From d93fca6a7ab52f518d3e8aca1fc94139313b97ad Mon Sep 17 00:00:00 2001 From: rsc Date: Fri, 11 Feb 2005 19:21:47 +0000 Subject: new man pages --- man/man1/9p.1 | 10 +- man/man1/INDEX | 1 + man/man1/install.1 | 10 ++ man/man1/ndb.1 | 443 +++++++++++++++++++++++++++++++++++++++++++++++++++ man/man1/netkey.1 | 20 +++ man/man1/sam.1 | 6 + man/man1/secstore.1 | 44 +++-- man/man1/secstored.1 | 64 ++++++++ man/man1/tar.1 | 166 +++++++++++++++++++ 9 files changed, 740 insertions(+), 24 deletions(-) create mode 100644 man/man1/ndb.1 create mode 100644 man/man1/netkey.1 create mode 100644 man/man1/secstored.1 create mode 100644 man/man1/tar.1 (limited to 'man/man1') diff --git a/man/man1/9p.1 b/man/man1/9p.1 index 017dc0ef..12fc5f06 100644 --- a/man/man1/9p.1 +++ b/man/man1/9p.1 @@ -24,6 +24,9 @@ .I addr ] .B write +[ +.B -l +] .I path .br .B 9p @@ -56,7 +59,12 @@ to standard output .TP .B write write data on standard input to -.I path +.IR path ; +the +.B -l +option causes +.I write +to write one line at a time .TP .BR readfd ", " writefd like diff --git a/man/man1/INDEX b/man/man1/INDEX index b3a8f909..d5fb9425 100644 --- a/man/man1/INDEX +++ b/man/man1/INDEX @@ -39,6 +39,7 @@ iconv crop.1 cvs cvs.1 date date.1 db db.1 +stack db.1 dc dc.1 delatex deroff.1 deroff deroff.1 diff --git a/man/man1/install.1 b/man/man1/install.1 index 82e442d4..172bd8ef 100644 --- a/man/man1/install.1 +++ b/man/man1/install.1 @@ -63,6 +63,16 @@ checks whether the running system uses NPTL and sets in .B \*9/config accordingly. +The file +.B \*9/LOCAL.config +is appended to +.B config +after this auto-detection and can be used to override the choices. +If +.B LOCAL.config +contains a line +.B WSYS=nowsys +then the system is built without using X11. .SH FILES .TP .B \*9/lib/moveplan9.files diff --git a/man/man1/ndb.1 b/man/man1/ndb.1 new file mode 100644 index 00000000..a3cd5f4e --- /dev/null +++ b/man/man1/ndb.1 @@ -0,0 +1,443 @@ +.TH NDB 1 +.SH NAME +ndbquery, ndbmkhash, ndbmkdb, ndbipquery, ndbmkhosts \- network database +.SH SYNOPSIS +.B ndbquery +[ +.B -f +.I dbfile +] +.I "attr value" +[ +.I rattr +] +.br +.B ndbipquery +.I "attr value" +.I rattr... +.br +.B ndbmkhash +.I "file attr" +.br +.B ndbmkdb +.SH DESCRIPTION +The network database holds administrative information used by +.I authdial +(see +.IR authsrv (3)) +and +.I secstored (1). +.PP +.I Ndbquery +searches the database for an attribute of type +.I attr +and value +.IR value . +If +.I rattr +is not specified, all entries matched by the search are returned. +If +.I rattr +is specified, the value of the first pair with attribute +.I rattr +of all the matched entries is returned. +.PP +.I Ndbipquery +uses +.I ndbipinfo +(see +.IR ndb (2)) +to search for the values of the attributes +.I rattr +corresponding to the system +with entries of attribute type +.I attr +and +value +.IR value . +.PP +.I Ndbmkhash +creates a hash file for all entries with attribute +.I attr +in database file +.IR file . +The hash files are used by +.I ndbquery +and by the ndb library routines. +.\" .PP +.\" .I Ndb/cs +.\" is a server used by +.\" .IR dial (2) +.\" to translate network names. +.\" It is started at boot time. +.\" It finds out what networks are configured +.\" by looking for +.\" .B /net/*/clone +.\" when it starts. +.\" It can also be told about networks by writing +.\" to +.\" .B /net/cs +.\" a message of the form: +.\" .IP +.\" .B "add net1 net2 ..." +.\" .PP +.\" .I Ndb/cs +.\" also sets the system name in +.\" .B /dev/sysname +.\" if it can figure it out. +.\" The options are: +.\" .TP +.\" .B -f +.\" supplies the name of the data base file to use, +.\" default +.\" .BR /lib/ndb/local . +.\" .TP +.\" .B -x +.\" specifies the mount point of the +.\" network. +.\" .TP +.\" .B -n +.\" causes cs to do nothing but set the system name. +.\" .PP +.\" .I Ndb/csquery +.\" can be used to query +.\" .I ndb/cs +.\" to see how it resolves addresses. +.\" .I Ndb/csquery +.\" prompts for addresses and prints out what +.\" .I ndb/cs +.\" returns. +.\" .I Server +.\" defaults to +.\" .BR /net/cs . +.\" If any +.\" .I addrs +.\" are specified, +.\" .I ndb/csquery +.\" prints their translations and immediately exits. +.\" The exit status will be nil only if all addresses +.\" were successfully translated +.\" The +.\" .B -s +.\" flag sets exit status without printing any results. +.\" .PP +.\" .I Ndb/dns +.\" is a server used by +.\" .I ndb/cs +.\" and by remote systems to translate Internet domain names. +.\" .I Ndb/dns +.\" is started at boot time. +.\" By default +.\" .I dns +.\" serves only requests written to +.\" .BR /net/dns . +.\" The options are: +.\" .TP +.\" .B -f +.\" supplies the name of the data base file to use, +.\" default +.\" .BR /lib/ndb/local . +.\" .TP +.\" .B -x +.\" specifies the mount point of the +.\" network. +.\" .TP +.\" .B -s +.\" also answer domain requests sent to UDP port 53. +.\" .TP +.\" .B -n +.\" whenever a zone that we serve changes, send UDP NOTIFY +.\" messages to any dns slaves for that zone. +.\" .TP +.\" .B -z +.\" whenever we receive a UDP NOTIFY message, run +.\" .I program +.\" with the domain name of the area as its argument. +.\" .TP +.\" .B -r +.\" defer to other servers to resolve queries. +.\" .PP +.\" When the +.\" .B -r +.\" option is specified, the servers used come from the +.\" .I dns +.\" attribute in the database. For example, to specify a set of dns servers that +.\" will resolve requests for systems on the network +.\" .IR mh-net : +.\" .EX +.\" +.\" ipnet=mh-net ip=135.104.0.0 ipmask=255.255.0.0 +.\" dns=ns1.cs.bell-labs.com +.\" dns=ns2.cs.bell-labs.com +.\" dom=ns1.cs.bell-labs.com ip=135.104.1.11 +.\" dom=ns2.cs.bell-labs.com ip=135.104.1.12 +.\" +.\" .EE +.\" .PP +.\" The server for a domain is indicated by a database entry containing +.\" both a +.\" .I dom +.\" and a +.\" .I ns +.\" attribute. +.\" For example, the entry for the Internet root is: +.\" .EX +.\" +.\" dom= +.\" ns=A.ROOT-SERVERS.NET +.\" ns=B.ROOT-SERVERS.NET +.\" ns=C.ROOT-SERVERS.NET +.\" dom=A.ROOT-SERVERS.NET ip=198.41.0.4 +.\" dom=B.ROOT-SERVERS.NET ip=128.9.0.107 +.\" dom=C.ROOT-SERVERS.NET ip=192.33.4.12 +.\" +.\" .EE +.\" The last three lines provide a mapping for the +.\" server names to their ip addresses. This is only +.\" a hint and will be superseded from whatever is learned +.\" from servers owning the domain. +.\" .PP +.\" You can also serve a subtree of the domain name space from the local +.\" database. You indicate subtrees that you'ld like to serve by +.\" adding an +.\" .B soa= +.\" attribute to the root entry. +.\" For example, the Bell Labs CS research domain is: +.\" .EX +.\" +.\" dom=cs.bell-labs.com soa= +.\" refresh=3600 ttl=3600 +.\" ns=plan9.bell-labs.com +.\" ns=ns1.cs.bell-labs.com +.\" ns=ns2.cs.bell-labs.com +.\" mb=presotto@plan9.bell-labs.com +.\" mx=mail.research.bell-labs.com pref=20 +.\" mx=plan9.bell-labs.com pref=10 +.\" dnsslave=nslocum.cs.bell-labs.com +.\" dnsslave=vex.cs.bell-labs.com +.\" +.\" .EE +.\" Here, the +.\" .B mb +.\" entry is the mail address of the person responsible for the +.\" domain (default +.\" .BR postmaster ). +.\" The +.\" .B mx +.\" entries list mail exchangers for the domain name and +.\" .B refresh +.\" and +.\" .B ttl +.\" define the area refresh interval and the minimum TTL for +.\" records in this domain. +.\" The +.\" .B dnsslave +.\" entries specify slave DNS servers that should be notified +.\" when the domain changes. The notification also requires +.\" the +.\" .B -n +.\" flag. +.\" .PP +.\" You can also serve reverse lookups (returning the name that +.\" goes with an IP address) by adding an +.\" .B soa= +.\" attribute to the entry defining the root of the reverse space. +.\" For example, to provide reverse lookup for all addresses in +.\" starting with 135.104 you must have a record like: +.\" .EX +.\" +.\" dom=104.135.in-addr.arpa soa= +.\" refresh=3600 ttl=3600 +.\" ns=plan9.bell-labs.com +.\" ns=ns1.cs.bell-labs.com +.\" ns=ns2.cs.bell-labs.com +.\" .EE +.\" Notice the form of the reverse address, i.e., it's the bytes of the +.\" address range you are serving reversed and with +.\" .B .in-addr.arpa +.\" appended. This is a standard form for a domain name in an IPv4 PTR record. +.\" .PP +.\" If such an entry exists in the database, reverse addresses will +.\" automaticly be generated from any IP addresses in the database +.\" that are under this root. For example +.\" .EX +.\" +.\" dom=ns1.cs.bell-labs.com ip=135.104.1.11 +.\" .EE +.\" will automaticly create both forward and reverse entries for +.\" .B ns1.cs.bell-labs.com . +.\" Unlike other DNS servers, there's no way to generate +.\" inconsistent forward and reverse entries. +.\" .PP +.\" Delegation of a further subtree to another set of name servers +.\" is indicated by an +.\" .B soa=delegated +.\" attribute. +.\" .EX +.\" +.\" dom=bignose.cs.research.bell-labs.com +.\" soa=delegated +.\" ns=anna.cs.research.bell-labs.com +.\" ns=dj.cs.research.bell-labs.com +.\" +.\" .EE +.\" Nameservers within the delegated domain (as in this example) +.\" must have their IP addresses listed elsewhere in +.\" .I ndb +.\" files. +.\" .PP +.\" Wild-carded domain names can also be used. +.\" For example, to specify a mail forwarder for all Bell Labs research systems: +.\" .EX +.\" +.\" dom=*.research.bell-labs.com +.\" mx=research.bell-labs.com +.\" +.\" .EE +.\" `Cname' aliases may be established by adding a +.\" .B cname +.\" attribute giving the real domain name; +.\" the name attached to the +.\" .B dom +.\" attribute is the alias. +.\" `Cname' aliases are severely restricted; +.\" the aliases may have no other attributes than +.\" .B dom +.\" and are daily further restricted in their use by new RFCs. +.\" .EX +.\" +.\" cname=anna.cs.research.bell-labs.com dom=www.cs.research.bell-labs.com +.\" +.\" .EE +.\" .I Ndb/dnsquery +.\" can be used to query +.\" .I ndb/dns +.\" to see how it resolves requests. +.\" .I Ndb/dnsquery +.\" prompts for commands of the form +.\" .IP +.\" .I "domain-name request-type" +.\" .LP +.\" where +.\" .I request-type +.\" can be +.\" .BR ip , +.\" .BR mx , +.\" .BR ns , +.\" .BR cname , +.\" .BR ptr .... +.\" In the case of the inverse query type, +.\" .BR ptr , +.\" .I dnsquery +.\" will reverse the ip address and tack on the +.\" .B .in-addr.arpa +.\" for you. +.\" .PP +.\" .I Ndb/dnsdebug +.\" is like +.\" .I ndb/dnsquery +.\" but bypasses the local server. +.\" It communicates via UDP with the domain name servers +.\" in the same way that the local resolver would and displays +.\" all packets received. +.\" The query can be specified on the command line or +.\" can be prompted for. +.\" The queries look like those of +.\" .I ndb/dnsquery +.\" with one addition. +.\" .I Ndb/dnsdebug +.\" can be directed to query a particular name server by +.\" the command +.\" .BI @ name-server\f1. +.\" From that point on, all queries go to that name server +.\" rather than being resolved by +.\" .IR dnsdebug . +.\" The +.\" .B @ +.\" command returns query resolution to +.\" .IR dnsdebug . +.\" Finally, any command preceded by a +.\" .BI @ name-server +.\" sets the name server only for that command. +.\" .PP +.\" Normally +.\" .I dnsdebug +.\" uses the +.\" .B /net +.\" interface and the database file +.\" .BR /lib/ndb/local. +.\" The +.\" .B -x +.\" option directs +.\" .I dnsdebug +.\" to use the +.\" .B /net.alt +.\" interface and +.\" .B /lib/ndb/external +.\" file. +.\" The +.\" .B -r +.\" option is the same as for +.\" .IR ndb/dns . +.PP +.I Ndbmkdb +is used in concert with +.IR awk (1) +scripts to convert +uucp systems files and IP host files +into database files. +It is very specific to the situation at Murray Hill. +.PP +When the database files change underfoot, +running programs +track them properly. Nonetheless, to keep the database searches efficient +it is necessary to run +.I ndbmkhash +whenever the files are modified. +It may be profitable to control this by a frequent +.IR cron (8) +job. +.PP +.I Ndbmkhosts +generates a BSD style +.BR hosts , +.BR hosts.txt , +and +.B hosts.equiv +files from ndb data base files specified on the +command line (default +.B \*9/ndb/local +and +.BR \*9/ndb/friends ). +It only processes hosts whose domain names end in +.IR domname . +The output files are named +.BI db. domname \fR, +.BI equiv. domname \fR, +and +.BI txt. domname \fR. +For historical reasons, the default +.I domname +is +.BR research.att.com. +.SH EXAMPLE +.IP +.EX +% ndbquery sys helix +sys=helix dom=helix.research.bell-labs.com bootf=/mips/9powerboot + ip=135.104.117.31 ether=080069020427 + proto=il +.EE +.SH FILES +.TP +.B \*9/ndb/local +first database file searched +.TP +.B \*9/ndb/local.* +hash files for +.B \*9/ndb/local +.SH SOURCE +.B \*9/src/cmd/ndb +.SH SEE ALSO +.IR ndb (3), +.IR ndb (7) diff --git a/man/man1/netkey.1 b/man/man1/netkey.1 new file mode 100644 index 00000000..60f17bbb --- /dev/null +++ b/man/man1/netkey.1 @@ -0,0 +1,20 @@ +.TH NETKEY 1 +.SH NAME +netkey \- challenge-response authentication +.SH SYNOPSIS +.PP +.B netkey +.SH DESCRIPTION +.PP +.I Netkey +prompts for a password to encrypt network challenges. +It is a substitute for a SecureNet box. +.SH SOURCE +.B \*9/src/cmd/netkey.c +.SH "SEE ALSO" +.IR encrypt (3) +.PP +Robert Morris and Ken Thompson, +``UNIX Password Security,'' +.I AT&T Bell Laboratories Technical Journal +Vol 63 (1984), pp. 1649-1672 diff --git a/man/man1/sam.1 b/man/man1/sam.1 index b9d46d88..1c9dd5f7 100644 --- a/man/man1/sam.1 +++ b/man/man1/sam.1 @@ -41,6 +41,12 @@ which editing commands apply\(emwhereupon its menu entry is printed. The options are .TF -rmachine .TP +.B -a +Autoindent. In this mode, when a newline character is typed +in the terminal interface, +.I samterm +copies leading white space on the current line to the new line. +.TP .B -d Do not `download' the terminal part of .IR sam . diff --git a/man/man1/secstore.1 b/man/man1/secstore.1 index fb4bcd34..7df2a183 100644 --- a/man/man1/secstore.1 +++ b/man/man1/secstore.1 @@ -1,6 +1,6 @@ .TH SECSTORE 1 .SH NAME -aescbc, secstore, ipso \- secstore commands +aescbc, secstore \- secstore commands .SH SYNOPSIS .B secstore [ @@ -42,15 +42,14 @@ aescbc, secstore, ipso \- secstore commands -d .I cleartext -.PP -.B ipso -[ -.B -a -e -l -f -s -] [ -.I file -\&... -] -.PP +.\" .PP +.\" .B ipso +.\" [ +.\" .B -a -e -l -f -s +.\" ] [ +.\" .I file +.\" \&... +.\" ] .SH DESCRIPTION .PP .I Secstore @@ -91,39 +90,38 @@ bits of feedback to help the user detect mistyping. Option .B -i says that the password should be read from standard input -instead of from -.BR /dev/cons . +instead of from +.BR /dev/tty . .PP Option .B -n says that the password should be read from NVRAM +(see +.IR authsrv (2)) instead of from -.BR /dev/cons . -This option is unsupported. +.BR /dev/tty . .PP The server is -.BR tcp!$auth!5356 , +.BR tcp!$auth!secstore , or the server specified by option .BR -s . .PP For example, to add a secret to the file read by -.IR factotum (4) -at startup, open a new window, type +.IR factotum (4), +run .sp .EX - % ramfs -p; cd /tmp + % cd somewhere-private % auth/secstore -g factotum secstore password: % echo 'key proto=apop dom=x.com user=ehg !password=hi' >> factotum % auth/secstore -p factotum secstore password: - % read -m factotum > /mnt/factotum/ctl + % cat factotum | 9p write -l factotum/ctl .EE .PP and delete the window. -The first line creates an ephemeral memory-resident workspace, -invisible to others and automatically removed when the window is deleted. -The next three commands fetch the persistent copy of the secrets, +The middle commands fetch the persistent copy of the secrets, append a new secret, and save the updated file back to secstore. The final command loads the new secret into the running factotum. @@ -199,7 +197,7 @@ block chaining (CBC) mode. .B \*9/src/cmd/secstore .SH SEE ALSO .IR factotum (4), -Plan 9's \fIsecstore\fR(8) +.IR secstored (1) .SH BUGS There is deliberately no backup of files on the secstore, so .B -r diff --git a/man/man1/secstored.1 b/man/man1/secstored.1 new file mode 100644 index 00000000..655cca83 --- /dev/null +++ b/man/man1/secstored.1 @@ -0,0 +1,64 @@ +.TH SECSTORED 8 +.SH NAME +secstored, secuser \- secstore commands +.SH SYNOPSIS +.br +.B secstored +[-R] +[-S servername] +[-s tcp!*!5356] +[-x mountpoint] +.br +.B secuser +[-v] +username +.br +.PP +.SH DESCRIPTION +.PP +.I Secstored +serves requests from +.IR secstore (1). +The +.B -R +option supplements the password check with a +call to a RADIUS server, for checking hardware +tokens or other validation. +The +.BR -x mountpoint +option specifies an alternative to the default network +.BR /net . +.PP +.I Secuser +is an administrative command that runs on the +secstore machine, normally the authserver, +to create new accounts and +to change status on existing accounts. +It prompts for account information such as +password and expiration date, writing to +.BR \*9/secstore/who/$uid . +The +.B \*9/secstore +directory should be created mode 770 for the userid +or groupid of the secstored process. +.PP +By default, +.I secstored +warns the client if no account exists. +If you prefer to obscure this information, use +.I secuser +to create an account +.BR FICTITIOUS . +.SH FILES +.B \*9/secstore/who/$uid +secstore account name, expiration date, verifier +.br +.B \*9/secstore/store/$uid/ +users' files +.br +.B \*9/ndb/auth +for mapping local userid to RADIUS userid +.SH SOURCE +.B \*9/src/cmd/secstore +.SH SEE ALSO +.IR secstore (1) diff --git a/man/man1/tar.1 b/man/man1/tar.1 new file mode 100644 index 00000000..835957f3 --- /dev/null +++ b/man/man1/tar.1 @@ -0,0 +1,166 @@ +.TH TAR 1 +.SH NAME +tar \- archiver +.SH SYNOPSIS +.B tar +.I key +[ +.I file ... +] +.SH DESCRIPTION +.PP +.I Tar +saves and restores file trees. +It is most often used to transport a tree of files from one +system to another. +The +.I key +is a string that contains +at most one function letter plus optional modifiers. +Other arguments to the command are names of +files or directories to be dumped or restored. +A directory name implies all the contained +files and subdirectories (recursively). +.PP +The function is one of the following letters: +.TP +.B c +Create a new archive with the given files as contents. +.TP +.B r +The named files +are appended to the archive. +.TP +.B t +List all occurrences of each +.I file +in the archive, or of all files if there are no +.I file +arguments. +.TP +.B x +Extract the named files from the archive. +If a file is a directory, the directory is extracted recursively. +Modes are restored if possible. +If no file argument is given, extract the entire archive. +If the archive contains multiple entries for a file, +the latest one wins. +.PP +The modifiers are: +.TP +.B f +Use the next argument as the name of the archive instead of +the default standard input (for keys +.B x +and +.BR t ) +or standard output (for keys +.B c +and +.BR r ). +.TP +.B g +Use the next (numeric) argument as the group id for files in +the output archive. +.TP +.B k +(keep) +Modifies the behavior of +.B x +not to extract files which already exist. +.TP +.B m +Do not set the modification time on extracted files. +This is the default behavior; the flag exists only for compatibility with other tars. +.TP +.B p +Create archive in POSIX ustar format, +which raises the maximum pathname length from 100 to 256 bytes. +Ustar archives are recognised automatically by +.I tar +when reading archives. +This is the default behavior; the flag exists only for backwards compatibility +with older versions of tar. +.TP +.B P +Do not generate the POSIX ustar format. +.TP +.B R +When extracting, ignore leading slash on file names, +i.e., extract all files relative to the current directory. +.TP +.B T +Modifies the behavior of +.B x +to set the modified time +of each file to that specified in the archive. +.TP +.B u +Use the next (numeric) argument as the user id for files in +the output archive. This is only useful when moving files to +a non-Plan 9 system. +.TP +.B v +(verbose) +Print the name of each file treated +preceded by the function letter. +With +.BR t , +give more details about the +archive entries. +.TP +.B z +Operate on compressed tar archives. +The type of compression is inferred from the file name extension: +.IR gzip (1) +for +.B .tar.gz +and +.BR .tgz ; +.I bzip2 +(see +.IR gzip (1)) +for +.BR .tar.bz , +.BR .tbz , +.BR .tar.bz2 , +and +.BR .tbz2 ; +.I compress +(not distributed) +for +.B .tar.Z +and +.BR .tz . +If no extension matches, +.I gzip +is used. +The +.B z +flag is unnecessary (but allowed) when using the +.B t +and +.B x +verbs on archives with recognized extensions. +.SH EXAMPLES +.I Tar +can be used to copy hierarchies thus: +.IP +.EX +@{cd fromdir && tar cp .} | @{cd todir && tar xT} +.EE +.SH SOURCE +.B \*9/src/cmd/tar.c +.SH SEE ALSO +.IR ar (1), +.IR bundle (1) +.SH BUGS +There is no way to ask for any but the last +occurrence of a file. +.br +File path names are limited to +100 characters +(256 when using ustar format). +.br +The tar format allows specification of links and symbolic links, +concepts foreign to Plan 9: they are ignored. -- cgit v1.2.3