- •Table of Contents
- •Dedication
- •Foreword
- •Introduction
- •What Is FreeBSD?
- •How Did FreeBSD Get Here?
- •The BSD License: BSD Goes Public
- •The Birth of Modern FreeBSD
- •FreeBSD Development
- •Committers
- •Contributors
- •Users
- •Other BSDs
- •NetBSD
- •OpenBSD
- •Other UNIXes
- •Solaris
- •Linux
- •IRIX, HPUX, etc.
- •FreeBSD's Strengths
- •Portability
- •Power
- •Simplified Software Management
- •Optimized Upgrade Process
- •Filesystem
- •Who Should Use FreeBSD
- •FreeBSD as Your Desktop
- •Who Should Run Another BSD
- •Who Should Run a Proprietary Operating System
- •How to Read This Book
- •What Must You Know?
- •How to Think About UNIX
- •Channels of Communication
- •Working with Channels
- •The Command Line
- •Chapter 1: Installation
- •FreeBSD Hardware
- •Processor
- •Memory (RAM)
- •Hard Drives
- •Downloading FreeBSD
- •Installing by FTP
- •Other FTP Install Information
- •Hardware Setup
- •Actually Installing FreeBSD
- •Configuring the Kernel for ISA Cards
- •Sysinstall: The Ugly FreeBSD Installer
- •Disk Usage
- •Partitioning
- •Root
- •Swap Space
- •Swap Splitting
- •/var, /usr, and /home
- •A Second Hard Drive
- •Soft Updates
- •Block Size
- •What to Install
- •Installation Media
- •Committing
- •Root Password
- •Adding Users
- •Time Zone
- •Mouse
- •Configuring Network Cards
- •Xfree86
- •Software
- •Restart
- •A Note on Editors
- •Chapter 2: Getting More Help
- •Why Not Mail First?
- •The FreeBSD Attitude
- •Man Pages
- •The FreeBSD Manual
- •Man Page Headings
- •The FreeBSD Documentation
- •The Mailing List Archives
- •Other Web Sites
- •Checking the Handbook/FAQ
- •Checking the Man Pages
- •Checking the Mailing List Archives
- •Using Your Answer
- •Mailing for Help
- •Chapter 3: Read This Before You Break Something Else! (Backup and Recovery)
- •Overview
- •System Backups
- •Tape Devices
- •How to Read Dmesg.boot
- •Controlling Your Tape Drive
- •Device Nodes
- •Using the TAPE Variable
- •The mt Command
- •Backup Programs
- •Dump/Restore
- •Restoring from an Archive
- •Checking the Contents of an Archive
- •Extracting Data from an Archive
- •Restoring Interactively
- •Recording What Happened
- •Revision Control
- •Getting Older Versions
- •Breaking Locks
- •Viewing Log Messages
- •Reviewing a File's Revision History
- •Ident and ident Strings
- •Going Further
- •The Fixit Disk
- •Chapter 4: Kernel Games
- •Overview
- •What Is the Kernel?
- •Configuring Your Kernel
- •Sysctl
- •Changing Sysctls
- •Setting Sysctls at Boot
- •Kernel Configuration with Loader.conf
- •Manually Configuring the Loader
- •Viewing Loaded Modules
- •Loading and Unloading Modules
- •Customizing the Kernel
- •Preparation
- •Your Backup Kernel
- •Editing Kernel Files
- •Basic Options
- •Multiple Processors
- •Device Entries
- •Building Your Kernel
- •Troubleshooting Kernel Builds
- •Booting an Alternate Kernel
- •Adding to the Kernel
- •LINT
- •Fixing Errors with Options
- •Tweaking Kernel Performance
- •Sharing Kernels
- •Chapter 5: Networking
- •Overview
- •Network Layers
- •The Physical Layer
- •The Physical Protocol Layer
- •The Logical Protocol Layer
- •The Application Layer
- •The Network in Practice
- •Mbufs
- •What Is a Bit?
- •Ethernet
- •Broadcasting
- •Address Resolution
- •Hubs and Switches
- •Netmasks
- •Netmask Tricks
- •Hexadecimal Netmasks
- •Unusable IP Addresses
- •Routing
- •Network Ports
- •Connecting to an Ethernet Network
- •Multiple IP Addresses on One Interface
- •Using Netstat
- •Chapter 6: Upgrading FreeBSD
- •Overview
- •FreeBSD Versions
- •Release
- •Snapshots
- •Security Updates
- •Which Release Should You Use?
- •Upgrade Methods
- •Upgrading via Sysinstall
- •Upgrading via CVSup
- •Simplifying the CVSup Upgrade Process
- •Building a Local CVSup Server
- •Controlling Access
- •Authentication
- •Combining Authentication and Access
- •Chapter 7: Securing Your System
- •Overview
- •Who Is the Enemy?
- •Script Kiddies
- •Disaffected Users
- •Skilled Attackers
- •FreeBSD Security Announcements
- •Subscribing
- •What You'll Get
- •Installation Security Profiles
- •Moderate
- •Extreme
- •Root, Groups, and Permissions
- •The root Password
- •Groups of Users
- •Primary Group
- •Some Interesting Default Groups
- •Group Permissions
- •Changing Permissions
- •Changing File Ownership
- •Assigning Permissions
- •File Flags
- •Viewing a File's Flags
- •Setting Flags
- •Securelevels
- •Setting Securelevels
- •Which Securelevel Do You Need?
- •What Won't Securelevel and File Flags Do?
- •Living with Securelevels
- •Programs That Can Be Hacked
- •Putting It All Together
- •Chapter 8: Advanced Security Features
- •Traffic Control
- •Default Accept vs. Default Deny
- •TCP Wrappers
- •Configuring Wrappers
- •Daemon Name
- •The Client List
- •Putting It All Together
- •Packet Filtering
- •IPFilter
- •IPFW
- •Default Accept and Default Deny in Packet Filtering
- •Basic Concepts of Packet Filtering
- •Implementing IPFilter
- •Configuring Your Server to Use Jail
- •Configuring Your Kernel to Use Jail
- •Client Setup
- •Final Jail Setup
- •Starting the Jail
- •Managing Jails
- •Shutting Down a Jail
- •Monitoring System Security
- •If You're Hacked
- •Chapter 9: Too Much Information About /etc
- •Overview
- •Varieties of /etc Files
- •Default Files
- •/etc/defaults/rc.conf
- •/etc/adduser.conf
- •/etc/crontab
- •/etc/dhclient.conf
- •/etc/fstab
- •/etc/hosts.allow
- •/etc/hosts.equiv
- •/etc/hosts.lpd
- •/etc/inetd.conf
- •/etc/locate.rc
- •/etc/login.access
- •/etc/login.conf
- •Specifying Default Environment Settings
- •/etc/mail/mailer.conf
- •/etc/make.conf and /etc/defaults/make.conf
- •/etc/master.passwd
- •/etc/motd
- •/etc/mtree/*
- •/etc/namedb/*
- •/etc/newsyslog.conf
- •/etc/passwd
- •/etc/periodic.conf and /etc/defaults/periodic.conf
- •/etc/printcap
- •Working with Printcap Entries
- •/etc/profile
- •/etc/protocols
- •/etc/rc.conf and /etc/defaults/rc.conf
- •/etc/resolv.conf
- •/etc/security
- •/etc/services
- •/etc/shells
- •/etc/spwd.db
- •/etc/sysctl.conf
- •/etc/syslog.conf
- •Chapter 10: Making Your System Useful
- •Overview
- •Making Software
- •The Pain and Pleasure of Source Code
- •Debugging
- •The Ports and Packages System
- •Ports
- •Finding Software
- •Legal Restrictions
- •Using Packages
- •Installing via FTP
- •What Does a Package Install?
- •Uninstalling Packages
- •Package Information
- •Controlling Pkg_add
- •Package Problems
- •Forcing an Install
- •Using Ports
- •Installing a Port
- •Using Make Install
- •Uninstalling and Reinstalling
- •Cleaning Up with Make Clean
- •Building Packages
- •Changing the Install Path
- •Setting Make Options Permanently
- •Upgrading Ports and Packages
- •Upgrading the Ports Collection
- •Ports Collection Upgrade Issues
- •Checking Software Versions
- •Hints for Upgrading
- •Chapter 11: Advanced Software Management
- •Overview
- •Startup and Shutdown Scripts
- •Typical Startup Script
- •Using Scripts to Manage Running Programs
- •Managing Shared Libraries
- •Ldconfig
- •Running Software from the Wrong OS
- •Recompilation
- •Emulation
- •ABI Implementation
- •Foreign Software Libraries
- •Installing and Enabling Linux Mode
- •Identifying Programs
- •What Is Linux_base?
- •Adding to Linux_base
- •Configuring Linux Shared Libraries
- •Installing Extra Linux Packages as RPMs
- •What Is SMP?
- •Kernel Assumptions
- •FreeBSD 3.0 SMP
- •FreeBSD 5 SMP
- •Using SMP
- •SMP and Upgrades
- •Chapter 12: Finding Hosts With DNS
- •How DNS Works
- •Basic DNS Tools
- •The Host Command
- •Getting Detailed Information with Dig
- •Looking Up Hostnames with Dig
- •More Dig Options
- •Configuring a DNS Client: The Resolver
- •Domain or Search Keywords
- •The Nameserver List
- •DNS Information Sources
- •The Hosts File
- •The Named Daemon
- •Zone Files
- •A Real Sample Zone
- •named.conf
- •/var/named/master/absolutebsd.com
- •Making Changes Work
- •Starting Named at Boottime
- •Checking DNS
- •Named Configuration Errors
- •Named Security
- •Controlling Information Order
- •More About BIND
- •Chapter 13: Managing Small Network Services
- •Bandwidth Control
- •Configuring IPFW
- •Reviewing IPFW Rules
- •Dummynet Queues
- •Directional Traffic Shaping
- •Certificates
- •Create a Request
- •Being Your Own CA
- •Testing SSH
- •Enabling SSH
- •Basics of SSH
- •Creating Keys
- •Confirming SSH Identity
- •SSH Clients
- •Connecting via SSH
- •Configuring SSH
- •System Time
- •Setting the Time Zone
- •Network Time Protocol
- •Ntpdate
- •Ntpd
- •Inetd
- •/etc/inetd.conf
- •Configuring Programs in Inetd
- •Inetd Security
- •Starting Inetd
- •Changing Inetd's Behavior
- •Chapter 14: Email Services
- •Email Overview
- •Where FreeBSD Fits In
- •The Email Protocol
- •Email Programs
- •Who Needs Sendmail?
- •Replacing Sendmail
- •Installing Postfix
- •Pieces of Postfix
- •Configuring Postfix
- •Email Aliases
- •Email Logging
- •Virtual Domains
- •Postfix Commands
- •Finding the Correct Mail Host
- •Undeliverable Mail
- •Installing POP3
- •Testing POP3
- •POP3 Logging
- •POP3 Modes
- •Qpopper Preconfiguration Questions
- •Default Qpopper Configuration
- •APOP Setup
- •Configuring Pop3ssl
- •Qpopper Security
- •Chapter 15: Web and FTP Services
- •Overview
- •How a Web Server Works
- •The Apache Web Server
- •Apache Configuration Files
- •Configuring Apache
- •Controlling Apache
- •Virtual Hosting
- •Tweaking Virtual Hosts
- •.NET on FreeBSD
- •Installing the SSCLI
- •FTP Security
- •The FTP Client
- •The FTP Server
- •Chapter 16: Filsystems and Disks
- •Device Nodes
- •Hard Disks and Partitions
- •The /etc/fstab File
- •Disk Basics
- •The Fast File System
- •Vnodes
- •FFS Mount Types
- •FFS Mount Options
- •What's Mounted Now?
- •Dirty Disks
- •Fsck
- •Mounting and Unmounting Disks
- •Mounting Standard Filesystems
- •Mounting with Options
- •Mounting All Standard Filesystems
- •Mounting at Nonstandard Locations
- •Unmounting
- •Soft Updates
- •Enabling Soft Updates
- •IDE Write Caching and Soft Updates
- •Virtual Memory Directory Caching
- •Mounting Foreign Filesystems
- •Using Foreign Mounts
- •Foreign Filesystem Types
- •Mount Options and Foreign Filesystems
- •Filesystem Permissions
- •Removable Media and /etc/fstab
- •Creating a Floppy
- •Creating an FFS Filesystem
- •The Basics of SCSI
- •SCSI Types
- •SCSI Adapters
- •SCSI Buses
- •Termination and Cabling
- •SCSI IDs and LUNs
- •FreeBSD and SCSI
- •Wiring Down Devices
- •Adding New Hard Disks
- •Creating Slices
- •Creating Partitions
- •Configuring /etc/fstab
- •Installing Existing Files onto New Disks
- •Temporary Mounts
- •Moving Files
- •Stackable Mounts
- •Chapter 17: RAID
- •Hardware vs. Software RAID
- •RAID Levels
- •Software RAID
- •Vinum Disk Components
- •Vinum Plex Types
- •Preparing Vinum Drives
- •Dedicating Partitions to Vinum
- •Configuring Vinum
- •Concatenated Plex
- •Removing Vinum Configuration
- •Striped Volumes
- •Mirrored Volumes
- •Starting Vinum at Boot
- •Other Vinum Commands
- •Replacing a Failed Mirrored Plex
- •Chapter 18: System Performance
- •Overview
- •Computer Resources
- •Disk Input/Output
- •Network Bandwidth
- •CPU and Memory
- •Using Top
- •Memory Usage
- •Swap Space Usage
- •CPU Usage
- •When Swap Goes Bad
- •Paging
- •Swapping
- •Are You Swapping or Paging?
- •Fairness in Benchmarking
- •The Initial Test
- •Using Both CPUs
- •Directory Caching
- •Moving /usr/obj
- •Lessons Learned
- •Chapter 19: Now What's It Doing?
- •Status Mails
- •Forwarding Reports
- •Logging with Syslogd
- •Facilities
- •Levels
- •Syslog.conf
- •Wildcards
- •Rotating Logs with Newsyslog.conf
- •Reporting with SNMP
- •Basics of SNMP
- •MIBs
- •Snmpwalk
- •Specific Snmpwalk Queries
- •Translating Between Numbers and Names
- •Setting Up Snmpd
- •Index Numbers
- •Configuring MRTG
- •Sample mrtg.cfg Entry
- •Testing MRTG
- •Tracking Other System Values
- •Monitoring a Single MIB
- •Customizing MRTG
- •MRTG Index Page
- •Sample MRTG Configurations
- •Chapter 20: System Crashes and Panics
- •What Causes Panics?
- •What Does a Panic Look Like?
- •Responding to a Panic
- •Prerequisites
- •Crash Dump Process
- •The Debugging Kernel
- •kernel.debug
- •Dumpon
- •Savecore
- •Upon a Crash
- •Dumps and Bad Kernels
- •Using the Dump
- •Advanced Kernel Debugging
- •Examining Lines
- •Examining Variables
- •Apparent Gdb Weirdness
- •Results
- •Vmcore and Security
- •Symbols vs. No Symbols
- •Serial Consoles
- •Hardware Serial Console
- •Software Serial Console
- •Changing the Configuration
- •Using a Serial Console
- •Serial Login
- •Emergency Logon Setup
- •Disconnecting the Serial Console
- •Submitting a Problem Report
- •Problem Report System
- •What's in a PR?
- •Filling Out the Form
- •PR Results
- •Chapter 21: Desktop FreeBSD
- •Overview
- •Accessing File Shares
- •Prerequisites
- •Character Sets
- •Kernel Support for CIFS
- •SMB Tools
- •Configuring CIFS
- •Minimum Configuration: Name Resolution
- •Other smbutil Functions
- •Mounting a Share
- •Other mount_smbfs Options
- •Sample nsmb.conf Entries
- •CIFS File Ownership
- •Serving Windows File Shares
- •Accessing Print Servers
- •Running a Local Lpd
- •Printer Testing
- •Local Printers
- •X: A Graphic Interface
- •X Prerequisites
- •X Versions
- •Configuring X
- •Making X Look Decent
- •Desktop Applications
- •Web Browsers
- •Email Readers
- •Office Suites
- •Music
- •Graphics
- •Desk Utilities
- •Games
- •Afterword
- •Overview
- •The Community
- •What Can You Do?
- •Getting Things Done
- •Second Opinions
- •Appendix: Some Useful SYSCTL MIBs
- •List of Figures
- •Chapter 1: Installation
- •Chapter 5: Networking
- •Chapter 6: Upgrading FreeBSD
- •Chapter 19: Now What's It Doing?
- •List of Tables
- •Chapter 4: Kernel Games
- •Chapter 5: Networking
- •Chapter 8: Advanced Security Features
- •Chapter 9: Too Much Information About /etc
- •List of Sidebars
- •Chapter 15: Web and FTP Services
NOPORTDOCS=true Various pieces of software in the ports collection have extensive documentation that is generally installed under /usr/local/share. If you set this option, this documentation is not installed. If you have a test machine or workstation where you can install the documentation, you can set this option on your servers.
HAVE_MOTIF=yes Motif is a software graphics library that many ports try to use to provide various graphic widgets. Motif was very expensive for several years, but free versions are available under /usr/ports/x11−toolkits/lesstif and /usr/ports/x11−toolkits/open−motif. If you have either of these toolkits installed, set HAVE_MOTIF.
/etc/master.passwd
This file contains usernames and passwords. When you log in, the password you type is compared with the one in this file.
The /etc/master.passwd file is important enough that there's a special program just for editing it. Vipw(8) calls up the text editor from $EDITOR, allows you to make your changes, and checks the file syntax before allowing you to save it. Vipw also updates the password databases. This prevents many of the more basic mistakes, but if you're really bent on corrupting /etc/master.passwd, vipw will make life more difficult but won't stop you.
When vipw finally allows you to save your work, it also recreates the file /etc/passwd. This file can only be read by root.
If the information in /etc/master.passwd conflicts with that in other files, programs generally assume that /etc/master.passwd is correct. For example, /etc/group sometimes doesn't list a user's primary group. The primary group that appears in /etc/passwd is correct, even when it isn't listed in /etc/group.
Many programs need access to the information in /etc/master.passwd–for example, shells and home directories must be public information. Rather than allowing anyone to read this file and try to reverse−engineer the encrypted passwords, FreeBSD provides globally readable bits of this file in /etc/passwd.
Fields
Each line in /etc/master.passwd contains ten fields, separated by colons. These are described in the following sections.
Username The first field in lines in /etc/master.passwd is the username. This is either an account created by the administrator and used by a real user, or a user created at install time to provide some system service. FreeBSD includes a variety of system accounts, such as root, toor, daemon, games, uucp, and so on. Each of these users owns some part of the system. Various programs can run as these users.
Encrypted Password The second field is the encrypted password. System users don't generally have a password, so you can't log in as them. User accounts have a string of random−looking characters here.
One simple way to temporarily disable a user account is to edit the password file and put an asterisk
(*) in front of the password. While the account will still be active, nobody will be able to log in to it. I've used this to great effect when a client was behind on a bill; they call quite quickly when they
207
can't log in.
User ID The third field is the user ID number, or UID. Every user has a unique UID.
Group ID Similarly, the fourth field is the group ID number, or GID. This is the user's primary group, as discussed in Chapter 7. Usually, this is the same as the UID, and the group has the same name as the username.
User's Class The next field is the user's class as defined in /etc/login.conf. You can change a user's class by using vipw and editing master.passwd directly, or with chsh(1).
Password Expiration The sixth field is the password expiration field. If you leave this blank, or if you're not running system accounting, passwords will not expire. The expiration field is filled in as seconds since the epoch. (The epoch is midnight, January 1, 1970).
Number of Seconds Since the Epoch Similarly, the seventh field is the number of seconds since the epoch until the entire account expires. If you aren't using system accounting, this is useless.
Gecos The gecos field contains the user's real name, office number, work phone number, and home phone number, all separated by commas. Do not use colons in this field; colons are reserved specifically for separating fields in /etc/master.passwd itself.
User's Home Directory The ninth field is the user's home directory. While this defaults to /home, you can move this anywhere you like. You'll just need to move the actual home directory when you change this field.
User's Shell Finally, the tenth field gives the user's shell. If this field is empty, the system assumes the user gets boring old /bin/sh.
/etc/motd
The motd, or message of the day file, is displayed to users when they log in. You can put system notices in this file, or other information you want shell users to see. Note that who sees this file is controlled by the welcome option in /etc/login.conf. You can have multiple message files, one for each login class.
/etc/mtree/*
The system upgrade processes use the /etc/mtree files. They have no effect on the daily running of the system. Mtree(8) builds directory hierarchies, usually so an automated installer can put programs in them. While you don't need to edit these files, it's nice to know why they're here.
/etc/namedb/*
The /etc/namedb files control the system nameserver. See Chapter 12 for details of how the files in /etc/namedb work.
/etc/newsyslog.conf
This file configures the rotation and deletion of logs. See Chapter 19 for details of the system logger.
208
/etc/passwd
Many programs require access to user information such as shell, real name, and so on. In older UNIX systems, this was stored in the /etc/passwd file, along with the actual encrypted passwd, and everyone could read this file. This became a problem as UNIX spread into universities. Computer science students had great fun trying to crack encrypted passwords, and regretfully succeeded on too many occasions. Hackers made /etc/passwd their target. Eventually, the encrypted passwords were moved to /etc/master.passwd. The /etc/passwd file remained as an information source for other programs.
The /etc/passwd file is generated from the /etc/master.passwd file by stripping out the class, change, and expire fields. The encrypted password is replaced with an asterisk. These are the remaining fields:
∙username
∙password (asterisk)
∙user ID number
∙group ID number
∙name
∙home directory
∙shell
See the /etc/master.passwd section for details on these fields.
/etc/periodic.conf and /etc/defaults/periodic.conf
The /etc/periodic.conf file is another one with a default in /etc/defaults, and overrides in /etc. Periodic(8) runs every day to handle basic daily maintenance. It's the source of the status messages mailed to root every day, and it can handle a variety of tasks, which are stored as shell scripts under /etc/periodic. (By default, periodic tries to run quite a few tasks that you might or might not need; the scripts are generally intelligent, though, and put as little load as possible on the system.) Every function available to the periodic program is enabled or disabled in periodic.conf.
Periodic runs programs either daily, weekly, or monthly. Each set of programs has its own settings; for example, programs that run daily are configured separately from programs that run monthly. These settings are controlled by entries in the /etc/periodic.conf file. Here are some standard entries from that file.
...............................................................................................
periodic_conf_files=" /etc/periodic.conf /etc/periodic.conf.local"
...............................................................................................
The preceding line tells the periodic program where to look for override files, and you can choose a location other than /etc/ for your customized configuration. Many systems mount their root filesystem as read−only, so you can put your override file elsewhere if you need to.
daily_output="root" This option tells periodic where to send the results of its daily checks. If you give a username, periodic will mail that user. Unless you have a user whose job it is to specifically read periodic mail, it's best to leave this at the default and forward root's email to an account you read. Alternatively, you can put a filename here and periodic will write to it like a log file. In this case, you can have newsyslog (see Chapter 19) rotate the periodic log.
209
daily_show_success="YES" If daily_show_success is set to yes, the daily message will include information on all successful checks.
daily_show_info="YES" When daily_show_info is set to yes, the daily message will include general information from the commands it runs.
daily_show_badconfig="NO" The daily message will include information on periodic commands it tried to run, but couldn't. These are generally harmless, and if you set daily_show_badconfig to no, you won't miss much. If you're interested, however, you can set this to yes and get a look at everything that happens.
Each of the scripts in the daily, weekly, and monthly directories under /etc/periodic has a brief description at the top of the script. Skim through those quickly. The defaults that are enabled are sensible for most circumstances, but there's extra functionality there that you might want to enable on some systems. Each script has a tunable knob in /etc/periodic.conf to enable or disable it, and more are being added continuously. Since anything I could list here would be obsolete before I could deliver the manuscript, let alone before the book reached you, I won't go into detail about the various scripts.
/etc/printcap
The /etc/printcap file controls printer setup. There are literally dozens and dozens of options for printers, from the cost per page to manually setting a string to feed a new sheet of paper. (We won't cover all of the options, but we will discuss the basics of printer management here.)
A UNIX printer system makes assumptions about a printer. By defining variables in /etc/printcap, you tell your printer system how your hardware differs from the classic UNIX printers of two decades ago. As you might guess, these differences can be extensive. (Fortunately, most printers understand PostScript. This greatly simplifies printer maintenance.)
If you're using FreeBSD on a network with an existing print server, you probably want to use that existing server. (See Chapter 21 for some example configurations.) When doing fine−grained printer tweaking, you might need some of the more exotic options FreeBSD provides. We'll discuss some of the ones you might need on a modern system in the following section.
Working with Printcap Entries
Each printer has its own /etc/printcap entry. Since all these variables let you create some very, very long lines, use a backslash character (\) to indicate that the entry hasn't finished and is continued on the next line. Use colons to separate variables. If you're using a backslash to make your entries readable, the second and subsequent lines must have a colon at both the beginning and end of the variable assignments.
The first entry in /etc/printcap is the printer name. If a printer has many names–such as "ThirdFloor", "AccountingOffice", and "BigLaserJet", list all of those names, separated by the pipe symbol (|).
Note In FreeBSD, and almost all other versions of UNIX, the default printer is named "lp". Various programs expect to find a printer named lp. It's simplest to assign this name to your preferred printer.
After the printer's name, list the variables that define that particular printer. A comprehensive list would contain much that you'll never need, but we'll look at some of the variables that are either in
210
more common use today or that are useful on modern networks. Let's first look at a simple sample printcap entry and see how it's set up. Then we can examine the variables that allow you to fine−tune your printer's behavior.
...............................................................................................
lp|SalesPS|ThirdFloorPrinter:\
:rp=SalesPS:\
:rm=printserver:\
:sd=/var/spool/output/lpd:\
:lf=/var/log/lpd−errs:
...............................................................................................
This printer is called lp, as well as SalesPS and ThirdFloorPrinter. The remote printer name, as the print server calls it, is SalesPS. The print server is a machine with a TCP/IP network name of printserver. Print jobs are stored in /var/spool/output/lpd while they're being processed, and printing errors are logged to /var/log/lpd−errs. (See Chapter 21 for some hints on setting up a printer.)
The following are some of the most commonly set options for printing in UNIX.
...............................................................................................
:ct=120:
...............................................................................................
This is the network connection timout. You can use ct to control the timeout for remote network printers. If a printer does not respond, the printer service will wait ct=x seconds before returning a failure. The default is 120 seconds, which is far too high for a modern local area network. Usually, if a printer doesn't respond within 30 seconds, you have a problem. Alternatively, if you're printing to some device on another continent, you might need to increase this to as high as 240.
...............................................................................................
:fo=false:
...............................................................................................
This stands for "form feed upon open." If this is set, the system will start each printing job with a blank sheet.
...............................................................................................
:if=/usr/libexec/lpr/input−filter:
...............................................................................................
As the preceding line shows, FreeBSD can preprocess printing requests it receives over the network. This allows you to do some nifty things, such as make a boring desktop inkjet printer behave like a PostScript printer. See /usr/ports/print/apsfilter for an excellent example of how this is done.
...............................................................................................
:lf=/var/log/printername:
...............................................................................................
This lets you specify the log file for this particular printer.
...............................................................................................
:lp=/dev/lp:
...............................................................................................
211