From 91c77c54b1101858766243297e05eb840a3ae8c2 Mon Sep 17 00:00:00 2001
From: Brent Smith <gnome@nextreality.net>
Date: Mon, 13 Mar 2006 04:23:05 +0000
Subject: Include a section on pessulus Convert to using xinclude instead of

2006-03-12  Brent Smith  <gnome@nextreality.net>
        * lockdown.xml:
        Include a section on pessulus
        * system-admin-guide.xml:
        Convert to using xinclude instead of entities
---
 gnome2-system-admin-guide/C/ChangeLog              |   7 +
 gnome2-system-admin-guide/C/lockdown.xml           | 623 +++++++++++++++------
 gnome2-system-admin-guide/C/system-admin-guide.xml |  45 +-
 3 files changed, 475 insertions(+), 200 deletions(-)

(limited to 'gnome2-system-admin-guide')

diff --git a/gnome2-system-admin-guide/C/ChangeLog b/gnome2-system-admin-guide/C/ChangeLog
index 6728f9a..45879fc 100644
--- a/gnome2-system-admin-guide/C/ChangeLog
+++ b/gnome2-system-admin-guide/C/ChangeLog
@@ -1,3 +1,10 @@
+2006-03-12  Brent Smith  <gnome@nextreality.net>
+
+	* lockdown.xml:
+	Include a section on pessulus
+	* system-admin-guide.xml:
+	Convert to using xinclude instead of entities
+
 2006-03-12  Brent Smith  <gnome@nextreality.net>
 
 	* appendixa.xml:
diff --git a/gnome2-system-admin-guide/C/lockdown.xml b/gnome2-system-admin-guide/C/lockdown.xml
index 044d070..9b53337 100644
--- a/gnome2-system-admin-guide/C/lockdown.xml
+++ b/gnome2-system-admin-guide/C/lockdown.xml
@@ -25,178 +25,457 @@ information about how to set <application>GConf</application> keys, see <xref li
 a user configuration source. For more information about the <application>Configuration Editor</application> application, see the <citetitle>GConf Editor
 Manual</citetitle>.</para>
   </sect1>
-  <sect1 id="lockdown-2">
-    <title>To Disable Lock Screen and Log Out</title>
-    <indexterm>
-      <primary>disabling features</primary>
-      <secondary>lock screen</secondary>
-    </indexterm>
-    <indexterm>
-      <primary>disabling features</primary>
-      <secondary>log
-out</secondary>
-    </indexterm>
-    <para>To disable the lock screen and log out functions, set the <literal>/apps/panel/global/disable_lock_screen</literal> key and the <literal>/apps/panel/global/disable_log_out</literal> key to <literal>true</literal>.</para>
-    <para>When you disable
-the lock screen and log out functions, the following items are removed from
-the panels:</para>
-    <itemizedlist>
-      <listitem>
-        <para><guimenuitem>Lock Screen</guimenuitem> and <guimenuitem>Log
-Out <replaceable>user</replaceable></guimenuitem> menu items from the <guimenu>Main Menu</guimenu>.</para>
-      </listitem>
-      <listitem>
-        <para><guimenuitem>Lock</guimenuitem> and <guimenuitem>Log Out</guimenuitem>
-menu items from the <menuchoice><guimenu>Add to Panel</guimenu><guimenuitem>Actions</guimenuitem></menuchoice> menu. To open this menu, right-click on
-a vacant space on a panel, then choose <menuchoice><guimenu>Add to Panel</guimenu><guimenuitem>Actions</guimenuitem></menuchoice>.</para>
-      </listitem>
-      <listitem>
-        <para><guimenuitem>Lock Screen</guimenuitem> and <guimenuitem>Log
-Out <replaceable>user</replaceable></guimenuitem> menu items from the <guimenu>Actions</guimenu> menu in the <application>Menu Bar</application> applet.</para>
-      </listitem>
-    </itemizedlist>
-    <para>Also, any <guibutton>Lock Screen</guibutton> buttons and <guibutton>Log Out</guibutton> buttons on panels are disabled.</para>
+  <sect1 id="lockdown-manual">
+    <title>Locking Down Setting Manually</title>
+    <sect2 id="lockdown-2">
+      <title>To Disable Lock Screen and Log Out</title>
+      <indexterm>
+        <primary>disabling features</primary>
+        <secondary>lock screen</secondary>
+      </indexterm>
+      <indexterm>
+        <primary>disabling features</primary>
+        <secondary>log
+  out</secondary>
+      </indexterm>
+      <para>To disable the lock screen and log out functions, set the <literal>/apps/panel/global/disable_lock_screen</literal> key and the <literal>/apps/panel/global/disable_log_out</literal> key to <literal>true</literal>.</para>
+      <para>When you disable
+  the lock screen and log out functions, the following items are removed from
+  the panels:</para>
+      <itemizedlist>
+        <listitem>
+          <para><guimenuitem>Lock Screen</guimenuitem> and <guimenuitem>Log
+  Out <replaceable>user</replaceable></guimenuitem> menu items from the <guimenu>Main Menu</guimenu>.</para>
+        </listitem>
+        <listitem>
+          <para><guimenuitem>Lock</guimenuitem> and <guimenuitem>Log Out</guimenuitem>
+  menu items from the <menuchoice><guimenu>Add to Panel</guimenu><guimenuitem>Actions</guimenuitem></menuchoice> menu. To open this menu, right-click on
+  a vacant space on a panel, then choose <menuchoice><guimenu>Add to Panel</guimenu><guimenuitem>Actions</guimenuitem></menuchoice>.</para>
+        </listitem>
+        <listitem>
+          <para><guimenuitem>Lock Screen</guimenuitem> and <guimenuitem>Log
+  Out <replaceable>user</replaceable></guimenuitem> menu items from the <guimenu>Actions</guimenu> menu in the <application>Menu Bar</application> applet.</para>
+        </listitem>
+      </itemizedlist>
+      <para>Also, any <guibutton>Lock Screen</guibutton> buttons and <guibutton>Log Out</guibutton> buttons on panels are disabled.</para>
+    </sect2>
+    <sect2 id="lockdown-12">
+      <title>To Disable Command Line Operations</title>
+      <indexterm>
+        <primary>disabling features</primary>
+        <secondary>command line</secondary>
+      </indexterm>
+      <para>To disable operations from a command line, set the <literal>/desktop/gnome/lockdown/disable_command_line</literal> key to <literal>true</literal>.</para>
+      <para>When you disable command line operations, the following
+  changes occur in the user interface:</para>
+      <itemizedlist>
+        <listitem>
+          <para>The <guimenuitem>Run Application</guimenuitem> menu item is
+  removed from the following menus:</para>
+          <itemizedlist>
+            <listitem>
+              <para>
+                <guimenu>Main Menu</guimenu>
+              </para>
+            </listitem>
+            <listitem>
+              <para><guimenu>Actions</guimenu> submenu in the <guimenu>Add to
+  Panel</guimenu> menu</para>
+            </listitem>
+            <listitem>
+              <para><guimenu>Actions</guimenu> menu in the <application>Menu Bar</application> applet</para>
+            </listitem>
+          </itemizedlist>
+        </listitem>
+        <listitem>
+          <para>Any <guibutton>Run</guibutton> buttons on panels are disabled.</para>
+        </listitem>
+      </itemizedlist>
+      <para>To disable command line operations, you must also remove menu items
+  that start terminal applications. For example, you might want to remove menu
+  items that contain the following commands from the menus:</para>
+      <itemizedlist>
+        <listitem>
+          <para><application>GNOME Terminal</application> command, that is <command>/usr/bin/gnome-terminal</command></para>
+        </listitem>
+        <listitem>
+          <para>
+            <command>/usr/bin/xterm</command>
+          </para>
+        </listitem>
+        <listitem>
+          <para>
+            <command>/usr/bin/setterm</command>
+          </para>
+        </listitem>
+      </itemizedlist>
+      <para>The items are removed from the following menus:</para>
+      <itemizedlist>
+        <listitem>
+          <para>
+            <guimenu>Main Menu</guimenu>
+          </para>
+        </listitem>
+        <listitem>
+          <para>
+            <menuchoice>
+              <guimenu>Add to Panel</guimenu>
+              <guimenuitem>Launcher from menu</guimenuitem>
+            </menuchoice>
+          </para>
+        </listitem>
+      </itemizedlist>
+      <para>To disable command line operations, you must also disable the <application>Command Line</application> applet. To disable the <application>Command Line</application> applet, add the applet to the <literal>/apps/panel/global/disabled_applets</literal> key. When you disable the <application>Command Line</application>
+  applet, the <application>Command Line</application> applet is removed from
+  the <guimenu>Main Menu</guimenu> and the <menuchoice><guimenu>Add to Panel</guimenu><guimenuitem>Utility</guimenuitem></menuchoice> menu. </para>
+    </sect2>
+    <sect2 id="lockdown-11">
+      <title>To Disable Panel Configuration</title>
+      <indexterm>
+        <primary>disabling features</primary>
+        <secondary>panel configuration</secondary>
+      </indexterm>
+      <para>To disable panel configuration, set the <literal>/apps/panel/global/locked_down</literal> key to <literal>true</literal>.</para>
+      <para>When you disable
+  panel configuration, the following changes occur in the user interface:</para>
+      <itemizedlist>
+        <listitem>
+          <para>The following items are removed from the panel popup menu,
+  and from the drawer popup menu:</para>
+          <itemizedlist>
+            <listitem>
+              <para>
+                <guimenuitem>Add to Panel</guimenuitem>
+              </para>
+            </listitem>
+            <listitem>
+              <para>
+                <guimenuitem>Delete This Panel</guimenuitem>
+              </para>
+            </listitem>
+            <listitem>
+              <para>
+                <guimenuitem>Properties</guimenuitem>
+              </para>
+            </listitem>
+            <listitem>
+              <para>
+                <guimenuitem>New Panel</guimenuitem>
+              </para>
+            </listitem>
+          </itemizedlist>
+        </listitem>
+        <listitem>
+          <para>The launcher popup menu is disabled.</para>
+        </listitem>
+        <listitem>
+          <para>The following items are removed from the applet popup menu:</para>
+          <itemizedlist>
+            <listitem>
+              <para>
+                <guimenuitem>Remove From Panel</guimenuitem>
+              </para>
+            </listitem>
+            <listitem>
+              <para>
+                <guimenuitem>Lock</guimenuitem>
+              </para>
+            </listitem>
+            <listitem>
+              <para>
+                <guimenuitem>Move</guimenuitem>
+              </para>
+            </listitem>
+          </itemizedlist>
+        </listitem>
+        <listitem>
+          <para>The <guimenu>Main Menu</guimenu> popup menu is disabled. </para>
+        </listitem>
+        <listitem>
+          <para>The launcher drag feature is disabled, so that users cannot
+  drag launchers to, or from, panels.</para>
+        </listitem>
+        <listitem>
+          <para>The panel drag feature is disabled, so that users cannot drag
+  panels to new locations.</para>
+        </listitem>
+      </itemizedlist>
+    </sect2>
   </sect1>
-  <sect1 id="lockdown-12">
-    <title>To Disable Command Line Operations</title>
-    <indexterm>
-      <primary>disabling features</primary>
-      <secondary>command line</secondary>
-    </indexterm>
-    <para>To disable operations from a command line, set the <literal>/desktop/gnome/lockdown/disable_command_line</literal> key to <literal>true</literal>.</para>
-    <para>When you disable command line operations, the following
-changes occur in the user interface:</para>
-    <itemizedlist>
-      <listitem>
-        <para>The <guimenuitem>Run Application</guimenuitem> menu item is
-removed from the following menus:</para>
-        <itemizedlist>
-          <listitem>
-            <para>
-              <guimenu>Main Menu</guimenu>
-            </para>
-          </listitem>
-          <listitem>
-            <para><guimenu>Actions</guimenu> submenu in the <guimenu>Add to
-Panel</guimenu> menu</para>
-          </listitem>
-          <listitem>
-            <para><guimenu>Actions</guimenu> menu in the <application>Menu Bar</application> applet</para>
-          </listitem>
-        </itemizedlist>
-      </listitem>
-      <listitem>
-        <para>Any <guibutton>Run</guibutton> buttons on panels are disabled.</para>
-      </listitem>
-    </itemizedlist>
-    <para>To disable command line operations, you must also remove menu items
-that start terminal applications. For example, you might want to remove menu
-items that contain the following commands from the menus:</para>
-    <itemizedlist>
-      <listitem>
-        <para><application>GNOME Terminal</application> command, that is <command>/usr/bin/gnome-terminal</command></para>
-      </listitem>
-      <listitem>
-        <para>
-          <command>/usr/bin/xterm</command>
-        </para>
-      </listitem>
-      <listitem>
-        <para>
-          <command>/usr/bin/setterm</command>
-        </para>
-      </listitem>
-    </itemizedlist>
-    <para>The items are removed from the following menus:</para>
-    <itemizedlist>
-      <listitem>
-        <para>
-          <guimenu>Main Menu</guimenu>
-        </para>
-      </listitem>
-      <listitem>
-        <para>
-          <menuchoice>
-            <guimenu>Add to Panel</guimenu>
-            <guimenuitem>Launcher from menu</guimenuitem>
-          </menuchoice>
-        </para>
-      </listitem>
-    </itemizedlist>
-    <para>To disable command line operations, you must also disable the <application>Command Line</application> applet. To disable the <application>Command Line</application> applet, add the applet to the <literal>/apps/panel/global/disabled_applets</literal> key. When you disable the <application>Command Line</application>
-applet, the <application>Command Line</application> applet is removed from
-the <guimenu>Main Menu</guimenu> and the <menuchoice><guimenu>Add to Panel</guimenu><guimenuitem>Utility</guimenuitem></menuchoice> menu. </para>
-  </sect1>
-  <sect1 id="lockdown-11">
-    <title>To Disable Panel Configuration</title>
-    <indexterm>
-      <primary>disabling features</primary>
-      <secondary>panel configuration</secondary>
-    </indexterm>
-    <para>To disable panel configuration, set the <literal>/apps/panel/global/locked_down</literal> key to <literal>true</literal>.</para>
-    <para>When you disable
-panel configuration, the following changes occur in the user interface:</para>
-    <itemizedlist>
-      <listitem>
-        <para>The following items are removed from the panel popup menu,
-and from the drawer popup menu:</para>
-        <itemizedlist>
-          <listitem>
-            <para>
-              <guimenuitem>Add to Panel</guimenuitem>
-            </para>
-          </listitem>
-          <listitem>
-            <para>
-              <guimenuitem>Delete This Panel</guimenuitem>
-            </para>
-          </listitem>
-          <listitem>
-            <para>
-              <guimenuitem>Properties</guimenuitem>
-            </para>
-          </listitem>
-          <listitem>
-            <para>
-              <guimenuitem>New Panel</guimenuitem>
-            </para>
-          </listitem>
-        </itemizedlist>
-      </listitem>
-      <listitem>
-        <para>The launcher popup menu is disabled.</para>
-      </listitem>
-      <listitem>
-        <para>The following items are removed from the applet popup menu:</para>
-        <itemizedlist>
-          <listitem>
-            <para>
-              <guimenuitem>Remove From Panel</guimenuitem>
-            </para>
-          </listitem>
-          <listitem>
-            <para>
-              <guimenuitem>Lock</guimenuitem>
-            </para>
-          </listitem>
-          <listitem>
-            <para>
-              <guimenuitem>Move</guimenuitem>
-            </para>
-          </listitem>
-        </itemizedlist>
-      </listitem>
-      <listitem>
-        <para>The <guimenu>Main Menu</guimenu> popup menu is disabled. </para>
-      </listitem>
-      <listitem>
-        <para>The launcher drag feature is disabled, so that users cannot
-drag launchers to, or from, panels.</para>
-      </listitem>
-      <listitem>
-        <para>The panel drag feature is disabled, so that users cannot drag
-panels to new locations.</para>
-      </listitem>
-    </itemizedlist>
+  <sect1 id="lockdown">
+    <title>Lockdown Editor</title>
+  
+    <para>As of GNOME 2.14, a graphical lockdown editor called
+    <application>Pessulus</application> has been included to ease the task of
+    disabling desktop settings.</para>
+  
+    <sect2 id="lockdown-start">
+      <title>Getting Started</title>
+  
+      <para>To run the lockdown editor:</para>
+  
+      <itemizedlist>
+        <listitem>
+          <para>Click the <menuchoice>
+              <guimenu>Desktop</guimenu>
+  
+              <guisubmenu>Administration</guisubmenu>
+  
+              <guimenuitem>Lockdown Editor</guimenuitem>
+            </menuchoice></para>
+        </listitem>
+  
+        <listitem>
+          <para>Run the <command>pessulus</command> command in a terminal
+          window.</para>
+        </listitem>
+      </itemizedlist>
+  
+      <para>You will see a window with several different tabs. Each of the tabs
+      represents a different category of desktop settings that can be disabled.
+      In the next section, we will discuss each category and provide a brief
+      description for each setting that can be disabled.</para>
+    </sect2>
+  
+    <sect2 id="lockdown-disabling">
+      <title>Disabling Features</title>
+  
+      <para>To disable a setting, make sure the checkbox next to the setting's
+      description is checked. Most settings will take effect immediately,
+      however some settings will require that the application be restarted in
+      order to take effect.</para>
+  
+      <para>When <application>pessulus</application> starts, it will try to get
+      a connection to the GConf mandatory configuration source. This address for
+      this configuration source is
+      <literal>xml:merged:<replaceable>$prefix</replaceable>/etc/gconf/gconf.xml.mandatory</literal>.
+      If the user that is running <application>pessulus</application> has access
+      to this configuration source, then a lock icon will be displayed next to
+      the checkbox for each setting. Clicking the lock will toggle whether or
+      not the setting is mandatory. If the setting is mandatory, then regular
+      users will not be able to change or override the setting. If the user
+      running pessulus does not have access to the mandatory configuration
+      source, then the lock icon will not appear. In this case, all disabled
+      settings will simply be stored in the user's default configuration source
+      and can be modified later using other tools such as
+      <application>gconf-editor</application> or
+      <application>gconftool-2</application>. For more information on GConf and
+      mandatory configuration sources, see <xref linkend="gconf-26" />.</para>
+  
+      <para>The following subsections will give a brief description of the
+      settings that can be disabled for each category.</para>
+  
+      <note>
+        <para>Depending on the applications you have installed, you may see
+        fewer categories than those described in this section.</para>
+      </note>
+  
+      <sect3 id="lockdown-disabling-general">
+        <title>General</title>
+  
+        <variablelist>
+          <varlistentry>
+            <term>Disable command line</term>
+  
+            <listitem>
+              <para>Prevent the user from accessing the terminal or specifying a
+              command line to be executed. For example, this would disable
+              access to the panel's "Run Application" dialog.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable printing</term>
+  
+            <listitem>
+              <para>Prevent the user from printing. For example, this would
+              disable access to all applications' "Print" dialogs.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable print setup</term>
+  
+            <listitem>
+              <para>Prevent the user from modifying print settings. For example,
+              this would disable access to all applications' "Print Setup"
+              dialogs.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable save to disk</term>
+  
+            <listitem>
+              <para> Prevent the user from saving files to disk. For example,
+              this would disable access to all applications' "Save as"
+              dialogs.</para>
+            </listitem>
+          </varlistentry>
+        </variablelist>
+      </sect3>
+  
+      <sect3 id="lockdown-disabling-panel">
+        <title>Panel</title>
+  
+        <variablelist>
+          <varlistentry>
+            <term>Lock down the panels</term>
+  
+            <listitem>
+              <para>If true, the panel will not allow any changes to the
+              configuration of the panel. Individual applets may need to be
+              locked down separately however. The panel must be restarted for
+              this to take effect.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable force quit</term>
+  
+            <listitem>
+              <para>If true, the panel will not allow a user to force an
+              application to quit by removing access to the force quit
+              button.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable lock screen</term>
+  
+            <listitem>
+              <para>If true, the panel will not allow a user to lock their
+              screen, by removing access to the lock screen menu entries.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable log out</term>
+  
+            <listitem>
+              <para>If true, the panel will not allow a user to log out, by
+              removing access to the log out menu entries.</para>
+            </listitem>
+          </varlistentry>
+        </variablelist>
+      </sect3>
+  
+      <sect3 id="lockdown-disabling-browser">
+        <title>Epiphany Web Browser</title>
+  
+        <variablelist>
+          <varlistentry>
+            <term>Disable quit</term>
+  
+            <listitem>
+              <para>User is not allowed to close Epiphany.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable arbitrary URL</term>
+  
+            <listitem>
+              <para>Disable the user's ability to type in a URL to
+              Epiphany.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable bookmark editing</term>
+  
+            <listitem>
+              <para>Disable the user's ability to add or edit bookmarks.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable history</term>
+  
+            <listitem>
+              <para>Disable all historical information by disabling back and
+              forward navigation, not allowing the history dialog and hiding the
+              most used bookmarks list.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable javascript chrome</term>
+  
+            <listitem>
+              <para>Disable JavaScript's control over window chrome.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable toolbar editing</term>
+  
+            <listitem>
+              <para>Disable the user's ability to edit toolbars.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Force fullscreen mode</term>
+  
+            <listitem>
+              <para>Locks Epiphany in fullscreen mode.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Hide menubar</term>
+  
+            <listitem>
+              <para>Hide the menubar by default. The menubar can still be
+              accessed using F10.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Disable unsafe protocols</term>
+  
+            <listitem>
+              <para>Disables loading of content from unsafe protocols. Safe
+              protocols are http and https.</para>
+            </listitem>
+          </varlistentry>
+        </variablelist>
+      </sect3>
+  
+      <sect3 id="lockdown-disabling-screensaver">
+        <title>GNOME Screensaver</title>
+  
+        <variablelist>
+          <varlistentry>
+            <term>Lock on activation</term>
+  
+            <listitem>
+              <para>Set this to TRUE to lock the screen when the screensaver
+              goes active.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Allow logout</term>
+  
+            <listitem>
+              <para>Set this to TRUE to offer an option in unlock dialog to
+              logging out after a delay. The Delay is specified in the
+              "logout_delay" key.</para>
+            </listitem>
+          </varlistentry>
+  
+          <varlistentry>
+            <term>Allow user switching</term>
+  
+            <listitem>
+              <para>Set this to TRUE to offer an option in the unlock dialog to
+              switch to a different user account.</para>
+            </listitem>
+          </varlistentry>
+        </variablelist>
+      </sect3>
+    </sect2>
   </sect1>
 </chapter>
diff --git a/gnome2-system-admin-guide/C/system-admin-guide.xml b/gnome2-system-admin-guide/C/system-admin-guide.xml
index 6335e75..d37a713 100644
--- a/gnome2-system-admin-guide/C/system-admin-guide.xml
+++ b/gnome2-system-admin-guide/C/system-admin-guide.xml
@@ -4,20 +4,6 @@
   <!ENTITY gnomeversion "2.14">
   <!ENTITY manrevision "2.4">
   <!ENTITY date "March 2004">
-  <!ENTITY LEGAL SYSTEM             "legal.xml">
-  <!ENTITY gconf SYSTEM             "gconf.xml">
-  <!ENTITY menustructure SYSTEM     "menustructure.xml">
-  <!ENTITY themes SYSTEM            "themes.xml">
-  <!ENTITY fontconfig SYSTEM        "fontconfig.xml">
-  <!ENTITY mimetypes SYSTEM         "mimetypes.xml">
-  <!ENTITY screensavers SYSTEM      "screensavers.xml">
-  <!ENTITY sessions SYSTEM          "sessions.xml">
-  <!ENTITY help SYSTEM              "help.xml">
-  <!ENTITY performance SYSTEM       "performance.xml">
-  <!ENTITY lockdown SYSTEM          "lockdown.xml">
-  <!ENTITY appendixa SYSTEM         "appendixa.xml">
-  <!ENTITY appendixb SYSTEM         "appendixb.xml">
-  <!ENTITY gloss SYSTEM             "glossary.xml">
 ]>
 <book id="index"> 
   <title>GNOME &gnomeversion; Desktop System Administration Guide</title> 
@@ -51,7 +37,9 @@
 -->
 	 <publisher role="maintainer"> 
 		<publishername> GNOME Documentation Project </publishername> 
-	 </publisher> &LEGAL; 
+	 </publisher>
+
+         <include href="legal.xml" xmlns="http://www.w3.org/2001/XInclude" />
 
 	 <authorgroup> 
 		<author>
@@ -121,19 +109,20 @@
 	  type="help">GNOME Feedback Page</ulink>. </para>
 	 </legalnotice> 
   </bookinfo>
-&gconf;
-&menustructure;
-&themes;
-&fontconfig;
-&mimetypes;
-&screensavers;
-&sessions;
-&help;
-&performance;
-&lockdown;
-&appendixa;
-&appendixb;
-&gloss;
+
+  <include href="gconf.xml"         xmlns="http://www.w3.org/2001/XInclude" />       <!-- GConf -->
+  <include href="menustructure.xml" xmlns="http://www.w3.org/2001/XInclude" />       <!-- Menus -->
+  <include href="themes.xml"        xmlns="http://www.w3.org/2001/XInclude" />       <!-- Themes -->
+  <include href="fontconfig.xml"    xmlns="http://www.w3.org/2001/XInclude" />       <!-- Fonts -->
+  <include href="mimetypes.xml"     xmlns="http://www.w3.org/2001/XInclude" />       <!-- MIME types -->
+  <include href="screensavers.xml"  xmlns="http://www.w3.org/2001/XInclude" />       <!-- Screensavers -->
+  <include href="sessions.xml"      xmlns="http://www.w3.org/2001/XInclude" />       <!-- Sessions -->
+  <include href="help.xml"          xmlns="http://www.w3.org/2001/XInclude" />       <!-- Help -->
+  <include href="performance.xml"   xmlns="http://www.w3.org/2001/XInclude" />       <!-- Performance -->
+  <include href="lockdown.xml"      xmlns="http://www.w3.org/2001/XInclude" />       <!-- Lockdown -->
+  <include href="appendixa.xml"     xmlns="http://www.w3.org/2001/XInclude" />       <!-- Appendix A: Hidden Directories -->
+  <include href="appendixb.xml"     xmlns="http://www.w3.org/2001/XInclude" />       <!-- Appendix B: Security note -->
+  <include href="glossary.xml"      xmlns="http://www.w3.org/2001/XInclude" />       <!-- Glossary -->
 
 <!-- If generating PDFs and if you want an index, then uncomment <index/> -->
 <!-- <index/> -->
-- 
cgit