This commit is contained in:
Wvader 2022-11-04 00:40:02 +00:00
commit 5922cf28b8
139 changed files with 12388 additions and 0 deletions

454
.gitignore vendored Normal file
View File

@ -0,0 +1,454 @@
## Ignore Visual Studio temporary files, build results, and
## files generated by popular Visual Studio add-ons.
##
## Get latest from https://github.com/github/gitignore/blob/master/VisualStudio.gitignore
# User-specific files
*.rsuser
*.suo
*.user
*.userosscache
*.sln.docstates
# User-specific files (MonoDevelop/Xamarin Studio)
*.userprefs
# Mono auto generated files
mono_crash.*
# Build results
[Dd]ebug/
[Dd]ebugPublic/
[Rr]elease/
[Rr]eleases/
x64/
x86/
[Ww][Ii][Nn]32/
[Aa][Rr][Mm]/
[Aa][Rr][Mm]64/
bld/
[Bb]in/
[Oo]bj/
[Ll]og/
[Ll]ogs/
# Visual Studio 2015/2017 cache/options directory
.vs/
# Uncomment if you have tasks that create the project's static files in wwwroot
#wwwroot/
# Visual Studio 2017 auto generated files
Generated\ Files/
# MSTest test Results
[Tt]est[Rr]esult*/
[Bb]uild[Ll]og.*
# NUnit
*.VisualState.xml
TestResult.xml
nunit-*.xml
# Build Results of an ATL Project
[Dd]ebugPS/
[Rr]eleasePS/
dlldata.c
# Benchmark Results
BenchmarkDotNet.Artifacts/
# .NET
project.lock.json
project.fragment.lock.json
artifacts/
# Tye
.tye/
# ASP.NET Scaffolding
ScaffoldingReadMe.txt
# StyleCop
StyleCopReport.xml
# Files built by Visual Studio
*_i.c
*_p.c
*_h.h
*.ilk
*.meta
*.obj
*.iobj
*.pch
*.pdb
*.ipdb
*.pgc
*.pgd
*.rsp
*.sbr
*.tlb
*.tli
*.tlh
*.tmp
*.tmp_proj
*_wpftmp.csproj
*.log
*.vspscc
*.vssscc
.builds
*.pidb
*.svclog
*.scc
# Chutzpah Test files
_Chutzpah*
# Visual C++ cache files
ipch/
*.aps
*.ncb
*.opendb
*.opensdf
*.sdf
*.cachefile
*.VC.db
*.VC.VC.opendb
# Visual Studio profiler
*.psess
*.vsp
*.vspx
*.sap
# Visual Studio Trace Files
*.e2e
# TFS 2012 Local Workspace
$tf/
# Guidance Automation Toolkit
*.gpState
# ReSharper is a .NET coding add-in
_ReSharper*/
*.[Rr]e[Ss]harper
*.DotSettings.user
# TeamCity is a build add-in
_TeamCity*
# DotCover is a Code Coverage Tool
*.dotCover
# AxoCover is a Code Coverage Tool
.axoCover/*
!.axoCover/settings.json
# Coverlet is a free, cross platform Code Coverage Tool
coverage*.json
coverage*.xml
coverage*.info
# Visual Studio code coverage results
*.coverage
*.coveragexml
# NCrunch
_NCrunch_*
.*crunch*.local.xml
nCrunchTemp_*
# MightyMoose
*.mm.*
AutoTest.Net/
# Web workbench (sass)
.sass-cache/
# Installshield output folder
[Ee]xpress/
# DocProject is a documentation generator add-in
DocProject/buildhelp/
DocProject/Help/*.HxT
DocProject/Help/*.HxC
DocProject/Help/*.hhc
DocProject/Help/*.hhk
DocProject/Help/*.hhp
DocProject/Help/Html2
DocProject/Help/html
# Click-Once directory
publish/
# Publish Web Output
*.[Pp]ublish.xml
*.azurePubxml
# Note: Comment the next line if you want to checkin your web deploy settings,
# but database connection strings (with potential passwords) will be unencrypted
*.pubxml
*.publishproj
# Microsoft Azure Web App publish settings. Comment the next line if you want to
# checkin your Azure Web App publish settings, but sensitive information contained
# in these scripts will be unencrypted
PublishScripts/
# NuGet Packages
*.nupkg
# NuGet Symbol Packages
*.snupkg
# The packages folder can be ignored because of Package Restore
**/[Pp]ackages/*
# except build/, which is used as an MSBuild target.
!**/[Pp]ackages/build/
# Uncomment if necessary however generally it will be regenerated when needed
#!**/[Pp]ackages/repositories.config
# NuGet v3's project.json files produces more ignorable files
*.nuget.props
*.nuget.targets
# Microsoft Azure Build Output
csx/
*.build.csdef
# Microsoft Azure Emulator
ecf/
rcf/
# Windows Store app package directories and files
AppPackages/
BundleArtifacts/
Package.StoreAssociation.xml
_pkginfo.txt
*.appx
*.appxbundle
*.appxupload
# Visual Studio cache files
# files ending in .cache can be ignored
*.[Cc]ache
# but keep track of directories ending in .cache
!?*.[Cc]ache/
# Others
ClientBin/
~$*
*~
*.dbmdl
*.dbproj.schemaview
*.jfm
*.pfx
*.publishsettings
orleans.codegen.cs
# Including strong name files can present a security risk
# (https://github.com/github/gitignore/pull/2483#issue-259490424)
#*.snk
# Since there are multiple workflows, uncomment next line to ignore bower_components
# (https://github.com/github/gitignore/pull/1529#issuecomment-104372622)
#bower_components/
# RIA/Silverlight projects
Generated_Code/
# Backup & report files from converting an old project file
# to a newer Visual Studio version. Backup files are not needed,
# because we have git ;-)
_UpgradeReport_Files/
Backup*/
UpgradeLog*.XML
UpgradeLog*.htm
ServiceFabricBackup/
*.rptproj.bak
# SQL Server files
*.mdf
*.ldf
*.ndf
# Business Intelligence projects
*.rdl.data
*.bim.layout
*.bim_*.settings
*.rptproj.rsuser
*- [Bb]ackup.rdl
*- [Bb]ackup ([0-9]).rdl
*- [Bb]ackup ([0-9][0-9]).rdl
# Microsoft Fakes
FakesAssemblies/
# GhostDoc plugin setting file
*.GhostDoc.xml
# Node.js Tools for Visual Studio
.ntvs_analysis.dat
node_modules/
# Visual Studio 6 build log
*.plg
# Visual Studio 6 workspace options file
*.opt
# Visual Studio 6 auto-generated workspace file (contains which files were open etc.)
*.vbw
# Visual Studio LightSwitch build output
**/*.HTMLClient/GeneratedArtifacts
**/*.DesktopClient/GeneratedArtifacts
**/*.DesktopClient/ModelManifest.xml
**/*.Server/GeneratedArtifacts
**/*.Server/ModelManifest.xml
_Pvt_Extensions
# Paket dependency manager
.paket/paket.exe
paket-files/
# FAKE - F# Make
.fake/
# CodeRush personal settings
.cr/personal
# Python Tools for Visual Studio (PTVS)
__pycache__/
*.pyc
# Cake - Uncomment if you are using it
# tools/**
# !tools/packages.config
# Tabs Studio
*.tss
# Telerik's JustMock configuration file
*.jmconfig
# BizTalk build output
*.btp.cs
*.btm.cs
*.odx.cs
*.xsd.cs
# OpenCover UI analysis results
OpenCover/
# Azure Stream Analytics local run output
ASALocalRun/
# MSBuild Binary and Structured Log
*.binlog
# NVidia Nsight GPU debugger configuration file
*.nvuser
# MFractors (Xamarin productivity tool) working folder
.mfractor/
# Local History for Visual Studio
.localhistory/
# BeatPulse healthcheck temp database
healthchecksdb
# Backup folder for Package Reference Convert tool in Visual Studio 2017
MigrationBackup/
# Ionide (cross platform F# VS Code tools) working folder
.ionide/
# Fody - auto-generated XML schema
FodyWeavers.xsd
##
## Visual studio for Mac
##
# globs
Makefile.in
*.userprefs
*.usertasks
config.make
config.status
aclocal.m4
install-sh
autom4te.cache/
*.tar.gz
tarballs/
test-results/
# Mac bundle stuff
*.dmg
*.app
# content below from: https://github.com/github/gitignore/blob/master/Global/macOS.gitignore
# General
.DS_Store
.AppleDouble
.LSOverride
# Icon must end with two \r
Icon
# Thumbnails
._*
# Files that might appear in the root of a volume
.DocumentRevisions-V100
.fseventsd
.Spotlight-V100
.TemporaryItems
.Trashes
.VolumeIcon.icns
.com.apple.timemachine.donotpresent
# Directories potentially created on remote AFP share
.AppleDB
.AppleDesktop
Network Trash Folder
Temporary Items
.apdisk
# content below from: https://github.com/github/gitignore/blob/master/Global/Windows.gitignore
# Windows thumbnail cache files
Thumbs.db
ehthumbs.db
ehthumbs_vista.db
# Dump file
*.stackdump
# Folder config file
[Dd]esktop.ini
# Recycle Bin used on file shares
$RECYCLE.BIN/
# Windows Installer files
*.cab
*.msi
*.msix
*.msm
*.msp
# Windows shortcuts
*.lnk
# JetBrains Rider
.idea/
*.sln.iml
##
## Visual Studio Code
##
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json

View File

@ -0,0 +1,21 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net6.0</TargetFramework>
<Nullable>enable</Nullable>
<IsPackable>false</IsPackable>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.11.0" />
<PackageReference Include="NUnit" Version="3.13.2" />
<PackageReference Include="NUnit3TestAdapter" Version="4.0.0" />
<PackageReference Include="coverlet.collector" Version="3.1.0" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\CodeLiturgy.Augeas\CodeLiturgy.Augeas.csproj" />
</ItemGroup>
</Project>

View File

@ -0,0 +1,9 @@
using System.Reflection;
using NUnit.Framework;
namespace CodeLiturgy.Augeas.Test;
public class PrintTests
{
}

22
CodeLiturgy.Augeas.sln Normal file
View File

@ -0,0 +1,22 @@

Microsoft Visual Studio Solution File, Format Version 12.00
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CodeLiturgy.Augeas", "CodeLiturgy.Augeas\CodeLiturgy.Augeas.csproj", "{EF5B5D3E-325C-4C43-AFF7-851873E76B46}"
EndProject
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "CodeLiturgy.Augeas.Test", "CodeLiturgy.Augeas.Test\CodeLiturgy.Augeas.Test.csproj", "{0F03F0AE-AE3F-410B-ADA2-EB8B7A94D058}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{EF5B5D3E-325C-4C43-AFF7-851873E76B46}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{EF5B5D3E-325C-4C43-AFF7-851873E76B46}.Debug|Any CPU.Build.0 = Debug|Any CPU
{EF5B5D3E-325C-4C43-AFF7-851873E76B46}.Release|Any CPU.ActiveCfg = Release|Any CPU
{EF5B5D3E-325C-4C43-AFF7-851873E76B46}.Release|Any CPU.Build.0 = Release|Any CPU
{0F03F0AE-AE3F-410B-ADA2-EB8B7A94D058}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{0F03F0AE-AE3F-410B-ADA2-EB8B7A94D058}.Debug|Any CPU.Build.0 = Debug|Any CPU
{0F03F0AE-AE3F-410B-ADA2-EB8B7A94D058}.Release|Any CPU.ActiveCfg = Release|Any CPU
{0F03F0AE-AE3F-410B-ADA2-EB8B7A94D058}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
EndGlobal

View File

@ -0,0 +1,25 @@
**/.dockerignore
**/.env
**/.git
**/.gitignore
**/.project
**/.settings
**/.toolstarget
**/.vs
**/.vscode
**/.idea
**/*.*proj.user
**/*.dbmdl
**/*.jfm
**/azds.yaml
**/bin
**/charts
**/docker-compose*
**/Dockerfile*
**/node_modules
**/npm-debug.log
**/obj
**/secrets.dev.yaml
**/values.dev.yaml
LICENSE
README.md

View File

@ -0,0 +1,25 @@
using System.Runtime.InteropServices;
namespace CodeLiturgy.Augeas.Test
{
[StructLayout(LayoutKind.Sequential)]
public unsafe partial struct AugSettings {
[MarshalAs(UnmanagedType.LPStr)] internal string root;
[MarshalAs(UnmanagedType.LPStr)] internal string loadPath;
public AugSettings(string _root, string _loadPath )
{
root = _root;
loadPath = _loadPath;
}
public AugSettings()
{
root = "NIL";
loadPath = "NIL";
}
};
}

View File

@ -0,0 +1,43 @@
using System.Runtime.InteropServices;
namespace CodeLiturgy.Augeas.Test;
class AugSettings_Wrapper : IDisposable
{
private GCHandle m_loadPath_hand;
private string m_loadPath;
public AugSettings_Wrapper( string loadPath)
{
m_loadPath = new string(loadPath);
m_loadPath_hand = GCHandle.Alloc(m_loadPath, GCHandleType.Pinned);
}
public AugSettings GetUnamangedStruct()
{
AugSettings ret = new AugSettings();
ret.loadPath = (string) m_loadPath_hand.Target;
return ret;
}
#region IDisposable Members
~AugSettings_Wrapper()
{
Dispose();
}
bool disposed = false;
public void Dispose()
{
lock (this)
{
if (!disposed)
{
m_loadPath_hand.Free();
disposed = true;
}
}
}
#endregion
}

View File

@ -0,0 +1,28 @@
using System.Numerics;
using System.Runtime.InteropServices;
using System.Security;
namespace CodeLiturgy.Augeas.Test
{
[SuppressUnmanagedCodeSecurity]
public static unsafe partial class BlueWestAugeas
{
/// <summary>
/// Used by DllImport to load the native library
/// </summary>
public const string NativeLibName = "CAug";
/// <summary>Test calling</summary>
[DllImport(NativeLibName)]
public static extern void printPreview( AugSettings settings,
[MarshalAs(UnmanagedType.LPStr)] string matchPath,
[MarshalAs(UnmanagedType.LPStr)] string filePath);
/// <summary>Test calling</summary>
[DllImport(NativeLibName)]
public static extern void printAugTree( AugSettings settings,
[MarshalAs(UnmanagedType.LPStr)] string matchPath,
[MarshalAs(UnmanagedType.LPStr)] string filePath);
}
}

View File

@ -0,0 +1,19 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<OutputType>Exe</OutputType>
<TargetFramework>net6.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>disable</Nullable>
<DockerDefaultTargetOS>Linux</DockerDefaultTargetOS>
<AllowUnsafeBlocks>true</AllowUnsafeBlocks>
<RootNamespace>CodeLiturgy.Augeas</RootNamespace>
</PropertyGroup>
<ItemGroup>
<ContentWithTargetPath Include="root\**">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
<TargetPath>root\%(RecursiveDir)\%(Filename)%(Extension)</TargetPath>
</ContentWithTargetPath>
</ItemGroup>
</Project>

View File

@ -0,0 +1,18 @@
FROM mcr.microsoft.com/dotnet/runtime:6.0 AS base
WORKDIR /app
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["TestConsummingAug/TestConsummingAug.csproj", "TestConsummingAug/"]
RUN dotnet restore "TestConsummingAug/TestConsummingAug.csproj"
COPY . .
WORKDIR "/src/TestConsummingAug"
RUN dotnet build "TestConsummingAug.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "TestConsummingAug.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "TestConsummingAug.dll"]

View File

@ -0,0 +1,6 @@
using CodeLiturgy.Augeas.Test;
var path = Environment.CurrentDirectory;
var root = $"{path}/root/";
AugSettings augSettings = new AugSettings(root, "/opt/homebrew/share/augeas/lenses/dist");
BlueWestAugeas.printAugTree(augSettings, "/files/etc/hosts/*", "/etc/hosts");

View File

@ -0,0 +1,31 @@
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/vg00/lv00
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Fedora (2.6.24.4-64.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.4-64.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.4-64.fc8.img
title Fedora (2.6.24.3-50.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.3-50.fc8.img
title Fedora (2.6.21.7-3.fc8xen)
root (hd0,0)
kernel /xen.gz-2.6.21.7-3.fc8
module /vmlinuz-2.6.21.7-3.fc8xen ro root=/dev/vg00/lv00
module /initrd-2.6.21.7-3.fc8xen.img
title Fedora (2.6.24.3-34.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.3-34.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.3-34.fc8.img
savedefault

View File

@ -0,0 +1,31 @@
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/vg00/lv00
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Fedora (2.6.24.4-64.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.4-64.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.4-64.fc8.img
title Fedora (2.6.24.3-50.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.3-50.fc8.img
title Fedora (2.6.21.7-3.fc8xen)
root (hd0,0)
kernel /xen.gz-2.6.21.7-3.fc8
module /vmlinuz-2.6.21.7-3.fc8xen ro root=/dev/vg00/lv00
module /initrd-2.6.21.7-3.fc8xen.img
title Fedora (2.6.24.3-34.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.3-34.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.3-34.fc8.img
savedefault

View File

@ -0,0 +1,29 @@
#
# Aliases in this file will NOT be expanded in the header from
# Mail, but WILL be visible over networks or from /bin/mail.
#
# >>>>>>>>>> The program "newaliases" must be run after
# >> NOTE >> this file is updated for any changes to
# >>>>>>>>>> show through to sendmail.
#
# Basic system aliases -- these MUST be present.
mailer-daemon: postmaster
postmaster: root
# General redirections for pseudo accounts.
bin: root, adm
daemon: root
adm: root
# mailman aliases
mailman: postmaster
mailman-owner: mailman
# Person who should get root's mail
mrepo: root
root: realroot@example.com
root+special: realroot+other@example.com
include: :include:/etc/morealiases
command: |/usr/local/bin/procmail

View File

@ -0,0 +1,40 @@
APT
{
NeverAutoRemove
{
"^firmware-linux.*";
"^linux-firmware$";
};
VersionedKernelPackages
{
# linux kernels
"linux-image";
"linux-headers";
"linux-image-extra";
"linux-signed-image";
# kfreebsd kernels
"kfreebsd-image";
"kfreebsd-headers";
# hurd kernels
"gnumach-image";
# (out-of-tree) modules
".*-modules";
".*-kernel";
"linux-backports-modules-.*";
# tools
"linux-tools";
};
Never-MarkAuto-Sections
{
"metapackages";
"restricted/metapackages";
"universe/metapackages";
"multiverse/metapackages";
"oldlibs";
"restricted/oldlibs";
"universe/oldlibs";
"multiverse/oldlibs";
};
};

View File

@ -0,0 +1,15 @@
// DO NOT EDIT! File autogenerated by /etc/kernel/postinst.d/apt-auto-removal
APT::NeverAutoRemove
{
"^linux-image-3\.16\.0-4-amd64$";
"^linux-headers-3\.16\.0-4-amd64$";
"^linux-image-extra-3\.16\.0-4-amd64$";
"^linux-signed-image-3\.16\.0-4-amd64$";
"^kfreebsd-image-3\.16\.0-4-amd64$";
"^kfreebsd-headers-3\.16\.0-4-amd64$";
"^gnumach-image-3\.16\.0-4-amd64$";
"^.*-modules-3\.16\.0-4-amd64$";
"^.*-kernel-3\.16\.0-4-amd64$";
"^linux-backports-modules-.*-3\.16\.0-4-amd64$";
"^linux-tools-3\.16\.0-4-amd64$";
};

View File

@ -0,0 +1,92 @@
// Unattended-Upgrade::Origins-Pattern controls which packages are
// upgraded.
//
// Lines below have the format format is "keyword=value,...". A
// package will be upgraded only if the values in its metadata match
// all the supplied keywords in a line. (In other words, omitted
// keywords are wild cards.) The keywords originate from the Release
// file, but several aliases are accepted. The accepted keywords are:
// a,archive,suite (eg, "stable")
// c,component (eg, "main", "crontrib", "non-free")
// l,label (eg, "Debian", "Debian-Security")
// o,origin (eg, "Debian", "Unofficial Multimedia Packages")
// n,codename (eg, "jessie", "jessie-updates")
// site (eg, "http.debian.net")
// The available values on the system are printed by the command
// "apt-cache policy", and can be debugged by running
// "unattended-upgrades -d" and looking at the log file.
//
// Within lines unattended-upgrades allows 2 macros whose values are
// derived from /etc/debian_version:
// ${distro_id} Installed origin.
// ${distro_codename} Installed codename (eg, "jessie")
Unattended-Upgrade::Origins-Pattern {
// Codename based matching:
// This will follow the migration of a release through different
// archives (e.g. from testing to stable and later oldstable).
// "o=Debian,n=jessie";
// "o=Debian,n=jessie-updates";
// "o=Debian,n=jessie-proposed-updates";
// "o=Debian,n=jessie,l=Debian-Security";
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
// "o=Debian,a=stable";
// "o=Debian,a=stable-updates";
// "o=Debian,a=proposed-updates";
"origin=Debian,codename=${distro_codename},label=Debian-Security";
};
// List of packages to not update (regexp are supported)
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run
// dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps "true";
// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown "true";
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. "user@example.com"
//Unattended-Upgrade::Mail "root";
// Set this value to "true" to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError "true";
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
// Automatically reboot *WITHOUT CONFIRMATION* if
// the file /var/run/reboot-required is found after the upgrade
//Unattended-Upgrade::Automatic-Reboot "false";
// If automatic reboot is enabled and needed, reboot at the specific
// time instead of immediately
// Default: "now"
//Unattended-Upgrade::Automatic-Reboot-Time "02:00";
// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit "70";

View File

@ -0,0 +1,3 @@
// Pre-configure all packages with debconf before they are installed.
// If you don't like it, comment it out.
DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt || true";};

View File

@ -0,0 +1,2 @@
//Written by cloud-init per 'apt_pipelining'
Acquire::http::Pipeline-Depth "0";

View File

@ -0,0 +1,6 @@
#deb http://www.backports.org/debian/ sarge postfix
# deb http://people.debian.org/~adconrad sarge subversion
deb ftp://mirror.bytemark.co.uk/debian/ etch main non-free contrib
deb http://security.debian.org/ etch/updates main contrib non-free # security line
deb-src http://mirror.bytemark.co.uk/debian etch main contrib non-free

View File

@ -0,0 +1,536 @@
##
# Sample ceph ceph.conf file.
##
# This file defines cluster membership, the various locations
# that Ceph stores data, and any other runtime options.
# If a 'host' is defined for a daemon, the init.d start/stop script will
# verify that it matches the hostname (or else ignore it). If it is
# not defined, it is assumed that the daemon is intended to start on
# the current host (e.g., in a setup with a startup.conf on each
# node).
## Metavariables
# $cluster ; Expands to the Ceph Storage Cluster name. Useful
# ; when running multiple Ceph Storage Clusters
# ; on the same hardware.
# ; Example: /etc/ceph/$cluster.keyring
# ; (Default: ceph)
#
# $type ; Expands to one of mds, osd, or mon, depending on
# ; the type of the instant daemon.
# ; Example: /var/lib/ceph/$type
#
# $id ; Expands to the daemon identifier. For osd.0, this
# ; would be 0; for mds.a, it would be a.
# ; Example: /var/lib/ceph/$type/$cluster-$id
#
# $host ; Expands to the host name of the instant daemon.
#
# $name ; Expands to $type.$id.
# ; Example: /var/run/ceph/$cluster-$name.asok
[global]
### http://ceph.com/docs/master/rados/configuration/general-config-ref/
fsid = b4b2e571-fbbf-4ff3-a9f8-ab80f08b7fe6 # use `uuidgen` to generate your own UUID
public network = 192.168.0.0/24
cluster network = 192.168.0.0/24
# Each running Ceph daemon has a running process identifier (PID) file.
# The PID file is generated upon start-up.
# Type: String (optional)
# (Default: N/A). The default path is /var/run/$cluster/$name.pid.
pid file = /var/run/ceph/$name.pid
# If set, when the Ceph Storage Cluster starts, Ceph sets the max open fds
# at the OS level (i.e., the max # of file descriptors).
# It helps prevents Ceph OSD Daemons from running out of file descriptors.
# Type: 64-bit Integer (optional)
# (Default: 0)
max open files = 131072
### http://ceph.com/docs/master/rados/operations/authentication
### http://ceph.com/docs/master/rados/configuration/auth-config-ref/
# If enabled, the Ceph Storage Cluster daemons (i.e., ceph-mon, ceph-osd,
# and ceph-mds) must authenticate with each other.
# Type: String (optional); Valid settings are "cephx" or "none".
# (Default: cephx)
auth cluster required = cephx
# If enabled, the Ceph Storage Cluster daemons require Ceph Clients to
# authenticate with the Ceph Storage Cluster in order to access Ceph
# services.
# Type: String (optional); Valid settings are "cephx" or "none".
# (Default: cephx)
auth service required = cephx
# If enabled, the Ceph Client requires the Ceph Storage Cluster to
# authenticate with the Ceph Client.
# Type: String (optional); Valid settings are "cephx" or "none".
# (Default: cephx)
auth client required = cephx
# If set to true, Ceph requires signatures on all message traffic between
# the Ceph Client and the Ceph Storage Cluster, and between daemons
# comprising the Ceph Storage Cluster.
# Type: Boolean (optional)
# (Default: false)
cephx require signatures = true
# kernel RBD client do not support authentication yet:
cephx cluster require signatures = true
cephx service require signatures = false
# The path to the keyring file.
# Type: String (optional)
# Default: /etc/ceph/$cluster.$name.keyring,/etc/ceph/$cluster.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin
keyring = /etc/ceph/$cluster.$name.keyring
### http://ceph.com/docs/master/rados/configuration/pool-pg-config-ref/
## Replication level, number of data copies.
# Type: 32-bit Integer
# (Default: 3)
osd pool default size = 3
## Replication level in degraded state, less than 'osd pool default size' value.
# Sets the minimum number of written replicas for objects in the
# pool in order to acknowledge a write operation to the client. If
# minimum is not met, Ceph will not acknowledge the write to the
# client. This setting ensures a minimum number of replicas when
# operating in degraded mode.
# Type: 32-bit Integer
# (Default: 0), which means no particular minimum. If 0, minimum is size - (size / 2).
osd pool default min size = 2
## Ensure you have a realistic number of placement groups. We recommend
## approximately 100 per OSD. E.g., total number of OSDs multiplied by 100
## divided by the number of replicas (i.e., osd pool default size). So for
## 10 OSDs and osd pool default size = 3, we'd recommend approximately
## (100 * 10) / 3 = 333
# Description: The default number of placement groups for a pool. The
# default value is the same as pg_num with mkpool.
# Type: 32-bit Integer
# (Default: 8)
osd pool default pg num = 128
# Description: The default number of placement groups for placement for a
# pool. The default value is the same as pgp_num with mkpool.
# PG and PGP should be equal (for now).
# Type: 32-bit Integer
# (Default: 8)
osd pool default pgp num = 128
# The default CRUSH ruleset to use when creating a pool
# Type: 32-bit Integer
# (Default: 0)
osd pool default crush rule = 0
# The bucket type to use for chooseleaf in a CRUSH rule.
# Uses ordinal rank rather than name.
# Type: 32-bit Integer
# (Default: 1) Typically a host containing one or more Ceph OSD Daemons.
osd crush chooseleaf type = 1
### http://ceph.com/docs/master/rados/troubleshooting/log-and-debug/
# The location of the logging file for your cluster.
# Type: String
# Required: No
# Default: /var/log/ceph/$cluster-$name.log
log file = /var/log/ceph/$cluster-$name.log
# Determines if logging messages should appear in syslog.
# Type: Boolean
# Required: No
# (Default: false)
log to syslog = true
### http://ceph.com/docs/master/rados/configuration/ms-ref/
# Enable if you want your daemons to bind to IPv6 address instead of
# IPv4 ones. (Not required if you specify a daemon or cluster IP.)
# Type: Boolean
# (Default: false)
ms bind ipv6 = true
##################
## Monitors
## You need at least one. You need at least three if you want to
## tolerate any node failures. Always create an odd number.
[mon]
### http://ceph.com/docs/master/rados/configuration/mon-config-ref/
### http://ceph.com/docs/master/rados/configuration/mon-osd-interaction/
# The IDs of initial monitors in a cluster during startup.
# If specified, Ceph requires an odd number of monitors to form an
# initial quorum (e.g., 3).
# Type: String
# (Default: None)
mon initial members = mycephhost
mon host = cephhost01,cephhost02
mon addr = 192.168.0.101,192.168.0.102
# The monitor's data location
# Default: /var/lib/ceph/mon/$cluster-$id
mon data = /var/lib/ceph/mon/$name
# The clock drift in seconds allowed between monitors.
# Type: Float
# (Default: .050)
mon clock drift allowed = .15
# Exponential backoff for clock drift warnings
# Type: Float
# (Default: 5)
mon clock drift warn backoff = 30 # Tell the monitor to backoff from this warning for 30 seconds
# The percentage of disk space used before an OSD is considered full.
# Type: Float
# (Default: .95)
mon osd full ratio = .95
# The percentage of disk space used before an OSD is considered nearfull.
# Type: Float
# (Default: .85)
mon osd nearfull ratio = .85
# The number of seconds Ceph waits before marking a Ceph OSD
# Daemon "down" and "out" if it doesn't respond.
# Type: 32-bit Integer
# (Default: 300)
mon osd down out interval = 300
# The grace period in seconds before declaring unresponsive Ceph OSD
# Daemons "down".
# Type: 32-bit Integer
# (Default: 900)
mon osd report timeout = 300
### http://ceph.com/docs/master/rados/troubleshooting/log-and-debug/
# logging, for debugging monitor crashes, in order of
# their likelihood of being helpful :)
debug ms = 1
debug mon = 20
debug paxos = 20
debug auth = 20
[mon.alpha]
host = alpha
mon addr = 192.168.0.10:6789
[mon.beta]
host = beta
mon addr = 192.168.0.11:6789
[mon.gamma]
host = gamma
mon addr = 192.168.0.12:6789
##################
## Metadata servers
# You must deploy at least one metadata server to use CephFS. There is
# experimental support for running multiple metadata servers. Do not run
# multiple metadata servers in production.
[mds]
### http://ceph.com/docs/master/cephfs/mds-config-ref/
# where the mds keeps it's secret encryption keys
keyring = /var/lib/ceph/mds/$name/keyring
# Determines whether a 'ceph-mds' daemon should poll and
# replay the log of an active MDS (hot standby).
# Type: Boolean
# (Default: false)
mds standby replay = true
# mds logging to debug issues.
debug ms = 1
debug mds = 20
debug journaler = 20
# The number of inodes to cache.
# Type: 32-bit Integer
# (Default: 100000)
mds cache size = 250000
[mds.alpha]
host = alpha
[mds.beta]
host = beta
##################
## osd
# You need at least one. Two or more if you want data to be replicated.
# Define as many as you like.
[osd]
### http://ceph.com/docs/master/rados/configuration/osd-config-ref/
# The path to the OSDs data.
# You must create the directory when deploying Ceph.
# You should mount a drive for OSD data at this mount point.
# We do not recommend changing the default.
# Type: String
# Default: /var/lib/ceph/osd/$cluster-$id
osd data = /var/lib/ceph/osd/$name
## You can change the number of recovery operations to speed up recovery
## or slow it down if your machines can't handle it
# The number of active recovery requests per OSD at one time.
# More requests will accelerate recovery, but the requests
# places an increased load on the cluster.
# Type: 32-bit Integer
# (Default: 5)
osd recovery max active = 3
# The maximum number of backfills allowed to or from a single OSD.
# Type: 64-bit Integer
# (Default: 10)
osd max backfills = 5
# The maximum number of simultaneous scrub operations for a Ceph OSD Daemon.
# Type: 32-bit Int
# (Default: 1)
osd max scrubs = 2
# You may add settings for ceph-deploy so that it will create and mount
# the correct type of file system. Remove the comment `#` character for
# the following settings and replace the values in parenthesis
# with appropriate values, or leave the following settings commented
# out to accept the default values.
#osd mkfs type = {fs-type}
#osd mkfs options {fs-type} = {mkfs options} # default for xfs is "-f"
#osd mount options {fs-type} = {mount options} # default mount option is "rw, noatime"
osd mkfs type = btrfs
osd mount options btrfs = noatime,nodiratime
## Ideally, make this a separate disk or partition. A few
## hundred MB should be enough; more if you have fast or many
## disks. You can use a file under the osd data dir if need be
## (e.g. /data/$name/journal), but it will be slower than a
## separate disk or partition.
# The path to the OSD's journal. This may be a path to a file or a block
# device (such as a partition of an SSD). If it is a file, you must
# create the directory to contain it.
# We recommend using a drive separate from the osd data drive.
# Type: String
# Default: /var/lib/ceph/osd/$cluster-$id/journal
osd journal = /var/lib/ceph/osd/$name/journal
# Check log files for corruption. Can be computationally expensive.
# Type: Boolean
# (Default: false)
osd check for log corruption = true
### http://ceph.com/docs/master/rados/configuration/journal-ref/
# The size of the journal in megabytes. If this is 0,
# and the journal is a block device, the entire block device is used.
# Since v0.54, this is ignored if the journal is a block device,
# and the entire block device is used.
# Type: 32-bit Integer
# (Default: 5120)
# Recommended: Begin with 1GB. Should be at least twice the product
# of the expected speed multiplied by "filestore max sync interval".
osd journal size = 2048 ; journal size, in megabytes
## If you want to run the journal on a tmpfs, disable DirectIO
# Enables direct i/o to the journal.
# Requires "journal block align" set to "true".
# Type: Boolean
# Required: Yes when using aio.
# (Default: true)
journal dio = false
# osd logging to debug osd issues, in order of likelihood of being helpful
debug ms = 1
debug osd = 20
debug filestore = 20
debug journal = 20
### http://ceph.com/docs/master/rados/configuration/filestore-config-ref/
# The maximum interval in seconds for synchronizing the filestore.
# Type: Double (optional)
# (Default: 5)
filestore max sync interval = 5
# Enable snapshots for a btrfs filestore.
# Type: Boolean
# Required: No. Only used for btrfs.
# (Default: true)
filestore btrfs snap = false
# Enables the filestore flusher.
# Type: Boolean
# Required: No
# (Default: false)
filestore flusher = true
# Defines the maximum number of in progress operations the file store
# accepts before blocking on queuing new operations.
# Type: Integer
# Required: No. Minimal impact on performance.
# (Default: 500)
filestore queue max ops = 500
## Filestore and OSD settings can be tweak to achieve better performance
### http://ceph.com/docs/master/rados/configuration/filestore-config-ref/#misc
# Min number of files in a subdir before merging into parent NOTE: A negative value means to disable subdir merging
# Type: Integer
# Required: No
# Default: 10
filestore merge threshold = 10
# filestore_split_multiple * abs(filestore_merge_threshold) * 16 is the maximum number of files in a subdirectory before splitting into child directories.
# Type: Integer
# Required: No
# Default: 2
filestore split multiple = 2
# The number of filesystem operation threads that execute in parallel.
# Type: Integer
# Required: No
# Default: 2
filestore op threads = 4
# The number of threads to service Ceph OSD Daemon operations. Set to 0 to disable it. Increasing the number may increase the request processing rate.
# Type: 32-bit Integer
# Default: 2
osd op threads = 2
## CRUSH
# By default OSDs update their details (location, weight and root) on the CRUSH map during startup
# Type: Boolean
# Required: No;
# (Default: true)
osd crush update on start = false
[osd.0]
host = delta
[osd.1]
host = epsilon
[osd.2]
host = zeta
[osd.3]
host = eta
##################
## client settings
[client]
### http://ceph.com/docs/master/rbd/rbd-config-ref/
# Enable caching for RADOS Block Device (RBD).
# Type: Boolean
# Required: No
# (Default: true)
rbd cache = true
# The RBD cache size in bytes.
# Type: 64-bit Integer
# Required: No
# (Default: 32 MiB)
;rbd cache size = 33554432
# The dirty limit in bytes at which the cache triggers write-back.
# If 0, uses write-through caching.
# Type: 64-bit Integer
# Required: No
# Constraint: Must be less than rbd cache size.
# (Default: 24 MiB)
rbd cache max dirty = 25165824
# The dirty target before the cache begins writing data to the data storage.
# Does not block writes to the cache.
# Type: 64-bit Integer
# Required: No
# Constraint: Must be less than rbd cache max dirty.
# (Default: 16 MiB)
rbd cache target dirty = 16777216
# The number of seconds dirty data is in the cache before writeback starts.
# Type: Float
# Required: No
# (Default: 1.0)
rbd cache max dirty age = 1.0
# Start out in write-through mode, and switch to write-back after the
# first flush request is received. Enabling this is a conservative but
# safe setting in case VMs running on rbd are too old to send flushes,
# like the virtio driver in Linux before 2.6.32.
# Type: Boolean
# Required: No
# (Default: true)
rbd cache writethrough until flush = true
# The Ceph admin socket allows you to query a daemon via a socket interface
# From a client perspective this can be a virtual machine using librbd
# Type: String
# Required: No
admin socket = /var/run/ceph/$cluster-$type.$id.$pid.$cctid.asok
##################
## radosgw client settings
[client.radosgw.gateway]
### http://ceph.com/docs/master/radosgw/config-ref/
# Sets the location of the data files for Ceph Object Gateway.
# You must create the directory when deploying Ceph.
# We do not recommend changing the default.
# Type: String
# Default: /var/lib/ceph/radosgw/$cluster-$id
rgw data = /var/lib/ceph/radosgw/$name
# Client's hostname
host = ceph-radosgw
# where the radosgw keeps it's secret encryption keys
keyring = /etc/ceph/ceph.client.radosgw.keyring
# FastCgiExternalServer uses this socket.
# If you do not specify a socket path, Ceph Object Gateway will not run as an external server.
# The path you specify here must be the same as the path specified in the rgw.conf file.
# Type: String
# Default: None
rgw socket path = /var/run/ceph/ceph.radosgw.gateway.fastcgi.sock
# The location of the logging file for your radosgw.
# Type: String
# Required: No
# Default: /var/log/ceph/$cluster-$name.log
log file = /var/log/ceph/client.radosgw.gateway.log
# Enable 100-continue if it is operational.
# Type: Boolean
# Default: true
rgw print continue = false
# The DNS name of the served domain.
# Type: String
# Default: None
rgw dns name = radosgw.ceph.internal

View File

@ -0,0 +1,3 @@
MAILTO=cron@example.com
42 * * * * lutter /usr/local/bin/backup
54 16 * * * lutter /usr/sbin/stuff

View File

@ -0,0 +1,6 @@
# This somewhat nonsensical file used to segfault in test-api.c
if [ 1 ]; then
# K
else
# I
fi

View File

@ -0,0 +1,46 @@
# Example dput.cf that defines the host that can be used
# with dput for uploading.
[DEFAULT]
login = username
method = ftp
hash = md5
allow_unsigned_uploads = 0
run_lintian = 0
run_dinstall = 0
check_version = 0
scp_compress = 0
post_upload_command =
pre_upload_command =
passive_ftp = 1
default_host_non-us =
default_host_main = hebex
[hebex]
fqdn = condor.infra.s1.p.fti.net
login = anonymous
method = ftp
incoming = /incoming/hebex
passive_ftp = 0
[dop/desktop]
fqdn = condor.infra.s1.p.fti.net
login = anonymous
method = ftp
incoming = /incoming/dop/desktop
passive_ftp = 0
[dop/experimental]
fqdn = condor.infra.s1.p.fti.net
login = anonymous
method = ftp
incoming = /incoming/dop/experimental
passive_ftp = 0
[dop/test]
fqdn = condor.infra.s1.p.fti.net
login = anonymous
method = ftp
incoming = /incoming/dop/test
passive_ftp = 0

View File

@ -0,0 +1,4 @@
/local 207.46.0.0/16(rw,sync)
/home 207.46.0.0/16(rw,root_squash,sync) 192.168.50.2/32(rw,root_squash,sync)
/tmp 207.46.0.0/16(rw,root_squash,sync)
/pub *(ro,insecure,all_squash)

View File

@ -0,0 +1,10 @@
/dev/vg00/lv00 / ext3 defaults 1 1
LABEL=/boot /boot ext3 defaults 1 2
devpts /dev/pts devpts gid=5,mode=620 0 0
tmpfs /dev/shm tmpfs defaults 0 0
/dev/vg00/home /home ext3 defaults 1 2
proc /proc proc defaults 0 0
sysfs /sys sysfs defaults 0 0
/dev/vg00/local /local ext3 defaults 1 2
/dev/vg00/images /var/lib/xen/images ext3 defaults 1 2
/dev/vg00/swap swap swap defaults 0 0

View File

@ -0,0 +1,26 @@
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail,postfix
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
floppy:x:19:
vcsa:x:69:
rpc:x:32:
rpcuser:x:29:
nfsnobody:x:499:

View File

@ -0,0 +1,31 @@
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
# all kernel and initrd paths are relative to /boot/, eg.
# root (hd0,0)
# kernel /vmlinuz-version ro root=/dev/vg00/lv00
# initrd /initrd-version.img
#boot=/dev/sda
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Fedora (2.6.24.4-64.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.4-64.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.4-64.fc8.img
title Fedora (2.6.24.3-50.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.3-50.fc8.img
title Fedora (2.6.21.7-3.fc8xen)
root (hd0,0)
kernel /xen.gz-2.6.21.7-3.fc8
module /vmlinuz-2.6.21.7-3.fc8xen ro root=/dev/vg00/lv00
module /initrd-2.6.21.7-3.fc8xen.img
title Fedora (2.6.24.3-34.fc8)
root (hd0,0)
kernel /vmlinuz-2.6.24.3-34.fc8 ro root=/dev/vg00/lv00
initrd /initrd-2.6.24.3-34.fc8.img
savedefault

View File

@ -0,0 +1,26 @@
root:x::root
bin:x::root,bin,daemon
daemon:x::root,bin,daemon
sys:x::root,bin,adm
adm:x:root,adm:root,adm,daemon
tty:x::
disk:x::root
lp:x::daemon,lp
mem:x::
kmem:x::
wheel:x::root
mail:x::mail,postfix
uucp:x::uucp
man:x::
games:x::
gopher:x::
dip:x::
ftp:x::
lock:x::
nobody:x::
users:x::
floppy:x::
vcsa:x::
rpc:x::
rpcuser:x::
nfsnobody:x::

View File

@ -0,0 +1,6 @@
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost galia.watzmann.net galia
#172.31.122.254 granny.watzmann.net granny puppet
#172.31.122.1 galia.watzmann.net galia
172.31.122.14 orange.watzmann.net orange

View File

@ -0,0 +1,222 @@
#
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
LoadModule ssl_module modules/mod_ssl.so
#
# When we also provide SSL we have to listen to the
# the HTTPS port in addition.
#
Listen 443
##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex default
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the
# SSL library. The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
#
# Use "SSLCryptoDevice" to enable any supported hardware
# accelerators. Use "openssl engine -v" to list supported
# engine names. NOTE: If you enable an accelerator and the
# server does not start, consult the error logs and ensure
# your accelerator is functioning properly.
#
SSLCryptoDevice builtin
#SSLCryptoDevice ubsec
##
## SSL Virtual Host Context
##
<VirtualHost _default_:443>
# General setup for the virtual host, inherited from global configuration
#DocumentRoot "/var/www/html"
#ServerName www.example.com:443
# Use separate log files for the SSL virtual host; note that LogLevel
# is not inherited from httpd.conf.
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect. Disable SSLv2 access by default:
SSLProtocol all -SSLv2
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
# Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If
# the certificate is encrypted, then you will be prompted for a
# pass phrase. Note that a kill -HUP will prompt again. A new
# certificate can be generated using the genkey(1) command.
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
# Server Private Key:
# If the key is not combined with the certificate, use this
# directive to point at the key file. Keep in mind that if
# you've both a RSA and a DSA private key you can configure
# both in parallel (to also allow the use of DSA ciphers, etc.)
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
# Client Authentication (Type):
# Client certificate verification type and depth. Types are
# none, optional, require and optional_no_ca. Depth is a
# number which specifies how deeply to verify the certificate
# issuer chain before deciding the certificate is not valid.
#SSLVerifyClient require
#SSLVerifyDepth 10
# Access Control:
# With SSLRequire you can do per-directory access control based
# on arbitrary complex boolean expressions containing server
# variable checks and other lookup directives. The syntax is a
# mixture between C and Perl. See the mod_ssl documentation
# for more details.
#<Location />
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
#</Location>
# SSL Engine Options:
# Set various options for the SSL engine.
# o FakeBasicAuth:
# Translate the client X.509 into a Basic Authorisation. This means that
# the standard Auth/DBMAuth methods can be used for access control. The
# user name is the `one line' version of the client's X.509 certificate.
# Note that no password is obtained from the user. Every entry in the user
# file needs this password: `xxj31ZMTZzkVA'.
# o ExportCertData:
# This exports two additional environment variables: SSL_CLIENT_CERT and
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
# server (always existing) and the client (only existing when client
# authentication is used). This can be used to import the certificates
# into CGI scripts.
# o StdEnvVars:
# This exports the standard SSL/TLS related `SSL_*' environment variables.
# Per default this exportation is switched off for performance reasons,
# because the extraction step is an expensive operation and is usually
# useless for serving static content. So one usually enables the
# exportation for CGI and SSI requests only.
# o StrictRequire:
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
# under a "Satisfy any" situation, i.e. when it applies access is denied
# and no other module can change it.
# o OptRenegotiate:
# This enables optimized SSL connection renegotiation handling when SSL
# directives are used in per-directory context.
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
# SSL Protocol Adjustments:
# The safe and default but still SSL/TLS standard compliant shutdown
# approach is that mod_ssl sends the close notify alert but doesn't wait for
# the close notify alert from client. When you need a different shutdown
# approach you can use one of the following variables:
# o ssl-unclean-shutdown:
# This forces an unclean shutdown when the connection is closed, i.e. no
# SSL close notify alert is send or allowed to received. This violates
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
# this when you receive I/O errors because of the standard approach where
# mod_ssl sends the close notify alert.
# o ssl-accurate-shutdown:
# This forces an accurate shutdown when the connection is closed, i.e. a
# SSL close notify alert is send and mod_ssl waits for the close notify
# alert of the client. This is 100% SSL/TLS standard compliant, but in
# practice often causes hanging connections with brain-dead browsers. Use
# this only for browsers where you know that their SSL implementation
# works correctly.
# Notice: Most problems of broken clients are also related to the HTTP
# keep-alive facility, so you usually additionally want to disable
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
# "force-response-1.0" for this.
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

View File

@ -0,0 +1,67 @@
#
# This file loads most of the modules included with the Apache HTTP
# Server itself.
#
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule allowmethods_module modules/mod_allowmethods.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule cache_module modules/mod_cache.so
LoadModule cache_disk_module modules/mod_cache_disk.so
LoadModule cache_socache_module modules/mod_cache_socache.so
LoadModule data_module modules/mod_data.so
LoadModule dbd_module modules/mod_dbd.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
LoadModule dumpio_module modules/mod_dumpio.so
LoadModule echo_module modules/mod_echo.so
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule filter_module modules/mod_filter.so
LoadModule headers_module modules/mod_headers.so
LoadModule include_module modules/mod_include.so
LoadModule info_module modules/mod_info.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule macro_module modules/mod_macro.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule remoteip_module modules/mod_remoteip.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule request_module modules/mod_request.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule socache_dbm_module modules/mod_socache_dbm.so
LoadModule socache_memcache_module modules/mod_socache_memcache.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule status_module modules/mod_status.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule version_module modules/mod_version.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule watchdog_module modules/mod_watchdog.so

View File

@ -0,0 +1,3 @@
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule dav_lock_module modules/mod_dav_lock.so

View File

@ -0,0 +1 @@
LoadModule lua_module modules/mod_lua.so

View File

@ -0,0 +1,23 @@
# Select the MPM module which should be used by uncommenting exactly
# one of the following LoadModule lines. See the httpd.service(8) man
# page for more information on changing the MPM.
# prefork MPM: Implements a non-threaded, pre-forking web server
# See: http://httpd.apache.org/docs/2.4/mod/prefork.html
#
# NOTE: If enabling prefork, the httpd_graceful_shutdown SELinux
# boolean should be enabled, to allow graceful stop/shutdown.
#
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
# worker MPM: Multi-Processing Module implementing a hybrid
# multi-threaded multi-process web server
# See: http://httpd.apache.org/docs/2.4/mod/worker.html
#
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
# event MPM: A variant of the worker MPM with the goal of consuming
# threads only for connections with active processing
# See: http://httpd.apache.org/docs/2.4/mod/event.html
#
LoadModule mpm_event_module modules/mod_mpm_event.so

View File

@ -0,0 +1,18 @@
#
# This file lists modules included with the Apache HTTP Server
# which are not enabled by default.
#
#LoadModule asis_module modules/mod_asis.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule heartbeat_module modules/mod_heartbeat.so
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule dialup_module modules/mod_dialup.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
#LoadModule reflector_module modules/mod_reflector.so
#LoadModule sed_module modules/mod_sed.so
#LoadModule speling_module modules/mod_speling.so

View File

@ -0,0 +1,17 @@
# This file configures all the proxy modules:
LoadModule proxy_module modules/mod_proxy.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so

View File

@ -0,0 +1,2 @@
# This file configures systemd module:
LoadModule systemd_module modules/mod_systemd.so

View File

@ -0,0 +1,14 @@
# This configuration file loads a CGI module appropriate to the MPM
# which has been configured in 00-mpm.conf. mod_cgid should be used
# with a threaded MPM; mod_cgi with the prefork MPM.
<IfModule mpm_worker_module>
LoadModule cgid_module modules/mod_cgid.so
</IfModule>
<IfModule mpm_event_module>
LoadModule cgid_module modules/mod_cgid.so
</IfModule>
<IfModule mpm_prefork_module>
LoadModule cgi_module modules/mod_cgi.so
</IfModule>

View File

@ -0,0 +1 @@
LoadModule http2_module modules/mod_http2.so

View File

@ -0,0 +1 @@
LoadModule dnssd_module modules/mod_dnssd.so

View File

@ -0,0 +1 @@
LoadModule proxy_http2_module modules/mod_proxy_http2.so

View File

@ -0,0 +1,9 @@
This directory holds configuration files for the Apache HTTP Server;
any files in this directory which have the ".conf" extension will be
processed as httpd configuration files. This directory contains
configuration fragments necessary only to load modules.
Administrators should use the directory "/etc/httpd/conf.d" to modify
the configuration of httpd, or any modules.
Files are processed in alphanumeric order.

View File

@ -0,0 +1,53 @@
#
# inittab This file describes how the INIT process should set up
# the system in a certain run-level.
#
# Author: Miquel van Smoorenburg, <miquels@drinkel.nl.mugnet.org>
# Modified for RHS Linux by Marc Ewing and Donnie Barnes
#
# Default runlevel. The runlevels used by RHS are:
# 0 - halt (Do NOT set initdefault to this)
# 1 - Single user mode
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:5:initdefault:
# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
# Trap CTRL-ALT-DELETE
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
# When our UPS tells us power has failed, assume we have a few minutes
# of power left. Schedule a shutdown for 2 minutes from now.
# This does, of course, assume you have powerd installed and your
# UPS connected and working correctly.
pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"
# If power was restored before the shutdown kicked in, cancel it.
pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"
# Run gettys in standard runlevels
1:2345:respawn:/sbin/mingetty tty1
2:2345:respawn:/sbin/mingetty tty2
3:2345:respawn:/sbin/mingetty tty3
4:2345:respawn:/sbin/mingetty tty4
5:2345:respawn:/sbin/mingetty tty5
6:2345:respawn:/sbin/mingetty tty6
# Run xdm in runlevel 5
x:5:respawn:/etc/X11/prefdm -nodaemon

View File

@ -0,0 +1,192 @@
# This file contains a series of commands to perform (in order) in the kdump
# kernel after a kernel crash in the crash kernel(1st kernel) has happened.
#
# Directives in this file are only applicable to the kdump initramfs, and have
# no effect once the root filesystem is mounted and the normal init scripts are
# processed.
#
# Currently, only one dump target and path can be specified. If the dumping to
# the configured target fails, the failure action which can be configured via
# the "failure_action" directive will be performed.
#
# Supported options:
#
# auto_reset_crashkernel <yes|no>
# - whether to reset kernel crashkernel to new default value
# or not when kexec-tools updates the default crashkernel value and
# existing kernels using the old default kernel crashkernel value.
# The default value is yes.
#
# raw <partition>
# - Will dd /proc/vmcore into <partition>.
# Use persistent device names for partition devices,
# such as /dev/vg/<devname>.
#
# nfs <nfs mount>
# - Will mount nfs to <mnt>, and copy /proc/vmcore to
# <mnt>/<path>/%HOST-%DATE/, supports DNS.
#
# ssh <user@server>
# - Will save /proc/vmcore to <user@server>:<path>/%HOST-%DATE/,
# supports DNS.
# NOTE: make sure the user has write permissions on the server.
#
# sshkey <path>
# - Will use the sshkey to do ssh dump.
# Specify the path of the ssh key to use when dumping
# via ssh. The default value is /root/.ssh/kdump_id_rsa.
#
# <fs type> <partition>
# - Will mount -t <fs type> <partition> <mnt>, and copy
# /proc/vmcore to <mnt>/<path>/%HOST_IP-%DATE/.
# NOTE: <partition> can be a device node, label or uuid.
# It's recommended to use persistent device names
# such as /dev/vg/<devname>.
# Otherwise it's suggested to use label or uuid.
#
# path <path>
# - "path" represents the file system path in which vmcore
# will be saved. If a dump target is specified in
# kdump.conf, then "path" is relative to the specified
# dump target.
#
# Interpretation of "path" changes a bit if the user didn't
# specify any dump target explicitly in kdump.conf. In this
# case, "path" represents the absolute path from root. The
# dump target and adjusted path are arrived at automatically
# depending on what's mounted in the current system.
#
# Ignored for raw device dumps. If unset, will use the default
# "/var/crash".
#
# core_collector <command> <options>
# - This allows you to specify the command to copy
# the vmcore. The default is makedumpfile, which on
# some architectures can drastically reduce vmcore size.
# See /sbin/makedumpfile --help for a list of options.
# Note that the -i and -g options are not needed here,
# as the initrd will automatically be populated with a
# config file appropriate for the running kernel.
# The default core_collector for raw/ssh dump is:
# "makedumpfile -F -l --message-level 7 -d 31".
# The default core_collector for other targets is:
# "makedumpfile -l --message-level 7 -d 31".
#
# "makedumpfile -F" will create a flattened vmcore.
# You need to use "makedumpfile -R" to rearrange the dump data to
# a normal dumpfile readable with analysis tools. For example:
# "makedumpfile -R vmcore < vmcore.flat".
#
# For core_collector format details, you can refer to
# kexec-kdump-howto.txt or kdump.conf manpage.
#
# kdump_post <binary | script>
# - This directive allows you to run a executable binary
# or script after the vmcore dump process terminates.
# The exit status of the current dump process is fed to
# the executable binary or script as its first argument.
# All files under /etc/kdump/post.d are collectively sorted
# and executed in lexical order, before binary or script
# specified kdump_post parameter is executed.
#
# kdump_pre <binary | script>
# - Works like the "kdump_post" directive, but instead of running
# after the dump process, runs immediately before it.
# Exit status of this binary is interpreted as follows:
# 0 - continue with dump process as usual
# non 0 - run the final action (reboot/poweroff/halt)
# All files under /etc/kdump/pre.d are collectively sorted and
# executed in lexical order, after binary or script specified
# kdump_pre parameter is executed.
# Even if the binary or script in /etc/kdump/pre.d directory
# returns non 0 exit status, the processing is continued.
#
# extra_bins <binaries | shell scripts>
# - This directive allows you to specify additional binaries or
# shell scripts to be included in the kdump initrd.
# Generally they are useful in conjunction with a kdump_post
# or kdump_pre binary or script which depends on these extra_bins.
#
# extra_modules <module(s)>
# - This directive allows you to specify extra kernel modules
# that you want to be loaded in the kdump initrd.
# Multiple modules can be listed, separated by spaces, and any
# dependent modules will automatically be included.
#
# failure_action <reboot | halt | poweroff | shell | dump_to_rootfs>
# - Action to perform in case dumping fails.
# reboot: Reboot the system.
# halt: Halt the system.
# poweroff: Power down the system.
# shell: Drop to a bash shell.
# Exiting the shell reboots the system by default,
# or perform "final_action".
# dump_to_rootfs: Dump vmcore to rootfs from initramfs context and
# reboot by default or perform "final_action".
# Useful when non-root dump target is specified.
# The default option is "reboot".
#
# default <reboot | halt | poweroff | shell | dump_to_rootfs>
# - Same as the "failure_action" directive above, but this directive
# is obsolete and will be removed in the future.
#
# final_action <reboot | halt | poweroff>
# - Action to perform in case dumping succeeds. Also performed
# when "shell" or "dump_to_rootfs" failure action finishes.
# Each action is same as the "failure_action" directive above.
# The default is "reboot".
#
# force_rebuild <0 | 1>
# - By default, kdump initrd will only be rebuilt when necessary.
# Specify 1 to force rebuilding kdump initrd every time when kdump
# service starts.
#
# force_no_rebuild <0 | 1>
# - By default, kdump initrd will be rebuilt when necessary.
# Specify 1 to bypass rebuilding of kdump initrd.
#
# force_no_rebuild and force_rebuild options are mutually
# exclusive and they should not be set to 1 simultaneously.
#
# override_resettable <0 | 1>
# - Usually an unresettable block device can't be a dump target.
# Specifying 1 when you want to dump even though the block
# target is unresettable
# By default, it is 0, which will not try dumping destined to fail.
#
# dracut_args <arg(s)>
# - Pass extra dracut options when rebuilding kdump initrd.
#
# fence_kdump_args <arg(s)>
# - Command line arguments for fence_kdump_send (it can contain
# all valid arguments except hosts to send notification to).
#
# fence_kdump_nodes <node(s)>
# - List of cluster node(s) except localhost, separated by spaces,
# to send fence_kdump notifications to.
# (this option is mandatory to enable fence_kdump).
#
#raw /dev/vg/lv_kdump
#ext4 /dev/vg/lv_kdump
#ext4 LABEL=/boot
#ext4 UUID=03138356-5e61-4ab3-b58e-27507ac41937
#nfs my.server.com:/export/tmp
#nfs [2001:db8::1:2:3:4]:/export/tmp
#ssh user@my.server.com
#ssh user@2001:db8::1:2:3:4
#sshkey /root/.ssh/kdump_id_rsa
auto_reset_crashkernel yes
path /var/crash
core_collector makedumpfile -l --message-level 7 -d 31
#core_collector scp
#kdump_post /var/crash/scripts/kdump-post.sh
#kdump_pre /var/crash/scripts/kdump-pre.sh
#extra_bins /usr/bin/lftp
#extra_modules gfs2
#failure_action shell
#force_rebuild 1
#force_no_rebuild 1
#dracut_args --omit-drivers "cfg80211 snd" --add-drivers "ext2 ext3"
#fence_kdump_args -p 7410 -f auto -c 0 -i 10
#fence_kdump_nodes node1 node2

View File

@ -0,0 +1,31 @@
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
[realms]
EXAMPLE.COM = {
kdc = kerberos.example.com:88
admin_server = kerberos.example.com:749
default_domain = example.com
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}

View File

@ -0,0 +1,8 @@
/var/log/acpid {
missingok
notifempty
size=64k
postrotate
/etc/init.d/acpid condrestart >/dev/null || :
endscript
}

View File

@ -0,0 +1,6 @@
/var/log/rpmpkgs {
weekly
notifempty
missingok
create 0640 root root
}

View File

@ -0,0 +1,353 @@
### This file is automatically generated by update-modules"
#
# Please do not edit this file directly. If you want to change or add
# anything please take a look at the files in /etc/modutils and read
# the manpage for update-modules.
#
### update-modules: start processing /etc/modutils/0keep
# DO NOT MODIFY THIS FILE!
# This file is not marked as conffile to make sure if you upgrade modutils
# it will be restored in case some modifications have been made.
#
# The keep command is necessary to prevent insmod and friends from ignoring
# the builtin defaults of a path-statement is encountered. Until all other
# packages use the new `add path'-statement this keep-statement is essential
# to keep your system working
keep
### update-modules: end processing /etc/modutils/0keep
### update-modules: start processing /etc/modutils/1devfsd
# /etc/modules.devfs
# Richard Gooch <rgooch@atnf.csiro.au> 24-MAR-2002
#
# THIS IS AN AUTOMATICALLY GENERATED FILE. DO NOT EDIT!!!
# THIS FILE WILL BE OVERWRITTEN EACH TIME YOU INSTALL DEVFSD!!!
# Modify /etc/modules.conf instead.
# This file comes with devfsd-vDEVFSD-VERSION which is available from:
# http://www.atnf.csiro.au/~rgooch/linux/
# or directly from:
# ftp://ftp.atnf.csiro.au/pub/people/rgooch/linux/daemons/devfsd-vDEVFSD-VERSION.tar.gz
###############################################################################
# Sample configurations that you may want to place in /etc/modules.conf
#
#alias sound-slot-0 sb
#alias /dev/v4l bttv
#alias /dev/misc/watchdog pcwd
#alias gen-md raid0
#alias /dev/joysticks joystick
#probeall scsi_hostadapter sym53c8xx
###############################################################################
# Generic section: do not change or copy
#
# All HDDs
probeall /dev/discs scsi_hostadapter sd_mod ide-probe-mod ide-disk ide-floppy DAC960
alias /dev/discs/* /dev/discs
# All CD-ROMs
probeall /dev/cdroms scsi_hostadapter sr_mod ide-probe-mod ide-cd cdrom
alias /dev/cdroms/* /dev/cdroms
alias /dev/cdrom /dev/cdroms
# All tapes
probeall /dev/tapes scsi_hostadapter st ide-probe-mod ide-tape
alias /dev/tapes/* /dev/tapes
# All SCSI devices
probeall /dev/scsi scsi_hostadapter sd_mod sr_mod st sg
# All IDE devices
alias /dev/hd* /dev/ide
alias /dev/ide/host*/bus*/target*/lun*/* /dev/ide
probeall /dev/ide ide-probe-mod ide-disk ide-cd ide-tape ide-floppy
# IDE CD-ROMs
alias /dev/ide/*/cd ide-cd
# SCSI HDDs
probeall /dev/sd scsi_hostadapter sd_mod
alias /dev/sd* /dev/sd
# SCSI CD-ROMs
probeall /dev/sr scsi_hostadapter sr_mod
alias /dev/sr* /dev/sr
alias /dev/scsi/*/cd sr_mod
# SCSI tapes
probeall /dev/st scsi_hostadapter st
alias /dev/st* /dev/st
alias /dev/nst* /dev/st
# SCSI generic
probeall /dev/sg scsi_hostadapter sg
alias /dev/sg* /dev/sg
alias /dev/scsi/*/generic /dev/sg
alias /dev/pg /dev/sg
alias /dev/pg* /dev/sg
# Floppies
alias /dev/floppy floppy
alias /dev/fd* floppy
# RAMDISCs
alias /dev/rd rd
alias /dev/ram* rd
# Loop devices
alias /dev/loop* loop
# Meta devices
alias /dev/md* gen-md
# Parallel port printers
alias /dev/printers* lp
alias /dev/lp* /dev/printers
# Soundcard
alias /dev/sound sound-slot-0
alias /dev/audio /dev/sound
alias /dev/mixer /dev/sound
alias /dev/dsp /dev/sound
alias /dev/dspW /dev/sound
alias /dev/midi /dev/sound
# Joysticks
alias /dev/js* /dev/joysticks
# Serial ports
alias /dev/tts* serial
alias /dev/ttyS* /dev/tts
alias /dev/cua* /dev/tts
# Input devices
alias /dev/input/mouse* mousedev
# Miscellaneous devices
alias /dev/misc/atibm atixlmouse
alias /dev/misc/inportbm msbusmouse
alias /dev/misc/logibm busmouse
alias /dev/misc/rtc rtc
alias /dev/misc/agpgart agpgart
alias /dev/rtc /dev/misc/rtc
# PPP devices
alias /dev/ppp* ppp_generic
# Video capture devices
alias /dev/video* /dev/v4l
alias /dev/vbi* /dev/v4l
# agpgart
alias /dev/agpgart agpgart
alias /dev/dri* agpgart
# Irda devices
alias /dev/ircomm ircomm-tty
alias /dev/ircomm* /dev/ircomm
# Raw I/O devices
alias /dev/rawctl /dev/raw
# Pull in the configuration file. Do this last because modprobe(8) processes in
# per^H^H^Hreverse order and the sysadmin may want to over-ride what is in the
# generic file
#include /etc/modules.conf
### update-modules: end processing /etc/modutils/1devfsd
### update-modules: start processing /etc/modutils/actions
# Special actions that are needed for some modules
# The BTTV module does not load the tuner module automatically,
# so do that in here
post-install bttv insmod tuner
post-remove bttv rmmod tuner
### update-modules: end processing /etc/modutils/actions
### update-modules: start processing /etc/modutils/aliases
# Aliases to tell insmod/modprobe which modules to use
# Uncomment the network protocols you don't want loaded:
# alias net-pf-1 off # Unix
# alias net-pf-2 off # IPv4
# alias net-pf-3 off # Amateur Radio AX.25
# alias net-pf-4 off # IPX
# alias net-pf-5 off # DDP / appletalk
# alias net-pf-6 off # Amateur Radio NET/ROM
# alias net-pf-9 off # X.25
# alias net-pf-10 off # IPv6
# alias net-pf-11 off # ROSE / Amateur Radio X.25 PLP
# alias net-pf-19 off # Acorn Econet
alias char-major-10-175 agpgart
alias char-major-10-200 tun
alias char-major-81 bttv
alias char-major-108 ppp_generic
alias /dev/ppp ppp_generic
alias tty-ldisc-3 ppp_async
alias tty-ldisc-14 ppp_synctty
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate
# Crypto modules (see http://www.kerneli.org/)
alias loop-xfer-gen-0 loop_gen
alias loop-xfer-3 loop_fish2
alias loop-xfer-gen-10 loop_gen
alias cipher-2 des
alias cipher-3 fish2
alias cipher-4 blowfish
alias cipher-6 idea
alias cipher-7 serp6f
alias cipher-8 mars6
alias cipher-11 rc62
alias cipher-15 dfc2
alias cipher-16 rijndael
alias cipher-17 rc5
alias char-major-195 NVdriver
### update-modules: end processing /etc/modutils/aliases
### update-modules: start processing /etc/modutils/alsa-path
# Debian ALSA modules path
# Do not edit this unless you understand what you're doing.
path=/lib/modules/`uname -r`/alsa
### update-modules: end processing /etc/modutils/alsa-path
### update-modules: start processing /etc/modutils/apm
alias char-major-10-134 apm
alias /dev/apm_bios /dev/misc/apm_bios
alias /dev/misc/apm_bios apm
### update-modules: end processing /etc/modutils/apm
### update-modules: start processing /etc/modutils/cdrw
options ide-cd ignore=hdc # tell the ide-cd module to ignore hdb
alias scd0 sr_mod # load sr_mod upon access of scd0
#pre-install ide-scsi modprobe imm # uncomment for some ZIP drives only
pre-install sg modprobe ide-scsi # load ide-scsi before sg
pre-install sr_mod modprobe ide-scsi # load ide-scsi before sr_mod
pre-install ide-scsi modprobe ide-cd # load ide-cd before ide-scsi
### update-modules: end processing /etc/modutils/cdrw
### update-modules: start processing /etc/modutils/irda
alias tty-ldisc-11 irtty
alias char-major-161 ircomm-tty
alias char-major-60 ircomm_tty
# for dongle
alias irda-dongle-0 tekram
alias irda-dongle-1 esi
alias irda-dongle-2 actisys
alias irda-dongle-3 actisys
alias irda-dongle-4 girbil
alias irda-dongle-5 litelink
alias irda-dongle-6 airport
alias irda-dongle-7 old_belkin
# for FIR device
alias irda0 smc-ircc
#dongle_id=0x09
pre-install smc-ircc /usr/local/sbin/tosh5100-smcinit
### update-modules: end processing /etc/modutils/irda
### update-modules: start processing /etc/modutils/paths
# This file contains a list of paths that modprobe should scan,
# beside the once that are compiled into the modutils tools
# themselves.
### update-modules: end processing /etc/modutils/paths
### update-modules: start processing /etc/modutils/pcmcia
pre-install ide-cs /etc/init.d/irda stop
post-remove ide-cs /etc/init.d/irda start
### update-modules: end processing /etc/modutils/pcmcia
### update-modules: start processing /etc/modutils/ppp
alias /dev/ppp ppp_generic
alias char-major-108 ppp_generic
alias tty-ldisc-3 ppp_async
alias tty-ldisc-14 ppp_synctty
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate
### update-modules: end processing /etc/modutils/ppp
### update-modules: start processing /etc/modutils/setserial
#
# This is what I wanted to do, but logger is in /usr/bin, which isn't loaded
# when the module is first loaded into the kernel at boot time!
#
#post-install serial /etc/init.d/setserial start | logger -p daemon.info -t "setserial-module reload"
#pre-remove serial /etc/init.d/setserial stop | logger -p daemon.info -t "setserial-module uload"
#
alias /dev/tts serial
alias /dev/tts/0 serial
alias /dev/tts/1 serial
alias /dev/tts/2 serial
alias /dev/tts/3 serial
post-install serial /etc/init.d/setserial modload > /dev/null 2> /dev/null
pre-remove serial /etc/init.d/setserial modsave > /dev/null 2> /dev/null
### update-modules: end processing /etc/modutils/setserial
### update-modules: start processing /etc/modutils/sound
# ALSA portion
alias char-major-116 snd
# OSS/Free portion
alias char-major-14 soundcore
alias snd-card-0 snd-intel8x0
alias sound-slot-0 snd-card-0
# OSS/Free portion - card #1
alias sound-service-0-0 snd-mixer-oss
alias sound-service-0-1 snd-seq-oss
alias sound-service-0-3 snd-pcm-oss
alias sound-service-0-8 snd-seq-oss
alias sound-service-0-12 snd-pcm-oss
alias sound-service-1-0 off
alias sound-slot-1 off
#gentoo suggestion
alias /dev/dsp snd-pcm-oss
alias /dev/mixer snd-mixer-oss
alias /dev/midi snd-seq-oss
### update-modules: end processing /etc/modutils/sound
### update-modules: start processing /etc/modutils/toshutils
alias char-major-10-181 toshiba
options toshiba tosh_fn=0x62
### update-modules: end processing /etc/modutils/toshutils
### update-modules: start processing /etc/modutils/usb
options usb-uhci debug 3
post-install belkin_sa /usr/local/sbin/belkin-usb-serial
### update-modules: end processing /etc/modutils/usb
### update-modules: start processing /etc/modutils/arch/i386
#alias parport_lowlevel parport_pc
alias char-major-10-144 nvram
alias binfmt-0064 binfmt_aout
alias char-major-10-135 rtc
alias parport_lowlevel off
alias char-major-6 off
### update-modules: end processing /etc/modutils/arch/i386

View File

@ -0,0 +1,97 @@
# This is a basic configuration file with some examples, for device mapper
# multipath.
# For a complete list of the default configuration values, see
# /usr/share/doc/device-mapper-multipath-0.4.8/multipath.conf.defaults
# For a list of configuration options with descriptions, see
# /usr/share/doc/device-mapper-multipath-0.4.8/multipath.conf.annotated
# Blacklist all devices by default. Remove this to enable multipathing
# on the default devices.
blacklist {
devnode "*"
}
# By default, devices with vendor = "IBM" and product = "S/390.*" are
# blacklisted. To enable mulitpathing on these devies, uncomment the
# following lines.
blacklist_exceptions {
device {
vendor "IBM"
product "S/390.*"
}
}
## Use user friendly names, instead of using WWIDs as names.
defaults {
user_friendly_names yes
}
#
# Here is an example of how to configure some standard options.
#
defaults {
udev_dir /dev
polling_interval 10
selector "round-robin 0"
path_grouping_policy multibus
getuid_callout "/sbin/scsi_id --whitelisted /dev/%n"
prio alua
path_checker readsector0
rr_min_io 100
max_fds 8192
rr_weight priorities
failback immediate
no_path_retry fail
user_friendly_names yes
}
#
# The wwid line in the following blacklist section is shown as an example
# of how to blacklist devices by wwid. The 2 devnode lines are the
# compiled in default blacklist. If you want to blacklist entire types
# of devices, such as all scsi devices, you should use a devnode line.
# However, if you want to blacklist specific devices, you should use
# a wwid line. Since there is no guarantee that a specific device will
# not change names on reboot (from /dev/sda to /dev/sdb for example)
# devnode lines are not recommended for blacklisting specific devices.
#
blacklist {
wwid 26353900f02796769
devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st)[0-9]*"
devnode "^hd[a-z]"
}
multipaths {
multipath {
wwid 3600508b4000156d700012000000b0000
alias yellow
path_grouping_policy multibus
path_checker readsector0
path_selector "round-robin 0"
failback manual
rr_weight priorities
no_path_retry 5
}
multipath {
wwid 1DEC_____321816758474
alias red
}
}
devices {
device {
vendor "COMPAQ "
product "HSV110 (C)COMPAQ"
path_grouping_policy multibus
getuid_callout "/sbin/scsi_id --whitelisted /dev/%n"
path_checker readsector0
path_selector "round-robin 0"
hardware_handler "0"
failback 15
rr_weight priorities
no_path_retry queue
}
device {
vendor "COMPAQ "
product "MSA1000 "
path_grouping_policy multibus
}
}

View File

@ -0,0 +1,39 @@
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian installation
## auto eth0
iface eth0 inet dhcp
pre-up /etc/init.d/ntp-server stop || true
up /etc/init.d/ntpdate restart || true
up /etc/init.d/ntp-server start || true
iface eth0-0 inet static
address 134.158.129.99
netmask 255.255.254.0
network 134.158.128.0
broadcast 134.158.129.255
gateway 134.158.128.1
iface eth0-2 inet static
address 192.168.1.160
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
iface eth0-3 inet static
address 192.168.1.7
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
iface adsl0 inet dhcp
pre-up /sbin/modprobe adiusbadsl
pre-up /usr/sbin/adictrl -i
pre-up /usr/sbin/adictrl -f
pre-up /usr/sbin/adictrl -d
pre-up /usr/sbin/adictrl -s

View File

@ -0,0 +1,117 @@
user nobody;
worker_processes 1;
error_log logs/error.log;
error_log logs/error.log notice;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name localhost;
charset koi8-r;
access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
location ~ \.php$ {
proxy_pass http://127.0.0.1;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
# another virtual host using mix of IP-, name-, and port-based configuration
server {
listen 8000;
listen somename:8080;
server_name somename alias another.alias;
location / {
root html;
index index.html index.htm;
}
}
# HTTPS server
#
server {
listen 443 ssl;
server_name localhost;
ssl_certificate cert.pem;
ssl_certificate_key cert.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
}

View File

@ -0,0 +1 @@
#

View File

@ -0,0 +1,126 @@
# /etc/nslcd.conf
# nslcd configuration file. See nslcd.conf(5)
# for details.
# Specifies the number of threads to start that can handle requests and perform LDAP queries.
threads 5
# The user and group nslcd should run as.
uid nslcd
gid nslcd
# This option controls the way logging is done.
log syslog info
# The location at which the LDAP server(s) should be reachable.
uri ldaps://XXX.XXX.XXX
# The search base that will be used for all queries.
base dc=XXX,dc=XXX
# The LDAP protocol version to use.
ldap_version 3
# The DN to bind with for normal lookups.
binddn cn=annonymous,dc=example,dc=net
bindpw secret
# The DN used for password modifications by root.
rootpwmoddn cn=admin,dc=example,dc=com
# The password used for password modifications by root.
rootpwmodpw XXXXXX
# SASL authentication options
sasl_mech OTP
sasl_realm realm
sasl_authcid authcid
sasl_authzid dn:cn=annonymous,dc=example,dc=net
sasl_secprops noanonymous,noplain,minssf=0,maxssf=2,maxbufsize=65535
sasl_canonicalize yes
# Kerberos authentication options
krb5_ccname ccname
# Search/mapping options
# Specifies the base distinguished name (DN) to use as search base.
base dc=people,dc=example,dc=com
base dc=morepeople,dc=example,dc=com
base alias dc=aliases,dc=example,dc=com
base alias dc=morealiases,dc=example,dc=com
base group dc=group,dc=example,dc=com
base group dc=moregroup,dc=example,dc=com
base passwd dc=users,dc=example,dc=com
# Specifies the search scope (subtree, onelevel, base or children).
scope sub
scope passwd sub
scope aliases sub
# Specifies the policy for dereferencing aliases.
deref never
# Specifies whether automatic referral chasing should be enabled.
referrals yes
# The FILTER is an LDAP search filter to use for a specific map.
filter passwd (objectClass=posixAccount)
# This option allows for custom attributes to be looked up instead of the default RFC 2307 attributes.
map passwd homeDirectory \"${homeDirectory:-/home/$uid}\"
map passwd loginShell \"${loginShell:-/bin/bash}\"
map shadow userPassword myPassword
# Timing/reconnect options
# Specifies the time limit (in seconds) to use when connecting to the directory server.
bind_timelimit 30
# Specifies the time limit (in seconds) to wait for a response from the LDAP server.
timelimit 5
# Specifies the period if inactivity (in seconds) after which the connection to the LDAP server will be closed.
idle_timelimit 10
# Specifies the number of seconds to sleep when connecting to all LDAP servers fails.
reconnect_sleeptime 10
# Specifies the time after which the LDAP server is considered to be permanently unavailable.
reconnect_retrytime 10
# SSL/TLS options
# Specifies whether to use SSL/TLS or not (the default is not to).
ssl start_tls
# Specifies what checks to perform on a server-supplied certificate.
tls_reqcert never
# Specifies the directory containing X.509 certificates for peer authentication.
tls_cacertdir /etc/ssl/ca
# Specifies the path to the X.509 certificate for peer authentication.
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
# Specifies the path to an entropy source.
tls_randfile /dev/random
# Specifies the ciphers to use for TLS.
tls_ciphers TLSv1
# Specifies the path to the file containing the local certificate for client TLS authentication.
tls_cert /etc/ssl/certs/cert.pem
# Specifies the path to the file containing the private key for client TLS authentication.
tls_key /etc/ssl/private/cert.pem
# Other options
pagesize 100
nss_initgroups_ignoreusers user1,user2,user3
nss_min_uid 1000
nss_nested_groups yes
nss_getgrent_skipmembers yes
nss_disable_enumeration yes
validnames /^[a-z0-9._@$()]([a-z0-9._@$() \\~-]*[a-z0-9._@$()~-])?$/i
ignorecase yes
pam_authc_ppolicy yes
pam_authz_search (&(objectClass=posixAccount)(uid=$username)(|(authorizedService=$service)(!(authorizedService=*))))
pam_password_prohibit_message "MESSAGE LONG AND WITH SPACES"
reconnect_invalidate nfsidmap,db2,db3
cache dn2uid 1s 2h

View File

@ -0,0 +1,50 @@
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
restrict -6 ::1
# Hosts on local network are less restricted.
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org
broadcast 192.168.1.255 key 42 # broadcast server
broadcastclient # broadcast client
broadcast 224.0.1.1 key 42 # multicast server
multicastclient 224.0.1.1 # multicast client
manycastserver 239.255.254.254 # manycast server
manycastclient 239.255.254.254 key 42 # manycast client
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available.
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file
# by creating a temporary in the same directory and then rename()'ing
# it to the file.
driftfile /var/lib/ntp/drift
# Key file containing the keys and key identifiers used when operating
# with symmetric key cryptography.
keys /etc/ntp/keys
# Specify the key identifiers which are trusted.
trustedkey 4 8 42
# Specify the key identifier to use with the ntpdc utility.
requestkey 8
# Specify the key identifier to use with the ntpq utility.
controlkey 8

View File

@ -0,0 +1,15 @@
#%PAM-1.0
auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
# pam_selinux.so close should be the first session rule
session required pam_selinux.so close
session optional pam_keyinit.so force revoke
session include system-auth
session required pam_loginuid.so
session optional pam_console.so
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session required pam_selinux.so open
session optional pam_ck_connector.so

View File

@ -0,0 +1,5 @@
#%PAM-1.0
auth include system-auth
account include system-auth
password include system-auth
session required pam_namespace.so unmnt_remnt no_unmount_on_close

View File

@ -0,0 +1,3 @@
#%PAM-1.0
auth include system-auth
account include system-auth

View File

@ -0,0 +1,19 @@
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:4294967294:499:Anonymous NFS User:/var/lib/nfs:/sbin/nologin

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,29 @@
[main]
# Where Puppet stores dynamic and growing data.
# The default value is '/var/puppet'.
vardir = /var/lib/puppet
# The Puppet log directory.
# The default value is '$vardir/log'.
logdir = /var/log/puppet
# Where Puppet PID files are kept.
# The default value is '$vardir/run'.
rundir = /var/run/puppet
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
ssldir = $vardir/ssl
[puppetd]
# The file in which puppetd stores a list of the classes
# associated with the retrieved configuratiion. Can be loaded in
# the separate ``puppet`` executable using the ``--loadclasses``
# option.
# The default value is '$confdir/classes.txt'.
classfile = $vardir/classes.txt
# Where puppetd caches the local configuration. An
# extension indicating the cache format is added automatically.
# The default value is '$confdir/localconfig'.
localconfig = $vardir/localconfig

View File

@ -0,0 +1,6 @@
; Created by cloud-init on instance boot automatically, do not edit.
;
search awsqualif.net aws.eu-west-1.censured_here
nameserver 192.168.0.1
nameserver 192.168.0.2
options timeout:2 rotate

View File

@ -0,0 +1,288 @@
# This is the main Samba configuration file. You should read the
# smb.conf(5) manual page in order to understand the options listed
# here. Samba has a huge number of configurable options (perhaps too
# many!) most of which are not shown in this example
#
# For a step to step guide on installing, configuring and using samba,
# read the Samba-HOWTO-Collection. This may be obtained from:
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
#
# Many working examples of smb.conf files can be found in the
# Samba-Guide which is generated daily and can be downloaded from:
# http://www.samba.org/samba/docs/Samba-Guide.pdf
#
# Any line which starts with a ; (semi-colon) or a # (hash)
# is a comment and is ignored. In this example we will use a #
# for commentry and a ; for parts of the config file that you
# may wish to enable
#
# NOTE: Whenever you modify this file you should run the command "testparm"
# to check that you have not made any basic syntactic errors.
#
#---------------
# SELINUX NOTES:
#
# If you want to use the useradd/groupadd family of binaries please run:
# setsebool -P samba_domain_controller on
#
# If you want to share home directories via samba please run:
# setsebool -P samba_enable_home_dirs on
#
# If you create a new directory you want to share you should mark it as
# "samba-share_t" so that selinux will let you write into it.
# Make sure not to do that on system directories as they may already have
# been marked with othe SELinux labels.
#
# Use ls -ldZ /path to see which context a directory has
#
# Set labels only on directories you created!
# To set a label use the following: chcon -t samba_share_t /path
#
# If you need to share a system created directory you can use one of the
# following (read-only/read-write):
# setsebool -P samba_export_all_ro on
# or
# setsebool -P samba_export_all_rw on
#
# If you want to run scripts (preexec/root prexec/print command/...) please
# put them into the /var/lib/samba/scripts directory so that smbd will be
# allowed to run them.
# Make sure you COPY them and not MOVE them so that the right SELinux context
# is applied, to check all is ok use restorecon -R -v /var/lib/samba/scripts
#
#--------------
#
#======================= Global Settings =====================================
[global]
# ----------------------- Netwrok Related Options -------------------------
#
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
#
# server string is the equivalent of the NT Description field
#
# netbios name can be used to specify a server name not tied to the hostname
#
# Interfaces lets you configure Samba to use multiple interfaces
# If you have multiple network interfaces then you can list the ones
# you want to listen on (never omit localhost)
#
# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can
# specify it as a per share option as well
#
workgroup = MYGROUP
server string = Samba Server Version %v
; netbios name = MYSERVER
; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
; hosts allow = 127. 192.168.12. 192.168.13.
# --------------------------- Logging Options -----------------------------
#
# Log File let you specify where to put logs and how to split them up.
#
# Max Log Size let you specify the max size log files should reach
# logs split per machine
log file = /var/log/samba/log.%m
# max 50KB per log file, then rotate
max log size = 50
# ----------------------- Standalone Server Options ------------------------
#
# Scurity can be set to user, share(deprecated) or server(deprecated)
#
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
security = user
passdb backend = tdbsam
# ----------------------- Domain Members Options ------------------------
#
# Security must be set to domain or ads
#
# Use the realm option only with security = ads
# Specifies the Active Directory realm the host is part of
#
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
#
# Use password server option only with security = server or if you can't
# use the DNS to locate Domain Controllers
# The argument list may include:
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
# or to auto-locate the domain controller/s
# password server = *
; security = domain
; passdb backend = tdbsam
; realm = MY_REALM
; password server = <NT-Server-Name>
# ----------------------- Domain Controller Options ------------------------
#
# Security must be set to user for domain controllers
#
# Backend to store user information in. New installations should
# use either tdbsam or ldapsam. smbpasswd is available for backwards
# compatibility. tdbsam requires no further configuration.
#
# Domain Master specifies Samba to be the Domain Master Browser. This
# allows Samba to collate browse lists between subnets. Don't use this
# if you already have a Windows NT domain controller doing this job
#
# Domain Logons let Samba be a domain logon server for Windows workstations.
#
# Logon Scrpit let yuou specify a script to be run at login time on the client
# You need to provide it in a share called NETLOGON
#
# Logon Path let you specify where user profiles are stored (UNC path)
#
# Various scripts can be used on a domain controller or stand-alone
# machine to add or delete corresponding unix accounts
#
; security = user
; passdb backend = tdbsam
; domain master = yes
; domain logons = yes
# the login script name depends on the machine name
; logon script = %m.bat
# the login script name depends on the unix user used
; logon script = %u.bat
; logon path = \\%L\Profiles\%u
# disables profiles support by specifying an empty path
; logon path =
; add user script = /usr/sbin/useradd "%u" -n -g users
; add group script = /usr/sbin/groupadd "%g"
; add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
; delete user script = /usr/sbin/userdel "%u"
; delete user from group script = /usr/sbin/userdel "%u" "%g"
; delete group script = /usr/sbin/groupdel "%g"
# ----------------------- Browser Control Options ----------------------------
#
# set local master to no if you don't want Samba to become a master
# browser on your network. Otherwise the normal election rules apply
#
# OS Level determines the precedence of this server in master browser
# elections. The default value should be reasonable
#
# Preferred Master causes Samba to force a local browser election on startup
# and gives it a slightly higher chance of winning the election
; local master = no
; os level = 33
; preferred master = yes
#----------------------------- Name Resolution -------------------------------
# Windows Internet Name Serving Support Section:
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
#
# - WINS Support: Tells the NMBD component of Samba to enable it's WINS Server
#
# - WINS Server: Tells the NMBD components of Samba to be a WINS Client
#
# - WINS Proxy: Tells Samba to answer name resolution queries on
# behalf of a non WINS capable client, for this to work there must be
# at least one WINS Server on the network. The default is NO.
#
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
# via DNS nslookups.
; wins support = yes
; wins server = w.x.y.z
; wins proxy = yes
; dns proxy = yes
# --------------------------- Printing Options -----------------------------
#
# Load Printers let you load automatically the list of printers rather
# than setting them up individually
#
# Cups Options let you pass the cups libs custom options, setting it to raw
# for example will let you use drivers on your Windows clients
#
# Printcap Name let you specify an alternative printcap file
#
# You can choose a non default printing system using the Printing option
load printers = yes
cups options = raw
; printcap name = /etc/printcap
#obtain list of printers automatically on SystemV
; printcap name = lpstat
; printing = cups
# --------------------------- Filesystem Options ---------------------------
#
# The following options can be uncommented if the filesystem supports
# Extended Attributes and they are enabled (usually by the mount option
# user_xattr). Thess options will let the admin store the DOS attributes
# in an EA and make samba not mess with the permission bits.
#
# Note: these options can also be set just per share, setting them in global
# makes them the default for all shares
; map archive = no
; map hidden = no
; map read only = no
; map system = no
; store dos attributes = yes
#============================ Share Definitions ==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
; valid users = %S
; valid users = MYDOMAIN\%S
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
# Un-comment the following and create the netlogon directory for Domain Logons
; [netlogon]
; comment = Network Logon Service
; path = /var/lib/samba/netlogon
; guest ok = yes
; writable = no
; share modes = no
# Un-comment the following to provide a specific roving profile share
# the default is to use the user's home directory
; [Profiles]
; path = /var/lib/samba/profiles
; browseable = no
; guest ok = yes
# A publicly accessible directory, but read only, except for people in
# the "staff" group
; [public]
; comment = Public Stuff
; path = /home/samba
; public = yes
; writable = yes
; printable = no
; write list = +staff

View File

@ -0,0 +1,58 @@
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#<domain> <type> <item> <value>
#
#Where:
#<domain> can be:
# - an user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
#<type> can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#
#<item> can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open files
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to
# - rtprio - max realtime priority
#
#<domain> <type> <item> <value>
#
#* soft core 0
#* hard rss 10000
#@student hard nproc 20
#@faculty soft nproc 20
#@faculty hard nproc 50
#ftp hard nproc 0
#@student - maxlogins 4
# End of file
## Automatically appended by jack-audio-connection-kit
@jackuser - rtprio 20
@jackuser - memlock 4194304
## Automatically appended by jack-audio-connection-kit
@pulse-rt - rtprio 20
@pulse-rt - nice -20

View File

@ -0,0 +1,60 @@
# Authors: Jason Tang <jtang@tresys.com>
#
# Copyright (C) 2004-2005 Tresys Technology, LLC
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# Specify how libsemanage will interact with a SELinux policy manager.
# The four options are:
#
# "source" - libsemanage manipulates a source SELinux policy
# "direct" - libsemanage will write directly to a module store.
# /foo/bar - Write by way of a policy management server, whose
# named socket is at /foo/bar. The path must begin
# with a '/'.
# foo.com:4242 - Establish a TCP connection to a remote policy
# management server at foo.com. If there is a colon
# then the remainder is interpreted as a port number;
# otherwise default to port 4242.
module-store = direct
# When generating the final linked and expanded policy, by default
# semanage will set the policy version to POLICYDB_VERSION_MAX, as
# given in <sepol/policydb.h>. Change this setting if a different
# version is necessary.
#policy-version = 19
# expand-check check neverallow rules when executing all semanage
# commands. There might be a penalty in execution time if this
# option is enabled.
expand-check=0
# usepasswd check tells semanage to scan all pass word records for home directories
# and setup the labeling correctly. If this is turned off, SELinux will label only /home
# and home directories of users with SELinux login mappings defined, see
# semanage login -l for the list of such users.
# If you want to use a different home directory, you will need to use semanage fcontext command.
# For example, if you had home dirs in /althome directory you would have to execute
# semanage fcontext -a -e /home /althome
usepasswd=False
bzip-small=true
bzip-blocksize=5
ignoredirs=/root;/bin;/boot;/dev;/etc;/lib;/lib64;/proc;/run;/sbin;/sys;/tmp;/usr;/var
optimize-policy=true
[sefcontext_compile]
path = /usr/sbin/sefcontext_compile
args = -r $@
[end]

View File

@ -0,0 +1,387 @@
# /etc/services:
# $Id: services,v 1.44 2008/04/07 21:30:33 pknirsch Exp $
#
#
# Truncated version of Fedora's /etc/services, the original is gigantic
#
# Network services, Internet style
#
# Note that it is presently the policy of IANA to assign a single well-known
# port number for both TCP and UDP; hence, most entries here have two entries
# even if the protocol doesn't support UDP operations.
# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports
# are included, only the more common ones.
#
# The latest IANA port assignments can be gotten from
# http://www.iana.org/assignments/port-numbers
# The Well Known Ports are those from 0 through 1023.
# The Registered Ports are those from 1024 through 49151
# The Dynamic and/or Private Ports are those from 49152 through 65535
#
# Each line describes one service, and is of the form:
#
# service-name port/protocol [aliases ...] [# comment]
tcpmux 1/tcp # TCP port service multiplexer
tcpmux 1/udp # TCP port service multiplexer
rje 5/tcp # Remote Job Entry
rje 5/udp # Remote Job Entry
echo 7/tcp
echo 7/udp
discard 9/tcp sink null
discard 9/udp sink null
systat 11/tcp users
systat 11/udp users
daytime 13/tcp
daytime 13/udp
qotd 17/tcp quote
qotd 17/udp quote
msp 18/tcp # message send protocol
msp 18/udp # message send protocol
chargen 19/tcp ttytst source
chargen 19/udp ttytst source
ftp-data 20/tcp
ftp-data 20/udp
# 21 is registered to ftp, but also used by fsp
ftp 21/tcp
ftp 21/udp fsp fspd
ssh 22/tcp # SSH Remote Login Protocol
ssh 22/udp # SSH Remote Login Protocol
telnet 23/tcp
telnet 23/udp
# 24 - private mail system
lmtp 24/tcp # LMTP Mail Delivery
lmtp 24/udp # LMTP Mail Delivery
smtp 25/tcp mail
smtp 25/udp mail
time 37/tcp timserver
time 37/udp timserver
rlp 39/tcp resource # resource location
rlp 39/udp resource # resource location
nameserver 42/tcp name # IEN 116
nameserver 42/udp name # IEN 116
nicname 43/tcp whois
nicname 43/udp whois
tacacs 49/tcp # Login Host Protocol (TACACS)
tacacs 49/udp # Login Host Protocol (TACACS)
re-mail-ck 50/tcp # Remote Mail Checking Protocol
re-mail-ck 50/udp # Remote Mail Checking Protocol
domain 53/tcp # name-domain server
domain 53/udp
whois++ 63/tcp
whois++ 63/udp
bootps 67/tcp # BOOTP server
bootps 67/udp
bootpc 68/tcp dhcpc # BOOTP client
bootpc 68/udp dhcpc
tftp 69/tcp
tftp 69/udp
gopher 70/tcp # Internet Gopher
gopher 70/udp
netrjs-1 71/tcp # Remote Job Service
netrjs-1 71/udp # Remote Job Service
netrjs-2 72/tcp # Remote Job Service
netrjs-2 72/udp # Remote Job Service
netrjs-3 73/tcp # Remote Job Service
netrjs-3 73/udp # Remote Job Service
netrjs-4 74/tcp # Remote Job Service
netrjs-4 74/udp # Remote Job Service
finger 79/tcp
finger 79/udp
http 80/tcp www www-http # WorldWideWeb HTTP
http 80/udp www www-http # HyperText Transfer Protocol
kerberos 88/tcp kerberos5 krb5 # Kerberos v5
kerberos 88/udp kerberos5 krb5 # Kerberos v5
supdup 95/tcp
supdup 95/udp
hostname 101/tcp hostnames # usually from sri-nic
hostname 101/udp hostnames # usually from sri-nic
iso-tsap 102/tcp tsap # part of ISODE.
csnet-ns 105/tcp cso # also used by CSO name server
csnet-ns 105/udp cso
# unfortunately the poppassd (Eudora) uses a port which has already
# been assigned to a different service. We list the poppassd as an
# alias here. This should work for programs asking for this service.
# (due to a bug in inetd the 3com-tsmux line is disabled)
#3com-tsmux 106/tcp poppassd
#3com-tsmux 106/udp poppassd
rtelnet 107/tcp # Remote Telnet
rtelnet 107/udp
pop2 109/tcp pop-2 postoffice # POP version 2
pop2 109/udp pop-2
pop3 110/tcp pop-3 # POP version 3
pop3 110/udp pop-3
sunrpc 111/tcp portmapper rpcbind # RPC 4.0 portmapper TCP
sunrpc 111/udp portmapper rpcbind # RPC 4.0 portmapper UDP
auth 113/tcp authentication tap ident
auth 113/udp authentication tap ident
sftp 115/tcp
sftp 115/udp
uucp-path 117/tcp
uucp-path 117/udp
nntp 119/tcp readnews untp # USENET News Transfer Protocol
nntp 119/udp readnews untp # USENET News Transfer Protocol
ntp 123/tcp
ntp 123/udp # Network Time Protocol
netbios-ns 137/tcp # NETBIOS Name Service
netbios-ns 137/udp
netbios-dgm 138/tcp # NETBIOS Datagram Service
netbios-dgm 138/udp
netbios-ssn 139/tcp # NETBIOS session service
netbios-ssn 139/udp
imap 143/tcp imap2 # Interim Mail Access Proto v2
imap 143/udp imap2
snmp 161/tcp # Simple Net Mgmt Proto
snmp 161/udp # Simple Net Mgmt Proto
snmptrap 162/tcp # SNMPTRAP
snmptrap 162/udp snmp-trap # Traps for SNMP
cmip-man 163/tcp # ISO mgmt over IP (CMOT)
cmip-man 163/udp
cmip-agent 164/tcp
cmip-agent 164/udp
mailq 174/tcp # MAILQ
mailq 174/udp # MAILQ
xdmcp 177/tcp # X Display Mgr. Control Proto
xdmcp 177/udp
nextstep 178/tcp NeXTStep NextStep # NeXTStep window
nextstep 178/udp NeXTStep NextStep # server
bgp 179/tcp # Border Gateway Proto.
bgp 179/udp
prospero 191/tcp # Cliff Neuman's Prospero
prospero 191/udp
irc 194/tcp # Internet Relay Chat
irc 194/udp
smux 199/tcp # SNMP Unix Multiplexer
smux 199/udp
at-rtmp 201/tcp # AppleTalk routing
at-rtmp 201/udp
at-nbp 202/tcp # AppleTalk name binding
at-nbp 202/udp
at-echo 204/tcp # AppleTalk echo
at-echo 204/udp
at-zis 206/tcp # AppleTalk zone information
at-zis 206/udp
qmtp 209/tcp # Quick Mail Transfer Protocol
qmtp 209/udp # Quick Mail Transfer Protocol
z39.50 210/tcp z3950 wais # NISO Z39.50 database
z39.50 210/udp z3950 wais
ipx 213/tcp # IPX
ipx 213/udp
imap3 220/tcp # Interactive Mail Access
imap3 220/udp # Protocol v3
link 245/tcp ttylink
link 245/udp ttylink
fatserv 347/tcp # Fatmen Server
fatserv 347/udp # Fatmen Server
rsvp_tunnel 363/tcp
rsvp_tunnel 363/udp
odmr 366/tcp # odmr required by fetchmail
odmr 366/udp # odmr required by fetchmail
rpc2portmap 369/tcp
rpc2portmap 369/udp # Coda portmapper
codaauth2 370/tcp
codaauth2 370/udp # Coda authentication server
ulistproc 372/tcp ulistserv # UNIX Listserv
ulistproc 372/udp ulistserv
ldap 389/tcp
ldap 389/udp
svrloc 427/tcp # Server Location Protocl
svrloc 427/udp # Server Location Protocl
mobileip-agent 434/tcp
mobileip-agent 434/udp
mobilip-mn 435/tcp
mobilip-mn 435/udp
https 443/tcp # MCom
https 443/udp # MCom
snpp 444/tcp # Simple Network Paging Protocol
snpp 444/udp # Simple Network Paging Protocol
microsoft-ds 445/tcp
microsoft-ds 445/udp
kpasswd 464/tcp kpwd # Kerberos "passwd"
kpasswd 464/udp kpwd # Kerberos "passwd"
photuris 468/tcp
photuris 468/udp
saft 487/tcp # Simple Asynchronous File Transfer
saft 487/udp # Simple Asynchronous File Transfer
gss-http 488/tcp
gss-http 488/udp
pim-rp-disc 496/tcp
pim-rp-disc 496/udp
isakmp 500/tcp
isakmp 500/udp
gdomap 538/tcp # GNUstep distributed objects
gdomap 538/udp # GNUstep distributed objects
iiop 535/tcp
iiop 535/udp
dhcpv6-client 546/tcp
dhcpv6-client 546/udp
dhcpv6-server 547/tcp
dhcpv6-server 547/udp
rtsp 554/tcp # Real Time Stream Control Protocol
rtsp 554/udp # Real Time Stream Control Protocol
nntps 563/tcp # NNTP over SSL
nntps 563/udp # NNTP over SSL
whoami 565/tcp
whoami 565/udp
submission 587/tcp msa # mail message submission
submission 587/udp msa # mail message submission
npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS
npmp-local 610/udp dqs313_qmaster # npmp-local / DQS
npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS
npmp-gui 611/udp dqs313_execd # npmp-gui / DQS
hmmp-ind 612/tcp dqs313_intercell # HMMP Indication / DQS
hmmp-ind 612/udp dqs313_intercell # HMMP Indication / DQS
ipp 631/tcp # Internet Printing Protocol
ipp 631/udp # Internet Printing Protocol
ldaps 636/tcp # LDAP over SSL
ldaps 636/udp # LDAP over SSL
acap 674/tcp
acap 674/udp
ha-cluster 694/tcp # Heartbeat HA-cluster
ha-cluster 694/udp # Heartbeat HA-cluster
kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
kerberos-adm 749/udp # kerberos administration
kerberos-iv 750/udp kerberos4 kerberos-sec kdc loadav
kerberos-iv 750/tcp kerberos4 kerberos-sec kdc rfile
webster 765/tcp # Network dictionary
webster 765/udp
phonebook 767/tcp # Network phonebook
phonebook 767/udp
rsync 873/tcp # rsync
rsync 873/udp # rsync
rquotad 875/tcp # rquota daemon
rquotad 875/udp # rquota daemon
telnets 992/tcp
telnets 992/udp
imaps 993/tcp # IMAP over SSL
imaps 993/udp # IMAP over SSL
ircs 994/tcp
ircs 994/udp
pop3s 995/tcp # POP-3 over SSL
pop3s 995/udp # POP-3 over SSL
#
# UNIX specific services
#
exec 512/tcp
biff 512/udp comsat
login 513/tcp
who 513/udp whod
shell 514/tcp cmd # no passwords used
syslog 514/udp
printer 515/tcp spooler # line printer spooler
printer 515/udp spooler # line printer spooler
talk 517/udp
ntalk 518/udp
utime 519/tcp unixtime
utime 519/udp unixtime
efs 520/tcp
router 520/udp route routed # RIP
ripng 521/tcp
ripng 521/udp
timed 525/tcp timeserver
timed 525/udp timeserver
tempo 526/tcp newdate
courier 530/tcp rpc
conference 531/tcp chat
netnews 532/tcp
netwall 533/udp # -for emergency broadcasts
uucp 540/tcp uucpd # uucp daemon
klogin 543/tcp # Kerberized `rlogin' (v5)
kshell 544/tcp krcmd # Kerberized `rsh' (v5)
afpovertcp 548/tcp # AFP over TCP
afpovertcp 548/udp # AFP over TCP
remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem
#
# From ``PORT NUMBERS'':
#
#>REGISTERED PORT NUMBERS
#>
#>The Registered Ports are listed by the IANA and on most systems can be
#>used by ordinary user processes or programs executed by ordinary
#>users.
#>
#>Ports are used in the TCP [RFC793] to name the ends of logical
#>connections which carry long term conversations. For the purpose of
#>providing services to unknown callers, a service contact port is
#>defined. This list specifies the port used by the server process as
#>its contact port.
#>
#>The IANA registers uses of these ports as a convienence to the
#>community.
#
socks 1080/tcp # socks proxy server
socks 1080/udp # socks proxy server
# Port 1236 is registered as `bvcontrol', but is also used by the
# Gracilis Packeten remote config server. The official name is listed as
# the primary name, with the unregistered name as an alias.
bvcontrol 1236/tcp rmtcfg # Daniel J. Walsh, Gracilis Packeten remote config server
bvcontrol 1236/udp # Daniel J. Walsh
h323hostcallsc 1300/tcp # H323 Host Call Secure
h323hostcallsc 1300/udp # H323 Host Call Secure
ms-sql-s 1433/tcp # Microsoft-SQL-Server
ms-sql-s 1433/udp # Microsoft-SQL-Server
ms-sql-m 1434/tcp # Microsoft-SQL-Monitor
ms-sql-m 1434/udp # Microsoft-SQL-Monitor
ica 1494/tcp # Citrix ICA Client
ica 1494/udp # Citrix ICA Client
wins 1512/tcp # Microsoft's Windows Internet Name Service
wins 1512/udp # Microsoft's Windows Internet Name Service
ingreslock 1524/tcp
ingreslock 1524/udp
prospero-np 1525/tcp orasrv # Prospero non-privileged/oracle
prospero-np 1525/udp orasrv
datametrics 1645/tcp old-radius sightline # datametrics / old radius entry
datametrics 1645/udp old-radius sightline # datametrics / old radius entry
sa-msg-port 1646/tcp old-radacct # sa-msg-port / old radacct entry
sa-msg-port 1646/udp old-radacct # sa-msg-port / old radacct entry
kermit 1649/tcp
kermit 1649/udp
l2tp 1701/tcp l2f
l2tp 1701/udp l2f
h323gatedisc 1718/tcp
h323gatedisc 1718/udp
h323gatestat 1719/tcp
h323gatestat 1719/udp
h323hostcall 1720/tcp
h323hostcall 1720/udp
tftp-mcast 1758/tcp
tftp-mcast 1758/udp
mtftp 1759/udp spss-lm
hello 1789/tcp
hello 1789/udp
radius 1812/tcp # Radius
radius 1812/udp # Radius
radius-acct 1813/tcp radacct # Radius Accounting
radius-acct 1813/udp radacct # Radius Accounting
mtp 1911/tcp #
mtp 1911/udp #
hsrp 1985/tcp # Cisco Hot Standby Router Protocol
hsrp 1985/udp # Cisco Hot Standby Router Protocol
licensedaemon 1986/tcp
licensedaemon 1986/udp
gdp-port 1997/tcp # Cisco Gateway Discovery Protocol
gdp-port 1997/udp # Cisco Gateway Discovery Protocol
sieve 2000/tcp cisco-sccp # Sieve Mail Filter Daemon
sieve 2000/udp cisco-sccp # Sieve Mail Filter Daemon
nfs 2049/tcp nfsd shilp
nfs 2049/udp nfsd shilp
zephyr-srv 2102/tcp # Zephyr server
zephyr-srv 2102/udp # Zephyr server
zephyr-clt 2103/tcp # Zephyr serv-hm connection
zephyr-clt 2103/udp # Zephyr serv-hm connection
zephyr-hm 2104/tcp # Zephyr hostmanager
zephyr-hm 2104/udp # Zephyr hostmanager
cvspserver 2401/tcp # CVS client/server operations
cvspserver 2401/udp # CVS client/server operations
venus 2430/tcp # codacon port
venus 2430/udp # Venus callback/wbc interface
venus-se 2431/tcp # tcp side effects
venus-se 2431/udp # udp sftp side effect
codasrv 2432/tcp # not used
codasrv 2432/udp # server port
codasrv-se 2433/tcp # tcp side effects
codasrv-se 2433/udp # udp sftp side effectQ

View File

@ -0,0 +1,19 @@
root:$5$rounds=1000$TMTRLLOM$h24vGZsHaf6aNdz3dsUuE4z/fy5at1Luuu.FBI6D6M:16200::999999:7:::
bin:x:16200::999999:7:::
daemon:x:16200::999999:7:::
adm:x:16200::999999:7:::
lp:x:16200::999999:7:::
sync:x:16200::999999:7:::
shutdown:x:16200::999999:7:::
halt:x:16200::999999:7:::
mail:x:16200::999999:7:::
uucp:x:16200::999999:7:::
operator:x:16200::999999:7:::
games:x:16200::999999:7:::
gopher:x:16200::999999:7:::
ftp:x:16200::999999:7:::
nobody:x:16200::999999:7:::
vcsa:x:16200::999999:7:::
rpc:x:16200::999999:7:::
rpcuser:x:16200::999999:7:::
nfsnobody:x:16200::999999:7:::

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,66 @@
# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# GSSAPIKeyExchange no
# GSSAPITrustDNS no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
#
# Uncomment this if you want to use .local domain
# Host *.local
# CheckHostIP no
Host *
GSSAPIAuthentication no
# If this option is set to yes then remote X11 clients will have full access
# to the original X11 display. As virtually no X11 client supports the untrusted
# mode correctly we set this to yes.
ForwardX11Trusted = yes
# Send locale-related environment variables
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
SendEnv XMODIFIERS

View File

@ -0,0 +1,131 @@
# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication yes
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no
UsePAM yes
# Accept locale-related environment variables
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
# no default banner path
#Banner /some/path
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-server
# Example of overriding settings on a per-user basis
Match User anoncvs
X11Forwarding no
AllowTcpForwarding no
ForceCommand cvs server
Match Group restricted
ForceCommand /usr/local/bin/restricted_group_command

View File

@ -0,0 +1,95 @@
## Sudoers allows particular users to run various commands as
## the root user, without needing the root password.
##
## Examples are provided at the bottom of the file for collections
## of related commands, which can then be delegated out to particular
## users or groups.
##
## This file must be edited with the 'visudo' command.
## Host Aliases
## Groups of machines. You may prefer to use hostnames (perhaps using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias FILESERVERS = fs1, fs2
# Host_Alias MAILSERVERS = smtp, smtp2
## User Aliases
## These aren't often necessary, as you can use regular groups
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
## rather than USERALIAS
# User_Alias ADMINS = jsmith, mikem
## Command Aliases
## These are groups of related commands...
## Networking
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
## Installation and management of software
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
## Services
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
## Updating the locate database
Cmnd_Alias LOCATE = /usr/bin/updatedb
## Storage
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
## Delegating permissions
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
## Processes
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
## Drivers
Cmnd_Alias DRIVERS = /sbin/modprobe
# Defaults specification
#
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
# You have to run "ssh -t hostname sudo <cmd>".
#
Defaults requiretty
Defaults env_reset
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS"
Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
## systems).
## Syntax:
##
## user MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root ALL=(ALL) ALL
## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
## Allows people in group wheel to run all commands
%wheel ALL=(ALL) ALL
## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
## Allows members of the users group to mount and unmount the
## cdrom as root
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
## Allows members of the users group to shutdown this system
# %users localhost=/sbin/shutdown -h now

View File

@ -0,0 +1,5 @@
# This file has been generated by the Anaconda Installer 21.48.22.134-1
[ProgressSpoke]
visited = 1

View File

@ -0,0 +1,9 @@
# specify additional command line arguments for atd
#
# -l Specifies a limiting load factor, over which batch jobs should not be run, instead of the compile-time
# choice of 0.8. For an SMP system with n CPUs, you will probably want to set this higher than n-1.
#
# -b Specify the minimum interval in seconds between the start of two batch jobs (60 default).
#example:
#OPTS="-l 4 -b 120"

View File

@ -0,0 +1,17 @@
USEWINBINDAUTH=no
USEHESIOD=no
USESYSNETAUTH=no
USEKERBEROS=no
FORCESMARTCARD=no
USESMBAUTH=no
USESMARTCARD=no
USELDAPAUTH=no
USELOCAUTHORIZE=no
USEWINBIND=no
USESHADOW=yes
USEDB=no
USEPASSWDQC=no
USEMD5=yes
USELDAP=no
USECRACKLIB=yes
USENIS=no

View File

@ -0,0 +1,91 @@
#
# Define default options for autofs.
#
# MASTER_MAP_NAME - default map name for the master map.
#
#MASTER_MAP_NAME="auto.master"
#
# TIMEOUT - set the default mount timeout (default 600).
#
TIMEOUT=3600
#
# NEGATIVE_TIMEOUT - set the default negative timeout for
# failed mount attempts (default 60).
#
#NEGATIVE_TIMEOUT=60
#
# BROWSE_MODE - maps are browsable by default.
#
BROWSE_MODE="yes"
#
# APPEND_OPTIONS - append to global options instead of replace.
#
#APPEND_OPTIONS="yes"
#
# LOGGING - set default log level "none", "verbose" or "debug"
#
#LOGGING="none"
#
# Define base dn for map dn lookup.
#
# Define server URIs
#
# LDAP_URI - space separated list of server uris of the form
# <proto>://<server>[/] where <proto> can be ldap
# or ldaps. The option can be given multiple times.
# Map entries that include a server name override
# this option.
#
#LDAP_URI=""
#
# LDAP__TIMEOUT - timeout value for the synchronous API calls
# (default is LDAP library default).
#
#LDAP_TIMEOUT=-1
#
# LDAP_NETWORK_TIMEOUT - set the network response timeout (default 8).
#
#LDAP_NETWORK_TIMEOUT=8
#
# SEARCH_BASE - base dn to use for searching for map search dn.
# Multiple entries can be given and they are checked
# in the order they occur here.
#
#SEARCH_BASE=""
#
# Define the LDAP schema to used for lookups
#
# If no schema is set autofs will check each of the schemas
# below in the order given to try and locate an appropriate
# basdn for lookups. If you want to minimize the number of
# queries to the server set the values here.
#
#MAP_OBJECT_CLASS="nisMap"
#ENTRY_OBJECT_CLASS="nisObject"
#MAP_ATTRIBUTE="nisMapName"
#ENTRY_ATTRIBUTE="cn"
#VALUE_ATTRIBUTE="nisMapEntry"
#
# Other common LDAP nameing
#
#MAP_OBJECT_CLASS="automountMap"
#ENTRY_OBJECT_CLASS="automount"
#MAP_ATTRIBUTE="ou"
#ENTRY_ATTRIBUTE="cn"
#VALUE_ATTRIBUTE="automountInformation"
#
#MAP_OBJECT_CLASS="automountMap"
#ENTRY_OBJECT_CLASS="automount"
#MAP_ATTRIBUTE="automountMapName"
#ENTRY_ATTRIBUTE="automountKey"
#VALUE_ATTRIBUTE="automountInformation"
#
# AUTH_CONF_FILE - set the default location for the SASL
# authentication configuration file.
#
#AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf"
#
# General global options
#
#OPTIONS=""
#

View File

@ -0,0 +1,5 @@
# The ZONE parameter is only evaluated by system-config-date.
# The timezone of the system is defined by the contents of /etc/localtime.
ZONE="America/Los Angeles"
UTC=true
ARC=false

View File

@ -0,0 +1,72 @@
# /etc/sysconfig/cpuspeed
#
# This configuration file controls the behavior of both the
# cpuspeed daemon and various cpufreq modules.
# For the vast majority of users, there shouldn't be any need to
# alter the contents of this file at all. By and large, frequency
# scaling should Just Work(tm) with the defaults.
### DRIVER ###
# Your CPUFreq driver module
# Note that many drivers are now built-in, rather than built as modules,
# so its usually best not to specify one. The most commonly-needed driver
# module these days is 'p4-clockmod', however, in most cases, it is not
# recommended for use. See: http://lkml.org/lkml/2006/2/25/84
# default value: empty (try to auto-detect/use built-in)
DRIVER=
### GOVERNOR ###
# Which scaling governor to use
# Details on scaling governors for your cpu(s) can be found in
# cpu-freq/governors.txt, part of the kernel-doc package
# NOTES:
# - The GOVERNOR parameter is only valid on centrino, powernow-k8 (amd64)
# and p4-clockmod platforms, other platforms that support frequency
# scaling always use the 'userspace' governor.
# - Using the 'userspace' governor will trigger the cpuspeed daemon to run,
# which provides said user-space frequency scaling.
# default value: empty (defaults to ondemand on centrino, powernow-k8,
# and p4-clockmod systems, userspace on others)
GOVERNOR=
### FREQUENCIES ###
# NOTE: valid max/min frequencies for your cpu(s) can be found in
# /sys/devices/system/cpu/cpu*/cpufreq/scaling_available_frequencies
# on systems that support frequency scaling (though only after the
# appropriate drivers have been loaded via the cpuspeed initscript).
# maximum speed to scale up to
# default value: empty (use cpu reported maximum)
MAX_SPEED=
# minimum speed to scale down to
# default value: empty (use cpu reported minimum)
MIN_SPEED=
### SCALING THRESHOLDS ###
# Busy percentage threshold over which to scale up to max frequency
# default value: empty (use governor default)
UP_THRESHOLD=
# Busy percentage threshold under which to scale frequency down
# default value: empty (use governor default)
DOWN_THRESHOLD=
### NICE PROCESS HANDLING ###
# Let background (nice) processes speed up the cpu
# default value: 0 (background process usage can speed up cpu)
# alternate value: 1 (background processes will be ignored)
IGNORE_NICE=0
#####################################################
########## HISTORICAL CPUSPEED CONFIG BITS ##########
#####################################################
VMAJOR=1
VMINOR=1
# Add your favorite options here
#OPTS="$OPTS -s 0 -i 10 -r"
# uncomment and modify this to check the state of the AC adapter
#OPTS="$OPTS -a /proc/acpi/ac_adapter/*/state"
# uncomment and modify this to check the system temperature
#OPTS="$OPTS -t /proc/acpi/thermal_zone/*/temperature 75"

View File

@ -0,0 +1,9 @@
# Settings for the CRON daemon.
# CRONDARGS= : any extra command-line startup arguments for crond
# CRON_VALIDATE_MAILRCPTS=1:a non-empty value of this variable will
# enable vixie-cron-4.1's validation of
# mail recipient names, which would then be
# restricted to contain only the chars
# from this tr(1) set : [@!:%-_.,:alnum:]
# otherwise mailing is not attempted.
CRONDARGS=

View File

@ -0,0 +1,6 @@
# Possible values are 1, 2, ... or nothing
# Delay is determined using the hostname and the variable (Delay) from this configuration file.
# Bigger value means shorter delay.
# This delay could be switched off, but then you can have problems with network overload
# (for example yum updates in cron.daily run on all your computers etc.)
DELAY=1

View File

@ -0,0 +1 @@
RUN_FIRSTBOOT=NO

View File

@ -0,0 +1,2 @@
boot=/dev/sda
forcelba=0

View File

@ -0,0 +1,128 @@
# $Id: hsqldb-1.73.0-standard.cfg,v 1.1 2004/12/23 22:21:08 fnasser Exp $
# Sample configuration file for HSQLDB database server.
# See the "UNIX Quick Start" chapter of the Hsqldb User Guide.
# N.b.!!!! You must place this in the right location for your type of UNIX.
# See the init script "hsqldb" to see where this must be placed and
# what it should be renamed to.
# This file is "sourced" by a Bourne shell, so use Bourne shell syntax.
# This file WILL NOT WORK until you set (at least) the non-commented
# variables to the appropriate values for your system.
# Life will be easier if you avoid all filepaths with spaces or any other
# funny characters. Don't ask for support if you ignore this advice.
# Thanks to Meikel Bisping for his contributions. -- Blaine
# JPackage hsqldb home is /var/lib/hsqldb
HSQLDB_HOME=/var/lib/hsqldb
# JPackage source Java config
. /etc/java/java.conf
JAVA_EXECUTABLE=${JAVA_HOME}/bin/java
# Unless you copied a hsqldb.jar file from another system, this typically
# resides at $HSQLDB_HOME/lib/hsqldb.jar, where $HSQLDB_HOME is your HSQLDB
# software base directory.
HSQLDB_JAR_PATH=${HSQLDB_HOME}/lib/hsqldb.jar
# Where the file "server.properties" (or "webserver.properties") resides.
SERVER_HOME=${HSQLDB_HOME}
# What UNIX user the Server/WebServer process will run as.
# (The shutdown client is always run as root or the invoker of the init script).
# Runs as root by default, but you should take the time to set database file
# ownerships to another user and set that user name here.
# You do need to run as root if your Server/WebServer will run on a privileged
# (< 1024) port.
# If you really do want to run as root, comment out the HSQLDB_OWNER setting
# completely. I.e., do not set it to root. This will run Server/Webserver
# without any "su" at all.
HSQLDB_OWNER=hsqldb
# We require all Server/WebServer instances to be accessible within
# $MAX_START_SECS from when the Server/WebServer is started.
# Defaults to 60.
# Raise this is you are running lots of DB instances or have a slow server.
#MAX_START_SECS=200
# Ditto for this one
#SU_ECHO_SECS=1
# Time to allow for JVM to die after all HSQLDB instances stopped.
# Defaults to 1.
#MAX_TERMINATE_SECS=0
# These are "urlid" values from a SqlTool authentication file
# ** IN ADDITION TO THOSE IN YOUR server.properties OR webserver.properties **
# file. All server.urlid.X values from your properties file will automatically
# be started/stopped/tested. $SHUTDOWN_URLIDS is for additional urlids which
# will stopped. (Therefore, most users will not set this at all).
# Separate multiple values with white space. NO OTHER SPECIAL CHARACTERS!
# Make sure to quote the entire value if it contains white space separator(s).
# Defaults to none (i.e., only urlids set in properties file will be stopped).
#SHUTDOWN_URLIDS='sa mygms'
# SqlTool authentication file used only for shutdown.
# The default value will be sqltool.rc in root's home directory, since it is
# root who runs the init script.
# (See the SqlTool chapter of the HSQLDB User Guide if you don't understand
# this).
AUTH_FILE=${HSQLDB_HOME}/sqltool.rc
# Set to 'WebServer' to start a HSQLDB WebServer instead of a Server.
# Defaults to 'Server'.
#TARGET_CLASS=WebServer
# Server-side classpath IN ADDITION TO the HSQLDB_JAR_PATH set above.
# The classpath here is *earlier* than HSQLDB_JAR_PATH, to allow you
# override classes in the HSQLDB_JAR_PATH jar file.
# In particular, you will want to add classpath elements to give access of
# all of your store procedures (store procedures are documented in the
# HSQLDB User Guide in the SQL Syntax chapter.
#
# N.B.!
# If you're adding files to the classpath in order to be able to call them
# from SQL queries, you will be unable to access them unless you adjust the
# value of the system property hsqldb.method_class_names. Please see the
# comments on SERVER_JVMARGS, at the end of this file.
# SERVER_ADDL_CLASSPATH=/home/blaine/storedprocs.jar:/usr/dev/dbutil/classes
# For TLS encryption for your Server, set these two variables.
# N.b.: If you set these, then make this file unreadable to non-root users!!!!
# See the TLS chapter of the HSQLDB User Guide, paying attention to the
# security warning(s).
# If you are running with a private server cert, then you will also need to
# set "truststore" in the your SqlTool config file (location is set by the
# AUTH_FILE variable in this file, or it must be at the default location for
# HSQLDB_OWNER).
#TLS_KEYSTORE=/path/to/jks/server.store
#TLS_PASSWORD=password
# Any JVM args for the invocation of the JDBC client used to verify DB
# instances and to shut them down (SqlToolSprayer).
# For multiple args, put quotes around entire value.
#CLIENT_JVMARGS=-Djavax.net.debug=ssl
# Any JVM args for the server.
# For multiple args, put quotes around entire value.
#
# N.B.!
# The default value of SERVER_JVMARGS sets the system property
# hsqldb.method_class_names to be empty. This is in order to lessen the
# security risk posed by HSQLDB allowing Java method calls in SQL statements.
# The implications of changing this value (as explained by the authors of
# HSQLDB) are as follows:
# If [it] is not set, then static methods of all available Java classes
# can be accessed as functions in HSQLDB. If the property is set, then
# only the list of semicolon separated method names becomes accessible.
# An empty property value means no class is accessible.
# Regardless of the value of hsqldb.method_class_names, methods in
# org.hsqldb.Library will be accessible.
# Before making changes to the value below, please be advised of the possible
# dangers involved in allowing SQL queries to contain Java method calls.
SERVER_JVMARGS=-Dhsqldb.method_class_names=\"\"

View File

@ -0,0 +1,22 @@
# Configuration file for the httpd service.
#
# The default processing model (MPM) is the process-based
# 'prefork' model. A thread-based model, 'worker', is also
# available, but does not work with some modules (such as PHP).
# The service must be stopped before changing this variable.
#
#HTTPD=/usr/sbin/httpd.worker
#
# To pass additional options (for instance, -D definitions) to the
# httpd binary at startup, set OPTIONS here.
#
#OPTIONS=
#
# By default, the httpd process is started in the C locale; to
# change the locale in which the server runs, the HTTPD_LANG
# variable can be set.
#
#HTTPD_LANG=C

View File

@ -0,0 +1 @@
9a1c565e-3b93-4e74-9611-2b71b9b84a05

View File

@ -0,0 +1,672 @@
-
class: OTHER
bus: PCI
detached: 0
desc: "Intel Corporation Mobile 945GM/PM/GMS, 943/940GML and 945GT Express Memory Controller Hub"
vendorId: 8086
deviceId: 27a0
subVendorId: 17aa
subDeviceId: 2017
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 0
pcifn: 0
-
class: OTHER
bus: PCI
detached: 0
driver: shpchp
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 1"
vendorId: 8086
deviceId: 27d0
subVendorId: 0000
subDeviceId: 0000
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1c
pcifn: 0
-
class: OTHER
bus: PCI
detached: 0
driver: shpchp
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 2"
vendorId: 8086
deviceId: 27d2
subVendorId: 0000
subDeviceId: 0000
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1c
pcifn: 1
-
class: OTHER
bus: PCI
detached: 0
driver: shpchp
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 3"
vendorId: 8086
deviceId: 27d4
subVendorId: 0000
subDeviceId: 0000
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1c
pcifn: 2
-
class: OTHER
bus: PCI
detached: 0
driver: shpchp
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 4"
vendorId: 8086
deviceId: 27d6
subVendorId: 0000
subDeviceId: 0000
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1c
pcifn: 3
-
class: OTHER
bus: PCI
detached: 0
desc: "Intel Corporation 82801 Mobile PCI Bridge"
vendorId: 8086
deviceId: 2448
subVendorId: 0000
subDeviceId: 0000
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1e
pcifn: 0
-
class: OTHER
bus: PCI
detached: 0
driver: intel-rng
desc: "Intel Corporation 82801GBM (ICH7-M) LPC Interface Bridge"
vendorId: 8086
deviceId: 27b9
subVendorId: 17aa
subDeviceId: 2009
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1f
pcifn: 0
-
class: OTHER
bus: PCI
detached: 0
driver: i2c-i801
desc: "Intel Corporation 82801G (ICH7 Family) SMBus Controller"
vendorId: 8086
deviceId: 27da
subVendorId: 17aa
subDeviceId: 200f
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1f
pcifn: 3
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "ATM1200"
deviceId: ATM1200
compat: PNP0c31
-
class: OTHER
bus: USB
detached: 0
driver: hci_usb
desc: "Broadcom Corp BCM2045B"
usbclass: 254
usbsubclass: 1
usbprotocol: 0
usbbus: 5
usblevel: 1
usbport: 0
usbdev: 2
vendorId: 0a5c
deviceId: 2110
usbmfr: Broadcom Corp
usbprod: BCM2045B
-
class: OTHER
bus: USB
detached: 0
driver: hci_usb
desc: "Broadcom Corp BCM2045B"
usbclass: 255
usbsubclass: 255
usbprotocol: 255
usbbus: 5
usblevel: 1
usbport: 0
usbdev: 2
vendorId: 0a5c
deviceId: 2110
usbmfr: Broadcom Corp
usbprod: BCM2045B
-
class: OTHER
bus: USB
detached: 0
driver: hci_usb
desc: "Broadcom Corp BCM2045B"
usbclass: 224
usbsubclass: 1
usbprotocol: 1
usbbus: 5
usblevel: 1
usbport: 0
usbdev: 2
vendorId: 0a5c
deviceId: 2110
usbmfr: Broadcom Corp
usbprod: BCM2045B
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "IBM0057"
deviceId: IBM0057
compat: PNP0f13
-
class: OTHER
bus: ISAPNP
detached: 0
driver: nsc-ircc
desc: "IBM0071"
deviceId: IBM0071
compat: PNP0511
-
class: OTHER
bus: PSAUX
detached: 0
desc: "Lid Switch"
-
class: OTHER
bus: USB
detached: 0
desc: "Linux 2.6.24.4-64.fc8 ehci_hcd EHCI Host Controller"
usbclass: 9
usbsubclass: 0
usbprotocol: 0
usbbus: 1
usblevel: 0
usbport: 0
usbdev: 1
vendorId: 0000
deviceId: 0000
usbmfr: Linux 2.6.24.4-64.fc8 ehci_hcd
usbprod: EHCI Host Controller
-
class: OTHER
bus: USB
detached: 0
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
usbclass: 9
usbsubclass: 0
usbprotocol: 0
usbbus: 5
usblevel: 0
usbport: 0
usbdev: 1
vendorId: 0000
deviceId: 0000
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
usbprod: UHCI Host Controller
-
class: OTHER
bus: USB
detached: 0
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
usbclass: 9
usbsubclass: 0
usbprotocol: 0
usbbus: 4
usblevel: 0
usbport: 0
usbdev: 1
vendorId: 0000
deviceId: 0000
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
usbprod: UHCI Host Controller
-
class: OTHER
bus: USB
detached: 0
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
usbclass: 9
usbsubclass: 0
usbprotocol: 0
usbbus: 3
usblevel: 0
usbport: 0
usbdev: 1
vendorId: 0000
deviceId: 0000
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
usbprod: UHCI Host Controller
-
class: OTHER
bus: USB
detached: 0
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
usbclass: 9
usbsubclass: 0
usbprotocol: 0
usbbus: 2
usblevel: 0
usbport: 0
usbdev: 1
vendorId: 0000
deviceId: 0000
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
usbprod: UHCI Host Controller
-
class: OTHER
bus: PSAUX
detached: 0
driver: pcspkr
desc: "PC Speaker"
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0103"
deviceId: PNP0103
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0200"
deviceId: PNP0200
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0303"
deviceId: PNP0303
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0800"
deviceId: PNP0800
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0a08"
deviceId: PNP0a08
compat: PNP0a03
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0b00"
deviceId: PNP0b00
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0c01"
deviceId: PNP0c01
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0c02"
deviceId: PNP0c02
-
class: OTHER
bus: ISAPNP
detached: 0
desc: "PNP0c04"
deviceId: PNP0c04
-
class: OTHER
bus: PSAUX
detached: 0
desc: "Power Button (FF)"
-
class: OTHER
bus: USB
detached: 0
desc: "STMicroelectronics Biometric Coprocessor"
usbclass: 255
usbsubclass: 0
usbprotocol: 0
usbbus: 5
usblevel: 1
usbport: 1
usbdev: 3
vendorId: 0483
deviceId: 2016
usbmfr: STMicroelectronics
usbprod: Biometric Coprocessor
-
class: OTHER
bus: PSAUX
detached: 0
desc: "Sleep Button (CM)"
-
class: OTHER
bus: PSAUX
detached: 0
desc: "TPPS/2 IBM TrackPoint"
-
class: OTHER
bus: USB
detached: 0
desc: "Unknown USB device 0x451:0x2046"
usbclass: 9
usbsubclass: 0
usbprotocol: 0
usbbus: 1
usblevel: 2
usbport: 0
usbdev: 5
vendorId: 0451
deviceId: 2046
-
class: OTHER
bus: PSAUX
detached: 0
desc: "Video Bus"
-
class: OTHER
bus: PSAUX
detached: 0
desc: "Video Bus"
-
class: NETWORK
bus: PCI
detached: 0
device: eth0
driver: e1000
desc: "Intel Corporation 82573L Gigabit Ethernet Controller"
network.hwaddr: 00:15:58:81:5b:0e
vendorId: 8086
deviceId: 109a
subVendorId: 17aa
subDeviceId: 2001
pciType: 1
pcidom: 0
pcibus: 2
pcidev: 0
pcifn: 0
-
class: NETWORK
bus: PCI
detached: 0
device: wlan0
driver: iwl3945
desc: "Intel Corporation PRO/Wireless 3945ABG Network Connection"
network.hwaddr: 00:19:d2:9f:88:96
vendorId: 8086
deviceId: 4227
subVendorId: 8086
subDeviceId: 1010
pciType: 1
pcidom: 0
pcibus: 3
pcidev: 0
pcifn: 0
-
class: MOUSE
bus: USB
detached: 0
device: input/mice
driver: genericwheelusb
desc: "ATEN 4 Port USB KVM B V1.80"
usbclass: 3
usbsubclass: 1
usbprotocol: 2
usbbus: 1
usblevel: 3
usbport: 0
usbdev: 6
vendorId: 0557
deviceId: 2205
usbmfr: ATEN
usbprod: 4 Port USB KVM B V1.80
-
class: MOUSE
bus: PSAUX
detached: 0
device: input/mice
driver: generic3ps/2
desc: "Macintosh mouse button emulation"
-
class: MOUSE
bus: PSAUX
detached: 0
device: input/mice
driver: synaptics
desc: "SynPS/2 Synaptics TouchPad"
-
class: MOUSE
bus: PSAUX
detached: 0
device: input/mice
driver: generic3ps/2
desc: "ThinkPad Extra Buttons"
-
class: AUDIO
bus: PCI
detached: 0
driver: snd-hda-intel
desc: "Intel Corporation 82801G (ICH7 Family) High Definition Audio Controller"
vendorId: 8086
deviceId: 27d8
subVendorId: 17aa
subDeviceId: 2010
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1b
pcifn: 0
-
class: CDROM
bus: SCSI
detached: 0
device: scd0
desc: "MATSHITA DVD-RAM UJ-842"
host: 4
id: 0
channel: 0
lun: 0
-
class: VIDEO
bus: PCI
detached: 0
driver: intelfb
desc: "Intel Corporation Mobile 945GM/GMS, 943/940GML Express Integrated Graphics Controller"
video.xdriver: intel
vendorId: 8086
deviceId: 27a2
subVendorId: 17aa
subDeviceId: 201a
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 2
pcifn: 0
-
class: VIDEO
bus: PCI
detached: 0
desc: "Intel Corporation Mobile 945GM/GMS/GME, 943/940GML Express Integrated Graphics Controller"
vendorId: 8086
deviceId: 27a6
subVendorId: 17aa
subDeviceId: 201a
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 2
pcifn: 1
-
class: HD
bus: SCSI
detached: 0
device: sda
desc: "ATA HTS721010G9SA00"
host: 0
id: 0
channel: 0
lun: 0
-
class: KEYBOARD
bus: PSAUX
detached: 0
desc: "AT Translated Set 2 keyboard"
-
class: KEYBOARD
bus: USB
detached: 0
driver: keybdev
desc: "ATEN 4 Port USB KVM B V1.80"
usbclass: 3
usbsubclass: 1
usbprotocol: 1
usbbus: 1
usblevel: 3
usbport: 0
usbdev: 6
vendorId: 0557
deviceId: 2205
usbmfr: ATEN
usbprod: 4 Port USB KVM B V1.80
-
class: USB
bus: PCI
detached: 0
driver: uhci-hcd
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #1"
vendorId: 8086
deviceId: 27c8
subVendorId: 17aa
subDeviceId: 200a
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1d
pcifn: 0
-
class: USB
bus: PCI
detached: 0
driver: uhci-hcd
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #2"
vendorId: 8086
deviceId: 27c9
subVendorId: 17aa
subDeviceId: 200a
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1d
pcifn: 1
-
class: USB
bus: PCI
detached: 0
driver: uhci-hcd
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #3"
vendorId: 8086
deviceId: 27ca
subVendorId: 17aa
subDeviceId: 200a
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1d
pcifn: 2
-
class: USB
bus: PCI
detached: 0
driver: uhci-hcd
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #4"
vendorId: 8086
deviceId: 27cb
subVendorId: 17aa
subDeviceId: 200a
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1d
pcifn: 3
-
class: USB
bus: PCI
detached: 0
driver: ehci-hcd
desc: "Intel Corporation 82801G (ICH7 Family) USB2 EHCI Controller"
vendorId: 8086
deviceId: 27cc
subVendorId: 17aa
subDeviceId: 200b
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1d
pcifn: 7
-
class: SOCKET
bus: PCI
detached: 0
driver: yenta_socket
desc: "Texas Instruments PCI1510 PC card Cardbus Controller"
vendorId: 104c
deviceId: ac56
subVendorId: 17aa
subDeviceId: 2012
pciType: 1
pcidom: 0
pcibus: 15
pcidev: 0
pcifn: 0
-
class: IDE
bus: PCI
detached: 0
driver: ata_piix
desc: "Intel Corporation 82801G (ICH7 Family) IDE Controller"
vendorId: 8086
deviceId: 27df
subVendorId: 17aa
subDeviceId: 200c
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1f
pcifn: 1
-
class: SATA
bus: PCI
detached: 0
driver: ahci
desc: "Intel Corporation 82801GBM/GHM (ICH7 Family) SATA AHCI Controller"
vendorId: 8086
deviceId: 27c5
subVendorId: 17aa
subDeviceId: 200d
pciType: 1
pcidom: 0
pcibus: 0
pcidev: 1f
pcifn: 2

View File

@ -0,0 +1,2 @@
LANG="en_US.UTF-8"
SYSFONT="latarcyrheb-sun16"

View File

@ -0,0 +1,25 @@
# color => new RH6.0 bootup
# verbose => old-style bootup
# anything else => new style bootup without ANSI colors or positioning
BOOTUP=color
# Turn on graphical boot
GRAPHICAL=yes
# column to start "[ OK ]" label in
RES_COL=60
# terminal sequence to move to that column. You could change this
# to something like "tput hpa ${RES_COL}" if your terminal supports it
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
# terminal sequence to set color to a 'success' color (currently: green)
SETCOLOR_SUCCESS="echo -en \\033[0;32m"
# terminal sequence to set color to a 'failure' color (currently: red)
SETCOLOR_FAILURE="echo -en \\033[0;31m"
# terminal sequence to set color to a 'warning' color (currently: yellow)
SETCOLOR_WARNING="echo -en \\033[0;33m"
# terminal sequence to reset to the default color.
SETCOLOR_NORMAL="echo -en \\033[0;39m"
# default kernel loglevel on boot (syslog will reset this)
LOGLEVEL=3
# Set to anything other than 'no' to allow hotkey interactive startup...
PROMPT=yes
# Set to 'yes' to allow probing for devices with swap signatures
AUTOSWAP=no

View File

@ -0,0 +1,48 @@
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A INPUT -p ah -j ACCEPT
-A INPUT -p esp -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 631 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 631 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2020 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 32769 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 32803 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5900 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5900 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5901 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 662 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 892 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 892 -j ACCEPT
-A INPUT --tcp-flags SYN,RST,ACK,FIN SYN -j ACCEPT
-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
COMMIT

View File

@ -0,0 +1,48 @@
# Load additional iptables modules (nat helpers)
# Default: -none-
# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which
# are loaded after the firewall rules are applied. Options for the helpers are
# stored in /etc/modprobe.conf.
IPTABLES_MODULES="ip_conntrack_netbios_ns"
# Unload modules on restart and stop
# Value: yes|no, default: yes
# This option has to be 'yes' to get to a sane state for a firewall
# restart or stop. Only set to 'no' if there are problems unloading netfilter
# modules.
IPTABLES_MODULES_UNLOAD="yes"
# Save current firewall rules on stop.
# Value: yes|no, default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped
# (e.g. on system shutdown).
IPTABLES_SAVE_ON_STOP="no"
# Save current firewall rules on restart.
# Value: yes|no, default: no
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
# restarted.
IPTABLES_SAVE_ON_RESTART="no"
# Save (and restore) rule and chain counter.
# Value: yes|no, default: no
# Save counters for rules and chains to /etc/sysconfig/iptables if
# 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or
# SAVE_ON_RESTART is enabled.
IPTABLES_SAVE_COUNTER="no"
# Numeric status output
# Value: yes|no, default: yes
# Print IP addresses and port numbers in numeric format in the status output.
IPTABLES_STATUS_NUMERIC="yes"
# Verbose status output
# Value: yes|no, default: yes
# Print info about the number of packets and bytes plus the "input-" and
# "outputdevice" in the status output.
IPTABLES_STATUS_VERBOSE="no"
# Status output with numbered lines
# Value: yes|no, default: yes
# Print a counter/number for every rule in the status output.
IPTABLES_STATUS_LINENUMBERS="yes"

View File

@ -0,0 +1,4 @@
IRDA=yes
DEVICE=/dev/ttyS2
#DONGLE=actisys+
DISCOVERY=yes

View File

@ -0,0 +1,18 @@
# irqbalance is a daemon process that distributes interrupts across
# CPUS on SMP systems. The default is to rebalance once every 10
# seconds. There is one configuration option:
#
# ONESHOT=yes
# after starting, wait for a minute, then look at the interrupt
# load and balance it once; after balancing exit and do not change
# it again.
ONESHOT=
#
# IRQ_AFFINITY_MASK
# 64 bit bitmask which allows you to indicate which cpu's should
# be skipped when reblancing irqs. Cpu numbers which have their
# corresponding bits set to zero in this mask will not have any
# irq's assigned to them on rebalance
#
#IRQ_AFFINITY_MASK=

View File

@ -0,0 +1,32 @@
# Kernel Version string for the -kdump kernel, such as 2.6.13-1544.FC5kdump
# If no version is specified, then the init script will try to find a
# kdump kernel with the same version number as the running kernel.
KDUMP_KERNELVER=""
# The kdump commandline is the command line that needs to be passed off to
# the kdump kernel. This will likely match the contents of the grub kernel
# line. For example:
# KDUMP_COMMANDLINE="ro root=LABEL=/"
# If a command line is not specified, the default will be taken from
# /proc/cmdline
KDUMP_COMMANDLINE=""
# This variable lets us append arguments to the current kdump commandline
# As taken from either KDUMP_COMMANDLINE above, or from /proc/cmdline
KDUMP_COMMANDLINE_APPEND="irqpoll maxcpus=1"
# Any additional kexec arguments required. In most situations, this should
# be left empty
#
# Example:
# KEXEC_ARGS="--elf32-core-headers"
KEXEC_ARGS=" --args-linux"
#Where to find the boot image
KDUMP_BOOTDIR="/boot"
#What is the image type used for kdump
KDUMP_IMG="vmlinuz"
#What is the images extension. Relocatable kernels don't have one
KDUMP_IMG_EXT=""

View File

@ -0,0 +1,6 @@
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel-xen

View File

@ -0,0 +1,2 @@
KEYBOARDTYPE="pc"
KEYTABLE="us"

View File

@ -0,0 +1,6 @@
# Set to anything other than 'no' to force a 'safe' probe on startup.
# 'safe' probe disables:
# - serial port probing
# - DDC monitor probing
# - PS/2 probing
SAFE=no

View File

@ -0,0 +1,9 @@
# Override the default config file
#LIBVIRTD_CONFIG=/etc/libvirt/libvirtd.conf
# Listen for TCP/IP connections
# NB. must setup TLS/SSL keys prior to using this
#LIBVIRTD_ARGS="--listen"
# Override Kerberos service keytab for SASL/GSSAPI
#KRB5_KTNAME=/etc/libvirt/krb5.tab

View File

@ -0,0 +1,2 @@
# Options to lircd
LIRCD_OPTIONS=

View File

@ -0,0 +1,2 @@
# /etc/sysconfig/sensors - Defines modules loaded by /etc/rc.d/init.d/lm_sensors
# Run sensors-detect to generate this config file

View File

@ -0,0 +1,10 @@
# Options to nasd
# See nasd(1) for more details
# -aa allow any client to connect
# -local allow local clients only
# -b detach and run in background
# -v enable verbose messages
# -d <num> enable debug messages at level <num>
# -pn partial networking enabled
# -nopn partial networking disabled [default]
NASD_OPTIONS="-b -local"

View File

@ -0,0 +1,20 @@
# This is the configuration file for the netconsole service. By starting
# this service you allow a remote syslog daemon to record console output
# from this system.
# The local port number that the netconsole module will use
# LOCALPORT=6666
# The ethernet device to send console messages out of (only set this if it
# can't be automatically determined)
# DEV=
# The IP address of the remote syslog server to send messages to
# SYSLOGADDR=
# The listening port of the remote syslog daemon
# SYSLOGPORT=514
# The MAC address of the remote syslog server (only set this if it can't
# be automatically determined)
# SYSLOGMACADDR=

Some files were not shown because too many files have changed in this diff Show More