Translation

(itstool) path: listitem/para
<literal>proc_debug</literal> - Disabling process debugging facilities for unprivileged users disables a variety of unprivileged inter-process debugging services, including some procfs functionality, ptrace(), and ktrace(). Please note that this will also prevent debugging tools, for instance <citerefentry><refentrytitle>lldb</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>truss</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>procstat</refentrytitle><manvolnum>1</manvolnum></citerefentry>, as well as some built-in debugging facilities in certain scripting language like PHP, etc., from working for unprivileged users.
0/6970
Context English Persian State
<literal>sshd</literal> - The Secure Shell (<acronym>SSH</acronym>) daemon is used to remotely access a system over an encrypted connection. Only enable this service if the system should be available for remote logins.
<literal>moused</literal> - Enable this service if the mouse will be used from the command-line system console.
<literal>ntpdate</literal> - Enable the automatic clock synchronization at boot time. The functionality of this program is now available in the <citerefentry><refentrytitle>ntpd</refentrytitle><manvolnum>8</manvolnum></citerefentry> daemon. After a suitable period of mourning, the <citerefentry><refentrytitle>ntpdate</refentrytitle><manvolnum>8</manvolnum></citerefentry> utility will be retired.
<literal>ntpd</literal> - The Network Time Protocol (<acronym>NTP</acronym>) daemon for automatic clock synchronization. Enable this service if there is a <trademark class="registered">Windows</trademark>, Kerberos, or <acronym>LDAP</acronym> server on the network.
<literal>powerd</literal> - System power control utility for power control and energy saving.
<literal>dumpdev</literal> - Enabling crash dumps is useful in debugging issues with the system, so users are encouraged to enable crash dumps.
Enabling Hardening Security Options
The next menu is used to configure which security options will be enabled. All of these options are optional. But their use is encouraged.
Selecting Hardening Security Options
_ external ref='bsdinstall/bsdinstall-hardening' md5='__failed__'
Here is a summary of the options which can be enabled in this menu:
<literal>hide_uids</literal> - Hide processes running as other users to prevent the unprivileged users to see other running processes in execution by other users (UID) preventing information leakage.
<literal>hide_gids</literal> - Hide processes running as other groups to prevent the unprivileged users to see other running processes in execution by other groups (GID) preventing information leakage.
<literal>hide_jail</literal> - Hide processes running in jails to prevent the unprivileged users to see processes running inside the jails.
<literal>read_msgbuf</literal> - Disabling reading kernel message buffer for unprivileged users prevent from using <citerefentry><refentrytitle>dmesg</refentrytitle><manvolnum>8</manvolnum></citerefentry> to view messages from the kernel's log buffer.
<literal>proc_debug</literal> - Disabling process debugging facilities for unprivileged users disables a variety of unprivileged inter-process debugging services, including some procfs functionality, ptrace(), and ktrace(). Please note that this will also prevent debugging tools, for instance <citerefentry><refentrytitle>lldb</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>truss</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>procstat</refentrytitle><manvolnum>1</manvolnum></citerefentry>, as well as some built-in debugging facilities in certain scripting language like PHP, etc., from working for unprivileged users.
<literal>random_pid</literal> - Randomize the PID of newly created processes.
<literal>clear_tmp</literal> - Clean <filename>/tmp</filename> when the system starts up.
<literal>disable_syslogd</literal> - Disable opening <application>syslogd</application> network socket. By default FreeBSD runs <application>syslogd</application> in a secure way with <command>-s</command>. That prevents the daemon from listening for incoming UDP requests at port 514. With this option enabled <application>syslogd</application> will run with the flag <command>-ss</command> which prevents <application>syslogd</application> from opening any port. To get more information consult <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
<literal>disable_sendmail</literal> - Disable the sendmail mail transport agent.
<literal>secure_console</literal> - When this option is enabled, the prompt requests the <systemitem class="username">root</systemitem> password when entering single-user mode.
<literal>disable_ddtrace</literal> - DTrace can run in a mode that will actually affect the running kernel. Destructive actions may not be used unless they have been explicitly enabled. To enable this option when using DTrace use <command>-w</command>. To get more information consult <citerefentry><refentrytitle>dtrace</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
Add Users
The next menu prompts to create at least one user account. It is recommended to login to the system using a user account rather than as <systemitem class="username">root</systemitem>. When logged in as <systemitem class="username">root</systemitem>, there are essentially no limits or protection on what can be done. Logging in as a normal user is safer and more secure.
Select <guibutton>[ Yes ]</guibutton> to add new users.
Add User Accounts
_ external ref='bsdinstall/bsdinstall-adduser1' md5='__failed__'
Follow the prompts and input the requested information for the user account. The example shown in <xref linkend="bsdinstall-add-user2"/> creates the <systemitem class="username">asample</systemitem> user account.
Enter User Information
_ external ref='bsdinstall/bsdinstall-adduser2' md5='__failed__'
Here is a summary of the information to input:

Loading…

No matching activity found.

Browse all component changes

Glossary

English Persian
Function library کتابخانهٔ توابع FreeBSD Doc
Script اجرانامه FreeBSD Doc

Source information

Source string comment
(itstool) path: listitem/para
Source string location
book.translate.xml:4978
String age
9 months ago
Source string age
10 months ago
Translation file
books/fa/handbook.po, string 721