From owner-man-jp@jp.freebsd.org  Mon Jan 10 19:46:47 2000
Received: (from daemon@localhost)
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) id TAA94075;
	Mon, 10 Jan 2000 19:46:47 +0900 (JST)
	(envelope-from owner-man-jp@jp.FreeBSD.org)
Received: from serio.al.rim.or.jp (serio.al.rim.or.jp [202.247.191.123])
	by castle.jp.freebsd.org (8.9.3+3.2W/8.7.3) with ESMTP id TAA94070
	for <man-jp@jp.freebsd.org>; Mon, 10 Jan 2000 19:46:45 +0900 (JST)
	(envelope-from k-horik@yk.rim.or.jp)
Received: from mail1.rim.or.jp by serio.al.rim.or.jp (8.8.8/3.7W/HMX-12) with ESMTP id TAA16420 for <man-jp@jp.freebsd.org>; Mon, 10 Jan 2000 19:46:40 +0900 (JST)
Received: from localhost (pppa19.yk.rim.or.jp [202.247.186.19]) by mail1.rim.or.jp (3.7W/)
	id TAA14953 for <man-jp@jp.freebsd.org>; Mon, 10 Jan 2000 19:46:25 +0900 (JST)
To: man-jp@jp.freebsd.org
X-Mailer: Mew version 1.93 on Emacs 19.28 / Mule 2.3 (SUETSUMUHANA)
Mime-Version: 1.0
Content-Type: Multipart/Mixed;
	boundary="--Next_Part(Mon_Jan_10_18:21:58_2000_945)--"
Content-Transfer-Encoding: 7bit
Message-Id: <20000110194528C.k-horik@yk.rim.or.jp>
Date: Mon, 10 Jan 2000 19:45:28 +0900
From: Kazuo Horikawa <k-horik@yk.rim.or.jp>
X-Dispatcher: imput version 980905(IM100)
Lines: 4576
Reply-To: man-jp@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+990727
X-Sequence: man-jp 2110
Subject: [man-jp 2110] Call for updaters (4.0-20000105-CURRENT)
Errors-To: owner-man-jp@jp.freebsd.org
Sender: owner-man-jp@jp.freebsd.org
X-Originator: k-horik@yk.rim.or.jp

----Next_Part(Mon_Jan_10_18:21:58_2000_945)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

 $BKY@n$G$9!#(B
 4.0-20000105-CURRENT $B$G99?7C4Ev$7$FM_$7$$(B ($B$d$d(B) $BBgJ*$G$9!#(B
# $B$H$$$C$F$b!":9J,NLJ?6Q$O(B diff -u $B$N7k2L$G(B 11KB $B$G$9!#(B

[$B0lMw(B]
$BC4Ev(B	$B%^%K%e%"%kL>(B
	f77.1
	gcc.1
	grep.1
	make.1
	ipnat.5
	security.7
	ccdconfig.8
	disklabel.8
	isdnmonitor.8
	routed.8
	vinum.8
	vnconfig.8
	zic.8	

[$BC4EvJ}K!(B]
 man-jp $B08$K@k8@$7$F$/$@$5$$!#(B
 $B:n6H8e!"(Bman-jp-reviewer $B08$H(B horikawa@jp.FreeBSD.org $B08$KA4J8$rAwIU$7(B
$B$F$/$@$5$$!#(B

[$B$=$NB>(B]
 o 3.4-RELEASE $BF|K\8l%^%K%e%"%k<hF@J}K!(B
   - FTP $B$+$i<h$k(B:
     ftp://daemon.jp.FreeBSD.org/pub/FreeBSD-jp/man-jp/work/jpman-3.4.0/
   - CVSWeb $B$+$i<h$k(B:
     http://www.jp.freebsd.org/cgi/cvsweb.cgi/doc/ja_JP.eucJP/man
   - cvsup $B$9$k(B:
     doc/ja_JP.eucJP/man $B$r(B cvsup $B$9$k(B
   $BEy(B
 o $B86J8$N:9J,<hF@J}K!(B
   - CVSWeb $B$+$i<h$k(B:
     http://www.jp.freebsd.org/cgi/cvsweb.cgi/doc/ja_JP.eucJP/man
   - $B$3$N%a!<%k$NE:IU$r8+$k(B
   $BEy(B


----Next_Part(Mon_Jan_10_18:21:58_2000_945)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Description: diff_4.0-20000105-CURRENT_1
Content-Disposition: attachment; filename=diff_4.0-20000105-CURRENT_1

diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man1/gcc.1 man1/gcc.1
--- /home/horikawa/man-jp/work/fbsd-340r/man/man1/gcc.1	Mon Dec 20 14:46:07 1999
+++ man1/gcc.1	Wed Jan  5 22:55:06 2000
@@ -1,3 +1,4 @@
+.\" $FreeBSD: src/contrib/gcc/gcc.1,v 1.15 1999/10/26 08:57:00 obrien Exp $
 .\" Copyright (c) 1991, 1992, 1993, 1994 Free Software Foundation    -*-Text-*-
 .\" See section COPYING for conditions for redistribution
 .\"
@@ -20,10 +21,10 @@
 .if n .sp
 .if t .sp 0.4
 ..
-.Id $Id: gcc.1,v 1.4 1993/10/13 23:19:12 pesch Exp $
+.Id $Id: gcc.1,v 1.9 1998/12/16 20:55:57 law Exp $
 .TH GCC 1 "\*(Dt" "GNU Tools" "GNU Tools"
 .SH NAME
-gcc, g++ \- GNU project C and C++ Compiler (v2.7)
+gcc, g++ \- GNU project C and C++ Compiler (gcc-2.95.1)
 .SH SYNOPSIS
 .B gcc
 .RI "[ " option " | " filename " ].\|.\|."
@@ -157,6 +158,10 @@
 \-fexternal\-templates
 \-fno\-asm
 \-fno\-builtin
+\-fhosted
+\-fno\-hosted
+\-ffreestanding
+\-fno\-freestanding
 \-fno\-strict\-prototype
 \-fsigned\-bitfields
 \-fsigned\-char
@@ -186,7 +191,11 @@
 \-Wformat
 .RI \-Wid\-clash\- len
 \-Wimplicit
+\-Wimplicit\-int
+\-Wimplicit\-function\-declaration
 \-Winline
+\-Wlong\-long
+\-Wmain
 \-Wmissing\-prototypes
 \-Wmissing\-declarations
 \-Wnested\-externs
@@ -255,6 +264,9 @@
 \-funroll\-loops
 \-O
 \-O2
+\-O3
+\-O0
+\-Os
 .TP
 .B Preprocessor Options
 .RI \-A assertion
@@ -435,8 +447,13 @@
 .Sp
 .I i386 Options
 .br
+\-m386
 \-m486
+\-mpentium
+\-mpentiumpro
 \-mno\-486
+\-mcpu=\fIcpu type\fP
+\-march=\fIcpu type\fP
 \-msoft\-float
 \-mrtd
 \-mregparm
@@ -813,6 +830,20 @@
 \& from
 being builtin functions.
 .TP
+.B \-fhosted
+Compile for a hosted environment; this implies the `\|\c
+.B \-fbuiltin\c
+\&\|' option, and implies that suspicious declarations of
+.B main\c
+\& should be warned about.
+.TP
+.B \-ffreestanding
+Compile for a freestanding environment; this implies the `\|\c
+.B \-fno-builtin\c
+\&\|' option, and implies that
+.B main\c
+\& has no special requirements.
+.TP
 .B \-fno\-strict\-prototype
 Treat a function declaration with no arguments, such as `\|\c
 .B int foo
@@ -1724,8 +1755,24 @@
 \&\|'.
 .PP
 .TP
+.B \-Wimplicit-int
+Warn whenever a declaration does not specify a type.
+.TP
+.B \-Wimplicit-function-declaration
+Warn whenever a function is used before being declared.
+.TP
 .B \-Wimplicit
-Warn whenever a function or parameter is implicitly declared.
+Same as -Wimplicit-int and -Wimplicit-function-declaration.
+.TP
+.B \-Wmain
+Warn if the
+.B main
+function is declared or defined with a suspicious type.
+Typically, it is a function with external linkage, returning
+.B int\c
+\&, and
+taking zero or two arguments.
+
 .TP
 .B \-Wreturn\-type
 Warn whenever a function is defined with a return-type that defaults
@@ -1992,6 +2039,20 @@
 .B \-Wenum\-clash
 Warn about conversion between different enumeration types (C++ only).
 .TP
+.B \-Wlong-long
+Warn if
+.B long long \c
+type is used.  This is default.  To inhibit
+the warning messages, use flag `\|\c
+.B \-Wno\-long\-long\c
+\&\|'.  Flags `\|\c
+.B \-W\-long\-long\c
+\&\|' and `\|\c
+.B \-Wno\-long\-long\c
+\&\|' are taken into account only when flag `\|\c
+.B \-pedantic\c
+\&\|' is used.
+.TP
 .B \-Woverloaded\-virtual
 (C++ only.)
 In a derived class, the definitions of virtual functions must match
@@ -2151,6 +2212,25 @@
 .B gprof\c
 \& should be extended to process this data.
 .TP
+.B \-ax
+Generate extra code to read basic block profiling parameters from 
+file `bb.in' and write profiling results to file `bb.out'.
+`bb.in' contains a list of functions. Whenever a function on the list
+is entered, profiling is turned on. When the outmost function is left,
+profiling is turned off. If a function name is prefixed with `-'
+the function is excluded from profiling. If a function name is not
+unique it can be disambiguated by writing
+`/path/filename.d:functionname'. `bb.out' will list some available
+filenames.
+Four function names have a special meaning:
+`__bb_jumps__' will cause jump frequencies to be written to `bb.out'.
+`__bb_trace__' will cause the sequence of basic blocks to be piped 
+into `gzip' and written to file `bbtrace.gz'.
+`__bb_hidecall__' will cause call instructions to be excluded from
+the trace.
+`__bb_showret__' will cause return instructions to be included in
+the trace.
+.TP
 .BI "\-d" "letters"
 Says to make debugging dumps during compilation at times specified by
 .I letters\c
@@ -2386,6 +2466,12 @@
 does, along with also turning on
 .B \-finline\-functions.
 .TP
+.B \-Os
+Optimize for size. This enables all
+.B \-O2
+optimizations that do not typically increase code size.  It also performs
+further optimizations designed to reduce code size.
+.TP
 .B \-O0
 Do not optimize.
 .Sp
@@ -3531,6 +3617,44 @@
 Control whether or not code is optimized for a 486 instead of an
 386.  Code generated for a 486 will run on a 386 and vice versa.
 .TP
+.B \-mpentium
+Synonym for
+.B \-mcpu=pentium
+.TP
+.B \-mpentiumpro
+Synonym for
+.B \-mcpu=pentiumpro
+.TP
+.B \-mcpu=\fIcpu type\fP
+Assume the defaults for the machine type CPU TYPE when scheduling instructions.
+The choices for CPU TYPE are:
+.B i386,
+.B i486,
+.B i586
+(pentium),
+.B pentium,
+.B i686
+(pentiumpro), and
+.B pentiumpro.
+While picking a specific CPU TYPE will schedule things appropriately for that
+particular chip, the compiler will not generate any code that does not run on
+the i386 without the
+.B \-march=\fIcpu type\fP
+option being used.
+.TP
+.B \-march=\fIcpu type\fP
+Generate instructions for the machine type CPU TYPE.  The choices for CPU TYPE
+are:
+.B i386,
+.B i486,
+.B pentium,
+and
+.B pentiumpro.
+Specifying
+.B \-march=\fIcpu type\fP
+implies
+.B \-mcpu=\fIcpu type\fP.
+.TP
 .B \-msoft\-float
 Generate output containing library calls for floating point.
 .I Warning:
@@ -3974,7 +4098,7 @@
 .BI "\-fcall\-used\-" "reg"
 Treat the register named \c
 .I reg\c
-\& as an allocatable register that is
+\& as an allocable register that is
 clobbered by function calls.  It may be allocated for temporaries or
 variables that do not live across a call.  Functions compiled this way
 will not save and restore the register \c
@@ -3991,7 +4115,7 @@
 .BI "\-fcall\-saved\-" "reg"
 Treat the register named \c
 .I reg\c
-\& as an allocatable register saved by
+\& as an allocable register saved by
 functions.  It may be allocated even for temporaries or variables that
 live across a call.  Functions compiled this way will save and restore
 the register \c
@@ -4101,7 +4225,7 @@
 .B /tmp\c
 \&).
 .SH "SEE ALSO"
-cpp(1), as(1), ld(1), gdb(1).
+as(1), cpp(1), gdb(1), ld(1)
 .br
 .RB "`\|" gcc "\|', `\|" cpp \|',
 .RB "`\|" as "\|', `\|" ld \|',
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man1/grep.1 man1/grep.1
--- /home/horikawa/man-jp/work/fbsd-340r/man/man1/grep.1	Mon Dec 20 14:46:19 1999
+++ man1/grep.1	Wed Jan  5 22:55:19 2000
@@ -1,18 +1,71 @@
-.TH GREP 1 "1992 September 10" "GNU Project"
+.\" grep man page
+.\" $FreeBSD: src/gnu/usr.bin/grep/grep.1,v 1.14 2000/01/04 10:34:27 ru Exp $
+.if !\n(.g \{\
+.	if !\w|\*(lq| \{\
+.		ds lq ``
+.		if \w'\(lq' .ds lq "\(lq
+.	\}
+.	if !\w|\*(rq| \{\
+.		ds rq ''
+.		if \w'\(rq' .ds rq "\(rq
+.	\}
+.\}
+.de Id
+.ds Dt \\$4
+..
+.Id $Id: grep.1,v 1.7 1999/10/12 20:41:01 alainm Exp $
+.TH GREP 1 \*(Dt "GNU Project"
 .SH NAME
 grep, egrep, fgrep, zgrep \- print lines matching a pattern
 .SH SYNOPSIS
 .B grep
-[\-[AB] num]
-[\-HRPS]
-[\-CEFGLVabchilnqsvwx]
-[\-e expr]
-[\-f file]
-files...
-
+.RB [ \- [ ABC ]
+.IR NUM ]
+.RB [ \-EFGHLUVZabchilnqrsuvwxyz ]
+.RB [ \-e
+.I PATTERN
+|
+.B \-f
+.IR FILE ]
+.RB [ \-d
+.IR ACTION ]
+.RB [ \-\^\-directories=\fIACTION\fP ]
+.RB [ \-\^\-extended-regexp ]
+.RB [ \-\^\-fixed-strings ]
+.RB [ \-\^\-basic-regexp ]
+.RB [ \-\^\-regexp=\fIPATTERN\fP ]
+.RB [ \-\^\-file=\fIFILE\fP ]
+.RB [ \-\^\-ignore-case ]
+.RB [ \-\^\-word-regexp ]
+.RB [ \-\^\-line-regexp ]
+.RB [ \-\^\-line-regexp ]
+.RB [ \-\^\-no-messages ]
+.RB [ \-\^\-invert-match ]
+.RB [ \-\^\-version ]
+.RB [ \-\^\-help ]
+.RB [ \-\^\-byte-offset ]
+.RB [ \-\^\-line-number ]
+.RB [ \-\^\-with-filename ]
+.RB [ \-\^\-no-filename ]
+.RB [ \-\^\-quiet ]
+.RB [ \-\^\-silent ]
+.RB [ \-\^\-text ]
+.RB [ \-\^\-files-without-match ]
+.RB [ \-\^\-files-with-matches ]
+.RB [ \-\^\-count ]
+.RB [ \-\^\-before-context=\fINUM\fP ]
+.RB [ \-\^\-after-context=\fINUM\fP ]
+.RB [ \-\^\-context [ =\fINUM\fP ]]
+.RB [ \-\^\-binary ]
+.RB [ \-\^\-unix-byte-offsets ]
+.RB [ \-\^\-mmap ]
+.RB [ \-\^\-null ]
+.RB [ \-\^\-recursive ]
+.RB [ \-\^\-decompress ]
+.RI [ file .\|.\|.]
 .SH DESCRIPTION
 .PP
-.B Grep
+.B grep
 searches the named input
 .I files
 (or standard input if no files are named, or
@@ -30,131 +83,199 @@
 controlled by the following options.
 .PD 0
 .TP
-.B \-G
+.BR \-G ", " \-\^\-basic-regexp
 Interpret
 .I pattern
 as a basic regular expression (see below).  This is the default.
 .TP
-.B \-E
+.BR \-E ", " \-\^\-extended-regexp
 Interpret
 .I pattern
 as an extended regular expression (see below).
 .TP
-.B \-F
+.BR \-F ", " \-\^\-fixed-strings
 Interpret
 .I pattern
 as a list of fixed strings, separated by newlines,
 any of which is to be matched.
-.LP
+.PP
 In addition, two variant programs
 .B egrep
 and
 .B fgrep
 are available.
-.B Egrep
-is similar (but not identical) to
-.BR "grep\ \-E" ,
-and is compatible with the historical Unix
-.BR egrep .
-.B Fgrep
+.B egrep
+is the same as
+.BR "grep\ \-E" .
+.B fgrep
 is the same as
 .BR "grep\ \-F" .
-When called as 
-.BR zgrep , 
-the 
-.BR \-Z
-option is assumed.
+.B zgrep
+is the same as
+.BR "grep\ \-Z" .
 .PD
-.LP
+.PP
 All variants of
 .B grep
 understand the following options:
 .PD 0
 .TP
-.BI \- num
-Matches will be printed with
-.I num
-lines of leading and trailing context.  However,
-.B grep
-will never print any given line more than once.
-.TP
-.BI \-A " num"
+.BI \-A " NUM" "\fR,\fP \-\^\-after-context=" NUM
 Print
-.I num
+.I NUM
 lines of trailing context after matching lines.
 .TP
-.BI \-B " num"
+.BI \-B " NUM" "\fR,\fP \-\^\-before-context=" NUM
 Print
-.I num
+.I NUM
 lines of leading context before matching lines.
 .TP
-.B \-C
-Equivalent to
-.BR \-2 .
+.BI \-C " \fR[\fPNUM\fR]\fP" "\fR,\fP \-\^\-context\fR[\fP=" NUM\fR]\fP
+Print
+.I NUM
+lines (default 2) of output context.
 .TP
-.B \-V
+.BI \- NUM
+Same as
+.BI \-\^\-context= NUM
+lines of leading and trailing context.  However,
+.B grep
+will never print any given line more than once.
+.TP
+.BR \-V ", " \-\^\-version
 Print the version number of
 .B grep
 to standard error.  This version number should
 be included in all bug reports (see below).
 .TP
-.B \-a
-Don't search in binary files.
-.TP
-.B \-b
+.BR \-b ", " \-\^\-byte-offset
 Print the byte offset within the input file before
 each line of output.
 .TP
-.B \-c
+.BR \-c ", " \-\^\-count
 Suppress normal output; instead print a count of
 matching lines for each input file.
 With the
-.B \-v
+.BR \-v ", " \-\^\-invert-match
 option (see below), count non-matching lines.
 .TP
-.BI \-e " pattern"
+.BI \-d " ACTION" "\fR,\fP \-\^\-directories=" ACTION
+If an input file is a directory, use
+.I ACTION
+to process it.  By default,
+.I ACTION
+is
+.BR read ,
+which means that directories are read just as if they were ordinary files.
+If
+.I ACTION
+is
+.BR skip ,
+directories are silently skipped.
+If
+.I ACTION
+is
+.BR recurse ,
+.B
+grep reads all files under each directory, recursively;
+this is equivalent to the
+.B \-r
+option.
+.TP
+.BI \-e " PATTERN" "\fR,\fP \-\^\-regexp=" PATTERN
 Use
-.I pattern
+.I PATTERN
 as the pattern; useful to protect patterns beginning with
 .BR \- .
 .TP
-.BI \-f " file"
-Obtain the pattern from
-.IR file .
+.BI \-f " FILE" "\fR,\fP \-\^\-file=" FILE
+Obtain patterns from
+.IR FILE ,
+one per line.
+The empty file contains zero patterns, and therfore matches nothing.
 .TP
-.B \-h
+.BR \-H ", " \-\^\-with-filename
+Print the filename for each match.
+.TP
+.BR \-h ", " \-\^\-no-filename
 Suppress the prefixing of filenames on output
 when multiple files are searched.
 .TP
-.B \-i
+.BR \-i ", " \-\^\-ignore-case
 Ignore case distinctions in both the
 .I pattern
 and the input files.
 .TP
-.B \-L
+.BR \-L ", " \-\^\-files-without-match
 Suppress normal output; instead print the name
 of each input file from which no output would
-normally have been printed.
+normally have been printed.  The scanning will stop
+on the first match.
 .TP
-.B \-l
+.BR \-l ", " \-\^\-files-with-matches
 Suppress normal output; instead print
 the name of each input file from which output
-would normally have been printed.
+would normally have been printed.  The scanning will
+stop on the first match.
 .TP
-.B \-n
+.BR \-n ", " \-\^\-line-number
 Prefix each line of output with the line number
 within its input file.
 .TP
-.B \-q
-Quiet; suppress normal output.
-.TP
+.BR \-q ", " \-\^\-quiet ", " \-\^\-silent
+Quiet; suppress normal output.  The scanning will stop
+on the first match.
+Also see the
 .B \-s
+or
+.B \-\^\-no-messages
+option below.
+.TP
+.BR \-r ", " \-\^\-recursive
+Read all files under each directory, recursively;
+this is equivalent to the
+.B "\-d recurse"
+option.
+.TP
+.BR \-s ", " \-\^\-no-messages
 Suppress error messages about nonexistent or unreadable files.
+Portability note: unlike \s-1GNU\s0
+.BR grep ,
+traditional
+.B grep
+did not conform to \s-1POSIX.2\s0, because traditional
+.B grep
+lacked a
+.B \-q
+option and its
+.B \-s
+option behaved like \s-1GNU\s0
+.BR grep 's
+.B \-q
+option.
+Shell scripts intended to be portable to traditional
+.B grep
+should avoid both
+.B \-q
+and
+.B \-s
+and should redirect output to /dev/null instead.
 .TP
-.B \-v
+.BR \-a ", " \-\^\-text
+Do not suppress output lines that contain binary data.
+Normally, if the first few bytes of a file indicate that
+the file contains binary data,
+.B grep
+outputs only a message saying that the file matches the pattern.
+This option causes
+.B grep
+to act as if the file is a text file,
+even if it would otherwise be treated as binary.
+.TP
+.BR \-v ", " \-\^\-invert-match
 Invert the sense of matching, to select non-matching lines.
 .TP
-.B \-w
+.BR \-w ", " \-\^\-word-regexp
 Select only those lines containing matches that form whole words.
 The test is that the matching substring must either be at the
 beginning of the line, or preceded by a non-word constituent
@@ -162,44 +283,83 @@
 or followed by a non-word constituent character.  Word-constituent
 characters are letters, digits, and the underscore.
 .TP
-.B \-x
+.BR \-x ", " \-\^\-line-regexp
 Select only those matches that exactly match the whole line.
-
-.PP
-Following options are only available if compiled with FTS library:
-.PD 0
 .TP
-.BI \-H
-If the 
-.I \-R
-option is specified, symbolic links on the command line
-are followed.  (Symbolic links encountered in the tree traversal
-are not followed.)
-.TP
-.BI \-L
-If the 
-.I \-R
-option is specified, all symbolic links are followed.
-.TP
-.BI \-P
-If the 
-.I \-R
-option is specified, no symbolic links are followed.
-.TP
-.BI \-R
-Search in the file hierarchies
-rooted in the files instead of just the files themselves.
-
+.B \-y
+Obsolete synonym for
+.BR \-i .
+.TP
+.BR \-U ", " \-\^\-binary
+Treat the file(s) as binary.  By default, under MS-DOS and MS-Windows,
+.BR grep
+guesses the file type by looking at the contents of the first 32KB
+read from the file.  If
+.BR grep
+decides the file is a text file, it strips the CR characters from the
+original file contents (to make regular expressions with
+.B ^
+and
+.B $
+work correctly).  Specifying
+.B \-U
+overrules this guesswork, causing all files to be read and passed to the
+matching mechanism verbatim; if the file is a text file with CR/LF
+pairs at the end of each line, this will cause some regular
+expressions to fail.
+This option has no effect on platforms other than MS-DOS and
+MS-Windows.
+.TP
+.BR \-u ", " \-\^\-unix-byte-offsets
+Report Unix-style byte offsets.  This switch causes
+.B grep
+to report byte offsets as if the file were Unix-style text file, i.e. with
+CR characters stripped off.  This will produce results identical to running
+.B grep
+on a Unix machine.  This option has no effect unless
+.B \-b
+option is also used;
+it has no effect on platforms other than MS-DOS and MS-Windows.
+.TP
+.B \-\^\-mmap
+If possible, use the
+.BR mmap (2)
+system call to read input, instead of
+the default
+.BR read (2)
+system call.  In some situations,
+.B -\^-mmap
+yields better performance.  However,
+.B -\^-mmap
+can cause undefined behavior (including core dumps)
+if an input file shrinks while
+.B grep
+is operating, or if an I/O error occurs.
+.TP
+.BR \-Z ", " \-\^\-null
+Output a zero byte (the \s-1ASCII\s0
+.B NUL
+character) instead of the character that normally follows a file name.
+For example,
+.B "grep \-lZ"
+outputs a zero byte after each file name instead of the usual newline.
+This option makes the output unambiguous, even in the presence of file
+names containing unusual characters like newlines.  This option can be
+used with commands like
+.BR "find \-print0" ,
+.BR "perl \-0" ,
+.BR "sort \-z" ,
+and
+.B "xargs \-0"
+to process arbitrary file names,
+even those that contain newline characters.
+.PD
 .LP
-Following option is only available if compiled with zlib library:
+Following option is only available if compiled with zlib(3) library:
 .PD 0
 .TP
-.BI \-Z
-If the 
-.I \-Z
-option is specified, the input data will be
-decompressed before searching.
-.TP
+.B \-Z, --decompress
+Decompress the input data before searching.
 .PD
 .SH "REGULAR EXPRESSIONS"
 .PP
@@ -207,10 +367,10 @@
 Regular expressions are constructed analogously to arithmetic
 expressions, by using various operators to combine smaller expressions.
 .PP
-.B Grep
+.B grep
 understands two different versions of regular expression syntax:
-``basic'' and ``extended.''  In
-.RB "GNU\ " grep ,
+\*(lqbasic\*(rq and \*(lqextended.\*(rq  In
+.RB "\s-1GNU\s0\ " grep ,
 there is no difference in available functionality using either syntax.
 In other implementations, basic regular expressions are less powerful.
 The following description applies to extended regular expressions;
@@ -251,7 +411,7 @@
 .BR [:upper:] ,
 and
 .BR [:xdigit:].
-For example, 
+For example,
 .B [[:alnum:]]
 means
 .BR [0-9A-Za-z] ,
@@ -300,8 +460,7 @@
 .I not
 at the edge of a word.
 .PP
-A regular expression matching a single character may be followed
-by one of several repetition operators:
+A regular expression may be followed by one of several repetition operators:
 .PD 0
 .TP
 .B ?
@@ -323,11 +482,6 @@
 .I n
 or more times.
 .TP
-.BI {, m }
-The preceding item is optional and is matched at most
-.I m
-times.
-.TP
 .BI { n , m }
 The preceding item is matched at least
 .I n
@@ -377,12 +531,43 @@
 and
 .BR \e) .
 .PP
-In
+Traditional
+.B egrep
+did not support the
+.B {
+metacharacter, and some
+.B egrep
+implementations support
+.B \e{
+instead, so portable scripts should avoid
+.B {
+in
+.B egrep
+patterns and should use
+.B [{]
+to match a literal
+.BR { .
+.PP
+\s-1GNU\s0
 .B egrep
-the metacharacter
+attempts to support traditional usage by assuming that
 .B {
-loses its special meaning; instead use
-.BR \e{ .
+is not special if it would be the start of an invalid interval
+specification.  For example, the shell command
+.B "egrep '{1'"
+searches for the two-character string
+.B {1
+instead of reporting a syntax error in the regular expression.
+\s-1POSIX.2\s0 allows this behavior as an extension, but portable scripts
+should avoid it.
+.SH ENVIRONMENT
+The environment variable
+.B GREP_OPTIONS
+can hold a set of default
+options for
+.I grep.
+These options are interpreted first and can be overwritten by explicit command
+line parameters.
 .SH DIAGNOSTICS
 .PP
 Normally, exit status is 0 if matches were found,
@@ -395,8 +580,9 @@
 .SH BUGS
 .PP
 Email bug reports to
-.BR bug-gnu-utils@prep.ai.mit.edu .
-Be sure to include the word ``grep'' somewhere in the ``Subject:'' field.
+.BR bug-gnu-utils@gnu.org .
+Be sure to include the word \*(lqgrep\*(rq somewhere in the
+\*(lqSubject:\*(rq field.
 .PP
 Large repetition counts in the
 .BI { m , n }
@@ -408,3 +594,5 @@
 to run out of memory.
 .PP
 Backreferences are very slow, and may require exponential time.
+.\" Work around problems with some troff -man implementations.
+.br
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man1/make.1 man1/make.1
--- /home/horikawa/man-jp/work/fbsd-340r/man/man1/make.1	Mon Dec 20 14:51:32 1999
+++ man1/make.1	Wed Jan  5 22:59:43 2000
@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"	from: @(#)make.1	8.4 (Berkeley) 3/19/94
-.\" $FreeBSD: src/usr.bin/make/make.1,v 1.16.2.5 1999/12/05 12:36:19 cracauer Exp $
+.\" $FreeBSD: src/usr.bin/make/make.1,v 1.26 1999/12/05 12:23:03 cracauer Exp $
 .\"
 .Dd March 19, 1994
 .Dt MAKE 1
@@ -40,7 +40,7 @@
 .Nd maintain program dependencies
 .Sh SYNOPSIS
 .Nm make
-.Op Fl Beiknqrstv
+.Op Fl BPSeiknqrstv
 .Op Fl D Ar variable
 .Op Fl d Ar flags
 .Op Fl E Ar variable
@@ -51,29 +51,30 @@
 .Op Fl m Ar directory
 .Ek
 .Op Fl V Ar variable
-.Op Ar variable=value
+.Op Ar variable Ns No = Ns Ar value
 .Op Ar target ...
 .Sh DESCRIPTION
 .Nm Make
 is a program designed to simplify the maintenance of other programs.
-Its input is a list of specifications as to the files upon which programs
-and other files depend.
-.Nm Make
-searches a built-in path for this list.
-If the file
+Its input is a list of specifications 
+describing dependency relationships between the generation of
+files and programs.
+The first of
 .Ql Pa makefile
-exists along this path, it is read for this list of specifications.
-If it does not exist, the file
+and
 .Ql Pa Makefile
-is used.
+that can be found in either the current directory or a special object directory
+(see
+.Ql Va .OBJDIR )
+will be read for this list of specifications.
 If the file
 .Ql Pa .depend
-exists, it is also read (see
+can be found, it is also read (see
 .Xr mkdep 1) .
 .Pp
 This manual page is intended as a reference document only.
-For a more thorough description of
-.Nm make
+For a more thorough introduction to
+.Nm
 and makefiles, please refer to
 .%T "Make \- A Tutorial" .
 .Pp
@@ -82,15 +83,19 @@
 .It Fl B
 Try to be backwards compatible by executing a single shell per command and
 by executing the commands to make the sources of a dependency line in sequence.
+This is turned on by default unless
+.Fl j
+is used.
 .It Fl D Ar variable
 Define
 .Ar variable
 to be 1, in the global context.
 .It Fl d Ar flags
 Turn on debugging, and specify which portions of
-.Nm make
+.Nm
 are to print debugging information.
-.Ar Flags
+Argument
+.Ar flags
 is one or more of the following:
 .Bl -tag -width Ds
 .It Ar A
@@ -102,6 +107,9 @@
 Print debugging information about conditional evaluation.
 .It Ar d
 Print debugging information about directory searching and caching.
+.It Ar f
+Print debugging information about the execution of for loops. Currently a
+no-op.
 .It Ar "g1"
 Print the input graph before making anything.
 .It Ar "g2"
@@ -133,9 +141,9 @@
 If
 .Ar makefile
 is
-.Ql Fl ,
+.Ql \- ,
 standard input is read.
-Multiple makefile's may be specified, and are read in the order specified.
+Multiple makefiles may be specified, and are read in the order specified.
 .It Fl I Ar directory
 Specify a directory in which to search for makefiles and included makefiles.
 The system makefile directory (or directories, see the
@@ -144,11 +152,11 @@
 .It Fl i
 Ignore non-zero exit of shell commands in the makefile.
 Equivalent to specifying
-.Ql Fl
+.Ql \-
 before each command line in the makefile.
 .It Fl j Ar max_jobs
 Specify the maximum number of jobs that
-.Nm make
+.Nm
 may have running at any one time. Turns compatibility mode off, unless the
 .Ar B
 flag is also specified.
@@ -158,19 +166,31 @@
 .It Fl m Ar directory
 Specify a directory in which to search for sys.mk and makefiles included
 via the <...> style.  Multiple directories can be added to form a search path.
-This path will override the default system include path: /usr/share/mk.
-Furthermore the system include path will be appended to the search path used
+This path will override the default system include path:
+.Pa /usr/share/mk .
+Furthermore, the system include path will be appended to the search path used
 for "..."-style inclusions (see the
 .Fl I
 option).
 .It Fl n
 Display the commands that would have been executed, but do not actually
 execute them.
+.It Fl P
+Collate the output of a given job and display it only when the job finishes,
+instead of mixing the output of parallel jobs together.
+This option has no effect unless
+.Fl j
+is used too.
 .It Fl q
 Do not execute any commands, but exit 0 if the specified targets are
 up-to-date and 1, otherwise.
 .It Fl r
 Do not use the built-in rules specified in the system makefile.
+.It Fl S
+Stop processing when an error is encountered.
+Default behaviour.  This is needed to negate the
+.Fl k
+option during recursive builds.
 .It Fl s
 Do not echo any commands as they are executed.
 Equivalent to specifying
@@ -192,7 +212,7 @@
 .It Fl v
 Be extra verbose.
 For multi-job makes, this will cause file banners to be generated.
-.It Ar variable=value
+.It Ar variable Ns No = Ns Ar value
 Set the value of the variable
 .Ar variable
 to
@@ -211,7 +231,9 @@
 .Sh FILE DEPENDENCY SPECIFICATIONS
 Dependency lines consist of one or more targets, an operator, and zero
 or more sources.
-This creates a relationship where the targets ``depend'' on the sources
+This creates a relationship where the targets
+.Dq depend
+on the sources
 and are usually created from them.
 The exact relationship between the target and the source is determined
 by the operator that separates them.
@@ -223,7 +245,7 @@
 Sources for a target accumulate over dependency lines when this operator
 is used.
 The target is removed if
-.Nm make
+.Nm
 is interrupted.
 .It Ic \&!
 Targets are always re-created, but not until all sources have been
@@ -231,7 +253,7 @@
 Sources for a target accumulate over dependency lines when this operator
 is used.
 The target is removed if
-.Nm make
+.Nm
 is interrupted.
 .It Ic \&::
 If no sources are specified, the target is always re-created.
@@ -240,17 +262,17 @@
 Sources for a target do not accumulate over dependency lines when this
 operator is used.
 The target will not be removed if
-.Nm make
+.Nm
 is interrupted.
 .El
 .Pp
-Targets and sources may contain the shell wildcard values
+Targets and sources may contain the shell wildcard expressions
 .Ql ? ,
 .Ql * ,
 .Ql []
 and
 .Ql {} .
-The values
+The expressions
 .Ql ? ,
 .Ql *
 and
@@ -258,7 +280,7 @@
 may only be used as part of the final
 component of the target or source, and must be used to describe existing
 files.
-The value
+The expression
 .Ql {}
 need not necessarily be used to describe existing files.
 Expansion is in directory order, not alphabetically as done in the shell.
@@ -285,7 +307,9 @@
 .Ql Ic \-
 causes any non-zero exit status of the command line to be ignored.
 .Sh VARIABLE ASSIGNMENTS
-Variables in make are much like variables in the shell, and, by tradition,
+Variables in
+.Nm
+are much like variables in the shell, and, by tradition,
 consist of all upper-case letters.
 The five operators that can be used to assign values to variables are as
 follows:
@@ -307,7 +331,7 @@
 Any newlines in the result are replaced with spaces.
 .El
 .Pp
-Any white-space before the assigned
+Any whitespace before the assigned
 .Ar value
 is removed; if the value is being appended, a single space is inserted
 between the previous contents of the variable and the appended value.
@@ -349,13 +373,17 @@
 The list of all sources for this target; also known as
 .Ql Va \&> .
 .It Va .ARCHIVE
-The name of the archive file.
+The name of the archive file; also known as
+.Ql Va \&! .
 .It Va .IMPSRC
 The name/path of the source from which the target is to be transformed
-(the ``implied'' source); also known as
+(the
+.Dq implied
+source); also known as
 .Ql Va \&< .
 .It Va .MEMBER
-The name of the archive member.
+The name of the archive member; also known as
+.Ql Va \&% .
 .It Va .OODATE
 The list of sources for this target that were deemed out-of-date; also
 known as
@@ -371,18 +399,21 @@
 .Pp
 The shorter forms
 .Ql Va @ ,
+.Ql Va ! ,
+.Ql Va \&< ,
+.Ql Va \&% ,
 .Ql Va ? ,
-.Ql Va \&>
+.Ql Va \&> ,
 and
 .Ql Va *
 are permitted for backward
-compatibility with historical makefiles and are not recommended.
+compatibility and are not recommended.
 The six variables
 .Ql Va "@F" ,
 .Ql Va "@D" ,
 .Ql Va "<F" ,
 .Ql Va "<D" ,
-.Ql Va "*F"
+.Ql Va "*F" ,
 and
 .Ql Va "*D"
 are
@@ -398,10 +429,12 @@
 .Ql Va .ARCHIVE ,
 and
 .Ql Va .MEMBER .
+.El
 .Pp
 In addition,
-.Nm make
-sets or knows about the following variables:
+.Nm
+sets or knows about the following internal variables or environment
+variables:
 .Bl -tag -width MAKEFLAGS
 .It Va \&$
 A single dollar sign
@@ -412,57 +445,137 @@
 sign.
 .It Va .MAKE
 The name that
-.Nm make
+.Nm
 was executed with
-.Pq Va argv Op 0
+.Pq Va argv Ns Op 0 .
 .It Va .CURDIR
 A path to the directory where
-.Nm make
+.Nm
 was executed.
 .It Va .OBJDIR
 A path to the directory where the targets are built.
-.It Ev MAKEFLAGS
+At startup,
+.Nm
+searches for an alternate directory to place target files.
+It will attempt to change into this special directory
+and will search this directory for makefiles
+not found in the current directory.
+The following directories are tried in order:
+.Pp
+.Bl -enum -compact
+.It
+${MAKEOBJDIRPREFIX}/`cwd`
+.It
+${MAKEOBJDIR}
+.It
+obj.${MACHINE}
+.It
+obj
+.It
+/usr/obj/`cwd`
+.El
+.Pp
+The first directory that
+.Nm
+successfully changes into is used.
+If either
+.Ev MAKEOBJDIRPREFIX
+or
+.Ev MAKEOBJDIR
+is defined but
+.Nm
+is unable to change into the corresponding directory,
+then the current directory is used
+without checking the remainder of the list.
+If they are undefined and
+.Nm
+is unable to change into any of the remaining three directories,
+then the current directory is used.
+.It Va .MAKEFLAGS
 The environment variable
-.Ql Ev MAKEFLAGS
+.Ev MAKEFLAGS
 may contain anything that
 may be specified on
 .Nm make Ns 's
-command line.
+command line. Its contents are stored in
+.Nm make Ns 's
+.Va .MAKEFLAGS
+variable.
 Anything specified on
 .Nm make Ns 's
 command line is appended to the
-.Ql Ev MAKEFLAGS
+.Va .MAKEFLAGS
 variable which is then
-entered into the environment for all programs which
-.Nm make
+entered into the environment as
+.Ev MAKEFLAGS
+for all programs which
+.Nm
 executes.
+.It Va MFLAGS
+A synonym for
+.Va .MAKEFLAGS
+provided for backward compatibility.
 .It Ev PWD
-Alternate path to the current directory.  Supported if built with WANT_ENV_PWD
-defined.
-.Nm make
+Alternate path to the current directory.
+Supported if built with WANT_ENV_PWD defined.
+.Nm
 normally sets
 .Ql Va .CURDIR
 to the canonical path given by
 .Xr getcwd 3 .
 However, if the environment variable
-.Ql Ev PWD
+.Ev PWD
 is set and gives a path to the current directory, then
-.Nm make
+.Nm
 sets
 .Ql Va .CURDIR
 to the value of
-.Ql Ev PWD
+.Ev PWD
 instead.
-.Ql Ev PWD
-is set to the value of
+.Ev PWD
+is always set to the value of
 .Ql Va .OBJDIR
 for all programs which
-.Nm make
+.Nm
 executes.
+.It Va .TARGETS
+List of targets
+.Nm
+is currently building.
+.It Va .INCLUDES
+See
+.Ic .INCLUDES
+special target.
+.It Va .LIBS
+See
+.Ic .LIBS
+special target.
+.It Va MACHINE
+Name of the machine architecture
+.Nm
+is running on, obtained from the
+.Ev MACHINE
+environment variable, or through
+.Xr uname 2
+if not defined.
+.It Va MACHINE_ARCH
+Name of the machine architecture
+.Nm
+was compiled for, defined at compilation time.
+.It Va VPATH
+Makefiles may assign a colon-delimited list of directories to
+.Va VPATH .
+These directories will be searched for source files by
+.Nm
+after
+.Nm
+has finished parsing all input makefiles.
 .El
 .Pp
 Variable expansion may be modified to select or modify each word of the
-variable (where a ``word'' is white-space delimited sequence of characters).
+variable (where a
+.Dq word
+is whitespace-delimited sequence of characters).
 The general format of a variable expansion is as follows:
 .Pp
 .Dl {variable[:modifier[:...]]}
@@ -489,7 +602,7 @@
 .Pq Ql \e .
 .It Cm N Ns Ar pattern
 This is identical to
-.Ql Cm M ,
+.Cm M ,
 but selects all words which do not match
 the rest of the modifier.
 .It Cm Q
@@ -499,27 +612,27 @@
 .It Cm R
 Replaces each word in the variable with everything but its suffix.
 .Sm off
-.It Cm S No \&/ Ar old_pattern Xo
-.No \&/ Ar new_pattern
+.It Cm S No \&/ Ar old_string Xo
+.No \&/ Ar new_string
 .No \&/ Op Cm g
 .Xc
 .Sm on
 Modify the first occurrence of
-.Ar old_pattern
-in each word to be replaced with
-.Ar new_pattern .
+.Ar old_string
+in each word of the variable's value, replacing it with
+.Ar new_string .
 If a
 .Ql g
 is appended to the last slash of the pattern, all occurrences
 in each word are replaced.
 If
-.Ar old_pattern
-begins with a carat
+.Ar old_string
+begins with a caret
 .Pq Ql ^ ,
-.Ar old_pattern
+.Ar old_string
 is anchored at the beginning of each word.
 If
-.Ar old_pattern
+.Ar old_string
 ends with a dollar sign
 .Pq Ql \&$ ,
 it is anchored at the end of each word.
@@ -528,10 +641,10 @@
 an ampersand
 .Pq Ql &
 is replaced by
-.Ar old_pattern .
+.Ar old_string .
 Any character may be used as a delimiter for the parts of the modifier
 string.
-The anchoring, ampersand and delimiter characters may be escaped with a
+The anchoring, ampersand, and delimiter characters may be escaped with a
 backslash
 .Pq Ql \e .
 .Pp
@@ -541,7 +654,7 @@
 .Ar new_string
 with the single exception that a backslash is used to prevent the expansion
 of a dollar sign
-.Pq Ql \&$
+.Pq Ql \&$ ,
 not a preceding dollar sign as is usual.
 .It Cm T
 Replaces each word in the variable with its last component.
@@ -565,8 +678,8 @@
 to be replaced in
 .Ar new_string
 .El
-.Sh DIRECTIVES, CONDITIONALS AND FOR LOOPS
-Directives, conditionals and for loops reminiscent
+.Sh DIRECTIVES, CONDITIONALS, AND FOR LOOPS
+Directives, conditionals, and for loops reminiscent
 of the C programming language are provided in
 .Nm make .
 All such structures are identified by a line beginning with a single
@@ -694,7 +807,7 @@
 .El
 .Pp
 As in C,
-.Nm make
+.Nm
 will only evaluate a conditional as far as is necessary to determine
 its value.
 Parentheses may be used to change the order of evaluation.
@@ -732,7 +845,8 @@
 has been defined.
 .El
 .Pp
-.Ar Expression
+An
+.Ar expression
 may also be an arithmetic or string comparison.  Variable expansion is
 performed on both sides of the comparison, after which the integral
 values are compared.  A value is interpreted as hexadecimal if it is
@@ -749,21 +863,27 @@
 variable is being compared against 0.
 .Pp
 When
-.Nm make
-is evaluating one of these conditional expression, and it encounters
-a word it doesn't recognize, either the ``make'' or ``defined''
+.Nm
+is evaluating one of these conditional expressions, and it encounters
+a word it doesn't recognize, either the
+.Dq make
+or
+.Dq defined
 expression is applied to it, depending on the form of the conditional.
 If the form is
 .Ql Ic .ifdef
 or
 .Ql Ic .ifndef ,
-the ``defined'' expression
-is applied.
+the
+.Dq defined
+expression is applied.
 Similarly, if the form is
 .Ql Ic .ifmake
 or
-.Ql Ic .ifnmake ,                                            
-the ``make'' expression is applied.
+.Ql Ic .ifnmake ,
+the
+.Dq make
+expression is applied.
 .Pp
 If the conditional evaluates to true the parsing of the makefile continues
 as before.
@@ -791,10 +911,10 @@
 .Xc
 .El
 After the for
-.Ic expression
+.Ar expression
 is evaluated, it is split into words. The
 iteration
-.Ic variable
+.Ar variable
 is successively set to each word, and substituted in the
 .Ic make-rules
 inside the body of the for loop.
@@ -819,18 +939,18 @@
 .Nm make Ns 's .
 .It Ic .NOTMAIN
 Normally
-.Nm make
+.Nm
 selects the first target it encounters as the default target to be built
 if no target was specified.
 This source prevents this target from being selected.
 .It Ic .OPTIONAL
 If a target is marked with this attribute and
-.Nm make
+.Nm
 can't figure out how to create it, it will ignore this fact and assume
 the file isn't needed or already exists.
 .It Ic .PRECIOUS
 When
-.Nm make
+.Nm
 is interrupted, it removes any partially made targets.
 This source prevents the target from being removed.
 .It Ic .SILENT
@@ -839,7 +959,7 @@
 .Pq Ql @ .
 .It Ic .USE
 Turn the target into
-.Nm make Ns 's .
+.Nm make Ns 's
 version of a macro.
 When the target is used as a source for another target, the other target
 acquires the commands, sources, and attributes (except for
@@ -869,7 +989,7 @@
 .Ic .USE
 rule for any target (that was used only as a
 source) that
-.Nm make
+.Nm
 can't figure out any other way to create.
 Only the shell script is used.
 The
@@ -888,17 +1008,38 @@
 If no sources are specified, this is the equivalent of specifying the
 .Fl i
 option.
+.It Ic .INCLUDES
+A list of suffixes that indicate files that can be included in a source
+file. The suffix must have already been declared with
+.Ic .SUFFIXES ;
+any suffix so declared will have the directories on its search path (see
+.Ic .PATH )
+placed in the
+.Va .INCLUDES
+special variable, each preceeded by a
+.Fl I
+flag.
 .It Ic .INTERRUPT
 If
-.Nm make
+.Nm
 is interrupted, the commands for this target will be executed.
+.It Ic .LIBS
+This does for libraries what
+.Ic .INCLUDES
+does for include files, except that the flag used is
+.Fl L .
 .It Ic .MAIN
 If no target is specified when
-.Nm make
+.Nm
 is invoked, this target will be built.
+This is always set, either
+explicitly, or implicitly when
+.Nm
+selects the default target, to give the user a way to refer to the default
+target on the command line.
 .It Ic .MAKEFLAGS
 This target provides a way to specify flags for
-.Nm make
+.Nm
 when the makefile is used.
 The flags are as if typed to the shell, though the
 .Fl f
@@ -923,11 +1064,22 @@
 found in the current directory.
 If no sources are specified, any previously specified directories are
 deleted.
-.Pp
-The variable
-.Ql Ev VPATH
-used to add directories to the search path is permitted only for backward
-compatibility, and is not recommended for use in new Makefiles.
+Where possible, use of
+.Ic .PATH
+is preferred over use of the
+.Va VPATH
+variable.
+.It Ic .PATH\fIsuffix\fR
+The sources are directories which are to be searched for suffixed files
+not found in the current directory.
+.Nm Make
+first searches the suffixed search path, before reverting to the default
+path if the file is not found there.
+This form is required for
+.Ic .LIBS
+and
+.Ic .INCLUDES
+to work.
 .It Ic .PHONY
 Apply the
 .Ic .PHONY
@@ -953,36 +1105,26 @@
 Each source specifies a suffix to
 .Nm make .
 If no sources are specified, any previous specified suffices are deleted.
-.Sh SEARCH PATH
-.Nm Make
-searches for
-.Ql Pa Makefile
-in the following directories, in order:
-.Pp
-.Bl -enum -compact
-.It
-${MAKEOBJDIRPREFIX}`cwd`
-.It
-${MAKEOBJDIR}
-.It
-obj.${MACHINE}
-.It
-obj 
-.It
-/usr/obj${MACHINE}`cwd`
-.It
-The current directory (`cwd`).
-.El
-.Pp
-If
-.Nm make
-finds the
-.Ql Pa Makefile
-someplace other than the current working directory, it adds the CWD to
-the search path.
+.Sh COMPATIBILITY
+Older versions of
+.Nm
+used
+.Ev MAKE
+instead of
+.Ev MAKEFLAGS .
+This was removed for POSIX compatibility.
+The internal variable
+.Va MAKE
+is set to the same value as
+.Va .MAKE ;
+support for this may be removed in the future.
+.Pp
+Most of the more esoteric features of
+.Nm
+should probably be avoided for greater compatibility.
 .Sh ENVIRONMENT
 .Nm Make
-utilizes the following environment variables, if they exist:
+uses the following environment variables, if they exist:
 .Ev MACHINE ,
 .Ev MAKE ,
 .Ev MAKEFLAGS ,
@@ -992,23 +1134,60 @@
 .Ev PWD .
 .Sh FILES
 .Bl -tag -width /usr/share/doc/psd/12.make -compact
-.It .depend
+.It Pa .depend
 list of dependencies
-.It Makefile
+.It Pa Makefile
 list of dependencies
-.It makefile
+.It Pa makefile
 list of dependencies
 .It obj
 object directory
-.It sys.mk
+.It Pa sys.mk
 system makefile
-.It /usr/share/mk
+.It Pa /usr/share/mk
 system makefile directory
 .It /usr/share/doc/psd/12.make
 PMake tutorial
-.It /usr/obj
-system object directory prefix
+.It Pa /usr/obj
+default
+.Ev MAKEOBJDIRPREFIX
+directory.
 .El
+.Sh BUGS
+The determination of
+.Va .OBJDIR
+is contorted to the point of absurdity.
+.Pp
+In the presence of several
+.Ic .MAIN
+special targets,
+.Nm
+silently ignores all but the first.
+.Pp
+.Va .TARGETS
+is not set to the default target when
+.Nm
+is invoked without a target name and no
+.Ic .MAIN
+special target exists.
+.Pp
+The evaluation of
+.Ar expression
+in a test is very simple-minded. Currently, the only form that works is
+.Ql .if ${VAR} op something
+For instance, you should write tests as
+.Ql .if ${VAR} = "string"
+not the other way around, which doesn't work.
+.Pp
+For loops are expanded before tests, so a fragment such as:
+.Bd -literal
+\&.for TMACHINE in ${SHARED_ARCHS}
+\&.if ${TMACHINE} = ${MACHINE}
+     ...
+\&.endif
+\&.endfor
+.Ed
+won't work, and should be rewritten the other way around.
 .Sh SEE ALSO
 .Xr mkdep 1
 .Rs
@@ -1016,6 +1195,6 @@
 .Re
 .Sh HISTORY
 A
-.Nm Make
+.Nm
 command appeared in
 .At v7 .

----Next_Part(Mon_Jan_10_18:21:58_2000_945)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Description: diff_4.0-20000105-CURRENT_5
Content-Disposition: attachment; filename=diff_4.0-20000105-CURRENT_5

diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man5/ipnat.5 man5/ipnat.5
--- /home/horikawa/man-jp/work/fbsd-340r/man/man5/ipnat.5	Mon Dec 20 14:52:36 1999
+++ man5/ipnat.5	Wed Jan  5 22:57:37 2000
@@ -5,14 +5,19 @@
 The format for files accepted by ipnat is described by the following grammar:
 .LP
 .nf
-ipmap :: = mapit ifname ipmask "->" ipmask [ mapport ] .
+ipmap :: = mapblock | redir | map .
 
-mapit ::= "map" | "rdr" .
+map ::= mapit ifname ipmask "->" ipmask [ mapport ] .
+mapblock ::= "map-block" ifname ipmask "->" ipmask [ ports ] .
+redir ::= "rdr" ifname [ fromspec ] ipmask "->" ip [ ports ] [ tcpudp ] .
+ports ::= "ports" numports | "auto" .
+mapit ::= "map" | "bimap" .
 ipmask ::= ip "/" bits | ip "/" mask | ip "netmask" mask .
 mapport ::= "portmap" tcpudp portnumber ":" portnumber .
 
+fromspec ::= "from" ip "/" ipmask .
 tcpudp ::= "tcp" | "udp" | "tcp/udp" .
-portnumber ::= number { numbers } .
+portnumber ::= number { numbers } | "auto" .
 ifname ::= 'A' - 'Z' { 'A' - 'Z' } numbers .
 
 numbers ::= '0' | '1' | '2' | '3' | '4' | '5' | '6' | '7' | '8' | '9' .
@@ -34,7 +39,63 @@
 When remapping TCP and UDP packets, it is also possible to change the source
 port number.  Either TCP or UDP or both can be selected by each rule, with a
 range of port numbers to remap into given as \fBport-number:port-number\fP.
-.SH Examples
+.SH COMMANDS
+There are found commands recognised by IP Filter's NAT code:
+.TP
+.B map
+that is used for mapping one address or network to another in an unregulated
+round robin fashion;
+.TP
+.B rdr
+that is used for redirecting packets to one IP address and port pair to
+another;
+.TP
+.B bimap
+for setting up bidirectional NAT between an external IP address and an internal
+IP address and
+.TP
+.B map-block
+which sets up static IP address based translation, based on a algorithm to
+squeeze the addresses to be translated into the destination range.
+.SH MATCHING
+.PP
+For basic NAT and redirection of packets, the address subject to change is used
+along with its protocol to check if a packet should be altered.  In the case
+of redirects, it is also possible to select packets on a source address basis
+using the \fBfrom\fP keyword, as well as the manditory destination port.  The
+packet \fImatching\fP part of the rule is to the left of the "->" in each rule.
+.SH TRANSLATION
+.PP
+To the right of the "->" is the address and port specificaton which will be
+written into the packet providing it has already successful matched the
+prior constraints.  The case of redirections (\fBrdr\fP) is the simpliest:
+the new destination address is that specified in the rule.  For \fBmap\fP
+rules, the destination address will be one for which the tuple combining
+the new source and destination is known to be unique.  If the packet is
+either a TCP or UDP packet, the destination and source ports come into the
+equation too.  If the tuple already exists, IP Filter will increment the
+port number first, within the available range specified with \fBportmap\fP
+and if there exists no unique tuple, the source address will be incremented
+within the specified netmask.  If a unique tuple cannot be determined, then
+the packet will not be translated.  The \fBmap-block\fP is more limited in
+how it searches for a new, free and unique tuple, in that it will used an
+algorithm to determine what the new source address should be, along with the
+range of available ports - the IP address is never changed and nor does the
+port number ever exceed its alloted range.
+.SH KERNEL PROXIES
+.PP
+IP Filter comes with a few, simple, proxies built into the code that is loaded
+into the kernel to allow secondary channels to be opened without forcing the
+packets through a user program.
+.SH TRNSPARENT PROXIES
+.PP
+True transparent proxying should be performed using the redirect (\fBrdr\fP)
+rules directing ports to localhost (127.0.0.1) with the proxy program doing
+a lookup through \fB/dev/ipnat\fP to determine the real source and address
+of the connection.
+.SH EXAMPLES
+.PP
+This section deals with the \fBmap\fP command and it's variations.
 .PP
 To change IP#'s used internally from network 10 into an ISP provided 8 bit
 subnet at 209.1.2.0 through the ppp0 interface, the following would be used:
@@ -61,8 +122,33 @@
 .fi
 .PP
 so that all TCP/UDP packets were port mapped and only other protocols, such as
-ICMP, only have their IP# changed.
-.SH FILES
+ICMP, only have their IP# changed.  In some instaces, it is more appropriate
+to use the keyword \fBauto\fP in place of an actual range of port numbers if
+you want to guarantee simultaneous access to all within the given range.
+However, in the above case, it would default to 1 port per IP address, since
+we need to squeeze 24 bits of address space into 8.  A good example of how
+this is used might be:
+.LP
+.nf
+map ppp0 172.192.0.0/16 -> 209.1.2.0/24 portmap tcp/udp auto
+.fi
+.PP
+which would result in each IP address being given a small range of ports to
+use (252).  The problem here is that the \fBmap\fP directive tells the NAT
+code to use the next address/port pair available for an outgoing connection,
+resulting in no easily discernable relation between external addresses/ports
+and internal ones.  This is overcome by using \fBmap-block\fP as follows:
+.LP
+.nf
+map-block ppp0 172.192.0.0/16 -> 209.1.2.0/24 ports auto
+.fi
+.PP
+For example, this would result in 172.192.0.0/24 being mapped to 209.1.2.0/32
+with each address, from 172.192.0.0 to 172.192.0.255 having 252 ports of its
+own.  As opposed to the above use of \fBmap\fP, if for some reason the user
+of (say) 172.192.0.2 wanted 260 simultaneous connections going out, they would
+be limited to 252 with \fBmap-block\fP but would just \fImove on\fP to the next
+IP address with the \fBmap\fP command.
 /dev/ipnat
 .br
 /etc/services

----Next_Part(Mon_Jan_10_18:21:58_2000_945)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Description: diff_4.0-20000105-CURRENT_6
Content-Disposition: attachment; filename=diff_4.0-20000105-CURRENT_6


----Next_Part(Mon_Jan_10_18:21:58_2000_945)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Description: diff_4.0-20000105-CURRENT_7
Content-Disposition: attachment; filename=diff_4.0-20000105-CURRENT_7

diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man7/security.7 man7/security.7
--- /home/horikawa/man-jp/work/fbsd-340r/man/man7/security.7	Mon Dec 20 14:50:15 1999
+++ man7/security.7	Wed Jan  5 22:58:26 2000
@@ -2,11 +2,11 @@
 .\" the BSD Copyright as specified in the file "/usr/src/COPYRIGHT" in
 .\" the source tree.
 .\"
-.\" $FreeBSD: src/share/man/man7/security.7,v 1.4.2.4 1999/09/05 15:23:41 mpp Exp $
+.\" $FreeBSD: src/share/man/man7/security.7,v 1.12 1999/09/19 05:30:12 dillon Exp $
 .\"
-.Dd December 20, 1998
+.Dd September 18, 1999
 .Dt SECURITY 7
-.Os
+.Os FreeBSD
 .Sh NAME
 .Nm security
 .Nd introduction to security under FreeBSD
@@ -15,8 +15,8 @@
 Security is a function that begins and ends with the system administrator.
 While all
 .Bx
-systems are inherently multi-user capable, the job of building and
-maintaining security mechanisms to keep those users
+multi-user systems have some inherent security, the job of building and
+maintaining additional security mechanisms to keep those users
 .Sq honest
 is probably
 one of the single largest undertakings of the sysadmin.  Machines are
@@ -30,7 +30,27 @@
 become today's desktops, and as computers become networked and internetworked,
 security becomes an ever bigger issue.
 .Pp
-Security concerns can be split up into several categories:
+Security is best implemented through a layered onion approach.  In a nutshell,
+what you want to do is to create as many layers of security as are convenient
+and then carefully monitor the system for intrusions.  You do not want to
+overbuild your security or you will interefere with the detection side, and
+detection is one of the single most important aspects of any security 
+mechanism.  For example, it makes little sense to set the
+.Pa schg 
+flags
+.Po
+see
+.Xr chflags 1
+.Pc
+on every system binary because while this may temporarily protect the
+binaries, it prevents a hacker who has broken in from making an
+easily detectable change that may result in your security mechanisms not
+detecting the hacker at all.
+.Pp
+System security also pertains to dealing with various forms of attack,
+including attacks that attempt to crash or otherwise make a system unusable
+but do not attempt to break root.  Security concerns can be split up into
+several categories:
 .Bl -enum -offset indent
 .It
 Denial of service attacks
@@ -40,6 +60,8 @@
 Root compromise through accessible servers
 .It
 Root compromise via user accounts
+.It
+Backdoor creation
 .El
 .Pp
 A denial of service attack is an action that deprives the machine of needed
@@ -48,10 +70,12 @@
 network stack.  Some D.O.S. attacks try to take advantages of bugs in the
 networking stack to crash a machine with a single packet.  The latter can
 only be fixed by applying a bug fix to the kernel.  Attacks on servers can
-often be fixed by properly specifying options to servers to limit the load
-they incur on the system under adverse conditions.  Brute-force network 
+often be fixed by properly specifying options to limit the load the servers
+incur on the system under adverse conditions.  Brute-force network 
 attacks are harder to deal with.  A spoofed-packet attack, for example, is 
 nearly impossible to stop short of cutting your system off from the internet.
+It may not be able to take your machine down, but it can fill up internet
+pipe.
 .Pp
 A user account compromise is even more common then a D.O.S. attack.  Many
 sysadmins still run standard telnetd, rlogind, rshd, and ftpd servers on their
@@ -63,7 +87,7 @@
 .Pc
 will
 have his or her password sniffed.  The attentive system admin will analyze
-his remote access logs occasionally looking for suspicious source addresses
+his remote access logs looking for suspicious source addresses
 even for successful logins.
 .Pp
 One must always assume that once an attacker has access to a user account,
@@ -71,17 +95,26 @@
 and maintained system, access to a user account does not necessarily give the
 attacker access to root.  The distinction is important because without access
 to root the attacker cannot generally hide his tracks and may, at best, be
-able to remove that user's files and crash the machine, but not touch anyone
-else's files.
-.Pp
-System administrators must keep in mind that there are several ways to break
-root on a machine.  The attacker may know the root password, the attacker
+able to do nothing more then mess with the user's files or crash the machine.
+User account compromises are very common because users tend not to take the
+precautions that sysads take.
+.Pp
+System administrators must keep in mind that there are potentially many ways 
+to break root on a machine.  The attacker may know the root password, 
+the attacker
 may find a bug in a root-run server and be able to break root over a network
 connection to that server, or the attacker may know of a bug in an suid-root
 program that allows the attacker to break root once he has broken into a 
-user's account.
+user's account.  If an attacker has found a way to break root on a machine,
+.Pa the attacker may not have a need to install a backdoor.
+Many of the root holes found and closed to date involve a considerable amount
+of work by the hacker to cleanup after himself, so most hackers do install
+backdoors.  This gives you a convienient way to detect the hacker.  Making
+it impossible for a hacker to install a backdoor may actually be detrimental
+to your security because it will not close off the hole the hacker found to
+break in in the first place.
 .Pp
-Security remedies are always implemented in a multi-layered
+Security remedies should always be implemented with a multi-layered
 .Sq onion peel
 approach and can be categorized as follows:
 .Bl -enum -offset indent
@@ -96,7 +129,7 @@
 .It
 Securing the kernel core, raw devices, and filesystems
 .It
-Checking file integrity: binaries, configuration files, and so forth
+Quick detection of inappropriate changes made to the system
 .It
 Paranoia
 .El
@@ -106,17 +139,21 @@
 account.  Most systems have a password assigned to the root account.  The
 first thing you do is assume that the password is
 .Sq always
-compromised.
-To secure the root account you make sure that it is not possible to login
-to the root account using the root password from a random user account or 
-over the network.  If you haven't already, configure telnetd, rlogind, and
-all other servers that handle login operations to refuse root logins, period,
-whether the right password is given or not.  Allow direct root logins only
-via the system console.  The
+compromised.  This does not mean that you should remove the password.  The
+password is almost always necessary for console access to the machine.
+What it does mean is that you should not make it possible to use the password
+outside of the console or possibly even with a
+.Xr su 1
+command.
+For example, make sure that your pty's are specified as being unsecure
+in the 
 .Sq Pa /etc/ttys
-file comes in handy here and is
-secure by default on most systems, but a good sysadmin always checks to make
-sure.
+file
+so that direct root logins via telnet or rlogin are disallowed.  If using
+other login services such as sshd, make sure that direct root logins are
+disabled there as well.  Consider every access method - services such as
+ftp often fall through the cracks.  Direct root logins should only be allowed
+via the system console.
 .Pp
 Of course, as a sysadmin you have to be able to get to root, so we open up
 a few holes.  But we make sure these holes require additional password
@@ -127,15 +164,23 @@
 in the wheel group are allowed to 
 .Sq su
 to root.  You should never give staff
-members native wheel access via their entry in the password file... put staff
-in a
+members native wheel access by putting the min the wheel group in their 
+password entry.  Staff accounts should be placed in a 
 .Sq staff
-group or something and only add those that really need root to
-the wheel group.  Unfortunately the wheel mechanism still allows an intruder to
-break root if the intruder has gotten hold of your password file - he need only
-break the root password and the password of one of the staff accounts that
-happens to be in the wheel group.  So while the wheel mechanism is usable,
-it isn't much safer then not having a wheel group at all.
+group, and then added to the wheel group via the
+.Sq Pa /etc/group
+file.  Only those staff members who actually need to have root access
+should be placed in the wheel group.  It is also possible, when using an
+authentication method such as kerberos, to use kerberos's
+.Sq Pa .k5login
+file in the root account to allow a
+.Xr ksu 1
+to root without having to place anyone at all in the wheel group.  This
+may be the better solution since the wheel mechanism still allows an 
+intruder to break root if the intruder has gotten hold of your password
+file and can break into a staff account.  While having the wheel mechanism 
+is better then having nothing at all, it isn't necessarily the safest
+option.
 .Pp
 An indirect way to secure the root account is to secure your staff accounts
 by using an alternative login access method and *'ing out the crypted password
@@ -251,9 +296,13 @@
 intruder might be able to read
 .Pa /dev/kmem
 and thus read the crypted password
-file, potentially compromising any passworded account.  An intruder that breaks
-the tty group can write to almost any user's tty.  If a user is running a terminal
-program or emulator with a talk-back feature, the intruder can potentially 
+file, potentially compromising any passworded account.  Alternatively an
+intruder who breaks group kmem can monitor keystrokes sent through pty's,
+including pty's used by users who login through secure methods.  An intruder
+that breaks the tty group can write to almost any user's tty.  If a user 
+is running a terminal
+program or emulator with a keyboard-simulation feature, the intruder can 
+potentially 
 generate a data stream that causes the user's terminal to echo a command, which
 is then run as that user.
 .Sh SECURING USER ACCOUNTS
@@ -264,8 +313,9 @@
 you do have sufficient control then you may win out and be able to secure the
 user accounts properly.  If not, you simply have to be more vigilant in your
 monitoring of those accounts.  Use of ssh and kerberos for user accounts is
-more problematic, but still a very good solution compared to a crypted
-password. 
+more problematic due to the extra administration and technical support 
+required, but still a very good solution compared to a crypted password
+file.
 .Sh SECURING THE PASSWORD FILE
 .Pp
 The only sure fire way is to *-out as many passwords as you can and 
@@ -302,8 +352,8 @@
 and
 .Pa /dev/kmem
 to worry about.  For that matter,
-the intruder can still write raw devices.
-Also, there is another kernel feature called
+the intruder can still write to raw disk devices.
+Also, there is another kernel feature called the module loader,
 .Xr kldload 8 .
 An enterprising intruder can use a KLD module to install 
 his own bpf device or other sniffing device on a running kernel.
@@ -321,73 +371,95 @@
 is set.  This might be overdoing it, and upgrading the system is much more
 difficult when you operate at a higher secure level.  You may compromise and
 run the system at a higher secure level but not set the schg flag for every
-system file and directory under the sun.
+system file and directory under the sun.  Another possibility is to simply
+mount / and /usr read-only.  It should be noted that being too draconian in
+what you attempt to protect may prevent the all-important detection of an
+intrusion.
 .Sh CHECKING FILE INTEGRITY: BINARIES, CONFIG FILES, ETC
 .Pp
 When it comes right down to it, you can only protect your core system
 configuration and control files so much before the convenience factor
-rears its ugly head.  The last layer of your security onion is perhaps
-the most important - detection.
-.Pp
-The only correct way to check a system's file integrity is via another,
-more secure system.  It is fairly easy to setup a
-.Sq secure
-system: you
-simply do not run any services on it.  With a secure system in place you
-can then give it access to other system's root spaces via ssh.  This may
-seem like a security breech, but you have to put your trust somewhere and
-as long as you don't do something stupid like run random servers it really
-is possible to build a secure machine.  When I say
-.Sq secure
-here, I assuming
-physical access security as well, of course.  Given a secure machine with
-root access on all your other machines, you can then write security scripts
-ON the secure machine to check the other machines on the system.  The most
-common way of checking is to have the security script
-.Xr scp 1
-over a find
-and md5 binary and then ssh a shell command to the remote machine to md5
-all the files in the system
-.Po
-or, at least, the 
-.Pa / ,
-.Pa /var ,
+rears its ugly head.  For example, using chflags to set the schg bit
+on most of the files in / and /usr is probably counterproductive because
+while it may protect the files, it also closes a detection window.  The
+last layer of your security onion is perhaps the most important - detection.
+The rest of your security is pretty much useless (or, worse, presents you with
+a false sense of safety) if you cannot detect potential incursions.  Half
+the job of the onion is to slow down the attacker rather then stop him
+in order to give the detection side of the equation a chance to catch him in
+the act.
+.Pp
+The best way to detect an incursion is to look for modified, missing, or
+unexpected files.  The best
+way to look for modified files is from another (often centralized)
+limited-access system.
+Writing your security scripts on the extra-secure limited-access system 
+makes them mostly invisible to potential hackers, and this is important.
+In order to take maximum advantage you generally have to give the
+limited-access box significant access to the other machines in the business,
+usually either by doing a read-only NFS export of the other machines to the
+limited-access box, or by setting up ssh keypairs to allow the limit-access
+box to ssh to the other machines.  Except for its network traffic, NFS is
+the least visible method - allowing you to monitor the filesystems on each
+client box virtually undetected.  If your
+limited-access server is connected to the client boxes through a switch,
+the NFS method is often the better choice.  If your limited-access server
+is connected to the client boxes through a hub or through several layers
+of routing, the NFS method may be too insecure (network-wise) and using ssh
+may be the better choice even with the audit-trail tracks that ssh lays.
+.Pp
+Once you give a limit-access box at least read access to the client systems
+it is supposed to monitor, you must write scripts to do the actual 
+monitoring.  Given an NFS mount, you can write scripts out of simple system
+utilities such as
+.Xr find 1
+and
+.Xr md5 1
+It is best to physically md5 the client-box files boxes at least once a 
+day, and to test control files such as those found in
+.Pa /etc
+and
+.Pa /usr/local/etc
+even more often.  When mismatches are found relative to the base md5
+information the limited-access machine knows is valid, it should scream at
+a sysadmin to go check it out.  A good security script will also check for
+inappropriate suid binaries and for new or deleted files on system partitions
+such as
+.Pa /
 and
 .Pa /usr
-partitions!
-.Pc .
-The security machine copies the results to a file and diff's them against
-results from a previous run (or compares the results against its own 
-binaries), then emails each staff member a daily report of differences.
-.Pp
-Another way to do this sort of check is to NFS export the major filesystems
-from every other machine to the security machine.  This is somewhat more
-network intensive but also virtually impossible for an intruder to detect
-or spoof.
 .Pp
-A good security script will also check for changes to user and staff members
-access configuration files:  .rhosts, .shosts, .ssh/authorized_keys, and
-so forth... files that might fall outside the purview of the MD5 check.
+When using ssh rather then NFS, writing the security script is much more
+difficult.   You essentially have to
+.Pa scp
+the scripts to the client box in order to run them, making them visible, and
+for safety you also need to scp the binaries (such as find) that those scripts
+use.  The ssh daemon on the client box may already be compromised.  All in all,
+using ssh may be necessary when running over unsecure links, but it's also a
+lot harder to deal with.
 .Pp
-A good security script will check for suid and sgid binaries on all 
-filesystems and report their absolute existence as well as a diff against
-the previous report or some baseline
-.Pq say, make a baseline once a week .
-While you can turn off the ability to run suid and sgid binaries on certain
-filesystems through the
+A good security script will also check for changes to user and staff members
+access configuration files:
+.Pa .rhosts ,
+.Pa .shosts ,
+.Pa .ssh/authorized_keys 
+and so forth... files that might fall outside the purview of the MD5 check.
+.Pp
+If you have a huge amount of user disk space it may take too long to run
+through every file on those partitions.  In this case, setting mount
+flags to disallow suid binaries and devices on those partitions is a good
+idea.  The
+.Sq nodev
+and
 .Sq nosuid
-option in fstab/mount, you cannot turn this
-off on root and anyone who breaks root can just install their binary there.
-If you have a huge amount of user disk space, though, it may be useful to
-disallow suid binaries and devices 
+options
 .Po
-.Sq nodev
-option
+see
+.Xr mount 8
 .Pc
-on the user partitions
-so you do not have to scan them for such.  I would scan them anyway, though,
-at least once a week, since the object of this onion layer is detection of
-a break-in.
+are what you want to look into.  I would scan them anyway at least once a 
+week, since the object of this layer is to detect a break-in whether or
+not the breakin is effective.
 .Pp
 Process accounting
 .Po
@@ -397,19 +469,25 @@
 is a relatively low-overhead feature of
 the operating system which I recommend using as a post-break-in evaluation
 mechanism.  It is especially useful in tracking down how an intruder has 
-actually broken root on a system, assuming the file is still intact after
+actually broken into a system, assuming the file is still intact after
 the break-in occurs.
 .Pp
 Finally, security scripts should process the log files and the logs themselves
-should be generated in as secured a manner as possible - remote syslog can be
+should be generated in as secure a manner as possible - remote syslog can be
 very useful.  An intruder tries to cover his tracks, and log files are critical
-to the sysadmin trying to track down the time and method of the initial break-in.
+to the sysadmin trying to track down the time and method of the initial 
+break-in.  One way to keep a permanent record of the log files is to run
+the system console to a serial port and collect the information on a
+continuing basis through a secure machine monitoring the consoles.
 .Sh PARANOIA
 .Pp
 A little paranoia never hurts.  As a rule, a sysadmin can add any number
 of security features as long as they do not effect convenience, and 
 can add security features that do effect convenience with some added
-thought.
+thought.  Even more importantly, a security administrator should mix it up
+a bit - if you use recommendations such as those given by this manual
+page verbatim, you give away your methodologies to the prospective
+hacker who also has access to this manual page.
 .Sh SPECIAL SECTION ON D.O.S. ATTACKS
 .Pp
 This section covers Denial of Service attacks.  A DOS attack is typically
@@ -566,6 +644,37 @@
 .Pq unless you want to crash the machine :-) .
 Setting both parameters to 2 seconds should be sufficient to protect the route
 table from attack.
+.Sh ACCESS ISSUES WITH KERBEROS AND SSH
+.Pp
+There are a few issues with both kerberos and ssh that need to be addressed
+if you intend to use them.  Kerberos V is an excellent authentication
+protocol but the kerberized telnet and rlogin suck rocks.  There are bugs that
+make them unsuitable for dealing with binary streams.  Also, by default 
+kerberos does not encrypt a session unless you use the 
+.Fl x
+option.  Ssh encrypts everything by default.
+.Pp
+Ssh works quite well in every respect except that it forwards encryption keys
+by default.  What this means is that if you have a secure workstation holding 
+keys that give you access to the rest of the system, and you ssh to an
+unsecure machine, your keys becomes exposed.  The actual keys themselves are
+not exposed, but ssh installs a forwarding port for the duration of your 
+login and if a hacker has broken root on the unsecure machine he can utilize
+that port to use your keys to gain access to any other machine that your
+keys unlock.
+.Pp
+We recommend that you use ssh in combination with kerberos whenever possible
+for staff logins.  Ssh can be compiled with kerberos support.  This reduces 
+your reliance on potentially exposable ssh keys while at the same time
+protecting passwords via kerberos.  Ssh keys 
+should only be used for automated tasks from secure machines (something 
+that kerberos is unsuited to).  We also recommend that you either turn off
+key-forwarding in the ssh configuration, or that you make use of the
+.Pa "from=IP/DOMAIN"
+option that ssh allows in its
+.Pa authorized_keys
+file to make the key only useable to entities logging in from specific 
+machines.
 
 .Sh SEE ALSO
 .Pp
@@ -577,7 +686,11 @@
 .Xr netstat 1 ,
 .Xr syslogd 1 ,
 .Xr xdm 1 ,
-.Xr sysctl 8
+.Xr group 5 ,
+.Xr ttys 5 ,
+.Xr init 8 ,
+.Xr sysctl 8 ,
+.Xr vipw 8
 
 The following are part of security ports collection:

----Next_Part(Mon_Jan_10_18:21:58_2000_945)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Description: diff_4.0-20000105-CURRENT_8
Content-Disposition: attachment; filename=diff_4.0-20000105-CURRENT_8

diff ccdconfig.8
@@ -145,13 +145,67 @@
 as shown by
 .Xr disklabel 8 ).
 .Sh EXAMPLE
-The following command, executed from the command line, would configure ccd0
-with 4 components (/dev/da2e, /dev/da3e, /dev/da4e, /dev/da5e), and an
-interleave factor of 32 blocks.
-.Bd -unfilled -offset indent
-# ccdconfig ccd0 32 0 /dev/da2e /dev/da3e /dev/da4e /dev/da5e
+.Pp
+A number of ccdconfig examples are shown below.  The arguments passed
+to ccdconfig are exactly the same as you might place in the
+.Pa /etc/ccd.conf 
+configuration file.  The first example creates a 4-disk stripe out of
+four scsi disk partitions.  The stripe uses a 64 sector interleave.
+The second example is an example of a complex stripe/mirror combination.
+It reads as a two disk stripe of da2e and da3e which is mirrored
+to a two disk stripe of da4e and da5e.  The last example is a simple
+mirror.  /dev/da2e is mirrored with /dev/da4e and assigned to ccd0.
+.Pp
+.Bd -unfilled -offset
+# ccdconfig ccd0 64 none /dev/da2e /dev/da3e /dev/da4e /dev/da5e
+# ccdconfig ccd0 128 CCDF_MIRROR /dev/da2e /dev/da3e /dev/da4e /dev/da5e
+# ccdconfig ccd0 128 CCDF_MIRROR /dev/da2e /dev/da4e
 .Ed
 .Pp
+When you create a new ccd disk you generally want to
+.Nm disklabel
+it before doing anything else.  Once you create the initial label you can 
+edit it, adding additional partitions.  The label itself takes up the first
+16 sectors of the ccd disk.  If all you are doing is creating filesystems
+with newfs, you do not have to worry about this as newfs will skip the
+label area.  However, if you intend to
+.Nm dd
+to or from a ccd partition it is usually a good idea to construct the
+partition such that it does not overlap the label area.  For example, if
+you have A ccd disk with 10000 sectors you might create a 'd' partition
+with offset 16 and size 9984.
+.Pp
+.Bd -unfilled -offset
+# disklabel -r -w ccd0c auto
+# disklabel -e ccd0c
+.Ed
+.Pp
+The disklabeling of a ccd disk is usually a one-time affair.  Unlike other
+devices, ccd currently requires that you specify partition 'c' when
+running disklabel.  If you reboot the machine and reconfigure the ccd disk,
+the disklabel you
+had created before will still be there and not require reinitialization.
+Beware that changing any ccd parameters: interleave, flags, or the
+device list making up the ccd disk, will usually destroy any prior
+data on that ccd disk.  If this occurs it is usually a good idea to
+reinitialize the label before [re]constructing your ccd disk.
+.Pp
+.Sh RECOVERY
+.Pp
+An error on a ccd disk is usually unrecoverable unless you are using the 
+mirroring option.  But mirroring has its own perils:  It assumes that
+both copies of the data at any given sector are the same.  This holds true
+until a write error occurs or until you replace either side of the mirror.
+.Nm Ccd
+uses a poor-man's mirroring implementation.  It works well enough that if
+you begin to get disk errors you should be able to backup the ccd disk,
+replace the broken hardware, and then regenerate the ccd disk.  If you need
+more then this you should look into external hardware RAID SCSI boxes,
+RAID controllers such as the
+.Nm dpt
+controller, or software RAID systems such as
+.Nm vinum .
+.Pp
 .Sh FILES
 .Bl -tag -width /etc/ccd.conf -compact
 .It Pa /etc/ccd.conf
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man8/config.8 man8/config.8
--- /home/horikawa/man-jp/work/fbsd-340r/man/man8/config.8	Mon Dec 20 14:52:30 1999
+++ man8/config.8	Wed Jan  5 23:00:41 2000
@@ -30,6 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     @(#)config.8	8.2 (Berkeley) 4/19/94
+.\" $FreeBSD: src/usr.sbin/config/config.8,v 1.18 1999/10/30 10:55:47 marcel Exp $
 .\"
 .Dd April 19, 1994
 .Dt CONFIG 8
@@ -40,6 +41,7 @@
 .Sh SYNOPSIS
 .Nm config
 .Op Fl gpr
+.Op Fl d Ar destdir
 .Ar SYSTEM_NAME
 .Sh DESCRIPTION
 This is the old version of the
@@ -72,6 +74,13 @@
 Available options and operands:
 .Pp
 .Bl -tag -width SYSTEM_NAME
+.It Fl d Ar destdir
+Use
+.Ar destdir
+as the output directory, instead of the default one. Note
+that config does not append
+.Ar SYSTEM_NAME
+to the directory given.
 .It Fl g
 Configure a system for debugging.
 .It Fl p
@@ -83,7 +92,7 @@
 .Fl p
 options are supplied,
 .Nm
-will configure a system for high resolution profiling.
+configures a system for high resolution profiling.
 .It Fl r
 Remove the old compile directory (see below).
 .It Ar SYSTEM_NAME
@@ -96,12 +105,18 @@
 should be run from the
 .Pa conf
 subdirectory of the system source (usually
-.Pa /sys/ARCH/conf ) .
+.Pa /sys/ARCH/conf ) ,
+where
+.Pa ARCH
+represents one of the architectures supported by FreeBSD.
 .Nm Config
-will create the directory
+creates the directory
 .Pa ../../compile/SYSTEM_NAME
-as necessary and place all output files there.
-If the directory already exists and the
+or the one given with the
+.Fl d
+option 
+as necessary and places all output files there.
+If the output directory already exists and the
 .Fl r
 flag was specified, it will be removed first.
 The output of
@@ -147,9 +162,61 @@
 If the option "INCLUDE_CONFIG_FILE" is used in the configuration file the 
 entire input file is embedded in the new kernel.  This means that
 .Xr strings 1
-can be used to extract it from a kernel. 
+can be used to extract it from a kernel:
+to extract the configuration information, use the command
+.Bd -literal
+strings kernel | grep ___
+.Ed
+.Sh DEBUG KERNELS
+Traditional BSD kernels compiled without symbols due to the heavy load on the
+system when compiling a
+.if n "debug"
+.if t ``debug''
+kernel.  A debug kernel contains complete symbols for all the source files, and
+enables an experienced kernel programmer to analyse the cause of a problem.  The
+debuggers available prior to 4.4BSD-Lite were able to find some information
+from a normal kernel; 
+.Xr gdb 1
+provides very little support for normal kernels, and a debug kernel is needed
+for any meaningful analysis.
+.Pp
+For reasons of history, time and space, building a debug kernel is not the
+default with FreeBSD: a debug kernel takes up to 30% longer to build and
+requires about 30 MB of disk storage in the build directory, compared to about 6
+MB for a non-debug kernel.  A debug kernel is about 11 MB in size, compared to
+about 2 MB for a non-debug kernel.  This space is used both in the root file
+system and at run time in memory.  Use the
+.Fl g
+option to build a debug kernel.  With this option,
+.Nm
+causes two kernel files to be built in the kernel build directory:
+.Bl -bullet
+.It
+.Nm kernel.debug
+is the complete debug kernel.
+.It
+.Nm kernel
+is a copy of the kernel with the debug symbols stripped off.  This is equivalent
+to the normal non-debug kernel.
+.El
 .Pp
-Strings | grep ___ will print just the configure information.
+There is currently little sense in installing and booting from a debug kernel,
+since the only tools available which use the symbols do not run on-line.  There
+are therefore two options for installing a debug kernel:
+.Bl -bullet
+.It
+.Nm make
+.Ar install
+installs
+.Nm kernel
+in the root file system.
+.It
+.Nm make
+.Ar install.debug
+installs
+.Nm kernel.debug
+in the root file system.
+.El
 .Sh FILES
 .Bl -tag -width /sys/i386/conf/Makefile.i386 -compact
 .It Pa /sys/conf/files
@@ -161,13 +228,13 @@
 list of
 .Tn i386
 specific files
-.It Pa /sys/i386/conf/devices.i386
-name to major device mapping file for the
-.Tn i386
 .It Pa /sys/i386/conf/files. Ns Em ERNIE
 list of files specific to
 .Em ERNIE
 system
+.It Pa /sys/compile/SYSTEM_NAME
+default kernel build directory for system
+.Pa SYSTEM_NAME .
 .El
 .Sh SEE ALSO
 The SYNOPSIS portion of each device in section 4.
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man8/disklabel.8 man8/disklabel.8
--- /home/horikawa/man-jp/work/fbsd-340r/man/man8/disklabel.8	Mon Dec 20 14:48:55 1999
+++ man8/disklabel.8	Wed Jan  5 22:57:31 2000
@@ -33,11 +33,11 @@
 .\" SUCH DAMAGE.
 .\"
 .\"	@(#)disklabel.8	8.2 (Berkeley) 4/19/94
-.\" $FreeBSD: src/sbin/disklabel/disklabel.8,v 1.10.2.2 1999/08/29 15:12:45 peter Exp $
+.\" $FreeBSD: src/sbin/disklabel/disklabel.8,v 1.15 1999/08/28 00:12:34 peter Exp $
 .\"
-.Dd April 19, 1994
+.Dd July 30, 1999
 .Dt DISKLABEL 8
-.Os BSD 4.2
+.Os FreeBSD
 .Sh NAME
 .Nm disklabel
 .Nd read and write disk pack label
@@ -66,7 +66,7 @@
 .Fl B
 .Oo
 .Fl b Ar boot1
-.Op Fl s Ar boot2
+.Fl s Ar boot2
 .Oc
 .Ar disk
 .Oo Ar disktype Oc
@@ -75,7 +75,7 @@
 .Fl B
 .Oo
 .Fl b Ar boot1
-.Op Fl s Ar boot2
+.Fl s Ar boot2
 .Oc
 .Ar disk Ar disktype
 .Oo Ar packid Oc
@@ -84,42 +84,64 @@
 .Fl B
 .Oo
 .Fl b Ar boot1
-.Op Fl s Ar boot2
+.Fl s Ar boot2
 .Oc
 .Ar disk Ar protofile
 .Oo Ar disktype Oc
 .Sh DESCRIPTION
 .Nm Disklabel
-can be used to install, examine or modify the label on a disk drive or pack.
-When writing the label, it can be used
-to change the drive identification,
-the disk partitions on the drive,
-or to replace a damaged label.
-On some systems,
-.Nm
-can be used to install bootstrap code as well.
-There are several forms of the command that read (display), install or edit
-the label on a disk.
-Each form has an additional option,
-.Fl r ,
-which causes the label to be read from or written to the disk directly,
-rather than going through the system's in-core copy of the label.
-This option may allow a label to be installed on a disk
-without kernel support for a label, such as when labels are first installed
-on a system; it must be used when first installing a label on a disk.
-The specific effect of
+installs, examines or modifes the label on a disk drive or pack.  When writing
+the label, it can be used to change the drive identification, the disk
+partitions on the drive, or to replace a damaged label.  There are several forms
+of the command that read (display), install or edit the label on a disk.  In
+addition,
+.Nm
+can install bootstrap code.
+.Ss Raw or in-core label
+.Pp
+The disk label is resident close to or at the beginning of each disk partition.
+For faster access, the kernel maintains a copy in core at all times.  By
+default, most
+.Nm
+access the in-core copy of the label.  To access the raw (on-disk) copy, use the
+.Fl r
+option.  This option allows a label to be installed on a disk without kernel
+support for a label, such as when labels are first installed on a system; it
+must be used when first installing a label on a disk.  The specific effect of
 .Fl r
 is described under each command.
-The read and install forms also support the
-.Fl B
-option to install bootstrap code.
-These variants are described later.
 .Pp
-The first form of the command (read) is used to examine the label on the named
-disk drive (e.g. da0 or /dev/rda0c).
-It will display all of the parameters associated with the drive
-and its partition layout.
-Unless the
+.Ss Disk device name
+.Pp
+All 
+.Nm disklabel 
+forms require a disk device name, which should always be the raw
+.if t ``complete'' (or ``c'')
+.if n "complete" (or "c")
+partition, for example
+.Pa /dev/rda0c .
+.Nm
+understands the abbreviation
+.Pa da0 ,
+which it converts internally to
+.Pa /dev/rda0c .
+.Ss Reading the disk label
+.Pp
+To examine or save the label on a disk drive, use
+.Nm 
+without options:
+.Pp
+.Nm disklabel
+.Op Fl r
+.Ar disk
+.Pp
+.Ar disk
+represents the raw disk in question, and may be in the form
+.Pa da0
+or
+.Pa /dev/rda0c .
+It will display all of the parameters associated with the drive and its
+partition layout.  Unless the
 .Fl r
 flag is given,
 the kernel's in-core copy of the label is displayed;
@@ -127,31 +149,35 @@
 the kernel may have constructed or modified the label.
 If the
 .Fl r
-flag is given, the label from the raw disk will be displayed rather
-than the in-core label.
+flag is given, 
+.Nm
+reads the label from the raw disk and displays it.
+.Ss Writing a standard label
+.Pp
+To write a standard label, use the form
 .Pp
-The second form of the command, with the
+.Nm disklabel
 .Fl w
-flag, is used to write a standard label on the designated drive.
+.Op Fl r
+.Ar disk Ar disktype
+.Oo Ar packid Oc
+.Pp
 The required arguments to
 .Nm
-are the drive to be labeled (e.g. da0), and
-the drive type as described in the
-.Xr disktab 5
-file.
-The drive parameters and partitions are taken from that file.
-If different disks of the same physical type are to have different
-partitions, it will be necessary to have separate disktab entries
-describing each, or to edit the label after installation as described below.
-The optional argument is a pack identification string,
-up to 16 characters long.
-The pack id must be quoted if it contains blanks.
-If the
+are the drive to be labeled and the drive type as described in the
+.Pa disktab(5)
+file.  The drive parameters and partitions are taken from that file.  If
+different disks of the same physical type are to have different partitions, it
+will be necessary to have separate disktab entries describing each, or to edit
+the label after installation as described below.  The optional argument is a
+pack identification string, up to 16 characters long.  The pack id must be
+quoted if it contains blanks.  If the
 .Fl r
 flag is given, the disk sectors containing the label and bootstrap
 will be written directly.
 A side-effect of this is that any existing bootstrap code will be overwritten
-and the disk rendered unbootable.
+and the disk rendered unbootable.  See the boot options below for a method of
+writing the label and the bootstrap at the same time.
 If
 .Fl r
 is not specified,
@@ -176,154 +202,315 @@
 .Ar disk
 itself must be provided as the canonical name, i.e. not as a full
 path name.
+.Ss Editing an existing disk label
+.Pp
+To edit an existing disk label, use the form
 .Pp
-An existing disk label may be edited by using the
+.Nm disklabel
 .Fl e
-flag.
-The label is read from the in-core kernel copy,
-or directly from the disk if the
+.Op Fl r
+.Ar disk
+.Pp
+This command reads the label from the in-core kernel copy, or directly from the
+disk if the
 .Fl r
-flag is also given.
-The label is formatted and then supplied to an editor for changes.
-If no editor is specified in an
+flag is also specified.  The label is written to a file in ASCII and then
+supplied to an editor for changes.  If no editor is specified in an
 .Ev EDITOR
 environment variable,
 .Xr vi 1
-is used.
-When the editor terminates, the formatted label is reread
-and used to rewrite the disk label.
-Existing bootstrap code is unchanged regardless of whether
+is used.  When the editor terminates, the label file is used to rewrite the disk
+label.  Existing bootstrap code is unchanged regardless of whether
 .Fl r
 was specified.
+.Ss Restoring a disk label from a file
 .Pp
-With the
+To restore a disk label from a file, use the form
+.Pp
+.Nm disklabel
 .Fl R
-flag,
+.Op Fl r
+.Ar disk Ar protofile
+.Pp
 .Nm
-is capable of restoring a disk label that was formatted
-in a prior operation and saved in an ascii file.
-The prototype file used to create the label should be in the same format
-as that produced when reading or editing a label.
-Comments are delimited by
+is capable of restoring a disk label that was previously saved in a file ASCII.
+The prototype file used to create the label should be in the same format as that
+produced when reading or editing a label.  Comments are delimited by
 .Ar \&#
-and newline.
-As with
-.Fl w ,
-any existing bootstrap code will be clobbered if
+and newline.  As when writing a new label, any existing bootstrap code will be
+clobbered if
 .Fl r
-is specified and will be unaffected otherwise.
+is specified and will be unaffected otherwise.  See the boot options below for a
+method of restoring the label and writing the bootstrap at the same time.
+.Ss Enabling and disabling writing to the disk label area
+.Pp
+By default, it is not possible to write to the disk label area at the beginning
+of a disk.  The disk driver silently ignores any attempt to do so.  If you need
+to write to this area (for example, to obliterate the label), use the form
 .Pp
-The
-.Fl NW
-flags for
-.Nm
-explicitly disallow and
-allow, respectively, writing of the pack label area on the selected disk.
+.Nm disklabel
+.Op Fl W
+.Ar disk
+.Pp
+To disallow writing to the label area after previously allowing it, use the
+command
+.Pp
+.Nm disklabel
+.Op Fl N
+.Ar disk
+.Ss Installing bootstraps
 .Pp
 The final three forms of
 .Nm
-are used to install bootstrap code on machines where the bootstrap is part
-of the label.
-The bootstrap code is comprised of one or two boot programs depending on
-the machine.
-The
+are used to install bootstrap code:
+.Pp
+.Nm disklabel
 .Fl B
-option is used to denote that bootstrap code is to be installed.
-The
-.Fl r
-flag is implied by
+.Oo
+.Fl b Ar boot1
+.Fl s Ar boot2
+.Oc
+.Ar disk
+.Oo Ar disktype Oc
+.Pp
+This form installs the bootstrap only.  It does not change the disk label.
+.Pp
+.Nm disklabel
+.Fl w
+.Fl B
+.Oo
+.Fl b Ar boot1
+.Fl s Ar boot2
+.Oc
+.Ar disk Ar disktype
+.Oo Ar packid Oc
+.Pp
+.if t This form corresponds to the ``write label'' command described above.  
+.if n This form corresponds to the "write label" command described above.  
+In addition to writing a new volume label, it also installs the bootstrap.
+.Pp
+.Nm disklabel
+.Fl R
 .Fl B
-and never needs to be specified.
-The name of the boot program(s) to be installed can be selected in a
-variety of ways.
-First, the names can be specified explicitly via the
+.Oo
+.Fl b Ar boot1
+.Fl s Ar boot2
+.Oc
+.Ar disk Ar protofile
+.Oo Ar disktype Oc
+.Pp
+.if t This form corresponds to the ``restore label'' command described above.  
+.if n This form corresponds to the "restore label" command described above.  
+In addition to restoring the volume label, it also installs the bootstrap.
+.Pp
+The bootstrap commands always access the disk directly, so it is not necessary
+to specify the
+.Fl r
+flag.
+.Pp
+The bootstrap code is comprised of two boot programs.  Specify the name of the
+boot programs to be installed in one of these ways:
+.Bl -enum
+.It
+Specify the names explicitly with the
 .Fl b
 and
 .Fl s
-flags.
-On machines with only a single level of boot program,
-.Fl b
-is the name of that program.
-For machines with a two-level bootstrap,
+flags. 
 .Fl b
 indicates the primary boot program and
 .Fl s
-the secondary boot program.
-If the names are not explicitly given, standard boot programs will be used.
-The boot programs are located in
+the secondary boot program.  The boot programs are located in
 .Pa /boot .
-The names of the programs are taken from the ``b0'' and ``b1'' parameters
-of the
-.Xr disktab 5
-entry for the disk if
+.It
+If the
+.Fl b
+and
+.Fl s
+flags are not specified, but 
 .Ar disktype
-was given and its disktab entry exists and includes those parameters.
-Otherwise, the default boot image names are used, these being:
+was specified, the names of the programs are taken from the 
+.if t ``b0'' and ``b1''
+.if n "b0" and "b1"
+parameters of the
+.Xr disktab 5
+entry for the disk if the disktab entry exists and includes those parameters.
+.It
+Otherwise, the default boot image names are used:
 .Pa /boot/boot1
 and
 .Pa /boot/boot2
 for the standard stage1 and stage2 boot images (details may vary
 on architectures like the Alpha, where only a single-stage boot is used).
-.Pp
-The first of the three boot-installation forms is used to install
-bootstrap code without changing the existing label.
-It is essentially a read command with respect to the disk label
-itself and all options are related to the specification of the boot
-program as described previously.
-The final two forms are analogous to the basic write and restore versions
-except that they will install bootstrap code in addition to a new label.
+.El
 .Sh FILES
 .Bl -tag -width Pa -compact
 .It Pa /etc/disktab
 .It Pa /boot/
 .It Pa /boot/boot<n>
 .El
+.Sh SAVED FILE FORMAT
+.Nm
+uses an ASCII version of the label when examining, editing or restoring a disk
+label.  The format is:
+.Bd -literal -offset 4n
+# /dev/rda1c:
+type: SCSI
+disk: sd0s1
+label: 
+flags:
+bytes/sector: 512
+sectors/track: 51
+tracks/cylinder: 19
+sectors/cylinder: 969
+cylinders: 1211
+sectors/unit: 1173930
+rpm: 3600
+interleave: 1
+trackskew: 0
+cylinderskew: 0
+headswitch: 0           # milliseconds
+track-to-track seek: 0  # milliseconds
+drivedata: 0 
+
+8 partitions:
+#        size   offset    fstype   [fsize bsize bps/cpg]
+  a:    81920        0    4.2BSD     1024  8192    16   # (Cyl.    0 - 84*)
+  b:   160000    81920      swap                        # (Cyl.   84* - 218*)
+  c:  1173930        0    unused        0     0         # (Cyl.    0 - 1211*)
+  h:   962010   211920     vinum                        # (Cyl.  218*- 1211*)
+.Ed
+.Pp
+Lines starting with a # mark are comments.  Most of the other specifications are
+no longer used.  The ones which must still be set correctly are:
+.Pp
+.Bl -hang -width 20n
+.It Nm label
+is an optional label, set by the
+.Ar packid
+option when writing a label.
+.It Nm flags
+Flags may be
+.Ar removable ,
+.Ar ecc 
+or
+.Ar badsect .
+.Ar removable
+is set for removable media drives, but no current FreeBSD driver evaluates this
+flag.
+.Ar ecc
+is no longer supported; 
+.Ar badsect
+specifies that the drive can perform bad sector remapping.
+.It Nm sectors/unit
+describes the total size of the disk.  This value must be correct.
+.It Nm the partition table
+This is the UNIX partition table, not the Microsoft partition table described in
+.Xr fdisk 8 .
+.El
+.Pp
+The partition table can have up to 8 entries.  It contains the following
+information:
+.Bl -hang -width 10n
+.It identifier
+The partition identifier is a single letter in the range
+.Nm a
+to
+.Nm h .
+By convention, partition
+.Nm c
+is reserved to describe the entire disk.
+.It size
+is the size of the partition in sectors.
+.It offset
+is the offset of the start of the partition from the beginning of the drive.
+.It fstype
+describes the purpose of the partition.  The example shows most normal usages.
+For UFS file systems, use type 4.2BSD.  See
+.Pa /usr/include/sys/disklabel.h 
+for a complete list.
+.It fsize
+For file systems only, the fragment size.
+.It bsize
+For file systems only, the block size.
+.It bps/cpg
+For UFS file systems, the number of cylinders in a cylinder group.  For LFS file
+systems, the segment shift value.
+.El
+The remainder of the line is a comment and shows the cylinder allocations based
+on the obsolete (but possibly correct) geometry information about the drive.
+The asterisk (*) indicates that the partition does not begin or end exactly on a
+cylinder boundary.
 .Sh EXAMPLES
 .Dl disklabel da0
 .Pp
-Display the in-core label for da0 as obtained via
+Display the in-core label for 
+.Pa da0
+as obtained via
 .Pa /dev/rda0c .
 .Pp
+.Dl disklabel da0 > savedlabel
+.Pp
+Save the in-core label for 
+.Pa da0
+into the file
+.Pa savedlabel .
+This file can be used with the
+.Fl R
+flag to restore the label at a later date.
+.Pp
 .Dl disklabel -w -r /dev/rda0c da2212 foo
 .Pp
-Create a label for da0 based on information for ``da2212'' found in
+Create a label for 
+.Pa da0
+based on information for
+.if t ``da2212'' found in
+.if n "da2212" found in
 .Pa /etc/disktab .
 Any existing bootstrap code will be clobbered.
 .Pp
 .Dl disklabel -e -r da0
 .Pp
-Read the on-disk label for da0, edit it and reinstall in-core as well
-as on-disk.
-Existing bootstrap code is unaffected.
+Read the on-disk label for 
+.Pa da0 ,
+edit it and reinstall in-core as well as on-disk.  Existing bootstrap code is
+unaffected.
 .Pp
 .Dl disklabel -r -w da0 auto
 .Pp
-Try to auto-detect the required information from da0, and write a new
-label to the disk.  Use another disklabel -e command to edit the
+Try to auto-detect the required information from 
+.Pa da0 ,
+and write a new label to the disk.  Use another disklabel -e command to edit the
 partitioning and file system information.
 .Pp
-.Dl disklabel -R da0 mylabel
+.Dl disklabel -R da0 savedlabel
 .Pp
-Restore the on-disk and in-core label for da0 from information in
-.Pa mylabel .
+Restore the on-disk and in-core label for 
+.Pa da0
+from information in
+.Pa savedlabel .
 Existing bootstrap code is unaffected.
 .Pp
 .Dl disklabel -B da0
 .Pp
-Install a new bootstrap on da0.
+Install a new bootstrap on 
+.Pa da0 .
 The boot code comes from
 .Pa /boot/boot1
 and possibly
 .Pa /boot/boot2 .
 On-disk and in-core labels are unchanged.
 .Pp
-.Dl disklabel -w -B /dev/rda0c -b newboot da2212
+.Dl disklabel -w -B /dev/rda0c -b newboot1 -s newboot da2212
 .Pp
 Install a new label and bootstrap.
-The label is derived from disktab information for ``da2212'' and
+.if t The label is derived from disktab information for ``da2212'' and
+.if n The label is derived from disktab information for "da2212" and
 installed both in-core and on-disk.
-The bootstrap code comes from the file
-.Pa /boot/newboot .
+The bootstrap code comes from the files
+.Pa /boot/newboot1
+and
+.Pa /boot/newboot2 .
 .Sh SEE ALSO
 .Xr disklabel 5 ,
 .Xr disktab 5 ,
@@ -333,17 +520,22 @@
 The kernel device drivers will not allow the size of a disk partition
 to be decreased or the offset of a partition to be changed while it is open.
 Some device drivers create a label containing only a single large partition
-if a disk is unlabeled; thus, the label must be written to the ``a''
-partition of the disk while it is open.
-This sometimes requires the desired label to be set in two steps,
-the first one creating at least one other partition,
-and the second setting the label on the new partition
-while shrinking the ``a'' partition.
+if a disk is unlabeled; thus, the label must be written to the 
+.if t ``a''
+.if n "a"
+partition of the disk while it is open.  This sometimes requires the desired
+label to be set in two steps, the first one creating at least one other
+partition, and the second setting the label on the new partition while shrinking
+the
+.if t ``a''
+.if n "a"
+partition.
 .Pp
 On some machines the bootstrap code may not fit entirely in the area
 allocated for it by some filesystems.
 As a result, it may not be possible to have filesystems on some partitions
-of a ``bootable'' disk.
+.if t of a ``bootable'' disk.
+.if n of a "bootable" disk.
 When installing bootstrap code,
 .Nm
 checks for these cases.
@@ -357,8 +549,8 @@
 will not install bootstrap code that overlaps it.
 .Sh BUGS
 When a disk name is given without a full pathname,
-the constructed device name uses the ``a'' partition on the Tahoe,
-the ``c'' partition on all others.
+.if t the constructed device name uses the ``c'' partition.
+.if n the constructed device name uses the "c" partition.
 .Pp
 For the i386 architecture, the primary bootstrap sector contains
 an embedded
@@ -379,3 +571,7 @@
 table by the dummy one in the bootstrap program.  This is only of
 concern if the disk is fully dedicated, so that the BSD disklabel
 starts at absolute block 0 on the disk.
+.Pp
+.Nm
+does not perform adequate error checking.  No warning is given if partitions
+overlap, nor if space remains unused.
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man8/isdnmonitor.8 man8/isdnmonitor.8
--- /home/horikawa/man-jp/work/fbsd-340r/man/man8/isdnmonitor.8	Mon Dec 20 14:53:25 1999
+++ man8/isdnmonitor.8	Wed Jan  5 23:01:38 2000
@@ -1,41 +1,180 @@
-.\" Copyright (c) 1998 Martin Husemann <martin@rumolt.teuto.de>
-.\" All rights reserved.
+.\"
+.\" Copyright (c) 1999 Hellmuth Michaelis. All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
 .\" 1. Redistributions of source code must retain the above copyright
 .\"    notice, this list of conditions and the following disclaimer.
-.\" 2. The name of the author may not be used to endorse or promote products
-.\"    derived from this software withough specific prior written permission
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.\" $FreeBSD: src/usr.sbin/i4b/isdnmonitor/isdnmonitor.8,v 1.1.2.2 1999/08/29 15:42:02 peter Exp $
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
 .\"
-.\"	last edit-date: [Fri Jan 30 22:49:48 1998]
+.\"	$Id: isdnmonitor.8,v 1.8 1999/12/13 22:11:55 hm Exp $
 .\"
-.\"	-mh	writing manual pages
+.\" $FreeBSD: src/usr.sbin/i4b/isdnmonitor/isdnmonitor.8,v 1.7 1999/12/14 21:07:41 hm Exp $
 .\"
+.\"	last edit-date: [Mon Dec 13 23:04:25 1999]
 .\"
-.Dd April 18, 1998
+.Dd September 25, 1999
 .Dt ISDNMONITOR 8
 .Os
 .Sh NAME
 .Nm isdnmonitor
-.Nd raw sample and test client for isdnd network monitoring
+.Nd isdn4bsd / isdnd remote monitoring tool
+.Sh SYNOPSIS
+.Nm isdnmonitor
+.Op Fl c
+.Op Fl d Ar debuglevel
+.Op Fl f Ar filename
+.Op Fl h Ar hostspec
+.Op Fl l Ar pathname
+.Op Fl p Ar portspec
 .Sh DESCRIPTION
+.Nm Isdnmonitor
+is used to remotely monitor the operation of the isdn demon,
+.Xr isdnd 8 ,
+which manages all ISDN related connection and disconnection of ISDN
+devices supported by the isdn4bsd package.
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl c
+Switch to (curses-) fullscreen mode of operation. In this mode,
+.Nm
+behaves nearly exactly as
+.Xr isdnd 8
+in fullscreen mode. In fullscreen mode, entering the control character
+.Em Control-L
+causes the display to be refreshed and entering
+.Em Carriage-Return
+or
+.Em Enter
+will pop-up a command window. Because
+.Nm
+will not listen to messages while the command window is active,
+this command window will disappear automatically after 5 seconds without
+any command key press.
+.Pp
+While the command window is active,
+.Em Tab
+or
+.Em Space
+advances to the next menu item. To execute a command, press
+.Em Return
+or
+.Em Enter
+for the highlighted menu item, or enter the number corresponding to the
+item to be executed or enter the capitalized character in the menu item
+description.
+.It Fl d
+If debugging support is compiled into
+.Nm isdnmonitor
+this option is used to specify the debugging level.
+.\" The debugging level is the sum of the
+.\" following values:
+.\" .Pp
+.\" .Bl -tag -width Ds -compact -offset indent
+.\" .It Ar 0x001
+.\" general debugging.
+.\" .It Ar 0x002
+.\" rates calculation.
+.\" .It Ar 0x004
+.\" timing calculations.
+.\" .It Ar 0x008
+.\" state transitions.
+.\" .It Ar 0x010
+.\" retry handling.
+.\" .It Ar 0x020
+.\" dialing.
+.\" .It Ar 0x040
+.\" process handling.
+.\" .It Ar 0x080
+.\" isdn4bsd kernel i/o calls.
+.\" .It Ar 0x100
+.\" controller and channel busy/free messages.
+.\" .It Ar 0x200
+.\" isdnmonitor.rc configuration file processing.
+.\" .El
+.\" .Pp
+.\" The value can be specified in any number base supported by the
+.\" .Xr sscanf 3
+.\" library routine.
+.Pp
+In addition, this option accepts also the character 'n' as an argument to
+disable displaying debug messages on the full-screen display.
+.Pp
+.It Fl f
+Specifying this option causes
+.Nm isdnmonitor
+to write its normal output and - if enabled - debugging output to a file
+which name is specified as the argument.
+.It Fl l
+is used to specify a Unix local domain socket name to be used for communication
+between
+.Xr isdnd 8
+and
+.Nm isdnmonitor .
+.It Fl h
+is used to specify a hostname or a dotted-quad IP address of a machine
+where an 
+.Xr isdnd 8
+is running which should be monitored.
+.It Fl p
+This option may be used to specify a remote port number in conjunction
+with the
+.Fl h
+option.
+.El
+
+.Sh ENVIRONMENT
+The following environment variables affect the execution of
+.Nm isdnmonitor :
+.Bl -tag -width Ds
+.It Ev TERM
+The terminal type when running in full-screen display mode.
+See
+.Xr environ 7
+for more information.
+.El
+
+.Sh EXAMPLES
+For a first try, the following command should be used to start
+.Nm
+to monitor a locally running isdnd:
+.Bd -literal -offset indent
+isdnmonitor -h localhost
+.Ed
+.Pp
+
+.Sh DIAGNOSTICS
+Exit status is 0 on success, 1 on error.
+.Pp
+
+.Sh SEE ALSO
+.Xr isdnd 8
+
+.Sh BUGS
+Still one (or) more left.
+
+.Sh AUTHOR
 The
 .Nm
-is not intended for real world use. It will be replaced
-by something with a better user interface as soon as the monitoring
-subsystem is functional.
+utility was written by 
+.An Martin Husemann
+and 
+.An Hellmuth Michaelis .
+This manual page was written by 
+.An Hellmuth Michaelis Aq hm@kts.org .
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man8/routed.8 man8/routed.8
--- /home/horikawa/man-jp/work/fbsd-340r/man/man8/routed.8	Mon Dec 20 14:49:25 1999
+++ man8/routed.8	Wed Jan  5 22:57:50 2000
@@ -1,3 +1,5 @@
+.\" $FreeBSD: src/sbin/routed/routed.8,v 1.15 1999/11/15 02:53:31 kris Exp $
+.\"
 .\" Copyright (c) 1983, 1991, 1993
 .\"	The Regents of the University of California.  All rights reserved.
 .\"
@@ -30,17 +32,19 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     @(#)routed.8	8.2 (Berkeley) 12/11/93
-.\" $FreeBSD: src/sbin/routed/routed.8,v 1.11.2.1 1999/08/29 15:15:31 peter Exp $
+.\"
+.\" $FreeBSD: src/sbin/routed/routed.8,v 1.15 1999/11/15 02:53:31 kris Exp $
 .\"
 .Dd June 1, 1996
 .Dt ROUTED 8
 .Os BSD 4.4
 .Sh NAME
-.Nm routed
+.Nm routed ,
+.Nm rdisc
 .Nd network RIP and router discovery routing daemon
 .Sh SYNOPSIS
 .Nm routed
-.Op Fl sqdghmAt
+.Op Fl sqdghmpAtv
 .Op Fl T Ar tracefile
 .Oo
 .Fl F
@@ -55,7 +59,9 @@
 RIPv2 (RFC\ 1723),
 and Internet Router Discovery Protocol (RFC 1256)
 to maintain the kernel routing table.
-The RIPv1 protocol is based on the reference 4.3BSD daemon.
+The RIPv1 protocol is based on the reference
+.Bx 4.3
+daemon.
 .Pp
 It listens on the
 .Xr udp 4
@@ -116,7 +122,7 @@
 so setting the metric on an interface
 is an effective way to steer traffic.
 .Pp
-Responses do not contain routes with a first hop on the requesting
+Responses do not include routes with a first hop on the requesting
 network to implement in part
 .Em split-horizon .
 Requests from query programs
@@ -152,7 +158,7 @@
 is set to infinity and marked for deletion.
 Deletions are delayed until the route has been advertised with
 an infinite metric to insure the invalidation
-is propagated throughout the local Internet.
+is propagated throughout the local internet.
 This is a form of
 .Em poison reverse .
 .Pp
@@ -180,7 +186,7 @@
 If no response is received on a remote interface, if there are errors
 while sending responses,
 or if there are more errors than input or output (see
-.Xr netstat 8 ),
+.Xr netstat 1 ),
 then the cable or some other part of the interface is assumed to be
 disconnected or broken, and routes are adjusted appropriately.
 .Pp
@@ -189,15 +195,17 @@
 is handled similarly.
 When the daemon is supplying RIP routes, it also listens for
 Router Discovery Solicitations and sends Advertisements.
-When it is quiet and only listening to other RIP routers, it
+When it is quiet and listening to other RIP routers, it
 sends Solicitations and listens for Advertisements.
 If it receives
-a good Advertisement, it stops listening for broadcast or multicast
-RIP responses.
+a good Advertisement and it is not multi-homed,
+it stops listening for broadcast or multicast RIP responses.
 It tracks several advertising routers to speed recovery when the
 currently chosen router dies.
 If all discovered routers disappear,
 the daemon resumes listening to RIP responses.
+It continues listening to RIP while using Router Discovery
+if multi-homed to ensure all interfaces are used.
 .Pp
 The Router Discovery standard requires that advertisements
 have a default "lifetime" of 30 minutes.  That means should
@@ -217,9 +225,7 @@
 redirected host routes in the kernel table.
 On a host with more than one network interface,
 this default route will be via only one of the interfaces.
-Thus, multi-homed hosts running with
-.Fl q
-might need
+Thus, multi-homed hosts running with \f3\-q\f1 might need
 .Cm no_rdisc
 described below.
 .Pp
@@ -238,22 +244,24 @@
 The following options are available:
 .Bl -tag -width indent
 .It Fl s
-Force
+force
 .Nm
 to supply routing information.
 This is the default if multiple network interfaces are present on which
 RIP or Router Discovery have not been disabled, and if the kernel switch
 ipforwarding=1.
 .It Fl q
-Is the opposite of the
+is the opposite of the
 .Fl s
 option.
 This is the default when only one interface is present.
+With this explicit option, the daemon is always in "quite-mode" for RIP
+and does not supply routing information to other computers.
 .It Fl d
-Do not run in the background.
+do not run in the background.
 This option is meant for interactive use.
 .It Fl g
-Used on internetwork routers to offer a route
+used on internetwork routers to offer a route
 to the "default" destination.
 It is equivalent to
 .Fl F
@@ -266,23 +274,23 @@
 in the
 .Pa /etc/gateways
 file.
-Since a larger metric
+since a larger metric
 will be used, reducing the spread of the potentially dangerous
 default route.
 This is typically used on a gateway to the Internet,
 or on a gateway that uses another routing protocol whose routes
 are not reported to other local routers.
 Notice that because a metric of 1 is used, this feature is
-dangerous.  It is more commonly accidentally used to create chaos with routing
-loop than to solve problems.
+dangerous.  It is more commonly accidentally used to create chaos with a
+routing loop than to solve problems.
 .It Fl h
-Cause host or point-to-point routes to not be advertised,
+cause host or point-to-point routes to not be advertised,
 provided there is a network route going the same direction.
 That is a limited kind of aggregation.
 This option is useful on gateways to Ethernets that have other gateway
 machines connected with point-to-point links such as SLIP.
 .It Fl m
-Cause the machine to advertise a host or point-to-point route to
+cause the machine to advertise a host or point-to-point route to
 its primary interface.
 It is useful on multi-homed machines such as NFS servers.
 This option should not be used except when the cost of
@@ -296,20 +304,14 @@
 .Fl q
 option to the limited extent of advertising the host route.
 .It Fl A
-Do not ignore RIPv2 authentication if we do not care about RIPv2
+do not ignore RIPv2 authentication if we do not care about RIPv2
 authentication.
 This option is required for conformance with RFC 1723.
 However, it makes no sense and breaks using RIP as a discovery protocol
 to ignore all RIPv2 packets that carry authentication when this machine
 does not care about authentication.
-.It Fl T Ar tracefile
-Increase the debugging level to at least 1 and
-causes debugging information to be appended to the trace file.
-Note that because of security concerns, it is wisest to not run
-.Nm
-routinely with tracing directed to a file.
 .It Fl t
-Increase the debugging level, which causes more information to be logged
+increase the debugging level, which causes more information to be logged
 on the tracefile specified with
 .Fl T
 or standard out.
@@ -321,8 +323,16 @@
 signals or with the
 .Xr rtquery 8
 command.
+.It Fl T Ar tracefile
+increases the debugging level to at least 1 and
+causes debugging information to be appended to the trace file.
+Note that because of security concerns, it is wisest to not run
+.Nm
+routinely with tracing directed to a file.
+.It Fl v
+display and logs the version of daemon.
 .It Fl F Ar net[/mask][,metric]
-Minimize routes in transmissions via interfaces with addresses that match
+minimize routes in transmissions via interfaces with addresses that match
 .Em net/mask ,
 and synthesizes a default route to this machine with the
 .Em metric .
@@ -333,7 +343,6 @@
 .Em metric
 is absent, a value of 14 is assumed to limit
 the spread of the "fake" default route.
-
 This is a dangerous feature that when used carelessly can cause routing
 loops.
 Notice also that more than one interface can match the specified network
@@ -341,7 +350,7 @@
 See also
 .Fl g .
 .It Fl P Ar parms
-Is equivalent to adding the parameter
+is equivalent to adding the parameter
 line
 .Em parms
 to the
@@ -397,10 +406,12 @@
 Such gateways can be useful on media that do not support broadcasts
 or multicasts but otherwise act like classic shared media like
 Ethernets such as some ATM networks.
-One can list all RIP routers reachable on the ATM network in
+One can list all RIP routers reachable on the HIPPI or ATM network in
 .Pa /etc/gateways
 with a series of
 "host" lines.
+Note that it is usually desirable to use RIPv2 in such situations
+to avoid generating lists of inferred host routes.
 .Pp
 Gateways marked
 .Em external
@@ -409,7 +420,7 @@
 The function of external entries is to indicate
 that another routing process
 will install such a route if necessary,
-and that alternate routes to that destination should not be installed
+and that other routes to that destination should not be installed
 by
 .Nm Ns .
 Such entries are only required when both routers may learn of routes
@@ -418,7 +429,8 @@
 The
 .Pa /etc/gateways
 file is comprised of a series of lines, each in
-one of the following formats or consist of parameters described below:
+one of the following two formats or consist of parameters described later.
+Blank lines and lines starting with '#' are comments.
 .Pp
 .Bd -ragged
 .Cm net
@@ -488,6 +500,15 @@
 .Cm external
 to the scope of the RIP protocol.
 .Pp
+As can be seen when debugging is turned on with
+.Fl t ,
+such lines create pseudo-interfaces.
+To set parameters for remote or external interfaces,
+a line starting with
+.Cm if=alias(Hname) ,
+.Cm if=remote(Hname) ,
+etc. should be used.
+.Pp
 Lines that start with neither "net" nor "host" must consist of one
 or more of the following parameter settings, separated by commas or
 blanks:
@@ -504,14 +525,21 @@
 and the supplied metric (default 1).
 This is useful for filling "holes" in CIDR allocations.
 This parameter must appear by itself on a line.
+The network number must specify a full, 32-bit value, as in 192.0.2.0
+instead of 192.0.2.
 .Pp
 Do not use this feature unless necessary.  It is dangerous.
-.It Cm passwd Ns \&= Ns Ar XXX
-specifies a RIPv2 password that will be included on all RIPv2
-responses sent and checked on all RIPv2 responses received.
-The password must not contain any blanks, tab characters, commas
-or '#' characters.
-.It Cm passwd Ns \&= Ns Ar XXX1[|KeyID[start|stop]]
+.It Cm ripv1_mask Ns \&= Ns Ar nname/mask1,mask2
+specifies that netmask of the network of which
+.Cm nname/mask1\f1
+is
+a subnet should be
+.Cm mask2 .
+For example \f2ripv1_mask=192.0.2.16/28,27\f1 marks 192.0.2.16/28
+as a subnet of 192.0.2.0/27 instead of 192.0.2.0/24.
+It is better to turn on RIPv2 instead of using this facility, for example
+with \f2ripv2_out\f1.
+.It Cm passwd Ns \&= Ns Ar XXX[|KeyID[start|stop]]
 specifies a RIPv2 cleartext password that will be included on
 all RIPv2 responses sent, and checked on all RIPv2 responses received.
 Any blanks, tab characters, commas, or '#', '|', or NULL characters in the
@@ -533,15 +561,15 @@
 no password is output.
 Incoming packets can carry any password that is valid, will
 be valid within 24 hours, or that was valid within 24 hours.
-.It Cm md5_passwd Ns \&= Ns Ar XXX1|KeyID[start|stop]
+To protect the secrets, the passwd settings are valid only in the
+.Em /etc/gateways
+file and only when that file is readable only by UID 0.
+.It Cm md5_passwd Ns \&= Ns Ar XXX|KeyID[start|stop]
 specifies a RIPv2 MD5 password.
 Except that a
 .Cm KeyID
 is required, this keyword is similar to
 .Cm passwd .
-To protect the secrets, this parameter setting is valid only in the
-.Pa /etc/gateways
-file and only when that file is readable only by UID 0.
 .It Cm no_ag
 turns off aggregation of subnets in RIPv1 and RIPv2 responses.
 .It Cm no_super_ag
@@ -563,18 +591,21 @@
 causes
 .Nm
 to act as a client router discovery daemon, not advertising.
+.It Cm no_rip_mcast
+causes RIPv2 packets to be broadcast instead of multicast.
 .It Cm no_ripv1_in
 causes RIPv1 received responses to be ignored.
 .It Cm no_ripv2_in
 causes RIPv2 received responses to be ignored.
 .It Cm ripv2_out
-turns off RIPv1 output and causes RIPv2 advertisements to be
+turns on RIPv2 output and causes RIPv2 advertisements to be
 multicast when possible.
 .It Cm ripv2
 is equivalent to
 .Cm no_ripv1_in
 and
 .Cm no_ripv1_out .
+This enables RIPv2.
 .It Cm no_rdisc
 disables the Internet Router Discovery Protocol.
 .It Cm no_solicit
@@ -593,8 +624,12 @@
 specifies that Router Discovery packets should be broadcast instead of
 multicast.
 .It Cm rdisc_pref Ns \&= Ns Ar N
-sets the preference in Router Discovery Advertisements to the integer
+sets the preference in Router Discovery Advertisements to the optionally
+signed integer
 .Ar N .
+The default preference is 0.
+Default routes with smaller or more negative preferences are preferred by
+clients.
 .It Cm rdisc_interval Ns \&= Ns Ar N
 sets the nominal interval with which Router Discovery Advertisements
 are transmitted to N seconds and their lifetime to 3*N.
@@ -612,15 +647,17 @@
 .Cm fake_default ,
 the default route is broadcast with a metric of 14.
 That serves as a "poor man's router discovery" protocol.
-.It Cm trust_gateway Ns \&= Ns Ar rname
+.It Cm trust_gateway Ns \&= Ns Ar rname[|net1/mask1|net2/mask2|...]
 causes RIP packets from that router and other routers named in
 other
 .Cm trust_gateway
-keywords to be accept, and packets from other routers to be ignored.
+keywords to be accepted, and packets from other routers to be ignored.
+If networks are specified, then routes to other networks will be ignored
+from that router.
 .It Cm redirect_ok
 causes RIP to allow ICMP Redirect messages when the system is acting
 as a router and forwarding packets.
-Otherwise, ICMP Redirect messages are are overridden.
+Otherwise, ICMP Redirect messages are overridden.
 .El
 .Pp
 .Sh FILES
@@ -631,16 +668,15 @@
 .Sh SEE ALSO
 .Xr icmp 4 ,
 .Xr udp 4 ,
-.Xr gated 8 ,
-.Xr rtquery 8
+.Xr rtquery 8 .
 .Rs
 .%T Internet Transport Protocols
 .%R XSIS 028112
 .%Q Xerox System Integration Standard
 .Re
 .Sh BUGS
-It does not always detect unidirectional failures in network interfaces
-(e.g., when the output side fails).
+It does not always detect unidirectional failures in network interfaces,
+for example, when the output side fails.
 .Sh HISTORY
 The
 .Nm
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man8/vinum.8 man8/vinum.8
--- /home/horikawa/man-jp/work/fbsd-340r/man/man8/vinum.8	Mon Dec 20 14:49:33 1999
+++ man8/vinum.8	Wed Jan  5 22:57:55 2000
@@ -34,9 +34,10 @@
 .\" otherwise) arising in any way out of the use of this software, even if
 .\" advised of the possibility of such damage.
 .\"
-.\" $FreeBSD: src/sbin/vinum/vinum.8,v 1.5.2.11 1999/09/22 01:32:20 grog Exp $
+.\" $Id: vinum.8,v 1.13 2000/01/03 03:12:56 grog Exp grog $
+.\" $FreeBSD: src/sbin/vinum/vinum.8,v 1.32 2000/01/05 05:59:08 grog Exp $
 .\"
-.Dd 28 March 1999
+.Dd 13 October 1999
 .Dt vinum 8
 .Os
 .Sh NAME
@@ -90,16 +91,18 @@
 .in
 .Cd info
 .Op Fl v
+.Op Fl V
 .in +1i
 List information about volume manager state.
 .in
 .Cd init
+.Op Fl S Ar size
 .Op Fl v
 .Op Fl w
-.Ar plex
+.Ar plex | subdisk
 .in +1i
 .\" XXX
-Initialize a plex by writing zeroes to all its subdisks.
+Initialize the contents of a subdisk or all the subdisks of a plex to all zeros.
 .in
 .Cd label
 .Ar volume
@@ -176,6 +179,12 @@
 .in +1i
 Create a mirrored volume from the specified drives.
 .in
+.Cd mv Fl f Ar drive Ar object ...
+.br
+.Cd move Fl f Ar drive Ar object ...
+.in +1i
+Move the object(s) to the specified drive.
+.in
 .Cd printconfig
 .Op Pa file
 .in +1i
@@ -203,16 +212,16 @@
 .Ar newname
 .in +1i
 Change the name of the specified object.
+.in
 .ig
 XXX
-.in
 .Cd replace
-.Ar [ subdisk | plex ]
-.Ar newobject
-.in +1i
-Replace the object with an identical other object.  XXX not implemented yet.
-..
+.Ar drive
+.Ar newdrive
+.in +1i 
+Move all the subdisks from the specified drive onto the new drive.
 .in
+..
 .Cd rebuildparity Ar plex
 .in +1i
 Rebuild the parity blocks of a RAID-5 plex.
@@ -269,8 +278,9 @@
 Read configuration from all vinum drives.
 .in
 .Cd start
+.Op Fl S Ar size
 .Op Fl w
-.Op volume | plex | subdisk
+volume | plex | subdisk
 .in +1i
 Allow the system to access the objects
 .in
@@ -358,12 +368,23 @@
 option is used by the list commands to display statistical information.  The
 .Nm mirror
 command also uses this flag to specify that it should create striped plexes.
+.It Fl S Ar size
+The
+.Fl S
+option specifies the transfer size for the
+.Nm init
+and
+.Nm start
+commands.
 .It Fl v
 The
 .Fl v
 .if t (``verbose'')
 .if n ("verbose")
-option can be used to request more detailed information.
+option can be used to request more detailed information.  This flag also means
+``verify'' for the
+.Nm init
+command.
 .It Fl V
 The
 .Fl V
@@ -549,7 +570,7 @@
 .It DEBUG_RESID (4)
 .br
 Go into debugger in
-.Fd complete_rqe.
+.Fn complete_rqe.
 .It DEBUG_LASTREQS (8)
 .br
 Keep a circular buffer of last requests.
@@ -744,20 +765,30 @@
 for the range lock.
 .El
 .\" XXX
-.It Nm init Op Fl w
-.Ar plex
+.It Nm init Op Fl S 
+.Ar size Op Fl v 
+.Op Fl w
+.Ar plex | subdisk
 .Pp
 .Nm
 .Ar init
-initializes a plex by writing zeroes to all its subdisks.  This is the only way
-to ensure consistent data in a plex.  You must perform this initialization
-before using a RAID-5 plex.  It is also recommended for other new plexes.
+initializes a subdisk by writing zeroes to it.  You can initialize all subdisks
+in a plex by specifying the plex name.  This is the only way to ensure
+consistent data in a plex.  You must perform this initialization before using a
+RAID-5 plex.  It is also recommended for other new plexes.
 .Nm
 initializes all subdisks of a plex in parallel.  Since this operation can take a
 long time, it is normally performed in the background.  If you want to wait for
 completion of the command, use the
 .Fl w
 (wait) option.
+.Pp
+Specify the
+.Fl S
+option if you want to write blocks of a different size from the default value of
+16 kB.  Specify the
+.Fl v
+if you want to confirm that the initialization is correct.
 .Nm
 prints a console message when the initialization is complete.
 .It Nm label
@@ -919,6 +950,18 @@
 .Pp
 See the section SIMPLIFIED CONFIGURATION below for some examples of this
 command.
+.It Nm mv Fl f Ar drive Ar object ...
+.It Nm move Fl f Ar drive Ar object ...
+.Pp
+Move all the subdisks from the specified objects onto the new drive.  The
+objects may be subdisks, drives or plexes.  When drives or plexes are specified,
+all subdisks associated with the object are moved.
+.Pp
+The
+.Fl f
+option is required for this function, since it currently does not preserve the
+data in the subdisk.  This functionality will be added at a later date.  In this
+form, however, it is suited to recovering a failed disk drive.
 .It Nm printconfig Op Pa file
 Write a copy of the current configuration to
 .Pa file
@@ -985,12 +1028,17 @@
 option is specified, subordinate objects will be named by the default rules:
 plex names will be formed by appending .p\f(BInumber\fP to the volume name, and
 subdisk names will be formed by appending .s\f(BInumber\fP to the plex name.
+.ig
 .It Nm replace
-.Ar [ subdisk | plex ]
-.Ar newobject
+.Ar drive
+.Ar newdrive
 .Pp
-Replace the object with an identical other object.  This command has not yet
-been implemented.
+Move all the subdisks from the specified drive onto the new drive.  This will
+attempt to recover those subdisks that can be recovered, and create the others
+from scratch.  If the new drive lacks the space for this operation, as many
+subdisks as possible will be fitted onto the drive, and the rest will be left on
+the original drive.
+..
 .It Nm resetconfig
 .Pp
 The
@@ -1110,6 +1158,7 @@
 and should be used only for recovery purposes.  It is possible to crash the
 system by incorrect use of this command.
 .It Nm start
+.Op Fl S Ar size
 .Op Fl w
 .Op volume | plex | subdisk
 .Pp
@@ -1207,7 +1256,6 @@
 .Nm start
 currently has no effect: it checks the state of the subordinate subdisks (and
 plexes in the case of a volume) and sets the state of the object accordingly.
-In a later version, this operation will cause the subdisks
 .Pp
 To start a plex in a multi-plex volume, the data must be copied from another
 plex in the volume.  Since this frequently takes a long time, it is normally
@@ -1215,6 +1263,13 @@
 example, if you are performing this operation in a script), use the
 .Fl w
 flag.
+.Pp
+Copying data doesn't just take a long time, it can also place a significant load
+on the system.  You can specify the transfer size with the
+.Fl S
+flag.  A future change to
+.Nm
+will allow a pause between each block to lessen the load on the system.
 .It Nm stop
 .Op Fl f
 .Op volume | plex | subdisk
@@ -1794,7 +1849,7 @@
 .Pa /dev/da0
 and
 .Pa /dev/da0s1 ,
-both of which represent a device, not a partition,
+both of which represent a device, not a partition, and
 .Pa /dev/wd1c ,
 which represents a complete disk and should be of type
 .Nm unused .
@@ -2286,7 +2341,7 @@
 Note the name
 .Pa rmirror ,
 indicating the raw device.
-.Sh Other considerations
+.Ss Other considerations
 A number of other considerations apply to
 .Nm
 configuration:
@@ -2302,6 +2357,48 @@
 Currently the size of an existing UFS file system also cannot be increased, but
 it is planned to make both plexes and file systems extensible.
 .El
+.Sh STATE MANAGEMENT
+Vinum objects have the concept of
+.Em state .
+See
+.Xr vinum 4
+for more details.  They are only completely accessible if their state is
+.Em up .
+To change an object state to
+.Em up ,
+use the
+.Nm start
+command.  To change an object state to
+.Em down ,
+use the
+.Nm stop
+command.  Normally other states are created automatically by the relationship
+between objects.  For example, if you add a plex to a volume, the subdisks of
+the plex will be set in the
+.Em stale
+state, indicating that, though the hardware is accessible, the data on the
+subdisk is invalid.  As a result of this state, the plex will be set in the
+.Em faulty
+state.
+.Ss The 'reviving' state
+In many cases, when you start a subdisk the system must copy data to the
+subdisk.  Depending on the size of the subdisk, this can take a long time.
+During this time, the subdisk is set in the
+.Em reviving 
+state.  On successful completion of the copy operation, it is automatically set
+to the
+.Em up
+state.  It is possible for the process performing the revive to be stopped and
+restarted.  The system keeps track of how far the subdisk has been revived, and
+when the
+.Nm start
+command is reissued, the copying continues from this point.
+.Pp
+In order to maintain the consistency of a volume while one or more of its plexes
+is being revived,
+.Nm
+writes to subdisks which have been revived up to the point of the write.  It may
+also read from the plex if the area being read has already been revived.
 .Sh GOTCHAS
 The following points are not bugs, and they have good reasons for existing, but
 they have shown to cause confusion.  Each is discussed in the appropriate
@@ -2478,7 +2575,7 @@
 The
 .Nm
 command first appeared in
-.Fx 3.0.
+.Fx 3.0 .
 The RAID-5 component of
 .Nm
 was developed for Cybernet Inc. 
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man8/vnconfig.8 man8/vnconfig.8
--- /home/horikawa/man-jp/work/fbsd-340r/man/man8/vnconfig.8	Mon Dec 20 14:53:07 1999
+++ man8/vnconfig.8	Wed Jan  5 23:01:25 2000
@@ -35,6 +35,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     @(#)vnconfig.8	8.1 (Berkeley) 6/5/93
+.\" $FreeBSD: src/usr.sbin/vnconfig/vnconfig.8,v 1.12 1999/09/21 01:03:10 dillon Exp $
 .\"
 .Dd July 8, 1993
 .Dt VNCONFIG 8
@@ -45,9 +46,10 @@
 .Sh SYNOPSIS
 .Nm vnconfig
 .Op Fl cdeguv
-.Op Fl s Ar option
-.Op Fl r Ar option
-.Ar special_file Ar regular_file
+.Op Fl s Ar option[,option...]
+.Op Fl r Ar option[,option...]
+.Op Fl S Ar value
+.Ar special_file Ar [regular_file]
 .Op Ar feature
 .Nm vnconfig
 .Fl a 
@@ -65,7 +67,10 @@
 .Ar regular_file
 allowing the latter to be accessed as though it were a disk.
 Hence a regular file within the filesystem can be used for swapping
-or can contain a filesystem that is mounted in the name space.
+or can contain a filesystem that is mounted in the name space.  If you
+want to use swap backing store for your device instead of a file, you
+can leave regular_file out and specify the size of the block device
+with the -S option.
 .Pp
 Options indicate an action to be performed:
 .Bl -tag -width indent
@@ -101,6 +106,15 @@
 .Bl -tag -width "follow"
 .It Ar labels 
 use disk/slice labels.
+.It Ar reserve 
+Pre-reserve the blocks underlying the file or swap backing store.  Currently only
+works for swap backing store.  This option also disables on-the-fly freeing of 
+the underlying backing store (for example, when you remove a large file). 
+Use this option if you wish to avoid long-term fragmentation of the backing
+store.  Also note that when this option is used, the initial contents of the
+backing store may contain garbage rather then zeros.  It may even be possible to
+recover the prior contents of a swap-backed VN across a reboot if the VN device
+is configured before any swap is allocated by the system.
 .It Ar follow 
 debug flow in the 
 .Xr vn 4
@@ -124,6 +138,22 @@
 The list of allowed flags and their meanings are the same as for the
 .Fl r
 option.
+.It Fl S Ar value{k,m,g,t}
+If no regular file is specified, VN will use swap for backing store.
+This option specifies the size of the device.  For example, '23m' for
+23 megabytes.  The VN device will round the size up to a machine page boundry.
+Filesystems up to 7.9 terrabytes are supported.  When specified along with
+a regular file, this option overrides the regular file's size insofar as
+VN is concerned.
+.It Fl T
+When a regular file is specified, VN will ftruncate() the file to 0 first.
+Normally you should also specify the -S option to set the size of the file.
+This option also creates the file if it did not previously exist.
+This option is only meaningful if the -S option has been specified.
+.It Fl Z
+When a regular file is specified, VN will zero the contents of the file to
+ensure that all blocks have been allocated by the filesystem.  This option is
+only meaningful if the -S option has been specified.
 .It Fl u
 Disable and ``unconfigure'' the device.
 .It Fl v
@@ -175,18 +205,18 @@
 .El
 .Sh EXAMPLES
 .Pp
-.Dl vnconfig /dev/vn0c /tmp/diskimage
+.Dl vnconfig vn0c /tmp/diskimage
 .Pp
 Configures the vnode disk
 .Pa vn0c .
 .Pp
-.Dl vnconfig -e /dev/vn0c /var/swapfile swap
+.Dl vnconfig -e vn0c /var/swapfile swap
 .Pp
 Configures
 .Pa vn0c
 and enables swapping on it.
 .Pp
-.Dl vnconfig -d /dev/vn0c myfilesystem mount=/mnt
+.Dl vnconfig -d vn0c myfilesystem mount=/mnt
 .Pp
 Unmounts (disables)
 .Pa vn0c .
@@ -195,6 +225,34 @@
 .Pp
 Configures and enables all devices specified in
 .Pa /etc/vntab .
+.Pp
+.Dl vnconfig -s labels -c vn0 somebackingfile
+.Dl disklabel -r -w vn0 auto
+.Dl disklabel -e vn0
+.Pp
+Is an example of how to configure a file-backed VN disk with a disk label 
+and to initialize and then edit the label.  Once you create the label, you
+can partition your VN disk and, for example, create a filesystem on one of
+the partitions.  If you are using a file as backing store, it may be possible
+to recover your VN disk after a crash by vnconfig'ing the same file again
+and using the VN configuration already stored in the file rather then 
+relabeling and recreating the filesystem.  It is even possible to fsck the
+VN partitions that previously contained filesystems.
+.Pp
+.Dl vnconfig -e -s labels,reserve -S 400m vn0
+.Dl disklabel -r -w vn1 auto
+.Dl newfs /dev/rvn1c
+.Dl mount /dev/vn1c /usr/obj
+.Pp
+Is an example of a swap-backed VN disk configuration.  This example assumes
+that you have at least 400 megabytes of swap free (and hopefully much more).
+The swap space is pre-reserved in order to maintain maximum performance.
+We then label the disk, newfs it, and mount it as /usr/obj.  Swap-backed VN
+devices are recoverable after a crash if you (A) use the reserve flag, and if
+(B) the same swap is reserved as was the last time, meaning that such 
+vnconfig's would have to be run in your rc.local.  In general, though, you
+only use swap-backed VN devices to hold information you don't mind losing
+on every reboot.
 .Sh SEE ALSO
 .Xr mount 2 ,
 .Xr swapon 2 ,
diff -urNP /home/horikawa/man-jp/work/fbsd-340r/man/man8/zic.8 man8/zic.8
--- /home/horikawa/man-jp/work/fbsd-340r/man/man8/zic.8	Mon Dec 20 14:53:15 1999
+++ man8/zic.8	Wed Jan  5 23:01:29 2000
@@ -1,3 +1,4 @@
+.\" $FreeBSD: src/usr.sbin/zic/zic.8,v 1.10 1999/08/28 01:21:20 peter Exp $
 .Dd
 .Dt ZIC 8
 .Os
@@ -6,12 +7,14 @@
 .Nd timezone compiler
 .Sh SYNOPSIS
 .Nm zic
-.Op Fl v
+.Op Fl Dsv
 .Op Fl d Ar directory
+.Op Fl g Ar group
+.Op Fl L Ar leapsecondfilename
 .Op Fl l Ar localtime
+.Op Fl m Ar mode
 .Op Fl p Ar posixrules
-.Op Fl L Ar leapsecondfilename
-.Op Fl s
+.Op Fl u Ar user
 .Op Fl y Ar command
 .Op Ar filename ...
 .Sh DESCRIPTION
@@ -26,18 +29,47 @@
 .Pp
 The following options are available:
 .Bl -tag -width indent
+.It Fl D
+Do not automatically create directories.  If the input file(s) specify
+an output file in a directory which does not already exist, the
+default behavior is to attempt to create the directory.  If
+.Fl D
+is specified,
+.Nm zic
+will instead error out immediately.
 .It Fl d Ar directory
 Create time conversion information files in the named directory rather than
 in the standard directory named below.
-.It Fl l  Ar timezone
+.It Fl g Ar group
+After creating each output file, change its group ownership to the
+specified
+.Ar group
+(which can be either a name or a numeric group ID).
+.It Fl L Ar leapsecondfilename
+Read leap second information from the file with the given name.
+If this option is not used,
+no leap second information appears in output files.
+.It Fl l Ar timezone
 Use the given
 .Ar time zone
 as local time.
 .Nm Zic
 will act as if the input contained a link line of the form
-.sp
-.ti +.5i
-Link	\fItimezone\fP		localtime
+.Bd -literal -offset indent
+Link	timezone		localtime
+.Ed
+(Note that this action has no effect on
+.Fx ,
+since the local time zone is specified in
+.Pa /etc/localtime
+and not
+.Pa /usr/share/zoneinfo/localtime . )
+.It Fl m Ar mode
+After creating each output file, change its access mode to
+.Ar mode .
+Both numeric and alphabetic modes are accepted
+(see
+.Xr chmod 1 ) .
 .It Fl p Ar timezone
 Use the given
 .Ar "time zone" Ns 's
@@ -45,13 +77,13 @@
 time zone environment variables.
 .Nm Zic
 will act as if the input contained a link line of the form
-.sp
-.ti +.5i
-Link	\fItimezone\fP		posixrules
-.It Fl L Ar leapsecondfilename
-Read leap second information from the file with the given name.
-If this option is not used,
-no leap second information appears in output files.
+.Bd -literal -offset indent
+Link	timezone		posixrules
+.Ed
+.It Fl u Ar user
+After creating each output file, change its owner to
+.Ar user
+(which can be either a name or a numeric user ID).
 .It Fl v
 Complain if a year that appears in a data file is outside the range
 of years representable by
@@ -80,21 +112,13 @@
 Non-blank lines are expected to be of one of three types:
 rule lines, zone lines, and link lines.
 .Pp
-A rule line has the form
-.nf
-.ti +.5i
-.ta \w'Rule\0\0'u +\w'NAME\0\0'u +\w'FROM\0\0'u +\w'1973\0\0'u +\w'TYPE\0\0'u +\w'Apr\0\0'u +\w'lastSun\0\0'u +\w'2:00\0\0'u +\w'SAVE\0\0'u
-.sp
-Rule	NAME	FROM	TO	TYPE	IN	ON	AT	SAVE	LETTER/S
-.sp
+A rule line has the form:
+.Dl Rule	NAME	FROM	TO	TYPE	IN	ON		AT	SAVE	LETTER/S
 For example:
-.ti +.5i
-.sp
-Rule	US	1967	1973	\-	Apr	lastSun	2:00	1:00	D
-.sp
-.fi
+.Dl Rule	US	1967	1973	\-	Apr	lastSun	2:00	1:00	D
+.Pp
 The fields that make up a rule line are:
-.Bl -tag -width indent
+.Bl -tag -width "LETTER/S" -offset indent
 .It NAME
 Give the (arbitrary) name of the set of rules this rule is part of.
 .It FROM
@@ -138,9 +162,7 @@
 is something else, then
 .Nm
 executes the command
-.ti +.5i
-\fByearistype\fP \fIyear\fP \fItype\fP
-.br
+.Li yearistype Ar year Ar type
 to check the type of a year:
 an exit status of zero is taken to mean that the year is of the given type;
 an exit status of one is taken to mean that the year is not of the given type.
@@ -150,18 +172,20 @@
 .It ON
 Give the day on which the rule takes effect.
 Recognized forms include:
-.nf
-.in +.5i
-.sp
-.ta \w'Sun<=25\0\0'u
-5	the fifth of the month
-lastSun	the last Sunday in the month
-lastMon	the last Monday in the month
-Sun>=8	first Sunday on or after the eighth
-Sun<=25	last Sunday on or before the 25th
-.fi
-.in -.5i
-.sp
+.Pp
+.Bl -tag -width lastSun -compact -offset indent
+.It \&5
+the fifth of the month
+.It lastSun
+the last Sunday in the month
+.It lastMon
+the last Monday in the month
+.It Sun>=8
+first Sunday on or after the eighth
+.It Sun<=25
+last Sunday on or before the 25th
+.El
+.Pp
 Names of days of the week may be abbreviated or spelled out in full.
 Note that there must be no spaces within the
 .Em ON
@@ -169,31 +193,34 @@
 .It AT
 Give the time of day at which the rule takes effect.
 Recognized forms include:
-.nf
-.in +.5i
-.sp
-.ta \w'1:28:13\0\0'u
-2	time in hours
-2:00	time in hours and minutes
-15:00	24-hour format time (for times after noon)
-1:28:14	time in hours, minutes, and seconds
-.fi
-.in -.5i
-.sp
+.Pp
+.Bl -tag -width "1:28:14" -offset indent -compact
+.It 2
+time in hours
+.It 2:00
+time in hours and minutes
+.It 15:00
+24-hour format time (for times after noon)
+.It 1:28:14
+time in hours, minutes, and seconds
+.El
+.Pp
+where hour 0 is midnight at the start of the day,
+and hour 24 is midnight at the end of the day.
 Any of these forms may be followed by the letter
-.Em w
+.Sq Li w
 if the given time is local
 .Dq "wall clock"
 time,
-.Em s
+.Sq Li s
 if the given time is local
 .Dq standard
 time, or
-.Em u
+.Sq Li u
 (or
-.Em g
+.Sq Li g
 or
-.Em z )
+.Sq Li z )
 if the given time is universal time;
 in the absence of an indicator,
 wall clock time is assumed.
@@ -204,9 +231,9 @@
 .Em AT
 field
 (although, of course, the
-.Em w
+.Sq Li w
 and
-.Em s
+.Sq Li s
 suffixes are not used).
 .It LETTER/S
 Give the
@@ -225,19 +252,10 @@
 the variable part is null.
 .El
 .Pp
-A zone line has the form
-.sp
-.nf
-.ti +.5i
-.ta \w'Zone\0\0'u +\w'Australia/Adelaide\0\0'u +\w'GMTOFF\0\0'u +\w'RULES/SAVE\0\0'u +\w'FORMAT\0\0'u
-Zone	NAME	GMTOFF	RULES/SAVE	FORMAT	[UNTIL]
-.sp
+A zone line has the form:
+.Dl Zone	NAME	GMTOFF	RULES/SAVE	FORMAT	[UNTIL]
 For example:
-.sp
-.ti +.5i
-Zone	Australia/Adelaide	9:30	Aus	CST	1971 Oct 31 2:00
-.sp
-.fi
+.Dl Zone	Australia/Adelaide	9:30	Aus	CST	1971 Oct 31 2:00
 The fields that make up a zone line are:
 .Bl -tag -width indent
 .It NAME
@@ -245,13 +263,13 @@
 This is the name used in creating the time conversion information file for the
 zone.
 .It GMTOFF
-The amount of time to add to GMT to get standard time in this zone.
+The amount of time to add to UTC to get standard time in this zone.
 This field has the same format as the
 .Em AT
 and
 .Em SAVE
 fields of rule lines;
-begin the field with a minus sign if time must be subtracted from GMT.
+begin the field with a minus sign if time must be subtracted from UTC.
 .It RULES/SAVE
 The name of the rule(s) that apply in the time zone or,
 alternately, an amount of time to add to local standard time.
@@ -269,11 +287,14 @@
 a slash (/)
 separates standard and daylight abbreviations.
 .It UNTIL
-The time at which the GMT offset or the rule(s) change for a location.
+The time at which the UTC offset or the rule(s) change for a location.
 It is specified as a year, a month, a day, and a time of day.
 If this is specified,
-the time zone information is generated from the given GMT offset
+the time zone information is generated from the given UTC offset
 and rule change until the time specified.
+The month, day, and time of day have the same format as the IN, ON, and AT
+columns of a rule; trailing columns can be omitted, and default to the
+earliest possible value for the missing columns.
 .Pp
 The next line must be a
 .Dq continuation
@@ -291,18 +312,9 @@
 .El
 .Pp
 A link line has the form
-.sp
-.nf
-.ti +.5i
-.ta \w'Link\0\0'u +\w'Europe/Istanbul\0\0'u
-Link	LINK-FROM	LINK-TO
-.sp
+.Dl Link	LINK-FROM	LINK-TO
 For example:
-.sp
-.ti +.5i
-Link	Europe/Istanbul	Asia/Istanbul
-.sp
-.fi
+.Dl Link	Europe/Istanbul	Asia/Istanbul
 The
 .Em LINK-FROM
 field should appear as the
@@ -316,18 +328,9 @@
 lines may appear in any order in the input.
 .Pp
 Lines in the file that describes leap seconds have the following form:
-.nf
-.ti +.5i
-.ta \w'Leap\0\0'u +\w'YEAR\0\0'u +\w'MONTH\0\0'u +\w'DAY\0\0'u +\w'HH:MM:SS\0\0'u +\w'CORR\0\0'u
-.sp
-Leap	YEAR	MONTH	DAY	HH:MM:SS	CORR	R/S
-.sp
+.Dl Leap	YEAR	MONTH	DAY	HH:MM:SS	CORR	R/S
 For example:
-.ti +.5i
-.sp
-Leap	1974	Dec	31	23:59:60	+	S
-.sp
-.fi
+.Dl Leap	1974	Dec	31	23:59:60	+	S
 The
 .Em YEAR ,
 .Em MONTH ,
@@ -360,7 +363,7 @@
 field
 should be (an abbreviation of)
 .Dq Stationary
-if the leap second time given by the other fields should be interpreted as GMT
+if the leap second time given by the other fields should be interpreted as UTC
 or
 (an abbreviation of)
 .Dq Rolling
@@ -374,10 +377,11 @@
 the earliest transition time recorded in the compiled file is correct.
 .Sh FILE
 .Bl -tag -width /usr/share/zoneinfo -compact
-/usr/share/zoneinfo	standard directory used for created files
+.It /usr/share/zoneinfo
+standard directory used for created files
 .El
 .Sh "SEE ALSO"
 .Xr ctime 3 ,
 .Xr tzfile 5 ,
 .Xr zdump 8
-.\" @(#)zic.8	7.12
+.\" @(#)zic.8	7.18


----Next_Part(Mon_Jan_10_18:21:58_2000_945)----
