fix some typos, and some slight clean up...

Closes PR#3266

1 files changed, 57 insertions, 48 deletions

diff --git a/usr.sbin/ypserv/ypserv.8 b/usr.sbin/ypserv/ypserv.8
index d3b0114..69cf0ae 100644
--- a/usr.sbin/ypserv/ypserv.8
+++ b/usr.sbin/ypserv/ypserv.8
@@ -28,21 +28,21 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\"	$Id$
+.\"	$Id: ypserv.8,v 1.11 1997/02/22 16:15:14 peter Exp $
 .\"
 .Dd February 4, 1995
 .Dt YPSERV 8
 .Os
 .Sh NAME
 .Nm ypserv
-.Nd "NIS database server"
+.Nd NIS database server
 .Sh SYNOPSIS
-.Nm ypserv
+.Nm
 .Op Fl n
 .Op Fl d
 .Op Fl p Ar path
 .Sh DESCRIPTION
-.Nm NIS
+.Tn NIS
 is an RPC-based service designed to allow a number of UNIX-based
 machines to share a common set of configuration files. Rather than
 requiring a system administrator to update several copies of files
@@ -55,13 +55,14 @@ which tend to require frequent changes in most environments, NIS
 allows groups of computers to share one set of data which can be
 updated from a single location.
 .Pp
-.Nm ypserv
-is the server that distributes NIS databases
+The
+.Nm
+program is the server that distributes NIS databases
 to client systems within an NIS
-.Nm domain.
+.Em domain .
 Each client in an NIS domain must have its domainname set to
 one of the domains served by
-.Nm ypserv
+.Nm
 using the
 .Xr domainname 1
 command. The clients must also run
@@ -70,21 +71,21 @@ in order to attach to a particular server, since it is possible to
 have several servers within a single NIS domain.
 .Pp
 The databases distributed by
-.Nm ypserv
+.Nm
 are stored in
 .Pa /var/yp/[domainname]
 where
 .Pa domainname
 is the name of the domain being served. There can be several
 such directories with different domainnames, and you need only one
-.Nm ypserv
+.Nm
 daemon to handle them all.
 .Pp
 The databases, or
 .Pa maps
 as they are often called,
 are created by
-.Nm /var/yp/Makefile
+.Pa /var/yp/Makefile
 using several system files as source. The database files are in
 .Xr db 3
 format to help speed retrieval when there are many records involved.
@@ -95,11 +96,12 @@ maps, but since the data in the other maps can be found in
 other world-readable files anyway, it doesn't hurt and it's considered
 good general practice.
 .Pp
-.Nm ypserv
-is started by
-.Nm /etc/rc
+The
+.Nm
+program is started by
+.Pa /etc/rc
 if it has been enabled in
-.Nm /etc/sysconfig.
+.Pa /etc/sysconfig .
 .Sh SPECIAL FEATURES
 There are some problems associated with distributing FreeBSD's password
 database via NIS: FreeBSD normally only stores encrypted passwords
@@ -109,7 +111,7 @@ which is readable and writable only by root. By turning this file
 into an NIS map, this security feature would be completely defeated.
 .Pp
 To make up for this, the FreeBSD version of
-.Nm ypserv
+.Nm
 handles the
 .Pa master.passwd.byname
 and
@@ -135,7 +137,7 @@ the standard
 and
 .Pa passwd.byuid
 maps will be accessed instead. The latter two maps are constructed by
-.Nm /var/yp/Makefile
+.Pa /var/yp/Makefile
 by parsing the
 .Pa master.passwd
 file and stripping out the password fields, and are therefore
@@ -151,16 +153,18 @@ that users should
 be aware of:
 .Bl -enum -offset indent
 .It
-The 'TCP port less than 1024' test is trivial to defeat for users with
+The
+.Sq TCP port less than 1024
+test is trivial to defeat for users with
 unrestricted access to machines on your network (even those machines
 which do not run UNIX-based operating systems).
 .It
 If you plan to use a FreeBSD system to serve non-FreeBSD clients that
 have no support for password shadowing (which is most of them), you
 will have to disable the password shadowing entirely by uncommenting the
-.Nm UNSECURE=True
+.Em UNSECURE=True
 entry in
-.Nm /var/yp/Makefile .
+.Pa /var/yp/Makefile .
 This will cause the standard
 .Pa passwd.byname
 and
@@ -172,25 +176,27 @@ authentication through NIS.
 .Pp
 .Ss Security
 In general, any remote user can issue an RPC to
-.Nm ypserv
+.Nm
 and retrieve the contents of your NIS maps, provided the remote user
 knows your domain name. To prevent such unauthorized transactions,
-.Nm ypserv
+.Nm
 supports a feature called
 .Pa securenets
 which can be used to restrict access to a given set of hosts.
 At startup,
-.Nm ypserv
+.Nm
 will attempt to load the securenets information from a file
 called
-.Nm /var/yp/securenets .
+.Pa /var/yp/securenets .
 (Note that this path varies depending on the path specified with
 the
 .Fl p
 option, which is explained below.) This file contains entries
 that consist of a network specification and a network mask separated
 by white space.
-Lines starting with ``#'' are considered to be comments. A
+Lines starting with
+.Dq \&#
+are considered to be comments. A
 sample securenets file might look like this:
 .Bd -unfilled -offset indent
 # allow connections from local host -- mandatory
@@ -204,28 +210,29 @@ sample securenets file might look like this:
 .Ed
 .Pp
 If
-.Nm ypserv
+.Nm
 receives a request from an address that matches one of these rules,
 it will process the request normally. If the address fails to match
 a rule, the request will be ignored and a warning message will be
 logged. If the
 .Pa /var/yp/securenets
 file does not exist,
-.Nm ypserv
+.Nm
 will allow connections from any host.
 .Pp
-.Nm Ypserv
-also has support for Wietse Venema's
-.Pa tcpwrapper
+The
+.Nm
+program also has support for Wietse Venema's
+.Em tcpwrapper
 package, though it is not compiled in by default since
 the
-.Pa tcpwrapper
+.Em tcpwrapper
 package is not distributed with FreeBSD. However, if you have
-.Nm libwrap.a
+.Pa libwrap.a
 and
-.Nm tcpd.h ,
+.Pa tcpd.h ,
 you can easily recompile
-.Nm ypserv
+.Nm
 with them. This allows the administrator to use the tcpwrapper
 configuration files (
 .Pa /etc/hosts.allow
@@ -236,11 +243,13 @@ for access control instead of
 .Pp
 Note: while both of these access control mechanisms provide some
 security, they, like the privileged port test, are both vulnerable
-to ``IP spoofing'' attacks.
+to
+.Dq IP spoofing
+attacks.
 .Pp
 .Ss NIS v1 compatibility
 This version of
-.Nm ypserv
+.Nm
 has some support for serving NIS v1 clients. FreeBSD's NIS
 implementation only uses the NIS v2 protocol, however other implementations
 include support for the v1 protocol for backwards compatibility
@@ -252,14 +261,14 @@ server even though they may never actually need it (and they may
 persist in broadcasting in search of one even after they receive a
 response from a v2 server). Note that while
 support for normal client calls is provided, this version of
-.Nm ypserv
+.Nm
 does not handle v1 map transfer requests; consequently, it can not
 be used as a master or slave in conjunction with older NIS servers that
 only support the v1 protocol. Fortunately, there probably aren't any
 such servers still in use today.
 .Ss NIS servers that are also NIS clients
 Care must be taken when running
-.Nm ypserv
+.Nm
 in a multi-server domain where the server machines are also
 NIS clients. It is generally a good idea to force the servers to
 bind to themselves rather than allowing them to broadcast bind
@@ -276,26 +285,26 @@ man page for details on how to force it to bind to a particular
 server.
 .Sh OPTIONS
 The following options are supported by
-.Nm ypserv :
+.Nm Ns :
 .Bl -tag -width flag
 .It Fl n
 This option affects the way
-.Nm ypserv
+.Nm
 handles yp_match requests for the
 .Pa hosts.byname
 and
 .Pa hosts.byaddress
 maps. By default, if
-.Nm ypserv
+.Nm
 can't find an entry for a given host in its hosts maps, it will
 return an error and perform no further processing. With the
 .Fl n
 flag,
-.Nm ypserv
+.Nm
 will go one step further: rather than giving up immediately, it
 will try to resolve the hostname or address using a DNS nameserver
 query. If the query is successful,
-.Nm ypserv
+.Nm
 will construct a fake database record and return it to the client,
 thereby making it seem as though the client's yp_match request
 succeeded.
@@ -308,14 +317,14 @@ queries directly, therefore it is not necessary to enable this
 option when serving only FreeBSD NIS clients.
 .It Fl d
 Causes the server to run in debugging mode. Normally,
-.Nm ypserv
+.Nm
 reports only unusual errors (access violations, file access failures)
 using the
 .Xr syslog 3
 facility. In debug mode, the server does not background
 itself and prints extra status messages to stderr for each
-request that it revceives. Also, while running in debug mode,
-.Nm ypserv
+request that it receives. Also, while running in debug mode,
+.Nm
 will not spawn any additional subprocesses as it normally does
 when handling yp_all requests or doing DNS lookups. (These actions
 often take a fair amount of time to complete and are therefore handled
@@ -324,7 +333,7 @@ other requests.) This makes it easier to trace the server with
 a debugging tool.
 .It Fl p Ar path
 Normally,
-.Nm ypserv
+.Nm
 assumes that all NIS maps are stored under
 .Pa /var/yp .
 The
@@ -354,6 +363,6 @@ Host access control file
 Bill Paul <wpaul@ctr.columbia.edu>
 .Sh HISTORY
 This version of
-.Nm ypserv
+.Nm
 first appeared in
 .Fx 2.2 .