22107485 More Userland component man page normalizations
authorRich Burridge <rich.burridge@oracle.com>
Thu, 29 Oct 2015 11:05:40 -0700
changeset 5029 77413b29eb5a
parent 5028 db8ff415ba49
child 5030 8a4221164865
22107485 More Userland component man page normalizations
components/hal-cups-utils/hal-cups-utils.5
components/hal-cups-utils/hal-cups-utils.7
components/hal-cups-utils/hal-cups-utils.p5m
components/libpcap/Makefile
components/libpcap/libpcap.p5m
components/libpcap/patches/configure.in.patch
components/lighttpd/Solaris/lighttpd.1m.sunman
components/lighttpd/Solaris/lighttpd.8.sunman
components/lighttpd/lighttpd.p5m
components/nicstat/patches/002-adjust-man-page.patch
components/openssl/openssl-default/files/openssl.5
components/openssl/openssl-default/files/openssl.7
components/openssl/openssl-default/openssl-default.p5m
components/openstack/swift/swift.p5m
components/pam_pkcs11/files/pam_pkcs11.5
components/pam_pkcs11/files/pam_pkcs11.7
components/pam_pkcs11/pam_pkcs11.conf
components/pam_pkcs11/pam_pkcs11.p5m
components/samba/samba36/patches/docs-xml.patch
components/sox/patches/1.sox.1.patch
components/sox/patches/2.soxi.1.patch
components/sox/patches/3.libsox.3.patch
components/sox/patches/4.soxformat.7.patch
components/sox/sox.p5m
components/tcsh/manpages/tcsh.1
components/timezone/system-data-timezone.p5m
components/timezone/zoneinfo.4
components/timezone/zoneinfo.5
components/trousers/patches/man_man8_tcsd.8.in.patch
--- a/components/hal-cups-utils/hal-cups-utils.5	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,23 +0,0 @@
-.TH hal-cups-utils 5 "14 Apr 2009" "SunOS 5.11" "Standards, Environments, and Macros"
-.SH NAME
-hal-cups-utils - automatic queue configuration for CUPS
-.SH DESCRIPTION
-.sp
-.LP
-hal-cups-utils is a Hardware Abstraction Layer (HAL) plugin module that
-automatically creates print queues under the Common UNIX Printing System (CUPS)
-for printers detected by HAL.  When a printer is detected by the HAL framework,
-HAL activates hal-cups-utils to attempt to create a corresponding print queue
-under the CUPS print service.  If the CUPS print service is not active, no
-action is taken.  See http://fedorahosted.org/hal-cups-utils/ for additional
-information.
-.SH SEE ALSO
-.sp
-.LP
-\fBhal\fR(5), 
-.sp
-http://fedorahosted.org/hal-cups-utils/
-.sp
-http://www.cups.org/
-.sp
-.LP
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/hal-cups-utils/hal-cups-utils.7	Thu Oct 29 11:05:40 2015 -0700
@@ -0,0 +1,23 @@
+.TH hal-cups-utils 7 "27 Oct 2015" "SunOS 5.12" "Standards, Environments, and Macros"
+.SH NAME
+hal-cups-utils - automatic queue configuration for CUPS
+.SH DESCRIPTION
+.sp
+.LP
+hal-cups-utils is a Hardware Abstraction Layer (HAL) plugin module that
+automatically creates print queues under the Common UNIX Printing System (CUPS)
+for printers detected by HAL.  When a printer is detected by the HAL framework,
+HAL activates hal-cups-utils to attempt to create a corresponding print queue
+under the CUPS print service.  If the CUPS print service is not active, no
+action is taken.  See http://fedorahosted.org/hal-cups-utils/ for additional
+information.
+.SH SEE ALSO
+.sp
+.LP
+\fBhal\fR(7), 
+.sp
+http://fedorahosted.org/hal-cups-utils/
+.sp
+http://www.cups.org/
+.sp
+.LP
--- a/components/hal-cups-utils/hal-cups-utils.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/hal-cups-utils/hal-cups-utils.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -38,5 +38,5 @@
 file path=etc/hal/fdi/policy/10osvendor/10-hal_lpadmin.fdi
 file path=usr/lib/cups/backend/hal mode=0555
 file path=usr/lib/hal/hal_lpadmin mode=0555 pkg.depend.bypass-generate=.*
-file hal-cups-utils.5 path=usr/share/man/man5/hal-cups-utils.5
+file hal-cups-utils.7 path=usr/share/man/man7/hal-cups-utils.7
 license hal-cups-utils.copyright license="CUPS license"
--- a/components/libpcap/Makefile	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/libpcap/Makefile	Thu Oct 29 11:05:40 2015 -0700
@@ -38,6 +38,9 @@
 include $(WS_MAKE_RULES)/configure.mk
 include $(WS_MAKE_RULES)/ips.mk
 
+# Rebuild the configure script so the man pages are normalized.
+COMPONENT_PREP_ACTION =	(cd $(@D); autoconf);
+
 #
 # libpcap Makefile does not use CFLAGS when building shared library
 # so we require the following line to add the -m option to CC
@@ -48,7 +51,6 @@
 
 ASLR_MODE = $(ASLR_NOT_APPLICABLE)
 
-# common targets
 configure:	$(CONFIGURE_32_and_64)
 
 build:		$(BUILD_32_and_64)
--- a/components/libpcap/libpcap.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/libpcap/libpcap.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -141,9 +141,9 @@
 file path=usr/share/man/man3pcap/pcap_strerror.3pcap
 file path=usr/share/man/man3pcap/pcap_tstamp_type_name_to_val.3pcap
 file path=usr/share/man/man3pcap/pcap_tstamp_type_val_to_name.3pcap
-file path=usr/share/man/man4/pcap-savefile.4
-file path=usr/share/man/man5/pcap-filter.5
-file path=usr/share/man/man5/pcap-linktype.5
-file path=usr/share/man/man5/pcap-tstamp.5
+file path=usr/share/man/man5/pcap-savefile.5
+file path=usr/share/man/man7/pcap-filter.7
+file path=usr/share/man/man7/pcap-linktype.7
+file path=usr/share/man/man7/pcap-tstamp.7
 #
 license license.pcap license=BSD
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/libpcap/patches/configure.in.patch	Thu Oct 29 11:05:40 2015 -0700
@@ -0,0 +1,23 @@
+In Solaris 12, we will be normalizing man pages. See PSARC 2015/428.
+This means that what was section 4, is now section 5 and what was in
+section 5 is now in section 7. But currently only for Solaris 12.
+
+This patch should eventually be sent upstream, but for that to happen
+it will need to be reworked into a form that will be acceptable for
+all versions of Solaris. Until then, we are just using this Solaris 12
+specific patch.
+
+--- libpcap-1.7.4/configure.in.orig	2015-10-27 15:28:28.112790014 -0700
++++ libpcap-1.7.4/configure.in	2015-10-27 15:29:50.259610071 -0700
[email protected]@ -1310,11 +1310,6 @@
+ 	AC_DEFINE(HAVE_SOLARIS,1,[On solaris])
+ 
+ 	DYEXT="so"
+-	#
+-	# Use System V conventions for man pages.
+-	#
+-	MAN_FILE_FORMATS=4
+-	MAN_MISC_INFO=5
+ 	;;
+ esac
+ 
--- a/components/lighttpd/Solaris/lighttpd.1m.sunman	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,269 +0,0 @@
-'\" t
-.\"
-.\" CDDL HEADER START
-.\"
-.\" The contents of this file are subject to the terms of the
-.\" Common Development and Distribution License (the "License").
-.\" You may not use this file except in compliance with the License.
-.\"
-.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
-.\" or http://www.opensolaris.org/os/licensing.
-.\" See the License for the specific language governing permissions
-.\" and limitations under the License.
-.\"
-.\" When distributing Covered Code, include this CDDL HEADER in each
-.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
-.\" If applicable, add the following below this CDDL HEADER, with the
-.\" fields enclosed by brackets "[]" replaced with your own identifying
-.\" information: Portions Copyright [yyyy] [name of copyright owner]
-.\"
-.\" CDDL HEADER END
-.\"
-.\" Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights reserved.
-.\"
-.TH lighttpd 1M "October 2009" "SunOS 5.11" "System Administration Commands"
-.SH NAME
-lighttpd \- a fast, secure and flexible webserver
-.SH SYNOPSIS
-.LP
-.nf
-\fBlighttpd\fR
-.fi
-
-.SH DESCRIPTION
-.sp
-.LP
-The Lighttpd Web Server consists of a server daemon,  a watchdog process, loadable server modules, configuration files and documentation. 
-.sp
-.LP
-.SH FILES
-.sp
-.LP
-The following paths specify the installation locations for Lighttpd:
-.LP
-Note : 
-.RS +4
-.TP
-.ie t \(bu
-.el o
-The string \fB[version]\fR should be expanded
-to \fB"MAJOR.MINOR"\fR. For example, \fB/usr/lighttpd/1.4/*\fR.
-.RE
-.RE
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/lighttpd/[version]\fR\fR
-.ad
-.sp .6
-.RS 4n
-Contains lighttpd configuration files. A new install contains a single, default configuration file \fBlighttpd.conf\fR.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/lighttpd/[version]/conf.d\fR\fR
-.ad
-.sp .6
-.RS 4n
-Contains additional server configuration files. These files generally require some customisation and are therefore not automatically loaded by the main configuration file.
-.sp
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/usr/lighttpd/[version]/sbin\fR\fR
-.ad
-.sp .6
-.RS 4n
-Contains the lighttpd executable and the lighttpd-angel watchdog process.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/usr/lighttpd/[version]/man\fR\fR
-.ad
-.sp .6
-.RS 4n
-Contains man pages for the server and utility programs.
-.sp
-Add this directory to your MANPATH to read the Lighttpd man pages. See
-Notes.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/usr/lighttpd/[version]/lib\fR\fR
-.ad
-.sp .6
-.RS 4n
-Contains the Lighttpd loadable modules. These can be loaded by using directives in the configuration file.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/var/lighttpd/[version]/docroot\fR\fR
-.ad
-.sp .6
-.RS 4n
-The default location for content as specified by the server.document-root directive in the Lightpd configuration file.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/var/lighttpd/[version]/logs\fR\fR
-.ad
-.sp .6
-.RS 4n
-This is the default location for the Lighttpd log files.
-.sp
-The formats, names, and locations of the files in this directory can
-be altered by various configuration directives in the \fBlighttpd.conf\fR file.
-.RE
-
-.SH SERVICE MANAGEMENT FACILITY
-.sp
-.LP
-The \fBlighttpd14\fR package for Solaris (\fBweb/server/lighttpd-14\fR) includes all of the files necessary to register Lighttpd with the Service Management Facility described in \fISMF(5)\fR. The following procedure describes the steps to automate service management for lighttpd.
-
-Note :
-.RS +4
-.TP
-.ie t \(bu
-.el o
-The the full name of the lighttpd service is svc:/network/http:lighttpd14
-This can be abbreviated to lighttpd14 which is the \fBinstance name\fR of the service.
-.RE
-
-.RS +4
-.TP
-1.
-To enable the lighttpd14 service.
-.sp
-.in +2
-.nf
-example% svcadm enable lighttpd14
-.fi
-.in -2
-
-The state of the service instance changes to \fBonline\fR,
-and the lighttpd14 service instance is now available:
-.sp
-.in +2
-.nf
-example% svcs lighttpd14
-STATE          STIME    FMRI
-online         11:22:17 svc:/network/http:lighttpd14
-.fi
-.in -2
-.sp
-
-.RE
-.RS +4
-.TP
-2.
-To disable the lighttpd14 service instance,
-.sp
-.in +2
-.nf
-example% svcadm disable lighttpd14
-.fi
-.in -2
-
-The state of the service instance changes to \fBdisabled\fR,
-and the lighttpd service instance is no longer available:
-.sp
-.in +2
-.nf
-example% svcs lighttpd14
-STATE          STIME    FMRI
-disabled       11:35:15 svc:/network/http:lighttpd14
-.fi 
-.in -2
-.sp
-.RE
-
-.SH USER AUTHORIZATIONS
-.sp
-.LP
-You can use \fBRBAC(5)\fR to authorize otherwise non-privileged users to manage
-the \fBlighttpd14\fR service.
-To allow a user to manage the \fBlighttpd14\fR service states, add a line to
-\fB/etc/user_attr\fR of the form:
-.sp
-.in +2
-.nf
-<username>::::type=role;profiles=Lighttpd 14 Administration,All
-.fi
-.in -2
-.sp
-.LP
-Where <username> is the name of the user being granted the authorisation. If the user already has an entry in \fB/etc/user_attr\fR, add the "Lighttpd 14 Administration" profile to his or her entry.
-.sp
-.RE
-
-.SH SPAWN-FCGI CHANGES
-.LP
-Version 1.4.23 of the Lighttpd web server sees the refactoring of the spawn-fcgi utility into a separate source distribution and as a result, spawn-fcgi has been spun out into a separate package named web/fastcgi/spawn-fcgi. The Lighttpd packages install web/fastcgi/spawn-fcgi as a dependency and provide symbolic links from the original locations of the spawn-fcgi executable and manpage to the locations delivered by the spawn-fcgi package, i.e.:
-.sp
-.in +2
-.nf
-/usr/lighttpd/1.4/bin/spawn-fcgi -> /usr/bin/spawn-fcgi
-
-/usr/lighttpd/1.4/share/man/man1/spawn-fcgi.1
-                    -> /usr/share/man/man1/spawn-fcgi.1
-.fi
-.in -2
-.sp
-.LP
-These symbolic links may be removed in a future update of the Lighttpd packages
-.sp
-.RE
-
-.SH CONFIGURATION OPTIONS
-.sp
-.LP
-At this time, use of multiple Lighttpd worker processes is discouraged and is not supported by the Lighttpd community. From version 1.4.23 the supplied configuration file has the following line removed:
-.sp
-.in +2
-.nf
-server.max-worker = 4
-.fi
-.in -2
-.sp
-.LP
-The result of this change is that by default, Lighttpd will be run with a single worker process
-.sp
-.RE
-
-.SH SEE ALSO
-.sp
-.LP
-\fBattributes(5)\fR, \fBlighttpd(8)\fR, \fBspawn-fcgi(8)\fR, \fBlighttpd-angel(8)\fR
-.sp
-.LP
-http://www.lighttpd.net
-.SH NOTES
-.sp
-.LP
-In addition to the documentation and man pages included with Solaris,
-more information is available at http://www.lighttpd.net\&.
-.sp
-.LP
-The Lighttpd man pages are provided with the programming modules. To
-view the manual pages for the Lighttpd modules with the man command, add \fB/usr/lighttpd/[version]/man\fR to the MANPATH environment variable.
-See \fBman(1)\fR for more information. Running \fBcatman(1M)\fR on
-the Lighttpd manual pages is not supported.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/lighttpd/Solaris/lighttpd.8.sunman	Thu Oct 29 11:05:40 2015 -0700
@@ -0,0 +1,269 @@
+'\" t
+.\"
+.\" CDDL HEADER START
+.\"
+.\" The contents of this file are subject to the terms of the
+.\" Common Development and Distribution License (the "License").
+.\" You may not use this file except in compliance with the License.
+.\"
+.\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+.\" or http://www.opensolaris.org/os/licensing.
+.\" See the License for the specific language governing permissions
+.\" and limitations under the License.
+.\"
+.\" When distributing Covered Code, include this CDDL HEADER in each
+.\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+.\" If applicable, add the following below this CDDL HEADER, with the
+.\" fields enclosed by brackets "[]" replaced with your own identifying
+.\" information: Portions Copyright [yyyy] [name of copyright owner]
+.\"
+.\" CDDL HEADER END
+.\"
+.\" Copyright (c) 2008, 2015, Oracle and/or its affiliates. All rights reserved.
+.\"
+.TH lighttpd 8 "October 2015" "SunOS 5.12" "System Administration Commands"
+.SH NAME
+lighttpd \- a fast, secure and flexible webserver
+.SH SYNOPSIS
+.LP
+.nf
+\fBlighttpd\fR
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The Lighttpd Web Server consists of a server daemon,  a watchdog process, loadable server modules, configuration files and documentation. 
+.sp
+.LP
+.SH FILES
+.sp
+.LP
+The following paths specify the installation locations for Lighttpd:
+.LP
+Note : 
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The string \fB[version]\fR should be expanded
+to \fB"MAJOR.MINOR"\fR. For example, \fB/usr/lighttpd/1.4/*\fR.
+.RE
+.RE
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/lighttpd/[version]\fR\fR
+.ad
+.sp .6
+.RS 4n
+Contains lighttpd configuration files. A new install contains a single, default configuration file \fBlighttpd.conf\fR.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/lighttpd/[version]/conf.d\fR\fR
+.ad
+.sp .6
+.RS 4n
+Contains additional server configuration files. These files generally require some customisation and are therefore not automatically loaded by the main configuration file.
+.sp
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lighttpd/[version]/sbin\fR\fR
+.ad
+.sp .6
+.RS 4n
+Contains the lighttpd executable and the lighttpd-angel watchdog process.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lighttpd/[version]/man\fR\fR
+.ad
+.sp .6
+.RS 4n
+Contains man pages for the server and utility programs.
+.sp
+Add this directory to your MANPATH to read the Lighttpd man pages. See
+Notes.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lighttpd/[version]/lib\fR\fR
+.ad
+.sp .6
+.RS 4n
+Contains the Lighttpd loadable modules. These can be loaded by using directives in the configuration file.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/var/lighttpd/[version]/docroot\fR\fR
+.ad
+.sp .6
+.RS 4n
+The default location for content as specified by the server.document-root directive in the Lightpd configuration file.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/var/lighttpd/[version]/logs\fR\fR
+.ad
+.sp .6
+.RS 4n
+This is the default location for the Lighttpd log files.
+.sp
+The formats, names, and locations of the files in this directory can
+be altered by various configuration directives in the \fBlighttpd.conf\fR file.
+.RE
+
+.SH SERVICE MANAGEMENT FACILITY
+.sp
+.LP
+The \fBlighttpd14\fR package for Solaris (\fBweb/server/lighttpd-14\fR) includes all of the files necessary to register Lighttpd with the Service Management Facility described in \fISMF(7)\fR. The following procedure describes the steps to automate service management for lighttpd.
+
+Note :
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The the full name of the lighttpd service is svc:/network/http:lighttpd14
+This can be abbreviated to lighttpd14 which is the \fBinstance name\fR of the service.
+.RE
+
+.RS +4
+.TP
+1.
+To enable the lighttpd14 service.
+.sp
+.in +2
+.nf
+example% svcadm enable lighttpd14
+.fi
+.in -2
+
+The state of the service instance changes to \fBonline\fR,
+and the lighttpd14 service instance is now available:
+.sp
+.in +2
+.nf
+example% svcs lighttpd14
+STATE          STIME    FMRI
+online         11:22:17 svc:/network/http:lighttpd14
+.fi
+.in -2
+.sp
+
+.RE
+.RS +4
+.TP
+2.
+To disable the lighttpd14 service instance,
+.sp
+.in +2
+.nf
+example% svcadm disable lighttpd14
+.fi
+.in -2
+
+The state of the service instance changes to \fBdisabled\fR,
+and the lighttpd service instance is no longer available:
+.sp
+.in +2
+.nf
+example% svcs lighttpd14
+STATE          STIME    FMRI
+disabled       11:35:15 svc:/network/http:lighttpd14
+.fi 
+.in -2
+.sp
+.RE
+
+.SH USER AUTHORIZATIONS
+.sp
+.LP
+You can use \fBRBAC(7)\fR to authorize otherwise non-privileged users to manage
+the \fBlighttpd14\fR service.
+To allow a user to manage the \fBlighttpd14\fR service states, add a line to
+\fB/etc/user_attr\fR of the form:
+.sp
+.in +2
+.nf
+<username>::::type=role;profiles=Lighttpd 14 Administration,All
+.fi
+.in -2
+.sp
+.LP
+Where <username> is the name of the user being granted the authorisation. If the user already has an entry in \fB/etc/user_attr\fR, add the "Lighttpd 14 Administration" profile to his or her entry.
+.sp
+.RE
+
+.SH SPAWN-FCGI CHANGES
+.LP
+Version 1.4.23 of the Lighttpd web server sees the refactoring of the spawn-fcgi utility into a separate source distribution and as a result, spawn-fcgi has been spun out into a separate package named web/fastcgi/spawn-fcgi. The Lighttpd packages install web/fastcgi/spawn-fcgi as a dependency and provide symbolic links from the original locations of the spawn-fcgi executable and manpage to the locations delivered by the spawn-fcgi package, i.e.:
+.sp
+.in +2
+.nf
+/usr/lighttpd/1.4/bin/spawn-fcgi -> /usr/bin/spawn-fcgi
+
+/usr/lighttpd/1.4/share/man/man1/spawn-fcgi.1
+                    -> /usr/share/man/man1/spawn-fcgi.1
+.fi
+.in -2
+.sp
+.LP
+These symbolic links may be removed in a future update of the Lighttpd packages
+.sp
+.RE
+
+.SH CONFIGURATION OPTIONS
+.sp
+.LP
+At this time, use of multiple Lighttpd worker processes is discouraged and is not supported by the Lighttpd community. From version 1.4.23 the supplied configuration file has the following line removed:
+.sp
+.in +2
+.nf
+server.max-worker = 4
+.fi
+.in -2
+.sp
+.LP
+The result of this change is that by default, Lighttpd will be run with a single worker process
+.sp
+.RE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBattributes(7)\fR, \fBlighttpd(8)\fR, \fBspawn-fcgi(8)\fR, \fBlighttpd-angel(8)\fR
+.sp
+.LP
+http://www.lighttpd.net
+.SH NOTES
+.sp
+.LP
+In addition to the documentation and man pages included with Solaris,
+more information is available at http://www.lighttpd.net\&.
+.sp
+.LP
+The Lighttpd man pages are provided with the programming modules. To
+view the manual pages for the Lighttpd modules with the man command, add \fB/usr/lighttpd/[version]/man\fR to the MANPATH environment variable.
+See \fBman(1)\fR for more information. Running \fBcatman(8)\fR on
+the Lighttpd manual pages is not supported.
--- a/components/lighttpd/lighttpd.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/lighttpd/lighttpd.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -137,7 +137,7 @@
 file path=usr/lighttpd/1.4/man/man8/lighttpd.8
 file path=usr/lighttpd/1.4/sbin/lighttpd
 file path=usr/lighttpd/1.4/sbin/lighttpd-angel
-file Solaris/lighttpd.1m.sunman path=usr/share/man/man1m/lighttpd.1m
+file Solaris/lighttpd.8.sunman path=usr/share/man/man8/lighttpd.8
 dir  path=var/lighttpd/1.4/docroot
 dir  path=var/lighttpd/1.4/errors
 dir  path=var/lighttpd/1.4/logs owner=webservd group=webservd mode=700
--- a/components/nicstat/patches/002-adjust-man-page.patch	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/nicstat/patches/002-adjust-man-page.patch	Thu Oct 29 11:05:40 2015 -0700
@@ -1,10 +1,10 @@
 Adjust the nicstat man page to just be Solaris specific.
 
 These changes will be passed back upstream, to see if there is a way for
-a Solaris or Linux man page can be obtained from a merged version
+a Solaris or Linux man page to be obtained from a merged version
 
---- nicstat.1.orig	2014-11-23 17:37:32.617985414 -0800
-+++ nicstat.1	2014-11-23 17:47:12.637407628 -0800
+--- nicstat.1.orig	2015-10-27 15:04:24.672109098 -0700
++++ nicstat.1	2015-10-27 15:05:16.958756640 -0700
 @@ -14,7 +14,7 @@
  
  .SH NAME
@@ -42,13 +42,18 @@
  Search for active network interfaces by looking for kstat "link_state"
  statistics with a value of 1.  This is only of value on systems
  running Solaris 10 (or early releases of Solaris 11 Express), with
[email protected]@ -297,34 +284,15 @@
- .BR netstat (1M)
- .BR kstat (1M),
[email protected]@ -294,37 +281,18 @@
+ .fi
+ .\" ========================================================================
+ .SH SEE\ ALSO
+-.BR netstat (1M)
+-.BR kstat (1M),
++.BR netstat (8)
++.BR kstat (8),
  .BR kstat (3KSTAT),
 -.BR mibiisa (1M),
 -.BR ethtool (8)
-+.BR mibiisa (1M)
++.BR mibiisa (8)
  
  "nicstat - the Solaris and Linux Network Monitoring Tool You Did Not Know You Needed"
  .RI - http://blogs.oracle.com/timc/entry/nicstat_the_solaris_and_linux
--- a/components/openssl/openssl-default/files/openssl.5	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,208 +0,0 @@
-'\" te
-.\" Copyright (c) 2009, 2015, Oracle and/or its affiliates. All rights reserved.
-.TH openssl 5 "22 May 2015" "SunOS 5.12" "Standards, Environments, and Macros"
-.SH NAME
-openssl \- OpenSSL cryptographic and Secure Sockets Layer toolkit
-.SH DESCRIPTION
-.sp
-.LP
-OpenSSL is a cryptography toolkit that implements the Transport Layer Security (TLS v1) network protocols.  This version of OpenSSL no longer supports the Secure Sockets Layer (SSLv2/v3) network protocols.
-.sp
-.LP
-The following features are omitted  from  the  binaries  for issues  including but not limited to patents, trademark, and US export restrictions: ECC, IDEA, MDC2, RC3,  RC5, 4758_CCA Engine, AEP Engine, Atalla Engine, CHIL  Engine,  CSWIFT  Engine,  GMP  Engine,  NURON  Engine, PadLock Engine, Sureware Engine, and UBSEC Engine.
-.SS "The Dynamic Engine Support"
-.sp
-.LP
-The dynamic engine support has been enabled, which allows an external engine, in the form of a shared library, to be dynamically bound and used by an OpenSSL-based application.
-.sp
-.LP
-Run the following command to see if the dynamic engine is supported:
-.sp
-.in +2
-.nf
-$ \fBopenssl engine dynamic\fR
-(dynamic) Dynamic engine loading support
-.fi
-.in -2
-.sp
-
-.SS "The PKCS#11 Engine"
-.sp
-.LP
-The PKCS#11 engine has been included with ENGINE name \fBpkcs11\fR. The engine was developed in Sun and is not integrated in the OpenSSL project.
-.sp
-.LP
-The PKCS#11 engine is a dynamic engine, and it is configured to use the Oracle Solaris Cryptographic Framework. See \fBcryptoadm\fR(1M) for configuration information.
-.sp
-.LP
-The PKCS#11 engine can support the following set of mechanisms: \fBCKM_AES_CBC\fR, \fBCKM_AES_ECB\fR, \fBCKM_BLOWFISH_CBC\fR, \fBCKM_DES_CBC\fR, \fBCKM_DES_ECB\fR, \fBCKM_DES3_CBC\fR, \fBCKM_DES3_ECB\fR, \fBCKM_DSA\fR, \fBCKM_MD5\fR, \fBCKM_RC4\fR, \fBCKM_RSA_PKCS\fR, \fBCKM_RSA_X_509\fR, \fBCKM_SHA_1\fR, \fBCKM_SHA224\fR, \fBCKM_SHA256\fR, \fBCKM_SHA384\fR, \fBCKM_SHA512\fR, \fBCKM_SHA224_HMAC\fR, \fBCKM_SHA224_HMAC_GENERAL\fR, and \fBCKM_SHA224_KEY_DERIVATION\fR.
-.sp
-.LP
-The set of mechanisms available depends on installed Crypto Framework providers. To see what mechanisms can be offloaded to the Cryptographic Framework through the PKCS#11 engine on a given machine, run the following command:
-.sp
-.in +2
-.nf
-$ \fB/usr/bin/openssl engine dynamic -pre SO_PATH:/lib/openssl/engines/64/libpk11.so -pre LOAD -t -c\fR
-.fi
-.in -2
-.sp
-
-.sp
-.LP
-In order to verify the use of the PKCS#11 engine and the use of hardware acceleration with the OpenSSL application, you must specify the EVP option. EVP stands for \fBEnVeloPE\fR API, which is the API applications such as Apache use to access OpenSSL cryptography. Use the EVP option to get the most accurate \fBopenssl speed\fR results.
-.sp
-.in +2
-.nf
-$ \fB/usr/bin/openssl speed -evp aes-128-cbc -engine pkcs11\fR
-.fi
-.in -2
-.sp
-
-.sp
-.LP
-Due to requirements of the PKCS#11 standard regarding \fBfork\fR(2) behavior, some applications that use the OpenSSL EVP interfaces and \fBfork()\fR with active \fBcrypto\fR contexts might experience unexpected behavior.
-.SS "Using FIPS Mode"
-.sp
-.LP
-FIPS-140 capable OpenSSL is available in Oracle Solaris.
-.sp
-.LP
-The IPS package mediator feature is used to activate the non-FIPS-140 version or the FIPS-140 version of OpenSSL.
-.sp
-.LP
-By default, the non-FIPS-140 version (\fBdefault\fR implementation) is activated. Use the \fBpkg set-mediator\fR command to switch to the FIPS-140 version of OpenSSL:
-.sp
-.in +2
-.nf
-# \fBpkg set-mediator -I fips-140 openssl\fR
-.fi
-.in -2
-.sp
-
-.sp
-.LP
-To switch back to the default non-FIPS-140 version, use the following command:
-.sp
-.in +2
-.nf
-# \fBpkg set-mediator -I default openssl\fR
-.fi
-.in -2
-.sp
-
-.sp
-.LP
-Reboot is required to enforce the change system-wide.
-.sp
-.LP
-See \fIManaging Encryption and Certificates in Oracle Solaris 11.2\fR for more details.
-.sp
-.LP
-When the FIPS-140 version of OpenSSL is activated, an application can run in FIPS-140 mode or non-FIPS-140 mode. An application must explicitly call \fBFIPS_mode_set()\fR in order to activate FIPS-140 mode.
-.SS "Building an OpenSSL Application"
-.sp
-.LP
-To build an OpenSSL application, use the following \fBcc\fR command line options:
-.sp
-.in +2
-.nf
-cc [ \fIflag\fR... ] \fIfile\fR... -lcrypto -lssl [ \fIlibrary\fR... ]
-.fi
-.in -2
-
-.SS "Accessing RSA Keys in PKCS#11 Keystores"
-.sp
-.LP
-OpenSSL can access RSA keys in PKCS#11 keystores using the following functions of the ENGINE API: 
-.sp
-.in +2
-.nf
-EVP_PKEY *ENGINE_load_private_key(ENGINE *e,
- const char *key_id, UI_METHOD *ui_method,
- void *callback_data)
-
-EVP_PKEY *ENGINE_load_public_key(ENGINE *e,
- const char *key_id, UI_METHOD *ui_method,
- void *callback_data)
-.fi
-.in -2
-
-.sp
-.LP
-\fBkey_id\fR, formerly for filenames only, can be now also set to a \fBPKCS#11 URI\fR. The \fBEVP_PKEY\fR structure is newly allocated and caller is responsible to free the structure later. To avoid clashes with existing filenames, \fBfile://\fR prefix for filenames is now also accepted but only when the PKCS#11 engine is in use. The PKCS#11 URI specification follows:
-.sp
-.in +2
-.nf
-pkcs11:[token=<label>][:manuf=<label>][;serial=<label>]
-   [;model=<label>][;object=<label>]
-   [;objecttype=(public|private|cert)]
-   [;passphrasedialog=(builtin|exec:<file>)]
-.fi
-.in -2
-
-.sp
-.LP
-The ordering of keywords is not significant. The PKCS#11 engine uses the keystore for the slot chosen for public key operations, which is \fBmetaslot\fR on a standard configured machine. Currently, the PKCS#11 engine ignores the \fBobjecttype\fR keyword. The only mandatory keyword is \fBobject\fR which is the key object label. For information on how to use a different, possibly hardware, keystore with \fBmetaslot\fR, see \fBlibpkcs11\fR(3LIB).
-.sp
-.LP
-The token PIN is provided by way of the \fBpassphrasedialog\fR keyword and is either read from the terminal (\fBbuiltin\fR) or from the output of an external command (\fBexec:<file>\fR). The PIN is used to log into the token and by default is deleted from the memory then. The keyword \fBpin\fR is intentionally not provided due to inherent security problems of possible use of a password in the process arguments.
-.sp
-.LP
-Due to fork safety issues the application must re-login if the child continues to use the PKCS#11 engine. It is done inside of the engine automatically if fork is detected and in that case, \fBexec:<file>\fR option of the \fBpassphrasedialog\fR keyword can be used. Alternatively, an environment variable \fBOPENSSL_PKCS11_PIN_CACHING_POLICY\fR can be used to allow the PIN to be cached in memory and reused in the child. It can be set to \fBnone\fR which is the default, \fBmemory\fR to store the PIN in memory, and \fBmlocked-memory\fR to keep the PIN in a locked page using \fBmlock\fR(3C). \fBPRIV_PROC_LOCK_MEMORY\fR privilege is required in that case.
-.sp
-.LP
-Sensitive parts of private keys are never read from the token to the process memory no matter whether the key is tagged with sensitive flag or not. The PKCS#11 engine uses the public components as a search key to get a PKCS#11 object handle to the private key.
-.sp
-.LP
-To use the RSA keys by reference, high level API functions such as \fBRSA_public_decrypt()\fR, \fBEVP_PKEY_set1_RSA()\fR, or \fBEVP_SignInit()\fR must be used. Low level functions might go around the engine and fail to make use of the feature.
-.SS "Additional Documentation"
-.sp
-.LP
-Extensive additional documentation for OpenSSL modules is available in the \fB/usr/share/man/man1openssl\fR, \fB/usr/share/man/man3openssl\fR, \fB/usr/share/man/man5openssl\fR, and \fB/usr/share/man/man7openssl\fR directories.
-.sp
-.LP
-To view the license terms, attribution, and copyright for OpenSSL, run \fBpkg info --license library/security/openssl\fR.
-.SH EXAMPLES
-.LP
-\fBExample 1 \fRGenerating and Printing a Public Key
-.sp
-.LP
-The following example generates and prints a public key stored in an already initialized PKCS#11 keystore. Notice the use of \fB-engine pkcs11\fR and \fB-inform e\fR.
-
-.sp
-.in +2
-.nf
-$ \fBpktool gencert keystore=pkcs11 label=mykey \
-   subject="CN=test" keytype=rsa keylen=1024 serial=01\fR
-$ \fBopenssl rsa -in "pkcs11:object=mykey;passphrasedialog=builtin"\
-   -pubout -text -engine pkcs11 -inform e\fR
-.fi
-.in -2
-.sp
-
-.SH ATTRIBUTES
-.sp
-.LP
-See \fBattributes\fR(5) for a description of the following attributes:
-.sp
-
-.sp
-.TS
-tab() box;
-cw(2.75i) |cw(2.75i) 
-lw(2.75i) |lw(2.75i) 
-.
-ATTRIBUTE TYPEATTRIBUTE VALUE
-_
-Availabilitylibrary/security/openssl
-_
-Interface StabilityVolatile
-.TE
-
-.SH SEE ALSO
-.sp
-.LP
-\fBcrle\fR(1), \fBcryptoadm\fR(1M), \fBlibpkcs11\fR(3LIB), \fBattributes\fR(5), \fBprivileges\fR(5)
-.sp
-.LP
-\fB/usr/share/man/man1openssl/openssl.1openssl\fR, \fB/usr/share/man/man1openssl/CRYPTO_num_locks.3openssl\fR, \fB/usr/share/man/man3openssl/engine.3\fR, \fB/usr/share/man/man3openssl/evp.3\fR
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/openssl/openssl-default/files/openssl.7	Thu Oct 29 11:05:40 2015 -0700
@@ -0,0 +1,208 @@
+'\" te
+.\" Copyright (c) 2009, 2015, Oracle and/or its affiliates. All rights reserved.
+.TH openssl 7 "28 Oct 2015" "SunOS 5.12" "Standards, Environments, and Macros"
+.SH NAME
+openssl \- OpenSSL cryptographic and Secure Sockets Layer toolkit
+.SH DESCRIPTION
+.sp
+.LP
+OpenSSL is a cryptography toolkit that implements the Transport Layer Security (TLS v1) network protocols.  This version of OpenSSL no longer supports the Secure Sockets Layer (SSLv2/v3) network protocols.
+.sp
+.LP
+The following features are omitted  from  the  binaries  for issues  including but not limited to patents, trademark, and US export restrictions: ECC, IDEA, MDC2, RC3,  RC5, 4758_CCA Engine, AEP Engine, Atalla Engine, CHIL  Engine,  CSWIFT  Engine,  GMP  Engine,  NURON  Engine, PadLock Engine, Sureware Engine, and UBSEC Engine.
+.SS "The Dynamic Engine Support"
+.sp
+.LP
+The dynamic engine support has been enabled, which allows an external engine, in the form of a shared library, to be dynamically bound and used by an OpenSSL-based application.
+.sp
+.LP
+Run the following command to see if the dynamic engine is supported:
+.sp
+.in +2
+.nf
+$ \fBopenssl engine dynamic\fR
+(dynamic) Dynamic engine loading support
+.fi
+.in -2
+.sp
+
+.SS "The PKCS#11 Engine"
+.sp
+.LP
+The PKCS#11 engine has been included with ENGINE name \fBpkcs11\fR. The engine was developed in Sun and is not integrated in the OpenSSL project.
+.sp
+.LP
+The PKCS#11 engine is a dynamic engine, and it is configured to use the Oracle Solaris Cryptographic Framework. See \fBcryptoadm\fR(8) for configuration information.
+.sp
+.LP
+The PKCS#11 engine can support the following set of mechanisms: \fBCKM_AES_CBC\fR, \fBCKM_AES_ECB\fR, \fBCKM_BLOWFISH_CBC\fR, \fBCKM_DES_CBC\fR, \fBCKM_DES_ECB\fR, \fBCKM_DES3_CBC\fR, \fBCKM_DES3_ECB\fR, \fBCKM_DSA\fR, \fBCKM_MD5\fR, \fBCKM_RC4\fR, \fBCKM_RSA_PKCS\fR, \fBCKM_RSA_X_509\fR, \fBCKM_SHA_1\fR, \fBCKM_SHA224\fR, \fBCKM_SHA256\fR, \fBCKM_SHA384\fR, \fBCKM_SHA512\fR, \fBCKM_SHA224_HMAC\fR, \fBCKM_SHA224_HMAC_GENERAL\fR, and \fBCKM_SHA224_KEY_DERIVATION\fR.
+.sp
+.LP
+The set of mechanisms available depends on installed Crypto Framework providers. To see what mechanisms can be offloaded to the Cryptographic Framework through the PKCS#11 engine on a given machine, run the following command:
+.sp
+.in +2
+.nf
+$ \fB/usr/bin/openssl engine dynamic -pre SO_PATH:/lib/openssl/engines/64/libpk11.so -pre LOAD -t -c\fR
+.fi
+.in -2
+.sp
+
+.sp
+.LP
+In order to verify the use of the PKCS#11 engine and the use of hardware acceleration with the OpenSSL application, you must specify the EVP option. EVP stands for \fBEnVeloPE\fR API, which is the API applications such as Apache use to access OpenSSL cryptography. Use the EVP option to get the most accurate \fBopenssl speed\fR results.
+.sp
+.in +2
+.nf
+$ \fB/usr/bin/openssl speed -evp aes-128-cbc -engine pkcs11\fR
+.fi
+.in -2
+.sp
+
+.sp
+.LP
+Due to requirements of the PKCS#11 standard regarding \fBfork\fR(2) behavior, some applications that use the OpenSSL EVP interfaces and \fBfork()\fR with active \fBcrypto\fR contexts might experience unexpected behavior.
+.SS "Using FIPS Mode"
+.sp
+.LP
+FIPS-140 capable OpenSSL is available in Oracle Solaris.
+.sp
+.LP
+The IPS package mediator feature is used to activate the non-FIPS-140 version or the FIPS-140 version of OpenSSL.
+.sp
+.LP
+By default, the non-FIPS-140 version (\fBdefault\fR implementation) is activated. Use the \fBpkg set-mediator\fR command to switch to the FIPS-140 version of OpenSSL:
+.sp
+.in +2
+.nf
+# \fBpkg set-mediator -I fips-140 openssl\fR
+.fi
+.in -2
+.sp
+
+.sp
+.LP
+To switch back to the default non-FIPS-140 version, use the following command:
+.sp
+.in +2
+.nf
+# \fBpkg set-mediator -I default openssl\fR
+.fi
+.in -2
+.sp
+
+.sp
+.LP
+Reboot is required to enforce the change system-wide.
+.sp
+.LP
+See \fIManaging Encryption and Certificates in Oracle Solaris 11.2\fR for more details.
+.sp
+.LP
+When the FIPS-140 version of OpenSSL is activated, an application can run in FIPS-140 mode or non-FIPS-140 mode. An application must explicitly call \fBFIPS_mode_set()\fR in order to activate FIPS-140 mode.
+.SS "Building an OpenSSL Application"
+.sp
+.LP
+To build an OpenSSL application, use the following \fBcc\fR command line options:
+.sp
+.in +2
+.nf
+cc [ \fIflag\fR... ] \fIfile\fR... -lcrypto -lssl [ \fIlibrary\fR... ]
+.fi
+.in -2
+
+.SS "Accessing RSA Keys in PKCS#11 Keystores"
+.sp
+.LP
+OpenSSL can access RSA keys in PKCS#11 keystores using the following functions of the ENGINE API: 
+.sp
+.in +2
+.nf
+EVP_PKEY *ENGINE_load_private_key(ENGINE *e,
+ const char *key_id, UI_METHOD *ui_method,
+ void *callback_data)
+
+EVP_PKEY *ENGINE_load_public_key(ENGINE *e,
+ const char *key_id, UI_METHOD *ui_method,
+ void *callback_data)
+.fi
+.in -2
+
+.sp
+.LP
+\fBkey_id\fR, formerly for filenames only, can be now also set to a \fBPKCS#11 URI\fR. The \fBEVP_PKEY\fR structure is newly allocated and caller is responsible to free the structure later. To avoid clashes with existing filenames, \fBfile://\fR prefix for filenames is now also accepted but only when the PKCS#11 engine is in use. The PKCS#11 URI specification follows:
+.sp
+.in +2
+.nf
+pkcs11:[token=<label>][:manuf=<label>][;serial=<label>]
+   [;model=<label>][;object=<label>]
+   [;objecttype=(public|private|cert)]
+   [;passphrasedialog=(builtin|exec:<file>)]
+.fi
+.in -2
+
+.sp
+.LP
+The ordering of keywords is not significant. The PKCS#11 engine uses the keystore for the slot chosen for public key operations, which is \fBmetaslot\fR on a standard configured machine. Currently, the PKCS#11 engine ignores the \fBobjecttype\fR keyword. The only mandatory keyword is \fBobject\fR which is the key object label. For information on how to use a different, possibly hardware, keystore with \fBmetaslot\fR, see \fBlibpkcs11\fR(3LIB).
+.sp
+.LP
+The token PIN is provided by way of the \fBpassphrasedialog\fR keyword and is either read from the terminal (\fBbuiltin\fR) or from the output of an external command (\fBexec:<file>\fR). The PIN is used to log into the token and by default is deleted from the memory then. The keyword \fBpin\fR is intentionally not provided due to inherent security problems of possible use of a password in the process arguments.
+.sp
+.LP
+Due to fork safety issues the application must re-login if the child continues to use the PKCS#11 engine. It is done inside of the engine automatically if fork is detected and in that case, \fBexec:<file>\fR option of the \fBpassphrasedialog\fR keyword can be used. Alternatively, an environment variable \fBOPENSSL_PKCS11_PIN_CACHING_POLICY\fR can be used to allow the PIN to be cached in memory and reused in the child. It can be set to \fBnone\fR which is the default, \fBmemory\fR to store the PIN in memory, and \fBmlocked-memory\fR to keep the PIN in a locked page using \fBmlock\fR(3C). \fBPRIV_PROC_LOCK_MEMORY\fR privilege is required in that case.
+.sp
+.LP
+Sensitive parts of private keys are never read from the token to the process memory no matter whether the key is tagged with sensitive flag or not. The PKCS#11 engine uses the public components as a search key to get a PKCS#11 object handle to the private key.
+.sp
+.LP
+To use the RSA keys by reference, high level API functions such as \fBRSA_public_decrypt()\fR, \fBEVP_PKEY_set1_RSA()\fR, or \fBEVP_SignInit()\fR must be used. Low level functions might go around the engine and fail to make use of the feature.
+.SS "Additional Documentation"
+.sp
+.LP
+Extensive additional documentation for OpenSSL modules is available in the \fB/usr/share/man/man1openssl\fR, \fB/usr/share/man/man3openssl\fR, \fB/usr/share/man/man5openssl\fR, and \fB/usr/share/man/man7openssl\fR directories.
+.sp
+.LP
+To view the license terms, attribution, and copyright for OpenSSL, run \fBpkg info --license library/security/openssl\fR.
+.SH EXAMPLES
+.LP
+\fBExample 1 \fRGenerating and Printing a Public Key
+.sp
+.LP
+The following example generates and prints a public key stored in an already initialized PKCS#11 keystore. Notice the use of \fB-engine pkcs11\fR and \fB-inform e\fR.
+
+.sp
+.in +2
+.nf
+$ \fBpktool gencert keystore=pkcs11 label=mykey \
+   subject="CN=test" keytype=rsa keylen=1024 serial=01\fR
+$ \fBopenssl rsa -in "pkcs11:object=mykey;passphrasedialog=builtin"\
+   -pubout -text -engine pkcs11 -inform e\fR
+.fi
+.in -2
+.sp
+
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(7) for a description of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+Availabilitylibrary/security/openssl
+_
+Interface StabilityVolatile
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBcrle\fR(1), \fBcryptoadm\fR(8), \fBlibpkcs11\fR(3LIB), \fBattributes\fR(7), \fBprivileges\fR(7)
+.sp
+.LP
+\fB/usr/share/man/man1openssl/openssl.1openssl\fR, \fB/usr/share/man/man1openssl/CRYPTO_num_locks.3openssl\fR, \fB/usr/share/man/man3openssl/engine.3\fR, \fB/usr/share/man/man3openssl/evp.3\fR
--- a/components/openssl/openssl-default/openssl-default.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/openssl/openssl-default/openssl-default.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -2214,14 +2214,11 @@
 file path=usr/share/man/man3openssl/ui.3openssl
 file path=usr/share/man/man3openssl/ui_compat.3openssl
 file path=usr/share/man/man3openssl/x509.3openssl
-# openssl.5 is pre-Solarified, so bypass the mangler.
-file files/openssl.5 path=usr/share/man/man5/openssl.5 mangler.bypass=true
 file path=usr/share/man/man5openssl/config.5openssl
 file path=usr/share/man/man5openssl/x509v3_config.5openssl
+# openssl.7 is pre-Solarified, so bypass the mangler.
+file files/openssl.7 path=usr/share/man/man7/openssl.7 mangler.bypass=true
 file path=usr/share/man/man7openssl/des_modes.7openssl
 legacy pkg=SUNWopensslr desc="OpenSSL Libraries (Root)" \
     name="OpenSSL Libraries (Root)"
 license openssl-default.license license="OpenSSL, SSLeay"
-# openssl.5 used to be in system/core-os, so we need an optional dependency
-# on that package @ the first version where that page is no longer there.
-depend type=optional fmri=system/[email protected]
--- a/components/openstack/swift/swift.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/openstack/swift/swift.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -41,7 +41,7 @@
 <transform file path=usr/lib/swift/(.*) -> set action.hash usr/bin/%<1>>
 <transform file path=usr/lib/swift/(.*) -> default mode 0555>
 <transform file path=usr/share/man/man1/(.+) -> set action.hash doc/manpages/%<1>>
-<transform file path=usr/share/man/man4/(.+)\.4 -> set action.hash doc/manpages/%<1>.5>
+<transform file path=usr/share/man/man5/(.+)\.5 -> set action.hash doc/manpages/%<1>.5>
 set name=pkg.fmri \
     value=pkg:/cloud/openstack/[email protected]$(IPS_COMPONENT_VERSION),$(BUILD_VERSION)
 set name=pkg.summary value="OpenStack Swift (Object Storage Service)"
@@ -272,12 +272,12 @@
 file path=usr/share/man/man1/swift-proxy-server.1
 file path=usr/share/man/man1/swift-recon.1
 file path=usr/share/man/man1/swift-ring-builder.1
-file path=usr/share/man/man4/account-server.conf.4
-file path=usr/share/man/man4/container-server.conf.4
-file path=usr/share/man/man4/dispersion.conf.4
-file path=usr/share/man/man4/object-expirer.conf.4
-file path=usr/share/man/man4/object-server.conf.4
-file path=usr/share/man/man4/proxy-server.conf.4
+file path=usr/share/man/man5/account-server.conf.5
+file path=usr/share/man/man5/container-server.conf.5
+file path=usr/share/man/man5/dispersion.conf.5
+file path=usr/share/man/man5/object-expirer.conf.5
+file path=usr/share/man/man5/object-server.conf.5
+file path=usr/share/man/man5/proxy-server.conf.5
 dir  path=var/lib/swift owner=swift group=swift mode=0700
 dir  path=var/lib/swift/recon-cache owner=swift group=swift
 dir  path=var/log/swift owner=swift group=swift
--- a/components/pam_pkcs11/files/pam_pkcs11.5	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,413 +0,0 @@
-'\" te
-.\" Portions Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
-.\" This manual page is derived from documentation obtained from the OpenSC organization (www.opensc-project.org). This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it is useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-.TH pam_pkcs11 5 "22 May 2012" "SunOS 5.12" "Standards, Environments, and Macros"
-.SH NAME
-pam_pkcs11 \- PAM Authentication Module for the PKCS#11 token libraries
-.SH SYNOPSIS
-.LP
-.nf
-\fBpam_pkcs11.so\fR [debug] [config_file=\fIfilename\fR]
-.fi
-
-.SH DESCRIPTION
-.sp
-.LP
-The \fBpam_pkcs11\fR module implements \fBpam_sm_authenticate\fR(3PAM), which provides functionality to the PAM authentication stack. This module allows a user to login a system, using a X.509 certificate and its dedicated private key stored in a PKCS#11 token. This module currently supports the RSA algorithm only.
-.sp
-.LP
-To verify the dedicated private key is truly associated with the X.509 certificate, the following verification procedure is performed in this module by default:
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Generate 128 random byte data
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Sign the random data with the private key and get a signature. This step is done in the PKCS#11 token.
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Verify the signature using the public key extracted from the certificate.
-.RE
-.sp
-.LP
-For the verification of the users' certificates, locally stored CA certificates as well as either online or locally accessible CRLs are used.
-.SS "PAM CONFIGURATION"
-.sp
-.LP
-The \fBpam_pkcs11.so\fR service module can be used in the \fB<auth>\fR PAM chain. The program that needs a PAM service should be configured in \fB/etc/pam.conf\fR or \fB/etc/pam.d/\fR\fIservice\fR. For details on how to configure PAM services, see \fBpam.conf\fR(4).
-.sp
-.LP
-The following example uses only \fBpam_pkcs11\fR for authentication:
-.sp
-.in +2
-.nf
-login auth requisite pam_pkcs11.so.1
-login autho required pam_unix_cred.so.1
-.fi
-.in -2
-
-.sp
-.LP
-The following example uses \fBpam_pkcs11\fR for authentication with fallback to standard UNIX authentication:
-.sp
-.in +2
-.nf
-login auth sufficient pam_pkcs11.so.1
-login auth requisite  pam_authtok_get.so.1
-login auth required   pam_dhkeys.so.1
-login auth required   pam_unix_cred.so.1
-login auth required   pam_unix_auth.so.1
-.fi
-.in -2
-
-.SS "PAM_PKCS11 CONFIGURATION"
-.sp
-.LP
-To configure the \fBpam_pkcs11\fR module, you must have the following information:
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Which PKCS #11 token you are going to use
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Which mapper(s) you need, and if needed, how to create and edit the related mapping files
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-The root Certificate Authority files, and if required, the Certificate Revocation Lists files
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-The list of authorized users to login, and their corresponding certificates
-.RE
-.sp
-.LP
-To configure the \fBpam_pkcs11\fR module, you need to modify the \fBpam_pkcs11.conf\fR configuration file which is in the \fB/etc/security/pam_pkcs11\fR directory by default. For detailed information on how to configure the \fBpam_pkcs11\fR module, see the \fIPAM-PKCS11 User Manual\fR, available at the \fBhttp://www.opensc-project.org/\fR web site, under the \fBPAM PKCS#11\fR link.
-.sp
-.LP
-The following example illustrates how to configure the \fBpam_pkcs11\fR module for a user whose certificate and private key are stored in the Solaris \fBpkcs11_softtoken\fR keystore. This example uses the default certificate verification policy. 
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Set up the PKCS#11 module.
-.sp
-On Solaris, the PKCS#11 module should be set to \fB/usr/lib/libpkcs11.so.1\fR, the PKCS#11 Cryptographic Framework library. 
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Set up the \fBslot_description\fR entry.
-.sp
-Specifies the slot to be used. For example, \fBslot_description = "Sun Crypto Softtoken"\fR. The default value for this entry is \fBnone\fR which means to use the first slot with an available token.
-.sp
-An administrator can use the \fBcryptoadm list -v\fRcommand to find all the available slots and their slot descriptions. For more information, see \fBlibpkcs11\fR(3LIB) and \fBcryptoadm\fR(1M).
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Install or create user certificates and its dedicated private keys in the specific PKCS#11 token.
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Set up the certificate verification policy (\fBcert_policy\fR). If needed, set up CA certificate and CRL files.
-.sp
-The certificate verification policy includes:
-.RS
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fBnone\fR\fR
-.ad
-.RS 13n
-.rt  
-Perform no verification
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fBca\fR\fR
-.ad
-.RS 13n
-.rt  
-Perform CA check
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fBsignature\fR\fR
-.ad
-.RS 13n
-.rt  
-Perform a signature check to ensure that private and public key matches
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fBcrl_\fR\fIxxx\fR\fR
-.ad
-.RS 13n
-.rt  
-Perform various certificate revocation checking
-.RE
-
-.RE
-
-As this example uses the default policy, \fBcert_policy = ca,signature\fR, an administer needs to set up the CA certificates.
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Copy the CA certificate to the \fB/etc/security/pam_pkcs11/cacerts\fR directory.
-.sp
-A certificate that is self-signed is its own CA certificate. Therefore, in this example, the certificate is placed both in the Softtoken keystore and in the CA certificate directory.
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Make hash links for CA certificates
-.sp
-.in +2
-.nf
-$ /etc/security/pam_pkcs11/make_hash_link.sh \e
-      /etc/security/pam_pkcs11/cacerts
-.fi
-.in -2
-.sp
-
-.RE
-.RE
-.RS +4
-.TP
-.ie t \(bu
-.el o
-Set up the mappers and mapfiles.
-.sp
-When a X509 certificate is provided, there are no direct ways to map a certificate to a login. The \fBpam_pkcs11\fR module provides a configurable way with mappers to specify \fBcert-to-user\fR mapping.
-.sp
-Many mappers are provided by the \fBpam_pkcs11\fR module, for example, the common name (CN) mapper, the digest mapper, the Email mapper, or the LDAP mapper. 
-.sp
-A user can configure a mapper list in the \fBpam_pkcs11.conf\fR file. The mappers in the list are used sequentially until the certificate is successfully matched with the user. 
-.sp
-The default mapper list is as follows:
-.sp
-.in +2
-.nf
-use_mappers = digest, cn, pwent, uid, mail, subject, null;
-.fi
-.in -2
-.sp
-
-Some mappers do not require the specification of a mapfile, for example, the common name mapper. Other mappers require mapfiles, for example, the digest mapper. Some sample mapping files can be found in the \fB/etc/security/pam_pkcs11\fR directory.
-.RE
-.SH OPTIONS
-.sp
-.LP
-The following options are supported:
-.sp
-.ne 2
-.mk
-.na
-\fB\fBconfig_file=\fIfilename\fR\fR\fR
-.ad
-.RS 24n
-.rt  
-Specify the configuration file. The default value is \fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fBdebug\fR\fR
-.ad
-.RS 24n
-.rt  
-Enable debugging output.
-.RE
-
-.SH FILES
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/usr/lib/security/pam_pkcs11.so\fR\fR
-.ad
-.sp .6
-.RS 4n
-\fBpam_pkcs11\fR module
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/usr/lib/pam_pkcs11/ldap_mapper.so\fR\fR
-.ad
-.sp .6
-.RS 4n
-Mapper module.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/usr/lib/pam_pkcs11/opensc_mapper.so\fR\fR
-.ad
-.sp .6
-.RS 4n
-Mapper module.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/usr/lib/pam_pkcs11/openssh_mapper.so\fR\fR
-.ad
-.sp .6
-.RS 4n
-Mapper module.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR\fR
-.ad
-.sp .6
-.RS 4n
-Configuration file.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/security/pam_pkcs11/cacerts\fR\fR
-.ad
-.sp .6
-.RS 4n
-Configuration directory. Stores the CA certificates.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/security/pam_pkcs11/crls\fR\fR
-.ad
-.sp .6
-.RS 4n
-Configuration directory. Stores the CRL files.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/security/pam_pkcs11/digest_mapping.example\fR\fR
-.ad
-.sp .6
-.RS 4n
-Sample mapfile.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/security/pam_pkcs11/subject_mapping.example\fR\fR
-.ad
-.sp .6
-.RS 4n
-Sample mapfile.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/security/pam_pkcs11/mail_mapping.example\fR\fR
-.ad
-.sp .6
-.RS 4n
-Sample mapfile.
-.RE
-
-.sp
-.ne 2
-.mk
-.na
-\fB\fB/etc/security/pam_pkcs11/make_hash_link.sh\fR\fR
-.ad
-.sp .6
-.RS 4n
-Sample script.
-.RE
-
-.SH AUTHORS
-.sp
-.LP
-\fBPAM-pkcs11\fR was originally written by MarioStrasser , \[email protected]\fR.
-.sp
-.LP
-Newer versions are from Juan Antonio Martinez, \[email protected]\fR
-.SH ATTRIBUTES
-.sp
-.LP
-See \fBattributes\fR(5) for a description of the following attributes:
-.sp
-
-.sp
-.TS
-tab() box;
-cw(2.75i) |cw(2.75i) 
-lw(2.75i) |lw(2.75i) 
-.
-ATTRIBUTE TYPEATTRIBUTE VALUE
-_
-AvailabilityT{
-library/security/pam/module/pam-pkcs11, SUNWpampkcs11r, SUNWpampkcs11-docs
-T}
-_
-Interface StabilityUncommitted
-.TE
-
-.SH SEE ALSO
-.sp
-.LP
-\fBpkcs11_inspect\fR(1), \fBpklogin_finder\fR(1), \fBcryptoadm\fR(1M), \fBlibpkcs11\fR(3LIB)\fBlibpkcs11\fR(3LIB)\fBpam_sm_authenticate\fR(3PAM), \fBpam.conf\fR(4), \fBattributes\fR(5), \fBpkcs11_softtoken\fR(5)
-.sp
-.LP
-\fIPAM-PKCS11 User Manual\fR, available at the \fBhttp://www.opensc-project.org/\fR web site, under the \fBPAM PKCS#11\fR link.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/pam_pkcs11/files/pam_pkcs11.7	Thu Oct 29 11:05:40 2015 -0700
@@ -0,0 +1,413 @@
+'\" te
+.\" Portions Copyright (c) 2008, 2015, Oracle and/or its affiliates. All rights reserved.
+.\" This manual page is derived from documentation obtained from the OpenSC organization (www.opensc-project.org). This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it is useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+.TH pam_pkcs11 7 "28 Oct 2015" "SunOS 5.12" "Standards, Environments, and Macros"
+.SH NAME
+pam_pkcs11 \- PAM Authentication Module for the PKCS#11 token libraries
+.SH SYNOPSIS
+.LP
+.nf
+\fBpam_pkcs11.so\fR [debug] [config_file=\fIfilename\fR]
+.fi
+
+.SH DESCRIPTION
+.sp
+.LP
+The \fBpam_pkcs11\fR module implements \fBpam_sm_authenticate\fR(3PAM), which provides functionality to the PAM authentication stack. This module allows a user to login a system, using a X.509 certificate and its dedicated private key stored in a PKCS#11 token. This module currently supports the RSA algorithm only.
+.sp
+.LP
+To verify the dedicated private key is truly associated with the X.509 certificate, the following verification procedure is performed in this module by default:
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Generate 128 random byte data
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Sign the random data with the private key and get a signature. This step is done in the PKCS#11 token.
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Verify the signature using the public key extracted from the certificate.
+.RE
+.sp
+.LP
+For the verification of the users' certificates, locally stored CA certificates as well as either online or locally accessible CRLs are used.
+.SS "PAM CONFIGURATION"
+.sp
+.LP
+The \fBpam_pkcs11.so\fR service module can be used in the \fB<auth>\fR PAM chain. The program that needs a PAM service should be configured in \fB/etc/pam.conf\fR or \fB/etc/pam.d/\fR\fIservice\fR. For details on how to configure PAM services, see \fBpam.conf\fR(5).
+.sp
+.LP
+The following example uses only \fBpam_pkcs11\fR for authentication:
+.sp
+.in +2
+.nf
+login auth requisite pam_pkcs11.so.1
+login autho required pam_unix_cred.so.1
+.fi
+.in -2
+
+.sp
+.LP
+The following example uses \fBpam_pkcs11\fR for authentication with fallback to standard UNIX authentication:
+.sp
+.in +2
+.nf
+login auth sufficient pam_pkcs11.so.1
+login auth requisite  pam_authtok_get.so.1
+login auth required   pam_dhkeys.so.1
+login auth required   pam_unix_cred.so.1
+login auth required   pam_unix_auth.so.1
+.fi
+.in -2
+
+.SS "PAM_PKCS11 CONFIGURATION"
+.sp
+.LP
+To configure the \fBpam_pkcs11\fR module, you must have the following information:
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Which PKCS #11 token you are going to use
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Which mapper(s) you need, and if needed, how to create and edit the related mapping files
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The root Certificate Authority files, and if required, the Certificate Revocation Lists files
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+The list of authorized users to login, and their corresponding certificates
+.RE
+.sp
+.LP
+To configure the \fBpam_pkcs11\fR module, you need to modify the \fBpam_pkcs11.conf\fR configuration file which is in the \fB/etc/security/pam_pkcs11\fR directory by default. For detailed information on how to configure the \fBpam_pkcs11\fR module, see the \fIPAM-PKCS11 User Manual\fR, available at the \fBhttp://www.opensc-project.org/\fR web site, under the \fBPAM PKCS#11\fR link.
+.sp
+.LP
+The following example illustrates how to configure the \fBpam_pkcs11\fR module for a user whose certificate and private key are stored in the Solaris \fBpkcs11_softtoken\fR keystore. This example uses the default certificate verification policy. 
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Set up the PKCS#11 module.
+.sp
+On Solaris, the PKCS#11 module should be set to \fB/usr/lib/libpkcs11.so.1\fR, the PKCS#11 Cryptographic Framework library. 
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Set up the \fBslot_description\fR entry.
+.sp
+Specifies the slot to be used. For example, \fBslot_description = "Sun Crypto Softtoken"\fR. The default value for this entry is \fBnone\fR which means to use the first slot with an available token.
+.sp
+An administrator can use the \fBcryptoadm list -v\fRcommand to find all the available slots and their slot descriptions. For more information, see \fBlibpkcs11\fR(3LIB) and \fBcryptoadm\fR(8).
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Install or create user certificates and its dedicated private keys in the specific PKCS#11 token.
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Set up the certificate verification policy (\fBcert_policy\fR). If needed, set up CA certificate and CRL files.
+.sp
+The certificate verification policy includes:
+.RS
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBnone\fR\fR
+.ad
+.RS 13n
+.rt  
+Perform no verification
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBca\fR\fR
+.ad
+.RS 13n
+.rt  
+Perform CA check
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBsignature\fR\fR
+.ad
+.RS 13n
+.rt  
+Perform a signature check to ensure that private and public key matches
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBcrl_\fR\fIxxx\fR\fR
+.ad
+.RS 13n
+.rt  
+Perform various certificate revocation checking
+.RE
+
+.RE
+
+As this example uses the default policy, \fBcert_policy = ca,signature\fR, an administer needs to set up the CA certificates.
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Copy the CA certificate to the \fB/etc/security/pam_pkcs11/cacerts\fR directory.
+.sp
+A certificate that is self-signed is its own CA certificate. Therefore, in this example, the certificate is placed both in the Softtoken keystore and in the CA certificate directory.
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Make hash links for CA certificates
+.sp
+.in +2
+.nf
+$ /etc/security/pam_pkcs11/make_hash_link.sh \e
+      /etc/security/pam_pkcs11/cacerts
+.fi
+.in -2
+.sp
+
+.RE
+.RE
+.RS +4
+.TP
+.ie t \(bu
+.el o
+Set up the mappers and mapfiles.
+.sp
+When a X509 certificate is provided, there are no direct ways to map a certificate to a login. The \fBpam_pkcs11\fR module provides a configurable way with mappers to specify \fBcert-to-user\fR mapping.
+.sp
+Many mappers are provided by the \fBpam_pkcs11\fR module, for example, the common name (CN) mapper, the digest mapper, the Email mapper, or the LDAP mapper. 
+.sp
+A user can configure a mapper list in the \fBpam_pkcs11.conf\fR file. The mappers in the list are used sequentially until the certificate is successfully matched with the user. 
+.sp
+The default mapper list is as follows:
+.sp
+.in +2
+.nf
+use_mappers = digest, cn, pwent, uid, mail, subject, null;
+.fi
+.in -2
+.sp
+
+Some mappers do not require the specification of a mapfile, for example, the common name mapper. Other mappers require mapfiles, for example, the digest mapper. Some sample mapping files can be found in the \fB/etc/security/pam_pkcs11\fR directory.
+.RE
+.SH OPTIONS
+.sp
+.LP
+The following options are supported:
+.sp
+.ne 2
+.mk
+.na
+\fB\fBconfig_file=\fIfilename\fR\fR\fR
+.ad
+.RS 24n
+.rt  
+Specify the configuration file. The default value is \fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fBdebug\fR\fR
+.ad
+.RS 24n
+.rt  
+Enable debugging output.
+.RE
+
+.SH FILES
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lib/security/pam_pkcs11.so\fR\fR
+.ad
+.sp .6
+.RS 4n
+\fBpam_pkcs11\fR module
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lib/pam_pkcs11/ldap_mapper.so\fR\fR
+.ad
+.sp .6
+.RS 4n
+Mapper module.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lib/pam_pkcs11/opensc_mapper.so\fR\fR
+.ad
+.sp .6
+.RS 4n
+Mapper module.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/usr/lib/pam_pkcs11/openssh_mapper.so\fR\fR
+.ad
+.sp .6
+.RS 4n
+Mapper module.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR\fR
+.ad
+.sp .6
+.RS 4n
+Configuration file.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/security/pam_pkcs11/cacerts\fR\fR
+.ad
+.sp .6
+.RS 4n
+Configuration directory. Stores the CA certificates.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/security/pam_pkcs11/crls\fR\fR
+.ad
+.sp .6
+.RS 4n
+Configuration directory. Stores the CRL files.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/security/pam_pkcs11/digest_mapping.example\fR\fR
+.ad
+.sp .6
+.RS 4n
+Sample mapfile.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/security/pam_pkcs11/subject_mapping.example\fR\fR
+.ad
+.sp .6
+.RS 4n
+Sample mapfile.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/security/pam_pkcs11/mail_mapping.example\fR\fR
+.ad
+.sp .6
+.RS 4n
+Sample mapfile.
+.RE
+
+.sp
+.ne 2
+.mk
+.na
+\fB\fB/etc/security/pam_pkcs11/make_hash_link.sh\fR\fR
+.ad
+.sp .6
+.RS 4n
+Sample script.
+.RE
+
+.SH AUTHORS
+.sp
+.LP
+\fBPAM-pkcs11\fR was originally written by MarioStrasser , \[email protected]\fR.
+.sp
+.LP
+Newer versions are from Juan Antonio Martinez, \[email protected]\fR
+.SH ATTRIBUTES
+.sp
+.LP
+See \fBattributes\fR(7) for a description of the following attributes:
+.sp
+
+.sp
+.TS
+tab() box;
+cw(2.75i) |cw(2.75i) 
+lw(2.75i) |lw(2.75i) 
+.
+ATTRIBUTE TYPEATTRIBUTE VALUE
+_
+AvailabilityT{
+library/security/pam/module/pam-pkcs11, SUNWpampkcs11r, SUNWpampkcs11-docs
+T}
+_
+Interface StabilityUncommitted
+.TE
+
+.SH SEE ALSO
+.sp
+.LP
+\fBpkcs11_inspect\fR(1), \fBpklogin_finder\fR(1), \fBcryptoadm\fR(8), \fBlibpkcs11\fR(3LIB)\fBlibpkcs11\fR(3LIB)\fBpam_sm_authenticate\fR(3PAM), \fBpam.conf\fR(5), \fBattributes\fR(7), \fBpkcs11_softtoken\fR(7)
+.sp
+.LP
+\fIPAM-PKCS11 User Manual\fR, available at the \fBhttp://www.opensc-project.org/\fR web site, under the \fBPAM PKCS#11\fR link.
--- a/components/pam_pkcs11/pam_pkcs11.conf	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/pam_pkcs11/pam_pkcs11.conf	Thu Oct 29 11:05:40 2015 -0700
@@ -36,7 +36,7 @@
     #
     # On Solaris OS, an administrator can use the "cryotoadm list -v" command
     # to find all the available slots and their slot descriptions. For more 
-    # information, see the libpkcs11(3LIB) and cryptoadm(1m) man pages.
+    # information, see the libpkcs11(3LIB) and cryptoadm(8) man pages.
     #
     slot_description = "none";
 
--- a/components/pam_pkcs11/pam_pkcs11.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/pam_pkcs11/pam_pkcs11.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -69,13 +69,10 @@
     path=usr/share/man/ja_JP.UTF-8/man1/pklogin_finder.1
 file files/pkcs11_inspect.1 path=usr/share/man/man1/pkcs11_inspect.1
 file files/pklogin_finder.1 path=usr/share/man/man1/pklogin_finder.1
-file files/pam_pkcs11.5 path=usr/share/man/man5/pam_pkcs11.5
+file files/pam_pkcs11.7 path=usr/share/man/man7/pam_pkcs11.7
 file files/zh/pkcs11_inspect.1 \
     path=usr/share/man/zh_CN.UTF-8/man1/pkcs11_inspect.1
 file files/zh/pklogin_finder.1 \
     path=usr/share/man/zh_CN.UTF-8/man1/pklogin_finder.1
 #
 license pam_pkcs11.license license=LGPLv2.1
-# pam_pkcs11.5 used to be in system/core-os, so we need an optional dependency
-# on that package @ the first version where that page is no longer there.
-depend type=optional fmri=system/[email protected]
--- a/components/samba/samba36/patches/docs-xml.patch	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/samba/samba36/patches/docs-xml.patch	Thu Oct 29 11:05:40 2015 -0700
@@ -1,32 +1,3 @@
- swat.c - patch is currently disabled because tme man-section 5 is not converted to 4
-# git-like
-#--- a/source3/web/swat.c	2009-07-03 04:21:14.000000000 -0700
-#+++ b/source3/web/swat.c	2009-09-01 07:39:04.758980165 -0700
-#@@ -203,12 +203,12 @@
-# 	char *output;
-# 	if(strcmp(pLabel, pTranslated) != 0) {
-# 		output = talloc_asprintf(ctx,
-#-		  "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s <br><span class=\"i18n_translated_parm\">%s</span>",
-#+		  "<A HREF=\"/swat/help/manpages/smb.conf.4.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s <br><span class=\"i18n_translated_parm\">%s</span>",
-# 		   pAnchor, pHelp, pLabel, pTranslated);
-# 		return output;
-# 	}
-# 	output = talloc_asprintf(ctx,
-#-	  "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s",
-#+	  "<A HREF=\"/swat/help/manpages/smb.conf.4.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s",
-# 	  pAnchor, pHelp, pLabel);
-# 	return output;
-# }
-#@@ -1257,7 +1257,7 @@
-#         printf("<H3>%s</H3>\n", _("Important Note:"));
-#         printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
-#         printf("%s",_("are autoloaded printers from "));
-#-        printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
-#+        printf("<A HREF=\"/swat/help/smb.conf.4.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
-#         printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
-# 
-# 	if (cgi_variable("Commit") && snum >= 0) {
-# git-like
 --- a/docs-xml/configure.ac-bkp	2011-05-23 11:40:30.309466703 +0200
 +++ b/docs-xml/configure.ac	2011-05-23 12:18:34.727978926 +0200
 @@ -54,5 +54,8 @@
--- a/components/sox/patches/1.sox.1.patch	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,47 +0,0 @@
---- sox-14.3.0/sox.1	Mon Aug 17 17:35:00 2009
-+++ sox-14.3.0/sox.1.new	Mon Aug 17 20:08:32 2009
[email protected]@ -148,7 +148,7 @@
- N.B.  The above is just an overview of SoX's capabilities; detailed
- explanations of how to use \fIall\fR SoX parameters, file formats, and
- effects can be found below in this manual, in
--.BR soxformat (7),
-+.BR soxformat (4),
- and in
- .BR soxi (1).
- .SS File Format Types
[email protected]@ -719,7 +719,7 @@
- options (see below).
- .SS Supported File & Audio Device Types
- See
--.BR soxformat (7)
-+.BR soxformat (4)
- for a list and description of the supported file formats and audio device
- drivers.
- .SH OPTIONS
[email protected]@ -1271,7 +1271,7 @@
- actually present.
- .SP
- See
--.BR soxformat (7)
-+.BR soxformat (4)
- for a list of supported file types.
- .PP
- \fB\-L\fR, \fB\-\-endian little\fR
[email protected]@ -1354,7 +1354,7 @@
- The compression factor is interpreted differently for different
- compressing file formats.  See the description of the file formats that
- use this option in
--.BR soxformat (7)
-+.BR soxformat (4)
- for more information.
- .SH EFFECTS
- In addition to converting, playing and recording audio files, SoX can
[email protected]@ -4128,7 +4128,7 @@
- ([email protected]).
- .SH SEE ALSO
- .BR soxi (1),
--.BR soxformat (7),
-+.BR soxformat (4),
- .BR libsox (3)
- .br
- .BR audacity (1),
--- a/components/sox/patches/2.soxi.1.patch	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,20 +0,0 @@
---- sox-14.3.0/soxi.1	Mon Aug 17 17:35:07 2009
-+++ sox-14.3.0/soxi.1.new	Mon Aug 17 22:53:22 2009
[email protected]@ -37,7 +37,7 @@
- .SH DESCRIPTION
- Displays information from the header of a given audio file or files.
- Supported audio file types are listed and described in
--.BR soxformat (7).
-+.BR soxformat (4).
- Note however, that
- .B soxi
- is intended for use only with audio files with a self-describing header.
[email protected]@ -98,7 +98,7 @@
- ([email protected]).
- .SH SEE ALSO
- .BR sox (1),
--.BR soxformat (7),
-+.BR soxformat (4),
- .BR libsox (3)
- .SP
- The SoX web site at http://sox.sourceforge.net
--- a/components/sox/patches/3.libsox.3.patch	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,11 +0,0 @@
---- sox-14.3.0/libsox.3	Mon Aug 17 22:52:19 2009
-+++ sox-14.3.0/libsox.3.new	Mon Aug 17 22:52:34 2009
[email protected]@ -364,7 +364,7 @@
- This manual page is both incomplete and out of date.
- .SH SEE ALSO
- .BR sox (1),
--.BR soxformat (7)
-+.BR soxformat (4)
- .SP
- example*.c in the SoX source distribution.
- .SH LICENSE
--- a/components/sox/patches/4.soxformat.7.patch	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,11 +0,0 @@
---- sox-14.3.0/soxformat.7      Mon Aug 17 17:35:23 2009
-+++ sox-14.3.0/soxformat.7.new  Mon Aug 17 22:54:11 2009
[email protected]@ -29,7 +29,7 @@
- .SP
- .fi
- ..
--.TH SoX 7 "February 19, 2011" "soxformat" "Sound eXchange"
-+.TH SoX 4 "February 19, 2011" "soxformat" "Sound eXchange"
- .SH NAME
- SoX \- Sound eXchange, the Swiss Army knife of audio manipulation
- .SH DESCRIPTION
--- a/components/sox/sox.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/sox/sox.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -57,6 +57,6 @@
 file path=usr/share/man/man1/sox.1
 file path=usr/share/man/man1/soxi.1
 file path=usr/share/man/man3/libsox.3
-file soxformat.7 path=usr/share/man/man4/soxformat.4
-link path=usr/share/man/man5/soxeffect.5 target=../man1/sox.1
+link path=usr/share/man/man7/soxeffect.7 target=../man1/sox.1
+file soxformat.7 path=usr/share/man/man7/soxformat.7
 license sox.license license="GPLv2, LGPLv2.1"
--- a/components/tcsh/manpages/tcsh.1	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/tcsh/manpages/tcsh.1	Thu Oct 29 11:05:40 2015 -0700
@@ -149,7 +149,7 @@
 .TP 4
 .B \-m
 The shell loads \fI~/.tcshrc\fR even if it does not belong to the effective
-user.  Newer versions of \fIsu\fR(1M) can pass \fB\-m\fR to the shell. (+)
+user.  Newer versions of \fIsu\fR(8) can pass \fB\-m\fR to the shell. (+)
 .TP 4
 .B \-n
 The shell parses commands but does not execute them.
@@ -2675,7 +2675,7 @@
 sequences of the BSD and/or System V versions of \fIecho\fR; see \fIecho\fR(1).
 .TP 8
 .B echotc \fR[\fB\-sv\fR] \fIarg\fR ... (+)
-Exercises the terminal capabilities (see \fIterminfo\fR(4)) in \fIargs\fR.
+Exercises the terminal capabilities (see \fIterminfo\fR(5)) in \fIargs\fR.
 For example, 'echotc home' sends the cursor to the home position,
 \&'echotc cm 3 10' sends it to column 3 and row 10, and
 \&'echotc ts 0; echo "This is a test."; echotc fs' prints "This is a test."
@@ -3315,7 +3315,7 @@
 .TP 8
 .B settc \fIcap value \fR(+)
 Tells the shell to believe that the terminal capability \fIcap\fR
-(as defined in \fIterminfo\fR(4)) has the value \fIvalue\fR.
+(as defined in \fIterminfo\fR(5)) has the value \fIvalue\fR.
 No sanity checking is done.
 Concept terminal users may have to `settc xn no' to get proper
 wrapping at the rightmost column.
@@ -3368,7 +3368,7 @@
 .B suspend
 Causes the shell to stop in its tracks, much as if it had
 been sent a stop signal with \fB^Z\fR.  This is most often used to
-stop shells started by \fIsu\fR(1M).
+stop shells started by \fIsu\fR(8).
 .PP
 .B switch (\fIstring\fB)
 .br
@@ -3402,12 +3402,12 @@
 .PD
 .TP 8
 .B telltc \fR(+)
-Lists the values of all terminal capabilities (see \fIterminfo\fR(4)).
+Lists the values of all terminal capabilities (see \fIterminfo\fR(5)).
 .TP 8
 .B termname \fR[\fIterminal type\fR] \fR(+)
 Tests if \fIterminal type\fR (or the current value of \fBTERM\fR if no
 \fIterminal type\fR is given) has an entry in the hosts
-terminfo(4) database. Prints the terminal type to stdout and returns 0
+terminfo(5) database. Prints the terminal type to stdout and returns 0
 if an entry is present otherwise returns 1.
 .TP 8
 .B time \fR[\fIcommand\fR]
@@ -4741,7 +4741,7 @@
 The number of columns in the terminal.  See \fBTerminal management\fR.
 .TP 8
 .B DISPLAY
-Used by X Window System (see \fIX\fR(5)).
+Used by X Window System (see \fIX\fR(7)).
 If set, the shell does not set \fBautologout\fR (q.v.).
 .TP 8
 .B EDITOR
@@ -5200,10 +5200,10 @@
 To detect looping, the shell restricts the number of \fIalias\fR
 substitutions on a single line to 20.
 .SH "SEE ALSO"
-csh(1), emacs(1), ls(1), newgrp(1), sh(1), stty(1), su(1M),
-tset(1B), vi(1), X(5), access(2), execve(2), fork(2), killpg(3C),
+csh(1), emacs(1), ls(1), newgrp(1), sh(1), stty(1), su(8),
+tset(1B), vi(1), X(7), access(2), execve(2), fork(2), killpg(3C),
 pipe(2), setrlimit(2), sigvec(3UCB), stat(2), umask(2), vfork(2), wait(2),
-malloc(3C), setlocale(3C), tty(7D), a.out(4), terminfo(4), environ(5),
+malloc(3C), setlocale(3C), tty(7D), a.out(5), terminfo(5), environ(7),
 termio(7I), Introduction to the C Shell
 .SH VERSION
 This manual documents tcsh 6.18.01 (Astron) 2012-02-14.
--- a/components/timezone/system-data-timezone.p5m	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/timezone/system-data-timezone.p5m	Thu Oct 29 11:05:40 2015 -0700
@@ -840,6 +840,6 @@
 file continent.tab path=usr/share/lib/zoneinfo/tab/continent.tab
 file country.tab path=usr/share/lib/zoneinfo/tab/country.tab
 file zone_sun.tab path=usr/share/lib/zoneinfo/tab/zone_sun.tab
-file zoneinfo.4 path=usr/share/man/man4/zoneinfo.4 owner=root group=bin \
+file zoneinfo.5 path=usr/share/man/man5/zoneinfo.5 owner=root group=bin \
     mode=0444
 license cr_Sun license=cr_Sun
--- a/components/timezone/zoneinfo.4	Thu Oct 29 07:57:11 2015 -0700
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,9 +0,0 @@
-'\" te
-.\" Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved.
-.TH zoneinfo 4 "21 Jun 1999" "SunOS 5.11" "File Formats"
-.SH NAME
-zoneinfo \- timezone information
-.SH DESCRIPTION
-.sp
-.LP
-For notes regarding the zoneinfo timezones, see \fB/usr/share/lib/zoneinfo/src/README\fR.
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/timezone/zoneinfo.5	Thu Oct 29 11:05:40 2015 -0700
@@ -0,0 +1,9 @@
+'\" te
+.\" Copyright (c) 1999, 2015, Oracle and/or its affiliates. All rights reserved.
+.TH zoneinfo 5 "27 Oct 2015" "SunOS 5.12" "File Formats"
+.SH NAME
+zoneinfo \- timezone information
+.SH DESCRIPTION
+.sp
+.LP
+For notes regarding the zoneinfo timezones, see \fB/usr/share/lib/zoneinfo/src/README\fR.
--- a/components/trousers/patches/man_man8_tcsd.8.in.patch	Thu Oct 29 07:57:11 2015 -0700
+++ b/components/trousers/patches/man_man8_tcsd.8.in.patch	Thu Oct 29 11:05:40 2015 -0700
@@ -70,7 +70,7 @@
  .SH "SEE ALSO"
  .PP
 -\fBtcsd.conf\fR(5)
-+\fBtcsd.conf\fR(5), \fBsvcadm\fR(1M), \fBsmf\fR(5)
++\fBtcsd.conf\fR(5), \fBsvcadm\fR(8), \fBsmf\fR(7)
 +
 +.SH "NOTES"
 +.sp
@@ -86,7 +86,7 @@
 +.sp
 +.LP
 +Administrative actions on this service, such as enabling, disabling, or requesting restart, can be
-+performed using \fBsvcadm\fR(1M). The service's status can be queried using the \fBsvcs\fR(1) command.
++performed using \fBsvcadm\fR(8). The service's status can be queried using the \fBsvcs\fR(1) command.
  
  .SH "AUTHOR"
  Kent Yoder