1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
|
.Dd October 20, 1997
.Dt AFTERBOOT 8
\!\" Originally created by Marshall M. Midden -- 1997-10-20, m4@umn.edu
.Os
.Sh NAME
.Nm afterboot
.Nd things to check after the first complete boot
.Sh DESCRIPTION
This document attempts to list items for the system administrator
to check and set up after the installation and first complete boot of the
system.
The idea is to create a list of items that can be checked off so that you have
a warm fuzzy feeling that something obvious has not been missed.
.Pp
Complete instructions for correcting and fixing items is not provided.
There are man pages and other methodologies available for doing that.
For example, to view the manual page on the
.Xr ls 1
command, type:
.Ic man 1 ls .
.\"
.\" XXX This should be an enumerated list
.\"
.Ss Errata
By the time that you have installed your system, it is quite likely that
bugs in the release have been found. All significant and easily fixed
problems will be reported at
.Pa http://www.openbsd.org/errata.html .
The web page will mention if a problem is security related. And it
is good advice to check this page regularly.
.Ss Login
Login on the console as
.Dq Ic root .
You will not be able to login over the network \(em only on the console. This
behavior is controlled through the
.Pa /etc/ttys
file. See
.Xr ttys 5
for more information.
.Ss System Date
Check the system date with the
.Xr date 1
command.
If needed, change the date, and/or change the symbolic link of
.Pa /etc/localtime
to the correct time zone in the
.Pa /usr/share/zoneinfo
directory.
.Pp
Examples:
.Bl -tag -width date
.It Cm date 199901271504
Set the current date to January 27th, 1999 3:04pm.
.It Cm ln -fs /usr/share/zoneinfo/Canada/Atlantic /etc/localtime
Set the time zone to Atlantic Standard Time.
.El
.Ss Root password
Check the password for the root user.
Choose a password that has numbers, digits, and special characters (not space)
as well as from the upper and lower case alphabet.
Do not choose any word in any
language. It is common for an intruder to use dictionary attacks.
Type the command
.Ic /usr/bin/passwd
to change it.
.Pp
It is a good idea to always specify the full path name for both the
.Xr passwd 1
and
.Xr su 1
commands as this inhibits the possibility of files placed in your execution
.Ev PATH
for most shells. Furthermore, the super-user's
.Ev PATH
should never contain the current directory
.Po Dq \&.
.Pc .
.Ss Check hostname
Use the
.Xr hostname 1
command to verify that the name of your machine is correct.
See the man page for
.Xr hostname
if you need to change it.
You will also need to edit the
.Pa /etc/myname
file to have it stick around for the next reboot.
.Ss Verify network interfaces configured correctly
The first thing to do is an
.Ic ifconfig -a
to see if the network interfaces are properly configured.
Correct by editing
.Pa /etc/hostname. Ns Ar interface
(where
.Ar interface
is the interface name, e.g.
.Dq le0 )
and then using
.Xr ifconfig 8
to manually configure it
if you do not wish to reboot.
The loopback interface will look something like:
.Bd -literal -offset indent
lo0: flags=8009<UP,LOOPBACK,MULTICAST>
inet 127.0.0.1 netmask 0xff000000
.Ed
.Pp
an ethernet interface something like:
.Bd -literal -offset indent
le0: flags=9863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST>
inet 192.168.4.52 netmask 0xffffff00 broadcast 192.168.4.255
.Ed
.Pp
and, a PPP interface something like:
.Bd -literal -offset indent
ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST>
inet 203.3.131.108 --> 198.181.0.253 netmask 0xffff0000
.Ed
\!\"--------------------------------------------------------------------------
\!\" Will someone else fill in the slip interface.
\!\"--------------------------------------------------------------------------
.Pp
You may wish to turn off multicast routing in
.Pa /etc/netstart
by commenting it out, i.e. by placing a # sign at the start of the line:
.Bd -literal -offset indent
# route add -net 224.0.0.0 -interface $hostname
.Ed
.Pp
See
.Xr dhcp 8
for instructions on configuring interfaces with DHCP.
.Ss Check for correct routing
Do a
.Ic netstat -r -n
command. The output will look something like:
.Bd -literal -offset indent
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu
Interface
default 192.168.4.254 UGS 0 11098028 - le0
127 127.0.0.1 UGRS 0 0 - lo0
127.0.0.1 127.0.0.1 UH 3 24 - lo0
192.168.4 link#1 UC 0 0 - le0
192.168.4.52 8:0:20:73:b8:4a UHL 1 6707 - le0
192.168.4.254 0:60:3e:99:67:ea UHL 1 0 - le0
.Ed
.Pp
Fix by editing the file
.Pa /etc/mygate
and using
.Ic route delete
and
.Ic route add
if you do not wish to reboot.
See
.Xr route 8 .
.Pp
If you wish to route packets between interfaces you do that by putting
.Bd -literal -offset indent
net.inet.ip.forwarding=1
.Ed
.Pp
in
.Pa /etc/sysctl.conf ,
or by compiling a new kernel with the GATEWAY option.
Packets are not forwarded by default, due to RFC requirements.
.Pp
You can add new "virtual interfaces" by adding the required entries to
.Pa /etc/ifaliases .
.Ss BIND Name Server (DNS)
If you are using the BIND Name Server, check the
.Pa /etc/resolv.conf
file. It may look something like:
.Bd -literal -offset indent
domain nts.umn.edu
nameserver 128.101.101.101
nameserver 134.84.84.84
search nts.umn.edu. umn.edu.
lookup file bind
.Ed
.Pp
If using a caching name server add the line "nameserver 127.0.0.1" first.
For a local caching name server to run
you will need to set "named_flags" in
.Pa /etc/rc.conf
and create the
.Pa named.boot
file in the appropriate place for
.Xr named 8 .
The same holds true if the machine is going to be a
name server for your domain. In both these cases, make sure that
.Xr named 8
is running
(otherwise there are long waits for resolver timeouts).
.Ss YP verification (NIS)
Check the YP domain name with the
.Xr domainname 1
command. If necessary, correct it by editing the
.Pa /etc/defaultdomain
file. The
.Pa /etc/netstart
script reads this file on bootup to determine and set the domain name.
You may also set the running system's domain name with the
.Xr domainname 1
command.
To start YP client services, simply run
.Ic ypbind ,
then perform the remaining
YP activation as described in
.Xr passwd 5
and
.Xr group 5 .
.Pp
In particular, to enable YP passwd support, you'll need to add the following
line to
.Pa /etc/master.passwd :
.Pp
+:*::::::::
.Pp
Once this is done, you'll need to run
.Ic pwd_mkdb /etc/master.passwd
to regenerate the password databases.
.Pp
There are many more YP man pages available to help you. You can find more
information by starting with
.Xr yp 8 .
.Ss Check disks are mounted correctly
Check that the disks are mounted correctly by
comparing the file
.Pa /etc/fstab
against the output of the
.Xr mount 8
and
.Xr df 1
commands.
Example:
.Bd -literal -offset indent
.Li # Ic cat /etc/fstab
/dev/sd0a / ffs rw 1 1
/dev/sd0b none swap sw 0 0
/dev/sd0d /usr ffs rw,nodev 1 2
/dev/sd0e /var ffs rw,nodev,noexec 1 2
/dev/sd0g /tmp ffs rw,nodev,noexec,nosuid 1 2
/dev/sd0h /home ffs rw,nodev,nosuid 1 2
.Li # Ic mount
/dev/sd0a on / type ffs (local)
/dev/sd0d on /usr type ffs (local, nodev)
/dev/sd0e on /var type ffs (local, nodev, noexec)
/dev/sd0g on /tmp type ffs (local, nodev, noexec, nosuid)
/dev/sd0h on /home type ffs (local, nodev, nosuid)
.Li # Ic df
Filesystem 1024-blocks Used Avail Capacity Mounted on
/dev/sd0a 22311 14589 6606 69% /
/dev/sd0d 203399 150221 43008 78% /usr
/dev/sd0e 10447 682 9242 7% /var
/dev/sd0g 18823 2 17879 0% /tmp
/dev/sd0h 7519 5255 1888 74% /home
.Li # Ic pstat -s
Device 512-blocks Used Avail Capacity Priority
/dev/sd0b 131072 84656 46416 65% 0
.Ed
.Pp
Edit
.Pa /etc/fstab
and use the
.Xr mount 8
and
.Xr umount 8
commands as appropriate.
.Pp
You may wish to do NFS partitions now too, or you can do them later.
.Ss Concatenated disks (ccd)
If you are using
.Xr ccd 4
concatenated disks, edit
.Pa /etc/ccd.conf
and use the
.Ic ccdconfig -U
command to unload, and the
.Ic ccdconfig -C
command to create tables internal to the kernel for the concatenated disks.
You then
.Xr mount 8 ,
.Xr umount 8
and edit
.Pa /etc/fstab
as needed.
.Ss Automounter daemon (AMD)
If using the
.Xr amd 8
package,
go into the
.Pa /etc/amd
directory and set it up by
renaming
.Pa master.sample
to
.Pa master
and editing it and creating other maps as needed.
Alternatively, you can get your maps with YP.
.Sh INSTALLING SHARED CRYPTO LIBRARIES WITH RSA INCLUDED
Two OpenBSD libraries (
.Pa libssl
and
.Pa libcrypto
, based on OpenSSL) implement many
cryptographic functions which are used by OpenBSD programs like
.Xr ssh 1 ,
.Xr httpd 8 ,
and
.Xr isakmpd 8 .
Due to patent licensing reasons, those libraries may not be included
on the CD -- instead the base distribution contains libraries which have had
the troublesome code removed -- the programs listed above will not be fully
functional as a result. Libraries which _include_ the troublesome routines
are available and can be FTP installed, as long as you meet the following
(legal) criteria:
.Ss Outside the USA, no restrictions apply
since the RSA algorithm patent by RSA inc. only applies in the United States
so you can use the free
.Pa ssl26.tgz
package. System install scripts on machine architectures that support
shared libraries will offer to let you install this package when you
are installing your system.
To see if you have it installed, type
.Bl -tag -width pkg_add
.It pkg_info ssl26
.El
.Pp
If the
.Pa ssl26
package is not installed,
.Xr pkg_info 8
will display a message that it can't find package `ssl26'. If you did
not install the package when you installed your system,
You can install it with a
.Xr pkg_add 8
command similar to:
.Bl -tag -width pkg_add
.It pkg_add ftp://ftp.openbsd.org/pub/OpenBSD/2.6/packages/<a>/ssl26.tgz
.El
replacing <a> with your machine architechture, e.g. i386.
.Ss Inside the USA, non-commercial use of RSAREF is permitted.
Non-commercial entities in the USA may install the
.Pa sslUSA26.tgz
package, which uses RSAREF. You install this with a
.Xr pkg_add 8
command similar to:
.Bl -tag -width pkg_add
.It pkg_add ftp://ftp.openbsd.org/pub/OpenBSD/2.6/packages/<a>/sslUSA26.tgz
.El
replacing <a> with your machine architechture, e.g. i386.
.Ss Commercial entities in the USA are left in the cold.
While unfortunate, this is due to the way RSA inc. licences their patent
in the USA. (This is how the USA crypto export policy feels to the
rest of the world).
.Ss Shared Library Support is Required.
These packages update your system by installing shared libraries in
.Pa /usr/local/lib.
This only works if your machine architecture supports shared libraries.
the
.Pa ssl26
and
.Pa sslUSA26
packages are only available for machines which support shared libraries.
If your architecture does not support shared libraries and you wish it
did, consider donating hardware, cash, or quality time to the project
to assist developers in supporting your platform better.
.Sh CHANGING /ETC FILES
The system should be usable now, but you may wish to do more customizing,
such as adding users, etc. Many of the following sections may be skipped
if you are not using that package (for example, skip the
.Sx Kerberos
section if you won't be using Kerberos). We suggest that you
.Ic cd /etc
and edit most of the files in that directory.
.Ss /etc/motd
Edit
.Pa motd
to make lawyers comfortable and make sure that no mention
of the word "Welcome" appears. (Some U.S. lawyers have stated that
the word "Welcome" is an invitation to come on in.)
.Ss Add new users
Add users. There is an
.Xr adduser 8
script.
You may use
.Xr vipw 8
to add users to the
.Pa /etc/passwd
file
and edit
.Pa /etc/group
by hand to add new groups.
The manual page for
.Xr su 8 ,
tells you to make sure to put people in
the
.Sq wheel
group if they need root access (non-Kerberos). For example:
.Bd -literal -offset indent
wheel:*:0:root,myself
.Ed
.Pp
Follow instructions for
.Xr kerberos 1
if using
Kerberos
for authentication.
.Ss rc.conf, netstart, rc.local, rc.securelevel
Check for any local changes needed in the files:
.Pa /etc/rc.conf , /etc/netstart , /etc/rc.local , rc.securelevel .
Turning on something like the Network Time Protocol in
.Pa /etc/rc.securelevel
requires making sure the package is installed.
.Pp
If you've installed X, you may want to turn on
.Xr xdm 1 ,
the X Display Manager. To do this, change the value of xdm_flags in
.Pa /etc/rc.conf .
.Ss Printers
Edit
.Pa /etc/printcap
and
.Pa /etc/hosts.lpd
to get any printers set up.
Consult
.Xr lpd 8
and
.Xr printcap 5
if needed.
.Ss Tighten up security
You might wish to tighten up security more by editing
.Pa /etc/fbtab
as when installing X.
In
.Pa /etc/inetd.conf
turn off extra stuff that you do not need,
and only add things that are really needed.
.Ss Kerberos
If you are going to use
.Xr kerberos 1
for authentication, and you already have a
Kerberos
master, go into the directory
.Pa /etc/kerberosIV
and configure.
Remember to get a
.Pa srvtab
from the master so that the remote commands work.
.Ss Mail Aliases
Edit
.Pa /etc/aliases
and set the four standard aliases to go to either a mailing list, or
the system administrator.
.Bd -literal -offset indent
# Well-known aliases -- these should be filled in!
root: sysadm
manager: sysadm
dumper: sysadm
operator: sysadm
.Ed
.Pp
Run
.Xr newaliases 1
after changes.
.Ss Sendmail
.Ox
ships with a default
.Pa /etc/sendmail.cf
file that will work for simple installations; it was generated from
.Pa openbsd-proto.mc
in
.Pa /usr/share/sendmail/cf .
Please see
.Pa /usr/share/sendmail/README
and
.Pa /usr/share/doc/smm/08.sendmailop/op.me
for information on generating your own sendmail configuration files.
.Ss BOOTP server
If this is a
BOOTP
server, edit
.Pa /etc/bootptab
as needed. You will have to turn it on in
.Pa /etc/inetd.conf
or run
.Xr bootpd 8
in its standalone mode.
.Ss NFS server
If this is an NFS server
make sure
.Pa /etc/rc.conf
has:
.Bd -literal -offset indent
nfs_server=YES
.Ed
.Pp
Edit
.Pa /etc/exports
and get it correct.
It is probably easier to reboot than to get the daemons running manually,
but you can get the order correct by looking at
.Pa /etc/netstart .
.Ss HP remote boot server
Edit
.Pa /etc/rbootd.config
if needed for remote booting.
If you do not have HP computers doing remote booting, do not enable this.
.Ss Daily, Weekly, Monthly scripts
Look at and possibly edit the
.Pa /etc/daily , /etc/weekly ,
and
.Pa /etc/monthly
scripts. Your site specific things should go into
.Pa /etc/daily.local , /etc/weekly.local ,
and
.Pa /etc/monthly.local .
.Pp
These scripts have been limited so as to keep the system running without
filling up disk space from normal running processes and database updates.
(You probably do not need to understand them.)
.Ss Other files in /etc
Look at the other files in
.Pa /etc
and edit them as needed.
(Do not edit files ending in
.Pa .db
\(em like
.Pa aliases.db , pwd.db , spwd.db ,
nor
.Pa localtime ,
nor
.Pa rmt ,
nor any directories.)
.Ss Crontab (background running processes)
Check what is running by typing
.Ic crontab -l
as root
and see if anything unexpected is present.
Do you need anything else? Do you wish to change things? e.g. if you do not
like root getting standard output of the daily scripts, and want only
the security scripts that are mailed internally, you can type
.Ic crontab -e
and change some of the lines to read:
.Bd -literal -offset indent
30 1 * * * /bin/sh /etc/daily 2>&1 > /var/log/daily.out
30 3 * * 6 /bin/sh /etc/weekly 2>&1 > /var/log/weekly.out
30 5 1 * * /bin/sh /etc/monthly 2>&1 > /var/log/monthly.out
.Ed
See
.Xr crontab 5 .
.Ss Next day cleanup
After the first night's security run, change ownerships and permissions
on things. The best bet is to have permissions as in the security list.
(The first of the two listed permissions, and the first group number of
the two).
Use
.Xr chmod 1 ,
.Xr chgrp 1 ,
and
.Xr chown 8
as needed.
.Ss Packages
Install your own packages.
The simple way is to copy source and compile and link/load.
.Pp
Copy vendor binaries and install them. You will need to install any
shared libraries, etc.
(Hint:
.Ic man -k compat
to find out how to install and use compatibility mode.)
.Pp
Install any of a large group of Third-Party Software that is available
in source form. See
.Pa http://www.openbsd.org
under
.Sq Ports: a Nice Way to Get Third-Party Software .
.Pp
You may have some difficulty installing due to various compiling errors.
Don't get discouraged easily! Sometimes checking the mailing lists for
past problems that people have encountered will result in a fix posted.
One recent item says to delete
.Pa -lcrypt
from
.Pa Makefile
.Ns s
as the crypt routines are now present in the standard libraries.
.Sh COMPILING A KERNEL
First, review the system message buffer using the
.Xr dmesg 8
command to find out information on your system's devices as probed by the
kernel at boot. In particular, note which devices were not configured. This
information will prove useful when editing kernel configuration files.
.Pp
To compile your own kernel off a CDROM do the following:
.Sm off
.Bd -literal -offset indent
.Li #\ Xo
.Ic cd\ /
.Ar somedir
.Xc
.Li #\ Xo
.Ic cp\ /usr/src/sys/arch/
.Ar somearch
.Ic /conf/
.Ar SOMEFILE
.Ic \ .
.Xc
.Li #\ Xo
.Ic vi\ \&
.Ar SOMEFILE
.No \ \ \ (to\ make\ any\ changes)
.Xc
.Li #\ Xo
.Ic config\ -s\ /usr/src/sys\ -b\ .\ \&
.Ar SOMEFILE
.Xc
.Li #\ Xo
.Ic make
.Xc
.Ed
.Sm on
.Pp
To compile a kernel inside a writable source tree, do the following:
.Sm off
.Bd -literal -offset indent
.Li #\ Xo
.Ic cd\ /usr/src/sys/arch/
.Ar somearch
.Ic /conf
.Xc
.Li #\ Xo
.Ic vi\ \&
.Ar SOMEFILE
.No \ \ \ (to\ make\ any\ changes)
.Xc
.Li #\ Xo
.Ic config\ \&
.Ar SOMEFILE
.Xc
.Li #\ Xo
.Ic cd\ ../compile/
.Ar SOMEFILE
.Xc
.Li #\ Xo
.Ic make
.Xc
.Ed
.Sm on
.Pp
where
.Ar somedir
is a writable directory,
.Ar somearch
is the architecture (e.g.
.Ic i386 ) ,
and
.Ar SOMEFILE
should be a name indicative of a particular configuration (often
that of the hostname).
You can also do a
.Ic make depend
so that you will have dependencies there the next time you do a compile.
.Pp
After either of these two methods, you can place the new kernel (called
.Pa bsd )
in
.Pa /
(i.e.
.Pa /bsd )
and the system will boot it next time.
Most people save their backup kernels as
.Pa /bsd.1 ,
.Pa /bsd.2 ,
etc.
.Pp
It is not always necessary to recompile the kernel if only
configuration changes are required.
With
.Xr config 8 ,
you can change the device configuration in the kernel file directly:
.Bd -literal
.Li #\ Ic config Fl e o Ar bsd.new /bsd
OpenBSD 2.6-beta (GENERIC.rz0) #0: Mon Oct 4 03:57:22 MEST 1999
root@winona:/usr/src/sys/arch/pmax/compile/GENERIC.rz0
Enter 'help' for information
ukc>
.Pp
Additionally, you can permantly save the changes made with UKC during boot
time in the kernel image.
.Ed
.Sh SEE ALSO
.Xr chgrp 1 ,
.Xr chmod 1 ,
.Xr crontab 1 ,
.Xr date 1 ,
.Xr df 1 ,
.Xr hostname 1 ,
.Xr kerberos 1 ,
.Xr make 1 ,
.Xr man 1 ,
.Xr netstat 1 ,
.Xr newaliases 1 ,
.Xr passwd 1 ,
.Xr su 1 ,
.Xr ccd 4 ,
.Xr aliases 5 ,
.Xr bootptab 5 ,
.Xr crontab 5 ,
.Xr exports 5 ,
.Xr fbtab 5 ,
.Xr fstab 5 ,
.Xr group 5 ,
.Xr krb.conf 5 ,
.Xr krb.realms 5 ,
.Xr passwd 5 ,
.Xr rbootd 5 ,
.Xr resolv.conf 5 ,
.Xr hostname 7 ,
.Xr adduser 8 ,
.Xr amd 8 ,
.Xr bootpd 8 ,
.Xr ccdconfig 8 ,
.Xr chown 8 ,
.Xr config 8 ,
.Xr dhcp 8 ,
.Xr domainname 8 ,
.Xr ext_srvtab 8 ,
.Xr ifconfig 8 ,
.Xr inetd 8 ,
.Xr mount 8 ,
.Xr named 8 ,
.Xr rc 8 ,
.Xr rmt 8 ,
.Xr route 8 ,
.Xr umount 8 ,
.Xr vipw 8 ,
.Xr ypbind 8
.Sh HISTORY
This document first appeared in
.Ox 2.2 .
|