Looking for:
One moment, please
Expand your Outlook. We’ve developed a suite of premium Outlook features for people with advanced email and calendar needs. A Microsoft subscription offers an ad-free interface, custom domains, enhanced security options, the full desktop version of . Add a serial port device to a virtual machine. Network. Use Shared network mode to share the Internet with a virtual machine. Try Parallels Desktop Free for 14 Days Full-featured. Download Instantly. Buy Parallels Desktop 17 for Mac Electronic Delivery. Start Using Today. Overview. Parallels, Inc. is a developer of desktop and server virtualization software. History. Released on June 15, , it was the first software product to bring mainstream virtualization to Macintosh computers utilizing the Apple–Intel architecture (earlier software products ran PC software in an emulated environment).. Its name initially was ‘Parallels Workstation for Mac .
Outlook – free personal email and calendar from Microsoft.parallels desktop 14 crack Serial key Archives – replace.me
While the rdump 8 and rrestore 8 utilities can be used for this purpose, they are not considered to be secure. Instead, one can use dump and restore in a more secure fashion over an SSH connection. Several built-in utilities are available for backing up and restoring specified files and directories as needed.
A good choice for making a backup of all of the files in a directory is tar 1. Switches can be used to instead specify the name of a backup file. When creating a backup file, make sure that the backup is not saved to the same directory that is being backed up.
To restore the entire backup, cd into the directory to restore into and specify the name of the backup. Note that this will overwrite any newer versions of files in the restore directory. When in doubt, restore to a temporary directory or specify the name of the file within the backup to restore. There are dozens of available switches which are described in tar 1. This utility also supports the use of exclude patterns to specify which files should not be included when backing up the specified directory or restoring files from a backup.
To create a backup using a specified list of files and directories, cpio 1 is a good choice. Unlike tar , cpio does not know how to walk the directory tree and it must be provided the list of files to backup.
For example, a list of files can be created using ls or find. A backup utility which tries to bridge the features provided by tar and cpio is pax 1. Over the years, the various versions of tar and cpio became slightly incompatible. While tape technology has continued to evolve, modern backup systems tend to combine off-site backups with local removable media.
In FreeBSD, mt is used to control operations of the tape drive, such as seeking through files on a tape or writing tape control marks to the tape. For example, the first three files on a tape can be preserved by skipping past them before writing a new file:.
This utility supports many operations. Refer to mt 1 for details. To write a single file to tape using tar , specify the name of the tape device and the file to backup:. To backup a UFS file system, use dump.
The FreeBSD Ports Collection provides many third-party utilities which can be used to schedule the creation of backups, simplify tape backup, and make backups easier and more convenient. In addition to regular backups, it is recommended to perform the following steps as part of an emergency preparedness plan. Store this printout and a copy of the installation media in a secure location. Should an emergency restore be needed, boot into the installation media and select Live CD to access a rescue shell.
This rescue mode can be used to view the current state of the system, and if needed, to reformat disks and restore data from backups.
Next, test the rescue shell and the backups. Make notes of the procedure. Store these notes with the media, the printouts, and the backups.
These notes may prevent the inadvertent destruction of the backups while under the stress of performing an emergency recovery. For an added measure of security, store the latest backup at a remote location which is physically separated from the computers and disk drives by a significant distance. In addition to physical disks, FreeBSD also supports the creation and use of memory disks. In FreeBSD, the md 4 driver is used to provide support for memory disks. When using a custom kernel configuration file, ensure it includes this line:.
To mount an existing file system image, use mdconfig to specify the name of the ISO file and a free unit number. Then, refer to that unit number to mount it on an existing mount point. Once mounted, the files in the ISO will appear in the mount point. This example attaches diskimage. Notice that -t cd was used to mount an ISO format. If a unit number is not specified with -u , mdconfig will automatically allocate an unused memory device and output the name of the allocated unit, such as md4.
Refer to mdconfig 8 for more details about this command and its options. When a memory disk is no longer in use, its resources should be released back to the system. First, unmount the file system, then use mdconfig to detach the disk from the system and release its resources. To continue this example:. To determine if any memory disks are still attached to the system, type mdconfig -l. FreeBSD also supports memory disks where the storage to use is allocated from either a hard disk or an area of memory.
The first method is commonly referred to as a file-backed file system and the second method as a memory-backed file system. Both types can be created using mdconfig.
To create a new memory-backed file system, specify a type of swap and the size of the memory disk to create. Then, format the memory disk with a file system and mount as usual. This example creates a 5M memory disk on unit 1. That memory disk is then formatted with the UFS file system before it is mounted:.
To create a new file-backed memory disk, first allocate an area of disk to use. This example creates an empty 5MB file named newimage :. Next, attach that file to a memory disk, label the memory disk and format it with the UFS file system, mount the memory disk, and verify the size of the file-backed disk:.
It takes several commands to create a file- or memory-backed file system using mdconfig. FreeBSD also comes with mdmfs which automatically configures a memory disk, formats it with the UFS file system, and mounts it.
For example, after creating newimage with dd , this one command is equivalent to running the bsdlabel , newfs , and mount commands shown above:. If the unit number is not specified, mdmfs will automatically select an unused memory device.
For more details about mdmfs , refer to mdmfs 8. UFS snapshots allow a user to create images of specified file systems, and treat them as a file.
Snapshot files must be created in the file system that the action is performed on, and a user may create no more than 20 snapshots per file system. Active snapshots are recorded in the superblock so they are persistent across unmount and remount operations along with system reboots. When a snapshot is no longer required, it can be removed using rm 1. While snapshots may be removed in any order, all the used space may not be acquired because another snapshot will possibly claim some of the released blocks.
Snapshots are created using mount 8. Some administrators will use a snapshot file for backup purposes, because the snapshot can be transferred to CDs or tape. The file system integrity checker, fsck 8 , may be run on the snapshot. Assuming that the file system was clean when it was mounted, this should always provide a clean and unchanging result.
Running dump 8 on the snapshot will produce a dump file that is consistent with the file system and the timestamp of the snapshot. The snapshot can be mounted as a frozen image of the file system. Everything will initially be in the same state it was during the snapshot creation time. The only exception is that any earlier snapshots will appear as zero length files.
To unmount the snapshot, use:. Disk quotas can be used to limit the amount of disk space or the number of files a user or members of a group may allocate on a per-file system basis. This prevents one user or group of users from consuming all of the available disk space. This section describes how to configure disk quotas for the UFS file system. In this example, the 1 indicates quota support.
If the value is instead 0 , add the following line to a custom kernel configuration file and rebuild the kernel using the instructions in Configuring the FreeBSD Kernel :. Normally on bootup, the quota integrity of each file system is checked by quotacheck 8. This program insures that the data in the quota database properly reflects the data on the file system. This is a time consuming process that will significantly affect the time the system takes to boot.
For example:. To enable group quotas, use groupquota instead. To enable both user and group quotas, separate the options with a comma:. By default, quota files are stored in the root directory of the file system as quota. Refer to fstab 5 for more information. Specifying an alternate location for the quota files is not recommended. In the normal course of operations, there should be no need to manually run quotacheck 8 , quotaon 8 , or quotaoff 8.
However, one should read these manual pages to be familiar with their operation. There should be a one line summary of disk usage and current quota limits for each file system that quotas are enabled on.
Several options are available to enforce limits on the amount of disk space a user or group may allocate, and how many files they may create. Allocations can be limited based on disk space block quotas , number of files inode quotas , or a combination of both. Each limit is further broken down into two categories: hard and soft limits.
A hard limit may not be exceeded. Once a user reaches a hard limit, no further allocations can be made on that file system by that user. For example, if the user has a hard limit of kbytes on a file system and is currently using kbytes, the user can only allocate an additional 10 kbytes. Attempting to allocate an additional 11 kbytes will fail. Soft limits can be exceeded for a limited amount of time, known as the grace period, which is one week by default.
If a user stays over their limit longer than the grace period, the soft limit turns into a hard limit and no further allocations are allowed. When the user drops back below the soft limit, the grace period is reset.
In the following example, the quota for the test account is being edited. The default editor is set to vi. There are normally two lines for each file system that has quotas enabled. One line represents the block limits and the other represents the inode limits. Change the value to modify the quota limit.
Sometimes it is desirable to set quota limits on a range of users. This can be done by first assigning the desired quota limit to a user. The following command will duplicate those quota limits for UIDs 10, through 19, :.
For more information, refer to edquota 8. To check individual user or group quotas and disk usage, use quota 1. A user may only examine their own quota and the quota of a group they are a member of. Only the superuser may view all user and group quotas. To get a summary of all quotas and disk usage for file systems with quotas enabled, use repquota 8. Normally, file systems that the user is not using any disk space on will not show in the output of quota , even if the user has a quota limit assigned for that file system.
Use -v to display those file systems. The following is sample output from quota -v for a user that has quota limits on two file systems. Quotas are enforced by the quota subsystem on the NFS server. The rpc. On the NFS server, enable rpc. FreeBSD offers excellent online protections against unauthorized data access. File permissions and Mandatory Access Control MAC help prevent unauthorized users from accessing data while the operating system is active and the computer is powered up.
Unlike encryption methods that encrypt individual files, the built-in gbde and geli utilities can be used to transparently encrypt entire file systems. This chapter demonstrates how to create an encrypted file system on FreeBSD.
It first demonstrates the process using gbde and then demonstrates the same example using geli. The objective of the gbde 4 facility is to provide a formidable challenge for an attacker to gain access to the contents of a cold storage device. However, if the computer is compromised while up and running and the storage device is actively attached, or the attacker has access to a valid passphrase, it offers no protection to the contents of the storage device.
Thus, it is important to provide physical security while the system is running and to protect the passphrase used by the encryption mechanism. This facility provides several barriers to protect the data stored in each disk sector. Each sector on the disk is encrypted with a different AES key. For more information on the cryptographic design, including how the sector keys are derived from the user-supplied passphrase, refer to gbde 4. Install the new drive to the system as explained in Adding Disks.
The gbde lock file contains information that gbde requires to access encrypted partitions. Without access to the lock file, gbde will not be able to decrypt the data contained in the encrypted partition without significant manual intervention which is not supported by the software. Each encrypted partition uses a separate lock file.
A gbde partition must be initialized before it can be used. This initialization needs to be performed only once. This command will open the default editor, in order to set various configuration options in a template. Once the edit is saved, the user will be asked twice to type the passphrase used to secure the data.
The passphrase must be the same both times. The ability of gbde to protect data depends entirely on the quality of the passphrase. This initialization creates a lock file for the gbde partition. Lock files must end in “. Lock files must be backed up together with the contents of any encrypted partitions.
Without the lock file, the legitimate owner will be unable to access the data on the encrypted partition. This command will prompt to input the passphrase that was selected during the initialization of the encrypted partition.
Once the encrypted device has been attached to the kernel, a file system can be created on the device. This example creates a UFS file system with soft updates enabled. After each boot, any encrypted file systems must be manually re-attached to the kernel, checked for errors, and mounted, before the file systems can be used.
This requires that the passphrase be entered at the console at boot time. After typing the correct passphrase, the encrypted partition will be mounted automatically. Additional gbde boot options are available and listed in rc. To detach the encrypted device used in the example, use the following command:. An alternative cryptographic GEOM class is available using geli. This control utility adds some features and uses a different scheme for doing cryptographic work.
It provides the following features:. Utilizes the crypto 9 framework and automatically uses cryptographic hardware when it is available. Allows the root partition to be encrypted. The passphrase used to access the encrypted root partition will be requested during system boot.
Allows backup and restore of master keys. If a user destroys their keys, it is still possible to get access to the data by restoring keys from the backup. Allows a disk to attach with a random, one-time key which is useful for swap partitions and temporary file systems. More features and usage examples can be found in geli 8. The key file will provide some random data used to encrypt the master key. The master key will also be protected by a passphrase.
The example describes how to attach to the geli provider, create a file system on it, mount it, work with it, and finally, how to detach it. Support for geli is available as a loadable kernel module. The following commands generate a master key that all data will be encrypted with. This key can never be changed. Rather than using it directly, it is encrypted with one or more user keys.
It is not mandatory to use both a passphrase and a key file as either method of securing the master key can be used in isolation. If the key file is given as “-“, standard input will be used.
For example, this command generates three key files:. An rc. The system will automatically detach the provider from the kernel before the system shuts down. During the startup process, the script will prompt for the passphrase before attaching the provider. Other kernel messages might be shown before and after the password prompt. If the boot process seems to stall, look carefully for the password prompt among the other messages.
Once the correct passphrase is entered, the provider is attached. Like the encryption of disk partitions, encryption of swap space is used to protect sensitive information. Consider an application that deals with passwords. As long as these passwords stay in physical memory, they are not written to disk and will be cleared after a reboot. However, if FreeBSD starts swapping out memory pages to free space, the passwords may be written to the disk unencrypted.
Encrypting swap space can be a solution for this scenario. This section demonstrates how to configure an encrypted swap partition using gbde 8 or geli 8 encryption.
Swap partitions are not encrypted by default and should be cleared of any sensitive data before continuing. To overwrite the current swap partition with random garbage, execute the following command:. To encrypt the swap partition using gbde 8 , add the. To instead encrypt the swap partition using geli 8 , use the. By default, geli 8 uses the AES algorithm with a key length of bits. Normally the default settings will suffice. The possible flags are:. Data integrity verification algorithm used to ensure that the encrypted data has not been tampered with.
See geli 8 for a list of supported algorithms. Encryption algorithm used to protect the data. The length of the key used for the encryption algorithm. See geli 8 for the key lengths that are supported by each encryption algorithm. The size of the blocks data is broken into before it is encrypted.
Larger sector sizes increase performance at the cost of higher storage overhead. The recommended size is bytes. This example configures an encrypted swap partition using the Blowfish algorithm with a key length of bits and a sectorsize of 4 kilobytes:. Once the system has rebooted, proper operation of the encrypted swap can be verified using swapinfo. If gbde 8 is being used:. If geli 8 is being used:. High availability is one of the main requirements in serious business applications and highly-available storage is a key component in such environments.
Efficient and quick resynchronization as only the blocks that were modified during the downtime of a node are synchronized. Together with CARP, Heartbeat, or other tools, it can be used to build a robust and durable storage system.
How to integrate CARP and devd 8 to build a robust storage system. HAST provides synchronous block-level replication between two physical machines: the primary node and the secondary node.
These two machines together are referred to as a cluster. Since HAST works in a primary-secondary configuration, it allows only one of the cluster nodes to be active at any given time.
The secondary node is automatically synchronized from the primary node. The physical components of the HAST system are the local disk on primary node, and the disk on the remote, secondary node. HAST operates synchronously on a block level, making it transparent to file systems and applications. There is no difference between using HAST-provided devices and raw disks or partitions. In such cases, the read operation is sent to the secondary node. HAST tries to provide fast failure recovery.
To provide fast synchronization, HAST manages an on-disk bitmap of dirty extents and only synchronizes those during a regular synchronization, with an exception of the initial sync. There are many ways to handle synchronization. HAST implements several replication modes to handle different synchronization methods:. The data on the remote node will be stored directly after sending the acknowledgement.
This mode is intended to reduce latency, but still provides good reliability. This mode is the default. This is the safest and the slowest replication mode. This is the fastest and the most dangerous replication mode. It should only be used when replicating to a distant node where latency is too high for other modes. The hastd 8 daemon which provides data synchronization. The userland management utility, hastctl 8. The hast. This file must exist before starting hastd. The following example describes how to configure two nodes in primary-secondary operation using HAST to replicate the data between the two.
The nodes will be called hasta , with an IP address of This file should be identical on both nodes. The simplest configuration is:. For more advanced configuration, refer to hast. Once the configuration exists on both nodes, the HAST pool can be created.
Run these commands on both nodes to place the initial metadata onto the local disk and to start hastd 8 :. This procedure needs to store some metadata on the provider and there will not be enough required space available on an existing provider.
On the primary node, hasta , issue this command:. Check the status line in the output. If it says degraded , something is wrong with the configuration file. It should say complete on each node, meaning that the synchronization between the nodes has started. The synchronization completes when hastctl status reports 0 bytes of dirty extents. The next step is to create a file system on the GEOM provider and mount it. This must be done on the primary node. Creating the file system can take a few minutes, depending on the size of the hard drive.
The goal of this example is to build a robust storage system which is resistant to the failure of any given node. If the primary node fails, the secondary node is there to take over seamlessly, check and mount the file system, and continue to work without missing a single bit of data.
In this example, each node will have its own management IP address and a shared IP address of The HAST pool created in the previous section is now ready to be exported to the other hosts on the network. The only problem which remains unresolved is an automatic failover should the primary node fail. A state change on the CARP interface is an indication that one of the nodes failed or came back online.
These state change events make it possible to run a script which will automatically handle the HAST failover. Restart devd 8 on both nodes to put the new configuration into effect:. For further clarification about this configuration, refer to devd. This is just an example script which serves as a proof of concept.
It does not handle all the possible scenarios and can be extended or altered in any way, for example, to start or stop required services. For this example, a standard UFS file system was used. HAST should generally work without issues. However, as with any other software product, there may be times when it does not work as supposed. The sources of the problems may be different, but the rule of thumb is to ensure that the time is synchronized between the nodes of the cluster.
When troubleshooting HAST, the debugging level of hastd 8 should be increased by starting hastd with -d. This argument may be specified multiple times to further increase the debugging level.
Consider also using -F , which starts hastd in the foreground. Split-brain occurs when the nodes of the cluster are unable to communicate with each other, and both are configured as primary. This is a dangerous condition because it allows both nodes to make incompatible changes to the data. This problem must be corrected manually by the system administrator. See details about contacts when you hover over their name. Prioritize your tasks with Microsoft To Do. Locate messages, people, and documents.
Backed by enterprise-grade security Outlook works around the clock to help protect your privacy and keep your inbox free of clutter. Protection delivered by the same tools Microsoft uses for business customers. Data encryption in your mailbox and after email is sent. Automatic deactivation of unsafe links that contain phishing scams, viruses, or malware. Premium Ransomware detection and recovery for your important files in OneDrive.
Keep your busy life organized Use Outlook’s powerful built-in calendar to keep track of your appointments and schedule meetings with others.