - 1989:2011, commonly referred to as C11 (formerly C1x), came out and replaced - the second edition by ISO/IEC 9899:1999/COR1:2001, ISO/IEC - 9899:1999/COR2:2004, and ISO/IEC 9899:1999/COR3:2007. The improvements - include (but are not limited to) the following:</p> -<ul class="Bl-bullet Bd-indent"> - <li>support for multiple threads of execution and atomic operations in - <code class="In"><<a class="In">threads.h</a>></code> and - <code class="In"><<a class="In">stdatomic.h</a>></code></li> - <li>additional floating-point characteristic macros in - <code class="In"><<a class="In">float.h</a>></code></li> - <li>querying and specifying alignment of objects in - <code class="In"><<a class="In">stdalign.h</a>></code> and - <code class="In"><<a class="In">stdlib.h</a>></code></li> - <li>Unicode character types and functions in - <code class="In"><<a class="In">uchar.h</a>></code></li> - <li>type-generic expressions</li> - <li>static assertions in - <code class="In"><<a class="In">assert.h</a>></code></li> - <li>anonymous structures and unions</li> - <li>remove the gets function from - <code class="In"><<a class="In">stdio.h</a>></code></li> - <li>add the aligned_alloc, at_quick_exit, and quick_exit functions in - <code class="In"><<a class="In">stdlib.h</a>></code></li> -</ul> -<p class="Pp">C11 was later superseded by ISO/IEC 9899:2018, also known as C17 - which was prepared in 2017 and published in June 2018 as the fourth edition. - It incorporates the Technical Corrigendum 1 (ISO/IEC 9899:2011/COR1:2012) - which was published in 2012. It addressed defects and deficiencies in C11 - without introducing new features, only corrections and clarifications.</p> -<p class="Pp">C23, formally ISO/IEC 9899:2024, is the current standard with - significant updates that supersede C17 (ISO/IEC 9899:2018). The - standardization effort began in 2016, informally as C2x, with the first WG14 - meeting in 2019, and was officially published on October 31, 2024. C23 was - originally anticipated for an earlier release, but the timeline was extended - due to COVID-19 pandemic. With C23, the value of __STDC_VERSION__ has been - updated from 201710L to 202311L. Key changes include (but are not limited - to) the following:</p> -<ul class="Bl-bullet Bd-indent"> - <li>Add null pointer type nullptr_t and the nullptr keyword</li> - <li>Add constexpr keyword as a storage-class specifier for objects</li> - <li>Redefine the usage of the auto keyword to support type inference while - also retaining its previous functionality as a storage-class specifier - when used with a type</li> - <li id="printf">Add %b binary conversion specifier to the - <a class="permalink" href="#printf"><code class="Fn">printf</code></a>() - and - <a class="permalink" href="#scanf"><code class="Fn" id="scanf">scanf</code></a>() - function families</li> - <li id="strtol">Add binary conversion support (0b and 0B) to the - <a class="permalink" href="#strtol"><code class="Fn">strtol</code></a>() - and - <a class="permalink" href="#wcstol"><code class="Fn" id="wcstol">wcstol</code></a>() - function families</li> - <li>Add the #embed directive for binary resource inclusion and __has_embed to - check resource availability with preprocessor directives</li> - <li>Add the #warning directive for diagnostics</li> - <li>Add the #elifdef and #elifndef directives</li> - <li>Add the u8 prefix for character literals to represent UTF-8 encoding, - compatible with C++17</li> - <li>Add the char8_t type for UTF-8 encoded data and update the types of u8 - character constants and string literals to char8_t</li> - <li id="mbrtoc8">Add functions - <a class="permalink" href="#mbrtoc8"><code class="Fn">mbrtoc8</code></a>() - and - <a class="permalink" href="#c8rtomb"><code class="Fn" id="c8rtomb">c8rtomb</code></a>() - to convert between narrow multibyte characters and UTF-8 encoding</li> - <li>Define all char16_t strings and literals as UTF-16 encoded and char32_t - strings and literals as UTF-32 encoded unless specified otherwise</li> - <li>Allow storage-class specifiers within compound literals</li> - <li>Support the latest IEEE 754 standard, ISO/IEC 60559:2020, with binary and - (optional) decimal floating-point arithmetic</li> - <li>Add single-argument _Static_assert for compatibility with C++17</li> - <li>Add _Decimal32, _Decimal64, _Decimal128 keywords for (optional) decimal - floating-point arithmetic</li> - <li>Add digit separator ' (the single quote character) for literals</li> - <li>Enable specification of the underlying type of an enum</li> - <li id="typeof">Standardize the - <a class="permalink" href="#typeof"><code class="Fn">typeof</code></a>() - operator</li> - <li id="memset_explicit">Add - <a class="permalink" href="#memset_explicit"><code class="Fn">memset_explicit</code></a>() - in <code class="In"><<a class="In">string.h</a>></code> to securely - erase sensitive data regardless of optimizations</li> - <li id="memccpy">Add - <a class="permalink" href="#memccpy"><code class="Fn">memccpy</code></a>() - in <code class="In"><<a class="In">string.h</a>></code> for - efficient string concatenation</li> - <li id="memalignment">Add - <a class="permalink" href="#memalignment"><code class="Fn">memalignment</code></a>() - in <code class="In"><<a class="In">stdlib.h</a>></code> to determine - pointer alignment</li> - <li id="strdup">Add - <a class="permalink" href="#strdup"><code class="Fn">strdup</code></a>() - and - <a class="permalink" href="#strndup"><code class="Fn" id="strndup">strndup</code></a>() - in <code class="In"><<a class="In">string.h</a>></code> to allocate - string copies</li> - <li>Introduce bit utility functions, macros, and types in the new header - <code class="In"><<a class="In">stdbit.h</a>></code></li> - <li id="timegm">Add - <a class="permalink" href="#timegm"><code class="Fn">timegm</code></a>() - in <code class="In"><<a class="In">time.h</a>></code> for converting - time structures to calendar time values</li> - <li>Add __has_include for header availability checking via preprocessor - directives</li> - <li>Add __has_c_attribute to check attribute availability via preprocessor - directives</li> - <li>Add _BitInt(N) and unsigned _BitInt(N) for bit-precise integers, and - BITINT_MAXWIDTH for maximum bit width</li> - <li>Elevate true and false to proper keywords (previously macros from - <code class="In"><<a class="In">stdbool.h</a>></code>)</li> - <li>Add keywords alignas, alignof, bool, static_assert, thread_local; - previously defined keywords remain available as alternative spellings</li> - <li>Enable zero initialization with {} (including initialization of VLAs)</li> - <li>Introduce C++11 style attributes using [[]], with adding [[deprecated]], - [[fallthrough]], [[maybe_unused]], [[nodiscard]], and [[noreturn]]</li> - <li>Deprecate _Noreturn, noreturn, header - <code class="In"><<a class="In">stdnoreturn.h</a>></code> features - introduced in C11</li> - <li>Remove trigraph support</li> - <li>Remove K&R function definitions and declarations</li> - <li>Remove non-two's-complement representations for signed integers</li> -</ul> -<p class="Pp">The next version of the C Standard, informally named C2y, is - anticipated to release within the next six years, targeting 2030 at the - latest. A charter for C2y is still being drafted and discussed, with several - papers under debate from the January 2024 meeting in Strasbourg, France - indicating that this new version may address long-standing requests and - deficiencies noted by the C community, while preserving its core - strengths.</p> -<p class="Pp">ISO/IEC JTC1/SC22/WG14 committee is responsible for the ISO/IEC - 9899, C Standard.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">c89(1)</a>, <a class="Xr">c99(1)</a>, - <a class="Xr">cc(1)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STANDARDS"><a class="permalink" href="#STANDARDS">STANDARDS</a></h1> -<p class="Pp"><cite class="Rs"><span class="RsA">ANSI</span>, - <span class="RsT">X3.159-1989 (aka C89 or ANSI C)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1990 (aka C90)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1990/AMD 1:1995, Amendment 1: C Integrity (aka - C95)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1990/COR 1:1994, Technical Corrigendum - 1</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1990/COR 2:1996, Technical Corrigendum - 2</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1999 (aka C99)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1999/COR 1:2001, Technical Corrigendum - 1</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1999/COR 2:2004, Technical Corrigendum - 2</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:1999/COR 3:2007, Technical Corrigendum - 3</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TR 24731-1:2007 (aka bounds-checking - interfaces)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 18037:2008 (aka, embedded C)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TR 24747:2009 (aka mathematical special - functions)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TR 24732:2009 (aka decimal - floating-point)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TR 24731-2:2010 (aka dynamic allocation - functions)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:2011 (aka C11)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:2011/COR 1:2012, Technical Corrigendum - 1</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 17961:2013 (aka C secure coding - rules)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 18861-1:2014 (aka binary - floating-point)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 18861-2:2015 (aka decimal - floating-point)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 18861-3:2015 (aka interchange and extended - types)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 18861-4:2015 (aka supplementary - functions)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 17961:2013/COR 1:2016 (aka C secure coding rules - TC1)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">TS 18861-5:2016 (aka supplementary - attributes)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:2018 (aka C17)</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">ISO/IEC</span>, - <span class="RsT">9899:2024 (aka C23)</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">This manual page first appeared in <span class="Ux">FreeBSD - 9.0</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This manual page was originally written by <span class="An">Gabor - Kovesdan</span> - <<a class="Mt" href="mailto:gabor@FreeBSD.org">gabor@FreeBSD.org</a>>. - It was updated by <span class="An">Faraz Vahedi</span> - <<a class="Mt" href="mailto:kfv@kfv.io">kfv@kfv.io</a>> with - information about more recent C standards.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">November 4, 2024</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/clocks.7 3.html b/static/freebsd/man7/clocks.7 3.html deleted file mode 100644 index a984c8b9..00000000 --- a/static/freebsd/man7/clocks.7 3.html +++ /dev/null @@ -1,105 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">CLOCKS(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">CLOCKS(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">clocks</code> — <span class="Nd">various - system timers</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><code class="In">#include - <<a class="In">time.h</a>></code></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp"><code class="Dv">HZ</code> is not part of the application - interface in <span class="Ux">BSD</span>.</p> -<p class="Pp">There are many different real and virtual (timekeeping) clocks - with different frequencies:</p> -<ul class="Bl-bullet"> - <li>The scheduling clock. This is a real clock with frequency that happens to - be 100. It is not available to applications.</li> - <li>The statistics clock. This is a real clock with frequency that happens to - be 128. It is not directly available to applications.</li> - <li>The clock reported by <a class="Xr">clock(3)</a>. This is a virtual clock - with a frequency that happens to be 128. Its actual frequency is given by - the macro <code class="Dv">CLOCKS_PER_SEC</code>. Note that - <code class="Dv">CLOCKS_PER_SEC</code> may be floating point. Do not use - <a class="Xr">clock(3)</a> in new programs under - <span class="Ux">FreeBSD</span>. It is feeble compared with - <a class="Xr">getrusage(2)</a>. It is provided for ANSI conformance. It is - implemented by calling <a class="Xr">getrusage(2)</a> and throwing away - information and resolution.</li> - <li id="sysconf">The clock reported by <a class="Xr">times(3)</a>. This is a - virtual clock with a frequency that happens to be 128. Its actual - frequency is given by the macro <code class="Dv">CLK_TCK</code> - (deprecated; do not use) and by - <a class="permalink" href="#sysconf"><code class="Fn">sysconf</code></a>(<var class="Fa">_SC_CLK_TCK</var>) - and by <a class="Xr">sysctl(3)</a>. Note that its frequency may be - different from <code class="Dv">CLOCKS_PER_SEC</code>. Do not use - <a class="Xr">times(3)</a> in new programs under - <span class="Ux">FreeBSD</span>. It is feeble compared with - <a class="Xr">gettimeofday(2)</a> together with - <a class="Xr">getrusage(2)</a>. It is provided for POSIX conformance. It - is implemented by calling <a class="Xr">gettimeofday(2)</a> and - <a class="Xr">getrusage(2)</a> and throwing away information and - resolution.</li> - <li>The profiling clock. This is a real clock with frequency 1024. It is used - mainly by <a class="Xr">moncontrol(3)</a> and <a class="Xr">gprof(1)</a>. - Applications should determine its actual frequency using - <a class="Xr">sysctl(3)</a> or by reading it from the header in the - profiling data file.</li> - <li>The mc146818a clock. This is a real clock with a nominal frequency of - 32768. It is divided down to give the statistic clock and the profiling - clock. It is not available to applications.</li> - <li>The microseconds clock. This is a virtual clock with frequency 1000000. It - is used for most timekeeping in <span class="Ux">BSD</span> and is - exported to applications in <a class="Xr">getrusage(2)</a>, - <a class="Xr">gettimeofday(2)</a>, <a class="Xr">select(2)</a>, - <a class="Xr">getitimer(2)</a>, etc. This is the clock that should - normally be used by <span class="Ux">BSD</span> applications.</li> - <li>The i8254 clock. This is a real clock/timer with a nominal frequency of - 1193182. It has three independent time counters to be used. It is divided - down to give the scheduling clock. It is not available to - applications.</li> - <li>The TSC clock (64-bit register) on fifth-generation or later x86 systems. - This is a real clock with a frequency that is equivalent to the number of - cycles per second of the CPU(s). Its frequency can be found using the - <var class="Va">machdep.tsc_freq</var> sysctl, if it is available. It is - used to interpolate between values of the scheduling clock.</li> - <li>The ACPI clock. This is a real clock/timer with a nominal frequency of - 3579545. It is accessed via a 24 or 32 bit register. Unlike the TSC clock, - it maintains a constant tick rate even when the CPU sleeps or its clock - rate changes. It is not available to applications.</li> -</ul> -<p class="Pp">Summary: if <code class="Dv">HZ</code> is not 1000000 then the - application is probably using the wrong clock.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">gprof(1)</a>, <a class="Xr">clock_gettime(2)</a>, - <a class="Xr">getitimer(2)</a>, <a class="Xr">getrusage(2)</a>, - <a class="Xr">gettimeofday(2)</a>, <a class="Xr">select(2)</a>, - <a class="Xr">clock(3)</a>, <a class="Xr">moncontrol(3)</a>, - <a class="Xr">times(3)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This manual page was written by <span class="An">Jörg - Wunsch</span> after a description posted by <span class="An">Bruce - Evans</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">January 18, 2008</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/crypto.7 3.html b/static/freebsd/man7/crypto.7 3.html deleted file mode 100644 index 5b52df72..00000000 --- a/static/freebsd/man7/crypto.7 3.html +++ /dev/null @@ -1,327 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">CRYPTO(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">CRYPTO(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">crypto</code> — - <span class="Nd">OpenCrypto algorithms</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The in-kernel OpenCrypto framework supports several different - encryption and authentication algorithms. This document describes the - parameters and requirements of these algorithms. Unless otherwise noted, all - sizes listed below are in bytes.</p> -<section class="Ss"> -<h2 class="Ss" id="Authenticators"><a class="permalink" href="#Authenticators">Authenticators</a></h2> -<p class="Pp">Authenticators compute a value (also known as a digest, hash, or - tag) over an input of bytes. In-kernel requests can either compute the value - for a given input, or verify if a given tag matches the computed tag for a - given input. The following authentication algorithms are supported:</p> -<table class="Bl-column"> - <tr id="Name"> - <td><a class="permalink" href="#Name"><b class="Sy">Name</b></a></td> - <td><a class="permalink" href="#Nonce"><b class="Sy" id="Nonce">Nonce</b></a></td> - <td><a class="permalink" href="#Key"><b class="Sy" id="Key">Key - Sizes</b></a></td> - <td><a class="permalink" href="#Digest"><b class="Sy" id="Digest">Digest</b></a></td> - <td><a class="permalink" href="#Description"><b class="Sy" id="Description">Description</b></a></td> - </tr> - <tr id="CRYPTO_AES_CCM_CBC_MAC"> - <td><a class="permalink" href="#CRYPTO_AES_CCM_CBC_MAC"><code class="Dv">CRYPTO_AES_CCM_CBC_MAC</code></a></td> - <td>12</td> - <td>16, 24, 32</td> - <td>16</td> - <td>Authentication-only mode of AES-CCM</td> - </tr> - <tr id="CRYPTO_AES_NIST_GMAC"> - <td><a class="permalink" href="#CRYPTO_AES_NIST_GMAC"><code class="Dv">CRYPTO_AES_NIST_GMAC</code></a></td> - <td>12</td> - <td>16, 24, 32</td> - <td>16</td> - <td>Galois message authentication code</td> - </tr> - <tr id="CRYPTO_BLAKE2B"> - <td><a class="permalink" href="#CRYPTO_BLAKE2B"><code class="Dv">CRYPTO_BLAKE2B</code></a></td> - <td></td> - <td>0, 64</td> - <td>64</td> - <td>Blake2b</td> - </tr> - <tr id="CRYPTO_BLAKE2S"> - <td><a class="permalink" href="#CRYPTO_BLAKE2S"><code class="Dv">CRYPTO_BLAKE2S</code></a></td> - <td></td> - <td>0, 32</td> - <td>32</td> - <td>Blake2s</td> - </tr> - <tr id="CRYPTO_NULL_HMAC"> - <td><a class="permalink" href="#CRYPTO_NULL_HMAC"><code class="Dv">CRYPTO_NULL_HMAC</code></a></td> - <td></td> - <td></td> - <td>12</td> - <td>IPsec NULL HMAC</td> - </tr> - <tr id="CRYPTO_POLY1305"> - <td><a class="permalink" href="#CRYPTO_POLY1305"><code class="Dv">CRYPTO_POLY1305</code></a></td> - <td></td> - <td>32</td> - <td>16</td> - <td>Poly1305 authenticator</td> - </tr> - <tr id="CRYPTO_RIPEMD160"> - <td><a class="permalink" href="#CRYPTO_RIPEMD160"><code class="Dv">CRYPTO_RIPEMD160</code></a></td> - <td></td> - <td></td> - <td>20</td> - <td>RIPE Message Digest-160</td> - </tr> - <tr id="CRYPTO_RIPEMD160_HMAC"> - <td><a class="permalink" href="#CRYPTO_RIPEMD160_HMAC"><code class="Dv">CRYPTO_RIPEMD160_HMAC</code></a></td> - <td></td> - <td>64</td> - <td>20</td> - <td>RIPE Message Digest-160 HMAC</td> - </tr> - <tr id="CRYPTO_SHA1"> - <td><a class="permalink" href="#CRYPTO_SHA1"><code class="Dv">CRYPTO_SHA1</code></a></td> - <td></td> - <td></td> - <td>20</td> - <td>SHA-1</td> - </tr> - <tr id="CRYPTO_SHA1_HMAC"> - <td><a class="permalink" href="#CRYPTO_SHA1_HMAC"><code class="Dv">CRYPTO_SHA1_HMAC</code></a></td> - <td></td> - <td>64</td> - <td>20</td> - <td>SHA-1 HMAC</td> - </tr> - <tr id="CRYPTO_SHA2_224"> - <td><a class="permalink" href="#CRYPTO_SHA2_224"><code class="Dv">CRYPTO_SHA2_224</code></a></td> - <td></td> - <td></td> - <td>28</td> - <td>SHA-2 224</td> - </tr> - <tr id="CRYPTO_SHA2_224_HMAC"> - <td><a class="permalink" href="#CRYPTO_SHA2_224_HMAC"><code class="Dv">CRYPTO_SHA2_224_HMAC</code></a></td> - <td></td> - <td>64</td> - <td>28</td> - <td>SHA-2 224 HMAC</td> - </tr> - <tr id="CRYPTO_SHA2_256"> - <td><a class="permalink" href="#CRYPTO_SHA2_256"><code class="Dv">CRYPTO_SHA2_256</code></a></td> - <td></td> - <td></td> - <td>32</td> - <td>SHA-2 256</td> - </tr> - <tr id="CRYPTO_SHA2_256_HMAC"> - <td><a class="permalink" href="#CRYPTO_SHA2_256_HMAC"><code class="Dv">CRYPTO_SHA2_256_HMAC</code></a></td> - <td></td> - <td>64</td> - <td>32</td> - <td>SHA-2 256 HMAC</td> - </tr> - <tr id="CRYPTO_SHA2_384"> - <td><a class="permalink" href="#CRYPTO_SHA2_384"><code class="Dv">CRYPTO_SHA2_384</code></a></td> - <td></td> - <td></td> - <td>48</td> - <td>SHA-2 384</td> - </tr> - <tr id="CRYPTO_SHA2_384_HMAC"> - <td><a class="permalink" href="#CRYPTO_SHA2_384_HMAC"><code class="Dv">CRYPTO_SHA2_384_HMAC</code></a></td> - <td></td> - <td>128</td> - <td>48</td> - <td>SHA-2 384 HMAC</td> - </tr> - <tr id="CRYPTO_SHA2_512"> - <td><a class="permalink" href="#CRYPTO_SHA2_512"><code class="Dv">CRYPTO_SHA2_512</code></a></td> - <td></td> - <td></td> - <td>64</td> - <td>SHA-2 512</td> - </tr> - <tr id="CRYPTO_SHA2_512_HMAC"> - <td><a class="permalink" href="#CRYPTO_SHA2_512_HMAC"><code class="Dv">CRYPTO_SHA2_512_HMAC</code></a></td> - <td></td> - <td>128</td> - <td>64</td> - <td>SHA-2 512 HMAC</td> - </tr> -</table> -</section> -<section class="Ss"> -<h2 class="Ss" id="Block_Ciphers"><a class="permalink" href="#Block_Ciphers">Block - Ciphers</a></h2> -<p class="Pp">Block ciphers in OCF can only operate on messages whose length is - an exact multiple of the cipher's block size. OCF supports the following - block ciphers:</p> -<table class="Bl-column"> - <tr id="Name~2"> - <td><a class="permalink" href="#Name~2"><b class="Sy">Name</b></a></td> - <td><a class="permalink" href="#IV"><b class="Sy" id="IV">IV - Size</b></a></td> - <td><a class="permalink" href="#Block"><b class="Sy" id="Block">Block - Size</b></a></td> - <td><a class="permalink" href="#Key~2"><b class="Sy" id="Key~2">Key - Sizes</b></a></td> - <td><a class="permalink" href="#Description~2"><b class="Sy" id="Description~2">Description</b></a></td> - </tr> - <tr id="CRYPTO_AES_CBC"> - <td><a class="permalink" href="#CRYPTO_AES_CBC"><code class="Dv">CRYPTO_AES_CBC</code></a></td> - <td>16</td> - <td>16</td> - <td>16, 24, 32</td> - <td>AES-CBC</td> - </tr> - <tr id="CRYPTO_AES_XTS"> - <td><a class="permalink" href="#CRYPTO_AES_XTS"><code class="Dv">CRYPTO_AES_XTS</code></a></td> - <td>8</td> - <td>16</td> - <td>32, 64</td> - <td>AES-XTS</td> - </tr> - <tr id="CRYPTO_CAMELLIA_CBC"> - <td><a class="permalink" href="#CRYPTO_CAMELLIA_CBC"><code class="Dv">CRYPTO_CAMELLIA_CBC</code></a></td> - <td>16</td> - <td>16</td> - <td>16, 24, 32</td> - <td>Camellia CBC</td> - </tr> - <tr id="CRYPTO_NULL_CBC"> - <td><a class="permalink" href="#CRYPTO_NULL_CBC"><code class="Dv">CRYPTO_NULL_CBC</code></a></td> - <td>0</td> - <td>4</td> - <td>0-256</td> - <td>IPsec NULL cipher</td> - </tr> -</table> -<p class="Pp"><code class="Dv">CRYPTO_AES_XTS</code> implements XEX Tweakable - Block Cipher with Ciphertext Stealing as defined in NIST SP 800-38E. OCF - consumers provide the first 8 bytes of the IV. The remaining 8 bytes are - defined to be a block counter beginning at 0.</p> -<p class="Pp">NOTE: The ciphertext stealing part is not implemented in all - backends which is why this cipher requires input that is a multiple of the - block size.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Stream_Ciphers"><a class="permalink" href="#Stream_Ciphers">Stream - Ciphers</a></h2> -<p class="Pp">Stream ciphers can operate on messages with arbitrary lengths. OCF - supports the following stream ciphers:</p> -<table class="Bl-column"> - <tr id="Name~3"> - <td><a class="permalink" href="#Name~3"><b class="Sy">Name</b></a></td> - <td><a class="permalink" href="#IV~2"><b class="Sy" id="IV~2">IV - Size</b></a></td> - <td><a class="permalink" href="#Key~3"><b class="Sy" id="Key~3">Key - Sizes</b></a></td> - <td><a class="permalink" href="#Description~3"><b class="Sy" id="Description~3">Description</b></a></td> - </tr> - <tr id="CRYPTO_AES_ICM"> - <td><a class="permalink" href="#CRYPTO_AES_ICM"><code class="Dv">CRYPTO_AES_ICM</code></a></td> - <td>16</td> - <td>16, 24, 32</td> - <td>AES Counter Mode</td> - </tr> - <tr id="CRYPTO_CHACHA20"> - <td><a class="permalink" href="#CRYPTO_CHACHA20"><code class="Dv">CRYPTO_CHACHA20</code></a></td> - <td>16</td> - <td>16, 32</td> - <td>ChaCha20</td> - </tr> -</table> -<p class="Pp">The IV for each request must be provided in - <var class="Fa">crp_iv</var> via the - <code class="Dv">CRYPTO_F_IV_SEPARATE</code> flag.</p> -<p class="Pp"><code class="Dv">CRYPTO_AES_ICM</code> uses the entire IV as a - 128-bit big endian block counter. The IV sets the initial counter value for - a message. If a consumer wishes to use an IV whose value is split into - separate nonce and counter fields (e.g., IPsec), the consumer is responsible - for splitting requests to handle counter rollover.</p> -<p class="Pp"><code class="Dv">CRYPTO_CHACHA20</code> accepts a 16 byte IV. The - first 8 bytes are used as a nonce. The last 8 bytes are used as a 64-bit - little-endian block counter.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Authenticated_Encryption_with_Associated_Data_Algorithms"><a class="permalink" href="#Authenticated_Encryption_with_Associated_Data_Algorithms">Authenticated - Encryption with Associated Data Algorithms</a></h2> -<p class="Pp">AEAD algorithms in OCF combine a stream cipher with an - authentication algorithm to provide both secrecy and authentication. AEAD - algorithms accept additional authentication data (AAD) in addition to the - ciphertext or plaintext. AAD is passed to the authentication algorithm as - input in a method defined by the specific AEAD algorithm.</p> -<p class="Pp">AEAD algorithms in OCF accept a nonce that is combined with an - algorithm-defined counter to construct the IV for the underlying stream - cipher. This nonce must be provided in <var class="Fa">crp_iv</var> via the - <code class="Dv">CRYPTO_F_IV_SEPARATE</code> flag. Some AEAD algorithms - support multiple nonce sizes. The first size listed is the default nonce - size.</p> -<p class="Pp">The following AEAD algorithms are supported:</p> -<table class="Bl-column"> - <tr id="Name~4"> - <td><a class="permalink" href="#Name~4"><b class="Sy">Name</b></a></td> - <td><a class="permalink" href="#Nonce~2"><b class="Sy" id="Nonce~2">Nonce</b></a></td> - <td><a class="permalink" href="#Key~4"><b class="Sy" id="Key~4">Key - Sizes</b></a></td> - <td><a class="permalink" href="#Tag"><b class="Sy" id="Tag">Tag</b></a></td> - <td><a class="permalink" href="#Description~4"><b class="Sy" id="Description~4">Description</b></a></td> - </tr> - <tr id="CRYPTO_AES_NIST_GCM_16"> - <td><a class="permalink" href="#CRYPTO_AES_NIST_GCM_16"><code class="Dv">CRYPTO_AES_NIST_GCM_16</code></a></td> - <td>12</td> - <td>16, 24, 32</td> - <td>16</td> - <td>AES Galois/Counter Mode</td> - </tr> - <tr id="CRYPTO_AES_CCM_16"> - <td><a class="permalink" href="#CRYPTO_AES_CCM_16"><code class="Dv">CRYPTO_AES_CCM_16</code></a></td> - <td>12, 7-13</td> - <td>16, 24, 32</td> - <td>16</td> - <td>AES Counter with CBC-MAC</td> - </tr> - <tr id="CRYPTO_CHACHA20_POLY1305"> - <td><a class="permalink" href="#CRYPTO_CHACHA20_POLY1305"><code class="Dv">CRYPTO_CHACHA20_POLY1305</code></a></td> - <td>12, 8</td> - <td>32</td> - <td>16</td> - <td>ChaCha20-Poly1305</td> - </tr> - <tr id="CRYPTO_XCHACHA20_POLY1305"> - <td><a class="permalink" href="#CRYPTO_XCHACHA20_POLY1305"><code class="Dv">CRYPTO_XCHACHA20_POLY1305</code></a></td> - <td>24</td> - <td>32</td> - <td>16</td> - <td>XChaCha20-Poly1305</td> - </tr> -</table> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">crypto(4)</a>, <a class="Xr">crypto(9)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">crypto</code> manual page first appeared in - <span class="Ux">FreeBSD 10.1</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">January 11, 2022</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/d.7 3.html b/static/freebsd/man7/d.7 3.html deleted file mode 100644 index c0b17698..00000000 --- a/static/freebsd/man7/d.7 3.html +++ /dev/null @@ -1,377 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">D(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">D(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">D</code> — <span class="Nd">DTrace - scripting language overview</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><var class="Ar">provider</var><code class="Cm">:</code><var class="Ar">module</var><code class="Cm">:</code><var class="Ar">function</var><code class="Cm">:</code><var class="Ar">name</var> - [[<code class="Cm">/</code><var class="Ar">predicate</var><code class="Cm">/</code>] - <code class="Cm">{</code><var class="Ar">action</var><code class="Cm">}</code>]</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp"><code class="Nm">D</code> is the <a class="Xr">dtrace(1)</a> - scripting language. This manual provides a brief reference of the - <code class="Nm">D</code> language and scripting.</p> -<p class="Pp">This manual page serves as a short reference of the language. - Refer to books listed in <a class="Sx" href="#SEE_ALSO">SEE ALSO</a> for a - complete reference.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="PROBE'S_DESCRIPTION"><a class="permalink" href="#PROBE'S_DESCRIPTION">PROBE'S - DESCRIPTION</a></h1> -<p class="Pp">A probe's description consists of four elements:</p> -<div class="Bd - Bd-indent"><var class="Ar">provider</var><code class="Cm">:</code><var class="Ar">module</var><code class="Cm">:</code><var class="Ar">function</var><code class="Cm">:</code><var class="Ar">name</var></div> -<p class="Pp">The exact meaning of <var class="Ar">module</var>, - <var class="Ar">function</var>, and <var class="Ar">name</var> depends on - <var class="Ar">provider</var>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="USER-DEFINED_VARIABLE_TYPES"><a class="permalink" href="#USER-DEFINED_VARIABLE_TYPES">USER-DEFINED - VARIABLE TYPES</a></h1> -<table class="Bl-column"> - <tr id="Type"> - <td><a class="permalink" href="#Type"><b class="Sy">Type</b></a></td> - <td><a class="permalink" href="#Syntax"><b class="Sy" id="Syntax">Syntax</b></a></td> - </tr> - <tr id="variable_name"> - <td>global</td> - <td><var class="Va">variable_name</var></td> - </tr> - <tr id="@"> - <td>aggregate</td> - <td><a class="permalink" href="#@"><b class="Sy">@</b></a><var class="Va">variable_name</var></td> - </tr> - <tr id="self-_"> - <td>thread-local</td> - <td><a class="permalink" href="#self-_"><b class="Sy">self-></b></a><var class="Va">variable_name</var></td> - </tr> - <tr id="this-_"> - <td>clause-local</td> - <td><a class="permalink" href="#this-_"><b class="Sy">this-></b></a><var class="Va">variable_name</var></td> - </tr> -</table> -<p class="Pp" id="Tips"><a class="permalink" href="#Tips"><i class="Em">Tips</i></a>:</p> -<ul class="Bl-dash Bl-compact"> - <li>Always use the variable type with the smallest scope to minimize - processing overhead.</li> - <li>Use aggregate variables instead of global variables when possible. - Aggregate variables are multi-CPU safe in contrast to global - variables.</li> -</ul> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUILT-IN_VARIABLES"><a class="permalink" href="#BUILT-IN_VARIABLES">BUILT-IN - VARIABLES</a></h1> -<section class="Ss"> -<h2 class="Ss" id="Probe_Arguments"><a class="permalink" href="#Probe_Arguments">Probe - Arguments</a></h2> -<dl class="Bl-tag"> - <dt id="args__"><var class="Va">args[]</var></dt> - <dd>The array of typed probe arguments.</dd> - <dt id="arg0"><var class="Va">arg0</var>, <var class="Va">...</var>, - <var class="Va">arg9</var></dt> - <dd>The untyped probe arguments represented as 64-bit unsigned integers. Only - the first ten arguments are available this way.</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="Probe_Information"><a class="permalink" href="#Probe_Information">Probe - Information</a></h2> -<dl class="Bl-tag"> - <dt id="epid"><var class="Va">epid</var></dt> - <dd>The enabled probe ID which uniquely identifies an enabled probe. An - enabled probe is defined by its probe ID, its predicates, and its - actions.</dd> - <dt id="id"><var class="Va">id</var></dt> - <dd>The probe ID which uniquely identifies a probe available to DTrace.</dd> - <dt id="probeprov"><var class="Va">probeprov</var></dt> - <dd>The <var class="Ar">provider</var> in the probe's description - (<var class="Ar">provider</var><code class="Cm">:</code><var class="Ar">module</var><code class="Cm">:</code><var class="Ar">function</var><code class="Cm">:</code><var class="Ar">name</var>).</dd> - <dt id="probemod"><var class="Va">probemod</var></dt> - <dd>The <var class="Ar">module</var> in the probe's description - (<var class="Ar">provider</var><code class="Cm">:</code><var class="Ar">module</var><code class="Cm">:</code><var class="Ar">function</var><code class="Cm">:</code><var class="Ar">name</var>).</dd> - <dt id="probefunc"><var class="Va">probefunc</var></dt> - <dd>The <var class="Ar">function</var> in the probe's description - (<var class="Ar">provider</var><code class="Cm">:</code><var class="Ar">module</var><code class="Cm">:</code><var class="Ar">function</var><code class="Cm">:</code><var class="Ar">name</var>).</dd> - <dt id="probename"><var class="Va">probename</var></dt> - <dd>The <var class="Ar">name</var> in the probe's description - (<var class="Ar">provider</var><code class="Cm">:</code><var class="Ar">module</var><code class="Cm">:</code><var class="Ar">function</var><code class="Cm">:</code><var class="Ar">name</var>).</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="Process_Information"><a class="permalink" href="#Process_Information">Process - Information</a></h2> -<dl class="Bl-tag"> - <dt id="execargs"><var class="Va">execargs</var></dt> - <dd>The process arguments. Effectively, - ‘<code class="Li">curthread->td_proc->p_args</code>’.</dd> - <dt id="execname"><var class="Va">execname</var></dt> - <dd>The name of the current process. Effectively, - ‘<code class="Li">curthread->td_proc->p_comm</code>’.</dd> - <dt id="gid"><var class="Va">gid</var></dt> - <dd>The group ID of the current process.</dd> - <dt id="pid"><var class="Va">pid</var></dt> - <dd>The process ID of the current process.</dd> - <dt id="ppid"><var class="Va">ppid</var></dt> - <dd>The parent process ID of the current process.</dd> - <dt id="uid"><var class="Va">uid</var></dt> - <dd>The user ID of the current process.</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="Thread_Information"><a class="permalink" href="#Thread_Information">Thread - Information</a></h2> -<dl class="Bl-tag"> - <dt id="uregs__"><var class="Va">uregs[]</var></dt> - <dd>The saved user-mode register values.</dd> - <dt id="cpu"><var class="Va">cpu</var></dt> - <dd>The ID of the current CPU.</dd> - <dt id="stackdepth"><var class="Va">stackdepth</var></dt> - <dd>The kernel stack frame depth.</dd> - <dt id="ustackdepth"><var class="Va">ustackdepth</var></dt> - <dd>The userspace counterpart of <var class="Va">stackdepth</var>.</dd> - <dt id="tid"><var class="Va">tid</var></dt> - <dd>The thread ID. Depending on the context, this can be either the ID of a - kernel thread or a thread in a user process.</dd> - <dt id="errno"><var class="Va">errno</var></dt> - <dd>The <a class="Xr">errno(2)</a> value of the last system call performed by - the current thread.</dd> - <dt id="curlwpsinfo"><var class="Va">curlwpsinfo</var></dt> - <dd>A pointer to the <var class="Vt">lwpsinfo_t</var> representation of the - current thread. Refer to <a class="Xr">dtrace_proc(4)</a> for more - details.</dd> - <dt id="curpsinfo"><var class="Va">curpsinfo</var></dt> - <dd>A pointer to the <var class="Vt">psinfo_t</var> representation of the - current process. Refer to <a class="Xr">dtrace_proc(4)</a> for more - details.</dd> - <dt id="curthread"><var class="Va">curthread</var></dt> - <dd>A pointer to the thread struct that is currently on-CPU. E.g., - ‘<code class="Li">curthread->td_name</code>’ returns the - thread name. The - <code class="In"><<a class="In">sys/proc.h</a>></code> header - documents all members of <var class="Vt">struct thread</var>.</dd> - <dt id="caller"><var class="Va">caller</var></dt> - <dd>The address of the kernel thread instruction at the time of execution of - the current probe.</dd> - <dt id="ucaller"><var class="Va">ucaller</var></dt> - <dd>The userspace counterpart of <var class="Va">caller</var>.</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="Timestamps"><a class="permalink" href="#Timestamps">Timestamps</a></h2> -<dl class="Bl-tag"> - <dt id="timestamp"><var class="Va">timestamp</var></dt> - <dd>The number of nanoseconds since boot. Suitable for calculating relative - time differences of elapsed time and latency.</dd> - <dt id="vtimestamp"><var class="Va">vtimestamp</var></dt> - <dd>The number of nanoseconds that the current thread spent on CPU. The - counter is not increased during handling of a fired DTrace probe. Suitable - for calculating relative time differences of on-CPU time.</dd> - <dt id="walltimestamp"><var class="Va">walltimestamp</var></dt> - <dd>The number of nanoseconds since the Epoch (1970-01-01T00+00:00). Suitable - for timestamping logs.</dd> -</dl> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUILT-IN_FUNCTIONS"><a class="permalink" href="#BUILT-IN_FUNCTIONS">BUILT-IN - FUNCTIONS</a></h1> -<dl class="Bl-tag"> - <dt id="strchr"><var class="Ft">string</var> - <a class="permalink" href="#strchr"><code class="Fn">strchr</code></a>(<var class="Fa">string - s</var>, <var class="Fa">char c</var>)</dt> - <dd>Return a substring of <var class="Fa">s</var> starting at the first - occurance of <var class="Fa">c</var> in <var class="Fa">s</var>. Return - <code class="Dv">NULL</code> if <var class="Fa">c</var> does not occur in - <var class="Fa">s</var>. - <p class="Pp">For example,</p> - <div class="Bd Bd-indent Li"> - <pre>strchr("abc", 'b');</pre> - </div> - returns ‘<code class="Li">bc</code>’ and - <div class="Bd Bd-indent Li"> - <pre>strchr("abc", 'd');</pre> - </div> - returns <code class="Dv">NULL</code>.</dd> - <dt id="strjoin"><var class="Ft">string</var> - <a class="permalink" href="#strjoin"><code class="Fn">strjoin</code></a>(<var class="Fa">string - s1</var>, <var class="Fa">string s2</var>)</dt> - <dd>Return a string resulting from concatenating <var class="Fa">s1</var> and - <var class="Fa">s2</var>. - <p class="Pp">For example,</p> - <div class="Bd Bd-indent Li"> - <pre>strjoin("abc", "def")</pre> - </div> - returns ‘<code class="Li">abcdef</code>’.</dd> - <dt id="strrchr"><var class="Ft">string</var> - <a class="permalink" href="#strrchr"><code class="Fn">strrchr</code></a>(<var class="Fa">string - s</var>, <var class="Fa">char c</var>)</dt> - <dd>Return a substring of <var class="Fa">s</var> starting at the last - occurance of <var class="Fa">c</var> in <var class="Fa">s</var>. Similar - to <code class="Fn">strchr</code>().</dd> - <dt id="strstr"><var class="Ft">string</var> - <a class="permalink" href="#strstr"><code class="Fn">strstr</code></a>(<var class="Fa">string - haystack</var>, <var class="Fa">string needle</var>)</dt> - <dd>Return a substring of <var class="Fa">haystack</var> starting at the first - occurrence of <var class="Fa">needle</var>. Return - <code class="Dv">NULL</code> if <var class="Fa">needle</var> is not a - substring of <var class="Fa">haystack</var>. - <p class="Pp">For example,</p> - <div class="Bd Bd-indent Li"> - <pre>strstr("abc1bc2", "bc")</pre> - </div> - returns ‘<code class="Li">bc1bc2</code>’ and - <div class="Bd Bd-indent Li"> - <pre>strstr("abc", "xy")</pre> - </div> - returns <code class="Dv">NULL</code>.</dd> - <dt id="strtok"><var class="Ft">string</var> - <a class="permalink" href="#strtok"><code class="Fn">strtok</code></a>(<var class="Fa">string - s</var>, <var class="Fa">string separators</var>)</dt> - <dd>Tokenize <var class="Fa">s</var> with <var class="Fa">separators</var>. - <p class="Pp">For example,</p> - <div class="Bd Bd-indent Li"> - <pre>strtok("abcdefg", "xyzd")</pre> - </div> - returns ‘<code class="Li">abc</code>’.</dd> - <dt id="strlen"><var class="Ft">size_t</var> - <a class="permalink" href="#strlen"><code class="Fn">strlen</code></a>(<var class="Fa">string - s</var>)</dt> - <dd>Return the length of string <var class="Fa">s</var>.</dd> - <dt id="substr"><var class="Ft">string</var> - <a class="permalink" href="#substr"><code class="Fn">substr</code></a>(<var class="Fa">string - s</var>, <var class="Fa">int position</var>, <var class="Fa">[int - length]</var>)</dt> - <dd>Return a substring of string <var class="Fa">s</var> starting at - <var class="Fa">position</var>. The substring will be at most - <var class="Fa">length</var>-long. If <var class="Fa">length</var> is not - specified, use the rest of the string. If <var class="Fa">position</var> - is greater than the size of <var class="Fa">s</var>, return an empty - string. - <p class="Pp">For example,</p> - <div class="Bd Bd-indent Li"> - <pre>substr("abcd", 2)</pre> - </div> - returns ‘<code class="Li">cd</code>’, - <div class="Bd Bd-indent Li"> - <pre>substr("abcd", 2, 1)</pre> - </div> - returns ‘<code class="Li">c</code>’, and - <div class="Bd Bd-indent Li"> - <pre>substr("abcd", 99)</pre> - </div> - returns an empty string.</dd> -</dl> -<section class="Ss"> -<h2 class="Ss" id="Aggregation_Functions"><a class="permalink" href="#Aggregation_Functions">Aggregation - Functions</a></h2> -<dl class="Bl-tag Bl-compact"> - <dt id="avg"><a class="permalink" href="#avg"><code class="Fn">avg</code></a>(<var class="Fa">value</var>)</dt> - <dd>Average</dd> - <dt id="count"><a class="permalink" href="#count"><code class="Fn">count</code></a>()</dt> - <dd>Count</dd> - <dt id="llquantize"><a class="permalink" href="#llquantize"><code class="Fn">llquantize</code></a>(<var class="Fa">value</var>, - <var class="Fa">factor</var>, <var class="Fa">low</var>, - <var class="Fa">high</var>, <var class="Fa">nsteps</var>)</dt> - <dd>Log-linear quantization</dd> - <dt id="lquantize"><a class="permalink" href="#lquantize"><code class="Fn">lquantize</code></a>(<var class="Fa">value</var>, - <var class="Fa">low</var>, <var class="Fa">high</var>, - <var class="Fa">nsteps</var>)</dt> - <dd>Linear quantization</dd> - <dt id="max"><a class="permalink" href="#max"><code class="Fn">max</code></a>(<var class="Fa">value</var>)</dt> - <dd>Maximum</dd> - <dt id="min"><a class="permalink" href="#min"><code class="Fn">min</code></a>(<var class="Fa">value</var>)</dt> - <dd>Minimum</dd> - <dt id="quantize"><a class="permalink" href="#quantize"><code class="Fn">quantize</code></a>(<var class="Fa">value</var>)</dt> - <dd>Power-of-two frequency distribution</dd> - <dt id="stddev"><a class="permalink" href="#stddev"><code class="Fn">stddev</code></a>(<var class="Fa">value</var>)</dt> - <dd>Standard deviation</dd> - <dt id="sum"><a class="permalink" href="#sum"><code class="Fn">sum</code></a>(<var class="Fa">value</var>)</dt> - <dd>Sum</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="Kernel_Destructive_Functions"><a class="permalink" href="#Kernel_Destructive_Functions">Kernel - Destructive Functions</a></h2> -<p class="Pp">By default, <a class="Xr">dtrace(1)</a> does not permit the use of - destructive actions.</p> -<dl class="Bl-tag"> - <dt id="breakpoint"><a class="permalink" href="#breakpoint"><code class="Fn">breakpoint</code></a>()</dt> - <dd>Set a kernel breakpoint and transfer control to the - <a class="Xr">ddb(4)</a> kernel debugger.</dd> - <dt id="chill"><a class="permalink" href="#chill"><code class="Fn">chill</code></a>(<var class="Fa">nanoseconds</var>)</dt> - <dd>Spin on the CPU for the specified number of - <var class="Fa">nanoseconds</var>.</dd> - <dt id="panic"><a class="permalink" href="#panic"><code class="Fn">panic</code></a>()</dt> - <dd>Panic the kernel.</dd> -</dl> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag"> - <dt><span class="Pa">/usr/share/dtrace</span></dt> - <dd>DTrace scripts shipped with <span class="Ux">FreeBSD</span> base.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">awk(1)</a>, <a class="Xr">dtrace(1)</a>, - <a class="Xr">tracing(7)</a></p> -<p class="Pp"><cite class="Rs"><i class="RsB">The illumos Dynamic Tracing - Guide</i>, - <a class="RsU" href="https://illumos.org/books/dtrace/">https://illumos.org/books/dtrace/</a>, - <span class="RsD">2008</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">Brendan Gregg</span> and - <span class="RsA">Jim Mauro</span>, <i class="RsB">DTrace: Dynamic Tracing - in Oracle Solaris, Mac OS X and FreeBSD</i>, <i class="RsI">Prentice - Hall</i>, - <a class="RsU" href="https://www.brendangregg.com/dtracebook/">https://www.brendangregg.com/dtracebook/</a>, - <span class="RsD">2011</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">George Neville-Neil</span>, - <span class="RsA">Jonathan Anderson</span>, <span class="RsA">Graeme - Jenkinson</span>, <span class="RsA">Brian Kidney</span>, - <span class="RsA">Domagoj Stolfa</span>, <span class="RsA">Arun - Thomas</span>, and <span class="RsA">Robert N. M. Watson</span>, - <span class="RsT">Univeristy of Cambridge Computer Laboratory</span>, - <span class="RsR">OpenDTrace Specification version 1.0</span>, - <a class="RsU" href="https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-924.pdf">https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-924.pdf</a>, - <span class="RsC">Cambridge, United Kingdom</span>, <span class="RsD">August - 2018</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">This manual page first appeared in <span class="Ux">FreeBSD - 15.0</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This manual page was written by <span class="An">Mateusz - Piotrowski</span> - <<a class="Mt" href="mailto:0mp@FreeBSD.org">0mp@FreeBSD.org</a>>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUGS"><a class="permalink" href="#BUGS">BUGS</a></h1> -<p class="Pp">The <var class="Va">cwd</var> variable which typically provides - the current working directory is not supported on - <span class="Ux">FreeBSD</span> at the moment.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">October 28, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/development.7 3.html b/static/freebsd/man7/development.7 3.html deleted file mode 100644 index 34947732..00000000 --- a/static/freebsd/man7/development.7 3.html +++ /dev/null @@ -1,128 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">DEVELOPMENT(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">DEVELOPMENT(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">development</code> — - <span class="Nd">introduction to <span class="Ux">FreeBSD</span> development - process</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp"><span class="Ux">FreeBSD</span> development is split into three - major subprojects: doc, ports, and src. Doc is the documentation, such as - the <span class="Ux">FreeBSD</span> Handbook. To read more, see:</p> -<p class="Pp"><a class="Lk" href="https://docs.FreeBSD.org/en/books/fdp-primer/">https://docs.FreeBSD.org/en/books/fdp-primer/</a></p> -<p class="Pp">Ports, described further in <a class="Xr">ports(7)</a>, are the - way to build, package, and install third party software. To read more, - see:</p> -<p class="Pp"><a class="Lk" href="https://docs.FreeBSD.org/en/books/porters-handbook/">https://docs.FreeBSD.org/en/books/porters-handbook/</a></p> -<p class="Pp">The last one, src, revolves around the source code for the base - system, consisting of the kernel, and the libraries and utilities commonly - called the world.</p> -<p class="Pp">The Committer's Guide, describing topics relevant to all - committers, can be found at:</p> -<p class="Pp"><a class="Lk" href="https://docs.freebsd.org/en/articles/committers-guide/">https://docs.freebsd.org/en/articles/committers-guide/</a></p> -<p class="Pp"><span class="Ux">FreeBSD</span> src development takes place in the - project-hosted Git repository, located at:</p> -<p class="Pp"><a class="Lk" href="https://git.FreeBSD.org/src.git">https://git.FreeBSD.org/src.git</a></p> -<p class="Pp">The push URL is:</p> -<p class="Pp"><a class="Lk" href="ssh://git@gitrepo.FreeBSD.org/src.git">ssh://git@gitrepo.FreeBSD.org/src.git</a></p> -<p class="Pp">There is also a list of public, read-only Git mirrors at:</p> -<p class="Pp"><a class="Lk" href="https://docs.FreeBSD.org/en/books/handbook/mirrors/#external-mirrors">https://docs.FreeBSD.org/en/books/handbook/mirrors/#external-mirrors</a></p> -<p class="Pp">The ‘<code class="Li">main</code>’ Git branch - represents CURRENT; all changes are first committed to CURRENT and then - usually cherry-picked back to STABLE, which refers to Git branches such as - ‘<code class="Li">stable/14</code>’. Every few years a new - STABLE is branched from CURRENT, with an incremented major version number. - Releases are then branched off STABLE and numbered with consecutive minor - numbers such as ‘<code class="Li">releng/14.3</code>’</p> -<p class="Pp">The layout of the source tree is described in its - <span class="Pa">README.md</span> file. Build instructions can be found in - <a class="Xr">build(7)</a> and <a class="Xr">release(7)</a>. Kernel - programming interfaces (KPIs) are documented in section 9 manual pages; use - ‘<code class="Li">apropos -s 9 .</code>’ for a list. - Regression test suite is described in <a class="Xr">tests(7)</a>. For coding - conventions, see <a class="Xr">style(9)</a>.</p> -<p class="Pp">To ask questions regarding development, use the mailing lists, - such as freebsd-arch@ and freebsd-hackers@:</p> -<p class="Pp"><a class="Lk" href="https://lists.FreeBSD.org">https://lists.FreeBSD.org</a></p> -<p class="Pp">To get your patches integrated into the main - <span class="Ux">FreeBSD</span> repository use Phabricator; it is a code - review tool that allows other developers to review the changes, suggest - improvements, and, eventually, allows them to pick up the change and commit - it:</p> -<p class="Pp"><a class="Lk" href="https://reviews.FreeBSD.org">https://reviews.FreeBSD.org</a></p> -<p class="Pp">Or Github:</p> -<p class="Pp"><a class="Lk" href="https://github.com/freebsd">https://github.com/freebsd</a></p> -<p class="Pp">To check the latest <span class="Ux">FreeBSD</span> build and test - status of CURRENT and STABLE branches, the continuous integration system is - at:</p> -<p class="Pp"><a class="Lk" href="https://ci.FreeBSD.org">https://ci.FreeBSD.org</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/usr/src/CONTRIBUTING.md</span></dt> - <dd><span class="Ux">FreeBSD</span> contribution guidelines</dd> - <dt><span class="Pa">/usr/src/tools/tools/git/git-arc.sh</span></dt> - <dd>Phabricator review tooling</dd> - <dt><span class="Pa">/usr/ports/devel/freebsd-git-arc</span></dt> - <dd>Phabricator review tooling as a port</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<p class="Pp">Apply a patch from Github pull #1234, using - <span class="Pa">devel/gh</span>:</p> -<p class="Pp"></p> -<div class="Bd Bd-indent"><code class="Li">gh pr checkout 1234</code></div> -<p class="Pp">Apply a patch from Phabricator review D1234, using - <a class="Xr">git-arc(1)</a>:</p> -<p class="Pp"></p> -<div class="Bd Bd-indent"><code class="Li">git arc patch -c D1234</code></div> -<p class="Pp">Apply a manually downloaded <a class="Xr">git-format-patch(1)</a>, - <span class="Pa">draft.patch</span>, from Bugzilla or mail:</p> -<p class="Pp"></p> -<div class="Bd Bd-indent"><code class="Li">git am draft.patch</code></div> -<p class="Pp">Apply a manually downloaded patch, - <span class="Pa">draft.diff</span>, from Bugzilla or mail:</p> -<p class="Pp"></p> -<div class="Bd Bd-indent"><code class="Li">git apply draft.diff</code></div> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">git(1)</a>, <a class="Xr">git-arc(1)</a>, - <a class="Xr">witness(4)</a>, <a class="Xr">build(7)</a>, - <a class="Xr">hier(7)</a>, <a class="Xr">ports(7)</a>, - <a class="Xr">release(7)</a>, <a class="Xr">tests(7)</a>, - <a class="Xr">locking(9)</a>, <a class="Xr">style(9)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">development</code> manual page was originally - written by <span class="An">Matthew Dillon</span> - <<a class="Mt" href="mailto:dillon@FreeBSD.org">dillon@FreeBSD.org</a>> - and first appeared in <span class="Ux">FreeBSD 5.0</span>, December 2002. It - was since extensively modified by <span class="An">Eitan Adler</span> - <<a class="Mt" href="mailto:eadler@FreeBSD.org">eadler@FreeBSD.org</a>> - to reflect the repository conversion from - <a class="Lk" href="https://www.nongnu.org/cvs/">CVS</a> to - <a class="Lk" href="https://subversion.apache.org/">Subversion</a>. It was - rewritten from scratch by <span class="An">Edward Tomasz Napierala</span> - <<a class="Mt" href="mailto:trasz@FreeBSD.org">trasz@FreeBSD.org</a>> - for <span class="Ux">FreeBSD 12.0</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">September 24, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/environ.7 3.html b/static/freebsd/man7/environ.7 3.html deleted file mode 100644 index 4fd735ca..00000000 --- a/static/freebsd/man7/environ.7 3.html +++ /dev/null @@ -1,217 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">ENVIRON(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">ENVIRON(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">environ</code> — <span class="Nd">user - environment</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><var class="Ar">extern char **environ</var>;</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">An array of strings, called the <var class="Ar">environment</var> - is made available to each process by <a class="Xr">execve(2)</a> when a - process begins. By convention these strings have the form - <var class="Va">name</var><span class="No">=</span><var class="Ar">value</var>, - and are referred to as “environment variables”. A process can - query, update, and delete these strings using the - <a class="Xr">getenv(3)</a>, <a class="Xr">setenv(3)</a>, and - <a class="Xr">unsetenv(3)</a> functions, respectively. The shells also - provide commands to manipulate the environment; they are described in the - respective shell manual pages.</p> -<p class="Pp">What follows is a list of environment variables typically seen on - a <span class="Ux">UNIX</span> system. It includes only those variables that - a user can expect to see during their day-to-day use of the system, and is - far from complete. Environment variables specific to a particular program or - library function are documented in the - <a class="Sx" href="#ENVIRONMENT">ENVIRONMENT</a> section of the appropriate - manual page.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="ENVIRONMENT"><a class="permalink" href="#ENVIRONMENT">ENVIRONMENT</a></h1> -<dl class="Bl-tag"> - <dt id="ARCHLEVEL"><a class="permalink" href="#ARCHLEVEL"><code class="Ev">ARCHLEVEL</code></a></dt> - <dd>On - <a class="permalink" href="#amd64"><i class="Em" id="amd64">amd64</i></a>, - controls the level of SIMD enhancements used. See - <a class="Xr">simd(7)</a> for details.</dd> - <dt id="BLOCKSIZE"><a class="permalink" href="#BLOCKSIZE"><code class="Ev">BLOCKSIZE</code></a></dt> - <dd>The size of the block units used by several disk-related commands, most - notably <a class="Xr">df(1)</a>, <a class="Xr">du(1)</a> and - <a class="Xr">ls(1)</a>. <code class="Ev">BLOCKSIZE</code> may be - specified in units of a byte by specifying a number, in units of a - kilobyte by specifying a number followed by - ‘<code class="Li">K</code>’ or - ‘<code class="Li">k</code>’, in units of a megabyte by - specifying a number followed by ‘<code class="Li">M</code>’ - or ‘<code class="Li">m</code>’, and in units of a gigabyte - by specifying a number followed by - ‘<code class="Li">G</code>’ or - ‘<code class="Li">g</code>’. Sizes less than 512 bytes or - greater than a gigabyte are ignored. This variable is processed by the - <a class="Xr">getbsize(3)</a> function.</dd> - <dt id="COLUMNS"><a class="permalink" href="#COLUMNS"><code class="Ev">COLUMNS</code></a></dt> - <dd>The user's preferred width in column positions for the terminal. Utilities - such as <a class="Xr">ls(1)</a> and <a class="Xr">who(1)</a> use this to - format output into columns. If unset or empty, utilities will use an - <a class="Xr">ioctl(2)</a> call to ask the terminal driver for the - width.</dd> - <dt id="EDITOR"><a class="permalink" href="#EDITOR"><code class="Ev">EDITOR</code></a></dt> - <dd>Default editor name.</dd> - <dt id="EXINIT"><a class="permalink" href="#EXINIT"><code class="Ev">EXINIT</code></a></dt> - <dd>A startup list of commands read by <a class="Xr">ex(1)</a> and - <a class="Xr">vi(1)</a>.</dd> - <dt id="EXTERROR_VERBOSE"><a class="permalink" href="#EXTERROR_VERBOSE"><code class="Ev">EXTERROR_VERBOSE</code></a></dt> - <dd>Request the <a class="Xr">err(3)</a> and <a class="Xr">uexterr_gettext</a> - functions to unconditionally report additional information, mostly useful - for the (kernel) developer to diagnose the issue. See - <a class="Xr">err(3)</a> and <a class="Xr">exterror(9)</a> for more - details.</dd> - <dt id="HOME"><a class="permalink" href="#HOME"><code class="Ev">HOME</code></a></dt> - <dd>A user's login directory, set by <a class="Xr">login(1)</a> from the - password file <a class="Xr">passwd(5)</a>.</dd> - <dt id="LANG"><a class="permalink" href="#LANG"><code class="Ev">LANG</code></a></dt> - <dd>This variable configures all programs which use - <a class="Xr">setlocale(3)</a> to use the specified locale unless the - <code class="Ev">LC_*</code> variables are set.</dd> - <dt id="LC_ALL"><a class="permalink" href="#LC_ALL"><code class="Ev">LC_ALL</code></a></dt> - <dd>Overrides the values of <code class="Ev">LC_COLLATE</code>, - <code class="Ev">LC_CTYPE</code>, <code class="Ev">LC_MESSAGES</code>, - <code class="Ev">LC_MONETARY</code>, <code class="Ev">LC_NUMERIC</code>, - <code class="Ev">LC_TIME</code> and <code class="Ev">LANG</code>.</dd> - <dt id="LC_COLLATE"><a class="permalink" href="#LC_COLLATE"><code class="Ev">LC_COLLATE</code></a></dt> - <dd>Locale to be used for ordering of strings.</dd> - <dt id="LC_CTYPE"><a class="permalink" href="#LC_CTYPE"><code class="Ev">LC_CTYPE</code></a></dt> - <dd>Locale to be used for character classification (letter, space, digit, - etc.) and for interpreting byte sequences as multibyte characters.</dd> - <dt id="LC_MESSAGES"><a class="permalink" href="#LC_MESSAGES"><code class="Ev">LC_MESSAGES</code></a></dt> - <dd>Locale to be used for diagnostic messages.</dd> - <dt id="LC_MONETARY"><a class="permalink" href="#LC_MONETARY"><code class="Ev">LC_MONETARY</code></a></dt> - <dd>Locale to be used for interpreting monetary input and formatting - output.</dd> - <dt id="LC_NUMERIC"><a class="permalink" href="#LC_NUMERIC"><code class="Ev">LC_NUMERIC</code></a></dt> - <dd>Locale to be used for interpreting numeric input and formatting - output.</dd> - <dt id="LC_TIME"><a class="permalink" href="#LC_TIME"><code class="Ev">LC_TIME</code></a></dt> - <dd>Locale to be used for interpreting dates input and for formatting - output.</dd> - <dt id="MAIL"><a class="permalink" href="#MAIL"><code class="Ev">MAIL</code></a></dt> - <dd>The location of the user's mailbox instead of the default in /var/mail, - used by <a class="Xr">mail(1)</a>, <a class="Xr">sh(1)</a>, and many other - mail clients.</dd> - <dt id="MANPATH"><a class="permalink" href="#MANPATH"><code class="Ev">MANPATH</code></a></dt> - <dd>The sequence of directories, separated by colons, searched by - <a class="Xr">man(1)</a> when looking for manual pages.</dd> - <dt id="NLSPATH"><a class="permalink" href="#NLSPATH"><code class="Ev">NLSPATH</code></a></dt> - <dd>List of directories to be searched for the message catalog referred to by - <code class="Ev">LC_MESSAGES</code>. See - <a class="Xr">catopen(3)</a>.</dd> - <dt id="PAGER"><a class="permalink" href="#PAGER"><code class="Ev">PAGER</code></a></dt> - <dd>Default paginator program. The program specified by this variable is used - by <a class="Xr">mail(1)</a>, <a class="Xr">man(1)</a>, - <a class="Xr">ftp(1)</a>, etc, to display information which is longer than - the current display.</dd> - <dt id="PATH"><a class="permalink" href="#PATH"><code class="Ev">PATH</code></a></dt> - <dd>The sequence of directories, separated by colons, searched by - <a class="Xr">csh(1)</a>, <a class="Xr">sh(1)</a>, - <a class="Xr">system(3)</a>, <a class="Xr">execvp(3)</a>, etc, when - looking for an executable file. <code class="Ev">PATH</code> is set to - ``/usr/bin:/bin'' initially by <a class="Xr">login(1)</a>.</dd> - <dt id="POSIXLY_CORRECT"><a class="permalink" href="#POSIXLY_CORRECT"><code class="Ev">POSIXLY_CORRECT</code></a></dt> - <dd>When set to any value, this environment variable modifies the behaviour of - certain commands to (mostly) execute in a strictly POSIX-compliant - manner.</dd> - <dt id="PRINTER"><a class="permalink" href="#PRINTER"><code class="Ev">PRINTER</code></a></dt> - <dd>The name of the default printer to be used by <a class="Xr">lpr(1)</a>, - <a class="Xr">lpq(1)</a>, and <a class="Xr">lprm(1)</a>.</dd> - <dt id="PWD"><a class="permalink" href="#PWD"><code class="Ev">PWD</code></a></dt> - <dd>The current directory pathname.</dd> - <dt id="SHELL"><a class="permalink" href="#SHELL"><code class="Ev">SHELL</code></a></dt> - <dd>The full pathname of the user's login shell.</dd> - <dt id="TERM"><a class="permalink" href="#TERM"><code class="Ev">TERM</code></a></dt> - <dd>The kind of terminal for which output is to be prepared. This information - is used by commands, such as <a class="Xr">nroff(1)</a> - (<span class="Pa">ports/textproc/groff</span>) or - <a class="Xr">plot(1)</a> which may exploit special terminal capabilities. - See <span class="Pa">/usr/share/misc/termcap</span> - (<a class="Xr">termcap(5)</a>) for a list of terminal types.</dd> - <dt id="TERMCAP"><a class="permalink" href="#TERMCAP"><code class="Ev">TERMCAP</code></a></dt> - <dd>The string describing the terminal in <code class="Ev">TERM</code>, or, if - it begins with a '/', the name of the termcap file. See - <code class="Ev">TERMPATH</code> below, and - <a class="Xr">termcap(5)</a>.</dd> - <dt id="TERMPATH"><a class="permalink" href="#TERMPATH"><code class="Ev">TERMPATH</code></a></dt> - <dd>A sequence of pathnames of termcap files, separated by colons or spaces, - which are searched for terminal descriptions in the order listed. Having - no <code class="Ev">TERMPATH</code> is equivalent to a - <code class="Ev">TERMPATH</code> of - <span class="Pa">$HOME/.termcap:/etc/termcap</span>. - <code class="Ev">TERMPATH</code> is ignored if - <code class="Ev">TERMCAP</code> contains a full pathname.</dd> - <dt id="TMPDIR"><a class="permalink" href="#TMPDIR"><code class="Ev">TMPDIR</code></a></dt> - <dd>The directory in which to store temporary files. Most applications use - either <span class="Pa">/tmp</span> or <span class="Pa">/var/tmp</span>. - Setting this variable will make them use another directory.</dd> - <dt id="TZ"><a class="permalink" href="#TZ"><code class="Ev">TZ</code></a></dt> - <dd>The timezone to use when displaying dates. The normal format is a pathname - relative to <span class="Pa">/usr/share/zoneinfo</span>. For example, the - command - <p class="Pp"></p> - <div class="Bd Bd-indent"><code class="Li">env TZ=America/Los_Angeles - date</code></div> - <p class="Pp">displays the current time in California. See - <a class="Xr">tzset(3)</a> for more information.</p> - </dd> - <dt id="USER"><a class="permalink" href="#USER"><code class="Ev">USER</code></a></dt> - <dd>The login name of the user. It is recommended that portable applications - use <code class="Ev">LOGNAME</code> instead.</dd> -</dl> -<p class="Pp">Further names may be placed in the environment by the - <code class="Ic">export</code> command and <var class="Ar">name=value</var> - arguments in <a class="Xr">sh(1)</a>, or by the - <code class="Ic">setenv</code> command if you use <a class="Xr">csh(1)</a>. - It is unwise to change certain <a class="Xr">sh(1)</a> variables that are - frequently exported by <span class="Pa">.profile</span> files, such as - <code class="Ev">MAIL</code>, <code class="Ev">PS1</code>, - <code class="Ev">PS2</code>, and <code class="Ev">IFS</code>, unless you - know what you are doing.</p> -<p class="Pp">The current environment variables can be printed with - <a class="Xr">env(1)</a>, <a class="Xr">set(1)</a> or - <a class="Xr">printenv(1)</a> in <a class="Xr">sh(1)</a> and - <a class="Xr">env(1)</a>, <a class="Xr">printenv(1)</a> or the - <code class="Cm">printenv</code> built-in command in - <a class="Xr">csh(1)</a>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">cd(1)</a>, <a class="Xr">csh(1)</a>, - <a class="Xr">env(1)</a>, <a class="Xr">err(3)</a>, <a class="Xr">ex(1)</a>, - <a class="Xr">login(1)</a>, <a class="Xr">printenv(1)</a>, - <a class="Xr">sh(1)</a>, <a class="Xr">execve(2)</a>, - <a class="Xr">execle(3)</a>, <a class="Xr">getbsize(3)</a>, - <a class="Xr">getenv(3)</a>, <a class="Xr">setenv(3)</a>, - <a class="Xr">setlocale(3)</a>, <a class="Xr">system(3)</a>, - <a class="Xr">termcap(3)</a>, <a class="Xr">termcap(5)</a>, - <a class="Xr">simd(7)</a>, <a class="Xr">exterror(9)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">environ</code> manual page appeared in - <span class="Ux">Version 7 AT&T UNIX</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">September 3, 2023</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/firewall.7 3.html b/static/freebsd/man7/firewall.7 3.html deleted file mode 100644 index da348df4..00000000 --- a/static/freebsd/man7/firewall.7 3.html +++ /dev/null @@ -1,377 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">FIREWALL(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">FIREWALL(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">firewall</code> — <span class="Nd">simple - firewalls under FreeBSD</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="FIREWALL_BASICS"><a class="permalink" href="#FIREWALL_BASICS">FIREWALL - BASICS</a></h1> -<p class="Pp">A Firewall is most commonly used to protect an internal network - from an outside network by preventing the outside network from making - arbitrary connections into the internal network. Firewalls are also used to - prevent outside entities from spoofing internal IP addresses and to isolate - services such as NFS or SMBFS (Windows file sharing) within LAN - segments.</p> -<p class="Pp">The <span class="Ux">FreeBSD</span> firewalling system also has - the capability to limit bandwidth using <a class="Xr">dummynet(4)</a>. This - feature can be useful when you need to guarantee a certain amount of - bandwidth for a critical purpose. For example, if you are doing video - conferencing over the Internet via your office T1 (1.5 MBits/s), you may - wish to bandwidth-limit all other T1 traffic to 1 MBit/s in order to reserve - at least 0.5 MBits for your video conferencing connections. Similarly if you - are running a popular web or ftp site from a colocation facility you might - want to limit bandwidth to prevent excessive bandwidth charges from your - provider.</p> -<p class="Pp">Finally, <span class="Ux">FreeBSD</span> firewalls may be used to - divert packets or change the next-hop address for packets to help route them - to the correct destination. Packet diversion is most often used to support - NAT (network address translation), which allows an internal network using a - private IP space to make connections to the outside for browsing or other - purposes.</p> -<p class="Pp" id="auth">Constructing a firewall may appear to be trivial, but - most people get them wrong. The most common mistake is to create an - exclusive firewall rather than an inclusive firewall. An exclusive firewall - allows all packets through except for those matching a set of rules. An - inclusive firewall allows only packets matching the ruleset through. - Inclusive firewalls are much, much safer than exclusive firewalls but a tad - more difficult to build properly. The second most common mistake is to - blackhole everything except the particular port you want to let through. - TCP/IP needs to be able to get certain types of ICMP errors to function - properly - for example, to implement MTU discovery. Also, a number of common - system daemons make reverse connections to the - <a class="permalink" href="#auth"><b class="Sy">auth</b></a> service in an - attempt to authenticate the user making a connection. Auth is rather - dangerous but the proper implementation is to return a TCP reset for the - connection attempt rather than simply blackholing the packet. We cover these - and other quirks involved with constructing a firewall in the sample - firewall section below.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="IPFW_KERNEL_CONFIGURATION"><a class="permalink" href="#IPFW_KERNEL_CONFIGURATION">IPFW - KERNEL CONFIGURATION</a></h1> -<p class="Pp">You do not need to create a custom kernel to use the IP - firewalling features. If you enable firewalling in your - <span class="Pa">/etc/rc.conf</span> (see below), the ipfw kernel module - will be loaded automatically when necessary. However, if you are paranoid - you can compile IPFW directly into the <span class="Ux">FreeBSD</span> - kernel by using the - <a class="permalink" href="#IPFIREWALL"><b class="Sy" id="IPFIREWALL">IPFIREWALL</b></a> - option set. If compiled in the kernel, ipfw denies all packets by default, - which means that, if you do not load in a permissive ruleset via - <span class="Pa">/etc/rc.conf</span>, rebooting into your new kernel will - take the network offline. This can prevent you from being able to access - your system if you are not sitting at the console. It is also quite common - to update a kernel to a new release and reboot before updating the binaries. - This can result in an incompatibility between the <a class="Xr">ipfw(8)</a> - program and the kernel which prevents it from running in the boot sequence, - also resulting in an inaccessible machine. Because of these problems the - <a class="permalink" href="#IPFIREWALL_DEFAULT_TO_ACCEPT"><b class="Sy" id="IPFIREWALL_DEFAULT_TO_ACCEPT">IPFIREWALL_DEFAULT_TO_ACCEPT</b></a> - kernel option is also available which changes the default firewall to pass - through all packets. Note, however, that using this option may open a small - window of opportunity during booting where your firewall passes all packets. - Still, it is a good option to use while getting up to speed with - <span class="Ux">FreeBSD</span> firewalling. Get rid of it once you - understand how it all works to close the loophole, though. There is a third - option called - <a class="permalink" href="#IPDIVERT"><b class="Sy" id="IPDIVERT">IPDIVERT</b></a> - which allows you to use the firewall to divert packets to a user program and - is necessary if you wish to use <a class="Xr">natd(8)</a> to give private - internal networks access to the outside world. If you want to be able to - limit the bandwidth used by certain types of traffic, the - <a class="permalink" href="#DUMMYNET"><b class="Sy" id="DUMMYNET">DUMMYNET</b></a> - option must be used to enable - <a class="permalink" href="#ipfw"><i class="Em" id="ipfw">ipfw pipe</i></a> - rules.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SAMPLE_IPFW-BASED_FIREWALL"><a class="permalink" href="#SAMPLE_IPFW-BASED_FIREWALL">SAMPLE - IPFW-BASED FIREWALL</a></h1> -<p class="Pp">Here is an example ipfw-based firewall taken from a machine with - three interface cards. fxp0 is connected to the 'exposed' LAN. Machines on - this LAN are dual-homed with both internal 10. IP addresses and - Internet-routed IP addresses. In our example, 192.100.5.x represents the - Internet-routed IP block while 10.x.x.x represents the internal networks. - While it is not relevant to the example, 10.0.1.x is assigned as the - internal address block for the LAN on fxp0, 10.0.2.x for the LAN on fxp1, - and 10.0.3.x for the LAN on fxp2.</p> -<p class="Pp">In this example we want to isolate all three LANs from the - Internet as well as isolate them from each other, and we want to give all - internal addresses access to the Internet through a NAT gateway running on - this machine. To make the NAT gateway work, the firewall machine is given - two Internet-exposed addresses on fxp0 in addition to an internal 10. - address on fxp0: one exposed address (not shown) represents the machine's - official address, and the second exposed address (192.100.5.5 in our - example) represents the NAT gateway rendezvous IP. We make the example more - complex by giving the machines on the exposed LAN internal 10.0.0.x - addresses as well as exposed addresses. The idea here is that you can bind - internal services to internal addresses even on exposed machines and still - protect those services from the Internet. The only services you run on - exposed IP addresses would be the ones you wish to expose to the - Internet.</p> -<p class="Pp">It is important to note that the 10.0.0.x network in our example - is not protected by our firewall. You must make sure that your Internet - router protects this network from outside spoofing. Also, in our example, we - pretty much give the exposed hosts free reign on our internal network when - operating services through internal IP addresses (10.0.0.x). This is - somewhat of security risk: what if an exposed host is compromised? To remove - the risk and force everything coming in via LAN0 to go through the firewall, - remove rules 01010 and 01011.</p> -<p class="Pp">Finally, note that the use of internal addresses represents a big - piece of our firewall protection mechanism. With proper spoofing safeguards - in place, nothing outside can directly access an internal (LAN1 or LAN2) - host.</p> -<div class="Bd Pp Li"> -<pre># /etc/rc.conf -# -firewall_enable="YES" -firewall_type="/etc/ipfw.conf" - -# temporary port binding range let -# through the firewall. -# -# NOTE: heavily loaded services running through the firewall may require -# a larger port range for local-size binding. 4000-10000 or 4000-30000 -# might be a better choice. -ip_portrange_first=4000 -ip_portrange_last=5000 -...</pre> -</div> -<div class="Bd Pp Li"> -<pre># /etc/ipfw.conf -# -# FIREWALL: the firewall machine / nat gateway -# LAN0 10.0.0.X and 192.100.5.X (dual homed) -# LAN1 10.0.1.X -# LAN2 10.0.2.X -# sw: ethernet switch (unmanaged) -# -# 192.100.5.x represents IP addresses exposed to the Internet -# (i.e. Internet routeable). 10.x.x.x represent internal IPs -# (not exposed) -# -# [LAN1] -# ^ -# | -# FIREWALL -->[LAN2] -# | -# [LAN0] -# | -# +--> exposed host A -# +--> exposed host B -# +--> exposed host C -# | -# INTERNET (secondary firewall) -# ROUTER -# | -# [Internet] -# -# NOT SHOWN: The INTERNET ROUTER must contain rules to disallow -# all packets with source IP addresses in the 10. block in order -# to protect the dual-homed 10.0.0.x block. Exposed hosts are -# not otherwise protected in this example - they should only bind -# exposed services to exposed IPs but can safely bind internal -# services to internal IPs. -# -# The NAT gateway works by taking packets sent from internal -# IP addresses to external IP addresses and routing them to natd, which -# is listening on port 8668. This is handled by rule 00300. Data coming -# back to natd from the outside world must also be routed to natd using -# rule 00301. To make the example interesting, we note that we do -# NOT have to run internal requests to exposed hosts through natd -# (rule 00290) because those exposed hosts know about our -# 10. network. This can reduce the load on natd. Also note that we -# of course do not have to route internal<->internal traffic through -# natd since those hosts know how to route our 10. internal network. -# The natd command we run from /etc/rc.local is shown below. See -# also the in-kernel version of natd, ipnat. -# -# natd -s -u -a 208.161.114.67 -# -# -add 00290 skipto 1000 ip from 10.0.0.0/8 to 192.100.5.0/24 -add 00300 divert 8668 ip from 10.0.0.0/8 to not 10.0.0.0/8 -add 00301 divert 8668 ip from not 10.0.0.0/8 to 192.100.5.5 - -# Short cut the rules to avoid running high bandwidths through -# the entire rule set. Allow established tcp connections through, -# and shortcut all outgoing packets under the assumption that -# we need only firewall incoming packets. -# -# Allowing established tcp connections through creates a small -# hole but may be necessary to avoid overloading your firewall. -# If you are worried, you can move the rule to after the spoof -# checks. -# -add 01000 allow tcp from any to any established -add 01001 allow all from any to any out via fxp0 -add 01001 allow all from any to any out via fxp1 -add 01001 allow all from any to any out via fxp2 - -# Spoof protection. This depends on how well you trust your -# internal networks. Packets received via fxp1 MUST come from -# 10.0.1.x. Packets received via fxp2 MUST come from 10.0.2.x. -# Packets received via fxp0 cannot come from the LAN1 or LAN2 -# blocks. We cannot protect 10.0.0.x here, the Internet router -# must do that for us. -# -add 01500 deny all from not 10.0.1.0/24 in via fxp1 -add 01500 deny all from not 10.0.2.0/24 in via fxp2 -add 01501 deny all from 10.0.1.0/24 in via fxp0 -add 01501 deny all from 10.0.2.0/24 in via fxp0 - -# In this example rule set there are no restrictions between -# internal hosts, even those on the exposed LAN (as long as -# they use an internal IP address). This represents a -# potential security hole (what if an exposed host is -# compromised?). If you want full restrictions to apply -# between the three LANs, firewalling them off from each -# other for added security, remove these two rules. -# -# If you want to isolate LAN1 and LAN2, but still want -# to give exposed hosts free reign with each other, get -# rid of rule 01010 and keep rule 01011. -# -# (commented out, uncomment for less restrictive firewall) -#add 01010 allow all from 10.0.0.0/8 to 10.0.0.0/8 -#add 01011 allow all from 192.100.5.0/24 to 192.100.5.0/24 -# - -# SPECIFIC SERVICES ALLOWED FROM SPECIFIC LANS -# -# If using a more restrictive firewall, allow specific LANs -# access to specific services running on the firewall itself. -# In this case we assume LAN1 needs access to filesharing running -# on the firewall. If using a less restrictive firewall -# (allowing rule 01010), you do not need these rules. -# -add 01012 allow tcp from 10.0.1.0/8 to 10.0.1.1 139 -add 01012 allow udp from 10.0.1.0/8 to 10.0.1.1 137,138 - -# GENERAL SERVICES ALLOWED TO CROSS INTERNAL AND EXPOSED LANS -# -# We allow specific UDP services through: DNS lookups, ntalk, and ntp. -# Note that internal services are protected by virtue of having -# spoof-proof internal IP addresses (10. net), so these rules -# really only apply to services bound to exposed IPs. We have -# to allow UDP fragments or larger fragmented UDP packets will -# not survive the firewall. -# -# If we want to expose high-numbered temporary service ports -# for things like DNS lookup responses we can use a port range, -# in this example 4000-65535, and we set to /etc/rc.conf variables -# on all exposed machines to make sure they bind temporary ports -# to the exposed port range (see rc.conf example above) -# -add 02000 allow udp from any to any 4000-65535,domain,ntalk,ntp -add 02500 allow udp from any to any frag - -# Allow similar services for TCP. Again, these only apply to -# services bound to exposed addresses. NOTE: we allow 'auth' -# through but do not actually run an identd server on any exposed -# port. This allows the machine being authed to respond with a -# TCP RESET. Throwing the packet away would result in delays -# when connecting to remote services that do reverse ident lookups. -# -# Note that we do not allow tcp fragments through, and that we do -# not allow fragments in general (except for UDP fragments). We -# expect the TCP mtu discovery protocol to work properly so there -# should be no TCP fragments. -# -add 03000 allow tcp from any to any http,https -add 03000 allow tcp from any to any 4000-65535,ssh,smtp,domain,ntalk -add 03000 allow tcp from any to any auth,pop3,ftp,ftp-data - -# It is important to allow certain ICMP types through, here is a list -# of general ICMP types. Note that it is important to let ICMP type 3 -# through. -# -# 0 Echo Reply -# 3 Destination Unreachable (used by TCP MTU discovery, aka -# packet-too-big) -# 4 Source Quench (typically not allowed) -# 5 Redirect (typically not allowed - can be dangerous!) -# 8 Echo -# 11 Time Exceeded -# 12 Parameter Problem -# 13 Timestamp -# 14 Timestamp Reply -# -# Sometimes people need to allow ICMP REDIRECT packets, which is -# type 5, but if you allow it make sure that your Internet router -# disallows it. - -add 04000 allow icmp from any to any icmptypes 0,3,8,11,12,13,14 - -# log any remaining fragments that get through. Might be useful, -# otherwise do not bother. Have a final deny rule as a safety to -# guarantee that your firewall is inclusive no matter how the kernel -# is configured. -# -add 05000 deny log ip from any to any frag -add 06000 deny all from any to any</pre> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="PORT_BINDING_INTERNAL_AND_EXTERNAL_SERVICES"><a class="permalink" href="#PORT_BINDING_INTERNAL_AND_EXTERNAL_SERVICES">PORT - BINDING INTERNAL AND EXTERNAL SERVICES</a></h1> -<p class="Pp">We have mentioned multi-homing hosts and binding services to - internal or external addresses but we have not really explained it. When you - have a host with multiple IP addresses assigned to it, you can bind services - run on that host to specific IPs or interfaces rather than all IPs. Take the - firewall machine for example: with three interfaces and two exposed IP - addresses on one of those interfaces, the firewall machine is known by 5 - different IP addresses (10.0.0.1, 10.0.1.1, 10.0.2.1, 192.100.5.5, and say - 192.100.5.1). If the firewall is providing file sharing services to the - windows LAN segment (say it is LAN1), you can use samba's 'bind interfaces' - directive to specifically bind it to just the LAN1 IP address. That way the - file sharing services will not be made available to other LAN segments. The - same goes for NFS. If LAN2 has your UNIX engineering workstations, you can - tell nfsd to bind specifically to 10.0.2.1. You can specify how to bind - virtually every service on the machine and you can use a light - <a class="Xr">jail(8)</a> to indirectly bind services that do not otherwise - give you the option.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">dummynet(4)</a>, <a class="Xr">ipnat(5)</a>, - <a class="Xr">rc.conf(5)</a>, <a class="Xr">smb.conf(5)</a> - (<span class="Pa">ports/net/samba</span>), <a class="Xr">samba(7)</a> - (<span class="Pa">ports/net/samba</span>), <a class="Xr">config(8)</a>, - <a class="Xr">ipfw(8)</a>, <a class="Xr">ipnat(8)</a>, - <a class="Xr">jail(8)</a>, <a class="Xr">natd(8)</a>, - <a class="Xr">nfsd(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="ADDITIONAL_READING"><a class="permalink" href="#ADDITIONAL_READING">ADDITIONAL - READING</a></h1> -<dl class="Bl-tag"> - <dt><code class="Nm">Ipfilter</code></dt> - <dd><a class="Xr">ipf(5)</a>, <a class="Xr">ipf(8)</a>, - <a class="Xr">ipfstat(8)</a></dd> - <dt><code class="Nm">Packet Filter</code></dt> - <dd><a class="Xr">pf.conf(5)</a>, <a class="Xr">pfctl(8)</a>, - <a class="Xr">pflogd(8)</a></dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">firewall</code> manual page was originally - written by <span class="An">Matthew Dillon</span> and first appeared in - <span class="Ux">FreeBSD 4.3</span>, May 2001.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">May 26, 2001</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/freebsd-base.7 3.html b/static/freebsd/man7/freebsd-base.7 3.html deleted file mode 100644 index eebb21cc..00000000 --- a/static/freebsd/man7/freebsd-base.7 3.html +++ /dev/null @@ -1,236 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">FREEBSD-BASE(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">FREEBSD-BASE(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">freebsd-base</code> — - <span class="Nd">base system packages</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <span class="Ux">FreeBSD</span> base system may be installed - as a set of <a class="Xr">pkg(8)</a> packages, which supersedes the - traditional method of installing using <a class="Xr">tar(1)</a> - archives.</p> -<p class="Pp">All base packages have names beginning with the string - “FreeBSD-”, and have an origin beginning with - “base/”. In the default system configuration, the repository - containing these packages is called “FreeBSD-base”, but any - name may be used. The repository name can be used with - <a class="Xr">pkg(8)</a> to restrict package operations to the base system - packages.</p> -<p class="Pp">Packages for all supported <span class="Ux">FreeBSD</span> - releases as well as active “STABLE” and - “CURRENT” branches are hosted on the Internet at - <a class="Lk" href="https://pkg.freebsd.org">https://pkg.freebsd.org</a>. - These packages are updated when new errata or security updates are released - (for supported release versions), or twice daily for development - branches.</p> -<p class="Pp">Alternatively, packages may be built from the system source tree - according to the instructions in <a class="Xr">build(7)</a>, allowing the - system to be updated from source code using packages.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="PACKAGE_ORGANISATION"><a class="permalink" href="#PACKAGE_ORGANISATION">PACKAGE - ORGANISATION</a></h1> -<p class="Pp">To allow customisation of the installed system, each package is - split into several subpackages which contain different components of the - package. For the package - <a class="permalink" href="#FreeBSD-foo"><b class="Sy" id="FreeBSD-foo">FreeBSD-foo</b></a>, - the following subpackages may be available:</p> -<p class="Pp"></p> -<dl class="Bl-tag Bl-compact"> - <dt id="Package"><a class="permalink" href="#Package"><b class="Sy">Package - name</b></a></dt> - <dd><a class="permalink" href="#Description"><b class="Sy" id="Description">Description</b></a></dd> - <dt>FreeBSD-foo</dt> - <dd>Base files for the package (typically executables)</dd> - <dt>FreeBSD-foo-lib</dt> - <dd>Native runtime libraries</dd> - <dt>FreeBSD-foo-lib32</dt> - <dd>32-bit compatibility runtime libraries</dd> - <dt>FreeBSD-foo-dev</dt> - <dd>Development files (headers and static libraries)</dd> - <dt>FreeBSD-foo-dev-lib32</dt> - <dd>32-bit development files</dd> - <dt>FreeBSD-foo-dbg</dt> - <dd>Debugging symbols</dd> - <dt id="WITH_MANSPLITPKG">FreeBSD-foo-man</dt> - <dd>Manual pages. Manual pages are only packaged separately if the - <a class="permalink" href="#WITH_MANSPLITPKG"><b class="Sy">WITH_MANSPLITPKG</b></a> - <a class="Xr">src.conf(5)</a> option was enabled when building the system, - which is not the default.</dd> -</dl> -<p class="Pp" id="dev">The exact set of available subpackages differs for each - individual package. For example, some packages may not provide any - development files, in which case the - <a class="permalink" href="#dev"><b class="Sy">-dev</b></a> subpackage is - not present.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="PACKAGE_SETS"><a class="permalink" href="#PACKAGE_SETS">PACKAGE - SETS</a></h1> -<p class="Pp">Package sets are meta-packages which do not contain any files - themselves, but depend on a selection of other packages, such that each - package set allows the complete set of packages for a supported workload to - be installed.</p> -<p class="Pp" id="FreeBSD-set-_name_">Package sets are provided as packages - named - <a class="permalink" href="#FreeBSD-set-_name_"><b class="Sy">FreeBSD-set-<name></b></a>. - The following package sets are available in the base system:</p> -<dl class="Bl-tag"> - <dt>minimal</dt> - <dd>The minimal set of packages required to bring up a multi-user - <span class="Ux">FreeBSD</span> system. This includes the core system, - along with packages required for hardware support (such as - <a class="Xr">devmatch(8)</a> and downloadable firmware), and basic - networking, including DHCP and IEEE Std 802.11™ wireless - networks.</dd> - <dt>minimal-jail</dt> - <dd>The equivalent of <b class="Sy">minimal</b> for systems running in a - <a class="Xr">jail(8)</a> environment. This set excludes hardware support - not typically required for jails.</dd> - <dt>devel</dt> - <dd>Development tools, including C/C++ compilers, the link loader, and other - tools such as <a class="Xr">ar(1)</a> and <a class="Xr">nm(1)</a>. This - set also includes native development files (headers and static libraries) - for all packages.</dd> - <dt>optional</dt> - <dd>Optional software which is not part of either the <b class="Sy">devel</b> - or <b class="Sy">minimal</b> sets.</dd> - <dt>optional-jail</dt> - <dd>The equivalent of <b class="Sy">optional</b> for systems running in a - <a class="Xr">jail(8)</a> environment. This set excludes system - functionality which typically does not work or is not useful in a - jail.</dd> - <dt>lib32</dt> - <dd>32-compatibility libraries, for running 32-bit applications on a 64-bit - host system. This set includes both runtime libraries and development - files.</dd> - <dt>base</dt> - <dd>The complete base system, excluding tests, the system source code, and - debugging symbols. Installing the <b class="Sy">base</b> set is equivalent - to installing <b class="Sy">minimal</b>, <b class="Sy">devel</b> and - <b class="Sy">optional</b>.</dd> - <dt id="base-jail">base-jail</dt> - <dd>The equivalent of <b class="Sy">base</b> for systems running in a - <a class="Xr">jail(8)</a> environment. This set excludes system - functionality which typically does not work or is not useful in a jail. - Installing the - <a class="permalink" href="#base-jail"><b class="Sy">base-jail</b></a> set - is equivalent to installing <b class="Sy">minimal-jail</b>, - <b class="Sy">devel</b> and - <a class="permalink" href="#optional-jail"><b class="Sy" id="optional-jail">optional-jail</b></a>.</dd> - <dt>src</dt> - <dd>The system source tree for the userland and kernel, installed in - <span class="Pa">/usr/src</span>.</dd> - <dt>tests</dt> - <dd>The system test suite, installed in - <span class="Pa">/usr/tests</span>.</dd> - <dt>kernels</dt> - <dd>All available system kernels.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<section class="Ss"> -<h2 class="Ss" id="Install_a_single_piece_of_userland"><a class="permalink" href="#Install_a_single_piece_of_userland">Install - a single piece of userland</a></h2> -<p class="Pp">Install the <a class="Xr">vi(1)</a> text editor on the running - system:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>pkg install FreeBSD-vi</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Install_userland_to_a_jail"><a class="permalink" href="#Install_userland_to_a_jail">Install - userland to a jail</a></h2> -<p class="Pp">Install a new <a class="Xr">jail(8)</a> system using the - <b class="Sy">minimal-jail</b> package set:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>pkg -r /jails/myjail install FreeBSD-set-minimal-jail</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Install_native_compilers"><a class="permalink" href="#Install_native_compilers">Install - native compilers</a></h2> -<p class="Pp">Install C/C++ compilers on the running system:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>pkg install FreeBSD-set-devel</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Update_the_currently_running_system"><a class="permalink" href="#Update_the_currently_running_system">Update - the currently running system</a></h2> -<p class="Pp">Apply available updates to the running system:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>pkg upgrade -r FreeBSD-base</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Install_cross_compilers"><a class="permalink" href="#Install_cross_compilers">Install - cross compilers</a></h2> -<p class="Pp">Install the development toolchain for FreeBSD/powerpc64le in an - alternate root (for example, to support cross-compiling software for a - different target than the host system):</p> -<div class="Bd Pp Bd-indent Li"> -<pre>pkg -r /ppcdev -oABI=FreeBSD:16:powerpc64le \ - install FreeBSD-set-devel</pre> -</div> -</section> -<section class="Ss"> -<h2 class="Ss" id="Unregister_a_currently_running_system"><a class="permalink" href="#Unregister_a_currently_running_system">Unregister - a currently running system</a></h2> -<p class="Pp">Systems managed through <a class="Xr">pkg(8)</a> can be - unregistered from the package manager — for example to upgrade - in-place via “make installworld”. See - <a class="Xr">build(7)</a>.</p> -<p class="Pp">To unregister the base system from the package manager:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>pkg unregister -fg 'FreeBSD-\*'</pre> -</div> -<p class="Pp">Then, disable the base system package repository. If a - configuration file was created in - <span class="Pa">/usr/local/etc/pkg/repos/</span> to enable base system - packages, remove it:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>rm /usr/local/etc/pkg/repos/FreeBSD-base.conf</pre> -</div> -<p class="Pp">Alternatively, if it is desired to keep it, edit the file and - change “<code class="Li">enabled:</code>” to - “<code class="Li">no</code>” to disable the entry.</p> -<p class="Pp" id="Warning"><a class="permalink" href="#Warning"><b class="Sy">Warning</b></a>: - This is a destructive action which will prevent updating the base system via - <a class="Xr">pkg(8)</a>.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">build(7)</a>, <a class="Xr">pkg(8)</a>, - <a class="Xr">src.conf(5)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">Support for installing the base system as packages was introduced - in <span class="Ux">FreeBSD 15.0</span>. Earlier releases supported a subset - of this functionality. Support for unregistering an existing installation - appeared in pkg 2.5.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="CAVEATS"><a class="permalink" href="#CAVEATS">CAVEATS</a></h1> -<p class="Pp">Upgrading from a RELEASE to a STABLE or CURRENT branch requires - “<code class="Li">pkg upgrade -f</code>”.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">April 14, 2026</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/growfs.7 3.html b/static/freebsd/man7/growfs.7 3.html deleted file mode 100644 index 36f73630..00000000 --- a/static/freebsd/man7/growfs.7 3.html +++ /dev/null @@ -1,122 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">GROWFS(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">GROWFS(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">growfs</code>, - <code class="Nm">growfs_fstab</code> — <span class="Nd">start up - scripts to grow the root file system and add swap</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <code class="Nm">growfs</code> script normally runs at the - first boot after system installation. If the boot disk is larger than the - root file system and boot partitions, and the root file system is in the - last partition, <code class="Nm">growfs</code> can expand the root file - system. It can also add a swap partition, with a default size of 10% of the - boot disk. Swap is limited to twice the memory size up to 4 GB, 8 GB up to 8 - GB of memory, and memory size over 8 GB. It is also limited to the - <a class="Xr">sysctl(8)</a> value of - <code class="Li">vm.swap_maxpages</code> divided by 2. By default, no swap - partition is created if an existing swap partition is found or is listed in - <span class="Pa">/etc/fstab</span>, or the disk is under 15 GB. The - <code class="Nm">growfs_fstab</code> script adds any new swap partition to - <span class="Pa">/etc/fstab</span> after the root file system is made - writable, and enables its use as a dump partition if the - <var class="Va">dumpdev</var> variable from <a class="Xr">rc.conf(5)</a> is - set to <code class="Li">AUTO</code>.</p> -<p class="Pp">The following options in <span class="Pa">/etc/rc.conf</span> - control the behavior of <code class="Nm">growfs</code>:</p> -<div class="Bd-indent"> -<dl class="Bl-tag"> - <dt id="growfs_enable"><var class="Va">growfs_enable</var></dt> - <dd>(“<code class="Li">NO</code>”) If set to - “<code class="Li">YES</code>”, the first time the machine - boots, the root file system will be automatically expanded, if possible, - to fill up all available space after it, after optionally adding a swap - device at the end.</dd> - <dt id="growfs_swap_size"><var class="Va">growfs_swap_size</var></dt> - <dd>(“<code class="Li"></code>”) If set to - “<code class="Li">0</code>”, the addition of a swap - partition is disabled. An empty value - (“<code class="Li"></code>”) allows the creation of a swap - partition with the default size. If set to another value, the swap - partition will be created with the specified size in bytes, even if - another swap partition is detected.</dd> -</dl> -</div> -<p class="Pp">A setting for <var class="Va">growfs_swap_size</var> can be set in - the kernel environment, in which case it overrides the value from - <span class="Pa">/etc/rc.conf</span>.</p> -<p class="Pp">To expand the root file system without rebooting, run the - following command:</p> -<div class="Bd Bd-indent"><code class="Li">% /etc/rc.d/growfs - onestart</code></div> -In addition, if a swap partition is added, run the command: -<div class="Bd Bd-indent"><code class="Li">% /etc/rc.d/growfs_fstab - onestart</code></div> -Note that if a disk is expanded again, and if the root file system had - previously been expanded and a swap partition added, it is necessary to delete - the swap partition before this procedure in order to expand the root file - system to the new size. A new swap partition can be created during the - expansion. -</section> -<section class="Sh"> -<h1 class="Sh" id="IMPLEMENTATION_NOTES"><a class="permalink" href="#IMPLEMENTATION_NOTES">IMPLEMENTATION - NOTES</a></h1> -<p class="Pp">The <code class="Nm">growfs</code> script only attempts to expand - the root file system, and free space must be available immediately after the - root partition. It is normally used on images that have a single file - system. The script requires that <a class="Xr">awk(1)</a> be present and in - the path. This usually means that <span class="Pa">/usr</span> must be - available prior to running the script.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/etc/fstab</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/etc/rc.conf</span></dt> - <dd style="width: auto;"> </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXIT_STATUS"><a class="permalink" href="#EXIT_STATUS">EXIT - STATUS</a></h1> -<p class="Pp">The <code class="Nm">growfs</code> utility exits 0 on - success, and >0 if an error occurs.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">fstab(5)</a>, <a class="Xr">rc.conf(5)</a>, - <a class="Xr">growfs(8)</a>, <a class="Xr">zpool(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">growfs</code> manual page first appeared in - <span class="Ux">FreeBSD 10.1</span>. The ability to add a swap partition - was added in <span class="Ux">FreeBSD 13.2</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">The man page and script were written by <span class="An">John-Mark - Gurney</span> - <<a class="Mt" href="mailto:jmg@FreeBSD.org">jmg@FreeBSD.org</a>>. The - ability to create a swap partition was added by - <br/> - <span class="An">Michael Karels</span> - <<a class="Mt" href="mailto:karels@FreeBSD.org">karels@FreeBSD.org</a>>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">November 22, 2022</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/hier.7 3.html b/static/freebsd/man7/hier.7 3.html deleted file mode 100644 index d4e024a0..00000000 --- a/static/freebsd/man7/hier.7 3.html +++ /dev/null @@ -1,823 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">HIER(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">HIER(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">hier</code> — <span class="Nd">index of - <span class="Ux">FreeBSD</span> file system hierarchy</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<dl class="Bl-tag"> - <dt><span class="Pa">/</span></dt> - <dd>root directory of the file system</dd> - <dt><span class="Pa">/COPYRIGHT</span></dt> - <dd><span class="Ux">FreeBSD</span> copyright information</dd> - <dt><span class="Pa">/bin/</span></dt> - <dd>fundamental <span class="Ux">BSD</span> user utilities; see - <a class="Xr">intro(1)</a></dd> - <dt><span class="Pa">/boot/</span></dt> - <dd>programs and configurations used during <span class="Ux">FreeBSD</span> - <a class="Xr">boot(8)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">defaults/</span></dt> - <dd>default boot configuration files; see - <a class="Xr">loader.conf(5)</a></dd> - <dt><span class="Pa">device.hints</span></dt> - <dd>kernel variables for controlling drivers; see - <a class="Xr">device.hints(5)</a></dd> - <dt><span class="Pa">dtb/</span></dt> - <dd>compiled flattened device tree (FDT) files; see - <a class="Xr">fdt(4)</a> and <a class="Xr">dtc(1)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">overlays/</span></dt> - <dd>compiled <a class="Xr">fdt(4)</a> overlays; see - <var class="Va">fdt_overlays</var> in - <a class="Xr">loader.conf(5)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">efi/</span></dt> - <dd>the <a class="Xr">uefi(8)</a> EFI System Partition (ESP) mount - point</dd> - <dt><span class="Pa">firmware/</span></dt> - <dd>loadable binary firmware kernel modules</dd> - <dt><span class="Pa">fonts/</span></dt> - <dd>binary bitmap console fonts; see <a class="Xr">loader.conf(5)</a> and - <a class="Xr">vtfontcvt(8)</a></dd> - <dt><span class="Pa">images/</span></dt> - <dd>beastie boot menu images; see <a class="Xr">loader_lua(8)</a></dd> - <dt><span class="Pa">kernel/</span></dt> - <dd><span class="Ux">FreeBSD</span> kernel and modules; see - <a class="Xr">kldstat(8)</a></dd> - <dt><span class="Pa">kernel.old/</span></dt> - <dd>alternative kernel and modules</dd> - <dt><span class="Pa">loader.conf</span></dt> - <dd>boot loader configuration; see <a class="Xr">loader.conf(5)</a></dd> - <dt><span class="Pa">loader.conf.d/</span></dt> - <dd><a class="Xr">loader.conf(5)</a> configuration files</dd> - <dt><span class="Pa">lua/</span></dt> - <dd>scripts for the Lua boot loader; see - <a class="Xr">loader_lua(8)</a></dd> - <dt><span class="Pa">modules/</span></dt> - <dd>third-party loadable kernel modules, such as those installed with - <a class="Xr">pkg(8)</a> or from <a class="Xr">ports(7)</a></dd> - <dt><span class="Pa">zfs/</span></dt> - <dd>ZFS <a class="Xr">zpool(8)</a> cache files</dd> - </dl> - </dd> - <dt><span class="Pa">/compat/</span></dt> - <dd>files supporting binary compatibility with other operating systems - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">linux/</span></dt> - <dd>default location for <a class="Xr">linux(4)</a> compatibility - run-time</dd> - </dl> - </dd> - <dt><span class="Pa">/dev/</span></dt> - <dd>device nodes and special files; see <a class="Xr">intro(4)</a> and - <a class="Xr">devfs(4)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">ada0</span></dt> - <dd>first ATA storage device</dd> - <dt><span class="Pa">ada0p1</span></dt> - <dd>first partition on ada0</dd> - <dt><span class="Pa">cd0</span></dt> - <dd>first optical drive</dd> - <dt><span class="Pa">cuaU0</span></dt> - <dd>first USB serial port; see <a class="Xr">cu(1)</a></dd> - <dt><span class="Pa">da0</span></dt> - <dd>first SCSI storage device</dd> - <dt><span class="Pa">da0s1</span></dt> - <dd>first partition on da0</dd> - <dt><span class="Pa">dri/</span></dt> - <dd>GPU character device nodes; see <a class="Xr">drm(7)</a></dd> - <dt><span class="Pa">drm/</span></dt> - <dd>GPU <a class="Xr">drm(7)</a> special files</dd> - <dt><span class="Pa">fd/</span></dt> - <dd>file descriptor files; see <a class="Xr">fd(4)</a></dd> - <dt><span class="Pa">fd0</span></dt> - <dd>first floppy drive</dd> - <dt><span class="Pa">gpt/</span></dt> - <dd>storage partitions by GPT label</dd> - <dt><span class="Pa">mmcsd0</span></dt> - <dd>first SD storage device</dd> - <dt><span class="Pa">mmcsd0s1</span></dt> - <dd>first partition on mmcsd0</dd> - <dt><span class="Pa">nda0</span></dt> - <dd>first NVMe storage device attached via <a class="Xr">cam(3)</a></dd> - <dt><span class="Pa">null</span></dt> - <dd>infinite loop that accepts anything and contains nothing</dd> - <dt><span class="Pa">nvd0</span></dt> - <dd>first NVMe storage device using NVMe namespaces</dd> - <dt><span class="Pa">pts/</span></dt> - <dd>pseudo-terminals; see <a class="Xr">pts(4)</a></dd> - <dt><span class="Pa">random</span></dt> - <dd>source of weak randomness; see <a class="Xr">random(4)</a></dd> - <dt><span class="Pa">sa0</span></dt> - <dd>first tape drive</dd> - <dt><span class="Pa">usb/</span></dt> - <dd>USB busses</dd> - <dt><span class="Pa">vmm/</span></dt> - <dd>active <a class="Xr">bhyve(8)</a> virtual machines</dd> - <dt><span class="Pa">zvol/</span></dt> - <dd><a class="Xr">zfs(8)</a> volumes</dd> - </dl> - </dd> - <dt><span class="Pa">/entropy</span></dt> - <dd>provides initial state to RNG; see <a class="Xr">save-entropy(8)</a></dd> - <dt><span class="Pa">/etc/</span></dt> - <dd>base system configuration files and scripts; see - <a class="Xr">intro(5)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">auto_master</span></dt> - <dd>autofs <a class="Xr">automount(8)</a> configuration</dd> - <dt><span class="Pa">bluetooth/</span></dt> - <dd>bluetooth configuration files</dd> - <dt><span class="Pa">cron.d/</span></dt> - <dd>tables for driving scheduled tasks; see - <a class="Xr">crontab(5)</a></dd> - <dt><span class="Pa">crontab</span></dt> - <dd>root's cron table</dd> - <dt><span class="Pa">defaults/</span></dt> - <dd>default system configuration files; see <a class="Xr">rc(8)</a></dd> - <dt><span class="Pa">devd/</span></dt> - <dd>configuration for <a class="Xr">devd(8)</a>, the device state change - daemon</dd> - <dt><span class="Pa">devfs.conf</span></dt> - <dd>boot time device configuration</dd> - <dt><span class="Pa">dma/</span></dt> - <dd>configuration for <a class="Xr">dma(8)</a></dd> - <dt><span class="Pa">freebsd-update.conf</span></dt> - <dd>configuration for the base system updater; see - <a class="Xr">freebsd-update(8)</a></dd> - <dt><span class="Pa">fstab</span></dt> - <dd>static filesystem configuration; see <a class="Xr">fstab(5)</a></dd> - <dt><span class="Pa">hosts</span></dt> - <dd>database of local hosts if no network name server is running</dd> - <dt><span class="Pa">inetd.conf</span></dt> - <dd>configuration for <span class="Ux">BSD</span> heritage internet - servers; see <a class="Xr">inetd(8)</a></dd> - <dt><span class="Pa">localtime</span></dt> - <dd>local timezone information; see <a class="Xr">ctime(3)</a></dd> - <dt><span class="Pa">jail.conf.d/</span></dt> - <dd><a class="Xr">jail(8)</a> startup scripts</dd> - <dt><span class="Pa">login.conf</span></dt> - <dd>login class capability database; see - <a class="Xr">login.conf(5)</a></dd> - <dt><span class="Pa">machine-id</span></dt> - <dd>defines the UUID for the local system, required for dbus</dd> - <dt><span class="Pa">mail/</span></dt> - <dd><a class="Xr">sendmail(8)</a> control files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">aliases</span></dt> - <dd>addresses to deliver system mail</dd> - <dt><span class="Pa">mailer.conf</span></dt> - <dd><a class="Xr">mailwrapper(8)</a> configuration</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">motd.template</span></dt> - <dd>message displayed upon tty login; see <a class="Xr">motd(5)</a></dd> - <dt><span class="Pa">mtree/</span></dt> - <dd>system mapper specification; see <a class="Xr">mtree(8)</a></dd> - <dt><span class="Pa">newsyslog.conf.d/</span></dt> - <dd>log rotation configuration files.</dd> - <dt><span class="Pa">ntp/</span></dt> - <dd>stored time for the Network Time Protocol</dd> - <dt><span class="Pa">ntp.conf</span></dt> - <dd>configuration for the NTP client, <a class="Xr">ntpd(8)</a></dd> - <dt><span class="Pa">pam.d/</span></dt> - <dd>configuration files for the Pluggable Authentication Modules (PAM) - library; see <a class="Xr">pam(3)</a></dd> - <dt><span class="Pa">periodic/</span></dt> - <dd>scripts that are run daily, weekly, or monthly by - <a class="Xr">cron(8)</a>; see <a class="Xr">periodic(8)</a></dd> - <dt><span class="Pa">pf.conf</span></dt> - <dd>configuration for the Packet Filter firewall; see - <a class="Xr">pf(4)</a></dd> - <dt><span class="Pa">pkg/</span></dt> - <dd>default configuration for the package manager, - <a class="Xr">pkg(8)</a></dd> - <dt><span class="Pa">ppp/</span></dt> - <dd>PPP configuration files; see <a class="Xr">ppp(8)</a></dd> - <dt><span class="Pa">rc.conf</span></dt> - <dd>system and daemon configuration; see <a class="Xr">rc.conf(5)</a></dd> - <dt><span class="Pa">rc.d/</span></dt> - <dd>system and daemon startup/control scripts; see - <a class="Xr">rc(8)</a></dd> - <dt><span class="Pa">resolv.conf</span></dt> - <dd>DNS configuration; see <a class="Xr">resolv.conf(5)</a></dd> - <dt><span class="Pa">resolvconf.conf</span></dt> - <dd>DNS configuration manager configuration, often generated by - local-unbound; see <a class="Xr">local-unbound(8)</a> or - <a class="Xr">resolvconf(8)</a></dd> - <dt><span class="Pa">security/</span></dt> - <dd>OpenBSM audit configuration files; see <a class="Xr">audit(8)</a></dd> - <dt><span class="Pa">ssh/</span></dt> - <dd>OpenSSH configuration files; see <a class="Xr">ssh(1)</a></dd> - <dt><span class="Pa">ssl/</span></dt> - <dd>OpenSSL configuration files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">cert.pem</span></dt> - <dd>System trust store in bundle form; see - <a class="Xr">certctl(8)</a>.</dd> - <dt><span class="Pa">certs/</span></dt> - <dd>System trust store in OpenSSL hashed-directory form; see - <a class="Xr">certctl(8)</a>.</dd> - <dt><span class="Pa">openssl.cnf</span></dt> - <dd>OpenSSL configuration file; see - <a class="Xr">openssl.cnf(5)</a>.</dd> - <dt><span class="Pa">untrusted/</span></dt> - <dd>Explicitly distrusted certificates; see - <a class="Xr">certctl(8)</a>.</dd> - </dl> - </dd> - <dt><span class="Pa">sysctl.conf</span></dt> - <dd>kernel state defaults; see <a class="Xr">sysctl.conf(5)</a></dd> - <dt><span class="Pa">syslog.conf</span></dt> - <dd>system message log configuration</dd> - <dt><span class="Pa">ttys</span></dt> - <dd>tty creation configuration; see <a class="Xr">getty(8)</a></dd> - <dt><span class="Pa">wpa_supplicant.conf</span></dt> - <dd>client wifi configuration; see - <a class="Xr">wpa_supplicant.conf(5)</a></dd> - </dl> - </dd> - <dt><span class="Pa">/home/</span></dt> - <dd>home directories for users; the typical home for an interactive user - <var class="Va">beastie</var> would be - <span class="Pa">/home/beastie/</span></dd> - <dt><span class="Pa">/lib/</span></dt> - <dd>system libraries critical to binaries in <span class="Pa">/bin</span> and - <span class="Pa">/sbin</span> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">geom/</span></dt> - <dd>class-specific libraries for the <a class="Xr">geom(8)</a> - utility</dd> - <dt><span class="Pa">nvmecontrol/</span></dt> - <dd>vendor-specific libraries to extend the - <a class="Xr">nvmecontrol(8)</a> utility</dd> - </dl> - </dd> - <dt><span class="Pa">/libexec/</span></dt> - <dd>system utilities critical to binaries in <span class="Pa">/bin</span> and - <span class="Pa">/sbin</span></dd> - <dt><span class="Pa">/media/</span></dt> - <dd>mount points for removable storage media such as CDs, DVDs, and USB - drives; see <a class="Xr">automount(8)</a>, or - <a class="Xr">bsdisks(8)</a> if a using a desktop environment from - <a class="Xr">ports(7)</a></dd> - <dt><span class="Pa">/mnt/</span></dt> - <dd>empty directory commonly used by system administrators as a temporary - mount point</dd> - <dt><span class="Pa">/net/</span></dt> - <dd>automounted NFS shares; see <a class="Xr">auto_master(5)</a></dd> - <dt><span class="Pa">/nonexistent/</span></dt> - <dd>a non-existent directory; by convention, it serves as a home directory for - user accounts that need no home directory; see also - <span class="Pa">/var/empty/</span></dd> - <dt><span class="Pa">/proc/</span></dt> - <dd>process file system; see <a class="Xr">procfs(4)</a></dd> - <dt><span class="Pa">/rescue/</span></dt> - <dd>statically linked programs for emergency recovery; see - <a class="Xr">rescue(8)</a></dd> - <dt><span class="Pa">/root/</span></dt> - <dd>home directory of the root user</dd> - <dt><span class="Pa">/sbin/</span></dt> - <dd>fundamental <span class="Ux">BSD</span> system administration utilities; - see <a class="Xr">intro(8)</a></dd> - <dt><span class="Pa">/tmp/</span></dt> - <dd>temporary files commonly removed between system reboots; see - <var class="Va">clear_tmp_enable</var> in - <a class="Xr">rc.conf(5)</a></dd> - <dt><span class="Pa">/usr/</span></dt> - <dd>contains the majority of user utilities and applications - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">bin/</span></dt> - <dd>common utilities, programming tools, and applications; see - <a class="Xr">intro(1)</a></dd> - <dt><span class="Pa">freebsd-dist/</span></dt> - <dd>distribution files (like base.txz); see <a class="Xr">release(7)</a> - and <a class="Xr">bsdinstall(8)</a></dd> - <dt><span class="Pa">include/</span></dt> - <dd>standard C include header files</dd> - <dt><span class="Pa">lib/</span></dt> - <dd>shared and <a class="Xr">ar(1)</a>-type libraries; see - <a class="Xr">intro(3)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">clang/</span></dt> - <dd>shared libraries for the system compiler, - <a class="Xr">clang(1)</a></dd> - <dt><span class="Pa">compat/</span></dt> - <dd>shared libraries for compatibility</dd> - <dt><span class="Pa">debug/</span></dt> - <dd>standalone debug data for the kernel and base system libraries and - binaries</dd> - <dt><span class="Pa">dtrace/</span></dt> - <dd><a class="Xr">dtrace(1)</a> library scripts</dd> - <dt><span class="Pa">engines/</span></dt> - <dd>OpenSSL (Cryptography/SSL toolkit) dynamically loadable - engines</dd> - <dt><span class="Pa">flua/</span></dt> - <dd><span class="Ux">FreeBSD</span> Lua shared libraries</dd> - <dt><span class="Pa">i18n/</span></dt> - <dd>shared libraries for internationalization</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">lib32/</span></dt> - <dd>32-bit compatibility libraries</dd> - <dt><span class="Pa">libdata/</span></dt> - <dd>miscellaneous utility data files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">ldscripts/</span></dt> - <dd>linker scripts; see <a class="Xr">ld(1)</a></dd> - <dt><span class="Pa">pkgconfig/</span></dt> - <dd>collections of compiler and linker flags for the - <a class="Xr">pkgconf(1)</a> development tool</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">libexec/</span></dt> - <dd>system daemons and utilities executed by programs - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">bsdconfig/</span></dt> - <dd>utilities called by the ncurses <span class="Ux">FreeBSD</span> - configuration wizard</dd> - <dt><span class="Pa">bsdinstall/</span></dt> - <dd>utilities for <a class="Xr">bsdinstall(8)</a></dd> - <dt><span class="Pa">dwatch/</span></dt> - <dd>profiles for <a class="Xr">dwatch(1)</a></dd> - <dt><span class="Pa">fwget/</span></dt> - <dd>utilities called by <a class="Xr">fwget(8)</a></dd> - <dt><span class="Pa">hyperv/</span></dt> - <dd>scripts for communicating with the Hyper-V hypervisor</dd> - <dt><span class="Pa">lpr/</span></dt> - <dd>utilities and filters for the line printer system; see - <a class="Xr">lpr(1)</a></dd> - <dt><span class="Pa">sendmail/</span></dt> - <dd>the <a class="Xr">sendmail(8)</a> binary; see - <a class="Xr">mailwrapper(8)</a></dd> - <dt><span class="Pa">sm.bin/</span></dt> - <dd>restricted shell for <a class="Xr">sendmail(8)</a>; see - <a class="Xr">smrsh(8)</a></dd> - <dt><span class="Pa">zfs/</span></dt> - <dd>Z file system utilities</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">local/</span></dt> - <dd>local executables, libraries, etc, installed by - <a class="Xr">pkg(7)</a> or <a class="Xr">ports(7)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">bin/</span></dt> - <dd>local user utilities, see <a class="Xr">intro(1)</a></dd> - <dt><span class="Pa">etc/</span></dt> - <dd>local program configurations</dd> - <dt><span class="Pa">include/</span></dt> - <dd>local library headers</dd> - <dt><span class="Pa">lib/</span></dt> - <dd>local libraries</dd> - <dt><span class="Pa">lib32/</span></dt> - <dd>local 32-bit compatibility libraries</dd> - <dt><span class="Pa">libdata/</span></dt> - <dd>local utility data files</dd> - <dt><span class="Pa">libexec/</span></dt> - <dd>utilities executed by local utilities</dd> - <dt><span class="Pa">sbin/</span></dt> - <dd>local administration utilities</dd> - <dt><span class="Pa">share/</span></dt> - <dd>local architecture-independent files</dd> - <dt><span class="Pa">share/doc/</span></dt> - <dd>local documentation</dd> - <dt><span class="Pa">share/doc/freebsd/</span></dt> - <dd>articles, books, FAQ, and handbooks available from the - <span class="Ux">FreeBSD</span> project</dd> - <dt><span class="Pa">share/man/</span></dt> - <dd>local manual pages; see <a class="Xr">man(1)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">obj/</span></dt> - <dd>architecture-specific target tree produced by building - <span class="Ux">FreeBSD</span> from source; see - <a class="Xr">build(7)</a></dd> - <dt><span class="Pa">ports/</span></dt> - <dd><span class="Ux">FreeBSD</span> ports collection; see - <a class="Xr">ports(7)</a></dd> - <dt><span class="Pa">sbin/</span></dt> - <dd>system daemons and utilities meant for user execution; see - <a class="Xr">intro(8)</a></dd> - <dt><span class="Pa">share/</span></dt> - <dd>architecture-independent files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">atf/</span></dt> - <dd>scripts for the Automated Testing Framework; see - <a class="Xr">ATF(7)</a></dd> - <dt><span class="Pa">bhyve/</span></dt> - <dd><a class="Xr">bhyve(8)</a> keyboard mappings</dd> - <dt><span class="Pa">calendar/</span></dt> - <dd>system-wide calendar files; see <a class="Xr">calendar(1)</a></dd> - <dt><span class="Pa">certs/</span></dt> - <dd>TLS certificates for <a class="Xr">openssl(1)</a></dd> - <dt><span class="Pa">dict/</span></dt> - <dd>word lists; see <a class="Xr">look(1)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">freebsd</span></dt> - <dd><span class="Ux">FreeBSD</span>-specific terms, proper names, - and jargon</dd> - <dt><span class="Pa">web2</span></dt> - <dd>words from Webster's Second International</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">doc/</span></dt> - <dd>miscellaneous documentation</dd> - <dt><span class="Pa">dtrace/</span></dt> - <dd>scripts for the Dynamic Tracing Compiler; see - <a class="Xr">dtrace(1)</a></dd> - <dt><span class="Pa">examples/</span></dt> - <dd>various examples for users and programmers</dd> - <dt><span class="Pa">firmware/</span></dt> - <dd>firmware images loaded by userland programs</dd> - <dt><span class="Pa">games/</span></dt> - <dd>ASCII text files used by <span class="Ux">BSD</span> heritage - games, see <a class="Xr">intro(6)</a></dd> - <dt><span class="Pa">keys/</span></dt> - <dd>known trusted and revoked keys - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">pkg/</span></dt> - <dd>fingerprints for <a class="Xr">pkg(7)</a> and - <a class="Xr">pkg(8)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">locale/</span></dt> - <dd>localization files; see <a class="Xr">setlocale(3)</a></dd> - <dt><span class="Pa">man/</span></dt> - <dd>system manual pages; see <a class="Xr">man(1)</a></dd> - <dt><span class="Pa">misc/</span></dt> - <dd>miscellaneous system-wide files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">ascii</span></dt> - <dd>chart of the ASCII codepoints</dd> - <dt><span class="Pa">flowers</span></dt> - <dd>the meanings of flowers</dd> - <dt><span class="Pa">magic</span></dt> - <dd>magic numbers used by <a class="Xr">file(1)</a></dd> - <dt><span class="Pa">termcap</span></dt> - <dd>terminal characteristics database; see - <a class="Xr">termcap(5)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">mk/</span></dt> - <dd>templates for make; see <a class="Xr">make(1)</a></dd> - <dt><span class="Pa">nls/</span></dt> - <dd>national language support files</dd> - <dt><span class="Pa">security/</span></dt> - <dd>data files for security policies such as - <a class="Xr">mac_lomac(4)</a></dd> - <dt><span class="Pa">sendmail/</span></dt> - <dd><a class="Xr">sendmail(8)</a> configuration files</dd> - <dt><span class="Pa">skel/</span></dt> - <dd>example <span class="Pa">.</span> (dot) files for new - accounts</dd> - <dt><span class="Pa">snmp/</span></dt> - <dd>MIBs, example files and tree definitions for the SNMP daemon - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">defs/</span></dt> - <dd>tree definition files for use with - <a class="Xr">gensnmptree(1)</a></dd> - <dt><span class="Pa">mibs/</span></dt> - <dd>management Information Base (MIB) files</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">syscons/</span></dt> - <dd><a class="Xr">syscons(4)</a> files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">fonts/</span></dt> - <dd>console fonts; see <a class="Xr">vidcontrol(1)</a> and - <a class="Xr">vidfont(1)</a></dd> - <dt><span class="Pa">keymaps/</span></dt> - <dd>console keyboard maps; see <a class="Xr">kbdcontrol(1)</a> and - <a class="Xr">kbdmap(1)</a></dd> - <dt><span class="Pa">scrnmaps/</span></dt> - <dd>console screen maps</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">sysroot/</span></dt> - <dd>files necessary for the -sysroot compiler/linker argument to build - non-native binaries - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">VERSION/</span></dt> - <dd>files for <span class="Ux">FreeBSD</span> release VERSION; by - convention, “VERSION” matches - <a class="Xr">uname(1)</a> <code class="Fl">-r</code></dd> - <dt><span class="Pa">VERSION/MACHINE.MACHINE_ARCH/</span></dt> - <dd>represent the binary ABI for these files; - “MACHINE” matches <a class="Xr">uname(1)</a> - <code class="Fl">-m</code>; “MACHINE_ARCH” - matches <a class="Xr">uname(1)</a> - <code class="Fl">-p</code></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">tabset/</span></dt> - <dd>tab description files for a variety of terminals; used in the - termcap file; see <a class="Xr">termcap(5)</a></dd> - <dt><span class="Pa">vi/</span></dt> - <dd>localization support and utilities for the <a class="Xr">vi(1)</a> - editor</dd> - <dt><span class="Pa">vt/</span></dt> - <dd>files used by the system console; see <a class="Xr">vt(4)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">fonts/</span></dt> - <dd>console fonts; see <a class="Xr">vidcontrol(1)</a>, - <a class="Xr">vidfont(1)</a>, and - <a class="Xr">vtfontcvt(8)</a></dd> - <dt><span class="Pa">keymaps/</span></dt> - <dd>console keyboard maps; see <a class="Xr">kbdcontrol(1)</a> and - <a class="Xr">kbdmap(1)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">zoneinfo/</span></dt> - <dd>timezone configuration information; see - <a class="Xr">tzfile(5)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">src/</span></dt> - <dd><span class="Ux">FreeBSD</span> source code; see - <a class="Xr">development(7)</a>; the layout of the source tree is - described by the top-level <span class="Pa">README.md</span> file - <p class="Pp"></p> - </dd> - <dt><span class="Pa">tests/</span></dt> - <dd>the <span class="Ux">FreeBSD</span> test suite; see - <a class="Xr">tests(7)</a></dd> - </dl> - </dd> - <dt><span class="Pa">/var/</span></dt> - <dd>log, temporary, transient, and spool files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">account/</span></dt> - <dd>system accounting files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">acct</span></dt> - <dd>execution accounting file; see <a class="Xr">acct(5)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">at/</span></dt> - <dd>timed command scheduling files; see <a class="Xr">at(1)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">jobs/</span></dt> - <dd>job files</dd> - <dt><span class="Pa">spool/</span></dt> - <dd>output spool files</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">audit/</span></dt> - <dd>security event audit trail files; see <a class="Xr">audit(8)</a></dd> - <dt><span class="Pa">authpf/</span></dt> - <dd>user shell sessions for authenticating gateways; see - <a class="Xr">authpf(8)</a></dd> - <dt><span class="Pa">backups/</span></dt> - <dd>critical system configuration backups</dd> - <dt><span class="Pa">cache/</span></dt> - <dd>miscellaneous cache files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">pkg/</span></dt> - <dd>cached packages for <a class="Xr">pkg(8)</a></dd> - <dt><span class="Pa">cups/</span></dt> - <dd>cached printers for the Common Unix Prinitng system; see - <a class="Xr">cups(1)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">crash/</span></dt> - <dd>default directory to store kernel crash dumps; see - <a class="Xr">crash(8)</a> and <a class="Xr">savecore(8)</a></dd> - <dt><span class="Pa">cron/</span></dt> - <dd>files used by cron; see <a class="Xr">cron(8)</a> - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">tabs/</span></dt> - <dd>crontab files; see <a class="Xr">crontab(5)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">db/</span></dt> - <dd>autogenerated system-specific database files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">etcupdate/</span></dt> - <dd>temporary files and log for <a class="Xr">etcupdate(8)</a></dd> - <dt><span class="Pa">freebsd-update/</span></dt> - <dd>downloads and temporary files for - <a class="Xr">freebsd-update(8)</a></dd> - <dt><span class="Pa">pkg/</span></dt> - <dd>package database</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">empty/</span></dt> - <dd>for use by programs that require an empty directory, used for instance - by <a class="Xr">sshd(8)</a> for privilege separation</dd> - <dt><span class="Pa">games/</span></dt> - <dd>status and score files for <span class="Ux">BSD</span> heritage - games</dd> - <dt><span class="Pa">heimdal/</span></dt> - <dd>Kerberos server databases; see <a class="Xr">kdc(8)</a></dd> - <dt><span class="Pa">lib/</span></dt> - <dd>state information for ported Linux applications</dd> - <dt><span class="Pa">log/</span></dt> - <dd>system log files - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">Xorg.0.log</span></dt> - <dd><a class="Xr">Xserver(1)</a> log, if <a class="Xr">X(7)</a> is - installed rotates to <span class="Pa">Xorg.0.log.old</span></dd> - <dt><span class="Pa">aculog</span></dt> - <dd>serial line access log; see <a class="Xr">cu(1)</a></dd> - <dt><span class="Pa">auth.log</span></dt> - <dd>system authentication log</dd> - <dt><span class="Pa">bsdinstall_log</span></dt> - <dd>system installation log</dd> - <dt><span class="Pa">cron</span></dt> - <dd>scheduled task log; see <a class="Xr">cron(8)</a></dd> - <dt><span class="Pa">cups/</span></dt> - <dd>logs for <a class="Xr">cups(1)</a></dd> - <dt><span class="Pa">daemon.log</span></dt> - <dd>default log for system daemons</dd> - <dt><span class="Pa">devd.log</span></dt> - <dd>default log for device state change daemon</dd> - <dt><span class="Pa">dmesg.today</span></dt> - <dd>kernel message buffer log, rotates to - <span class="Pa">dmesg.yesterday</span></dd> - <dt><span class="Pa">debug.log</span></dt> - <dd>undiscarded debug syslog messages</dd> - <dt><span class="Pa">lpd-errs</span></dt> - <dd>logs for the line printer spooler daemon; see - <a class="Xr">lpd(8)</a></dd> - <dt><span class="Pa">maillog</span></dt> - <dd><a class="Xr">sendmail(8)</a> log, rotates and compresses to - maillog.0.bz2</dd> - <dt><span class="Pa">messages</span></dt> - <dd>general system message log; see <a class="Xr">syslogd(8)</a></dd> - <dt><span class="Pa">mount.today</span></dt> - <dd>currently loaded <a class="Xr">fstab(5)</a>, rotates to - <span class="Pa">mount.yesterday</span></dd> - <dt><span class="Pa">pf.today</span></dt> - <dd>packet filter firewall log; see <a class="Xr">pf(4)</a></dd> - <dt><span class="Pa">pflog</span></dt> - <dd>saved packets caught by <a class="Xr">pflogd(8)</a></dd> - <dt><span class="Pa">ppp.log</span></dt> - <dd>see <a class="Xr">ppp(8)</a></dd> - <dt><span class="Pa">security</span></dt> - <dd>transcript of events marked with the security flag</dd> - <dt><span class="Pa">setuid.today</span></dt> - <dd>listing of executable files which run with elevated permissions, - rotates to <span class="Pa">setuid.yesterday</span></dd> - <dt><span class="Pa">userlog</span></dt> - <dd>logs changes in users or groups</dd> - <dt><span class="Pa">utx.lastlogin</span></dt> - <dd>last login log; see <a class="Xr">getutxent(3)</a></dd> - <dt><span class="Pa">utx.log</span></dt> - <dd>login/logout log; see <a class="Xr">getutxent(3)</a></dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">mail/</span></dt> - <dd>user mailbox files</dd> - <dt><span class="Pa">msgs/</span></dt> - <dd>system messages database; see <a class="Xr">msgs(1)</a></dd> - <dt><span class="Pa">preserve/</span></dt> - <dd>unused, present for historical reasons</dd> - <dt><span class="Pa">quotas/</span></dt> - <dd>UFS quota information files</dd> - <dt><span class="Pa">run/</span></dt> - <dd>files containing information about the operating system since it was - booted - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">bhyve/</span></dt> - <dd><a class="Xr">bhyve(8)</a> virtual machine - <a class="Xr">unix(4)</a>-domain sockets</dd> - <dt><span class="Pa">ppp/</span></dt> - <dd>writable by the “network” group for command - connection sockets; see <a class="Xr">ppp(8)</a></dd> - <dt><span class="Pa">utx.active</span></dt> - <dd>database of current users; see <a class="Xr">getutxent(3)</a></dd> - <dt><span class="Pa">wpa_supplicant/</span></dt> - <dd>IEEE Std. 802.11 wifi run time files</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">rwho/</span></dt> - <dd>information about other systems on the local network; see - <a class="Xr">rwhod(8)</a>, <a class="Xr">rwho(1)</a>, and - <a class="Xr">ruptime(1)</a></dd> - <dt><span class="Pa">spool/</span></dt> - <dd>printer and mail system spooling directories - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">clientmqueue/</span></dt> - <dd>undelivered submission mail queue; see - <a class="Xr">sendmail(8)</a></dd> - <dt><span class="Pa">cups/</span></dt> - <dd>print jobs and temporary files for <a class="Xr">cups(1)</a></dd> - <dt><span class="Pa">dma/</span></dt> - <dd>undelivered mail queue for <span class="Ux">DragonFly</span> Mail - Agent; see <a class="Xr">dma(8)</a></dd> - <dt><span class="Pa">lock/</span></dt> - <dd>serial device locks; see <a class="Xr">uucplock(3)</a></dd> - <dt><span class="Pa">lpd/</span></dt> - <dd>line printer spooler daemon spool</dd> - <dt><span class="Pa">mqueue/</span></dt> - <dd>undelivered mail queue for <a class="Xr">sendmail(8)</a></dd> - <dt><span class="Pa">output/</span></dt> - <dd>line printer spooling directories</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">tmp/</span></dt> - <dd>temporary files not removed between system reboots - <p class="Pp"></p> - <dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">vi.recover/</span></dt> - <dd>recovery files for the <a class="Xr">vi(1)</a> editor</dd> - </dl> - <p class="Pp"></p> - </dd> - <dt><span class="Pa">unbound/</span></dt> - <dd>files and configuration for <a class="Xr">unbound(8)</a></dd> - <dt><span class="Pa">yp/</span></dt> - <dd>the NIS maps; see <a class="Xr">yp(8)</a></dd> - </dl> - </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="NOTES"><a class="permalink" href="#NOTES">NOTES</a></h1> -<p class="Pp">This manual page documents the default - <span class="Ux">FreeBSD</span> file system layout. The actual hierarchy on - a given system is defined at the system administrator's discretion. A - well-maintained installation will include a customized version of this - document.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">apropos(1)</a>, <a class="Xr">find(1)</a>, - <a class="Xr">grep(1)</a>, <a class="Xr">ls(1)</a>, - <a class="Xr">whereis(1)</a>, <a class="Xr">which(1)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">A <code class="Nm">hier</code> manual page first appeared in 1979 - with <span class="Ux">Version 7 AT&T UNIX</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">September 25, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/hostname.7 3.html b/static/freebsd/man7/hostname.7 3.html deleted file mode 100644 index 9249469a..00000000 --- a/static/freebsd/man7/hostname.7 3.html +++ /dev/null @@ -1,68 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">HOSTNAME(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">HOSTNAME(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">hostname</code> — <span class="Nd">host - name resolution description</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">Hostnames are domains, where a domain is a hierarchical, - dot-separated list of subdomains; for example, the machine monet, in the - Berkeley subdomain of the EDU subdomain of the Internet would be represented - as</p> -<p class="Pp"></p> -<div class="Bd Bd-indent"><code class="Li">monet.Berkeley.EDU</code></div> -<p class="Pp">(with no trailing dot).</p> -<p class="Pp">Hostnames are often used with network client and server programs, - which must generally translate the name to an address for use. (This - function is generally performed by the library routine - <a class="Xr">gethostbyname(3)</a>.) Hostnames are resolved by the Internet - name resolver in the following fashion.</p> -<p class="Pp">If the name consists of a single component, i.e., contains no dot, - and if the environment variable - “<code class="Ev">HOSTALIASES</code>” is set to the name of a - file, that file is searched for any string matching the input hostname. The - file should consist of lines made up of two white-space separated strings, - the first of which is the hostname alias, and the second of which is the - complete hostname to be substituted for that alias. If a case-insensitive - match is found between the hostname to be resolved and the first field of a - line in the file, the substituted name is looked up with no further - processing.</p> -<p class="Pp">If the input name ends with a trailing dot, the trailing dot is - removed, and the remaining name is looked up with no further processing.</p> -<p class="Pp">If the input name does not end with a trailing dot, it is looked - up by searching through a list of domains until a match is found. The - default search list includes first the local domain, then its parent domains - with at least 2 name components (longest first). For example, in the domain - CS.Berkeley.EDU, the name lithium.CChem will be checked first as - lithium.CChem.CS.Berkeley.EDU and then as lithium.CChem.Berkeley.EDU. - Lithium.CChem.EDU will not be tried, as there is only one component - remaining from the local domain. The search path can be changed from the - default by a system-wide configuration file (see - <a class="Xr">resolver(5)</a>).</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">gethostbyname(3)</a>, - <a class="Xr">resolver(5)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp"><code class="Nm">Hostname</code> appeared in - <span class="Ux">4.2BSD</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">December 25, 2013</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/intro.7 4.html b/static/freebsd/man7/intro.7 4.html deleted file mode 100644 index 428df7e3..00000000 --- a/static/freebsd/man7/intro.7 4.html +++ /dev/null @@ -1,84 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">INTRO(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">INTRO(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">intro</code> — - <span class="Nd">miscellaneous information pages</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">This section contains miscellaneous documentation.</p> -<div class="Bd-indent"> -<dl class="Bl-tag"> - <dt><a class="Xr">arch(7)</a></dt> - <dd>supported CPU architectures and platforms</dd> - <dt><a class="Xr">ascii(7)</a></dt> - <dd>map of ASCII character set</dd> - <dt><a class="Xr">build(7)</a></dt> - <dd>build instructions for <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">c(7)</a></dt> - <dd>the C programming language</dd> - <dt><a class="Xr">clocks(7)</a></dt> - <dd>system timekeeping clocks available in - <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">crypto(7)</a></dt> - <dd>cryptographic algorithms provided by OpenCrypto in - <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">d(7)</a></dt> - <dd><a class="Xr">dtrace(1)</a> scripting language overview</dd> - <dt><a class="Xr">development(7)</a></dt> - <dd>development introduction to <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">environ(7)</a></dt> - <dd>user environment</dd> - <dt><a class="Xr">firewall(7)</a></dt> - <dd>simple firewalls under <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">hier(7)</a></dt> - <dd>file system hierarchy in <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">hostname(7)</a></dt> - <dd>host name resolution description</dd> - <dt><a class="Xr">networking(7)</a></dt> - <dd>network connection quickstart guide</dd> - <dt><a class="Xr">release(7)</a></dt> - <dd>layout of <span class="Ux">FreeBSD</span> releases and snapshots</dd> - <dt><a class="Xr">ports(7)</a></dt> - <dd>introduction to the ports infrastructure of - <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">security(7)</a></dt> - <dd>security features available in <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">stats(7)</a></dt> - <dd>statistics utilities available in <span class="Ux">FreeBSD</span></dd> - <dt><a class="Xr">tests(7)</a></dt> - <dd>introduction to the <span class="Ux">FreeBSD</span> Test Suite</dd> - <dt><a class="Xr">tracing(7)</a></dt> - <dd>introduction to tracing and performance monitoring facilities</dd> - <dt><a class="Xr">tuning(7)</a></dt> - <dd>general advice on tuning <span class="Ux">FreeBSD</span></dd> -</dl> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">man(1)</a>, <a class="Xr">intro(2)</a>, - <a class="Xr">intro(3)</a>, <a class="Xr">intro(4)</a>, - <a class="Xr">intro(5)</a>, <a class="Xr">intro(6)</a>, - <a class="Xr">intro(8)</a>, <a class="Xr">intro(9)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">intro</code> section manual page appeared in - <span class="Ux">4.2BSD</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">July 14, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/maclabel.7 3.html b/static/freebsd/man7/maclabel.7 3.html deleted file mode 100644 index caf98dc0..00000000 --- a/static/freebsd/man7/maclabel.7 3.html +++ /dev/null @@ -1,66 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">MACLABEL(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">MACLABEL(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">maclabel</code> — - <span class="Nd">Mandatory Access Control label format</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">If Mandatory Access Control, or MAC, is enabled in the kernel, - then in addition to the traditional credentials, each subject (typically a - user or a socket) and object (file system object, socket, etc.) is given a - <a class="permalink" href="#MAC"><i class="Em" id="MAC">MAC label</i></a>. - The MAC label specifies the necessary subject-specific or object-specific - information necessary for a MAC security policy to enforce access control on - the subject/object.</p> -<p class="Pp">The format for a MAC label is defined as follows:</p> -<p class="Pp"></p> -<div class="Bd - Bd-indent"><var class="Ar">policy1</var><span class="No">/</span><var class="Ar">qualifier1</var>,<var class="Ar">policy2</var><span class="No">/</span><var class="Ar">qualifier2</var>,<span class="No">...</span></div> -<p class="Pp">A MAC label consists of a policy name, followed by a forward - slash, followed by the subject or object's qualifier, optionally followed by - a comma and one or more additional policy labels. For example:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>biba/low(low-low) -biba/high(low-high),mls/equal(equal-equal),partition/0</pre> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">mac(3)</a>, <a class="Xr">posix1e(3)</a>, - <a class="Xr">mac_biba(4)</a>, <a class="Xr">mac_bsdextended(4)</a>, - <a class="Xr">mac_ifoff(4)</a>, <a class="Xr">mac_mls(4)</a>, - <a class="Xr">mac_none(4)</a>, <a class="Xr">mac_partition(4)</a>, - <a class="Xr">mac_seeotheruids(4)</a>, <a class="Xr">mac_test(4)</a>, - <a class="Xr">login.conf(5)</a>, <a class="Xr">getfmac(8)</a>, - <a class="Xr">getpmac(8)</a>, <a class="Xr">ifconfig(8)</a>, - <a class="Xr">setfmac(8)</a>, <a class="Xr">setpmac(8)</a>, - <a class="Xr">mac(9)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">MAC first appeared in <span class="Ux">FreeBSD 5.0</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This software was contributed to the - <span class="Ux">FreeBSD</span> Project by NAI Labs, the Security Research - Division of Network Associates Inc. under DARPA/SPAWAR contract - N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS - research program.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">October 25, 2002</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/mitigations.7 3.html b/static/freebsd/man7/mitigations.7 3.html deleted file mode 100644 index c261ebf5..00000000 --- a/static/freebsd/man7/mitigations.7 3.html +++ /dev/null @@ -1,451 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">MITIGATIONS(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">MITIGATIONS(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">mitigations</code> — - <span class="Nd">FreeBSD Security Vulnerability Mitigations</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp">In <span class="Ux">FreeBSD</span>, various security mitigations - are employed to limit the impact of vulnerabilities and protect the system - from malicious attacks. Some of these mitigations have run-time controls to - enable them on a global or per-process basis, some are optionally enabled or - disabled at compile time, and some are inherent to the implementation and - have no controls.</p> -<p class="Pp">The following vulnerability mitigations are covered in this - document:</p> -<p class="Pp"></p> -<ul class="Bl-bullet Bl-compact"> - <li>Address Space Layout Randomization (ASLR)</li> - <li>Position Independent Executable (PIE)</li> - <li>Write XOR Execute page protection policy</li> - <li id="PROT_MAX"><a class="permalink" href="#PROT_MAX"><code class="Dv">PROT_MAX</code></a></li> - <li>Relocation Read-Only (RELRO)</li> - <li>Bind Now</li> - <li>Stack Overflow Protection</li> - <li>Supervisor Mode Memory Protection</li> - <li>Capsicum</li> - <li>Firmware and Microcode</li> - <li>Architectural Vulnerability Mitigations</li> -</ul> -<p class="Pp">Please note that the effectiveness and availability of these - mitigations may vary depending on the <span class="Ux">FreeBSD</span> - version and system configuration.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">Security vulnerability mitigations are techniques employed in - <span class="Ux">FreeBSD</span> to limit the potential impact of security - vulnerabilities in software and hardware. It is essential to understand that - mitigations do not directly address the underlying security issues. They are - not a substitute for secure coding practices. Mitigations serve as an - additional layer of defense, helping to reduce the likelihood of a - successful exploitation of vulnerabilities by making it more difficult for - attackers to achieve their objectives.</p> -<p class="Pp">This manual page describes the security mitigations implemented in - <span class="Ux">FreeBSD</span> to enhance the overall security of the - operating system. Each mitigation is designed to protect against specific - types of attacks and vulnerabilities.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SOFTWARE_VULNERABILITY_MITIGATIONS"><a class="permalink" href="#SOFTWARE_VULNERABILITY_MITIGATIONS">SOFTWARE - VULNERABILITY MITIGATIONS</a></h1> -<section class="Ss"> -<h2 class="Ss" id="Address_Space_Layout_Randomization_(ASLR)"><a class="permalink" href="#Address_Space_Layout_Randomization_(ASLR)">Address - Space Layout Randomization (ASLR)</a></h2> -<p class="Pp">Address Space Layout Randomization (ASLR) is a security mitigation - technique that works by randomizing the memory addresses where system and - application code, data, and libraries are loaded, making it more challenging - for attackers to predict the memory layout and exploit vulnerabilities.</p> -<p class="Pp">ASLR introduces randomness into the memory layout during process - execution, reducing the predictability of memory addresses. ASLR is intended - to make exploitation more difficult in the event that an attacker discovers - a software vulnerability, such as a buffer overflow.</p> -<p class="Pp">ASLR can be enabled on both a global and per-process basis. Global - control is provided by a separate set of <a class="Xr">sysctl(8)</a> knobs - for 32- and 64-bit processes. It can be or disabled on a per-process basis - via <a class="Xr">proccontrol(1)</a>. Note that an ASLR mode change takes - effect upon address space change, i.e., upon - <a class="Xr">execve(2)</a>.</p> -<p class="Pp">Global controls for 32-bit processes:</p> -<dl class="Bl-tag"> - <dt id="kern.elf32.aslr.enable"><var class="Va">kern.elf32.aslr.enable</var></dt> - <dd>Enable ASLR for 32-bit ELF binaries, other than Position Independent - Executable (PIE) binaries.</dd> - <dt id="kern.elf32.aslr.pie_enable"><var class="Va">kern.elf32.aslr.pie_enable</var></dt> - <dd>Enable ASLR for 32-bit Position Independent Executable (PIE) ELF - binaries.</dd> - <dt id="kern.elf32.aslr.honor_sbrk"><var class="Va">kern.elf32.aslr.honor_sbrk</var></dt> - <dd>Reserve the legacy <a class="Xr">sbrk(2)</a> region for compatibility with - older binaries.</dd> - <dt id="kern.elf32.aslr.stack"><var class="Va">kern.elf32.aslr.stack</var></dt> - <dd>Randomize the stack location for 32-bit ELF binaries.</dd> -</dl> -<p class="Pp">Global controls for 64-bit processes:</p> -<dl class="Bl-tag"> - <dt id="kern.elf64.aslr.enable"><var class="Va">kern.elf64.aslr.enable</var></dt> - <dd>Enable ASLR for 64-bit ELF binaries, other than Position Independent - Executable (PIE) binaries.</dd> - <dt id="kern.elf64.aslr.pie_enable"><var class="Va">kern.elf64.aslr.pie_enable</var></dt> - <dd>Enable ASLR for 64-bit Position Independent Executable (PIE) ELF - binaries.</dd> - <dt id="kern.elf64.aslr.honor_sbrk"><var class="Va">kern.elf64.aslr.honor_sbrk</var></dt> - <dd>Reserve the legacy <a class="Xr">sbrk(2)</a> region for compatibility with - older binaries.</dd> - <dt id="kern.elf64.aslr.stack"><var class="Va">kern.elf64.aslr.stack</var></dt> - <dd>Randomize the stack location for 64-bit ELF binaries.</dd> -</dl> -<p class="Pp">To execute a command with ASLR enabled or disabled:</p> -<p class="Pp">proccontrol <code class="Fl">-m</code> <var class="Ar">aslr</var> - [<code class="Fl">-s</code> <var class="Ar">enable</var> | - <var class="Ar">disable</var>] <var class="Ar">command</var></p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Position_Independent_Executable_(PIE)"><a class="permalink" href="#Position_Independent_Executable_(PIE)">Position - Independent Executable (PIE)</a></h2> -<p class="Pp">PIE binaries are executable files that do not have a fixed load - address. They can be loaded at an arbitrary memory address by the - <a class="Xr">rtld(1)</a> run-time linker. With ASLR they are loaded at a - random address on each execution.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Write_XOR_Execute_page_protection_policy"><a class="permalink" href="#Write_XOR_Execute_page_protection_policy">Write - XOR Execute page protection policy</a></h2> -<p class="Pp">Write XOR Execute (W^X) is a vulnerability mitigation strategy - that strengthens the security of the system by controlling memory access - permissions.</p> -<p class="Pp">Under the W^X mitigation, memory pages may be writable (W) or - executable (E), but not both at the same time. This means that code - execution is prevented in areas of memory that are designated as writable, - and writing or modification of memory is restricted in areas marked for - execution. Applications that perform Just In Time (JIT) compilation need to - be adapted to be compatible with W^X.</p> -<p class="Pp">There are separate <a class="Xr">sysctl(8)</a> knobs to control - W^X policy enforcement for 32- and 64-bit processes. The W^X policy is - enabled by setting the appropriate <code class="Dv">allow_wx</code> sysctl - to 0.</p> -<dl class="Bl-tag"> - <dt id="kern.elf32.allow_wx"><var class="Va">kern.elf32.allow_wx</var></dt> - <dd>Allow 32-bit processes to map pages simultaneously writable and - executable.</dd> - <dt id="kern.elf64.allow_wx"><var class="Va">kern.elf64.allow_wx</var></dt> - <dd>Allow 64-bit processes to map pages simultaneously writable and - executable.</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="PROT_MAX~2"><a class="permalink" href="#PROT_MAX~2">PROT_MAX</a></h2> -<p class="Pp"><code class="Dv">PROT_MAX</code> is a - <span class="Ux">FreeBSD</span>-specific extension to - <a class="Xr">mmap(2)</a>. <code class="Dv">PROT_MAX</code> provides the - ability to set the maximum protection of a region allocated by - <a class="Xr">mmap(2)</a> and later altered by - <a class="Xr">mprotect(2)</a>. For example, memory allocated originally with - an mmap prot argument of PROT_MAX(PROT_READ | PROT_WRITE) | PROT_READ may be - made writable by a future <a class="Xr">mprotect(2)</a> call, but may not be - made executable.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Relocation_Read-Only_(RELRO)"><a class="permalink" href="#Relocation_Read-Only_(RELRO)">Relocation - Read-Only (RELRO)</a></h2> -<p class="Pp">Relocation Read-Only (RELRO) is a mitigation tool that makes - certain portions of a program's address space that contain ELF metadata - read-only, after relocation processing by <a class="Xr">rtld(1)</a>.</p> -<p class="Pp" id="partial">When enabled in isolation the RELRO option provides - <a class="permalink" href="#partial"><i class="Em">partial RELRO</i></a> - support. In this case the Procedure Linkage Table (PLT)-related part of the - Global Offset Table (GOT) (in the section typically named .got.plt) remains - writable.</p> -<p class="Pp">RELRO is enabled by default. The <a class="Xr">src.conf(5)</a> - build-time option <var class="Va">WITHOUT_RELRO</var> may be used to disable - it.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="BIND_NOW"><a class="permalink" href="#BIND_NOW">BIND_NOW</a></h2> -<p class="Pp">The <var class="Va">WITH_BIND_NOW</var> - <a class="Xr">src.conf(5)</a> build-time option causes binaries to be built - with the <code class="Dv">DF_BIND_NOW</code> flag set. The run-time loader - <a class="Xr">rtld(1)</a> will then perform all relocation processing when - the process starts, instead of on demand (on the first access to each - symbol).</p> -<p class="Pp" id="full">When enabled in combination with - <code class="Dv">RELRO</code> (which is enabled by default) this provides - <a class="permalink" href="#full"><i class="Em">full RELRO</i></a>. The - entire GOT (.got and .got.plt) are made read-only at program startup, - preventing attacks on the relocation table. Note that this results in a - nonstandard Application Binary Interface (ABI), and it is possible that some - applications may not function correctly.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Stack_Overflow_Protection"><a class="permalink" href="#Stack_Overflow_Protection">Stack - Overflow Protection</a></h2> -<p class="Pp"><span class="Ux">FreeBSD</span> supports stack overflow protection - using the Stack Smashing Protector (SSP) compiler feature. Stack clash - protection is also enabled, if supported by the compiler for the given - architecture. In userland, SSP adds a per-process randomized canary at the - end of every stack frame which is checked for corruption upon return from - the function, and stack probing in <code class="Dv">PAGE_SIZE</code> chunks. - In the kernel, a single randomized canary is used globally except on - aarch64, which has a <code class="Dv">PERTHREAD_SSP</code> - <a class="Xr">config(8)</a> option to enable per-thread randomized canaries. - If stack corruption is detected, then the process aborts to avoid - potentially malicious execution as a result of the corruption. SSP may be - enabled or disabled when building <span class="Ux">FreeBSD</span> base with - the <a class="Xr">src.conf(5)</a> SSP knob.</p> -<p class="Pp">When <var class="Va">WITH_SSP</var> is enabled, which is the - default, world is built with the - <code class="Fl">-fstack-protector-strong</code> and - <code class="Fl">-fstack-clash-protection</code> compiler options. The - kernel is built with the <code class="Fl">-fstack-protector</code> - option.</p> -<p class="Pp">In addition to SSP, a “FORTIFY_SOURCE” - implementation is supported up to level 2 by defining - <var class="Va">_FORTIFY_SOURCE</var> to <code class="Dv">1</code> or - <code class="Dv">2</code> before including any - <span class="Ux">FreeBSD</span> headers. <span class="Ux">FreeBSD</span> - world builds can set <var class="Va">FORTIFY_SOURCE</var> in the environment - or <span class="Pa">/etc/src-env.conf</span> to provide a default value for - <var class="Va">_FORTIFY_SOURCE</var>. When enabled, - “FORTIFY_SOURCE” enables extra bounds checking in various - functions that accept buffers to be written into. These functions currently - have extra bounds checking support:</p> -<table class="Bl-column Bd-indent"> - <tr id="bcopy"> - <td><a class="permalink" href="#bcopy"><code class="Fn">bcopy</code></a>()</td> - <td><a class="permalink" href="#bzero"><code class="Fn" id="bzero">bzero</code></a>()</td> - <td><a class="permalink" href="#fgets"><code class="Fn" id="fgets">fgets</code></a>()</td> - <td><a class="permalink" href="#getcwd"><code class="Fn" id="getcwd">getcwd</code></a>()</td> - <td><a class="permalink" href="#gets"><code class="Fn" id="gets">gets</code></a>()</td> - </tr> - <tr id="memcpy"> - <td><a class="permalink" href="#memcpy"><code class="Fn">memcpy</code></a>()</td> - <td><a class="permalink" href="#memmove"><code class="Fn" id="memmove">memmove</code></a>()</td> - <td><a class="permalink" href="#memset"><code class="Fn" id="memset">memset</code></a>()</td> - <td><a class="permalink" href="#read"><code class="Fn" id="read">read</code></a>()</td> - <td><a class="permalink" href="#readlink"><code class="Fn" id="readlink">readlink</code></a>()</td> - </tr> - <tr id="snprintf"> - <td><a class="permalink" href="#snprintf"><code class="Fn">snprintf</code></a>()</td> - <td><a class="permalink" href="#sprintf"><code class="Fn" id="sprintf">sprintf</code></a>()</td> - <td><a class="permalink" href="#stpcpy"><code class="Fn" id="stpcpy">stpcpy</code></a>()</td> - <td><a class="permalink" href="#stpncpy"><code class="Fn" id="stpncpy">stpncpy</code></a>()</td> - <td><a class="permalink" href="#strcat"><code class="Fn" id="strcat">strcat</code></a>()</td> - </tr> - <tr id="strcpy"> - <td><a class="permalink" href="#strcpy"><code class="Fn">strcpy</code></a>()</td> - <td><a class="permalink" href="#strncat"><code class="Fn" id="strncat">strncat</code></a>()</td> - <td><a class="permalink" href="#strncpy"><code class="Fn" id="strncpy">strncpy</code></a>()</td> - <td><a class="permalink" href="#vsnprintf"><code class="Fn" id="vsnprintf">vsnprintf</code></a>()</td> - <td><a class="permalink" href="#vsprintf"><code class="Fn" id="vsprintf">vsprintf</code></a>()</td> - </tr> -</table> -<p class="Pp">“FORTIFY_SOURCE” requires compiler support from - <a class="Xr">clang(1)</a> or <a class="Xr">gcc(1)</a>, which provide the - <a class="Xr">__builtin_object_size(3)</a> function that is used to - determine the bounds of an object. This feature works best at optimization - levels <code class="Fl">-O1</code> and above, as some object sizes may be - less obvious without some data that the compiler would collect in an - optimization pass.</p> -<p class="Pp">Similar to SSP, violating the bounds of an object will cause the - program to abort in an effort to avoid malicious execution. This effectively - provides finer-grained protection than SSP for some class of function and - system calls, along with some protection for buffers allocated as part of - the program data.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Supervisor_mode_memory_protection"><a class="permalink" href="#Supervisor_mode_memory_protection">Supervisor - mode memory protection</a></h2> -<p class="Pp">Certain processors include features that prevent unintended access - to memory pages accessible to userspace (non-privileged) code, while in a - privileged mode. One feature prevents execution, intended to mitigate - exploitation of kernel vulnerabilities from userland. Another feature - prevents unintended reads from or writes to user space memory from the - kernel. This also provides effective protection against NULL pointer - dereferences from kernel. An additional mechanism, Linear Address Space - Separation (LASS), is available on some amd64 machines. LASS prevents - user-mode applications from accessing kernel-mode memory, and the kernel - from unsanctioned access to userspace memory. Unlike page table-based - permission controls, LASS is based only on address values. As a consequence - of enforcing this separation in hardware, LASS also provides mitigation - against certain speculative-execution side-channel attacks.</p> -<table class="Bl-column Bd-indent"> - <tr id="Architecture"> - <td><a class="permalink" href="#Architecture"><b class="Sy">Architecture</b></a></td> - <td><a class="permalink" href="#Feature"><b class="Sy" id="Feature">Feature</b></a></td> - <td><a class="permalink" href="#Access"><b class="Sy" id="Access">Access - Type Prevented</b></a></td> - </tr> - <tr> - <td>amd64</td> - <td>LASS</td> - <td>All</td> - </tr> - <tr> - <td>amd64</td> - <td>SMAP</td> - <td>Read / Write</td> - </tr> - <tr> - <td>amd64</td> - <td>SMEP</td> - <td>Execute</td> - </tr> - <tr> - <td>arm64</td> - <td>PAN</td> - <td>Read / Write</td> - </tr> - <tr> - <td>arm64</td> - <td>PXN</td> - <td>Execute</td> - </tr> - <tr> - <td>riscv</td> - <td>SUM</td> - <td>Read / Write</td> - </tr> - <tr> - <td>riscv</td> - <td>-</td> - <td>Execute</td> - </tr> -</table> -<p class="Pp">Most of these features are automatically used by the kernel, with - no user-facing configuration. LASS is controlled by the - <var class="Va">hw.lass</var> loader tunable. It is enabled by default, when - available.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Capsicum"><a class="permalink" href="#Capsicum">Capsicum</a></h2> -<p class="Pp">Capsicum is a lightweight OS capability and sandbox framework. See - <a class="Xr">capsicum(4)</a> for more information.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="HARDWARE_VULNERABILITY_MITIGATIONS"><a class="permalink" href="#HARDWARE_VULNERABILITY_MITIGATIONS">HARDWARE - VULNERABILITY MITIGATIONS</a></h1> -<section class="Ss"> -<h2 class="Ss" id="Firmware_and_Microcode"><a class="permalink" href="#Firmware_and_Microcode">Firmware - and Microcode</a></h2> -<p class="Pp">Recent years have seen an unending stream of new hardware - vulnerabilities, notably CPU ones generally caused by detectable - microarchitectural side-effects of speculative execution which leak private - data from some other thread or process or sometimes even internal CPU state - that is normally inaccessible. Hardware vendors usually address these - vulnerabilities as they are discovered by releasing microcode updates, which - may then be bundled into platform firmware updates (historically called BIOS - updates for PCs) or packages to be updated by the operating system at boot - time.</p> -<p class="Pp">Platform firmware updates, if available from the manufacturer, are - the best defense as they provide coverage during early boot. Install them - with <span class="Pa">sysutils/flashrom</span> from the - <span class="Ux">FreeBSD</span> Ports Collection.</p> -<p class="Pp">If platform firmware updates are no longer available, packaged - microcode is available for installation at - <span class="Pa">sysutils/cpu-microcode</span> and can be loaded at runtime - using <a class="Xr">loader.conf(5)</a>, see the package message for more - details.</p> -<p class="Pp">The best defense overall against hardware vulnerabilities is to - timely apply these updates when available, as early as possible in the boot - process, and to disable the affected hardware's problematic functionalities - when possible (e.g., CPU Simultaneous Multi-Threading). Software mitigations - are only partial substitutes for these, but they can be helpful on - out-of-support hardware or as complements for just-discovered - vulnerabilities not yet addressed by vendors. Some software mitigations - depend on hardware capabilities provided by a microcode update.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Architectural_Vulnerability_Mitigations"><a class="permalink" href="#Architectural_Vulnerability_Mitigations">Architectural - Vulnerability Mitigations</a></h2> -<p class="Pp"><span class="Ux">FreeBSD</span>'s usual policy is to apply by - default all OS-level mitigations that do not require recompilation, except - those the particular hardware it is running on is known not to be vulnerable - to (which sometimes requires firmware updates), or those that are extremely - detrimental to performance in proportion to the protection they actually - provide. OS-level mitigations generally can have noticeable performance - impacts on specific workloads. If your threat model allows it, you may want - to try disabling some of them in order to possibly get better performance. - Conversely, minimizing the risks may require you to explicitly enable the - most expensive ones. The description of each vulnerability/mitigation - indicates whether it is enabled or disabled by default and under which - conditions. It also lists the knobs to tweak to force a particular - status.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Zenbleed"><a class="permalink" href="#Zenbleed">Zenbleed</a></h2> -<p class="Pp">The “Zenbleed” vulnerability exclusively affects AMD - processors based on the Zen2 microarchitecture. In contrast with, e.g., - Meltdown and the different variants of Spectre, which leak data by leaving - microarchitectural traces, Zenbleed is a genuine hardware bug affecting the - CPU's architectural state. With particular sequences of instructions whose - last ones are mispredicted by speculative execution, it is possible to make - appear in an XMM register data previously put in some XMM register by some - preceding or concurrent task executing on the same physical core (disabling - Simultaneous Multi-Threading (SMT) is thus not a sufficient protection).</p> -<p class="Pp">According to the vulnerability's discoverer, all Zen2-based - processors are affected (see - <a class="Lk" href="https://lock.cmpxchg8b.com/zenbleed.html">https://lock.cmpxchg8b.com/zenbleed.html</a>). - As of August 2023, AMD has not publicly listed any corresponding errata but - has issued a security bulletin (AMD-SB-7008) entitled “Cross-Process - Information Leak” indicating that platform firmware fixing the - vulnerability will be distributed to manufacturers no sooner than the end of - 2023, except for Rome processors for which it is already available. No - standalone CPU microcodes have been announced so far. The only - readily-applicable fix mentioned by the discoverer is to set a bit of an - undocumented MSR, which reportedly completely stops XMM register leaks.</p> -<p class="Pp"><span class="Ux">FreeBSD</span> currently sets this bit by default - on all Zen2 processors. In the future, it might set it by default only on - those Zen2 processors whose microcode has not been updated to revisions - fixing the vulnerability, once such microcode updates have been actually - released and community-tested. To this mitigation are associated the - following knobs:</p> -<dl class="Bl-tag"> - <dt id="machdep.mitigations.zenbleed.enable"><var class="Va">machdep.mitigations.zenbleed.enable</var></dt> - <dd>A read-write integer tunable and sysctl indicating whether the mitigation - should be forcibly disabled (0), enabled (1) or if it is left to - <span class="Ux">FreeBSD</span> to selectively apply it (2). Any other - integer value is silently converted to and treated as value 2. Note that - this setting is silently ignored when running on non-Zen2 processors to - ease applying a common configuration to heterogeneous machines.</dd> - <dt id="machdep.mitigations.zenbleed.state"><var class="Va">machdep.mitigations.zenbleed.state</var></dt> - <dd>A read-only string indicating the current mitigation state. It can be - either “Not applicable”, if the processor is not Zen2-based, - “Mitigation enabled” or “Mitigation disabled”. - This state is automatically updated each time the sysctl - <var class="Va">machdep.mitigations.zenbleed.enable</var> is written to. - Note that it can become inaccurate if the chicken bit is set or cleared - directly via <a class="Xr">cpuctl(4)</a> (which includes the - <a class="Xr">cpucontrol(8)</a> utility).</dd> -</dl> -<p class="Pp">The performance impact and threat models related to these - mitigations should be considered when configuring and deploying them in a - <span class="Ux">FreeBSD</span> system.</p> -<p class="Pp">Additional mitigation knobs are listed in the - <a class="Sx" href="#KNOBS_AND_TWEAKS">KNOBS AND TWEAKS</a> section of - <a class="Xr">security(7)</a>.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">elfctl(1)</a>, <a class="Xr">proccontrol(1)</a>, - <a class="Xr">rtld(1)</a>, <a class="Xr">mmap(2)</a>, - <a class="Xr">src.conf(5)</a>, <a class="Xr">sysctl.conf(5)</a>, - <a class="Xr">security(7)</a>, <a class="Xr">cpucontrol(8)</a>, - <a class="Xr">sysctl(8)</a></p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">January 29, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/named_attribute.7 3.html b/static/freebsd/man7/named_attribute.7 3.html deleted file mode 100644 index 7b958f9e..00000000 --- a/static/freebsd/man7/named_attribute.7 3.html +++ /dev/null @@ -1,220 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">NAMED_ATTRIBUTE(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">NAMED_ATTRIBUTE(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">named_attribute</code> — - <span class="Nd">Solaris-like extended attribute system interface</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">Description of the system interface for named attributes (the NFS - Version 4 terminology).</p> -<section class="Ss"> -<h2 class="Ss" id="Introduction"><a class="permalink" href="#Introduction">Introduction</a></h2> -<p class="Pp">This document describes an alternate system interface for extended - attributes as compared to <a class="Xr">extattr(2)</a>. It is based on the - interface provided by Solaris and NFS Version 4.</p> -<p class="Pp">This interface associates a directory, known as a named attribute - directory, to a file system object. This directory is read in the same - manner as a normal directory via the <a class="Xr">getdents(2)</a> or - <a class="Xr">getdirentries(2)</a> system calls. The - <span class="Pa">.</span> and <span class="Pa">..</span> entries refer to - the directory itself and to the associated file object, respectively. The - other entries in this directory are the names of the extended attributes for - the associated file object and are referred to as named attributes. These - named attributes are regular files used to store the attribute's value.</p> -<p class="Pp">A named attribute directory does not live in the file system's - name space. It is accessed via an <a class="Xr">open(2)</a> or - <a class="Xr">openat(2)</a> system call done on a file to query the named - attributes for the file, with the <code class="Dv">O_NAMEDATTR</code> flag - specified and a <var class="Fa">path</var> argument of - <span class="Pa">.</span>. This file descriptor can be used as the - <var class="Fa">fd</var> argument for a variety of system calls, such as: - <a class="Xr">fchdir(2)</a>, <a class="Xr">unlinkat(2)</a> and - <a class="Xr">renameat(2)</a>. <a class="Xr">renameat(2)</a> is only - permitted to rename a named attribute within the same named attribute - directory.</p> -<p class="Pp">When a file descriptor for a file object in the file system's - namespace is used as the <var class="Fa">fd</var> argument of an - <a class="Xr">openat(2)</a> along with the <var class="Fa">flag</var> - <code class="Dv">O_NAMEDATTR</code> and a <var class="Fa">path</var> - argument that is the name of a named attribute (not - <span class="Pa">.</span> or <span class="Pa">..</span> ), a file descriptor - for the named attribute is returned. If the <var class="Fa">flag</var> - <code class="Dv">O_CREAT</code> is specified, the named attribute will be - created if it does not exist. The <var class="Fa">path</var> argument must - be a single component name, with no embedded “/” in it. I/O on - these named attribute file descriptors may be performed by standard I/O - system calls such as: <a class="Xr">read(2)</a>, <a class="Xr">write(2)</a>, - <a class="Xr">lseek(2)</a> and <a class="Xr">ftruncate(2)</a>.</p> -<p class="Pp">The <code class="Dv">_PC_NAMEDATTR_ENABLED</code> - <var class="Fa">name</var> argument to <a class="Xr">pathconf(2)</a> will - return 1 if the file system supports named attributes. The - <code class="Dv">_PC_HAS_NAMEDATTR</code> <var class="Fa">name</var> - argument to <a class="Xr">pathconf(2)</a> will return 1 if there are one or - more named attributes for the file. If an application does a - <a class="Xr">openat(2)</a> of “.” to open a named attribute - directory when no named attribute directory exists, an empty named attribute - directory will be created. Testing <code class="Dv">_PC_HAS_NAMEDATTR</code> - can be done to avoid creating these named attribute directories - unnecessarily.</p> -<p class="Pp">The named attribute interface is a different mechanism/system call - interface for manipulating extended attributes compared with - <a class="Xr">extattr(2)</a>. Although the named attribute machanism might - require different internal implementation of extended attributes within a - file system, both ZFS and NFSv4 provide both mechanisms, which can be used - interchangeably to manipulate extended attributes, but with a few - limitations.</p> -<ul class="Bl-bullet"> - <li>The <a class="Xr">extattr(2)</a> interface requires that an extended - attribute's value be set or acquired via a single system call using a - single buffer. This limits the size of the attribute's value.</li> - <li>The named attribute interface does not support system namespace extended - attributes and, as such, system namespace extended attributes must be - manipulated via <a class="Xr">extattr(2)</a>.</li> - <li>For ZFS, if an extended attribute with a value that is a small length in - bytes is created when the ZFS <code class="Dv">xattr</code> property is - set to “sa”, that extended attribute is only visible via - <a class="Xr">extattr(2)</a> and not as a named attribute. - Archiving/de-archiving the file via <a class="Xr">tar(1)</a> after setting - the <code class="Dv">xattr</code> property to “dir” will - make the attribute(s) visible as both named attributes and via - <a class="Xr">extattr(2)</a>.</li> - <li>For ZFS, it is also possible to create two attributes with the same name - by creating one when the ZFS <code class="Dv">xattr</code> property is set - to “sa” and then creating another one with the same name - after the ZFS property <code class="Dv">xattr</code> has been changed to - “dir”. The one created when the ZFS - <code class="Dv">xattr</code> property is set to “sa” may be - removed via <a class="Xr">rmextattr(8)</a>.</li> - <li>To avoid these issues for ZFS, it is strongly recommended that the ZFS - property <code class="Dv">xattr</code> be set to “dir” as - soon as the file system is created, if named attributes are to be used on - the file system.</li> -</ul> -<p class="Pp">The named attribute mechanism/system call interface provides - certain advantages over <a class="Xr">extattr(2)</a>. Since the attribute's - value is updated via <a class="Xr">read(2)</a> and - <a class="Xr">write(2)</a> system calls, the attribute's data may be as - large as any regular file and may be partially updated. (Note that this - interface does not provide the atomicity guarantee that - <a class="Xr">extattr(2)</a> does.) The permission to access a named - attribute directory is determined from the access control information for - the associated file object. However, access control information can be set - on each individual attribute in a manner similar to a regular file. This - provides “per attribute” granular control over attribute - permissions via <a class="Xr">fchown(2)</a>.</p> -<p class="Pp">At this time, the only local file system which supports this - interface is ZFS and only if the <code class="Dv">xattr</code> property is - set to “dir”. (Note that, even when “zfs get xattr - <file-system>” shows “on” the command “zfs - set xattr=dir <file-system>” must be done, followed by a - remount to make the setting take effect.) A NFSv4 mount will also support - this interface, but only if the NFSv4 server file system supports named - attributes (the openattr operation). The <span class="Ux">FreeBSD</span> - NFSv4 server supports named attributes only for ZFS exported file systems - where the “xattr” property is set to “dir” for - the file system.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<div class="Bd Li"> -<pre>#include <stdio.h> -#include <dirent.h> -#include <fcntl.h> -#include <unistd.h> - -... - -/* For a file called "myfile". Failure checks removed for brevity. */ -int file_fd, nameddir_fd, namedattr_fd; -ssize_t siz; -char buf[DIRBLKSIZ], *cp; -struct dirent *dp; -long named_enabled, has_named_attrs; - -... -/* Check to see if named attributes are supported. */ -named_enabled = pathconf("myfile", _PC_NAMEDATTR_ENABLED); -if (named_enabled <= 0) - err(1, "Named attributes not enabled"); -/* Test to see if named attribute(s) exist for the file. */ -has_named_attrs = pathconf("myfile", _PC_HAS_NAMEDATTR); -if (has_named_attrs == 1) - printf("myfile has named attribute(s)\n"); -else - printf("myfile does not have any named attributes\n"); -/* Open a named attribute directory. */ -file_fd = open("myfile", O_RDONLY, 0); -nameddir_fd = openat(file_fd, ".", O_NAMEDATTR, 0); -... -/* and read it, assuming it all fits in DIRBLKSIZ for simplicity. */ -siz = getdents(fd, buf, sizeof(buf)); -cp = buf; -while (cp < &buf[siz]) { - dp = (struct dirent *)cp; - printf("name=%s\n", dp->d_name); - cp += dp->d_reclen; -} -... -/* Open/create a named attribute called "foo". */ -namedattr_fd = openat(file_fd, "foo", O_CREAT | O_RDWR | - O_TRUNC | O_NAMEDATTR, 0600); -... -/* Write foo's attribute value. */ -write(namedattr_fd, "xxxyyy", 6); -... -/* Read foo's attribute value. */ -lseek(namedattr_fd, 0, SEEK_SET); -siz = read(namedattr_fd, buf, sizeof(buf)); -... -/* And close "foo". */ -close(namedattr_fd); -... -/* Rename "foo" to "oldfoo". */ -renameat(nameddir_fd, "foo", nameddir_fd, "oldfoo"); -/* and delete "oldfoo". */ -unlinkat(nameddir_fd, "oldfoo", AT_RESOLVE_BENEATH);</pre> -</div> -<p class="Pp">The <a class="Xr">runat(1)</a> command may be used to perform - shell commands on named attributes. For example:</p> -<div class="Bd Pp Li"> -<pre>$ runat myfile cp /etc/hosts attrhosts # creates attrhosts -$ runat myfile cat attrhosts # displays contents of attrhosts -$ runat myfile ls -l # lists the attributes for myfile</pre> -</div> -<p class="Pp">If using the <a class="Xr">bash(1)</a> shell, the command - “cd -@ foo” enters the named attribute directory for the file - object “foo”.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">bash(1)</a>, <a class="Xr">runat(1)</a>, - <a class="Xr">tar(1)</a>, <a class="Xr">chdir(2)</a>, - <a class="Xr">extattr(2)</a>, <a class="Xr">lseek(2)</a>, - <a class="Xr">open(2)</a>, <a class="Xr">pathconf(2)</a>, - <a class="Xr">read(2)</a>, <a class="Xr">rename(2)</a>, - <a class="Xr">truncate(2)</a>, <a class="Xr">unlinkat(2)</a>, - <a class="Xr">write(2)</a>, <a class="Xr">zfsprops(7)</a>, - <a class="Xr">rmextattr(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">This interface first appeared in <span class="Ux">FreeBSD - 15.0</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">August 5, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/networking.7 4.html b/static/freebsd/man7/networking.7 4.html deleted file mode 100644 index 7b0b4464..00000000 --- a/static/freebsd/man7/networking.7 4.html +++ /dev/null @@ -1,110 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">NETWORKING(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">NETWORKING(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">networking</code>, <code class="Nm">wifi</code> - — <span class="Nd">quickstart guide to connecting to a - network</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">In the following examples, it is assumed that we are connecting to - Ethernet with the first interface found by the <a class="Xr">ix(4)</a> - driver, and Wi-Fi with the first interface found by the - <a class="Xr">iwlwifi(4)</a> driver, though your hardware will vary.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<dl class="Bl-tag"> - <dt id="Example"><a class="permalink" href="#Example"><b class="Sy">Example 1: - Connecting to an Ethernet network with DHCP</b></a></dt> - <dd> - <p class="Pp">Ask for a DHCP lease on the first Intel 10Gb Ethernet - interface:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic"># dhclient ix0</code></pre> - </div> - </dd> - <dt id="Example~2"><a class="permalink" href="#Example~2"><b class="Sy">Example - 2: Connecting to a cellular network with USB tethering</b></a></dt> - <dd> - <p class="Pp">Ask for a DHCP lease on the first USB tethering interface:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic"># dhclient ue0</code></pre> - </div> - </dd> - <dt id="Example~3"><a class="permalink" href="#Example~3"><b class="Sy">Example - 3: Connecting to a Wi-Fi network</b></a></dt> - <dd> - <p class="Pp">Identify your Wi-Fi hardware:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic">% sysctl net.wlan.devices</code></pre> - </div> - <p class="Pp" id="wlan0">Create the - <a class="permalink" href="#wlan0"><b class="Sy">wlan0</b></a> interface - with the first Intel Wi-Fi adapter:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic"># sysrc wlans_iwlwifi0="wlan0"</code></pre> - </div> - <p class="Pp">Set that interface to ask for a DHCP lease with - <a class="Xr">wpa_supplicant(8)</a>:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic"># sysrc ifconfig_wlan0="WPA SYNCDHCP"</code></pre> - </div> - <p class="Pp">Enter the details of the Wi-Fi network:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic"># cd /etc/</code> -<code class="Ic"># wpa_passphrase "myssid" "mypassphrase" >> wpa_supplicant.conf</code></pre> - </div> - <p class="Pp">Restart the network interface daemon:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic"># service netif restart</code></pre> - </div> - </dd> - <dt id="Example~4"><a class="permalink" href="#Example~4"><b class="Sy">Example - 4: Scanning for Wi-Fi networks</b></a></dt> - <dd> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic">% ifconfig wlan0 scan</code></pre> - </div> - </dd> - <dt id="Example~5"><a class="permalink" href="#Example~5"><b class="Sy">Example - 5: Airplane mode</b></a></dt> - <dd> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Ic"># service netif stop</code></pre> - </div> - </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">bsdconfig(8)</a>, <a class="Xr">dhclient(8)</a>, - <a class="Xr">ifconfig(8)</a>, <a class="Xr">wpa_passphrase(8)</a></p> -<p class="Pp">The Advanced Networking chapter of the - <span class="Ux">FreeBSD</span> Handbook.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="CAVEATS"><a class="permalink" href="#CAVEATS">CAVEATS</a></h1> -<p class="Pp">Shell Special Characters in the <var class="Ar">SSID</var> or - <var class="Ar">passphrase</var> will need to be escaped for - <a class="Xr">wpa_passphrase(8)</a>, commonly using - ‘<code class="Li">\</code>’, see the manual page for your - shell for more details.</p> -<p class="Pp">Stopping the network interface service also stops internal - networking.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">March 21, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/operator.7 4.html b/static/freebsd/man7/operator.7 4.html deleted file mode 100644 index 8472e641..00000000 --- a/static/freebsd/man7/operator.7 4.html +++ /dev/null @@ -1,110 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">OPERATOR(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">OPERATOR(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">operator</code> — <span class="Nd">C and - C++ operator precedence and order of evaluation</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<div class="Bd Bd-indent"> -<table class="Bl-column"> - <tr id="Operator"> - <td><a class="permalink" href="#Operator"><b class="Sy">Operator</b></a></td> - <td>Associativity</td> - </tr> - <tr> - <td>--------</td> - <td>-------------</td> - </tr> - <tr> - <td>() [] -> .</td> - <td>left to right</td> - </tr> - <tr> - <td>! ~ ++ -- - (type) * & sizeof new delete</td> - <td>right to left</td> - </tr> - <tr> - <td>->* .*</td> - <td>left to right</td> - </tr> - <tr> - <td>* / %</td> - <td>left to right</td> - </tr> - <tr> - <td>+ -</td> - <td>left to right</td> - </tr> - <tr> - <td><< >></td> - <td>left to right</td> - </tr> - <tr> - <td>< <= > >=</td> - <td>left to right</td> - </tr> - <tr> - <td>== !=</td> - <td>left to right</td> - </tr> - <tr> - <td>&</td> - <td>left to right</td> - </tr> - <tr> - <td>^</td> - <td>left to right</td> - </tr> - <tr> - <td>|</td> - <td>left to right</td> - </tr> - <tr> - <td>&&</td> - <td>left to right</td> - </tr> - <tr> - <td>||</td> - <td>left to right</td> - </tr> - <tr> - <td>?:</td> - <td>right to left</td> - </tr> - <tr> - <td>= += -= *= /= %= <<= >>= &= ^= |= throw</td> - <td>right to left</td> - </tr> - <tr> - <td>?: (C++, third operand)</td> - <td>right to left</td> - </tr> - <tr> - <td>,</td> - <td>left to right</td> - </tr> -</table> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/usr/share/misc/operator</span></dt> - <dd style="width: auto;"> </dd> -</dl> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">April 8, 2009</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/orders.7 3.html b/static/freebsd/man7/orders.7 3.html deleted file mode 100644 index 2a4405ea..00000000 --- a/static/freebsd/man7/orders.7 3.html +++ /dev/null @@ -1,370 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">ORDERS(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">ORDERS(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">orders</code> — <span class="Nd">orders of - magnitude</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The following table lists common multiples of bytes.</p> -<table class="Bl-column Bd-indent"> - <tr id="Name"> - <td><a class="permalink" href="#Name"><b class="Sy">Name</b></a></td> - <td><a class="permalink" href="#Prefix"><b class="Sy" id="Prefix">Prefix</b></a></td> - <td><a class="permalink" href="#Power"><b class="Sy" id="Power">Power of - 2</b></a></td> - <td><a class="permalink" href="#Power~2"><b class="Sy" id="Power~2">Power of - 10</b></a></td> - </tr> - <tr> - <td>Kilobyte</td> - <td>kB</td> - <td>2^10</td> - <td>10^3</td> - </tr> - <tr> - <td>Megabyte</td> - <td>MB</td> - <td>2^20</td> - <td>10^6</td> - </tr> - <tr> - <td>Gigabyte</td> - <td>GB</td> - <td>2^30</td> - <td>10^9</td> - </tr> - <tr> - <td>Terabyte</td> - <td>TB</td> - <td>2^40</td> - <td>10^12</td> - </tr> - <tr> - <td>Petabyte</td> - <td>PB</td> - <td>2^50</td> - <td>10^15</td> - </tr> - <tr> - <td>Exabyte</td> - <td>EB</td> - <td>2^60</td> - <td>10^18</td> - </tr> - <tr> - <td>Zettabyte</td> - <td>ZB</td> - <td>2^70</td> - <td>10^21</td> - </tr> - <tr> - <td>Yottabyte</td> - <td>YB</td> - <td>2^80</td> - <td>10^24</td> - </tr> - <tr> - <td>Ronnabyte</td> - <td>RB</td> - <td>2^90</td> - <td>10^27</td> - </tr> - <tr> - <td>Quettabyte</td> - <td>QB</td> - <td>2^100</td> - <td>10^30</td> - </tr> -</table> -<p class="Pp">The following table lists common bit rates as a power of ten.</p> -<table class="Bl-column Bd-indent"> - <tr id="Name~2"> - <td><a class="permalink" href="#Name~2"><b class="Sy">Name</b></a></td> - <td><a class="permalink" href="#Prefix~2"><b class="Sy" id="Prefix~2">Prefix</b></a></td> - <td><a class="permalink" href="#Bit"><b class="Sy" id="Bit">Bit per - second</b></a></td> - <td><a class="permalink" href="#Byte"><b class="Sy" id="Byte">Byte per - second</b></a></td> - </tr> - <tr> - <td>Bit per second</td> - <td>bit/s</td> - <td>1</td> - <td>0.125</td> - </tr> - <tr> - <td>Byte per second</td> - <td>B/s</td> - <td>8</td> - <td>1</td> - </tr> - <tr> - <td>Kilobit per second</td> - <td>kbit/s</td> - <td>10^3</td> - <td>125</td> - </tr> - <tr> - <td>Kilobyte per second</td> - <td>kB/s</td> - <td>8 * 10^3</td> - <td>1000</td> - </tr> - <tr> - <td>Megabit per second</td> - <td>Mbit/s</td> - <td>10^6</td> - <td>125000</td> - </tr> - <tr> - <td>Megabyte per second</td> - <td>MB/s</td> - <td>8 * 10^6</td> - <td>1000000</td> - </tr> - <tr> - <td>Gigabit per second</td> - <td>Gbit/s</td> - <td>10^9</td> - <td>125000000</td> - </tr> - <tr> - <td>Gigabyte per second</td> - <td>GB/s</td> - <td>8 * 10^9</td> - <td>1000000000</td> - </tr> - <tr> - <td>Terabit per second</td> - <td>Tbit/s</td> - <td>10^12</td> - <td>125000000000</td> - </tr> - <tr> - <td>Terabyte per second</td> - <td>TB/s</td> - <td>8 * 10^12</td> - <td>1000000000000</td> - </tr> -</table> -<p class="Pp">The following table lists common orders of magnitude as a power of - ten.</p> -<table class="Bl-column Bd-indent"> - <tr id="Name~3"> - <td><a class="permalink" href="#Name~3"><b class="Sy">Name</b></a></td> - <td><a class="permalink" href="#Order"><b class="Sy" id="Order">Order</b></a></td> - <td><a class="permalink" href="#Prefix~3"><b class="Sy" id="Prefix~3">Prefix</b></a></td> - <td><a class="permalink" href="#Symbol"><b class="Sy" id="Symbol">Symbol</b></a></td> - <td><a class="permalink" href="#Decimal"><b class="Sy" id="Decimal">Decimal</b></a></td> - </tr> - <tr> - <td>Nonillionth</td> - <td>10^-30</td> - <td>quecto</td> - <td>q</td> - <td>0.000000000000000000000000000001</td> - </tr> - <tr> - <td>Octillionth</td> - <td>10^-27</td> - <td>ronto</td> - <td>r</td> - <td>0.000000000000000000000000001</td> - </tr> - <tr> - <td>Septillionth</td> - <td>10^-24</td> - <td>yocto</td> - <td>y</td> - <td>0.000000000000000000000001</td> - </tr> - <tr> - <td>Sextillionth</td> - <td>10^-21</td> - <td>zepto</td> - <td>z</td> - <td>0.000000000000000000001</td> - </tr> - <tr> - <td>Quintillionth</td> - <td>10^-18</td> - <td>atto</td> - <td>a</td> - <td>0.000000000000000001</td> - </tr> - <tr> - <td>Quadrillionth</td> - <td>10^-15</td> - <td>femto</td> - <td>f</td> - <td>0.000000000000001</td> - </tr> - <tr> - <td>Trillionth</td> - <td>10^-12</td> - <td>pico</td> - <td>p</td> - <td>0.000000000001</td> - </tr> - <tr> - <td>Billionth</td> - <td>10^-9</td> - <td>nano</td> - <td>n</td> - <td>0.000000001</td> - </tr> - <tr> - <td>Millionth</td> - <td>10^-6</td> - <td>micro</td> - <td>mu</td> - <td>0.000001</td> - </tr> - <tr> - <td>Thousandth</td> - <td>10^-3</td> - <td>milli</td> - <td>m</td> - <td>0.001</td> - </tr> - <tr> - <td>Hundredth</td> - <td>10^-2</td> - <td>centi</td> - <td>c</td> - <td>0.01</td> - </tr> - <tr> - <td>Tenth</td> - <td>10^-1</td> - <td>deci</td> - <td>d</td> - <td>0.1</td> - </tr> - <tr> - <td>One</td> - <td>10^0</td> - <td>-</td> - <td>-</td> - <td>1</td> - </tr> - <tr> - <td>Ten</td> - <td>10^1</td> - <td>deca</td> - <td>da</td> - <td>10</td> - </tr> - <tr> - <td>Hundred</td> - <td>10^2</td> - <td>hecto</td> - <td>h</td> - <td>100</td> - </tr> - <tr> - <td>Thousand</td> - <td>10^3</td> - <td>kilo</td> - <td>k</td> - <td>1000</td> - </tr> - <tr> - <td>Million</td> - <td>10^6</td> - <td>mega</td> - <td>M</td> - <td>1000000</td> - </tr> - <tr> - <td>Billion</td> - <td>10^9</td> - <td>giga</td> - <td>G</td> - <td>1000000000</td> - </tr> - <tr> - <td>Trillion</td> - <td>10^12</td> - <td>tera</td> - <td>T</td> - <td>1000000000000</td> - </tr> - <tr> - <td>Quadrillion</td> - <td>10^15</td> - <td>peta</td> - <td>P</td> - <td>1000000000000000</td> - </tr> - <tr> - <td>Quintillion</td> - <td>10^18</td> - <td>exa</td> - <td>E</td> - <td>1000000000000000000</td> - </tr> - <tr> - <td>Sextillion</td> - <td>10^21</td> - <td>zetta</td> - <td>Z</td> - <td>1000000000000000000000</td> - </tr> - <tr> - <td>Septillion</td> - <td>10^24</td> - <td>yotta</td> - <td>Y</td> - <td>1000000000000000000000000</td> - </tr> - <tr> - <td>Octillion</td> - <td>10^27</td> - <td>ronna</td> - <td>R</td> - <td>1000000000000000000000000000</td> - </tr> - <tr> - <td>Nonillion</td> - <td>10^30</td> - <td>quetta</td> - <td>Q</td> - <td>1000000000000000000000000000000</td> - </tr> -</table> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">units(1)</a>, <a class="Xr">number(6)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STANDARDS"><a class="permalink" href="#STANDARDS">STANDARDS</a></h1> -<p class="Pp">There have been various attempts to standardize the set of binary - prefixes. Organizations such as International Electrotechnical Commission - (IEC) have proposed new prefixes such as “kibi”, - “mebi”, “gibi”, and “yobi”, but - the adoption has been slow at best.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This manual page was written by <span class="An">Jukka - Ruohonen</span> - <<a class="Mt" href="mailto:jruoho@netbsd.org">jruoho@netbsd.org</a>>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">November 20, 2022</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/ports.7 3.html b/static/freebsd/man7/ports.7 3.html deleted file mode 100644 index f7e168f4..00000000 --- a/static/freebsd/man7/ports.7 3.html +++ /dev/null @@ -1,585 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">PORTS(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">PORTS(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">ports</code> — - <span class="Nd">contributed applications</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <span class="Ux">FreeBSD</span> Ports Collection offers a - simple way to compile and install third party applications. It is also used - to build packages, to be installed using <a class="Xr">pkg(8)</a>.</p> -<p class="Pp">The ports tree, typically located at - <span class="Pa">/usr/ports</span>, consists of subdirectories, one for each - category; those in turn contain individual ports. Each port is a directory - with metadata and patches necessary to make the original application source - code compile and run on <span class="Ux">FreeBSD</span>. Compiling an - application is as simple as typing “<code class="Li">make - build</code>” in the port directory. The - <span class="Pa">Makefile</span> automatically fetches the application - source code, either from a local disk or the network, unpacks it, applies - the patches, and compiles it. It also recursively handles dependencies - — other pieces of software the port depends on in order to build and - work. Afterwards, “<code class="Li">make install</code>” - installs the application.</p> -<p class="Pp" id="latest">The <span class="Ux">FreeBSD</span> Ports Collection - is maintained in several branches, which differ mostly by versions of - software provided: the <i class="Em">main</i> branch contains all the latest - changes and corresponds to the - <a class="permalink" href="#latest"><i class="Em">latest</i></a> package - set, while the <i class="Em">quarterly</i> branches only provide critical - fixes. The <i class="Em">main</i> branch can be cloned and updated from the - Git repository located at:</p> -<p class="Pp"><a class="Lk" href="https://git.FreeBSD.org/ports.git">https://git.FreeBSD.org/ports.git</a></p> -<p class="Pp">so eg:</p> -<p class="Pp"><code class="Cm">git clone - https://git.FreeBSD.org/ports.git</code></p> -<p class="Pp" id="yyyy">The <i class="Em">quarterly</i> branches can be found in - Git as branches like <span class="Pa">yyyyQn</span> , where - <a class="permalink" href="#yyyy"><i class="Em">yyyy</i></a> indicates the - year and <a class="permalink" href="#n"><i class="Em" id="n">n</i></a> - indicates the quarter (1 to 4), eg:</p> -<p class="Pp"><code class="Cm">git clone -b 2021Q2 - https://git.FreeBSD.org/ports.git</code></p> -<p class="Pp" id="url">It is generally a good idea to use the - <code class="Nm">ports</code> branch that matches the - <a class="Xr">pkg(8)</a> repository being used. By default, for - <span class="Ux">FreeBSD CURRENT</span> the <a class="Xr">pkg(8)</a> is - configured to install packages built from the <i class="Em">main</i> branch, - while for <span class="Ux">FreeBSD STABLE</span> or RELEASE versions it is - configured to install packages built from the latest - <i class="Em">quarterly</i> branch. Currently configured - <a class="Xr">pkg(8)</a> repository can be verified by looking at the - <a class="permalink" href="#url"><i class="Em">url</i></a> field in - <code class="Cm">pkg -vv</code> output.</p> -<p class="Pp">For more information about using ports, see the “Packages - and Ports section” in <i class="RsB">The FreeBSD - Handbook</i><span class="No">:</span></p> -<p class="Pp"><a class="Lk" href="https://docs.FreeBSD.org/en/books/handbook/ports/">https://docs.FreeBSD.org/en/books/handbook/ports/</a></p> -<p class="Pp">For information about creating new ports, see <i class="RsB">The - Porter's Handbook</i><span class="No">:</span></p> -<p class="Pp"><a class="Lk" href="https://docs.FreeBSD.org/en/books/porters-handbook/">https://docs.FreeBSD.org/en/books/porters-handbook/</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="TARGETS"><a class="permalink" href="#TARGETS">TARGETS</a></h1> -<p class="Pp">Some of the <a class="Xr">make(1)</a> targets work recursively - through subdirectories. This lets you, for example, install all of the - “<code class="Li">biology</code>” ports with one command. The - targets that do this are <code class="Cm">build</code>, - <code class="Cm">checksum</code>, <code class="Cm">clean</code>, - <code class="Cm">configure</code>, <code class="Cm">depends</code>, - <code class="Cm">extract</code>, <code class="Cm">fetch</code>, - <code class="Cm">install</code>, and <code class="Cm">package</code>.</p> -<p class="Pp">The following targets will be run automatically by each proceeding - target in order. That is, <code class="Cm">build</code> will be run (if - necessary) by <code class="Cm">install</code>, and so on all the way to - <code class="Cm">fetch</code>. Usually, you will only use the - <code class="Cm">install</code> target.</p> -<dl class="Bl-tag"> - <dt id="config"><a class="permalink" href="#config"><code class="Cm">config</code></a></dt> - <dd>Configure <var class="Va">OPTIONS</var> for this port using - <a class="Xr">portconfig(1)</a> - (<span class="Pa">ports/ports-mgmt/portconfig</span>).</dd> - <dt id="fetch"><a class="permalink" href="#fetch"><code class="Cm">fetch</code></a></dt> - <dd>Fetch all of the files needed to build this port from the sites listed in - <var class="Va">MASTER_SITES</var> and <var class="Va">PATCH_SITES</var>. - See <var class="Va">FETCH_CMD</var>, - <var class="Va">MASTER_SITE_OVERRIDE</var> and - <var class="Va">MASTER_SITE_BACKUP</var>.</dd> - <dt id="checksum"><a class="permalink" href="#checksum"><code class="Cm">checksum</code></a></dt> - <dd>Verify that the fetched distfile's checksum matches the one the port was - tested against. If the distfile's checksum does not match, it also fetches - the distfiles which are missing or failed the checksum calculation. - Defining <var class="Va">NO_CHECKSUM</var> will skip this step.</dd> - <dt id="depends"><a class="permalink" href="#depends"><code class="Cm">depends</code></a></dt> - <dd>Install (or compile if only compilation is necessary) any dependencies of - the current port. When called by the <code class="Cm">extract</code> or - <code class="Cm">fetch</code> targets, this is run in piecemeal as - <code class="Cm">fetch-depends</code>, - <code class="Cm">build-depends</code>, etc. Defining - <var class="Va">NO_DEPENDS</var> will skip this step.</dd> - <dt id="extract"><a class="permalink" href="#extract"><code class="Cm">extract</code></a></dt> - <dd>Expand the distfile into a work directory.</dd> - <dt id="patch"><a class="permalink" href="#patch"><code class="Cm">patch</code></a></dt> - <dd>Apply any patches that are necessary for the port.</dd> - <dt id="configure"><a class="permalink" href="#configure"><code class="Cm">configure</code></a></dt> - <dd>Configure the port. Some ports will ask you questions during this stage. - See <var class="Va">INTERACTIVE</var> and - <var class="Va">BATCH</var>.</dd> - <dt id="build"><a class="permalink" href="#build"><code class="Cm">build</code></a></dt> - <dd>Build the port. This is the same as calling the - <code class="Cm">all</code> target.</dd> - <dt id="install"><a class="permalink" href="#install"><code class="Cm">install</code></a></dt> - <dd>Install the port and register it with the package system. This is all you - really need to do.</dd> - <dt id="install-missing-packages"><a class="permalink" href="#install-missing-packages"><code class="Cm">install-missing-packages</code></a></dt> - <dd>Install missing dependencies from packages instead of building them.</dd> -</dl> -<p class="Pp">The following targets are not run during the normal install - process.</p> -<dl class="Bl-tag"> - <dt id="showconfig"><a class="permalink" href="#showconfig"><code class="Cm">showconfig</code></a></dt> - <dd>Display <var class="Va">OPTIONS</var> config for this port.</dd> - <dt id="showconfig-recursive"><a class="permalink" href="#showconfig-recursive"><code class="Cm">showconfig-recursive</code></a></dt> - <dd>Display <var class="Va">OPTIONS</var> config for this port and all its - dependencies.</dd> - <dt id="rmconfig"><a class="permalink" href="#rmconfig"><code class="Cm">rmconfig</code></a></dt> - <dd>Remove <var class="Va">OPTIONS</var> config for this port.</dd> - <dt id="rmconfig-recursive"><a class="permalink" href="#rmconfig-recursive"><code class="Cm">rmconfig-recursive</code></a></dt> - <dd>Remove <var class="Va">OPTIONS</var> config for this port and all its - dependencies.</dd> - <dt id="config-conditional"><a class="permalink" href="#config-conditional"><code class="Cm">config-conditional</code></a></dt> - <dd>Skip the ports which have already had their <var class="Va">OPTIONS</var> - configured.</dd> - <dt id="config-recursive"><a class="permalink" href="#config-recursive"><code class="Cm">config-recursive</code></a></dt> - <dd>Configure <var class="Va">OPTIONS</var> for this port and all its - dependencies using <a class="Xr">portconfig(1)</a> - (<span class="Pa">ports/ports-mgmt/portconfig</span>).</dd> - <dt id="fetch-list"><a class="permalink" href="#fetch-list"><code class="Cm">fetch-list</code></a></dt> - <dd>Show the list of files to fetch in order to build the port (but not its - dependencies).</dd> - <dt id="fetch-recursive"><a class="permalink" href="#fetch-recursive"><code class="Cm">fetch-recursive</code></a></dt> - <dd>Fetch the distfiles of the port and all its dependencies.</dd> - <dt id="fetch-recursive-list"><a class="permalink" href="#fetch-recursive-list"><code class="Cm">fetch-recursive-list</code></a></dt> - <dd>Show list of files that would be retrieved by - <code class="Cm">fetch-recursive</code>.</dd> - <dt id="build-depends-list"><a class="permalink" href="#build-depends-list"><code class="Cm">build-depends-list</code></a>, - <code class="Cm">run-depends-list</code></dt> - <dd>Print a list of all the direct compile or run dependencies for this - port.</dd> - <dt id="all-depends-list"><a class="permalink" href="#all-depends-list"><code class="Cm">all-depends-list</code></a></dt> - <dd>Print a list of all recursive dependencies for this port.</dd> - <dt id="pretty-print-build-depends-list"><a class="permalink" href="#pretty-print-build-depends-list"><code class="Cm">pretty-print-build-depends-list</code></a>, - <code class="Cm">pretty-print-run-depends-list</code></dt> - <dd>Print a list of all the recursive compile or run dependencies for this - port by port name and version.</dd> - <dt id="missing"><a class="permalink" href="#missing"><code class="Cm">missing</code></a></dt> - <dd>Print a list of missing dependencies to be installed for the port.</dd> - <dt id="clean"><a class="permalink" href="#clean"><code class="Cm">clean</code></a></dt> - <dd>Remove the expanded source code. This recurses to dependencies unless - <var class="Va">NOCLEANDEPENDS</var> is defined.</dd> - <dt id="distclean"><a class="permalink" href="#distclean"><code class="Cm">distclean</code></a></dt> - <dd>Remove the port's distfiles and perform the <code class="Cm">clean</code> - target. The <code class="Cm">clean</code> portion recurses to dependencies - unless <var class="Va">NOCLEANDEPENDS</var> is defined, but the - <code class="Cm">distclean</code> portion never recurses (this is perhaps - a bug).</dd> - <dt id="reinstall"><a class="permalink" href="#reinstall"><code class="Cm">reinstall</code></a></dt> - <dd>Use this to restore a port after using <a class="Xr">pkg-delete(8)</a> - when you should have used <code class="Cm">deinstall</code>.</dd> - <dt id="deinstall"><a class="permalink" href="#deinstall"><code class="Cm">deinstall</code></a></dt> - <dd>Remove an installed port from the system, similar to - <a class="Xr">pkg-delete(8)</a>.</dd> - <dt id="deinstall-all"><a class="permalink" href="#deinstall-all"><code class="Cm">deinstall-all</code></a></dt> - <dd>Remove all installed ports with the same <var class="Va">PKGORIGIN</var> - from the system.</dd> - <dt id="package"><a class="permalink" href="#package"><code class="Cm">package</code></a></dt> - <dd>Make a binary package for the port. The port will be installed if it has - not already been. The package is a <span class="Pa">.pkg</span> file that - you can use to install the port on other machines with - <a class="Xr">pkg-add(8)</a>. If the directory specified by - <var class="Va">PACKAGES</var> does not exist, the package will be put in - <span class="Pa">/usr/ports/category/port/work/pkg</span>. See - <var class="Va">PKGREPOSITORY</var> and <var class="Va">PKGFILE</var> for - more information.</dd> - <dt id="package-recursive"><a class="permalink" href="#package-recursive"><code class="Cm">package-recursive</code></a></dt> - <dd>Like <code class="Cm">package</code>, but makes a package for each - depending port as well.</dd> - <dt id="package-name"><a class="permalink" href="#package-name"><code class="Cm">package-name</code></a></dt> - <dd>Prints the name with version of the port.</dd> - <dt id="readmes"><a class="permalink" href="#readmes"><code class="Cm">readmes</code></a></dt> - <dd>Create a port's <span class="Pa">README.html</span>. This can be used from - <span class="Pa">/usr/ports</span> to create a browsable web of all ports - on your system!</dd> - <dt id="search"><a class="permalink" href="#search"><code class="Cm">search</code></a></dt> - <dd>Search the <span class="Pa">INDEX</span> file for the pattern specified by - the <var class="Va">key</var> (searches the port name, comment, and - dependencies), <var class="Va">name</var> (searches the port name only), - <var class="Va">path</var> (searches the port path), - <var class="Va">info</var> (searches the port info), - <var class="Va">maint</var> (searches the port maintainer), - <var class="Va">cat</var> (searches the port category), - <var class="Va">bdeps</var> (searches the port build-time dependency), - <var class="Va">rdeps</var> (searches the port run-time dependency), - <var class="Va">www</var> (searches the port web site) - <a class="Xr">make(1)</a> variables, and their exclusion counterparts: - <var class="Va">xname</var>, <var class="Va">xkey</var> etc. For example, - one would type: - <p class="Pp"></p> - <div class="Bd Bd-indent"><code class="Li">cd /usr/ports && make - search name=query</code></div> - <p class="Pp">to find all ports whose name matches - “<code class="Li">query</code>”. Results include the - matching ports' path, comment, maintainer, build dependencies, and run - dependencies.</p> - <div class="Bd Pp Bd-indent Li"> - <pre>cd /usr/ports && make search name=pear- \ - xbdeps=apache</pre> - </div> - <p class="Pp">To find all ports whose names contain - “<code class="Li">pear-</code>” and which do not have - apache listed in build-time dependencies.</p> - <div class="Bd Pp Bd-indent Li"> - <pre>cd /usr/ports && make search name=pear- \ - xname='ht(tp|ml)'</pre> - </div> - <p class="Pp">To find all ports whose names contain - “<code class="Li">pear-</code>”, but not - “<code class="Li">html</code>” or - “<code class="Li">http</code>”.</p> - <div class="Bd Pp Bd-indent Li"> - <pre>make search key=apache display=name,path,info keylim=1</pre> - </div> - <p class="Pp">To find ports that contain - “<code class="Li">apache</code>” in either of the name, - path, info fields, ignore the rest of the record.</p> - <p class="Pp">By default the search is not case-sensitive. In order to make - it case-sensitive you can use the <var class="Va">icase</var> - variable:</p> - <div class="Bd Pp Bd-indent Li"> - <pre>make search name=p5-R icase=0</pre> - </div> - </dd> - <dt id="quicksearch"><a class="permalink" href="#quicksearch"><code class="Cm">quicksearch</code></a></dt> - <dd>Reduced <code class="Cm">search</code> output. Only display name, path and - info.</dd> - <dt id="describe"><a class="permalink" href="#describe"><code class="Cm">describe</code></a></dt> - <dd>Generate a one-line description of each port for use in the - <span class="Pa">INDEX</span> file.</dd> - <dt id="maintainer"><a class="permalink" href="#maintainer"><code class="Cm">maintainer</code></a></dt> - <dd>Display the port maintainer's email address.</dd> - <dt id="index"><a class="permalink" href="#index"><code class="Cm">index</code></a></dt> - <dd>Create <span class="Pa">/usr/ports/INDEX</span>, which is used by the - <code class="Cm">pretty-print-*</code> and <code class="Cm">search</code> - targets. Running the <code class="Cm">index</code> target will ensure your - <span class="Pa">INDEX</span> file is up to date with your ports - tree.</dd> - <dt id="fetchindex"><a class="permalink" href="#fetchindex"><code class="Cm">fetchindex</code></a></dt> - <dd>Fetch the <span class="Pa">INDEX</span> file from the - <span class="Ux">FreeBSD</span> cluster.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="ENVIRONMENT"><a class="permalink" href="#ENVIRONMENT">ENVIRONMENT</a></h1> -<p class="Pp">You can change all of these.</p> -<dl class="Bl-tag"> - <dt id="PORTSDIR"><var class="Va">PORTSDIR</var></dt> - <dd>Location of the ports tree. This is <span class="Pa">/usr/ports</span> by - default.</dd> - <dt id="WRKDIRPREFIX"><var class="Va">WRKDIRPREFIX</var></dt> - <dd>Where to create any temporary files. Useful if - <var class="Va">PORTSDIR</var> is read-only (perhaps mounted from a - CD-ROM).</dd> - <dt id="DISTDIR"><var class="Va">DISTDIR</var></dt> - <dd>Where to find/put distfiles, normally <span class="Pa">distfiles/</span> - in <var class="Va">PORTSDIR</var>.</dd> - <dt id="SU_CMD"><var class="Va">SU_CMD</var></dt> - <dd>Command used to elevate privilege to configure and install a port. The - unprivileged user must have write access to - <var class="Va">WRKDIRPREFIX</var> and <var class="Va">DISTDIR</var>. The - default is ‘<code class="Li">/usr/bin/su root -c</code>’. - Many users set it to ‘<code class="Li">/usr/local/bin/sudo -E sh - -c</code>’ for convenience.</dd> - <dt id="PACKAGES"><var class="Va">PACKAGES</var></dt> - <dd>Used only for the <code class="Cm">package</code> target; the base - directory for the packages tree, normally - <span class="Pa">packages/</span> in <var class="Va">PORTSDIR</var>. If - this directory exists, the package tree will be (partially) constructed. - This directory does not have to exist; if it does not, packages will be - placed into the current directory, or you can define one of - <dl class="Bl-tag"> - <dt id="PKGREPOSITORY"><var class="Va">PKGREPOSITORY</var></dt> - <dd>Directory to put the package in.</dd> - <dt id="PKGFILE"><var class="Va">PKGFILE</var></dt> - <dd>The full path to the package.</dd> - </dl> - </dd> - <dt id="LOCALBASE"><var class="Va">LOCALBASE</var></dt> - <dd>Where existing things are installed and where to search for files when - resolving dependencies (usually <span class="Pa">/usr/local</span>).</dd> - <dt id="PREFIX"><var class="Va">PREFIX</var></dt> - <dd>Where to install this port (usually set to the same as - <var class="Va">LOCALBASE</var>).</dd> - <dt id="MASTER_SITES"><var class="Va">MASTER_SITES</var></dt> - <dd>Primary sites for distribution files if not found locally.</dd> - <dt id="PATCH_SITES"><var class="Va">PATCH_SITES</var></dt> - <dd>Primary locations for distribution patch files if not found locally.</dd> - <dt id="MASTER_SITE_FREEBSD"><var class="Va">MASTER_SITE_FREEBSD</var></dt> - <dd>If set, go to the master <span class="Ux">FreeBSD</span> site for all - files.</dd> - <dt id="MASTER_SITE_OVERRIDE"><var class="Va">MASTER_SITE_OVERRIDE</var></dt> - <dd>Try going to these sites for all files and patches, first.</dd> - <dt id="MASTER_SITE_BACKUP"><var class="Va">MASTER_SITE_BACKUP</var></dt> - <dd>Try going to these sites for all files and patches, last.</dd> - <dt id="RANDOMIZE_MASTER_SITES"><var class="Va">RANDOMIZE_MASTER_SITES</var></dt> - <dd>Try the download locations in a random order.</dd> - <dt id="MASTER_SORT"><var class="Va">MASTER_SORT</var></dt> - <dd>Sort the download locations according to user supplied pattern. Example: - <div class="Bd Bd-indent"><code class="Li">.dk .sunet.se .se dk.php.net .no - .de heanet.dl.sourceforge.net</code></div> - </dd> - <dt id="MASTER_SITE_INDEX"><var class="Va">MASTER_SITE_INDEX</var></dt> - <dd>Where to get <span class="Pa">INDEX</span> source built on - <span class="Ux">FreeBSD</span> cluster (for - <code class="Cm">fetchindex</code> target). Defaults to - <span class="Pa">https://download.FreeBSD.org/ports/index/</span>.</dd> - <dt id="FETCHINDEX"><var class="Va">FETCHINDEX</var></dt> - <dd>Command to get <span class="Pa">INDEX</span> (for - <code class="Cm">fetchindex</code> target). Defaults to - “<code class="Li">fetch -am</code>”.</dd> - <dt id="NOCLEANDEPENDS"><var class="Va">NOCLEANDEPENDS</var></dt> - <dd>If defined, do not let <code class="Cm">clean</code> recurse to - dependencies.</dd> - <dt id="FETCH_CMD"><var class="Va">FETCH_CMD</var></dt> - <dd>Command to use to fetch files. Normally <a class="Xr">fetch(1)</a>.</dd> - <dt id="FORCE_PKG_REGISTER"><var class="Va">FORCE_PKG_REGISTER</var></dt> - <dd>If set, overwrite any existing package registration on the system.</dd> - <dt id="INTERACTIVE"><var class="Va">INTERACTIVE</var></dt> - <dd>If defined, only operate on a port if it requires interaction.</dd> - <dt id="BATCH"><var class="Va">BATCH</var></dt> - <dd>If defined, only operate on a port if it can be installed 100% - automatically.</dd> - <dt id="DISABLE_VULNERABILITIES"><var class="Va">DISABLE_VULNERABILITIES</var></dt> - <dd>If defined, disable check for security vulnerabilities using - <a class="Xr">pkg-audit(8)</a> when installing new ports.</dd> - <dt id="NO_IGNORE"><var class="Va">NO_IGNORE</var></dt> - <dd>If defined, allow installation of ports marked as - ⟨<var class="Va">FORBIDDEN</var>⟩. The default behavior of - the Ports framework is to abort when the installation of a forbidden port - is attempted. Of course, these ports may not work as expected, but if you - really know what you are doing and are sure about installing a forbidden - port, then <var class="Va">NO_IGNORE</var> lets you do it.</dd> - <dt id="NO_CHECKSUM"><var class="Va">NO_CHECKSUM</var></dt> - <dd>If defined, skip verifying the port's checksum.</dd> - <dt id="TRYBROKEN"><var class="Va">TRYBROKEN</var></dt> - <dd>If defined, attempt to build a port even if it is marked as - ⟨<var class="Va">BROKEN</var>⟩.</dd> - <dt id="PORT_DBDIR"><var class="Va">PORT_DBDIR</var></dt> - <dd>Directory where the results of configuring <var class="Va">OPTIONS</var> - are stored. Defaults to <span class="Pa">/var/db/ports</span>. Each port - where <var class="Va">OPTIONS</var> have been configured will have a - uniquely named sub-directory, containing a single file - <span class="Pa">options</span>.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="MAKE_VARIABLES"><a class="permalink" href="#MAKE_VARIABLES">MAKE - VARIABLES</a></h1> -<p class="Pp">The following list provides a name and short description for many - of the variables that are used when building ports. More information on - these and other related variables may be found in - <span class="Pa">${PORTSDIR}/Mk/*</span> and the - <span class="Ux">FreeBSD</span> Porter's Handbook.</p> -<dl class="Bl-tag"> - <dt id="WITH_DEBUG"><var class="Va">WITH_DEBUG</var></dt> - <dd>(<var class="Vt">bool</var>) If set, debugging symbols are installed for - ports binaries.</dd> - <dt id="WITH_DEBUG_PORTS"><var class="Va">WITH_DEBUG_PORTS</var></dt> - <dd>A list of origins for which to set <var class="Va">WITH_DEBUG</var>.</dd> - <dt id="DEBUG_FLAGS"><var class="Va">DEBUG_FLAGS</var></dt> - <dd>(Default: ‘<code class="Li">-g</code>’) Additional - <var class="Va">CFLAGS</var> to set when <var class="Va">WITH_DEBUG</var> - is set.</dd> - <dt id="DEFAULT_VERSIONS"><var class="Va">DEFAULT_VERSIONS</var></dt> - <dd>Override the default variant used for ports with multiple concurrent - versions in the tree, such as database or compiler versions.</dd> - <dt id="WITH_CCACHE_BUILD"><var class="Va">WITH_CCACHE_BUILD</var></dt> - <dd>(<var class="Vt">bool</var>) If set, enables the use of - <a class="Xr">ccache(1)</a> for building ports.</dd> - <dt id="CCACHE_DIR"><var class="Va">CCACHE_DIR</var></dt> - <dd>Which directory to use for the <a class="Xr">ccache(1)</a> data.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/usr/ports/</span></dt> - <dd>The default ports directory.</dd> - <dt><span class="Pa">/usr/ports/Mk/bsd.port.mk</span></dt> - <dd>The big Kahuna.</dd> - <dt><span class="Pa">/var/db/ports/</span></dt> - <dd>The directory where the results of configuring - <var class="Va">OPTIONS</var> are stored.</dd> - <dt><span class="Pa">${PORT}/Makefile</span></dt> - <dd>The specification for building the port.</dd> - <dt><span class="Pa">${PORT}/distfiles</span></dt> - <dd>The directory where fetched files are stored.</dd> - <dt><span class="Pa">${PORT}/distinfo</span></dt> - <dd>The checksums generated with ‘<code class="Li">make - makesum</code>’.</dd> - <dt><span class="Pa">${PORT}/files/</span></dt> - <dd>The directory for any patches.</dd> - <dt><span class="Pa">${PORT}/pkg-descr</span></dt> - <dd>The long description of the port.</dd> - <dt><span class="Pa">${PORT}/pkg-plist</span></dt> - <dd>The list of all files installed by the port.</dd> - <dt><span class="Pa">${PORT}/work</span></dt> - <dd>The port's building and staging directory.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<dl class="Bl-tag"> - <dt id="Example"><a class="permalink" href="#Example"><b class="Sy">Example - 1:</b></a> <span class="No">Building and Installing a Port</span></dt> - <dd> - <p class="Pp">The following command builds and installs Emacs.</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Li">#</code> <code class="Ic">cd /usr/ports/editors/emacs</code> -<code class="Li">#</code> <code class="Ic">make install</code></pre> - </div> - </dd> - <dt id="Example~2"><a class="permalink" href="#Example~2"><b class="Sy">Example - 2:</b></a> <span class="No">Installing Dependencies with</span> - <a class="Xr">pkg(8)</a></dt> - <dd> - <p class="Pp">The following example shows how to build and install a port - without having to build its dependencies. Instead, the dependencies are - downloaded via <a class="Xr">pkg(8)</a>.</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Li">#</code> <code class="Ic">make install-missing-packages</code> -<code class="Li">#</code> <code class="Ic">make install</code></pre> - </div> - <p class="Pp">It is especially useful, when the dependencies are costly in - time and resources to build (like <span class="Pa">lang/rust</span>). - The drawback is that <a class="Xr">pkg(8)</a> offers only packages built - with the default set of <var class="Va">OPTIONS</var>.</p> - </dd> - <dt id="Example~3"><a class="permalink" href="#Example~3"><b class="Sy">Example - 3:</b></a> <span class="No">Building a Non-Default Flavor of a - Port</span></dt> - <dd> - <p class="Pp">The following command builds a non-default flavor of a port. - (In this case <span class="Pa">devel/py-pip</span> is going to be built - with Python 3.7 support.)</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Li">#</code> <code class="Ic">cd /usr/ports/devel/py-pip</code> -<code class="Li">#</code> <code class="Ic">env FLAVOR=py37 make build</code></pre> - </div> - </dd> - <dt id="Example~4"><a class="permalink" href="#Example~4"><b class="Sy">Example - 4:</b></a> <span class="No">Setting Ports Options via</span> - <a class="Xr">make.conf(5)</a></dt> - <dd> - <p class="Pp">The following lines present various ways of configuring ports - options via <a class="Xr">make.conf(5)</a> (as an alternative to, e.g., - running “<code class="Li">make config</code>”):</p> - <div class="Bd Pp Bd-indent Li"> - <pre># Enable NLS for all ports unless configured otherwise -# using the options dialog. -OPTIONS_SET= NLS -# Disable DOCS for all ports overriding the options set -# via the options dialog. -OPTIONS_UNSET_FORCE= DOCS -# Disable DOCS and EXAMPLES for the shells/zsh port. -shells_zsh_UNSET= DOCS EXAMPLES</pre> - </div> - <p class="Pp">These and other options-related variables are documented in - <span class="Pa">/usr/ports/Mk/bsd.options.mk</span>.</p> - </dd> - <dt id="Example~5"><a class="permalink" href="#Example~5"><b class="Sy">Example - 5:</b></a> <span class="No">Setting</span> <a class="Xr">make(1)</a> - Variables for Specific Ports via <a class="Xr">make.conf(5)</a></dt> - <dd> - <p class="Pp">The following example shows how to set arbitrary - <a class="Xr">make(1)</a> variables only specific ports:</p> - <div class="Bd Pp Bd-indent Li"> - <pre># Set DISABLE_MAKE_JOBS for the lang/rust port: -.if ${.CURDIR:M*/lang/rust} -DISABLE_MAKE_JOBS= yes -TRYBROKEN= yes -.endif</pre> - </div> - </dd> - <dt id="Example~6"><a class="permalink" href="#Example~6"><b class="Sy">Example - 6:</b></a> <span class="No">Debugging Ports</span></dt> - <dd>By default ports are built and packaged without debugging support (e.g., - debugging symbols are stripped from binaries, optimization flags are used - for compiling, verbose logging is disabled). Whether ports are built with - debugging symbols can be controlled by the settings in - <a class="Xr">make.conf(5)</a>, e.g., - <div class="Bd Pp Bd-indent Li"> - <pre># Enable debugging for all ports. -WITH_DEBUG= yes -# Enable debugging for selected ports. -WITH_DEBUG_PORTS= mail/dovecot security/krb5</pre> - </div> - <p class="Pp">It is also possible to use the debug variables on the command - line:</p> - <div class="Bd Pp Bd-indent Li"> - <pre><code class="Li">#</code> <code class="Ic">make WITH_DEBUG DEBUG_FLAGS="-g -O0" build</code></pre> - </div> - <p class="Pp">See the <a class="Sx" href="#MAKE_VARIABLES">MAKE - VARIABLES</a> section to learn more about the debug variables.</p> - <p class="Pp">To understand the details of what happens when the debug - variables are set it is best to consult the files located at - <span class="Pa">${PORTSDIR}/Mk/*</span> - (<span class="Pa">bsd.port.mk</span> in particular).</p> - <p class="Pp">If debugging is enabled for a specific port, the ports - framework will:</p> - <ul class="Bl-bullet"> - <li>Add <var class="Va">DEBUG_FLAGS</var> (defaults to - ‘<code class="Li">-g</code>’) to - <var class="Va">CFLAGS</var>.</li> - <li>Try to prevent the binaries from being stripped (including checking - the install target to replace - ‘<code class="Li">install-strip</code>’ with - ‘<code class="Li">install</code>’). Whether a binary has - been stripped can be checked with <a class="Xr">file(1)</a>.</li> - <li>Try to enable other debugging features like debug build type or - verbose logging. However, this is port-specific and the ports - framework might not be aware of each supported debugging feature a - given piece of software has to offer).</li> - </ul> - </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">make(1)</a>, <a class="Xr">make.conf(5)</a>, - <a class="Xr">development(7)</a>, <a class="Xr">pkg(7)</a></p> -<p class="Pp">Additional developer documentation:</p> -<ul class="Bl-dash Bd-indent"> - <li><a class="Xr">portlint(1)</a></li> - <li><span class="Pa">/usr/ports/Mk/bsd.port.mk</span></li> -</ul> -<p class="Pp">Additional user documentation:</p> -<ul class="Bl-dash Bd-indent"> - <li><a class="Xr">pkg(8)</a></li> - <li><a class="Lk" href="https://ports.FreeBSD.org">Searchable index of all - ports</a></li> -</ul> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The Ports Collection appeared in <span class="Ux">FreeBSD - 1.0</span>. It has since spread to <span class="Ux">NetBSD</span>, - <span class="Ux">OpenBSD</span>, and macOS.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This manual page was originated by <span class="An">David - O'Brien</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUGS"><a class="permalink" href="#BUGS">BUGS</a></h1> -<p class="Pp">Ports documentation is split over four places — - <span class="Pa">/usr/ports/Mk/bsd.port.mk</span>, <i class="RsB">The - Porter's Handbook,</i> the “Packages and Ports” chapter of - <i class="RsB">The FreeBSD Handbook,</i> and this manual page.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">February 21, 2026</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/release.7 3.html b/static/freebsd/man7/release.7 3.html deleted file mode 100644 index ce187867..00000000 --- a/static/freebsd/man7/release.7 3.html +++ /dev/null @@ -1,562 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">RELEASE(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">RELEASE(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">release</code> — <span class="Nd">release - building infrastructure</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp"><span class="Ux">FreeBSD</span> provides a complete build - environment suitable for users to make full releases of the - <span class="Ux">FreeBSD</span> operating system. All of the tools necessary - to build a release are available from the <span class="Ux">FreeBSD</span> - source code repository in <span class="Pa">src/release</span>. A complete - release can be built with only a single command, including the creation of - ISO images suitable for burning to CD-ROM, memory stick images, and a - network install directory. This command is aptly named - “<code class="Li">make release</code>”.</p> -<p class="Pp">For some users, it may be desirable to provide an absolutely clean - build environment, with no local modifications to the source tree or to - <a class="Xr">make.conf(5)</a>, and with clean checkouts of specific - versions of the doc, src, and ports trees. For this purpose, a script - (<span class="Pa">src/release/release.sh</span>) is provided to automate - these checkouts and then execute “<code class="Li">make - release</code>” in a clean <a class="Xr">chroot(8)</a>.</p> -<p class="Pp">Before attempting to build a release, the user is expected to be - familiar with the contents of <a class="Xr">build(7)</a>, and should have - experience upgrading systems from source.</p> -<p class="Pp">The release build process requires that - <span class="Pa">/usr/obj</span> be populated with the output of - “<code class="Li">make buildworld</code>” and - “<code class="Li">make buildkernel</code>”. This is necessary - to provide the object files for the release or, when using - <span class="Pa">release.sh</span>, so that the object files for a complete - system can be installed into a clean <a class="Xr">chroot(8)</a> - environment.</p> -<p class="Pp">If the target release build is for a different architecture or - machine type, the <var class="Va">TARGET</var> and - <var class="Va">TARGET_ARCH</var> variables must be used. See the supported - <var class="Fa">release.conf</var> variables for more information.</p> -<p class="Pp">The release procedure on some architectures may also require that - the <a class="Xr">md(4)</a> (memory disk) device driver be present in the - kernel (either by being compiled in or available as a module).</p> -<p class="Pp">This document does not cover source code management, quality - assurance, or other aspects of the release engineering process.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="CLEAN_RELEASE_GENERATION"><a class="permalink" href="#CLEAN_RELEASE_GENERATION">CLEAN - RELEASE GENERATION</a></h1> -<p class="Pp">Official releases of <span class="Ux">FreeBSD</span> are produced - in a clean environment to ensure consistency between the versions of the - src, ports, and doc trees and to avoid contamination from the host system - (such as local patches, changes to <a class="Xr">make.conf(5)</a>, etc.). - This is accomplished using the wrapper script - <span class="Pa">src/release/release.sh</span>.</p> -<p class="Pp"><code class="Ic">release.sh</code> [<code class="Fl">-c</code> - <var class="Ar">release.conf</var>]</p> -<p class="Pp"><code class="Ic">release.sh</code> checks out the - <code class="Li">src/</code>, <code class="Li">ports/</code>, and - <code class="Li">doc/</code> trees to <var class="Va">CHROOTDIR</var>, then - calls “<code class="Li">make buildworld</code>” and - “<code class="Li">make installworld</code>” to generate a - <a class="Xr">chroot(8)</a> environment. Next, “<code class="Li">make - release</code>” is run within the <a class="Xr">chroot(8)</a> - environment and places the result in - <span class="Pa">$CHROOTDIR/R</span>.</p> -<p class="Pp">The optional <var class="Fa">release.conf</var> configuration file - supports the following variables:</p> -<dl class="Bl-tag"> - <dt id="CHROOTDIR"><var class="Va">CHROOTDIR</var></dt> - <dd>The directory within which the release will be built. Defaults to - <span class="Pa">/scratch</span>.</dd> - <dt id="CHROOT_MAKEENV"><var class="Va">CHROOT_MAKEENV</var></dt> - <dd>Additional <a class="Xr">make(1)</a> arguments to pass through, which - directly affect the tuning of the build chroot.</dd> - <dt id="NOGIT"><var class="Va">NOGIT</var></dt> - <dd>Do not explicitly require the <a class="Xr">git(1)</a> port to be - installed.</dd> - <dt id="GITROOT"><var class="Va">GITROOT</var></dt> - <dd>The <a class="Xr">git(1)</a> host used to check out the various trees. - Defaults to <span class="Pa">https://git.FreeBSD.org</span>.</dd> - <dt id="SRCBRANCH"><var class="Va">SRCBRANCH</var></dt> - <dd>The <code class="Li">src/</code> branch to use. Defaults to - <code class="Fl">-b</code> <var class="Va">main</var>.</dd> - <dt id="PORTBRANCH"><var class="Va">PORTBRANCH</var></dt> - <dd>The <code class="Li">ports/</code> branch to use. Defaults to - <var class="Va">head/@rHEAD</var>.</dd> - <dt id="TARGET"><var class="Va">TARGET</var></dt> - <dd>The target machine type for cross-building a release.</dd> - <dt id="TARGET_ARCH"><var class="Va">TARGET_ARCH</var></dt> - <dd>The target machine architecture for cross-building a release. - <p class="Pp">For the supported list of <var class="Va">TARGET</var> and - <var class="Va">TARGET_ARCH</var> combinations, consult the output of - “make targets” as documented in - <a class="Xr">build(7)</a>.</p> - </dd> - <dt id="KERNEL"><var class="Va">KERNEL</var></dt> - <dd>The target kernel configuration to use. Defaults to - <var class="Va">GENERIC</var>. Multiple <var class="Va">KERNEL</var> - entries may be specified.</dd> - <dt id="MAKE_CONF"><var class="Va">MAKE_CONF</var></dt> - <dd>The <a class="Xr">make.conf(5)</a> to use for the release build. Defaults - to <var class="Fa">/dev/null</var> to prevent polluting the release with - local system changes.</dd> - <dt id="SRC_CONF"><var class="Va">SRC_CONF</var></dt> - <dd>The <a class="Xr">src.conf(5)</a> to use for the release build. Defaults - to <var class="Fa">/dev/null</var> to prevent polluting the release with - local system changes.</dd> - <dt id="MAKE_FLAGS"><var class="Va">MAKE_FLAGS</var></dt> - <dd>Additional flags to pass to <a class="Xr">make(1)</a>.</dd> - <dt id="WORLD_FLAGS"><var class="Va">WORLD_FLAGS</var></dt> - <dd>Additional flags to pass to <a class="Xr">make(1)</a> during the - “buildworld” phase. Defaults to setting the number of - <a class="Xr">make(1)</a> jobs (<var class="Ar">-j</var>) to the number of - CPUs available on a SMP-capable system.</dd> - <dt id="KERNEL_FLAGS"><var class="Va">KERNEL_FLAGS</var></dt> - <dd>Additional flags to pass to <a class="Xr">make(1)</a> during the - “buildkernel” phase. Defaults to setting the number of - <a class="Xr">make(1)</a> jobs (<var class="Ar">-j</var>) to half the - number of CPUs available on a SMP-capable system.</dd> - <dt id="NOPORTS"><var class="Va">NOPORTS</var></dt> - <dd>Set to a non-empty value to skip the <code class="Li">ports/</code> tree - checkout. When set, <var class="Va">NOPORTS</var> will prevent the - <var class="Fa">ports.txz</var> distribution package from being - created.</dd> - <dt id="WITH_DVD"><var class="Va">WITH_DVD</var></dt> - <dd>Set to a non-empty value to include the <code class="Cm">dvdrom</code> - target.</dd> - <dt id="WITH_COMPRESSED_IMAGES"><var class="Va">WITH_COMPRESSED_IMAGES</var></dt> - <dd>Set to a non-empty value to compress the release images with - <a class="Xr">xz(1)</a>. The original (uncompressed) images are not - removed.</dd> - <dt id="XZ_THREADS"><var class="Va">XZ_THREADS</var> - (<var class="Vt">int</var>)</dt> - <dd>Set to the number of threads <a class="Xr">xz(1)</a> should use when - compressing images. By default, <var class="Va">XZ_THREADS</var> is set to - <var class="Va">0</var>, which uses all available cores on the - system.</dd> - <dt id="VCSCMD"><var class="Va">VCSCMD</var></dt> - <dd>The command run to obtain the source trees. Defaults to - "<code class="Cm">git clone</code> - <code class="Fl">-q</code>".</dd> - <dt id="CHROOTBUILD_SKIP"><var class="Va">CHROOTBUILD_SKIP</var></dt> - <dd>If defined, the <code class="Li">buildworld</code>, - <code class="Li">installworld</code>, and - <code class="Li">distribution</code> stages of the - <a class="Xr">chroot(8)</a> build environment setup are skipped. This is - intended solely for cases where the <a class="Xr">chroot(8)</a> userland - are provided by alternate means.</dd> - <dt id="SRC_UPDATE_SKIP"><var class="Va">SRC_UPDATE_SKIP</var></dt> - <dd>Set to a non-empty value to prevent checkout or update of - <var class="Fa">/usr/src</var> within the <a class="Xr">chroot(8)</a>. - This is intended for use only when <var class="Fa">/usr/src</var> is - expected to exist by alternative means.</dd> - <dt id="PORTS_UPDATE_SKIP"><var class="Va">PORTS_UPDATE_SKIP</var></dt> - <dd>Set to a non-empty value to prevent checkout or update of - <var class="Fa">/usr/ports</var> within the <a class="Xr">chroot(8)</a>. - This is intended for use only when <var class="Fa">/usr/ports</var> is - expected to exist by alternative means.</dd> - <dt id="NOPKGBASE"><var class="Va">NOPKGBASE</var></dt> - <dd>Include legacy tarball distribution sets for use on the install media, - instead of base system packages.</dd> - <dt id="PKG_CMD"><var class="Va">PKG_CMD</var></dt> - <dd>A path to the <a class="Xr">pkg(8)</a> executable to use when installing - packages in release images as a non-root user.</dd> - <dt id="PKG_REPOS_DIR"><var class="Va">PKG_REPOS_DIR</var></dt> - <dd>An optional path to a directory containing <a class="Xr">pkg(8)</a> - repository configuration files. These configuration files will be used - when installing packages in release images as a non-root user.</dd> - <dt id="PKG_REPO_NAME"><var class="Va">PKG_REPO_NAME</var></dt> - <dd>The name of the repository configuration to use when installing packages - in release images as a non-root user.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="EMBEDDED_BUILDS"><a class="permalink" href="#EMBEDDED_BUILDS">EMBEDDED - BUILDS</a></h1> -<p class="Pp">The following <var class="Fa">release.conf</var> variables are - relevant only to release builds for embedded systems:</p> -<dl class="Bl-tag"> - <dt id="EMBEDDEDBUILD"><var class="Va">EMBEDDEDBUILD</var></dt> - <dd>Set to a non-null value to enable functionality for embedded device - release builds. - <p class="Pp">When set, <var class="Va">WITH_DVD</var> is unset. - Additionally, <var class="Va">EMBEDDED_TARGET</var> and - <var class="Va">EMBEDDED_TARGET_ARCH</var> must also be defined. When - the build environment is created, <var class="Fa">release.sh</var> runs - a separate build script located in an architecture-specific directory in - <span class="Pa">src/release/${EMBEDDED_TARGET}/</span>.</p> - </dd> - <dt id="EMBEDDEDPORTS"><var class="Va">EMBEDDEDPORTS</var></dt> - <dd>Set to the list of any ports that are required for the target device in - the format of <var class="Fa">category/port</var>.</dd> - <dt id="EMBEDDED_TARGET"><var class="Va">EMBEDDED_TARGET</var></dt> - <dd>When set, its value is passed to <a class="Xr">make(1)</a> to set the - <var class="Va">TARGET</var> (value of <code class="Cm">uname</code> - <code class="Fl">-m</code>) to cross build the target userland.</dd> - <dt id="EMBEDDED_TARGET_ARCH"><var class="Va">EMBEDDED_TARGET_ARCH</var></dt> - <dd>When set, its value is passed to <a class="Xr">make(1)</a> to set the - <var class="Va">TARGET_ARCH</var> (value of <code class="Cm">uname</code> - <code class="Fl">-p</code>) to cross build the target userland.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="VIRTUAL_MACHINE_DISK_IMAGES"><a class="permalink" href="#VIRTUAL_MACHINE_DISK_IMAGES">VIRTUAL - MACHINE DISK IMAGES</a></h1> -<p class="Pp">The following <var class="Fa">release.conf</var> variables are - relevant only to virtual machine disk image builds:</p> -<dl class="Bl-tag"> - <dt id="WITH_VMIMAGES"><var class="Va">WITH_VMIMAGES</var></dt> - <dd>Set to a non-null value to build virtual machine disk images as part of - the release build. <var class="Va">WITH_VMIMAGES</var> may also be - specified as an environment variable passed to - <a class="Xr">make(1)</a>.</dd> - <dt id="WITH_COMPRESSED_VMIMAGES"><var class="Va">WITH_COMPRESSED_VMIMAGES</var></dt> - <dd>Set to a non-null value to compress the virtual machine disk images with - <a class="Xr">xz(1)</a> as part of the <code class="Cm">install</code> - <a class="Xr">make(1)</a> target. Note that compressing virtual machine - disk images may take a very long time on some systems.</dd> - <dt id="VMBASE"><var class="Va">VMBASE</var></dt> - <dd>Set to change the name of the resulting virtual machine disk image file. - The default value is <var class="Va">vm</var>.</dd> - <dt id="VMSIZE"><var class="Va">VMSIZE</var></dt> - <dd>Set to change the size of the virtual machine disk capacity. The default - value is <var class="Va">20g</var>. See <a class="Xr">makefs(8)</a> for - valid values. - <p class="Pp">Virtual machine disk images are, by default, created as sparse - images. When <var class="Va">WITH_COMPRESSED_VMIMAGES</var> is used, the - resulting files compressed with <a class="Xr">xz(1)</a> compress to - roughly the same size, regardless of the specified disk image size.</p> - </dd> - <dt id="VMFS"><var class="Va">VMFS</var></dt> - <dd>(Deprecated.) Set to specify which of the filesystem(s) listed in - <var class="Va">VMFSLIST</var> is linked to the historical - non-filesystem-labelled file name. Valid values are - <var class="Va">ufs</var> and <var class="Va">zfs</var>. The default value - is <var class="Va">ufs</var>.</dd> - <dt id="VMFSLIST"><var class="Va">VMFSLIST</var></dt> - <dd>Set to specify the list of file system types to build images for. Valid - values are one or both of <var class="Va">ufs</var> and - <var class="Va">zfs</var>. The default value is <var class="Va">ufs - zfs</var>.</dd> - <dt id="VMFORMATS"><var class="Va">VMFORMATS</var></dt> - <dd>Set to the target virtual disk image format(s) to create. By default, the - <var class="Va">vhdf</var>, <var class="Va">vmdk</var>, - <var class="Va">qcow2</var>, and <var class="Va">raw</var> formats are - created. See <a class="Xr">mkimg(1)</a> for valid format values.</dd> -</dl> -<p class="Pp">For a list of supported <var class="Va">VMFORMATS</var> values - (including cloud hosting provider formats) along with a brief description, - run:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src -make -C release list-vmtargets</pre> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="CLOUD_HOSTING_MACHINE_IMAGES"><a class="permalink" href="#CLOUD_HOSTING_MACHINE_IMAGES">CLOUD - HOSTING MACHINE IMAGES</a></h1> -<p class="Pp">The <span class="Ux">FreeBSD</span> release build tools support - building virtual machine images for various cloud hosting providers, each - with their own specific configuration to include support for each hosting - provider by default.</p> -<p class="Pp">The following <a class="Xr">make(1)</a> environment variables are - supported:</p> -<dl class="Bl-tag"> - <dt id="CLOUDWARE"><var class="Va">CLOUDWARE</var></dt> - <dd>Set to a list of one or more cloud hosting providers, enclosed in quotes. - Requires <var class="Va">WITH_CLOUDWARE</var> to also be set.</dd> - <dt id="WITH_CLOUDWARE"><var class="Va">WITH_CLOUDWARE</var></dt> - <dd>Set to a non-empty value to enable building virtual machine images for - various cloud hosting providers. Requires <var class="Va">CLOUDWARE</var> - to also be set.</dd> -</dl> -<p class="Pp">Additionally, the <var class="Va">CLOUDWARE</var> and - <var class="Va">WITH_CLOUDWARE</var> variables can be added to - <span class="Pa">release.conf</span>, and used in conjunction with - <span class="Pa">release.sh</span>.</p> -<p class="Pp">For a list of supported <var class="Va">CLOUDWARE</var> values, - run:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src -make -C release list-cloudware</pre> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="OCI_IMAGES"><a class="permalink" href="#OCI_IMAGES">OCI - IMAGES</a></h1> -<p class="Pp">The <span class="Ux">FreeBSD</span> release build tools have - experimental support for building Open Container Initiative (OCI) format - container base images. This is enabled using a - <var class="Fa">release.conf</var> variable:</p> -<dl class="Bl-tag"> - <dt id="WITH_OCIIMAGES"><var class="Va">WITH_OCIIMAGES</var></dt> - <dd>Set to a non-null value to build OCI base images.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="MAKEFILE_TARGETS"><a class="permalink" href="#MAKEFILE_TARGETS">MAKEFILE - TARGETS</a></h1> -<p class="Pp">The release makefile - (<span class="Pa">src/release/Makefile</span>) is fairly abstruse. Most - developers will only be concerned with the <code class="Cm">release</code> - and <code class="Cm">install</code> targets.</p> -<dl class="Bl-tag"> - <dt id="release"><a class="permalink" href="#release"><code class="Cm">release</code></a></dt> - <dd>Meta-target to build all release media and distributions applicable to - this platform.</dd> - <dt id="install"><a class="permalink" href="#install"><code class="Cm">install</code></a></dt> - <dd>Copy all produced release media to - <span class="Pa">${DESTDIR}</span>.</dd> - <dt id="cdrom"><a class="permalink" href="#cdrom"><code class="Cm">cdrom</code></a></dt> - <dd>Builds installation CD-ROM images. This may require the - <a class="Xr">md(4)</a> (memory disk) device driver be present in the - kernel (either by being compiled in or available as a module). This target - produces files called <span class="Pa">disc1.iso</span> and - <span class="Pa">bootonly.iso</span> as its output.</dd> - <dt id="dvdrom"><a class="permalink" href="#dvdrom"><code class="Cm">dvdrom</code></a></dt> - <dd>Builds installation DVD-ROM images. This may require the - <a class="Xr">md(4)</a> (memory disk) device driver be present in the - kernel (either by being compiled in or available as a module). This target - produces the <span class="Pa">dvd1.iso</span> file as its output.</dd> - <dt id="memstick"><a class="permalink" href="#memstick"><code class="Cm">memstick</code></a></dt> - <dd>Builds an installation memory stick image named - <span class="Pa">memstick.img</span>. Not applicable on all platforms. - Requires that the <a class="Xr">md(4)</a> (memory disk) device driver be - present in the kernel (either by being compiled in or available as a - module).</dd> - <dt id="mini-memstick"><a class="permalink" href="#mini-memstick"><code class="Cm">mini-memstick</code></a></dt> - <dd>Similar to <code class="Cm">memstick</code>, with the exception that the - installation distribution sets are not included.</dd> - <dt id="ftp"><a class="permalink" href="#ftp"><code class="Cm">ftp</code></a></dt> - <dd>Creates a directory named <span class="Pa">ftp</span> containing the - distribution files used in network installations and suitable for upload - to an FTP mirror.</dd> - <dt id="vm-image"><a class="permalink" href="#vm-image"><code class="Cm">vm-image</code></a></dt> - <dd>Creates virtual machine disk images in various formats. The - <code class="Cm">vm-image</code> target requires the - <var class="Va">WITH_VMIMAGES</var> <a class="Xr">make(1)</a> environment - variable to be set to a non-null value.</dd> - <dt id="vm-cloudware"><a class="permalink" href="#vm-cloudware"><code class="Cm">vm-cloudware</code></a></dt> - <dd>Builds <span class="Ux">FreeBSD</span> virtual machine images for various - cloud hosting providers. See "CLOUD HOSTING MACHINE IMAGES" for - implementation details.</dd> - <dt id="list-cloudware"><a class="permalink" href="#list-cloudware"><code class="Cm">list-cloudware</code></a></dt> - <dd>Displays the list of valid <var class="Va">CLOUDWARE</var> values.</dd> - <dt id="list-vmtargets"><a class="permalink" href="#list-vmtargets"><code class="Cm">list-vmtargets</code></a></dt> - <dd>Displays the list of valid <var class="Va">VMFORMATS</var> and - <var class="Va">CLOUDWARE</var> values.</dd> -</dl> -<p class="Pp">Major subtargets called by targets above:</p> -<dl class="Bl-tag"> - <dt id="packagesystem"><a class="permalink" href="#packagesystem"><code class="Cm">packagesystem</code></a></dt> - <dd>Generates all the distribution archives (base, kernel, ports, doc) - applicable on this platform.</dd> - <dt id="disc1"><a class="permalink" href="#disc1"><code class="Cm">disc1</code></a></dt> - <dd>Builds a bootable installation system containing all the distribution - files packaged by the <code class="Cm">packagesystem</code> target, and - suitable for imaging by the <code class="Cm">cdrom</code>, - <code class="Cm">dvdrom</code> and <code class="Cm">memstick</code> - targets.</dd> - <dt id="reldoc"><a class="permalink" href="#reldoc"><code class="Cm">reldoc</code></a></dt> - <dd>Builds the release documentation. This includes the release notes, - hardware guide, and installation instructions. Other documentation, such - as the Handbook, is built during the <code class="Cm">base.txz</code> - target invoked by <code class="Cm">packagesystem</code>.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="ENVIRONMENT"><a class="permalink" href="#ENVIRONMENT">ENVIRONMENT</a></h1> -<p class="Pp">Optional variables:</p> -<dl class="Bl-tag"> - <dt id="OSRELEASE"><a class="permalink" href="#OSRELEASE"><code class="Ev">OSRELEASE</code></a></dt> - <dd>Optional base name for generated media images when invoking the - <code class="Cm">install</code> target (e.g., FreeBSD-12.1-RELEASE-amd64). - Defaults to the output of <code class="Ic">`uname -s`-`uname -r`-`uname - -p`</code> within the chroot.</dd> - <dt id="WORLDDIR"><a class="permalink" href="#WORLDDIR"><code class="Ev">WORLDDIR</code></a></dt> - <dd>Location of a directory containing the src tree. By default, the directory - above the one containing the makefile (<span class="Pa">src</span>).</dd> - <dt id="PORTSDIR"><a class="permalink" href="#PORTSDIR"><code class="Ev">PORTSDIR</code></a></dt> - <dd>Location of a directory containing the ports tree. By default, - <span class="Pa">/usr/ports</span>. If it is unset or cannot be found, - ports will not be included in the release.</dd> - <dt id="NOPORTS~2"><a class="permalink" href="#NOPORTS~2"><code class="Ev">NOPORTS</code></a></dt> - <dd>If defined, the Ports Collection will be omitted from the release.</dd> - <dt id="NOSRC"><a class="permalink" href="#NOSRC"><code class="Ev">NOSRC</code></a></dt> - <dd>If set, do not include system source code in the release.</dd> - <dt id="TARGET~2"><a class="permalink" href="#TARGET~2"><code class="Ev">TARGET</code></a></dt> - <dd>The target hardware platform. This is analogous to the - “<code class="Nm">uname</code> <code class="Fl">-m</code>” - output. This is necessary to cross-build some target architectures. For - example, cross-building for ARM64 machines requires - <code class="Ev">TARGET_ARCH</code>=<code class="Li">aarch64</code> and - <code class="Ev">TARGET</code>=<code class="Li">arm64</code>. If not set, - <code class="Ev">TARGET</code> defaults to the current hardware - platform.</dd> - <dt id="TARGET_ARCH~2"><a class="permalink" href="#TARGET_ARCH~2"><code class="Ev">TARGET_ARCH</code></a></dt> - <dd>The target machine processor architecture. This is analogous to the - “<code class="Nm">uname</code> <code class="Fl">-p</code>” - output. Set this to cross-build for a different architecture. If not set, - <code class="Ev">TARGET_ARCH</code> defaults to the current machine - architecture, unless <code class="Ev">TARGET</code> is also set, in which - case it defaults to the appropriate value for that platform. Typically, - one only needs to set <code class="Ev">TARGET</code>.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/scratch</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/doc/Makefile</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/doc/share/mk/doc.project.mk</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/ports/Mk/bsd.port.mk</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/ports/Mk/bsd.sites.mk</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/share/examples/etc/make.conf</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/Makefile</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/Makefile.inc1</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/release/Makefile</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/release/Makefile.vm</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/release/release.sh</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/release/release.conf.sample</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/release/tools/*.conf</span></dt> - <dd style="width: auto;"> </dd> - <dt><span class="Pa">/usr/src/release/tools/vmimage.subr</span></dt> - <dd style="width: auto;"> </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<p class="Pp">The following sequence of commands can be used to build a - “-CURRENT snapshot”:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr -git clone -b main https://git.freebsd.org/src.git src -cd src -make buildworld buildkernel -cd release -make obj -make release -make install DESTDIR=/var/freebsd-snapshot</pre> -</div> -<p class="Pp">After running these commands, all produced distribution files - (tarballs for FTP, CD-ROM images, etc.) are available in the - <span class="Pa">/var/freebsd-snapshot</span> directory.</p> -<p class="Pp">The following sequence of commands can be used to build a - “-CURRENT snapshot” in a clean environment, including ports - and documentation:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src/release -sh release.sh</pre> -</div> -<p class="Pp">Optionally, a configuration file can be used to customize the - release build:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src/release -sh release.sh -c $HOME/release.conf</pre> -</div> -<p class="Pp">Configuration files specific to various supported embedded - systems, such as the Raspberry Pi, exist in the directory corresponding to - the <var class="Va">TARGET</var> <a class="Xr">make(1)</a> variable. For - example, to build an image for 64-bit Raspberry Pis:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>cd /usr/src/release -sh release.sh -c arm64/RPI.conf</pre> -</div> -<p class="Pp">After running these commands, all prepared release files are - available in the <span class="Pa">/scratch</span> directory. The target - directory can be changed by specifying the <var class="Va">CHROOTDIR</var> - variable in <code class="Li">release.conf</code>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="COMPATIBILITY"><a class="permalink" href="#COMPATIBILITY">COMPATIBILITY</a></h1> -<p class="Pp">The reldoc target was removed in commit f61e92ca5a23, and - <code class="Ev">DOCDIR</code>, <code class="Ev">DOCBRANCH</code>, - <code class="Ev">DOC_UPDATE_SKIP</code>, and <code class="Ev">NODOC</code> - are therefore no longer supported.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">cc(1)</a>, <a class="Xr">git(1)</a> - (<span class="Pa">ports/devel/git</span>), <a class="Xr">install(1)</a>, - <a class="Xr">make(1)</a>, <a class="Xr">mkimg(1)</a>, - <a class="Xr">uname(1)</a>, <a class="Xr">md(4)</a>, - <a class="Xr">make.conf(5)</a>, <a class="Xr">build(7)</a>, - <a class="Xr">ports(7)</a>, <a class="Xr">chroot(8)</a>, - <a class="Xr">mtree(8)</a>, <a class="Xr">sysctl(8)</a></p> -<p class="Pp"><cite class="Rs"><span class="RsT">FreeBSD Release - Engineering</span>, - <a class="RsU" href="https://docs.freebsd.org/en/articles/freebsd-releng/">https://docs.freebsd.org/en/articles/freebsd-releng/</a>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsT">FreeBSD Developers' - Handbook</span>, - <a class="RsU" href="https://docs.freebsd.org/en/books/developers-handbook/">https://docs.freebsd.org/en/books/developers-handbook/</a>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp"><span class="Ux">FreeBSD</span> 1.x used a manual checklist, - compiled by <span class="An">Rod Grimes</span>, to produce a release. Apart - from being incomplete, the list put a lot of specific demands on available - file systems and was quite torturous to execute.</p> -<p class="Pp">As part of the <span class="Ux">FreeBSD 2.0</span> release - engineering effort, significant effort was spent getting - <span class="Pa">src/release/Makefile</span> into a shape where it could at - least automate most of the tediousness of building a release in a sterile - environment.</p> -<p class="Pp">For the <span class="Ux">FreeBSD 9.0</span> release, - <span class="Pa">src/release/Makefile</span> was overhauled and the wrapper - script <span class="Pa">src/release/generate-release.sh</span> introduced to - support the introduction of a new installer.</p> -<p class="Pp">For the <span class="Ux">FreeBSD 9.2</span> release, - <span class="Pa">src/release/release.sh</span> was introduced to support - per-build configuration files. - <span class="Pa">src/release/release.sh</span> is heavily based on the - <span class="Pa">src/release/generate-release.sh</span> script.</p> -<p class="Pp">At near 1000 revisions spread over multiple branches, the - <a class="Xr">git(1)</a> log of <span class="Pa">src/release/Makefile</span> - contains a vivid historical record of some of the hardships release - engineers go through.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp"><span class="Pa">src/release/Makefile</span> was originally - written by <span class="An">Rod Grimes</span>, <span class="An">Jordan - Hubbard</span>, and <span class="An">Poul-Henning Kamp</span>.</p> -<p class="Pp">This manual page was originally written by <span class="An">Murray - Stokely</span> - <<a class="Mt" href="mailto:murray@FreeBSD.org">murray@FreeBSD.org</a>>.</p> -<p class="Pp">It was updated by <span class="An">Nathan Whitehorn</span> - <<a class="Mt" href="mailto:nwhitehorn@FreeBSD.org">nwhitehorn@FreeBSD.org</a>> - to include the <var class="Fa">generate-release.sh</var> script used for the - <span class="Ux">FreeBSD 9.0</span> release cycle.</p> -<p class="Pp">It was later updated by <span class="An">Glen Barber</span> - <<a class="Mt" href="mailto:gjb@FreeBSD.org">gjb@FreeBSD.org</a>> to - include the <var class="Fa">release.sh</var> script used for the - <span class="Ux">FreeBSD 9.2</span> release cycle.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">October 13, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/sdoc.7 3.html b/static/freebsd/man7/sdoc.7 3.html deleted file mode 100644 index 6b5ac4ff..00000000 --- a/static/freebsd/man7/sdoc.7 3.html +++ /dev/null @@ -1,192 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">SDOC(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">SDOC(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">sdoc</code> — <span class="Nd">guide to - adding security considerations sections to manual pages</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">This document presents guidelines for adding security - considerations sections to manual pages. It provides two typical - examples.</p> -<p class="Pp">The guidelines for writing <span class="Ux">FreeBSD</span> manual - pages in <a class="Xr">groff_mdoc(7)</a> mandate that each manual page - describing a feature of the <span class="Ux">FreeBSD</span> system should - contain a security considerations section describing what security - requirements can be broken through the misuse of that feature. When writing - these sections, authors should attempt to achieve a happy medium between two - conflicting goals: brevity and completeness. On one hand, security - consideration sections must not be too verbose, or busy readers might be - dissuaded from reading them. On the other hand, security consideration - sections must not be incomplete, or they will fail in their purpose of - instructing the reader on how to avoid all insecure uses. This document - provides guidelines for balancing brevity and completeness in the security - consideration section for a given feature of the - <span class="Ux">FreeBSD</span> system.</p> -<section class="Ss"> -<h2 class="Ss" id="Where_to_Start"><a class="permalink" href="#Where_to_Start">Where - to Start</a></h2> -<p class="Pp">Begin by listing those general security requirements that can be - violated through the misuse of the feature. There are four classes of - security requirements:</p> -<dl class="Bl-hang Bd-indent"> - <dt id="integrity"><a class="permalink" href="#integrity"><i class="Em">integrity</i></a></dt> - <dd>(example: non-administrators should not modify system binaries),</dd> - <dt id="confidentiality"><a class="permalink" href="#confidentiality"><i class="Em">confidentiality</i></a></dt> - <dd>(example: non-administrators should not view the shadow password - file),</dd> - <dt id="availability"><a class="permalink" href="#availability"><i class="Em">availability</i></a></dt> - <dd>(example: the web server should respond to client requests in a timely - fashion), and</dd> - <dt id="correctness"><a class="permalink" href="#correctness"><i class="Em">correctness</i></a></dt> - <dd>(example: the ps program should provide exactly the process table - information listing functionality described in its documentation - no - more, no less.)</dd> -</dl> -<p class="Pp">A good security considerations section should explain how the - feature can be misused to violate each general security requirement in the - list. Each explanation should be accompanied by instructions the reader - should follow in order to avoid a violation. When referencing potential - vulnerabilities described in the Secure Programming Practices manual page, - <a class="Xr">sprog(7)</a>, likewise cross-reference that document rather - than replicating information. Whenever possible, refer to this document - rather than reproducing the material it contains.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Where_to_Stop"><a class="permalink" href="#Where_to_Stop">Where - to Stop</a></h2> -<p class="Pp">Security problems are often interrelated; individual problems - often have far-reaching implications. For example, the correctness of - virtually any dynamically-linked program is dependent on the correct - implementation and configuration of the run-time linker. The correctness of - this program, in turn, depends on the correctness of its libraries, the - compiler used to build it, the correctness of the preceding compiler that - was used to build that compiler, and so on, as described by Thompson (see - <a class="Sx" href="#SEE_ALSO">SEE ALSO</a>, below).</p> -<p class="Pp">Due to the need for brevity, security consideration sections - should describe only those issues directly related to the feature that is - the subject of the manual page. Refer to other manual pages rather than - duplicating the material found there.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<p class="Pp">Security considerations sections for most individual functions can - follow this simple formula:</p> -<p class="Pp"></p> -<ol class="Bl-enum Bd-indent Bl-compact"> - <li>Provide one or two sentences describing each potential security - problem.</li> - <li>Provide one or two sentences describing how to avoid each potential - security problem.</li> - <li>Provide a short example in code.</li> -</ol> -<p class="Pp">This is an example security considerations section for the - <a class="Xr">strcpy(3)</a> manual page:</p> -<p class="Pp">The <code class="Fn">strcpy</code>() function is easily misused in - a manner which enables malicious users to arbitrarily change a running - program's functionality through a buffer overflow attack.</p> -<p class="Pp">Avoid using <code class="Fn">strcpy</code>(). Instead, use - <code class="Fn">strncpy</code>() and ensure that no more characters are - copied to the destination buffer than it can hold. Do not forget to - NUL-terminate the destination buffer, as <code class="Fn">strncpy</code>() - will not terminate the destination string if it is truncated.</p> -<p class="Pp">Note that <code class="Fn">strncpy</code>() can also be - problematic. It may be a security concern for a string to be truncated at - all. Since the truncated string will not be as long as the original, it may - refer to a completely different resource and usage of the truncated resource - could result in very incorrect behavior. Example:</p> -<div class="Bd Pp Li"> -<pre>void -foo(const char *arbitrary_string) -{ - char onstack[8]; - -#if defined(BAD) - /* - * This first strcpy is bad behavior. Do not use strcpy()! - */ - (void)strcpy(onstack, arbitrary_string); /* BAD! */ -#elif defined(BETTER) - /* - * The following two lines demonstrate better use of - * strncpy(). - */ - (void)strncpy(onstack, arbitrary_string, sizeof(onstack) - 1); - onstack[sizeof(onstack - 1)] = '\0'; -#elif defined(BEST) - /* - * These lines are even more robust due to testing for - * truncation. - */ - if (strlen(arbitrary_string) + 1 > sizeof(onstack)) - err(1, "onstack would be truncated"); - (void)strncpy(onstack, arbitrary_string, sizeof(onstack)); -#endif -}</pre> -</div> -<p class="Pp">Security considerations sections for tools and commands are apt to - be less formulaic. Let your list of potentially-violated security - requirements be your guide; explain each one and list a solution in as - concise a manner as possible.</p> -<p class="Pp">This is an example security considerations section for the - <a class="Xr">rtld(1)</a> manual page:</p> -<p class="Pp">Using the LD_LIBRARY_PATH and LD_PRELOAD environment variables, - malicious users can cause the dynamic linker to link shared libraries of - their own devising into the address space of processes running - non-set-user-ID/group-ID programs. These shared libraries can arbitrarily - change the functionality of the program by replacing calls to standard - library functions with calls to their own. Although this feature is disabled - for set-user-ID and set-group-ID programs, it can still be used to create - Trojan horses in other programs.</p> -<p class="Pp">All users should be aware that the correct operation of non - set-user-ID/group-ID dynamically-linked programs depends on the proper - configuration of these environment variables, and take care to avoid actions - that might set them to values which would cause the run-time linker to link - in shared libraries of unknown pedigree.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">groff_mdoc(7)</a>, <a class="Xr">security(7)</a>, - <a class="Xr">sprog(7)</a></p> -<p class="Pp"><cite class="Rs"><span class="RsA">Edward Amoroso, AT&T Bell - Laboratories</span>, <i class="RsB">Fundamentals of Computer Security - Technology</i>, <i class="RsI">P T R Prentice Hall</i>, - <span class="RsD">1994</span>.</cite></p> -<p class="Pp"><cite class="Rs"><span class="RsA">Ken Thompson</span>, - <span class="RsT">Reflections on Trusting Trust</span>, - <i class="RsI">Association for Computing Machinery, Inc.</i>, - <i class="RsJ">Communications of the ACM</i>, <span class="RsN">Vol. 27, No. - 8</span>, <span class="RsP">761-763</span>, <span class="RsD">August, - 1984</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">sdoc</code> manual page first appeared in - <span class="Ux">FreeBSD 5.0</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp"><span class="An">Tim Fraser</span> - <<a class="Mt" href="mailto:tfraser@tislabs.com">tfraser@tislabs.com</a>>, - NAI Labs CBOSS project - <br/> - <span class="An">Brian Feldman</span> - <<a class="Mt" href="mailto:bfeldman@tislabs.com">bfeldman@tislabs.com</a>>, - NAI Labs CBOSS project</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">September 5, 2005</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/security.7 3.html b/static/freebsd/man7/security.7 3.html deleted file mode 100644 index c8fa0338..00000000 --- a/static/freebsd/man7/security.7 3.html +++ /dev/null @@ -1,725 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">SECURITY(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">SECURITY(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">security</code>, - <code class="Nm">securelevel</code> — <span class="Nd">introduction - to security under FreeBSD</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">See <a class="Xr">mitigations(7)</a> for a description of - vulnerability mitigations in <span class="Ux">FreeBSD</span>. This man page - documents other <span class="Ux">FreeBSD</span> security related topics.</p> -<p class="Pp">Security is a function that begins and ends with the system - administrator. While all <span class="Ux">BSD</span> multi-user systems have - some inherent security, the job of building and maintaining additional - security mechanisms to keep users “honest” is probably one of - the single largest undertakings of the sysadmin. Machines are only as secure - as you make them, and security concerns are ever competing with the human - necessity for convenience. <span class="Ux">UNIX</span> systems, in general, - are capable of running a huge number of simultaneous processes and many of - these processes operate as servers — meaning that external entities - can connect and talk to them. As yesterday's mini-computers and mainframes - become today's desktops, and as computers become networked and - internetworked, security becomes an ever bigger issue.</p> -<p class="Pp">Security is best implemented through a layered onion approach. In - a nutshell, what you want to do is to create as many layers of security as - are convenient and then carefully monitor the system for intrusions.</p> -<p class="Pp">System security also pertains to dealing with various forms of - attacks, including attacks that attempt to crash or otherwise make a system - unusable but do not attempt to break root. Security concerns can be split up - into several categories:</p> -<ol class="Bl-enum Bd-indent"> - <li>Denial of Service attacks (DoS)</li> - <li>User account compromises</li> - <li>Root compromise through accessible servers</li> - <li>Root compromise via user accounts</li> - <li>Backdoor creation</li> -</ol> -<p class="Pp">A denial of service attack is an action that deprives the machine - of needed resources. Typically, DoS attacks are brute-force mechanisms that - attempt to crash or otherwise make a machine unusable by overwhelming its - servers or network stack. Some DoS attacks try to take advantages of bugs in - the networking stack to crash a machine with a single packet. The latter can - only be fixed by applying a bug fix to the kernel. Attacks on servers can - often be fixed by properly specifying options to limit the load the servers - incur on the system under adverse conditions. Brute-force network attacks - are harder to deal with. A spoofed-packet attack, for example, is nearly - impossible to stop short of cutting your system off from the Internet. It - may not be able to take your machine down, but it can fill up your Internet - pipe.</p> -<p class="Pp">A user account compromise is even more common than a DoS attack. - Some sysadmins still run <code class="Nm">telnetd</code> and - <a class="Xr">ftpd(8)</a> servers on their machines. These servers, by - default, do not operate over encrypted connections. The result is that if - you have any moderate-sized user base, one or more of your users logging - into your system from a remote location (which is the most common and - convenient way to log in to a system) will have his or her password sniffed. - The attentive system administrator will analyze his remote access logs - looking for suspicious source addresses even for successful logins.</p> -<p class="Pp">One must always assume that once an attacker has access to a user - account, the attacker can break root. However, the reality is that in a well - secured and maintained system, access to a user account does not necessarily - give the attacker access to root. The distinction is important because - without access to root the attacker cannot generally hide his tracks and - may, at best, be able to do nothing more than mess with the user's files or - crash the machine. User account compromises are very common because users - tend not to take the precautions that sysadmins take.</p> -<p class="Pp">System administrators must keep in mind that there are potentially - many ways to break root on a machine. The attacker may know the root - password, the attacker may find a bug in a root-run server and be able to - break root over a network connection to that server, or the attacker may - know of a bug in an SUID-root program that allows the attacker to break root - once he has broken into a user's account. If an attacker has found a way to - break root on a machine, the attacker may not have a need to install a - backdoor. Many of the root holes found and closed to date involve a - considerable amount of work by the attacker to clean up after himself, so - most attackers do install backdoors. This gives you a convenient way to - detect the attacker. Making it impossible for an attacker to install a - backdoor may actually be detrimental to your security because it will not - close off the hole the attacker used to break in originally.</p> -<p class="Pp">Security remedies should always be implemented with a - multi-layered “onion peel” approach and can be categorized as - follows:</p> -<ol class="Bl-enum Bd-indent"> - <li>Securing root and staff accounts</li> - <li>Securing root — root-run servers and SUID/SGID binaries</li> - <li>Securing user accounts</li> - <li>Securing the password file</li> - <li>Securing the kernel core, raw devices, and file systems</li> - <li>Quick detection of inappropriate changes made to the system</li> - <li>Paranoia</li> -</ol> -</section> -<section class="Sh"> -<h1 class="Sh" id="SECURING_THE_ROOT_ACCOUNT_AND_SECURING_STAFF_ACCOUNTS"><a class="permalink" href="#SECURING_THE_ROOT_ACCOUNT_AND_SECURING_STAFF_ACCOUNTS">SECURING - THE ROOT ACCOUNT AND SECURING STAFF ACCOUNTS</a></h1> -<p class="Pp">Do not bother securing staff accounts if you have not secured the - root account. Most systems have a password assigned to the root account. The - first thing you do is assume that the password is - <a class="permalink" href="#always"><i class="Em" id="always">always</i></a> - compromised. This does not mean that you should remove the password. The - password is almost always necessary for console access to the machine. What - it does mean is that you should not make it possible to use the password - outside of the console or possibly even with a <a class="Xr">su(1)</a> - utility. For example, make sure that your PTYs are specified as being - “<code class="Li">insecure</code>” in the - <span class="Pa">/etc/ttys</span> file so that direct root logins via - <a class="Xr">telnet(1)</a> are disallowed. If using other login services - such as <a class="Xr">sshd(8)</a>, make sure that direct root logins are - disabled there as well. Consider every access method — services such - as <a class="Xr">ftp(1)</a> often fall through the cracks. Direct root - logins should only be allowed via the system console.</p> -<p class="Pp">Of course, as a sysadmin you have to be able to get to root, so we - open up a few holes. But we make sure these holes require additional - password verification to operate. One way to make root accessible is to add - appropriate staff accounts to the - “<code class="Li">wheel</code>” group (in - <span class="Pa">/etc/group</span>). The staff members placed in the - <code class="Li">wheel</code> group are allowed to <a class="Xr">su(1)</a> - to root. You should never give staff members native - <code class="Li">wheel</code> access by putting them in the - <code class="Li">wheel</code> group in their password entry. Staff accounts - should be placed in a “<code class="Li">staff</code>” group, - and then added to the <code class="Li">wheel</code> group via the - <span class="Pa">/etc/group</span> file. Only those staff members who - actually need to have root access should be placed in the - <code class="Li">wheel</code> group. It is also possible, when using an - authentication method such as Kerberos, to use Kerberos's - <span class="Pa">.k5login</span> file in the root account to allow a - <a class="Xr">ksu(1)</a> to root without having to place anyone at all in - the <code class="Li">wheel</code> group. This may be the better solution - since the <code class="Li">wheel</code> mechanism still allows an intruder - to break root if the intruder has gotten hold of your password file and can - break into a staff account. While having the <code class="Li">wheel</code> - mechanism is better than having nothing at all, it is not necessarily the - safest option.</p> -<p class="Pp" id="from">An indirect way to secure the root account is to secure - your staff accounts by using an alternative login access method and *'ing - out the crypted password for the staff accounts. This way an intruder may be - able to steal the password file but will not be able to break into any staff - accounts or root, even if root has a crypted password associated with it - (assuming, of course, that you have limited root access to the console). - Staff members get into their staff accounts through a secure login mechanism - such as <a class="Xr">kerberos(8)</a> or <a class="Xr">ssh(1)</a> using a - private/public key pair. When you use something like Kerberos you generally - must secure the machines which run the Kerberos servers and your desktop - workstation. When you use a public/private key pair with SSH, you must - generally secure the machine you are logging in - <a class="permalink" href="#from"><i class="Em">from</i></a> (typically your - workstation), but you can also add an additional layer of protection to the - key pair by password protecting the keypair when you create it with - <a class="Xr">ssh-keygen(1)</a>. Being able to star-out the passwords for - staff accounts also guarantees that staff members can only log in through - secure access methods that you have set up. You can thus force all staff - members to use secure, encrypted connections for all their sessions which - closes an important hole used by many intruders: that of sniffing the - network from an unrelated, less secure machine.</p> -<p class="Pp">The more indirect security mechanisms also assume that you are - logging in from a more restrictive server to a less restrictive server. For - example, if your main box is running all sorts of servers, your workstation - should not be running any. In order for your workstation to be reasonably - secure you should run as few servers as possible, up to and including no - servers at all, and you should run a password-protected screen blanker. Of - course, given physical access to a workstation, an attacker can break any - sort of security you put on it. This is definitely a problem that you should - consider but you should also consider the fact that the vast majority of - break-ins occur remotely, over a network, from people who do not have - physical access to your workstation or servers.</p> -<p class="Pp">Using something like Kerberos also gives you the ability to - disable or change the password for a staff account in one place and have it - immediately affect all the machines the staff member may have an account on. - If a staff member's account gets compromised, the ability to instantly - change his password on all machines should not be underrated. With discrete - passwords, changing a password on N machines can be a mess. You can also - impose re-passwording restrictions with Kerberos: not only can a Kerberos - ticket be made to timeout after a while, but the Kerberos system can require - that the user choose a new password after a certain period of time (say, - once a month).</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SECURING_ROOT_"><a class="permalink" href="#SECURING_ROOT_">SECURING - ROOT — ROOT-RUN SERVERS AND SUID/SGID BINARIES</a></h1> -<p class="Pp">The prudent sysadmin only runs the servers he needs to, no more, - no less. Be aware that third party servers are often the most bug-prone. For - example, running an old version of <a class="Xr">imapd(8)</a> or - <a class="Xr">popper(8)</a> (<span class="Pa">ports/mail/popper</span>) is - like giving a universal root ticket out to the entire world. Never run a - server that you have not checked out carefully. Many servers do not need to - be run as root. For example, the <a class="Xr">talkd(8)</a>, - <a class="Xr">comsat(8)</a>, and <a class="Xr">fingerd(8)</a> daemons can be - run in special user “sandboxes”. A sandbox is not perfect - unless you go to a large amount of trouble, but the onion approach to - security still stands: if someone is able to break in through a server - running in a sandbox, they still have to break out of the sandbox. The more - layers the attacker must break through, the lower the likelihood of his - success. Root holes have historically been found in virtually every server - ever run as root, including basic system servers. If you are running a - machine through which people only log in via <a class="Xr">sshd(8)</a> and - never log in via <code class="Nm">telnetd</code> then turn off this - service!</p> -<p class="Pp"><span class="Ux">FreeBSD</span> now defaults to running - <a class="Xr">talkd(8)</a>, <a class="Xr">comsat(8)</a>, and - <a class="Xr">fingerd(8)</a> in a sandbox. Depending on whether you are - installing a new system or upgrading an existing system, the special user - accounts used by these sandboxes may not be installed. The prudent sysadmin - would research and implement sandboxes for servers whenever possible.</p> -<p class="Pp">There are a number of other servers that typically do not run in - sandboxes: <a class="Xr">sendmail(8)</a>, <a class="Xr">popper(8)</a>, - <a class="Xr">imapd(8)</a>, and others. There are alternatives to some of - these, but installing them may require more work than you are willing to put - (the convenience factor strikes again). You may have to run these servers as - root and rely on other mechanisms to detect break-ins that might occur - through them.</p> -<p class="Pp">The other big potential root hole in a system are the SUID-root - and SGID binaries installed on the system. Most of these binaries, such as - <a class="Xr">su(1)</a>, reside in <span class="Pa">/bin</span>, - <span class="Pa">/sbin</span>, <span class="Pa">/usr/bin</span>, or - <span class="Pa">/usr/sbin</span>. While nothing is 100% safe, the - system-default SUID and SGID binaries can be considered reasonably safe. - Still, root holes are occasionally found in these binaries. A root hole was - found in Xlib in 1998 that made <a class="Xr">xterm(1)</a> - (<span class="Pa">ports/x11/xterm</span>) (which is typically SUID) - vulnerable. It is better to be safe than sorry and the prudent sysadmin will - restrict SUID binaries that only staff should run to a special group that - only staff can access, and get rid of (“<code class="Li">chmod - 000</code>”) any SUID binaries that nobody uses. A server with no - display generally does not need an <a class="Xr">xterm(1)</a> - (<span class="Pa">ports/x11/xterm</span>) binary. SGID binaries can be - almost as dangerous. If an intruder can break an SGID-kmem binary the - intruder might be able to read <span class="Pa">/dev/kmem</span> and thus - read the crypted password file, potentially compromising any passworded - account. Alternatively an intruder who breaks group - “<code class="Li">kmem</code>” can monitor keystrokes sent - through PTYs, including PTYs used by users who log in through secure - methods. An intruder that breaks the - “<code class="Li">tty</code>” group can write to almost any - user's TTY. If a user is running a terminal program or emulator with a - keyboard-simulation feature, the intruder can potentially generate a data - stream that causes the user's terminal to echo a command, which is then run - as that user.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SECURING_USER_ACCOUNTS"><a class="permalink" href="#SECURING_USER_ACCOUNTS">SECURING - USER ACCOUNTS</a></h1> -<p class="Pp">User accounts are usually the most difficult to secure. While you - can impose draconian access restrictions on your staff and *-out their - passwords, you may not be able to do so with any general user accounts you - might have. If you do have sufficient control then you may win out and be - able to secure the user accounts properly. If not, you simply have to be - more vigilant in your monitoring of those accounts. Use of SSH and Kerberos - for user accounts is more problematic due to the extra administration and - technical support required, but still a very good solution compared to a - crypted password file.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SECURING_THE_PASSWORD_FILE"><a class="permalink" href="#SECURING_THE_PASSWORD_FILE">SECURING - THE PASSWORD FILE</a></h1> -<p class="Pp">The only sure fire way is to *-out as many passwords as you can - and use SSH or Kerberos for access to those accounts. Even though the - crypted password file (<span class="Pa">/etc/spwd.db</span>) can only be - read by root, it may be possible for an intruder to obtain read access to - that file even if the attacker cannot obtain root-write access.</p> -<p class="Pp">Your security scripts should always check for and report changes - to the password file (see - <a class="Sx" href="#CHECKING_FILE_INTEGRITY">CHECKING FILE INTEGRITY</a> - below).</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SECURING_THE_KERNEL_CORE,_RAW_DEVICES,_AND_FILE_SYSTEMS"><a class="permalink" href="#SECURING_THE_KERNEL_CORE,_RAW_DEVICES,_AND_FILE_SYSTEMS">SECURING - THE KERNEL CORE, RAW DEVICES, AND FILE SYSTEMS</a></h1> -<p class="Pp">If an attacker breaks root he can do just about anything, but - there are certain conveniences. For example, most modern kernels have a - packet sniffing device driver built in. Under - <span class="Ux">FreeBSD</span> it is called the <a class="Xr">bpf(4)</a> - device. An intruder will commonly attempt to run a packet sniffer on a - compromised machine. You do not need to give the intruder the capability and - most systems should not have the <a class="Xr">bpf(4)</a> device compiled - in.</p> -<p class="Pp">But even if you turn off the <a class="Xr">bpf(4)</a> device, you - still have <span class="Pa">/dev/mem</span> and - <span class="Pa">/dev/kmem</span> to worry about. For that matter, the - intruder can still write to raw disk devices. Also, there is another kernel - feature called the module loader, <a class="Xr">kldload(8)</a>. An - enterprising intruder can use a KLD module to install his own - <a class="Xr">bpf(4)</a> device or other sniffing device on a running - kernel. To avoid these problems you have to run the kernel at a higher - security level, at least level 1. The security level can be set with a - <a class="Xr">sysctl(8)</a> on the <var class="Va">kern.securelevel</var> - variable. Once you have set the security level to 1, write access to raw - devices will be denied and special <a class="Xr">chflags(1)</a> flags, such - as <code class="Cm">schg</code>, will be enforced. You must also ensure that - the <code class="Cm">schg</code> flag is set on critical startup binaries, - directories, and script files — everything that gets run up to the - point where the security level is set. This might be overdoing it, and - upgrading the system is much more difficult when you operate at a higher - security level. You may compromise and run the system at a higher security - level but not set the <code class="Cm">schg</code> flag for every system - file and directory under the sun. Another possibility is to simply mount - <span class="Pa">/</span> and <span class="Pa">/usr</span> read-only. It - should be noted that being too draconian in what you attempt to protect may - prevent the all-important detection of an intrusion.</p> -<p class="Pp">The kernel runs with five different security levels. Any - super-user process can raise the level, but no process can lower it. The - security levels are:</p> -<dl class="Bl-tag"> - <dt id="1"><a class="permalink" href="#1"><code class="Ic">-1</code></a></dt> - <dd>Permanently insecure mode - always run the system in insecure mode. This - is the default initial value.</dd> - <dt id="0"><a class="permalink" href="#0"><code class="Ic">0</code></a></dt> - <dd>Insecure mode - immutable and append-only flags may be turned off. All - devices may be read or written subject to their permissions.</dd> - <dt id="1~2"><a class="permalink" href="#1~2"><code class="Ic">1</code></a></dt> - <dd>Secure mode - the system immutable and system append-only flags may not be - turned off; disks for mounted file systems, - <span class="Pa">/dev/mem</span> and <span class="Pa">/dev/kmem</span> may - not be opened for writing; <span class="Pa">/dev/io</span> (if your - platform has it) may not be opened at all; kernel modules (see - <a class="Xr">kld(4)</a>) may not be loaded or unloaded. The kernel - debugger may not be entered using the - <var class="Va">debug.kdb.enter</var> sysctl unless a - <a class="Xr">mac(9)</a> policy grants access, for example using - <a class="Xr">mac_ddb(4)</a>. A panic or trap cannot be forced using the - <var class="Va">debug.kdb.panic</var>, - <var class="Va">debug.kdb.panic_str</var> and other sysctl's.</dd> - <dt id="2"><a class="permalink" href="#2"><code class="Ic">2</code></a></dt> - <dd>Highly secure mode - same as secure mode, plus disks may not be opened for - writing (except by <a class="Xr">mount(2)</a>) whether mounted or not. - This level precludes tampering with file systems by unmounting them, but - also inhibits running <a class="Xr">newfs(8)</a> while the system is - multi-user. - <p class="Pp">In addition, kernel time changes are restricted to less than - or equal to one second. Attempts to change the time by more than this - will log the message “Time adjustment clamped to +1 - second”.</p> - </dd> - <dt id="3"><a class="permalink" href="#3"><code class="Ic">3</code></a></dt> - <dd>Network secure mode - same as highly secure mode, plus IP packet filter - rules (see <a class="Xr">ipfw(8)</a>, <a class="Xr">ipfirewall(4)</a> and - <a class="Xr">pfctl(8)</a>) cannot be changed and - <a class="Xr">dummynet(4)</a> or <a class="Xr">pf(4)</a> configuration - cannot be adjusted.</dd> -</dl> -<p class="Pp">The security level can be configured with variables documented in - <a class="Xr">rc.conf(5)</a>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="CHECKING_FILE_INTEGRITY:_BINARIES,_CONFIG_FILES,_ETC"><a class="permalink" href="#CHECKING_FILE_INTEGRITY:_BINARIES,_CONFIG_FILES,_ETC">CHECKING - FILE INTEGRITY: BINARIES, CONFIG FILES, ETC</a></h1> -<p class="Pp">When it comes right down to it, you can only protect your core - system configuration and control files so much before the convenience factor - rears its ugly head. For example, using <a class="Xr">chflags(1)</a> to set - the <code class="Cm">schg</code> bit on most of the files in - <span class="Pa">/</span> and <span class="Pa">/usr</span> is probably - counterproductive because while it may protect the files, it also closes a - detection window. The last layer of your security onion is perhaps the most - important — detection. The rest of your security is pretty much - useless (or, worse, presents you with a false sense of safety) if you cannot - detect potential incursions. Half the job of the onion is to slow down the - attacker rather than stop him in order to give the detection layer a chance - to catch him in the act.</p> -<p class="Pp">The best way to detect an incursion is to look for modified, - missing, or unexpected files. The best way to look for modified files is - from another (often centralized) limited-access system. Writing your - security scripts on the extra-secure limited-access system makes them mostly - invisible to potential attackers, and this is important. In order to take - maximum advantage you generally have to give the limited-access box - significant access to the other machines in the business, usually either by - doing a read-only NFS export of the other machines to the limited-access - box, or by setting up SSH keypairs to allow the limit-access box to SSH to - the other machines. Except for its network traffic, NFS is the least visible - method — allowing you to monitor the file systems on each client box - virtually undetected. If your limited-access server is connected to the - client boxes through a switch, the NFS method is often the better choice. If - your limited-access server is connected to the client boxes through a hub or - through several layers of routing, the NFS method may be too insecure - (network-wise) and using SSH may be the better choice even with the - audit-trail tracks that SSH lays.</p> -<p class="Pp">Once you give a limit-access box at least read access to the - client systems it is supposed to monitor, you must write scripts to do the - actual monitoring. Given an NFS mount, you can write scripts out of simple - system utilities such as <a class="Xr">find(1)</a> and - <a class="Xr">md5(1)</a>. It is best to physically <a class="Xr">md5(1)</a> - the client-box files boxes at least once a day, and to test control files - such as those found in <span class="Pa">/etc</span> and - <span class="Pa">/usr/local/etc</span> even more often. When mismatches are - found relative to the base MD5 information the limited-access machine knows - is valid, it should scream at a sysadmin to go check it out. A good security - script will also check for inappropriate SUID binaries and for new or - deleted files on system partitions such as <span class="Pa">/</span> and - <span class="Pa">/usr</span>.</p> -<p class="Pp">When using SSH rather than NFS, writing the security script is - much more difficult. You essentially have to <a class="Xr">scp(1)</a> the - scripts to the client box in order to run them, making them visible, and for - safety you also need to <a class="Xr">scp(1)</a> the binaries (such as - <a class="Xr">find(1)</a>) that those scripts use. The - <a class="Xr">sshd(8)</a> daemon on the client box may already be - compromised. All in all, using SSH may be necessary when running over - unsecure links, but it is also a lot harder to deal with.</p> -<p class="Pp">A good security script will also check for changes to user and - staff members access configuration files: <span class="Pa">.rhosts</span>, - <span class="Pa">.shosts</span>, - <span class="Pa">.ssh/authorized_keys</span> and so forth, files that might - fall outside the purview of the MD5 check.</p> -<p class="Pp">If you have a huge amount of user disk space it may take too long - to run through every file on those partitions. In this case, setting mount - flags to disallow SUID binaries on those partitions is a good idea. The - <code class="Cm">nosuid</code> option (see <a class="Xr">mount(8)</a>) is - what you want to look into. I would scan them anyway at least once a week, - since the object of this layer is to detect a break-in whether or not the - break-in is effective.</p> -<p class="Pp">Process accounting (see <a class="Xr">accton(8)</a>) is a - relatively low-overhead feature of the operating system which I recommend - using as a post-break-in evaluation mechanism. It is especially useful in - tracking down how an intruder has actually broken into a system, assuming - the file is still intact after the break-in occurs.</p> -<p class="Pp">Finally, security scripts should process the log files and the - logs themselves should be generated in as secure a manner as possible - — remote syslog can be very useful. An intruder tries to cover his - tracks, and log files are critical to the sysadmin trying to track down the - time and method of the initial break-in. One way to keep a permanent record - of the log files is to run the system console to a serial port and collect - the information on a continuing basis through a secure machine monitoring - the consoles.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="PARANOIA"><a class="permalink" href="#PARANOIA">PARANOIA</a></h1> -<p class="Pp">A little paranoia never hurts. As a rule, a sysadmin can add any - number of security features as long as they do not affect convenience, and - can add security features that do affect convenience with some added - thought. Even more importantly, a security administrator should mix it up a - bit — if you use recommendations such as those given by this manual - page verbatim, you give away your methodologies to the prospective attacker - who also has access to this manual page.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SPECIAL_SECTION_ON_DoS_ATTACKS"><a class="permalink" href="#SPECIAL_SECTION_ON_DoS_ATTACKS">SPECIAL - SECTION ON DoS ATTACKS</a></h1> -<p class="Pp">This section covers Denial of Service attacks. A DoS attack is - typically a packet attack. While there is not much you can do about modern - spoofed packet attacks that saturate your network, you can generally limit - the damage by ensuring that the attacks cannot take down your servers.</p> -<ol class="Bl-enum Bd-indent"> - <li>Limiting server forks</li> - <li>Limiting springboard attacks (ICMP response attacks, ping broadcast, - etc.)</li> - <li>Kernel Route Cache</li> -</ol> -<p class="Pp">A common DoS attack is against a forking server that attempts to - cause the server to eat processes, file descriptors, and memory until the - machine dies. The <a class="Xr">inetd(8)</a> server has several options to - limit this sort of attack. It should be noted that while it is possible to - prevent a machine from going down it is not generally possible to prevent a - service from being disrupted by the attack. Read the - <a class="Xr">inetd(8)</a> manual page carefully and pay specific attention - to the <code class="Fl">-c</code>, <code class="Fl">-C</code>, and - <code class="Fl">-R</code> options. Note that spoofed-IP attacks will - circumvent the <code class="Fl">-C</code> option to - <a class="Xr">inetd(8)</a>, so typically a combination of options must be - used. Some standalone servers have self-fork-limitation parameters.</p> -<p class="Pp">The <a class="Xr">sendmail(8)</a> daemon has its - <code class="Fl">-OMaxDaemonChildren</code> option which tends to work much - better than trying to use <a class="Xr">sendmail(8)</a>'s load limiting - options due to the load lag. You should specify a - <var class="Va">MaxDaemonChildren</var> parameter when you start - <a class="Xr">sendmail(8)</a> high enough to handle your expected load but - not so high that the computer cannot handle that number of - <code class="Nm">sendmail</code>'s without falling on its face. It is also - prudent to run <a class="Xr">sendmail(8)</a> in “queued” mode - (<code class="Fl">-ODeliveryMode=queued</code>) and to run the daemon - (“<code class="Nm">sendmail</code> - <code class="Fl">-bd</code>”) separate from the queue-runs - (“<code class="Nm">sendmail</code> - <code class="Fl">-q15m</code>”). If you still want real-time delivery - you can run the queue at a much lower interval, such as - <code class="Fl">-q1m</code>, but be sure to specify a reasonable - <var class="Va">MaxDaemonChildren</var> option for that - <a class="Xr">sendmail(8)</a> to prevent cascade failures.</p> -<p class="Pp">The <a class="Xr">syslogd(8)</a> daemon can be attacked directly - and it is strongly recommended that you use the <code class="Fl">-s</code> - option whenever possible, and the <code class="Fl">-a</code> option - otherwise.</p> -<p class="Pp">You should also be fairly careful with connect-back services such - as tcpwrapper's reverse-identd, which can be attacked directly. You - generally do not want to use the reverse-ident feature of tcpwrappers for - this reason.</p> -<p class="Pp" id="except">It is a very good idea to protect internal services - from external access by firewalling them off at your border routers. The - idea here is to prevent saturation attacks from outside your LAN, not so - much to protect internal services from network-based root compromise. Always - configure an exclusive firewall, i.e., ‘firewall everything - <a class="permalink" href="#except"><i class="Em">except</i></a> ports A, B, - C, D, and M-Z’. This way you can firewall off all of your low ports - except for certain specific services such as <a class="Xr">talkd(8)</a>, - <a class="Xr">sendmail(8)</a>, and other internet-accessible services. If - you try to configure the firewall the other way — as an inclusive or - permissive firewall, there is a good chance that you will forget to - “close” a couple of services or that you will add a new - internal service and forget to update the firewall. You can still open up - the high-numbered port range on the firewall to allow permissive-like - operation without compromising your low ports. Also take note that - <span class="Ux">FreeBSD</span> allows you to control the range of port - numbers used for dynamic binding via the various - <var class="Va">net.inet.ip.portrange</var> sysctl's - (“<code class="Li">sysctl net.inet.ip.portrange</code>”), - which can also ease the complexity of your firewall's configuration. I - usually use a normal first/last range of 4000 to 5000, and a hiport range of - 49152 to 65535, then block everything under 4000 off in my firewall (except - for certain specific internet-accessible ports, of course).</p> -<p class="Pp">Another common DoS attack is called a springboard attack — - to attack a server in a manner that causes the server to generate responses - which then overload the server, the local network, or some other machine. - The most common attack of this nature is the ICMP PING BROADCAST attack. The - attacker spoofs ping packets sent to your LAN's broadcast address with the - source IP address set to the actual machine they wish to attack. If your - border routers are not configured to stomp on ping's to broadcast addresses, - your LAN winds up generating sufficient responses to the spoofed source - address to saturate the victim, especially when the attacker uses the same - trick on several dozen broadcast addresses over several dozen different - networks at once. Broadcast attacks of over a hundred and twenty megabits - have been measured. A second common springboard attack is against the ICMP - error reporting system. By constructing packets that generate ICMP error - responses, an attacker can saturate a server's incoming network and cause - the server to saturate its outgoing network with ICMP responses. This type - of attack can also crash the server by running it out of - <var class="Vt">mbuf</var>'s, especially if the server cannot drain the ICMP - responses it generates fast enough. The <span class="Ux">FreeBSD</span> - kernel has a new kernel compile option called - <code class="Dv">ICMP_BANDLIM</code> which limits the effectiveness of these - sorts of attacks. The last major class of springboard attacks is related to - certain internal <a class="Xr">inetd(8)</a> services such as the UDP echo - service. An attacker simply spoofs a UDP packet with the source address - being server A's echo port, and the destination address being server B's - echo port, where server A and B are both on your LAN. The two servers then - bounce this one packet back and forth between each other. The attacker can - overload both servers and their LANs simply by injecting a few packets in - this manner. Similar problems exist with the internal chargen port. A - competent sysadmin will turn off all of these - <a class="Xr">inetd(8)</a>-internal test services.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="ACCESS_ISSUES_WITH_KERBEROS_AND_SSH"><a class="permalink" href="#ACCESS_ISSUES_WITH_KERBEROS_AND_SSH">ACCESS - ISSUES WITH KERBEROS AND SSH</a></h1> -<p class="Pp">There are a few issues with both Kerberos and SSH that need to be - addressed if you intend to use them. Kerberos5 is an excellent - authentication protocol but the kerberized <a class="Xr">telnet(1)</a> suck - rocks. There are bugs that make them unsuitable for dealing with binary - streams. Also, by default Kerberos does not encrypt a session unless you use - the <code class="Fl">-x</code> option. SSH encrypts everything by - default.</p> -<p class="Pp">SSH works quite well in every respect except when it is set up to - forward encryption keys. What this means is that if you have a secure - workstation holding keys that give you access to the rest of the system, and - you <a class="Xr">ssh(1)</a> to an unsecure machine, your keys become - exposed. The actual keys themselves are not exposed, but - <a class="Xr">ssh(1)</a> installs a forwarding port for the duration of your - login and if an attacker has broken root on the unsecure machine he can - utilize that port to use your keys to gain access to any other machine that - your keys unlock.</p> -<p class="Pp">We recommend that you use SSH in combination with Kerberos - whenever possible for staff logins. SSH can be compiled with Kerberos - support. This reduces your reliance on potentially exposable SSH keys while - at the same time protecting passwords via Kerberos. SSH keys should only be - used for automated tasks from secure machines (something that Kerberos is - unsuited to). We also recommend that you either turn off key-forwarding in - the SSH configuration, or that you make use of the - <var class="Va">from</var>=<var class="Ar">IP/DOMAIN</var> option that SSH - allows in its <span class="Pa">authorized_keys</span> file to make the key - only usable to entities logging in from specific machines.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="KNOBS_AND_TWEAKS"><a class="permalink" href="#KNOBS_AND_TWEAKS">KNOBS - AND TWEAKS</a></h1> -<p class="Pp"><span class="Ux">FreeBSD</span> provides several knobs and tweak - handles that make some introspection information access more restricted. - Some people consider this as improving system security, so the knobs are - briefly listed there, together with controls which enable some mitigations - of the hardware state leaks.</p> -<p class="Pp">Hardware mitigation sysctl knobs described below have been moved - under <var class="Va">machdep.mitigations</var>, with - backwards-compatibility shims to accept the existing names. A future change - will rationalize the sense of the individual sysctls (so that enabled / true - always indicates that the mitigation is active). For that reason the - previous names remain the canonical way to set the mitigations, and are - documented here. Backwards compatibility shims for the interim sysctls under - <span class="Pa">machdep.mitigations</span> will not be added.</p> -<dl class="Bl-tag"> - <dt id="security.bsd.see_other_uids"><var class="Va">security.bsd.see_other_uids</var></dt> - <dd>Controls visibility and reachability of subjects (e.g., processes) and - objects (e.g., sockets) owned by a different uid. The knob directly - affects the <var class="Va">kern.proc</var> sysctls filtering of data, - which results in restricted output from utilities like - <a class="Xr">ps(1)</a>.</dd> - <dt id="security.bsd.see_other_gids"><var class="Va">security.bsd.see_other_gids</var></dt> - <dd>Same, for subjects and objects owned by a different gid.</dd> - <dt id="security.bsd.see_jail_proc"><var class="Va">security.bsd.see_jail_proc</var></dt> - <dd>Same, for subjects and objects belonging to a different jail, including - sub-jails.</dd> - <dt id="security.bsd.conservative_signals"><var class="Va">security.bsd.conservative_signals</var></dt> - <dd>When enabled, unprivileged users are only allowed to send job control and - usual termination signals like <code class="Dv">SIGKILL</code>, - <code class="Dv">SIGINT</code>, and <code class="Dv">SIGTERM</code>, to - the processes executing programs with changed uids.</dd> - <dt id="security.bsd.unprivileged_proc_debug"><var class="Va">security.bsd.unprivileged_proc_debug</var></dt> - <dd>Controls availability of the process debugging facilities to non-root - users. See also <a class="Xr">proccontrol(1)</a> mode - <code class="Dv">trace</code>.</dd> - <dt id="vm.pmap.pti"><var class="Va">vm.pmap.pti</var></dt> - <dd>Tunable, amd64-only. Enables mode of operation of virtual memory system - where usermode page tables are sanitized to prevent so-called Meltdown - information leak on some Intel CPUs. By default, the system detects - whether the CPU needs the workaround, and enables it automatically. See - also <a class="Xr">proccontrol(1)</a> mode - <code class="Dv">kpti</code>.</dd> - <dt id="machdep.mitigations.flush_rsb_ctxsw"><var class="Va">machdep.mitigations.flush_rsb_ctxsw</var></dt> - <dd>amd64. Controls Return Stack Buffer flush on context switch, to prevent - cross-process ret2spec attacks. Only needed, and only enabled by default, - if the machine supports SMEP, otherwise IBRS would do necessary flushing - on kernel entry anyway.</dd> - <dt id="hw.mds_disable"><var class="Va">hw.mds_disable</var></dt> - <dd>amd64 and i386. Controls Microarchitectural Data Sampling hardware - information leak mitigation.</dd> - <dt id="hw.spec_store_bypass_disable"><var class="Va">hw.spec_store_bypass_disable</var></dt> - <dd>amd64 and i386. Controls Speculative Store Bypass hardware information - leak mitigation.</dd> - <dt id="hw.ibrs_disable"><var class="Va">hw.ibrs_disable</var></dt> - <dd>amd64 and i386. Controls Indirect Branch Restricted Speculation hardware - information leak mitigation.</dd> - <dt id="machdep.syscall_ret_flush_l1d"><var class="Va">machdep.syscall_ret_flush_l1d</var></dt> - <dd>amd64. Controls force-flush of L1D cache on return from syscalls which - report errors other than <code class="Ev">EEXIST</code>, - <code class="Ev">EAGAIN</code>, <code class="Ev">EXDEV</code>, - <code class="Ev">ENOENT</code>, <code class="Ev">ENOTCONN</code>, and - <code class="Ev">EINPROGRESS</code>. This is mostly a paranoid setting - added to prevent hypothetical exploitation of unknown gadgets for unknown - hardware issues. The error codes exclusion list is composed of the most - common errors which typically occurs on normal system operation.</dd> - <dt id="machdep.nmi_flush_l1d_sw"><var class="Va">machdep.nmi_flush_l1d_sw</var></dt> - <dd>amd64. Controls force-flush of L1D cache on NMI; this provides software - assist for bhyve mitigation of L1 terminal fault hardware information - leak.</dd> - <dt id="hw.vmm.vmx.l1d_flush"><var class="Va">hw.vmm.vmx.l1d_flush</var></dt> - <dd>amd64. Controls the mitigation of L1 Terminal Fault in bhyve - hypervisor.</dd> - <dt id="vm.pmap.allow_2m_x_ept"><var class="Va">vm.pmap.allow_2m_x_ept</var></dt> - <dd>amd64. Allows the use of superpages for executable mappings under the EPT - page table format used by hypervisors on Intel CPUs to map the guest - physical address space to machine physical memory. May be disabled to work - around a CPU Erratum called Machine Check Error Avoidance on Page Size - Change.</dd> - <dt id="machdep.mitigations.rngds.enable"><var class="Va">machdep.mitigations.rngds.enable</var></dt> - <dd>amd64 and i386. Controls mitigation of Special Register Buffer Data - Sampling versus optimization of the MCU access. When set to zero, the - mitigation is disabled, and the RDSEED and RDRAND instructions do not - incur serialization overhead for shared buffer accesses, and do not - serialize off-core memory accesses.</dd> - <dt id="kern.elf32.aslr.enable"><var class="Va">kern.elf32.aslr.enable</var></dt> - <dd>Controls system-global Address Space Layout Randomization (ASLR) for - normal non-PIE (Position Independent Executable) 32-bit ELF binaries. See - also the <a class="Xr">proccontrol(1)</a> <code class="Dv">aslr</code> - mode, also affected by the per-image control note flag.</dd> - <dt id="kern.elf32.aslr.pie_enable"><var class="Va">kern.elf32.aslr.pie_enable</var></dt> - <dd>Controls system-global Address Space Layout Randomization for - position-independent (PIE) 32-bit binaries.</dd> - <dt id="kern.elf32.aslr.honor_sbrk"><var class="Va">kern.elf32.aslr.honor_sbrk</var></dt> - <dd>Makes ASLR less aggressive and more compatible with old binaries relying - on the sbrk area.</dd> - <dt id="kern.elf32.aslr.stack"><var class="Va">kern.elf32.aslr.stack</var></dt> - <dd>Enable randomization of the stack for 32-bit binaries. Otherwise, the - stack is mapped at a fixed location determined by the process ABI.</dd> - <dt id="kern.elf64.aslr.enable"><var class="Va">kern.elf64.aslr.enable</var></dt> - <dd>ASLR control for 64-bit ELF binaries.</dd> - <dt id="kern.elf64.aslr.pie_enable"><var class="Va">kern.elf64.aslr.pie_enable</var></dt> - <dd>ASLR control for 64-bit ELF PIEs.</dd> - <dt id="kern.elf64.aslr.honor_sbrk"><var class="Va">kern.elf64.aslr.honor_sbrk</var></dt> - <dd>ASLR sbrk compatibility control for 64-bit binaries.</dd> - <dt id="kern.elf64.aslr.stack"><var class="Va">kern.elf64.aslr.stack</var></dt> - <dd>Controls stack address randomization for 64-bit binaries.</dd> - <dt id="kern.elf32.nxstack"><var class="Va">kern.elf32.nxstack</var></dt> - <dd>Enables non-executable stack for 32-bit processes. Enabled by default if - supported by hardware and corresponding binary.</dd> - <dt id="kern.elf64.nxstack"><var class="Va">kern.elf64.nxstack</var></dt> - <dd>Enables non-executable stack for 64-bit processes.</dd> - <dt id="kern.elf32.allow_wx"><var class="Va">kern.elf32.allow_wx</var></dt> - <dd>Enables mapping of simultaneously writable and executable pages for 32-bit - processes.</dd> - <dt id="kern.elf64.allow_wx"><var class="Va">kern.elf64.allow_wx</var></dt> - <dd>Enables mapping of simultaneously writable and executable pages for 64-bit - processes.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">chflags(1)</a>, <a class="Xr">find(1)</a>, - <a class="Xr">md5(1)</a>, <a class="Xr">mdo(1)</a>, - <a class="Xr">netstat(1)</a>, <a class="Xr">openssl(1)</a>, - <a class="Xr">proccontrol(1)</a>, <a class="Xr">ps(1)</a>, - <a class="Xr">ssh(1)</a>, <a class="Xr">xdm(1)</a> - (<span class="Pa">ports/x11/xorg-clients</span>), - <a class="Xr">group(5)</a>, <a class="Xr">ttys(5)</a>, - <a class="Xr">mitigations(7)</a>, <a class="Xr">accton(8)</a>, - <a class="Xr">init(8)</a>, <a class="Xr">sshd(8)</a>, - <a class="Xr">sysctl(8)</a>, <a class="Xr">syslogd(8)</a>, - <a class="Xr">vipw(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">security</code> manual page was originally - written by <span class="An">Matthew Dillon</span> and first appeared in - <span class="Ux">FreeBSD 3.1</span>, December 1998.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">March 22, 2026</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/simd.7 4.html b/static/freebsd/man7/simd.7 4.html deleted file mode 100644 index 7ef0f744..00000000 --- a/static/freebsd/man7/simd.7 4.html +++ /dev/null @@ -1,458 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">SIMD(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">SIMD(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">simd</code> — <span class="Nd">SIMD - enhancements</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">On some architectures, the <span class="Ux">FreeBSD</span> - <i class="Em">libc</i> provides enhanced implementations of commonly used - functions, replacing the architecture-independent implementations used - otherwise. Depending on architecture and function, an enhanced - implementation of a function may either always be used or the - <i class="Em">libc</i> detects at runtime which SIMD instruction set - extensions are supported and picks the most suitable implementation - automatically. On <code class="Cm">amd64</code>, the environment variable - <code class="Ev">ARCHLEVEL</code> can be used to override this - mechanism.</p> -<p class="Pp">Enhanced functions are present for the following - architectures:</p> -<table class="Bl-column Bd-indent"> - <tr id="FUNCTION"> - <td><a class="permalink" href="#FUNCTION"><i class="Em">FUNCTION</i></a></td> - <td><a class="permalink" href="#AARCH64"><i class="Em" id="AARCH64">AARCH64</i></a></td> - <td><a class="permalink" href="#ARM"><i class="Em" id="ARM">ARM</i></a></td> - <td><a class="permalink" href="#AMD64"><i class="Em" id="AMD64">AMD64</i></a></td> - <td><a class="permalink" href="#I386"><i class="Em" id="I386">I386</i></a></td> - <td><a class="permalink" href="#PPC64"><i class="Em" id="PPC64">PPC64</i></a></td> - <td><a class="permalink" href="#RISC-V"><i class="Em" id="RISC-V">RISC-V</i></a></td> - </tr> - <tr> - <td>bcmp</td> - <td>A</td> - <td></td> - <td>S1</td> - <td>S</td> - </tr> - <tr> - <td>bcopy</td> - <td>A</td> - <td>S</td> - <td>S</td> - <td>S</td> - <td>SV</td> - <td>S</td> - </tr> - <tr> - <td>bzero</td> - <td>A</td> - <td>S</td> - <td>S</td> - <td>S</td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>div</td> - <td></td> - <td></td> - <td>S</td> - <td>S</td> - </tr> - <tr> - <td>index</td> - <td>A</td> - <td></td> - <td>S1</td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>ldiv</td> - <td></td> - <td></td> - <td>S</td> - <td>S</td> - </tr> - <tr> - <td>lldiv</td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>memchr</td> - <td>A</td> - <td></td> - <td>S1</td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>memcmp</td> - <td>A</td> - <td>S</td> - <td>S1</td> - <td>S</td> - </tr> - <tr> - <td>memccpy</td> - <td>A</td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>memcpy</td> - <td>AM</td> - <td>S</td> - <td>S</td> - <td>S</td> - <td>SV</td> - <td>S</td> - </tr> - <tr> - <td>memmove</td> - <td>AM</td> - <td>S</td> - <td>S</td> - <td>S</td> - <td>SV</td> - </tr> - <tr> - <td>memrchr</td> - <td>A</td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>memset</td> - <td>AM</td> - <td>S</td> - <td>S</td> - <td>S</td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>rindex</td> - <td>A</td> - <td></td> - <td>S1</td> - <td>S</td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>stpcpy</td> - <td>A</td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>stpncpy</td> - <td></td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>strcat</td> - <td>A</td> - <td></td> - <td>S1</td> - <td>S</td> - </tr> - <tr> - <td>strchr</td> - <td>A</td> - <td></td> - <td>S1</td> - <td>S</td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>strchrnul</td> - <td>A</td> - <td></td> - <td>S1</td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>strcmp</td> - <td>A</td> - <td>S</td> - <td>S1</td> - <td>S</td> - </tr> - <tr> - <td>strcpy</td> - <td>A</td> - <td></td> - <td>S1</td> - <td>S</td> - <td>S2</td> - </tr> - <tr> - <td>strcspn</td> - <td>S</td> - <td></td> - <td>S2</td> - </tr> - <tr> - <td>strlcat</td> - <td>A</td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>strlcpy</td> - <td>A</td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>strlen</td> - <td>A</td> - <td>S</td> - <td>S1</td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>strncat</td> - <td>A</td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>strncmp</td> - <td>A</td> - <td>S</td> - <td>S1</td> - <td>S</td> - </tr> - <tr> - <td>strncpy</td> - <td></td> - <td></td> - <td>S1</td> - <td></td> - <td>S2</td> - </tr> - <tr> - <td>strnlen</td> - <td>A</td> - <td></td> - <td>S1</td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>strrchr</td> - <td>A</td> - <td></td> - <td>S1</td> - <td>S</td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>strpbrk</td> - <td>S</td> - <td></td> - <td>S2</td> - </tr> - <tr> - <td>strsep</td> - <td>S</td> - <td></td> - <td>S2</td> - </tr> - <tr> - <td>strspn</td> - <td>S</td> - <td></td> - <td>S2</td> - </tr> - <tr> - <td>swab</td> - <td></td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>timingsafe_bcmp</td> - <td>A</td> - <td></td> - <td>S1</td> - </tr> - <tr> - <td>timingsafe_memcmp</td> - <td>S</td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>wcschr</td> - <td></td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>wcscmp</td> - <td></td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>wcslen</td> - <td></td> - <td></td> - <td></td> - <td>S</td> - </tr> - <tr> - <td>wmemchr</td> - <td></td> - <td></td> - <td></td> - <td>S</td> - </tr> -</table> -<p class="Pp" id="S"><a class="permalink" href="#S"><b class="Sy">S</b></a>: scalar - (non-SIMD), - <a class="permalink" href="#1"><b class="Sy" id="1">1</b></a>: amd64 - baseline, - <a class="permalink" href="#2"><b class="Sy" id="2">2</b></a>: x86-64-v2 - or PowerPC 2.05, - <a class="permalink" href="#3"><b class="Sy" id="3">3</b></a>: x86-64-v3, - <a class="permalink" href="#4"><b class="Sy" id="4">4</b></a>: x86-64-v4, - <a class="permalink" href="#V"><b class="Sy" id="V">V</b></a>: PowerPC VSX, - <a class="permalink" href="#A"><b class="Sy" id="A">A</b></a>: Arm ASIMD - (NEON), - <a class="permalink" href="#M"><b class="Sy" id="M">M</b></a>: Arm MOPS.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="ENVIRONMENT"><a class="permalink" href="#ENVIRONMENT">ENVIRONMENT</a></h1> -<dl class="Bl-tag"> - <dt id="ARCHLEVEL"><a class="permalink" href="#ARCHLEVEL"><code class="Ev">ARCHLEVEL</code></a></dt> - <dd>On - <a class="permalink" href="#amd64"><i class="Em" id="amd64">amd64</i></a>, - controls the level of SIMD enhancements used. If this variable is set to - an architecture level from the list below and that architecture level is - supported by the processor, SIMD enhancements up to - <code class="Ev">ARCHLEVEL</code> are used. If - <code class="Ev">ARCHLEVEL</code> is unset, not recognised, or not - supported by the processor, the highest level of SIMD enhancements - supported by the processor is used. - <p class="Pp">A suffix beginning with ‘:’ or ‘+’ - in <code class="Ev">ARCHLEVEL</code> is ignored and may be used for - future extensions. The architecture level can be prefixed with a - ‘!’ character to force use of the requested architecture - level, even if the processor does not advertise that it is supported. - This usually causes applications to crash and should only be used for - testing purposes or if architecture level detection yields incorrect - results.</p> - <p class="Pp">The architecture levels follow the AMD64 SysV ABI - supplement:</p> - <dl class="Bl-tag"> - <dt id="scalar"><a class="permalink" href="#scalar"><code class="Cm">scalar</code></a></dt> - <dd>scalar enhancements only (no SIMD)</dd> - <dt id="baseline"><a class="permalink" href="#baseline"><code class="Cm">baseline</code></a></dt> - <dd>cmov, cx8, x87 FPU, fxsr, MMX, osfxsr, SSE, SSE2</dd> - <dt id="x86-64-v2"><a class="permalink" href="#x86-64-v2"><code class="Cm">x86-64-v2</code></a></dt> - <dd>cx16, lahf/sahf, popcnt, SSE3, SSSE3, SSE4.1, SSE4.2</dd> - <dt id="x86-64-v3"><a class="permalink" href="#x86-64-v3"><code class="Cm">x86-64-v3</code></a></dt> - <dd>AVX, AVX2, BMI1, BMI2, F16C, FMA, lzcnt, movbe, osxsave</dd> - <dt id="x86-64-v4"><a class="permalink" href="#x86-64-v4"><code class="Cm">x86-64-v4</code></a></dt> - <dd>AVX-512F/BW/CD/DQ/VL</dd> - </dl> - </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="DIAGNOSTICS"><a class="permalink" href="#DIAGNOSTICS">DIAGNOSTICS</a></h1> -<dl class="Bl-diag"> - <dt>Illegal Instruction</dt> - <dd>Printed by <a class="Xr">sh(1)</a> if a command is terminated through - delivery of a <code class="Dv">SIGILL</code> signal, see - <a class="Xr">signal(3)</a>. - <p class="Pp">Use of an unsupported architecture level was forced by setting - <code class="Ev">ARCHLEVEL</code> to a string beginning with a - ‘!’ character, causing a process to crash due to use of an - unsupported instruction. Unset <code class="Ev">ARCHLEVEL</code>, remove - the ‘!’ prefix or select a supported architecture - level.</p> - <p class="Pp">Message may also appear for unrelated reasons.</p> - </dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">string(3)</a>, <a class="Xr">arch(7)</a></p> -<p class="Pp"><cite class="Rs"><span class="RsA">H. J. Lu</span>, - <span class="RsA">Michael Matz</span>, <span class="RsA">Milind - Girkar</span>, <span class="RsA">Jan Hubička</span>, - <span class="RsA">Andreas Jaeger</span>, and <span class="RsA">Mark - Mitchell</span>, <span class="RsT">AMD64 Architecture Processor - Supplement</span>, <i class="RsB">System V Application Binary Interface</i>, - <span class="RsD">May 23, 2023</span>, <span class="RsO">Version - 1.0</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">Architecture-specific enhanced <i class="Em">libc</i> functions - were added starting with <span class="Ux">FreeBSD 2.0</span> for - <code class="Cm">i386</code>, <span class="Ux">FreeBSD 6.0</span> for - <code class="Cm">arm</code>, <span class="Ux">FreeBSD 6.1</span> for - <code class="Cm">amd64</code>, <span class="Ux">FreeBSD 11.0</span> for - <code class="Cm">aarch64</code>, <span class="Ux">FreeBSD 12.0</span> for - <code class="Cm">powerpc64</code>, and <span class="Ux">FreeBSD 16.0</span> - for <code class="Cm">riscv64</code>. SIMD-enhanced functions were first - added with <span class="Ux">FreeBSD 13.0</span> for - <code class="Cm">powerpc64</code> and with <span class="Ux">FreeBSD - 14.1</span> for <code class="Cm">amd64</code>.</p> -<p class="Pp">A <code class="Nm">simd</code> manual page appeared in - <span class="Ux">FreeBSD 14.1</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHOR"><a class="permalink" href="#AUTHOR">AUTHOR</a></h1> -<p class="Pp"><span class="An">Robert Clausecker</span> - <<a class="Mt" href="mailto:fuz@FreeBSD.org">fuz@FreeBSD.org</a>></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="CAVEATS"><a class="permalink" href="#CAVEATS">CAVEATS</a></h1> -<p class="Pp">Other parts of <span class="Ux">FreeBSD</span> such as - cryptographic routines in the kernel or in OpenSSL may also use SIMD - enhancements. These enhancements are not subject to the - <code class="Ev">ARCHLEVEL</code> variable and may have their own - configuration mechanism.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUGS"><a class="permalink" href="#BUGS">BUGS</a></h1> -<p class="Pp">Use of SIMD enhancements cannot be configured on powerpc64.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">October 21, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/sizeof.7 3.html b/static/freebsd/man7/sizeof.7 3.html deleted file mode 100644 index 5083f3cb..00000000 --- a/static/freebsd/man7/sizeof.7 3.html +++ /dev/null @@ -1,304 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">sizeof(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">sizeof(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">sizeof</code> operator — - <span class="Nd">yield the storage size of the given operand</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNTAX"><a class="permalink" href="#SYNTAX">SYNTAX</a></h1> -<p class="Pp"><code class="Nm">sizeof</code> (<var class="Vt">type</var>) - <br/> - <code class="Nm">sizeof</code> <var class="Vt">expression</var></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <code class="Nm">sizeof</code> operator yields the size of its - operand. The <code class="Nm">sizeof</code> operator cannot be applied to - incomplete types and expressions with incomplete types (e.g. - <var class="Vt">void</var>, or forward-defined <var class="Vt">struct foo - ),</var> and function types.</p> -<p class="Pp">The size of primitive (non-derived) data types in C may differ - across hardware platforms and implementations. They are defined by - corresponding Application Binary Interface (ABI) specifications, see - <a class="Xr">arch(7)</a> for details about ABI used by - <span class="Ux">FreeBSD</span>. It may be necessary or useful for a program - to be able to determine the storage size of a data type or object to account - for the platform specifics.</p> -<p class="Pp" id="char">The unary <code class="Nm">sizeof</code> operator yields - the storage size of an expression or data type in - <a class="permalink" href="#char"><i class="Em">char sized units</i></a> (C - language bytes). As a result, - ‘<code class="Li">sizeof(char)</code>’ is always guaranteed to - be 1. (The number of bits per <var class="Vt">char</var> is given by the - <code class="Dv">CHAR_BIT</code> definition in the - <code class="In"><<a class="In">limits.h</a>></code> header; many - systems also provide the "number of bits per byte" definition as - <code class="Dv">NBBY</code> in the - <code class="In"><<a class="In">sys/param.h</a>></code> header.)</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="EXAMPLES"><a class="permalink" href="#EXAMPLES">EXAMPLES</a></h1> -<p class="Pp">Different platforms may use different data models. For example, - systems on which integers, longs, and pointers are using 32 bits (e.g., - i386) are referred to as using the "ILP32" data model, systems - using 64 bit longs and pointers (e.g., amd64 / x86_64) as the - "LP64" data model.</p> -<p class="Pp">The following examples illustrate the possible results of calling - <code class="Nm">sizeof</code> on an ILP32 vs. an LP64 system:</p> -<p class="Pp">When applied to a simple variable or data type, - <code class="Nm">sizeof</code> returns the storage size of the data type of - the object:</p> -<table class="Bl-column Bd-indent"> - <tr id="Object"> - <td><a class="permalink" href="#Object"><b class="Sy">Object or - type</b></a></td> - <td><b class="Sy">Result (ILP32)</b></td> - <td><b class="Sy">Result (LP64)</b></td> - </tr> - <tr id="sizeof(char)"> - <td><a class="permalink" href="#sizeof(char)"><code class="Li">sizeof(char)</code></a></td> - <td>1</td> - <td>1</td> - </tr> - <tr id="sizeof(int)"> - <td><a class="permalink" href="#sizeof(int)"><code class="Li">sizeof(int)</code></a></td> - <td>4</td> - <td>4</td> - </tr> - <tr id="sizeof(long)"> - <td><a class="permalink" href="#sizeof(long)"><code class="Li">sizeof(long)</code></a></td> - <td>4</td> - <td>8</td> - </tr> - <tr id="sizeof(float)"> - <td><a class="permalink" href="#sizeof(float)"><code class="Li">sizeof(float)</code></a></td> - <td>4</td> - <td>4</td> - </tr> - <tr id="sizeof(double)"> - <td><a class="permalink" href="#sizeof(double)"><code class="Li">sizeof(double)</code></a></td> - <td>8</td> - <td>8</td> - </tr> - <tr id="sizeof(char"> - <td><a class="permalink" href="#sizeof(char"><code class="Li">sizeof(char - *)</code></a></td> - <td>4</td> - <td>8</td> - </tr> -</table> -<p class="Pp">For initialized data or uninitialized arrays of a fixed size known - at compile time, <code class="Nm">sizeof</code> will return the correct - storage size:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>#define DATA "1234567890" -char buf1[] = "abc"; -char buf2[1024]; -char buf3[1024] = { 'a', 'b', 'c' };</pre> -</div> -<table class="Bl-column Bd-indent"> - <tr id="Object~2"> - <td><a class="permalink" href="#Object~2"><b class="Sy">Object or - type</b></a></td> - <td><a class="permalink" href="#Result"><b class="Sy" id="Result">Result</b></a></td> - </tr> - <tr id="sizeof(DATA)"> - <td><a class="permalink" href="#sizeof(DATA)"><code class="Li">sizeof(DATA)</code></a></td> - <td>11</td> - </tr> - <tr id="sizeof(buf1)"> - <td><a class="permalink" href="#sizeof(buf1)"><code class="Li">sizeof(buf1)</code></a></td> - <td>4</td> - </tr> - <tr id="sizeof(buf2)"> - <td><a class="permalink" href="#sizeof(buf2)"><code class="Li">sizeof(buf2)</code></a></td> - <td>1024</td> - </tr> - <tr id="sizeof(buf3)"> - <td><a class="permalink" href="#sizeof(buf3)"><code class="Li">sizeof(buf3)</code></a></td> - <td>1024</td> - </tr> -</table> -<p class="Pp">The examples above are the same for ILP32 and LP64 platforms, as - they are based on character units.</p> -<p class="Pp">When applied to a struct or union, <code class="Nm">sizeof</code> - returns the total number of bytes in the object, including any internal or - trailing padding used to align the object in memory. This result may thus be - larger than if the storage size of each individual member had been - added:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>struct s1 { - char c; -}; - -struct s2 { - char *s; - int i; -}; - -struct s3 { - char *s; - int i; - int j; -}; - -struct s4 { - int i; - uint64_t i64; -}; - -struct s5 { - struct s1 a; - struct s2 b; - struct s3 c; - struct s4 d; -};</pre> -</div> -<table class="Bl-column Bd-indent"> - <tr id="Object~3"> - <td><a class="permalink" href="#Object~3"><b class="Sy">Object or - type</b></a></td> - <td><b class="Sy">Result (ILP32)</b></td> - <td><b class="Sy">Result (LP64)</b></td> - </tr> - <tr id="sizeof(struct"> - <td><a class="permalink" href="#sizeof(struct"><code class="Li">sizeof(struct - s1)</code></a></td> - <td>1</td> - <td>1</td> - </tr> - <tr id="sizeof(struct~2"> - <td><a class="permalink" href="#sizeof(struct~2"><code class="Li">sizeof(struct - s2)</code></a></td> - <td>8</td> - <td>16</td> - </tr> - <tr id="sizeof(struct~3"> - <td><a class="permalink" href="#sizeof(struct~3"><code class="Li">sizeof(struct - s3)</code></a></td> - <td>12</td> - <td>16</td> - </tr> - <tr id="sizeof(struct~4"> - <td><a class="permalink" href="#sizeof(struct~4"><code class="Li">sizeof(struct - s4)</code></a></td> - <td>12</td> - <td>16</td> - </tr> - <tr id="sizeof(struct~5"> - <td><a class="permalink" href="#sizeof(struct~5"><code class="Li">sizeof(struct - s5)</code></a></td> - <td>36</td> - <td>56</td> - </tr> -</table> -<p class="Pp" id="without">When applied to a struct containing a flexible array - member, <code class="Nm">sizeof</code> returns the size of the struct - <a class="permalink" href="#without"><i class="Em">without</i></a> the - array, although again possibly including any padding the compiler deemed - appropriate:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>struct flex { - char c; - long b; - char array[]; -}</pre> -</div> -<table class="Bl-column Bd-indent"> - <tr id="Object~4"> - <td><a class="permalink" href="#Object~4"><b class="Sy">Object or - type</b></a></td> - <td><b class="Sy">Result (ILP32)</b></td> - <td><b class="Sy">Result (LP64)</b></td> - </tr> - <tr id="sizeof(struct~6"> - <td><a class="permalink" href="#sizeof(struct~6"><code class="Li">sizeof(struct - flex)</code></a></td> - <td>8</td> - <td>16</td> - </tr> -</table> -<p class="Pp">One of the more common uses of the <code class="Nm">sizeof</code> - operator is to determine the correct amount of memory to allocate:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>int *nums = calloc(512, sizeof(int));</pre> -</div> -<p class="Pp">The <code class="Nm">sizeof</code> operator can be used to - calculate the number of elements in an array by dividing the size of the - array by the size of one of its elements:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>int nums[] = { 1, 2, 3, 4, 5 }; -const int howmany = sizeof(nums) / sizeof(nums[0]);</pre> -</div> -<p class="Pp">Many systems provide this shortcut as the macro - <code class="Dv">ntimes()</code> via the - <code class="In"><<a class="In">sys/param.h</a>></code> header - file.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="RESULT"><a class="permalink" href="#RESULT">RESULT</a></h1> -<p class="Pp">The result of the <code class="Nm">sizeof</code> operator is an - unsigned integer type, defined in the <code class="Dv">stddef.h</code> - header as a <var class="Vt">size_t</var>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="NOTES"><a class="permalink" href="#NOTES">NOTES</a></h1> -<p class="Pp">It is a common mistake to apply <code class="Nm">sizeof</code> to - a dynamically allocated array:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>char *buf; -if ((buf = malloc(BUFSIZ)) == NULL) { - perror("malloc"); -} -/* Warning: wrong! */ -(void)strncat(buf, input, sizeof(buf) - 1);</pre> -</div> -<p class="Pp">In that case, the operator will return the storage size of the - pointer ( ‘<code class="Li">sizeof(char *)</code>’ ), not the - allocated memory.</p> -<p class="Pp" id="does"><code class="Nm">sizeof</code> determines the - <code class="Ev">size</code> of the result of the expression given, but - <a class="permalink" href="#does"><i class="Em">does not</i></a> evaluate - the expression:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>int a = 42; -printf("%ld - %d\n", sizeof(a = 10), a); /* Result: "4 - 42" */</pre> -</div> -<p class="Pp">Since it is evaluated by the compiler and not the preprocessor, - the <code class="Nm">sizeof</code> operator cannot be used in a preprocessor - expression.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">arch(7)</a>, <a class="Xr">operator(7)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STANDARDS"><a class="permalink" href="#STANDARDS">STANDARDS</a></h1> -<p class="Pp">The <code class="Nm">sizeof</code> operator conforms to - <span class="St">ANSI X3.159-1989 - (“ANSI C89”)</span>.</p> -<p class="Pp">Handling of flexible array members in structures conforms to - <span class="St">ISO/IEC 9899:1999 - (“ISO C99”)</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This manual page was written by <span class="An">Jan - Schaumann</span> - <<a class="Mt" href="mailto:jschauma@netmeister.org">jschauma@netmeister.org</a>>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">December 12, 2022</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/sprog.7 3.html b/static/freebsd/man7/sprog.7 3.html deleted file mode 100644 index a5e54763..00000000 --- a/static/freebsd/man7/sprog.7 3.html +++ /dev/null @@ -1,146 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">SPROG(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">SPROG(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">sprog</code> — <span class="Nd">secure - programming practices</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">Security issues have crept into many systems over the years. This - document is a guide for programming practices that prevent these - problems.</p> -<section class="Ss"> -<h2 class="Ss" id="Overview"><a class="permalink" href="#Overview">Overview</a></h2> -<p class="Pp">Writing secure applications takes a very scrutinous and - pessimistic outlook. Applications should be run with the principle of - “<code class="Li">least privilege</code>” so that no process - is ever running with more than the bare minimum access it needs to - accomplish its function. Previously tested code should be reused whenever - possible. Generally, anything beyond the control of a program should never - be trusted. This includes all forms of user input, system resources, - interprocess communication, and the timing of events.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Buffer_Overflows"><a class="permalink" href="#Buffer_Overflows">Buffer - Overflows</a></h2> -<p class="Pp">One of the most common types of security problems is the buffer - overflow. In short, if a program is not careful with the data it receives, - it may be possible for this data to be written across memory, overwriting - the return address for a function call, and the program will be forced to - run code that does unfriendly things.</p> -<p class="Pp">A good number of functions in the standard C library make it - difficult or even impossible to prevent buffer overflows when used. These - include <a class="Xr">fscanf(3)</a>, <a class="Xr">gets(3)</a>, - <a class="Xr">getwd(3)</a>, <a class="Xr">realpath(3)</a>, - <a class="Xr">scanf(3)</a>, <a class="Xr">sprintf(3)</a>, - <a class="Xr">strcat(3)</a>, <a class="Xr">strcpy(3)</a>, - <a class="Xr">vscanf(3)</a>, and <a class="Xr">vsprintf(3)</a>.</p> -<p class="Pp">Many other functions that deal with strings can also open up a - potential buffer overflow when not used carefully. For example, - <a class="Xr">strncat(3)</a> does not go out of its way to provide NUL - character termination. Of course, the proper length must always be - specified. Usage of <a class="Xr">strlcat(3)</a> and - <a class="Xr">strlcpy(3)</a> ensure that strings are null terminated and of - the specified length.</p> -<p class="Pp">Functions that receive a string format must also be used - carefully. It is possible for a string to contain additional format - specifiers, which open up another possibility for a buffer overflow. Never - pass a string with untrusted data without using - ‘<code class="Li">%s</code>’. Always use the proper secure - idiom:</p> -<p class="Pp"></p> -<div class="Bd Bd-indent"><code class="Li">function("%s", - string);</code></div> -<p class="Pp">There are mechanisms that provide a backstop for these problems at - the library and compiler levels, however, there is no substitute for simply - writing good code.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Set-user-ID_Issues"><a class="permalink" href="#Set-user-ID_Issues">Set-user-ID - Issues</a></h2> -<p class="Pp">In many cases, it may be necessary for a program to operate with - an increased set of permissions. Reasons for this include binding to - protected sockets, reading and writing certain files and directories, and - access to various resources. Using a setuid program is frequently the - solution. However, it is important that programs give up these privileges as - soon as possible. For example, if a program is binding to a protected - socket, it should give up its privileges as soon as it has finished binding - to that socket. This is accomplished with the <a class="Xr">setuid(2)</a> - family of system calls.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Limited_Environments"><a class="permalink" href="#Limited_Environments">Limited - Environments</a></h2> -<p class="Pp">The traditional method of restricting a process is with the - <a class="Xr">chroot(2)</a> system call. This system call changes the root - directory from which all other paths are referenced for a process and any - child processes. Of course, the process must have access to this path to - begin with. The new environment does not actually take effect until - <a class="Xr">chdir(2)</a> is called to place the process into the new - environment. Unfortunately, a process can break out of this environment if - root access is obtained.</p> -<p class="Pp">Often, <a class="Xr">jail(2)</a> can be used to create a more - complete and enclosed environment than <a class="Xr">chroot(2)</a> can - provide. A jail limits all processes inside that environment, including - processes with superuser privileges.</p> -<p class="Pp">Fine grained privileges, as described by POSIX.1e extensions, are - currently a work in progress, and the focus of the TrustedBSD Project. More - information can be found at - <span class="Pa">http://www.TrustedBSD.org/</span>.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Trust"><a class="permalink" href="#Trust">Trust</a></h2> -<p class="Pp">Programs should not make assumptions about the environment in - which they are running. This includes user input, signals, environment - variables, system resources, interprocess communications, and shared memory, - amongst other things that are beyond the control of the program. They should - not assume that all forms of invalid data can be detected either. Instead, - they should use positive filtering, and only allow a specific subset of - inputs that are known to be safe. This is the same logic that an - administrator should apply to a firewall, that is, deny by default and - specify what is to be accepted.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Race_Conditions"><a class="permalink" href="#Race_Conditions">Race - Conditions</a></h2> -<p class="Pp">A race condition is anomalous behavior caused by the relative - timing of events. Programs should not assume that a particular event will - occur before another. The most common causes of race conditions are signals, - access checks, and file reads. Signals are asynchronous by nature, so - special care must be taken while dealing with them. Attempting to check - access with sequential non-atomic operations is a very bad idea, as files - can be moved and changed at any given time. Instead of using a sequence of - <a class="Xr">access(2)</a> and <a class="Xr">open(2)</a>, use - <a class="Xr">seteuid(2)</a> and then call <a class="Xr">open(2)</a> - directly. Set <a class="Xr">umask(2)</a> properly beforehand.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">jail(2)</a>, <a class="Xr">setuid(2)</a>, - <a class="Xr">strlcat(3)</a>, <a class="Xr">strlcpy(3)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp"><span class="An">Eric Melville</span> - <<a class="Mt" href="mailto:eric@FreeBSD.org">eric@FreeBSD.org</a>> - originally wrote this document based on a chapter of the - <i class="RsB">FreeBSD Developer's Handbook</i> written by - <span class="An">Murray Stokely</span> - <<a class="Mt" href="mailto:murray@FreeBSD.org">murray@FreeBSD.org</a>>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">June 3, 2001</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/stats.7 4.html b/static/freebsd/man7/stats.7 4.html deleted file mode 100644 index 2c97e6ca..00000000 --- a/static/freebsd/man7/stats.7 4.html +++ /dev/null @@ -1,107 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">STATS(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">STATS(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">stats</code> — - <span class="Nd">information about various and sundry statistics - utilities</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <span class="Ux">FreeBSD</span> userland in part contains a - series of utilities which can be used to ascertain system state at runtime - and optionally from core files.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="COMMANDS"><a class="permalink" href="#COMMANDS">COMMANDS</a></h1> -<p class="Pp">The following commands (sorted alphabetically) are currently - included in the base system, with more appearing periodically.</p> -<dl class="Bl-tag"> - <dt><code class="Nm">btsockstat</code></dt> - <dd>Show Bluetooth socket information</dd> - <dt><code class="Nm">ctlstat</code></dt> - <dd>CAM Target Layer statistics utility</dd> - <dt><code class="Nm">dwatch</code></dt> - <dd>Watch processes as they trigger a particular DTrace probe</dd> - <dt><code class="Nm">fstat</code></dt> - <dd>Identify active files</dd> - <dt><code class="Nm">gstat</code></dt> - <dd>Print statistics about GEOM disks</dd> - <dt><code class="Nm">ibstat</code></dt> - <dd>Display information from the InfiniBand driver</dd> - <dt><code class="Nm">ifmcstat</code></dt> - <dd>Dump multicast group management statistics per interface</dd> - <dt><code class="Nm">iostat</code></dt> - <dd>Report kernel subsystem I/O statistics</dd> - <dt><code class="Nm">ipfstat</code></dt> - <dd>Display IPF packet filter statistics and filter list</dd> - <dt><code class="Nm">kldstat</code></dt> - <dd>Display status of dynamic kernel linker</dd> - <dt><code class="Nm">lockstat</code></dt> - <dd>Report kernel lock and profiling statistics</dd> - <dt><code class="Nm">mailstats</code></dt> - <dd>Display mail statistics</dd> - <dt><code class="Nm">netstat</code></dt> - <dd>Show network status and statistics</dd> - <dt><code class="Nm">nfsstat</code></dt> - <dd>Display NFS statistics</dd> - <dt><code class="Nm">plockstat</code></dt> - <dd>Trace pthread lock statistics using DTrace</dd> - <dt><code class="Nm">pmcstat</code></dt> - <dd>Performance measurement with performance monitoring hardware</dd> - <dt><code class="Nm">procstat</code></dt> - <dd>Get detailed process information</dd> - <dt><code class="Nm">pstat</code></dt> - <dd>Display system data structures</dd> - <dt><code class="Nm">sockstat</code></dt> - <dd>List open sockets</dd> - <dt><code class="Nm">stat</code></dt> - <dd>Display file status</dd> - <dt><code class="Nm">systat</code></dt> - <dd>Display system statistics</dd> - <dt><code class="Nm">vmstat</code></dt> - <dd>Report virtual memory statistics</dd> - <dt><code class="Nm">zpool iostat</code></dt> - <dd>Report ZFS I/O statistics</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">btsockstat(1)</a>, <a class="Xr">dwatch(1)</a>, - <a class="Xr">fstat(1)</a>, <a class="Xr">intro(1)</a>, - <a class="Xr">lockstat(1)</a>, <a class="Xr">netstat(1)</a>, - <a class="Xr">plockstat(1)</a>, <a class="Xr">procstat(1)</a>, - <a class="Xr">sockstat(1)</a>, <a class="Xr">stat(1)</a>, - <a class="Xr">systat(1)</a>, <a class="Xr">intro(7)</a>, - <a class="Xr">tuning(7)</a>, <a class="Xr">ctlstat(8)</a>, - <a class="Xr">gstat(8)</a>, <a class="Xr">ibstat(8)</a>, - <a class="Xr">ifmcstat(8)</a>, <a class="Xr">intro(8)</a>, - <a class="Xr">iostat(8)</a>, <a class="Xr">ipfstat(8)</a>, - <a class="Xr">kldstat(8)</a>, <a class="Xr">mailstats(8)</a>, - <a class="Xr">pmcstat(8)</a>, <a class="Xr">pstat(8)</a>, - <a class="Xr">vmstat(8)</a>, <a class="Xr">zpool(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">stats</code> manual page first appeared in - <span class="Ux">FreeBSD 13.0</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp"><span class="An">Daniel Ebdrup Jensen</span> - <<a class="Mt" href="mailto:debdrup@FreeBSD.org">debdrup@FreeBSD.org</a>></p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">October 28, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/stdint.7 3.html b/static/freebsd/man7/stdint.7 3.html deleted file mode 100644 index 50558660..00000000 --- a/static/freebsd/man7/stdint.7 3.html +++ /dev/null @@ -1,87 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">STDINT(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">STDINT(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">stdint</code> — <span class="Nd">standard - integer types</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><code class="In">#include - <<a class="In">stdint.h</a>></code></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <code class="In"><<a class="In">stdint.h</a>></code> - header provides source-portable integer types of a specific size, smallest - memory footprint with a minimum size, fastest access speed with a minimum - size, largest integer size, and those capable of storing pointers.</p> -<p class="Pp">The types <var class="Vt">int8_t</var>, - <var class="Vt">int16_t</var>, <var class="Vt">int32_t</var>, and - <var class="Vt">int64_t</var> provide a signed integer type of width 8, 16, - 32, or 64 bits, respectively. The types <var class="Vt">uint8_t</var>, - <var class="Vt">uint16_t</var>, <var class="Vt">uint32_t</var>, and - <var class="Vt">uint64_t</var> provide an unsigned integer type of width 8, - 16, 32, or 64 bits, respectively. These integer types should be used when a - specific size is required.</p> -<p class="Pp">The types <var class="Vt">int_fast8_t</var>, - <var class="Vt">int_fast16_t</var>, <var class="Vt">int_fast32_t</var>, and - <var class="Vt">int_fast64_t</var> provide the fastest signed integer type - with a width of at least 8, 16, 32, or 64 bits, respectively. The types - <var class="Vt">uint_fast8_t</var>, <var class="Vt">uint_fast16_t</var>, - <var class="Vt">uint_fast32_t</var>, and <var class="Vt">uint_fast64_t</var> - provide the fastest unsigned integer type with a width of at least 8, 16, - 32, or 64 bits, respectively. These types should be used when access speed - is paramount, and when a specific size is not required.</p> -<p class="Pp">The types <var class="Vt">int_least8_t</var>, - <var class="Vt">int_least16_t</var>, <var class="Vt">int_least32_t</var>, - and <var class="Vt">int_least64_t</var> provide the smallest memory - footprint signed integer type with a width of at least 8, 16, 32, or 64 - bits, respectively. The types <var class="Vt">uint_least8_t</var>, - <var class="Vt">uint_least16_t</var>, <var class="Vt">uint_least32_t</var>, - and <var class="Vt">uint_least64_t</var> provide the smallest memory - footprint unsigned integer type with a width of at least 8, 16, 32, or 64 - bits, respectively. These types should be used when memory storage is of - concern, and when a specific size is not required.</p> -<p class="Pp">The type <var class="Vt">intmax_t</var> provides a signed integer - type large enough to hold any other signed integer. The type - <var class="Vt">uintmax_t</var> provides an unsigned integer type large - enough to hold any other unsigned integer. These types are generally the - largest signed and unsigned integer types available on a specific - architecture.</p> -<p class="Pp">The type <var class="Vt">intptr_t</var> provides a signed integer - type with the ability to hold a pointer to <var class="Vt">void</var>, that - can later be converted back to a pointer to <var class="Vt">void</var>.</p> -<p class="Pp">The type <var class="Vt">uintptr_t</var> provides an unsigned - integer type with the ability to hold a pointer to - <var class="Vt">void</var>, that can later be converted back to a pointer to - <var class="Vt">void</var>.</p> -<p class="Pp">Additionally, the - <code class="In"><<a class="In">stdint.h</a>></code> header defines - some macros, but none of them are documented here.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STANDARDS"><a class="permalink" href="#STANDARDS">STANDARDS</a></h1> -<p class="Pp">The <code class="In"><<a class="In">stdint.h</a>></code> - header conforms to <span class="St">ISO/IEC 9899:1999 - (“ISO C99”)</span> and <span class="St">IEEE Std - 1003.1-2001 (“POSIX.1”)</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="In"><<a class="In">stdint.h</a>></code> - header was first introduced in <span class="Ux">FreeBSD 5.0</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">September 15, 2002</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/sticky.7 4.html b/static/freebsd/man7/sticky.7 4.html deleted file mode 100644 index 0768426d..00000000 --- a/static/freebsd/man7/sticky.7 4.html +++ /dev/null @@ -1,53 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">STICKY(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">STICKY(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">sticky</code> — <span class="Nd">sticky - text and append-only directories</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">A special file mode, called the - <a class="permalink" href="#sticky"><i class="Em" id="sticky">sticky - bit</i></a> (mode S_ISTXT), is used to indicate special treatment for - directories. It is ignored for regular files. See <a class="Xr">chmod(2)</a> - or the file <code class="In"><<a class="In">sys/stat.h</a>></code> for - an explanation of file modes.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STICKY_DIRECTORIES"><a class="permalink" href="#STICKY_DIRECTORIES">STICKY - DIRECTORIES</a></h1> -<p class="Pp">A directory whose `sticky bit' is set becomes an append-only - directory, or, more accurately, a directory in which the deletion of files - is restricted. A file in a sticky directory may only be removed or renamed - by a user if the user has write permission for the directory and the user is - the owner of the file, the owner of the directory, or the super-user. This - feature is usefully applied to directories such as - <span class="Pa">/tmp</span> which must be publicly writable but should deny - users the license to arbitrarily delete or rename each others' files.</p> -<p class="Pp">Any user may create a sticky directory. See - <a class="Xr">chmod(1)</a> for details about modifying file modes.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">A <code class="Nm">sticky</code> command appeared in - <span class="Ux">Version 7 AT&T UNIX/32V</span>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUGS"><a class="permalink" href="#BUGS">BUGS</a></h1> -<p class="Pp">Neither <a class="Xr">open(2)</a> nor <a class="Xr">mkdir(2)</a> - will create a file with the sticky bit set.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">June 5, 1993</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/tests.7 3.html b/static/freebsd/man7/tests.7 3.html deleted file mode 100644 index cd0d4f0e..00000000 --- a/static/freebsd/man7/tests.7 3.html +++ /dev/null @@ -1,258 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">TESTS(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">TESTS(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">tests</code> — - <span class="Nd">introduction to the <span class="Ux">FreeBSD</span> Test - Suite</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <span class="Ux">FreeBSD</span> Test Suite provides a - collection of automated tests for two major purposes. On one hand, the test - suite aids - <a class="permalink" href="#developers"><i class="Em" id="developers">developers</i></a> - to detect bugs and regressions when they modify the source tree. On the - other hand, it allows - <a class="permalink" href="#end"><i class="Em" id="end">end users</i></a> - (and, in particular, system administrators) to verify that fresh - installations of the <span class="Ux">FreeBSD</span> operating system behave - correctly on their hardware platform and also to ensure that the system does - not suffer from regressions during regular operation and maintenance.</p> -<p class="Pp">The <span class="Ux">FreeBSD</span> Test Suite can be found in the - <span class="Pa">/usr/tests</span> hierarchy.</p> -<p class="Pp">This manual page describes how to run the test suite and how to - configure some of its optional features. For information on writing the - tests, see <a class="Xr">atf(7)</a>.</p> -<section class="Ss"> -<h2 class="Ss" id="Installing_the_test_suite"><a class="permalink" href="#Installing_the_test_suite">Installing - the test suite</a></h2> -<p class="Pp">If the <span class="Pa">/usr/tests</span> directory is missing, - then you will have to enable the build of the test suite, rebuild your - system and install the results. You can do so by setting - ‘WITH_TESTS=yes’ in your <span class="Pa">/etc/src.conf</span> - file (see <a class="Xr">src.conf(5)</a> for details) and rebuilding the - system as described in <a class="Xr">build(7)</a>.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="When_to_run_the_tests?"><a class="permalink" href="#When_to_run_the_tests?">When - to run the tests?</a></h2> -<p class="Pp">Before diving into the details of how to run the test suite, here - are some scenarios in which you should run it:</p> -<ul class="Bl-bullet Bd-indent"> - <li>After a fresh installation of <span class="Ux">FreeBSD</span> to ensure - that the system works correctly on your hardware platform.</li> - <li>After an upgrade of <span class="Ux">FreeBSD</span> to a different version - to ensure that the new code works well on your hardware platform and that - the upgrade did not introduce regressions in your configuration.</li> - <li>After modifying the source tree to detect any new bugs and/or - regressions.</li> - <li>Periodically, maybe from a <a class="Xr">cron(8)</a> job, to ensure that - any changes to the system (such as the installation of third-party - packages or manual modifications to configuration files) do not introduce - unexpected failures.</li> -</ul> -</section> -<section class="Ss"> -<h2 class="Ss" id="Running_the_tests"><a class="permalink" href="#Running_the_tests">Running - the tests</a></h2> -<p class="Pp">By default, Kyua looks for tests in the current directory. To run - the whole test suite, either use the <code class="Fl">-k</code> option to - specify the top-level <span class="Pa">Kyuafile</span>:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ kyua test -k /usr/tests/Kyuafile</pre> -</div> -<p class="Pp">or just change to the test suite root before running Kyua:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ cd /usr/tests -$ kyua test</pre> -</div> -<p class="Pp">The above will iterate through all test programs in - <span class="Pa">/usr/tests</span> recursively, execute them, store their - results and debugging data in Kyua's database (by default in - <span class="Pa">~/.kyua/store/</span>), and print a summary of the results. - This summary includes a brief count of all total tests run and how many of - them failed.</p> -<p class="Pp">It is possible to restrict which tests to run by providing their - names, or a portion of their path, on the command line. For example, this - would execute all of the tests provided for the <a class="Xr">cp(1)</a> and - <a class="Xr">stat(1)</a> utilities:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ cd /usr/tests -$ kyua test bin/cp usr.bin/stat</pre> -</div> -<p class="Pp">This would execute only one of the two test programs provided for - <a class="Xr">stat(1)</a>:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ cd /usr/tests -$ kyua test usr.bin/stat/stat_test</pre> -</div> -<p class="Pp">This would execute just a single test case:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ cd /usr/tests -$ kyua test usr.bin/stat/stat_test:t_flag</pre> -</div> -<p class="Pp">Finally, this would execute that test case in debug mode:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ cd /usr/tests -$ kyua debug -p usr.bin/stat/stat_test:t_flag</pre> -</div> -<p class="Pp">The <code class="Fl">-p</code> option tells Kyua to pause before - cleanup so you can inspect the temporary directory to better understand why - the test failed.</p> -<p class="Pp">Note that some tests may require root privileges to execute:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ cd /usr/tests -$ kyua debug usr.bin/stat/stat_test:h_flag -usr.bin/stat/stat_test:h_flag -> skipped: Requires root privileges -$ sudo kyua debug usr.bin/stat/stat_test:h_flag -[...] -usr.bin/stat/stat_test:h_flag -> passed</pre> -</div> -<p class="Pp">Conversely, some tests will only work correctly if run as an - unprivileged user. This will normally be noted in the test's metadata, - causing Kyua to automatically drop privileges before running the test.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Obtaining_reports_of_the_tests_execution"><a class="permalink" href="#Obtaining_reports_of_the_tests_execution">Obtaining - reports of the tests execution</a></h2> -<p class="Pp">Additional information about the test results can be retrieved by - using Kyua's various reporting commands. For example, the following would - print a plain-text report of the tests executed in the latest test run and - show which ones failed:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ kyua report --verbose</pre> -</div> -<p class="Pp">To show the results of an arbitrary test run, use the - <code class="Fl">-r</code> option to specify which results file to read:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ kyua report --verbose \ - -r ~/.kyua/store/results.usr_tests.20260417-173009-335060.db</pre> -</div> -<p class="Pp">Keep in mind that if the tests were run as root, the results will - have been stored in root's <span class="Pa">kyua</span> directory, and the - easiest way to access them will be to run the <code class="Cm">report</code> - command as root as well:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ cd /usr/tests -$ sudo kyua test usr.bin/stat -$ sudo kyua report --verbose</pre> -</div> -<p class="Pp">This example would generate an HTML report ready to be published - on a web server:</p> -<div class="Bd Pp Bd-indent Li"> -<pre>$ kyua report-html --output ~/public_html/tests</pre> -</div> -<p class="Pp">For further details on the command-line interface of Kyua, please - refer to its manual page <a class="Xr">kyua(1)</a>.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Configuring_the_tests"><a class="permalink" href="#Configuring_the_tests">Configuring - the tests</a></h2> -<p class="Pp">Some test cases in the <span class="Ux">FreeBSD</span> Test Suite - require manual configuration by the administrator before they can be run. - Unless certain properties are defined, the tests that require them will be - skipped.</p> -<p class="Pp">Test suites are configured by defining their configuration - variables in <span class="Pa">/etc/kyua/kyua.conf</span>. The format of this - file is detailed in <a class="Xr">kyua.conf(5)</a>.</p> -<p class="Pp">The following configuration variables are available in the - <span class="Ux">FreeBSD</span> Test Suite:</p> -<dl class="Bl-tag"> - <dt id="allow_devfs_side_effects"><var class="Va">allow_devfs_side_effects</var></dt> - <dd>If defined, enables tests that may destroy and recreate semipermanent - device nodes, like disk devices. Without this variable, tests may still - create and destroy devices nodes that are normally transient, like - /dev/tap* and /dev/pts*, as long as they clean them up afterwards. - However, tests that require this variable have a relaxed cleanup - requirement; they must recreate any devices that they destroyed, but not - necessarily with the same devnames.</dd> - <dt id="allow_sysctl_side_effects"><var class="Va">allow_sysctl_side_effects</var></dt> - <dd>Enables tests that change globally significant <a class="Xr">sysctl(8)</a> - variables. The tests will undo any changes in their cleanup phases.</dd> - <dt id="allow_network_access"><var class="Va">allow_network_access</var></dt> - <dd>Enables tests that need to access the network the test host is connected - to. Such tests may require properly configured Internet access.</dd> - <dt id="disks"><var class="Va">disks</var></dt> - <dd>Must be set to a space delimited list of disk device nodes. Tests that - need destructive access to disks must use these devices. Tests are not - required to preserve any data present on these disks.</dd> - <dt id="fibs"><var class="Va">fibs</var></dt> - <dd>Must be set to a space delimited list of FIBs (routing tables). Tests that - need to modify a routing table may use any of these. Tests will cleanup - any new routes that they create.</dd> -</dl> -</section> -<section class="Ss"> -<h2 class="Ss" id="What_to_do_if_something_fails?"><a class="permalink" href="#What_to_do_if_something_fails?">What - to do if something fails?</a></h2> -<p class="Pp">If there is - <a class="permalink" href="#any"><i class="Em" id="any">any failure</i></a> - during the execution of the test suite, please consider reporting it to the - <span class="Ux">FreeBSD</span> developers so that the failure can be - analyzed and fixed. To do so, either send a message to the appropriate - mailing list or file a problem report. For more details please refer to:</p> -<ul class="Bl-bullet Bd-indent Bl-compact"> - <li><a class="Lk" href="https://lists.freebsd.org/">FreeBSD Mailing - Lists</a></li> - <li><a class="Lk" href="https://www.freebsd.org/support/">Problem - Reporting</a></li> -</ul> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="FILES"><a class="permalink" href="#FILES">FILES</a></h1> -<dl class="Bl-tag Bl-compact"> - <dt><span class="Pa">/etc/kyua/kyua.conf</span></dt> - <dd>System-wide configuration file for <a class="Xr">kyua(1)</a>.</dd> - <dt><span class="Pa">~/.kyua/kyua.conf</span></dt> - <dd>User-specific configuration file for <a class="Xr">kyua(1)</a>; overrides - the system file.</dd> - <dt><span class="Pa">~/.kyua/logs/</span></dt> - <dd>Default location of Kyua debug logs (one <span class="Pa">.log</span> file - per test run).</dd> - <dt><span class="Pa">~/.kyua/store/</span></dt> - <dd>Default location of Kyua test results (one <span class="Pa">.db</span> - file per test run).</dd> - <dt><span class="Pa">/usr/tests/</span></dt> - <dd>Location of the <span class="Ux">FreeBSD</span> Test Suite.</dd> - <dt><span class="Pa">/usr/tests/Kyuafile</span></dt> - <dd>Top-level test suite definition file.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">kyua(1)</a>, <a class="Xr">atf(7)</a>, - <a class="Xr">build(7)</a>, <a class="Xr">development(7)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <span class="Ux">FreeBSD</span> Test Suite first appeared in - <span class="Ux">FreeBSD 10.1</span> and was installed by default in - <span class="Ux">FreeBSD 11.0</span>.</p> -<p class="Pp">The <code class="Nm">tests</code> manual page first appeared in - <span class="Ux">NetBSD 6.0</span> and was later ported to - <span class="Ux">FreeBSD 10.1</span>.</p> -<p class="Pp">The test driver, <a class="Xr">kyua(1)</a>, was imported as part - of the base system in <span class="Ux">FreeBSD 13.0</span>, previously being - available only in <a class="Xr">ports(7)</a>.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp"><span class="An">Julio Merino</span> - <<a class="Mt" href="mailto:jmmv@FreeBSD.org">jmmv@FreeBSD.org</a>></p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">April 17, 2026</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/tracing.7 3.html b/static/freebsd/man7/tracing.7 3.html deleted file mode 100644 index 9c09f1d3..00000000 --- a/static/freebsd/man7/tracing.7 3.html +++ /dev/null @@ -1,95 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">TRACING(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">TRACING(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">tracing</code> — - <span class="Nd">introduction to FreeBSD tracing and performance - monitoring</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp"><span class="Ux">FreeBSD</span> features a large variety of - tracing and performance monitoring facilities. Use them to measure - performance and troubleshoot kernel and userland problems both during - <a class="Xr">development(7)</a> and potentially on production systems. The - facilities differ in scope, ease of use, overhead, design, and - limitations.</p> -<section class="Ss"> -<h2 class="Ss" id="DTrace"><a class="permalink" href="#DTrace">DTrace</a></h2> -<p class="Pp"><a class="Xr">dtrace(1)</a> is the most versatile tracing - framework available on <span class="Ux">FreeBSD</span> and is capable of - tracing throughout the <span class="Ux">FreeBSD</span> software stack from - the kernel to the applications running in userland. Refer to - <a class="Xr">dtrace(1)</a> and <a class="Xr">SDT(9)</a> for more - details.</p> -<p class="Pp"><a class="Xr">dwatch(1)</a> is a user-friendly wrapper for DTrace. - It simplifies common DTrace usage patterns and requires less expert - knowledge to operate.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Userland_Tracing"><a class="permalink" href="#Userland_Tracing">Userland - Tracing</a></h2> -<p class="Pp"><a class="Xr">truss(1)</a> traces system calls. It uses - <a class="Xr">sysdecode(3)</a> to pretty-print system call arguments and - <a class="Xr">ptrace(2)</a> to trace processes.</p> -<p class="Pp"><a class="Xr">ktrace(1)</a> is useful for debugging user programs. - It enables kernel trace logging for specified processes. Like - <a class="Xr">truss(1)</a>, it mainly traces system calls, but instead of - using <a class="Xr">ptrace(2)</a>, it asynchronously logs entries to a trace - file configured with <a class="Xr">ktrace(2)</a> (typically - <span class="Pa">ktrace.out</span>), and it can log other types of kernel - events, such as page faults and name lookups (refer to - <code class="Fl">-t</code> in <a class="Xr">ktrace(1)</a>). Also, programs - can log to a <a class="Xr">ktrace(1)</a> stream using the - <a class="Xr">utrace(2)</a> system call.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Kernel_Tracing"><a class="permalink" href="#Kernel_Tracing">Kernel - Tracing</a></h2> -<p class="Pp"><a class="Xr">ktr(4)</a> is a facility for logging strings in the - kernel. It comes in handy for some niche purposes during kernel development. - It lets kernel programmers log events to a global ring buffer, which can - later be dumped using <a class="Xr">ktrdump(8)</a>.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Hardware-Accelerated_Tracing"><a class="permalink" href="#Hardware-Accelerated_Tracing">Hardware-Accelerated - Tracing</a></h2> -<p class="Pp"><a class="Xr">hwt(4)</a> is a kernel trace framework providing - infrastructure for hardware-assisted tracing.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Hardware_Counters"><a class="permalink" href="#Hardware_Counters">Hardware - Counters</a></h2> -<p class="Pp"><a class="Xr">pmcstat(8)</a>, and its kernel counterpart, - <a class="Xr">hwpmc(4)</a>, is the <span class="Ux">FreeBSD</span> facility - for conducting performance measurements with hardware counters.</p> -</section> -<section class="Ss"> -<h2 class="Ss" id="Boot-Time_And_Shutdown_Tracing"><a class="permalink" href="#Boot-Time_And_Shutdown_Tracing">Boot-Time - And Shutdown Tracing</a></h2> -<p class="Pp"><a class="Xr">boottrace(4)</a> is a facility for tracing events at - boot and shutdown. Its target audience are system administrators.</p> -<p class="Pp"><a class="Xr">tslog(4)</a> is a developer-oriented tool for - tracing boot-time events.</p> -</section> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">tracing</code> manual page was written by - <span class="An">Mateusz Piotrowski</span> - <<a class="Mt" href="mailto:0mp@FreeBSD.org">0mp@FreeBSD.org</a>>. It - first appeared in <span class="Ux">FreeBSD 15.0</span>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">July 12, 2025</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> diff --git a/static/freebsd/man7/tuning.7 3.html b/static/freebsd/man7/tuning.7 3.html deleted file mode 100644 index 317a2e0d..00000000 --- a/static/freebsd/man7/tuning.7 3.html +++ /dev/null @@ -1,478 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">TUNING(7)</td> - <td class="head-vol">Miscellaneous Information Manual</td> - <td class="head-rtitle">TUNING(7)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">tuning</code> — - <span class="Nd">performance tuning under FreeBSD</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYSTEM_SETUP_-_DISKLABEL,_NEWFS,_TUNEFS,_SWAP"><a class="permalink" href="#SYSTEM_SETUP_-_DISKLABEL,_NEWFS,_TUNEFS,_SWAP">SYSTEM - SETUP - DISKLABEL, NEWFS, TUNEFS, SWAP</a></h1> -<p class="Pp">The swap partition should typically be approximately 2x the size - of main memory for systems with less than 4GB of RAM, or approximately equal - to the size of main memory if you have more. Keep in mind future memory - expansion when sizing the swap partition. Configuring too little swap can - lead to inefficiencies in the VM page scanning code as well as create issues - later on if you add more memory to your machine. On larger systems with - multiple disks, configure swap on each drive. The swap partitions on the - drives should be approximately the same size. The kernel can handle - arbitrary sizes but internal data structures scale to 4 times the largest - swap partition. Keeping the swap partitions near the same size will allow - the kernel to optimally stripe swap space across the N disks. Do not worry - about overdoing it a little, swap space is the saving grace of - <span class="Ux">UNIX</span> and even if you do not normally use much swap, - it can give you more time to recover from a runaway program before being - forced to reboot.</p> -<p class="Pp">It is not a good idea to make one large partition. First, each - partition has different operational characteristics and separating them - allows the file system to tune itself to those characteristics. For example, - the root and <span class="Pa">/usr</span> partitions are read-mostly, with - very little writing, while a lot of reading and writing could occur in - <span class="Pa">/var/tmp</span>. By properly partitioning your system - fragmentation introduced in the smaller more heavily write-loaded partitions - will not bleed over into the mostly-read partitions.</p> -<p class="Pp" id="softupdates">Properly partitioning your system also allows you - to tune <a class="Xr">newfs(8)</a>, and <a class="Xr">tunefs(8)</a> - parameters. The only <a class="Xr">tunefs(8)</a> option worthwhile turning - on is - <a class="permalink" href="#softupdates"><i class="Em">softupdates</i></a> - with “<code class="Li">tunefs -n enable /filesystem</code>”. - Softupdates drastically improves meta-data performance, mainly file creation - and deletion. We recommend enabling softupdates on most file systems; - however, there are two limitations to softupdates that you should be aware - of when determining whether to use it on a file system. First, softupdates - guarantees file system consistency in the case of a crash but could very - easily be several seconds (even a minute!) behind on pending write to the - physical disk. If you crash you may lose more work than otherwise. Secondly, - softupdates delays the freeing of file system blocks. If you have a file - system (such as the root file system) which is close to full, doing a major - update of it, e.g., “<code class="Li">make - installworld</code>”, can run it out of space and cause the update to - fail. For this reason, softupdates will not be enabled on the root file - system during a typical install. There is no loss of performance since the - root file system is rarely written to.</p> -<p class="Pp">A number of run-time <a class="Xr">mount(8)</a> options exist that - can help you tune the system. The most obvious and most dangerous one is - <code class="Cm">async</code>. Only use this option in conjunction with - <a class="Xr">gjournal(8)</a>, as it is far too dangerous on a normal file - system. A less dangerous and more useful <a class="Xr">mount(8)</a> option - is called <code class="Cm">noatime</code>. <span class="Ux">UNIX</span> file - systems normally update the last-accessed time of a file or directory - whenever it is accessed. This operation is handled in - <span class="Ux">FreeBSD</span> with a delayed write and normally does not - create a burden on the system. However, if your system is accessing a huge - number of files on a continuing basis the buffer cache can wind up getting - polluted with atime updates, creating a burden on the system. For example, - if you are running a heavily loaded web site, or a news server with lots of - readers, you might want to consider turning off atime updates on your larger - partitions with this <a class="Xr">mount(8)</a> option. However, you should - not gratuitously turn off atime updates everywhere. For example, the - <span class="Pa">/var</span> file system customarily holds mailboxes, and - atime (in combination with mtime) is used to determine whether a mailbox has - new mail. You might as well leave atime turned on for mostly read-only - partitions such as <span class="Pa">/</span> and - <span class="Pa">/usr</span> as well. This is especially useful for - <span class="Pa">/</span> since some system utilities use the atime field - for reporting.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STRIPING_DISKS"><a class="permalink" href="#STRIPING_DISKS">STRIPING - DISKS</a></h1> -<p class="Pp">In larger systems you can stripe partitions from several drives - together to create a much larger overall partition. Striping can also - improve the performance of a file system by splitting I/O operations across - two or more disks. The <a class="Xr">gstripe(8)</a> and - <a class="Xr">ccdconfig(8)</a> utilities may be used to create simple - striped file systems. Generally speaking, striping smaller partitions such - as the root and <span class="Pa">/var/tmp</span>, or essentially read-only - partitions such as <span class="Pa">/usr</span> is a complete waste of time. - You should only stripe partitions that require serious I/O performance, - typically <span class="Pa">/var</span>, <span class="Pa">/home</span>, or - custom partitions used to hold databases and web pages. Choosing the proper - stripe size is also important. File systems tend to store meta-data on - power-of-2 boundaries and you usually want to reduce seeking rather than - increase seeking. This means you want to use a large off-center stripe size - such as 1152 sectors so sequential I/O does not seek both disks and so - meta-data is distributed across both disks rather than concentrated on a - single disk.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYSCTL_TUNING"><a class="permalink" href="#SYSCTL_TUNING">SYSCTL - TUNING</a></h1> -<p class="Pp"><a class="Xr">sysctl(8)</a> variables permit system behavior to be - monitored and controlled at run-time. Some sysctls simply report on the - behavior of the system; others allow the system behavior to be modified; - some may be set at boot time using <a class="Xr">rc.conf(5)</a>, but most - will be set via <a class="Xr">sysctl.conf(5)</a>. There are several hundred - sysctls in the system, including many that appear to be candidates for - tuning but actually are not. In this document we will only cover the ones - that have the greatest effect on the system.</p> -<p class="Pp">The <var class="Va">vm.overcommit</var> sysctl defines the - overcommit behaviour of the vm subsystem. The virtual memory system always - does accounting of the swap space reservation, both total for system and - per-user. Corresponding values are available through sysctl - <var class="Va">vm.swap_total</var>, that gives the total bytes available - for swapping, and <var class="Va">vm.swap_reserved</var>, that gives number - of bytes that may be needed to back all currently allocated anonymous - memory.</p> -<p class="Pp">Setting bit 0 of the <var class="Va">vm.overcommit</var> sysctl - causes the virtual memory system to return failure to the process when - allocation of memory causes <var class="Va">vm.swap_reserved</var> to exceed - <var class="Va">vm.swap_total</var>. Bit 1 of the sysctl enforces - <code class="Dv">RLIMIT_SWAP</code> limit (see - <a class="Xr">getrlimit(2)</a>). Root is exempt from this limit. Bit 2 - allows to count most of the physical memory as allocatable, except wired and - free reserved pages (accounted by - <var class="Va">vm.stats.vm.v_free_target</var> and - <var class="Va">vm.stats.vm.v_wire_count</var> sysctls, respectively).</p> -<p class="Pp">Due to the architecture of the <span class="Ux">FreeBSD</span> - virtual memory subsystem, the use of copy on write (CoW) anonymous memory, - e.g. on <a class="Xr">fork(2)</a>, causes swap reservation for all three - regions (VM objects): in the original pre-fork mapping, and its copies in - the parent and child, instead of only two. Eventually the subsystem tries to - optimize the internal layout of the tracking for CoW and often removes - (collapses) no longer needed backing objects, re-assigning its pages and - swap reservations to the copies. Collapsing frees the swap reserve, but it - is not guaranteed to happen.</p> -<p class="Pp">The <var class="Va">kern.ipc.maxpipekva</var> loader tunable is - used to set a hard limit on the amount of kernel address space allocated to - mapping of pipe buffers. Use of the mapping allows the kernel to eliminate a - copy of the data from writer address space into the kernel, directly copying - the content of mapped buffer to the reader. Increasing this value to a - higher setting, such as `25165824' might improve performance on systems - where space for mapping pipe buffers is quickly exhausted. This exhaustion - is not fatal; however, and it will only cause pipes to fall back to using - double-copy.</p> -<p class="Pp">The <var class="Va">kern.ipc.shm_use_phys</var> sysctl defaults to - 0 (off) and may be set to 0 (off) or 1 (on). Setting this parameter to 1 - will cause all System V shared memory segments to be mapped to unpageable - physical RAM. This feature only has an effect if you are either (A) mapping - small amounts of shared memory across many (hundreds) of processes, or (B) - mapping large amounts of shared memory across any number of processes. This - feature allows the kernel to remove a great deal of internal memory - management page-tracking overhead at the cost of wiring the shared memory - into core, making it unswappable.</p> -<p class="Pp">The <var class="Va">vfs.vmiodirenable</var> sysctl defaults to 1 - (on). This parameter controls how directories are cached by the system. Most - directories are small and use but a single fragment (typically 2K) in the - file system and even less (typically 512 bytes) in the buffer cache. - However, when operating in the default mode the buffer cache will only cache - a fixed number of directories even if you have a huge amount of memory. - Turning on this sysctl allows the buffer cache to use the VM Page Cache to - cache the directories. The advantage is that all of memory is now available - for caching directories. The disadvantage is that the minimum in-core memory - used to cache a directory is the physical page size (typically 4K) rather - than 512 bytes. We recommend turning this option off in memory-constrained - environments; however, when on, it will substantially improve the - performance of services that manipulate a large number of files. Such - services can include web caches, large mail systems, and news systems. - Turning on this option will generally not reduce performance even with the - wasted memory but you should experiment to find out.</p> -<p class="Pp">The <var class="Va">vfs.write_behind</var> sysctl defaults to 1 - (on). This tells the file system to issue media writes as full clusters are - collected, which typically occurs when writing large sequential files. The - idea is to avoid saturating the buffer cache with dirty buffers when it - would not benefit I/O performance. However, this may stall processes and - under certain circumstances you may wish to turn it off.</p> -<p class="Pp">The <var class="Va">vfs.hirunningspace</var> sysctl determines how - much outstanding write I/O may be queued to disk controllers system-wide at - any given time. It is used by the UFS file system. The default is self-tuned - and usually sufficient but on machines with advanced controllers and lots of - disks this may be tuned up to match what the controllers buffer. Configuring - this setting to match tagged queuing capabilities of controllers or drives - with average IO size used in production works best (for example: 16 MiB will - use 128 tags with IO requests of 128 KiB). Note that setting too high a - value (exceeding the buffer cache's write threshold) can lead to extremely - bad clustering performance. Do not set this value arbitrarily high! Higher - write queuing values may also add latency to reads occurring at the same - time.</p> -<p class="Pp">The <var class="Va">vfs.read_max</var> sysctl governs VFS - read-ahead and is expressed as the number of blocks to pre-read if the - heuristics algorithm decides that the reads are issued sequentially. It is - used by the UFS, ext2fs and msdosfs file systems. With the default UFS block - size of 32 KiB, a setting of 64 will allow speculatively reading up to 2 - MiB. This setting may be increased to get around disk I/O latencies, - especially where these latencies are large such as in virtual machine - emulated environments. It may be tuned down in specific cases where the I/O - load is such that read-ahead adversely affects performance or where system - memory is really low.</p> -<p class="Pp">The <var class="Va">vfs.ncsizefactor</var> sysctl defines how - large VFS namecache may grow. The number of currently allocated entries in - namecache is provided by <var class="Va">debug.numcache</var> sysctl and the - condition debug.numcache < kern.maxvnodes * vfs.ncsizefactor is adhered - to.</p> -<p class="Pp">The <var class="Va">vfs.ncnegfactor</var> sysctl defines how many - negative entries VFS namecache is allowed to create. The number of currently - allocated negative entries is provided by <var class="Va">debug.numneg</var> - sysctl and the condition vfs.ncnegfactor * debug.numneg < debug.numcache - is adhered to.</p> -<p class="Pp">There are various other buffer-cache and VM page cache related - sysctls. We do not recommend modifying these values.</p> -<p class="Pp">The <var class="Va">net.inet.tcp.sendspace</var> and - <var class="Va">net.inet.tcp.recvspace</var> sysctls are of particular - interest if you are running network intensive applications. They control the - amount of send and receive buffer space allowed for any given TCP - connection. The default sending buffer is 32K; the default receiving buffer - is 64K. You can often improve bandwidth utilization by increasing the - default at the cost of eating up more kernel memory for each connection. We - do not recommend increasing the defaults if you are serving hundreds or - thousands of simultaneous connections because it is possible to quickly run - the system out of memory due to stalled connections building up. But if you - need high bandwidth over a fewer number of connections, especially if you - have gigabit Ethernet, increasing these defaults can make a huge difference. - You can adjust the buffer size for incoming and outgoing data separately. - For example, if your machine is primarily doing web serving you may want to - decrease the recvspace in order to be able to increase the sendspace without - eating too much kernel memory. Note that the routing table (see - <a class="Xr">route(8)</a>) can be used to introduce route-specific send and - receive buffer size defaults.</p> -<p class="Pp">As an additional management tool you can use pipes in your - firewall rules (see <a class="Xr">ipfw(8)</a>) to limit the bandwidth going - to or from particular IP blocks or ports. For example, if you have a T1 you - might want to limit your web traffic to 70% of the T1's bandwidth in order - to leave the remainder available for mail and interactive use. Normally a - heavily loaded web server will not introduce significant latencies into - other services even if the network link is maxed out, but enforcing a limit - can smooth things out and lead to longer term stability. Many people also - enforce artificial bandwidth limitations in order to ensure that they are - not charged for using too much bandwidth.</p> -<p class="Pp">Setting the send or receive TCP buffer to values larger than 65535 - will result in a marginal performance improvement unless both hosts support - the window scaling extension of the TCP protocol, which is controlled by the - <var class="Va">net.inet.tcp.rfc1323</var> sysctl. These extensions should - be enabled and the TCP buffer size should be set to a value larger than - 65536 in order to obtain good performance from certain types of network - links; specifically, gigabit WAN links and high-latency satellite links. - RFC1323 support is enabled by default.</p> -<p class="Pp">The <var class="Va">net.inet.tcp.always_keepalive</var> sysctl - determines whether or not the TCP implementation should attempt to detect - dead TCP connections by intermittently delivering “keepalives” - on the connection. By default, this is enabled for all applications; by - setting this sysctl to 0, only applications that specifically request - keepalives will use them. In most environments, TCP keepalives will improve - the management of system state by expiring dead TCP connections, - particularly for systems serving dialup users who may not always terminate - individual TCP connections before disconnecting from the network. However, - in some environments, temporary network outages may be incorrectly - identified as dead sessions, resulting in unexpectedly terminated TCP - connections. In such environments, setting the sysctl to 0 may reduce the - occurrence of TCP session disconnections.</p> -<p class="Pp">The <var class="Va">net.inet.tcp.delayed_ack</var> TCP feature is - largely misunderstood. Historically speaking, this feature was designed to - allow the acknowledgement to transmitted data to be returned along with the - response. For example, when you type over a remote shell, the - acknowledgement to the character you send can be returned along with the - data representing the echo of the character. With delayed acks turned off, - the acknowledgement may be sent in its own packet, before the remote service - has a chance to echo the data it just received. This same concept also - applies to any interactive protocol (e.g., SMTP, WWW, POP3), and can cut the - number of tiny packets flowing across the network in half. The - <span class="Ux">FreeBSD</span> delayed ACK implementation also follows the - TCP protocol rule that at least every other packet be acknowledged even if - the standard 40ms timeout has not yet passed. Normally the worst a delayed - ACK can do is slightly delay the teardown of a connection, or slightly delay - the ramp-up of a slow-start TCP connection. While we are not sure we believe - that the several FAQs related to packages such as SAMBA and SQUID which - advise turning off delayed acks may be referring to the slow-start - issue.</p> -<p class="Pp">The <var class="Va">net.inet.ip.portrange.*</var> sysctls control - the port number ranges automatically bound to TCP and UDP sockets. There are - three ranges: a low range, a default range, and a high range, selectable via - the <code class="Dv">IP_PORTRANGE</code> <a class="Xr">setsockopt(2)</a> - call. Most network programs use the default range which is controlled by - <var class="Va">net.inet.ip.portrange.first</var> and - <var class="Va">net.inet.ip.portrange.last</var>, which default to 49152 and - 65535, respectively. Bound port ranges are used for outgoing connections, - and it is possible to run the system out of ports under certain - circumstances. This most commonly occurs when you are running a heavily - loaded web proxy. The port range is not an issue when running a server which - handles mainly incoming connections, such as a normal web server, or has a - limited number of outgoing connections, such as a mail relay. For situations - where you may run out of ports, we recommend decreasing - <var class="Va">net.inet.ip.portrange.first</var> modestly. A range of 10000 - to 30000 ports may be reasonable. You should also consider firewall effects - when changing the port range. Some firewalls may block large ranges of ports - (usually low-numbered ports) and expect systems to use higher ranges of - ports for outgoing connections. By default - <var class="Va">net.inet.ip.portrange.last</var> is set at the maximum - allowable port number.</p> -<p class="Pp">The <var class="Va">kern.ipc.soacceptqueue</var> sysctl limits the - size of the listen queue for accepting new TCP connections. The default - value of 128 is typically too low for robust handling of new connections in - a heavily loaded web server environment. For such environments, we recommend - increasing this value to 1024 or higher. The service daemon may itself limit - the listen queue size (e.g., <a class="Xr">sendmail(8)</a>, apache) but will - often have a directive in its configuration file to adjust the queue size - up. Larger listen queues also do a better job of fending off denial of - service attacks.</p> -<p class="Pp">The <var class="Va">kern.maxfiles</var> sysctl determines how many - open files the system supports. The default is typically a few thousand but - you may need to bump this up to ten or twenty thousand if you are running - databases or large descriptor-heavy daemons. The read-only - <var class="Va">kern.openfiles</var> sysctl may be interrogated to determine - the current number of open files on the system.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="LOADER_TUNABLES"><a class="permalink" href="#LOADER_TUNABLES">LOADER - TUNABLES</a></h1> -<p class="Pp">Some aspects of the system behavior may not be tunable at runtime - because memory allocations they perform must occur early in the boot - process. To change loader tunables, you must set their values in - <a class="Xr">loader.conf(5)</a> and reboot the system.</p> -<p class="Pp"><var class="Va">kern.maxusers</var> controls the scaling of a - number of static system tables, including defaults for the maximum number of - open files, sizing of network memory resources, etc. - <var class="Va">kern.maxusers</var> is automatically sized at boot based on - the amount of memory available in the system, and may be determined at - run-time by inspecting the value of the read-only - <var class="Va">kern.maxusers</var> sysctl.</p> -<p class="Pp">The <var class="Va">kern.dfldsiz</var> and - <var class="Va">kern.dflssiz</var> tunables set the default soft limits for - process data and stack size respectively. Processes may increase these up to - the hard limits by calling <a class="Xr">setrlimit(2)</a>. The - <var class="Va">kern.maxdsiz</var>, <var class="Va">kern.maxssiz</var>, and - <var class="Va">kern.maxtsiz</var> tunables set the hard limits for process - data, stack, and text size respectively; processes may not exceed these - limits. The <var class="Va">kern.sgrowsiz</var> tunable controls how much - the stack segment will grow when a process needs to allocate more stack.</p> -<p class="Pp"><var class="Va">kern.ipc.nmbclusters</var> may be adjusted to - increase the number of network mbufs the system is willing to allocate. Each - cluster represents approximately 2K of memory, so a value of 1024 represents - 2M of kernel memory reserved for network buffers. You can do a simple - calculation to figure out how many you need. If you have a web server which - maxes out at 1000 simultaneous connections, and each connection eats a 16K - receive and 16K send buffer, you need approximately 32MB worth of network - buffers to deal with it. A good rule of thumb is to multiply by 2, so 32MBx2 - = 64MB/2K = 32768. So for this case you would want to set - <var class="Va">kern.ipc.nmbclusters</var> to 32768. We recommend values - between 1024 and 4096 for machines with moderates amount of memory, and - between 4096 and 32768 for machines with greater amounts of memory. Under no - circumstances should you specify an arbitrarily high value for this - parameter, it could lead to a boot-time crash. The - <code class="Fl">-m</code> option to <a class="Xr">netstat(1)</a> may be - used to observe network cluster use.</p> -<p class="Pp">More and more programs are using the <a class="Xr">sendfile(2)</a> - system call to transmit files over the network. The - <var class="Va">kern.ipc.nsfbufs</var> sysctl controls the number of file - system buffers <a class="Xr">sendfile(2)</a> is allowed to use to perform - its work. This parameter nominally scales with - <var class="Va">kern.maxusers</var> so you should not need to modify this - parameter except under extreme circumstances. See the - <a class="Sx" href="#TUNING">TUNING</a> section in the - <a class="Xr">sendfile(2)</a> manual page for details.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SCHEDULERS"><a class="permalink" href="#SCHEDULERS">SCHEDULERS</a></h1> -<p class="Pp"><span class="Ux">FreeBSD</span> allows having more than one - scheduler specified in the kernel config, and the desired scheduler selected - from them at boot time. Right now the options are:</p> -<dl class="Bl-tag"> - <dt><code class="Cd">SCHED_ULE</code></dt> - <dd>The modern scheduler with O(1) thread selection behavior.</dd> - <dt><code class="Cd">SCHED_4BSD</code></dt> - <dd>Classic scheduler inherited from 4.x BSD.</dd> -</dl> -<p class="Pp">At least one option must be specified. - <code class="Cd">SCHED_ULE</code> is used by default if compiled in.</p> -<p class="Pp">The <var class="Va">kern.sched.available</var> sysctl provides the - comma-separated list of available (compiled in) schedulers. The - <var class="Va">kern.sched.name</var> loader tunable can be set to select - the desired scheduler at boot time. The - <var class="Va">kern.sched.name</var> sysctl reports which scheduler is - used.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="KERNEL_CONFIG_TUNING"><a class="permalink" href="#KERNEL_CONFIG_TUNING">KERNEL - CONFIG TUNING</a></h1> -<p class="Pp">There are a number of kernel options that you may have to fiddle - with in a large-scale system. In order to change these options you need to - be able to compile a new kernel from source. The <a class="Xr">config(8)</a> - manual page and the handbook are good starting points for learning how to do - this. Generally the first thing you do when creating your own custom kernel - is to strip out all the drivers and services you do not use. Removing things - like <code class="Dv">INET6</code> and drivers you do not have will reduce - the size of your kernel, sometimes by a megabyte or more, leaving more - memory available for applications.</p> -<p class="Pp"><code class="Dv">SCSI_DELAY</code> may be used to reduce system - boot times. The defaults are fairly high and can be responsible for 5+ - seconds of delay in the boot process. Reducing - <code class="Dv">SCSI_DELAY</code> to something below 5 seconds could work - (especially with modern drives).</p> -<p class="Pp">There are a number of <code class="Dv">*_CPU</code> options that - can be commented out. If you only want the kernel to run on a Pentium class - CPU, you can easily remove <code class="Dv">I486_CPU</code>, but only remove - <code class="Dv">I586_CPU</code> if you are sure your CPU is being - recognized as a Pentium II or better. Some clones may be recognized as a - Pentium or even a 486 and not be able to boot without those options. If it - works, great! The operating system will be able to better use higher-end CPU - features for MMU, task switching, timebase, and even device operations. - Additionally, higher-end CPUs support 4MB MMU pages, which the kernel uses - to map the kernel itself into memory, increasing its efficiency under heavy - syscall loads.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="CPU,_MEMORY,_DISK,_NETWORK"><a class="permalink" href="#CPU,_MEMORY,_DISK,_NETWORK">CPU, - MEMORY, DISK, NETWORK</a></h1> -<p class="Pp">The type of tuning you do depends heavily on where your system - begins to bottleneck as load increases. If your system runs out of CPU (idle - times are perpetually 0%) then you need to consider upgrading the CPU or - perhaps you need to revisit the programs that are causing the load and try - to optimize them. If your system is paging to swap a lot you need to - consider adding more memory. If your system is saturating the disk you - typically see high CPU idle times and total disk saturation. - <a class="Xr">systat(1)</a> can be used to monitor this. There are many - solutions to saturated disks: increasing memory for caching, mirroring - disks, distributing operations across several machines, and so forth.</p> -<p class="Pp">Finally, you might run out of network resources. Optimize the - network path as much as possible. For example, in - <a class="Xr">firewall(7)</a> we describe a firewall protecting internal - hosts with a topology where the externally visible hosts are not routed - through it. Most bottlenecks occur at the WAN link. If expanding the link is - not an option it may be possible to use the <a class="Xr">dummynet(4)</a> - feature to implement peak shaving or other forms of traffic shaping to - prevent the overloaded service (such as web services) from affecting other - services (such as email), or vice versa. In home installations this could be - used to give interactive traffic (your browser, <a class="Xr">ssh(1)</a> - logins) priority over services you export from your box (web services, - email).</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">netstat(1)</a>, <a class="Xr">systat(1)</a>, - <a class="Xr">sendfile(2)</a>, <a class="Xr">ata(4)</a>, - <a class="Xr">dummynet(4)</a>, <a class="Xr">eventtimers(4)</a>, - <a class="Xr">ffs(4)</a>, <a class="Xr">login.conf(5)</a>, - <a class="Xr">rc.conf(5)</a>, <a class="Xr">sysctl.conf(5)</a>, - <a class="Xr">firewall(7)</a>, <a class="Xr">hier(7)</a>, - <a class="Xr">ports(7)</a>, <a class="Xr">stats(7)</a>, - <a class="Xr">boot(8)</a>, <a class="Xr">bsdinstall(8)</a>, - <a class="Xr">ccdconfig(8)</a>, <a class="Xr">config(8)</a>, - <a class="Xr">fsck(8)</a>, <a class="Xr">gjournal(8)</a>, - <a class="Xr">gpart(8)</a>, <a class="Xr">gstripe(8)</a>, - <a class="Xr">ifconfig(8)</a>, <a class="Xr">ipfw(8)</a>, - <a class="Xr">loader(8)</a>, <a class="Xr">mount(8)</a>, - <a class="Xr">newfs(8)</a>, <a class="Xr">route(8)</a>, - <a class="Xr">sysctl(8)</a>, <a class="Xr">tunefs(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">tuning</code> manual page was originally - written by <span class="An">Matthew Dillon</span> and first appeared in - <span class="Ux">FreeBSD 4.3</span>, May 2001. The manual page was greatly - modified by <span class="An">Eitan Adler</span> - <<a class="Mt" href="mailto:eadler@FreeBSD.org">eadler@FreeBSD.org</a>>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">April 9, 2026</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> |