refactor
This commit is contained in:
parent
46d6c99600
commit
8d015ab2df
|
@ -65,7 +65,7 @@ DerivedData
|
|||
Pods
|
||||
|
||||
*.xcodeproj
|
||||
|
||||
.idea
|
||||
/xproj.screenflow
|
||||
/xproj.mp4
|
||||
/xproj-narc.psd
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
cmake_minimum_required(VERSION 3.21)
|
||||
project(CAug VERSION 1.0.1 DESCRIPTION "CAug description")
|
||||
project(clAugeas VERSION 1.0.1 DESCRIPTION "clAugeas description")
|
||||
|
||||
include_directories(/opt/homebrew/opt/augeas/include/)
|
||||
link_directories(/opt/homebrew/opt/augeas/lib)
|
||||
|
@ -8,9 +8,12 @@ set(CMAKE_CXX_STANDARD 14)
|
|||
set(GCC_COVERAGE_COMPILE_FLAGS "-fdeclspec")
|
||||
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${GCC_COVERAGE_COMPILE_FLAGS}")
|
||||
|
||||
add_library(CAug SHARED include/AugSettings.cpp main.cpp main.h)
|
||||
add_library(clAugeas SHARED
|
||||
include/augSettings.cpp
|
||||
include/augSettings.h
|
||||
main.cpp main.h)
|
||||
|
||||
target_link_libraries(CAug augeas)
|
||||
target_link_libraries(clAugeas augeas)
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
# CodeLiturgy.Augeas
|
||||
# clAugeas
|
||||
|
||||
This project contains the performant part of the CodeLiturgy.Dashboard
|
||||
project. A library of functions for editing of relevant files to manage development environments.
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
struct AugSettings {
|
||||
const char *root;
|
||||
const char *loadPath;
|
||||
};
|
|
@ -0,0 +1 @@
|
|||
#include "augSettings.h"
|
|
@ -0,0 +1,4 @@
|
|||
struct augSettings {
|
||||
char *root;
|
||||
char *loadPath;
|
||||
};
|
60
main.cpp
60
main.cpp
|
@ -1,31 +1,14 @@
|
|||
#include "iostream"
|
||||
#include "augeas.h"
|
||||
#include "include/AugSettings.h"
|
||||
#include "map"
|
||||
#include "main.h"
|
||||
#include <sys/stat.h>
|
||||
|
||||
extern "C" {
|
||||
|
||||
RMDEF int32_t getFour() {
|
||||
|
||||
return 4;
|
||||
|
||||
inline bool path_exists (const std::string& name) {
|
||||
struct stat buffer;
|
||||
return (stat (name.c_str(), &buffer) == 0);
|
||||
}
|
||||
|
||||
// Testing interop
|
||||
RMDEF int32_t getThree() {
|
||||
|
||||
return 3333;
|
||||
|
||||
}
|
||||
|
||||
// Testing interop
|
||||
RMDEF void printStringExample(char* someString) {
|
||||
std::cout << someString << std::endl;
|
||||
}
|
||||
|
||||
|
||||
RMDEF void testSource(const AugSettings& settings) {
|
||||
CLAPI void testSource(const augSettings settings) {
|
||||
int r;
|
||||
struct augeas *aug;
|
||||
char *s;
|
||||
|
@ -40,7 +23,7 @@ RMDEF void testSource(const AugSettings& settings) {
|
|||
aug_close(aug);
|
||||
}
|
||||
// This prints the actual file
|
||||
RMDEF void printPreview(const AugSettings& settings, const std::string& matchPath, const std::string& filePath) {
|
||||
CLAPI void printPreview(const augSettings settings, const char* matchPath, const char* filePath) {
|
||||
struct augeas *aug;
|
||||
int r;
|
||||
char *s;
|
||||
|
@ -50,8 +33,8 @@ RMDEF void printPreview(const AugSettings& settings, const std::string& matchPat
|
|||
|
||||
aug = aug_init(settings.root, settings.loadPath, AUG_NO_STDINC | AUG_NO_LOAD);
|
||||
|
||||
r = aug_load_file(aug, filePath.c_str());
|
||||
r = aug_preview(aug, matchPath.c_str(), &s);
|
||||
r = aug_load_file(aug, filePath);
|
||||
r = aug_preview(aug, matchPath, &s);
|
||||
|
||||
std::cout << s << std::endl;
|
||||
|
||||
|
@ -61,10 +44,10 @@ RMDEF void printPreview(const AugSettings& settings, const std::string& matchPat
|
|||
}
|
||||
|
||||
|
||||
RMDEF void printAugTree(
|
||||
const AugSettings& settings,
|
||||
const std::string& matchPath,
|
||||
const std::string& filePath
|
||||
CLAPI void printAugTree(
|
||||
const augSettings settings,
|
||||
const char* matchPath,
|
||||
const char* filePath
|
||||
) {
|
||||
struct augeas *aug;
|
||||
int r;
|
||||
|
@ -72,23 +55,29 @@ RMDEF void printAugTree(
|
|||
|
||||
aug = aug_init(settings.root, settings.loadPath, AUG_NO_STDINC | AUG_NO_LOAD);
|
||||
|
||||
r = aug_load_file(aug, filePath.c_str());
|
||||
r = aug_print(aug, out,matchPath.c_str());
|
||||
if(!path_exists(std::string(settings.root))) {
|
||||
std::cout << "ERROR Path is invalid: " << settings.root << std::endl;
|
||||
}
|
||||
std::cout << settings.root<< std::endl;
|
||||
std::cout << settings.loadPath<< std::endl;
|
||||
|
||||
r = aug_load_file(aug, filePath);
|
||||
r = aug_print(aug, out,matchPath);
|
||||
|
||||
std::map <std::string, std::string> stdBindList;
|
||||
std::map <std::string , std::string>::iterator pos;
|
||||
std::map <std::string ,std::string>::iterator pos;
|
||||
|
||||
char line[256];
|
||||
rewind(out);
|
||||
while (fgets(line, 256, out) != nullptr) {
|
||||
// remove end of line
|
||||
line[strlen(line) - 1] = '\0';
|
||||
std::string str_matchPath = matchPath;
|
||||
std::string s = line;
|
||||
|
||||
// skip comments
|
||||
if (s.find("#comment") != std::string::npos)
|
||||
continue;
|
||||
s = s.substr(matchPath.length() - 1);
|
||||
s = s.substr(str_matchPath.length() - 1);
|
||||
// split by '=' sign
|
||||
size_t eqpos = s.find(" = ");
|
||||
if (eqpos == std::string::npos)
|
||||
|
@ -111,7 +100,6 @@ RMDEF void printAugTree(
|
|||
}
|
||||
|
||||
aug_close(aug);
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
|
28
main.h
28
main.h
|
@ -1,22 +1,24 @@
|
|||
#include <string>
|
||||
#include "iostream"
|
||||
#include "augeas.h"
|
||||
#include "map"
|
||||
#include <sys/stat.h>
|
||||
#include "include/augSettings.h"
|
||||
|
||||
#if defined(_WIN32)
|
||||
#define RMDEF __declspec(dllexport) extern "C" inline
|
||||
#define CLAPI __declspec(dllexport)
|
||||
#else
|
||||
#define RMDEF
|
||||
#define CLAPI
|
||||
#endif
|
||||
|
||||
extern "C" {
|
||||
RMDEF int getThree ();
|
||||
RMDEF int getFour ();
|
||||
|
||||
RMDEF void testSource (const AugSettings& settings);
|
||||
CLAPI void printPreview (augSettings settings,
|
||||
const char* matchPath,
|
||||
const char* filePath);
|
||||
|
||||
RMDEF void printPreview (const AugSettings& settings,
|
||||
const std::string& matchPath,
|
||||
const std::string& filePath);
|
||||
|
||||
RMDEF void printStringExample (char* someString);
|
||||
|
||||
RMDEF void printAugTree (const AugSettings& settings,
|
||||
const std::string& matchPath,
|
||||
const std::string& filePath);
|
||||
CLAPI void printAugTree (augSettings settings,
|
||||
const char* matchPath,
|
||||
const char* filePath);
|
||||
}
|
||||
|
|
|
@ -1,31 +0,0 @@
|
|||
# grub.conf generated by anaconda
|
||||
#
|
||||
# Note that you do not have to rerun grub after making changes to this file
|
||||
# NOTICE: You have a /boot partition. This means that
|
||||
# all kernel and initrd paths are relative to /boot/, eg.
|
||||
# root (hd0,0)
|
||||
# kernel /vmlinuz-version ro root=/dev/vg00/lv00
|
||||
# initrd /initrd-version.img
|
||||
#boot=/dev/sda
|
||||
default=0
|
||||
timeout=5
|
||||
splashimage=(hd0,0)/grub/splash.xpm.gz
|
||||
hiddenmenu
|
||||
title Fedora (2.6.24.4-64.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.4-64.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.4-64.fc8.img
|
||||
title Fedora (2.6.24.3-50.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.3-50.fc8.img
|
||||
title Fedora (2.6.21.7-3.fc8xen)
|
||||
root (hd0,0)
|
||||
kernel /xen.gz-2.6.21.7-3.fc8
|
||||
module /vmlinuz-2.6.21.7-3.fc8xen ro root=/dev/vg00/lv00
|
||||
module /initrd-2.6.21.7-3.fc8xen.img
|
||||
title Fedora (2.6.24.3-34.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.3-34.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.3-34.fc8.img
|
||||
savedefault
|
|
@ -1,31 +0,0 @@
|
|||
# grub.conf generated by anaconda
|
||||
#
|
||||
# Note that you do not have to rerun grub after making changes to this file
|
||||
# NOTICE: You have a /boot partition. This means that
|
||||
# all kernel and initrd paths are relative to /boot/, eg.
|
||||
# root (hd0,0)
|
||||
# kernel /vmlinuz-version ro root=/dev/vg00/lv00
|
||||
# initrd /initrd-version.img
|
||||
#boot=/dev/sda
|
||||
default=0
|
||||
timeout=5
|
||||
splashimage=(hd0,0)/grub/splash.xpm.gz
|
||||
hiddenmenu
|
||||
title Fedora (2.6.24.4-64.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.4-64.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.4-64.fc8.img
|
||||
title Fedora (2.6.24.3-50.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.3-50.fc8.img
|
||||
title Fedora (2.6.21.7-3.fc8xen)
|
||||
root (hd0,0)
|
||||
kernel /xen.gz-2.6.21.7-3.fc8
|
||||
module /vmlinuz-2.6.21.7-3.fc8xen ro root=/dev/vg00/lv00
|
||||
module /initrd-2.6.21.7-3.fc8xen.img
|
||||
title Fedora (2.6.24.3-34.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.3-34.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.3-34.fc8.img
|
||||
savedefault
|
|
@ -1,29 +0,0 @@
|
|||
#
|
||||
# Aliases in this file will NOT be expanded in the header from
|
||||
# Mail, but WILL be visible over networks or from /bin/mail.
|
||||
#
|
||||
# >>>>>>>>>> The program "newaliases" must be run after
|
||||
# >> NOTE >> this file is updated for any changes to
|
||||
# >>>>>>>>>> show through to sendmail.
|
||||
#
|
||||
|
||||
# Basic system aliases -- these MUST be present.
|
||||
mailer-daemon: postmaster
|
||||
postmaster: root
|
||||
|
||||
# General redirections for pseudo accounts.
|
||||
bin: root, adm
|
||||
daemon: root
|
||||
adm: root
|
||||
|
||||
# mailman aliases
|
||||
mailman: postmaster
|
||||
mailman-owner: mailman
|
||||
|
||||
# Person who should get root's mail
|
||||
mrepo: root
|
||||
root: realroot@example.com
|
||||
root+special: realroot+other@example.com
|
||||
|
||||
include: :include:/etc/morealiases
|
||||
command: |/usr/local/bin/procmail
|
|
@ -1,40 +0,0 @@
|
|||
APT
|
||||
{
|
||||
NeverAutoRemove
|
||||
{
|
||||
"^firmware-linux.*";
|
||||
"^linux-firmware$";
|
||||
};
|
||||
|
||||
VersionedKernelPackages
|
||||
{
|
||||
# linux kernels
|
||||
"linux-image";
|
||||
"linux-headers";
|
||||
"linux-image-extra";
|
||||
"linux-signed-image";
|
||||
# kfreebsd kernels
|
||||
"kfreebsd-image";
|
||||
"kfreebsd-headers";
|
||||
# hurd kernels
|
||||
"gnumach-image";
|
||||
# (out-of-tree) modules
|
||||
".*-modules";
|
||||
".*-kernel";
|
||||
"linux-backports-modules-.*";
|
||||
# tools
|
||||
"linux-tools";
|
||||
};
|
||||
|
||||
Never-MarkAuto-Sections
|
||||
{
|
||||
"metapackages";
|
||||
"restricted/metapackages";
|
||||
"universe/metapackages";
|
||||
"multiverse/metapackages";
|
||||
"oldlibs";
|
||||
"restricted/oldlibs";
|
||||
"universe/oldlibs";
|
||||
"multiverse/oldlibs";
|
||||
};
|
||||
};
|
|
@ -1,15 +0,0 @@
|
|||
// DO NOT EDIT! File autogenerated by /etc/kernel/postinst.d/apt-auto-removal
|
||||
APT::NeverAutoRemove
|
||||
{
|
||||
"^linux-image-3\.16\.0-4-amd64$";
|
||||
"^linux-headers-3\.16\.0-4-amd64$";
|
||||
"^linux-image-extra-3\.16\.0-4-amd64$";
|
||||
"^linux-signed-image-3\.16\.0-4-amd64$";
|
||||
"^kfreebsd-image-3\.16\.0-4-amd64$";
|
||||
"^kfreebsd-headers-3\.16\.0-4-amd64$";
|
||||
"^gnumach-image-3\.16\.0-4-amd64$";
|
||||
"^.*-modules-3\.16\.0-4-amd64$";
|
||||
"^.*-kernel-3\.16\.0-4-amd64$";
|
||||
"^linux-backports-modules-.*-3\.16\.0-4-amd64$";
|
||||
"^linux-tools-3\.16\.0-4-amd64$";
|
||||
};
|
|
@ -1,92 +0,0 @@
|
|||
// Unattended-Upgrade::Origins-Pattern controls which packages are
|
||||
// upgraded.
|
||||
//
|
||||
// Lines below have the format format is "keyword=value,...". A
|
||||
// package will be upgraded only if the values in its metadata match
|
||||
// all the supplied keywords in a line. (In other words, omitted
|
||||
// keywords are wild cards.) The keywords originate from the Release
|
||||
// file, but several aliases are accepted. The accepted keywords are:
|
||||
// a,archive,suite (eg, "stable")
|
||||
// c,component (eg, "main", "crontrib", "non-free")
|
||||
// l,label (eg, "Debian", "Debian-Security")
|
||||
// o,origin (eg, "Debian", "Unofficial Multimedia Packages")
|
||||
// n,codename (eg, "jessie", "jessie-updates")
|
||||
// site (eg, "http.debian.net")
|
||||
// The available values on the system are printed by the command
|
||||
// "apt-cache policy", and can be debugged by running
|
||||
// "unattended-upgrades -d" and looking at the log file.
|
||||
//
|
||||
// Within lines unattended-upgrades allows 2 macros whose values are
|
||||
// derived from /etc/debian_version:
|
||||
// ${distro_id} Installed origin.
|
||||
// ${distro_codename} Installed codename (eg, "jessie")
|
||||
Unattended-Upgrade::Origins-Pattern {
|
||||
// Codename based matching:
|
||||
// This will follow the migration of a release through different
|
||||
// archives (e.g. from testing to stable and later oldstable).
|
||||
// "o=Debian,n=jessie";
|
||||
// "o=Debian,n=jessie-updates";
|
||||
// "o=Debian,n=jessie-proposed-updates";
|
||||
// "o=Debian,n=jessie,l=Debian-Security";
|
||||
|
||||
// Archive or Suite based matching:
|
||||
// Note that this will silently match a different release after
|
||||
// migration to the specified archive (e.g. testing becomes the
|
||||
// new stable).
|
||||
// "o=Debian,a=stable";
|
||||
// "o=Debian,a=stable-updates";
|
||||
// "o=Debian,a=proposed-updates";
|
||||
"origin=Debian,codename=${distro_codename},label=Debian-Security";
|
||||
};
|
||||
|
||||
// List of packages to not update (regexp are supported)
|
||||
Unattended-Upgrade::Package-Blacklist {
|
||||
// "vim";
|
||||
// "libc6";
|
||||
// "libc6-dev";
|
||||
// "libc6-i686";
|
||||
};
|
||||
|
||||
// This option allows you to control if on a unclean dpkg exit
|
||||
// unattended-upgrades will automatically run
|
||||
// dpkg --force-confold --configure -a
|
||||
// The default is true, to ensure updates keep getting installed
|
||||
//Unattended-Upgrade::AutoFixInterruptedDpkg "false";
|
||||
|
||||
// Split the upgrade into the smallest possible chunks so that
|
||||
// they can be interrupted with SIGUSR1. This makes the upgrade
|
||||
// a bit slower but it has the benefit that shutdown while a upgrade
|
||||
// is running is possible (with a small delay)
|
||||
//Unattended-Upgrade::MinimalSteps "true";
|
||||
|
||||
// Install all unattended-upgrades when the machine is shuting down
|
||||
// instead of doing it in the background while the machine is running
|
||||
// This will (obviously) make shutdown slower
|
||||
//Unattended-Upgrade::InstallOnShutdown "true";
|
||||
|
||||
// Send email to this address for problems or packages upgrades
|
||||
// If empty or unset then no email is sent, make sure that you
|
||||
// have a working mail setup on your system. A package that provides
|
||||
// 'mailx' must be installed. E.g. "user@example.com"
|
||||
//Unattended-Upgrade::Mail "root";
|
||||
|
||||
// Set this value to "true" to get emails only on errors. Default
|
||||
// is to always send a mail if Unattended-Upgrade::Mail is set
|
||||
//Unattended-Upgrade::MailOnlyOnError "true";
|
||||
|
||||
// Do automatic removal of new unused dependencies after the upgrade
|
||||
// (equivalent to apt-get autoremove)
|
||||
//Unattended-Upgrade::Remove-Unused-Dependencies "false";
|
||||
|
||||
// Automatically reboot *WITHOUT CONFIRMATION* if
|
||||
// the file /var/run/reboot-required is found after the upgrade
|
||||
//Unattended-Upgrade::Automatic-Reboot "false";
|
||||
|
||||
// If automatic reboot is enabled and needed, reboot at the specific
|
||||
// time instead of immediately
|
||||
// Default: "now"
|
||||
//Unattended-Upgrade::Automatic-Reboot-Time "02:00";
|
||||
|
||||
// Use apt bandwidth limit feature, this example limits the download
|
||||
// speed to 70kb/sec
|
||||
//Acquire::http::Dl-Limit "70";
|
|
@ -1,3 +0,0 @@
|
|||
// Pre-configure all packages with debconf before they are installed.
|
||||
// If you don't like it, comment it out.
|
||||
DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt || true";};
|
|
@ -1,2 +0,0 @@
|
|||
//Written by cloud-init per 'apt_pipelining'
|
||||
Acquire::http::Pipeline-Depth "0";
|
|
@ -1,6 +0,0 @@
|
|||
#deb http://www.backports.org/debian/ sarge postfix
|
||||
# deb http://people.debian.org/~adconrad sarge subversion
|
||||
|
||||
deb ftp://mirror.bytemark.co.uk/debian/ etch main non-free contrib
|
||||
deb http://security.debian.org/ etch/updates main contrib non-free # security line
|
||||
deb-src http://mirror.bytemark.co.uk/debian etch main contrib non-free
|
|
@ -1,536 +0,0 @@
|
|||
##
|
||||
# Sample ceph ceph.conf file.
|
||||
##
|
||||
# This file defines cluster membership, the various locations
|
||||
# that Ceph stores data, and any other runtime options.
|
||||
|
||||
# If a 'host' is defined for a daemon, the init.d start/stop script will
|
||||
# verify that it matches the hostname (or else ignore it). If it is
|
||||
# not defined, it is assumed that the daemon is intended to start on
|
||||
# the current host (e.g., in a setup with a startup.conf on each
|
||||
# node).
|
||||
|
||||
## Metavariables
|
||||
# $cluster ; Expands to the Ceph Storage Cluster name. Useful
|
||||
# ; when running multiple Ceph Storage Clusters
|
||||
# ; on the same hardware.
|
||||
# ; Example: /etc/ceph/$cluster.keyring
|
||||
# ; (Default: ceph)
|
||||
#
|
||||
# $type ; Expands to one of mds, osd, or mon, depending on
|
||||
# ; the type of the instant daemon.
|
||||
# ; Example: /var/lib/ceph/$type
|
||||
#
|
||||
# $id ; Expands to the daemon identifier. For osd.0, this
|
||||
# ; would be 0; for mds.a, it would be a.
|
||||
# ; Example: /var/lib/ceph/$type/$cluster-$id
|
||||
#
|
||||
# $host ; Expands to the host name of the instant daemon.
|
||||
#
|
||||
# $name ; Expands to $type.$id.
|
||||
# ; Example: /var/run/ceph/$cluster-$name.asok
|
||||
|
||||
[global]
|
||||
### http://ceph.com/docs/master/rados/configuration/general-config-ref/
|
||||
|
||||
fsid = b4b2e571-fbbf-4ff3-a9f8-ab80f08b7fe6 # use `uuidgen` to generate your own UUID
|
||||
public network = 192.168.0.0/24
|
||||
cluster network = 192.168.0.0/24
|
||||
|
||||
# Each running Ceph daemon has a running process identifier (PID) file.
|
||||
# The PID file is generated upon start-up.
|
||||
# Type: String (optional)
|
||||
# (Default: N/A). The default path is /var/run/$cluster/$name.pid.
|
||||
pid file = /var/run/ceph/$name.pid
|
||||
|
||||
# If set, when the Ceph Storage Cluster starts, Ceph sets the max open fds
|
||||
# at the OS level (i.e., the max # of file descriptors).
|
||||
# It helps prevents Ceph OSD Daemons from running out of file descriptors.
|
||||
# Type: 64-bit Integer (optional)
|
||||
# (Default: 0)
|
||||
max open files = 131072
|
||||
|
||||
|
||||
### http://ceph.com/docs/master/rados/operations/authentication
|
||||
### http://ceph.com/docs/master/rados/configuration/auth-config-ref/
|
||||
|
||||
# If enabled, the Ceph Storage Cluster daemons (i.e., ceph-mon, ceph-osd,
|
||||
# and ceph-mds) must authenticate with each other.
|
||||
# Type: String (optional); Valid settings are "cephx" or "none".
|
||||
# (Default: cephx)
|
||||
auth cluster required = cephx
|
||||
|
||||
# If enabled, the Ceph Storage Cluster daemons require Ceph Clients to
|
||||
# authenticate with the Ceph Storage Cluster in order to access Ceph
|
||||
# services.
|
||||
# Type: String (optional); Valid settings are "cephx" or "none".
|
||||
# (Default: cephx)
|
||||
auth service required = cephx
|
||||
|
||||
# If enabled, the Ceph Client requires the Ceph Storage Cluster to
|
||||
# authenticate with the Ceph Client.
|
||||
# Type: String (optional); Valid settings are "cephx" or "none".
|
||||
# (Default: cephx)
|
||||
auth client required = cephx
|
||||
|
||||
# If set to true, Ceph requires signatures on all message traffic between
|
||||
# the Ceph Client and the Ceph Storage Cluster, and between daemons
|
||||
# comprising the Ceph Storage Cluster.
|
||||
# Type: Boolean (optional)
|
||||
# (Default: false)
|
||||
cephx require signatures = true
|
||||
|
||||
# kernel RBD client do not support authentication yet:
|
||||
cephx cluster require signatures = true
|
||||
cephx service require signatures = false
|
||||
|
||||
# The path to the keyring file.
|
||||
# Type: String (optional)
|
||||
# Default: /etc/ceph/$cluster.$name.keyring,/etc/ceph/$cluster.keyring,/etc/ceph/keyring,/etc/ceph/keyring.bin
|
||||
keyring = /etc/ceph/$cluster.$name.keyring
|
||||
|
||||
|
||||
### http://ceph.com/docs/master/rados/configuration/pool-pg-config-ref/
|
||||
|
||||
|
||||
## Replication level, number of data copies.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 3)
|
||||
osd pool default size = 3
|
||||
|
||||
## Replication level in degraded state, less than 'osd pool default size' value.
|
||||
# Sets the minimum number of written replicas for objects in the
|
||||
# pool in order to acknowledge a write operation to the client. If
|
||||
# minimum is not met, Ceph will not acknowledge the write to the
|
||||
# client. This setting ensures a minimum number of replicas when
|
||||
# operating in degraded mode.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 0), which means no particular minimum. If 0, minimum is size - (size / 2).
|
||||
osd pool default min size = 2
|
||||
|
||||
## Ensure you have a realistic number of placement groups. We recommend
|
||||
## approximately 100 per OSD. E.g., total number of OSDs multiplied by 100
|
||||
## divided by the number of replicas (i.e., osd pool default size). So for
|
||||
## 10 OSDs and osd pool default size = 3, we'd recommend approximately
|
||||
## (100 * 10) / 3 = 333
|
||||
|
||||
# Description: The default number of placement groups for a pool. The
|
||||
# default value is the same as pg_num with mkpool.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 8)
|
||||
osd pool default pg num = 128
|
||||
|
||||
# Description: The default number of placement groups for placement for a
|
||||
# pool. The default value is the same as pgp_num with mkpool.
|
||||
# PG and PGP should be equal (for now).
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 8)
|
||||
osd pool default pgp num = 128
|
||||
|
||||
# The default CRUSH ruleset to use when creating a pool
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 0)
|
||||
osd pool default crush rule = 0
|
||||
|
||||
# The bucket type to use for chooseleaf in a CRUSH rule.
|
||||
# Uses ordinal rank rather than name.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 1) Typically a host containing one or more Ceph OSD Daemons.
|
||||
osd crush chooseleaf type = 1
|
||||
|
||||
|
||||
### http://ceph.com/docs/master/rados/troubleshooting/log-and-debug/
|
||||
|
||||
# The location of the logging file for your cluster.
|
||||
# Type: String
|
||||
# Required: No
|
||||
# Default: /var/log/ceph/$cluster-$name.log
|
||||
log file = /var/log/ceph/$cluster-$name.log
|
||||
|
||||
# Determines if logging messages should appear in syslog.
|
||||
# Type: Boolean
|
||||
# Required: No
|
||||
# (Default: false)
|
||||
log to syslog = true
|
||||
|
||||
|
||||
### http://ceph.com/docs/master/rados/configuration/ms-ref/
|
||||
|
||||
# Enable if you want your daemons to bind to IPv6 address instead of
|
||||
# IPv4 ones. (Not required if you specify a daemon or cluster IP.)
|
||||
# Type: Boolean
|
||||
# (Default: false)
|
||||
ms bind ipv6 = true
|
||||
|
||||
##################
|
||||
## Monitors
|
||||
## You need at least one. You need at least three if you want to
|
||||
## tolerate any node failures. Always create an odd number.
|
||||
[mon]
|
||||
### http://ceph.com/docs/master/rados/configuration/mon-config-ref/
|
||||
### http://ceph.com/docs/master/rados/configuration/mon-osd-interaction/
|
||||
|
||||
# The IDs of initial monitors in a cluster during startup.
|
||||
# If specified, Ceph requires an odd number of monitors to form an
|
||||
# initial quorum (e.g., 3).
|
||||
# Type: String
|
||||
# (Default: None)
|
||||
mon initial members = mycephhost
|
||||
|
||||
mon host = cephhost01,cephhost02
|
||||
mon addr = 192.168.0.101,192.168.0.102
|
||||
|
||||
# The monitor's data location
|
||||
# Default: /var/lib/ceph/mon/$cluster-$id
|
||||
mon data = /var/lib/ceph/mon/$name
|
||||
|
||||
# The clock drift in seconds allowed between monitors.
|
||||
# Type: Float
|
||||
# (Default: .050)
|
||||
mon clock drift allowed = .15
|
||||
|
||||
# Exponential backoff for clock drift warnings
|
||||
# Type: Float
|
||||
# (Default: 5)
|
||||
mon clock drift warn backoff = 30 # Tell the monitor to backoff from this warning for 30 seconds
|
||||
|
||||
# The percentage of disk space used before an OSD is considered full.
|
||||
# Type: Float
|
||||
# (Default: .95)
|
||||
mon osd full ratio = .95
|
||||
|
||||
# The percentage of disk space used before an OSD is considered nearfull.
|
||||
# Type: Float
|
||||
# (Default: .85)
|
||||
mon osd nearfull ratio = .85
|
||||
|
||||
# The number of seconds Ceph waits before marking a Ceph OSD
|
||||
# Daemon "down" and "out" if it doesn't respond.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 300)
|
||||
mon osd down out interval = 300
|
||||
|
||||
# The grace period in seconds before declaring unresponsive Ceph OSD
|
||||
# Daemons "down".
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 900)
|
||||
mon osd report timeout = 300
|
||||
|
||||
### http://ceph.com/docs/master/rados/troubleshooting/log-and-debug/
|
||||
|
||||
# logging, for debugging monitor crashes, in order of
|
||||
# their likelihood of being helpful :)
|
||||
debug ms = 1
|
||||
debug mon = 20
|
||||
debug paxos = 20
|
||||
debug auth = 20
|
||||
|
||||
|
||||
[mon.alpha]
|
||||
host = alpha
|
||||
mon addr = 192.168.0.10:6789
|
||||
|
||||
[mon.beta]
|
||||
host = beta
|
||||
mon addr = 192.168.0.11:6789
|
||||
|
||||
[mon.gamma]
|
||||
host = gamma
|
||||
mon addr = 192.168.0.12:6789
|
||||
|
||||
|
||||
##################
|
||||
## Metadata servers
|
||||
# You must deploy at least one metadata server to use CephFS. There is
|
||||
# experimental support for running multiple metadata servers. Do not run
|
||||
# multiple metadata servers in production.
|
||||
[mds]
|
||||
### http://ceph.com/docs/master/cephfs/mds-config-ref/
|
||||
|
||||
# where the mds keeps it's secret encryption keys
|
||||
keyring = /var/lib/ceph/mds/$name/keyring
|
||||
|
||||
# Determines whether a 'ceph-mds' daemon should poll and
|
||||
# replay the log of an active MDS (hot standby).
|
||||
# Type: Boolean
|
||||
# (Default: false)
|
||||
mds standby replay = true
|
||||
|
||||
# mds logging to debug issues.
|
||||
debug ms = 1
|
||||
debug mds = 20
|
||||
debug journaler = 20
|
||||
|
||||
# The number of inodes to cache.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 100000)
|
||||
mds cache size = 250000
|
||||
|
||||
[mds.alpha]
|
||||
host = alpha
|
||||
|
||||
[mds.beta]
|
||||
host = beta
|
||||
|
||||
##################
|
||||
## osd
|
||||
# You need at least one. Two or more if you want data to be replicated.
|
||||
# Define as many as you like.
|
||||
[osd]
|
||||
### http://ceph.com/docs/master/rados/configuration/osd-config-ref/
|
||||
|
||||
# The path to the OSDs data.
|
||||
# You must create the directory when deploying Ceph.
|
||||
# You should mount a drive for OSD data at this mount point.
|
||||
# We do not recommend changing the default.
|
||||
# Type: String
|
||||
# Default: /var/lib/ceph/osd/$cluster-$id
|
||||
osd data = /var/lib/ceph/osd/$name
|
||||
|
||||
## You can change the number of recovery operations to speed up recovery
|
||||
## or slow it down if your machines can't handle it
|
||||
|
||||
# The number of active recovery requests per OSD at one time.
|
||||
# More requests will accelerate recovery, but the requests
|
||||
# places an increased load on the cluster.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 5)
|
||||
osd recovery max active = 3
|
||||
|
||||
# The maximum number of backfills allowed to or from a single OSD.
|
||||
# Type: 64-bit Integer
|
||||
# (Default: 10)
|
||||
osd max backfills = 5
|
||||
|
||||
# The maximum number of simultaneous scrub operations for a Ceph OSD Daemon.
|
||||
# Type: 32-bit Int
|
||||
# (Default: 1)
|
||||
osd max scrubs = 2
|
||||
|
||||
# You may add settings for ceph-deploy so that it will create and mount
|
||||
# the correct type of file system. Remove the comment `#` character for
|
||||
# the following settings and replace the values in parenthesis
|
||||
# with appropriate values, or leave the following settings commented
|
||||
# out to accept the default values.
|
||||
|
||||
#osd mkfs type = {fs-type}
|
||||
#osd mkfs options {fs-type} = {mkfs options} # default for xfs is "-f"
|
||||
#osd mount options {fs-type} = {mount options} # default mount option is "rw, noatime"
|
||||
osd mkfs type = btrfs
|
||||
osd mount options btrfs = noatime,nodiratime
|
||||
|
||||
## Ideally, make this a separate disk or partition. A few
|
||||
## hundred MB should be enough; more if you have fast or many
|
||||
## disks. You can use a file under the osd data dir if need be
|
||||
## (e.g. /data/$name/journal), but it will be slower than a
|
||||
## separate disk or partition.
|
||||
# The path to the OSD's journal. This may be a path to a file or a block
|
||||
# device (such as a partition of an SSD). If it is a file, you must
|
||||
# create the directory to contain it.
|
||||
# We recommend using a drive separate from the osd data drive.
|
||||
# Type: String
|
||||
# Default: /var/lib/ceph/osd/$cluster-$id/journal
|
||||
osd journal = /var/lib/ceph/osd/$name/journal
|
||||
|
||||
# Check log files for corruption. Can be computationally expensive.
|
||||
# Type: Boolean
|
||||
# (Default: false)
|
||||
osd check for log corruption = true
|
||||
|
||||
### http://ceph.com/docs/master/rados/configuration/journal-ref/
|
||||
|
||||
# The size of the journal in megabytes. If this is 0,
|
||||
# and the journal is a block device, the entire block device is used.
|
||||
# Since v0.54, this is ignored if the journal is a block device,
|
||||
# and the entire block device is used.
|
||||
# Type: 32-bit Integer
|
||||
# (Default: 5120)
|
||||
# Recommended: Begin with 1GB. Should be at least twice the product
|
||||
# of the expected speed multiplied by "filestore max sync interval".
|
||||
osd journal size = 2048 ; journal size, in megabytes
|
||||
|
||||
## If you want to run the journal on a tmpfs, disable DirectIO
|
||||
# Enables direct i/o to the journal.
|
||||
# Requires "journal block align" set to "true".
|
||||
# Type: Boolean
|
||||
# Required: Yes when using aio.
|
||||
# (Default: true)
|
||||
journal dio = false
|
||||
|
||||
# osd logging to debug osd issues, in order of likelihood of being helpful
|
||||
debug ms = 1
|
||||
debug osd = 20
|
||||
debug filestore = 20
|
||||
debug journal = 20
|
||||
|
||||
### http://ceph.com/docs/master/rados/configuration/filestore-config-ref/
|
||||
|
||||
# The maximum interval in seconds for synchronizing the filestore.
|
||||
# Type: Double (optional)
|
||||
# (Default: 5)
|
||||
filestore max sync interval = 5
|
||||
|
||||
# Enable snapshots for a btrfs filestore.
|
||||
# Type: Boolean
|
||||
# Required: No. Only used for btrfs.
|
||||
# (Default: true)
|
||||
filestore btrfs snap = false
|
||||
|
||||
# Enables the filestore flusher.
|
||||
# Type: Boolean
|
||||
# Required: No
|
||||
# (Default: false)
|
||||
filestore flusher = true
|
||||
|
||||
# Defines the maximum number of in progress operations the file store
|
||||
# accepts before blocking on queuing new operations.
|
||||
# Type: Integer
|
||||
# Required: No. Minimal impact on performance.
|
||||
# (Default: 500)
|
||||
filestore queue max ops = 500
|
||||
|
||||
## Filestore and OSD settings can be tweak to achieve better performance
|
||||
|
||||
### http://ceph.com/docs/master/rados/configuration/filestore-config-ref/#misc
|
||||
|
||||
# Min number of files in a subdir before merging into parent NOTE: A negative value means to disable subdir merging
|
||||
# Type: Integer
|
||||
# Required: No
|
||||
# Default: 10
|
||||
filestore merge threshold = 10
|
||||
|
||||
# filestore_split_multiple * abs(filestore_merge_threshold) * 16 is the maximum number of files in a subdirectory before splitting into child directories.
|
||||
# Type: Integer
|
||||
# Required: No
|
||||
# Default: 2
|
||||
filestore split multiple = 2
|
||||
|
||||
# The number of filesystem operation threads that execute in parallel.
|
||||
# Type: Integer
|
||||
# Required: No
|
||||
# Default: 2
|
||||
filestore op threads = 4
|
||||
|
||||
# The number of threads to service Ceph OSD Daemon operations. Set to 0 to disable it. Increasing the number may increase the request processing rate.
|
||||
# Type: 32-bit Integer
|
||||
# Default: 2
|
||||
osd op threads = 2
|
||||
|
||||
## CRUSH
|
||||
|
||||
# By default OSDs update their details (location, weight and root) on the CRUSH map during startup
|
||||
# Type: Boolean
|
||||
# Required: No;
|
||||
# (Default: true)
|
||||
osd crush update on start = false
|
||||
|
||||
[osd.0]
|
||||
host = delta
|
||||
|
||||
[osd.1]
|
||||
host = epsilon
|
||||
|
||||
[osd.2]
|
||||
host = zeta
|
||||
|
||||
[osd.3]
|
||||
host = eta
|
||||
|
||||
|
||||
##################
|
||||
## client settings
|
||||
[client]
|
||||
|
||||
### http://ceph.com/docs/master/rbd/rbd-config-ref/
|
||||
|
||||
# Enable caching for RADOS Block Device (RBD).
|
||||
# Type: Boolean
|
||||
# Required: No
|
||||
# (Default: true)
|
||||
rbd cache = true
|
||||
|
||||
# The RBD cache size in bytes.
|
||||
# Type: 64-bit Integer
|
||||
# Required: No
|
||||
# (Default: 32 MiB)
|
||||
;rbd cache size = 33554432
|
||||
|
||||
# The dirty limit in bytes at which the cache triggers write-back.
|
||||
# If 0, uses write-through caching.
|
||||
# Type: 64-bit Integer
|
||||
# Required: No
|
||||
# Constraint: Must be less than rbd cache size.
|
||||
# (Default: 24 MiB)
|
||||
rbd cache max dirty = 25165824
|
||||
|
||||
# The dirty target before the cache begins writing data to the data storage.
|
||||
# Does not block writes to the cache.
|
||||
# Type: 64-bit Integer
|
||||
# Required: No
|
||||
# Constraint: Must be less than rbd cache max dirty.
|
||||
# (Default: 16 MiB)
|
||||
rbd cache target dirty = 16777216
|
||||
|
||||
# The number of seconds dirty data is in the cache before writeback starts.
|
||||
# Type: Float
|
||||
# Required: No
|
||||
# (Default: 1.0)
|
||||
rbd cache max dirty age = 1.0
|
||||
|
||||
# Start out in write-through mode, and switch to write-back after the
|
||||
# first flush request is received. Enabling this is a conservative but
|
||||
# safe setting in case VMs running on rbd are too old to send flushes,
|
||||
# like the virtio driver in Linux before 2.6.32.
|
||||
# Type: Boolean
|
||||
# Required: No
|
||||
# (Default: true)
|
||||
rbd cache writethrough until flush = true
|
||||
|
||||
# The Ceph admin socket allows you to query a daemon via a socket interface
|
||||
# From a client perspective this can be a virtual machine using librbd
|
||||
# Type: String
|
||||
# Required: No
|
||||
admin socket = /var/run/ceph/$cluster-$type.$id.$pid.$cctid.asok
|
||||
|
||||
|
||||
##################
|
||||
## radosgw client settings
|
||||
[client.radosgw.gateway]
|
||||
|
||||
### http://ceph.com/docs/master/radosgw/config-ref/
|
||||
|
||||
# Sets the location of the data files for Ceph Object Gateway.
|
||||
# You must create the directory when deploying Ceph.
|
||||
# We do not recommend changing the default.
|
||||
# Type: String
|
||||
# Default: /var/lib/ceph/radosgw/$cluster-$id
|
||||
rgw data = /var/lib/ceph/radosgw/$name
|
||||
|
||||
# Client's hostname
|
||||
host = ceph-radosgw
|
||||
|
||||
# where the radosgw keeps it's secret encryption keys
|
||||
keyring = /etc/ceph/ceph.client.radosgw.keyring
|
||||
|
||||
# FastCgiExternalServer uses this socket.
|
||||
# If you do not specify a socket path, Ceph Object Gateway will not run as an external server.
|
||||
# The path you specify here must be the same as the path specified in the rgw.conf file.
|
||||
# Type: String
|
||||
# Default: None
|
||||
rgw socket path = /var/run/ceph/ceph.radosgw.gateway.fastcgi.sock
|
||||
|
||||
# The location of the logging file for your radosgw.
|
||||
# Type: String
|
||||
# Required: No
|
||||
# Default: /var/log/ceph/$cluster-$name.log
|
||||
log file = /var/log/ceph/client.radosgw.gateway.log
|
||||
|
||||
# Enable 100-continue if it is operational.
|
||||
# Type: Boolean
|
||||
# Default: true
|
||||
rgw print continue = false
|
||||
|
||||
# The DNS name of the served domain.
|
||||
# Type: String
|
||||
# Default: None
|
||||
rgw dns name = radosgw.ceph.internal
|
|
@ -1,3 +0,0 @@
|
|||
MAILTO=cron@example.com
|
||||
42 * * * * lutter /usr/local/bin/backup
|
||||
54 16 * * * lutter /usr/sbin/stuff
|
|
@ -1,6 +0,0 @@
|
|||
# This somewhat nonsensical file used to segfault in test-api.c
|
||||
if [ 1 ]; then
|
||||
# K
|
||||
else
|
||||
# I
|
||||
fi
|
|
@ -1,46 +0,0 @@
|
|||
# Example dput.cf that defines the host that can be used
|
||||
# with dput for uploading.
|
||||
|
||||
[DEFAULT]
|
||||
login = username
|
||||
method = ftp
|
||||
hash = md5
|
||||
allow_unsigned_uploads = 0
|
||||
run_lintian = 0
|
||||
run_dinstall = 0
|
||||
check_version = 0
|
||||
scp_compress = 0
|
||||
post_upload_command =
|
||||
pre_upload_command =
|
||||
passive_ftp = 1
|
||||
default_host_non-us =
|
||||
default_host_main = hebex
|
||||
|
||||
[hebex]
|
||||
fqdn = condor.infra.s1.p.fti.net
|
||||
login = anonymous
|
||||
method = ftp
|
||||
incoming = /incoming/hebex
|
||||
passive_ftp = 0
|
||||
|
||||
[dop/desktop]
|
||||
fqdn = condor.infra.s1.p.fti.net
|
||||
login = anonymous
|
||||
method = ftp
|
||||
incoming = /incoming/dop/desktop
|
||||
passive_ftp = 0
|
||||
|
||||
[dop/experimental]
|
||||
fqdn = condor.infra.s1.p.fti.net
|
||||
login = anonymous
|
||||
method = ftp
|
||||
incoming = /incoming/dop/experimental
|
||||
passive_ftp = 0
|
||||
|
||||
[dop/test]
|
||||
fqdn = condor.infra.s1.p.fti.net
|
||||
login = anonymous
|
||||
method = ftp
|
||||
incoming = /incoming/dop/test
|
||||
passive_ftp = 0
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
/local 207.46.0.0/16(rw,sync)
|
||||
/home 207.46.0.0/16(rw,root_squash,sync) 192.168.50.2/32(rw,root_squash,sync)
|
||||
/tmp 207.46.0.0/16(rw,root_squash,sync)
|
||||
/pub *(ro,insecure,all_squash)
|
|
@ -1,10 +0,0 @@
|
|||
/dev/vg00/lv00 / ext3 defaults 1 1
|
||||
LABEL=/boot /boot ext3 defaults 1 2
|
||||
devpts /dev/pts devpts gid=5,mode=620 0 0
|
||||
tmpfs /dev/shm tmpfs defaults 0 0
|
||||
/dev/vg00/home /home ext3 defaults 1 2
|
||||
proc /proc proc defaults 0 0
|
||||
sysfs /sys sysfs defaults 0 0
|
||||
/dev/vg00/local /local ext3 defaults 1 2
|
||||
/dev/vg00/images /var/lib/xen/images ext3 defaults 1 2
|
||||
/dev/vg00/swap swap swap defaults 0 0
|
|
@ -1,26 +0,0 @@
|
|||
root:x:0:root
|
||||
bin:x:1:root,bin,daemon
|
||||
daemon:x:2:root,bin,daemon
|
||||
sys:x:3:root,bin,adm
|
||||
adm:x:4:root,adm,daemon
|
||||
tty:x:5:
|
||||
disk:x:6:root
|
||||
lp:x:7:daemon,lp
|
||||
mem:x:8:
|
||||
kmem:x:9:
|
||||
wheel:x:10:root
|
||||
mail:x:12:mail,postfix
|
||||
uucp:x:14:uucp
|
||||
man:x:15:
|
||||
games:x:20:
|
||||
gopher:x:30:
|
||||
dip:x:40:
|
||||
ftp:x:50:
|
||||
lock:x:54:
|
||||
nobody:x:99:
|
||||
users:x:100:
|
||||
floppy:x:19:
|
||||
vcsa:x:69:
|
||||
rpc:x:32:
|
||||
rpcuser:x:29:
|
||||
nfsnobody:x:499:
|
|
@ -1,31 +0,0 @@
|
|||
# grub.conf generated by anaconda
|
||||
#
|
||||
# Note that you do not have to rerun grub after making changes to this file
|
||||
# NOTICE: You have a /boot partition. This means that
|
||||
# all kernel and initrd paths are relative to /boot/, eg.
|
||||
# root (hd0,0)
|
||||
# kernel /vmlinuz-version ro root=/dev/vg00/lv00
|
||||
# initrd /initrd-version.img
|
||||
#boot=/dev/sda
|
||||
default=0
|
||||
timeout=5
|
||||
splashimage=(hd0,0)/grub/splash.xpm.gz
|
||||
hiddenmenu
|
||||
title Fedora (2.6.24.4-64.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.4-64.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.4-64.fc8.img
|
||||
title Fedora (2.6.24.3-50.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.3-50.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.3-50.fc8.img
|
||||
title Fedora (2.6.21.7-3.fc8xen)
|
||||
root (hd0,0)
|
||||
kernel /xen.gz-2.6.21.7-3.fc8
|
||||
module /vmlinuz-2.6.21.7-3.fc8xen ro root=/dev/vg00/lv00
|
||||
module /initrd-2.6.21.7-3.fc8xen.img
|
||||
title Fedora (2.6.24.3-34.fc8)
|
||||
root (hd0,0)
|
||||
kernel /vmlinuz-2.6.24.3-34.fc8 ro root=/dev/vg00/lv00
|
||||
initrd /initrd-2.6.24.3-34.fc8.img
|
||||
savedefault
|
|
@ -1,26 +0,0 @@
|
|||
root:x::root
|
||||
bin:x::root,bin,daemon
|
||||
daemon:x::root,bin,daemon
|
||||
sys:x::root,bin,adm
|
||||
adm:x:root,adm:root,adm,daemon
|
||||
tty:x::
|
||||
disk:x::root
|
||||
lp:x::daemon,lp
|
||||
mem:x::
|
||||
kmem:x::
|
||||
wheel:x::root
|
||||
mail:x::mail,postfix
|
||||
uucp:x::uucp
|
||||
man:x::
|
||||
games:x::
|
||||
gopher:x::
|
||||
dip:x::
|
||||
ftp:x::
|
||||
lock:x::
|
||||
nobody:x::
|
||||
users:x::
|
||||
floppy:x::
|
||||
vcsa:x::
|
||||
rpc:x::
|
||||
rpcuser:x::
|
||||
nfsnobody:x::
|
|
@ -1,6 +0,0 @@
|
|||
# Do not remove the following line, or various programs
|
||||
# that require network functionality will fail.
|
||||
127.0.0.1 localhost.localdomain localhost galia.watzmann.net galia
|
||||
#172.31.122.254 granny.watzmann.net granny puppet
|
||||
#172.31.122.1 galia.watzmann.net galia
|
||||
172.31.122.14 orange.watzmann.net orange
|
|
@ -1,222 +0,0 @@
|
|||
#
|
||||
# This is the Apache server configuration file providing SSL support.
|
||||
# It contains the configuration directives to instruct the server how to
|
||||
# serve pages over an https connection. For detailing information about these
|
||||
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
|
||||
#
|
||||
# Do NOT simply read the instructions in here without understanding
|
||||
# what they do. They're here only as hints or reminders. If you are unsure
|
||||
# consult the online docs. You have been warned.
|
||||
#
|
||||
|
||||
LoadModule ssl_module modules/mod_ssl.so
|
||||
|
||||
#
|
||||
# When we also provide SSL we have to listen to the
|
||||
# the HTTPS port in addition.
|
||||
#
|
||||
Listen 443
|
||||
|
||||
##
|
||||
## SSL Global Context
|
||||
##
|
||||
## All SSL configuration in this context applies both to
|
||||
## the main server and all SSL-enabled virtual hosts.
|
||||
##
|
||||
|
||||
# Pass Phrase Dialog:
|
||||
# Configure the pass phrase gathering process.
|
||||
# The filtering dialog program (`builtin' is a internal
|
||||
# terminal dialog) has to provide the pass phrase on stdout.
|
||||
SSLPassPhraseDialog builtin
|
||||
|
||||
# Inter-Process Session Cache:
|
||||
# Configure the SSL Session Cache: First the mechanism
|
||||
# to use and second the expiring timeout (in seconds).
|
||||
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
|
||||
SSLSessionCacheTimeout 300
|
||||
|
||||
# Semaphore:
|
||||
# Configure the path to the mutual exclusion semaphore the
|
||||
# SSL engine uses internally for inter-process synchronization.
|
||||
SSLMutex default
|
||||
|
||||
# Pseudo Random Number Generator (PRNG):
|
||||
# Configure one or more sources to seed the PRNG of the
|
||||
# SSL library. The seed data should be of good random quality.
|
||||
# WARNING! On some platforms /dev/random blocks if not enough entropy
|
||||
# is available. This means you then cannot use the /dev/random device
|
||||
# because it would lead to very long connection times (as long as
|
||||
# it requires to make more entropy available). But usually those
|
||||
# platforms additionally provide a /dev/urandom device which doesn't
|
||||
# block. So, if available, use this one instead. Read the mod_ssl User
|
||||
# Manual for more details.
|
||||
SSLRandomSeed startup file:/dev/urandom 256
|
||||
SSLRandomSeed connect builtin
|
||||
#SSLRandomSeed startup file:/dev/random 512
|
||||
#SSLRandomSeed connect file:/dev/random 512
|
||||
#SSLRandomSeed connect file:/dev/urandom 512
|
||||
|
||||
#
|
||||
# Use "SSLCryptoDevice" to enable any supported hardware
|
||||
# accelerators. Use "openssl engine -v" to list supported
|
||||
# engine names. NOTE: If you enable an accelerator and the
|
||||
# server does not start, consult the error logs and ensure
|
||||
# your accelerator is functioning properly.
|
||||
#
|
||||
SSLCryptoDevice builtin
|
||||
#SSLCryptoDevice ubsec
|
||||
|
||||
##
|
||||
## SSL Virtual Host Context
|
||||
##
|
||||
|
||||
<VirtualHost _default_:443>
|
||||
|
||||
# General setup for the virtual host, inherited from global configuration
|
||||
#DocumentRoot "/var/www/html"
|
||||
#ServerName www.example.com:443
|
||||
|
||||
# Use separate log files for the SSL virtual host; note that LogLevel
|
||||
# is not inherited from httpd.conf.
|
||||
ErrorLog logs/ssl_error_log
|
||||
TransferLog logs/ssl_access_log
|
||||
LogLevel warn
|
||||
|
||||
# SSL Engine Switch:
|
||||
# Enable/Disable SSL for this virtual host.
|
||||
SSLEngine on
|
||||
|
||||
# SSL Protocol support:
|
||||
# List the enable protocol levels with which clients will be able to
|
||||
# connect. Disable SSLv2 access by default:
|
||||
SSLProtocol all -SSLv2
|
||||
|
||||
# SSL Cipher Suite:
|
||||
# List the ciphers that the client is permitted to negotiate.
|
||||
# See the mod_ssl documentation for a complete list.
|
||||
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
|
||||
|
||||
# Server Certificate:
|
||||
# Point SSLCertificateFile at a PEM encoded certificate. If
|
||||
# the certificate is encrypted, then you will be prompted for a
|
||||
# pass phrase. Note that a kill -HUP will prompt again. A new
|
||||
# certificate can be generated using the genkey(1) command.
|
||||
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
|
||||
|
||||
# Server Private Key:
|
||||
# If the key is not combined with the certificate, use this
|
||||
# directive to point at the key file. Keep in mind that if
|
||||
# you've both a RSA and a DSA private key you can configure
|
||||
# both in parallel (to also allow the use of DSA ciphers, etc.)
|
||||
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
|
||||
|
||||
# Server Certificate Chain:
|
||||
# Point SSLCertificateChainFile at a file containing the
|
||||
# concatenation of PEM encoded CA certificates which form the
|
||||
# certificate chain for the server certificate. Alternatively
|
||||
# the referenced file can be the same as SSLCertificateFile
|
||||
# when the CA certificates are directly appended to the server
|
||||
# certificate for convinience.
|
||||
#SSLCertificateChainFile /etc/pki/tls/certs/server-chain.crt
|
||||
|
||||
# Certificate Authority (CA):
|
||||
# Set the CA certificate verification path where to find CA
|
||||
# certificates for client authentication or alternatively one
|
||||
# huge file containing all of them (file must be PEM encoded)
|
||||
#SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
|
||||
|
||||
# Client Authentication (Type):
|
||||
# Client certificate verification type and depth. Types are
|
||||
# none, optional, require and optional_no_ca. Depth is a
|
||||
# number which specifies how deeply to verify the certificate
|
||||
# issuer chain before deciding the certificate is not valid.
|
||||
#SSLVerifyClient require
|
||||
#SSLVerifyDepth 10
|
||||
|
||||
# Access Control:
|
||||
# With SSLRequire you can do per-directory access control based
|
||||
# on arbitrary complex boolean expressions containing server
|
||||
# variable checks and other lookup directives. The syntax is a
|
||||
# mixture between C and Perl. See the mod_ssl documentation
|
||||
# for more details.
|
||||
#<Location />
|
||||
#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
|
||||
# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
|
||||
# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
|
||||
# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
|
||||
# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
|
||||
# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
|
||||
#</Location>
|
||||
|
||||
# SSL Engine Options:
|
||||
# Set various options for the SSL engine.
|
||||
# o FakeBasicAuth:
|
||||
# Translate the client X.509 into a Basic Authorisation. This means that
|
||||
# the standard Auth/DBMAuth methods can be used for access control. The
|
||||
# user name is the `one line' version of the client's X.509 certificate.
|
||||
# Note that no password is obtained from the user. Every entry in the user
|
||||
# file needs this password: `xxj31ZMTZzkVA'.
|
||||
# o ExportCertData:
|
||||
# This exports two additional environment variables: SSL_CLIENT_CERT and
|
||||
# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
|
||||
# server (always existing) and the client (only existing when client
|
||||
# authentication is used). This can be used to import the certificates
|
||||
# into CGI scripts.
|
||||
# o StdEnvVars:
|
||||
# This exports the standard SSL/TLS related `SSL_*' environment variables.
|
||||
# Per default this exportation is switched off for performance reasons,
|
||||
# because the extraction step is an expensive operation and is usually
|
||||
# useless for serving static content. So one usually enables the
|
||||
# exportation for CGI and SSI requests only.
|
||||
# o StrictRequire:
|
||||
# This denies access when "SSLRequireSSL" or "SSLRequire" applied even
|
||||
# under a "Satisfy any" situation, i.e. when it applies access is denied
|
||||
# and no other module can change it.
|
||||
# o OptRenegotiate:
|
||||
# This enables optimized SSL connection renegotiation handling when SSL
|
||||
# directives are used in per-directory context.
|
||||
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
|
||||
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
|
||||
SSLOptions +StdEnvVars
|
||||
</Files>
|
||||
<Directory "/var/www/cgi-bin">
|
||||
SSLOptions +StdEnvVars
|
||||
</Directory>
|
||||
|
||||
# SSL Protocol Adjustments:
|
||||
# The safe and default but still SSL/TLS standard compliant shutdown
|
||||
# approach is that mod_ssl sends the close notify alert but doesn't wait for
|
||||
# the close notify alert from client. When you need a different shutdown
|
||||
# approach you can use one of the following variables:
|
||||
# o ssl-unclean-shutdown:
|
||||
# This forces an unclean shutdown when the connection is closed, i.e. no
|
||||
# SSL close notify alert is send or allowed to received. This violates
|
||||
# the SSL/TLS standard but is needed for some brain-dead browsers. Use
|
||||
# this when you receive I/O errors because of the standard approach where
|
||||
# mod_ssl sends the close notify alert.
|
||||
# o ssl-accurate-shutdown:
|
||||
# This forces an accurate shutdown when the connection is closed, i.e. a
|
||||
# SSL close notify alert is send and mod_ssl waits for the close notify
|
||||
# alert of the client. This is 100% SSL/TLS standard compliant, but in
|
||||
# practice often causes hanging connections with brain-dead browsers. Use
|
||||
# this only for browsers where you know that their SSL implementation
|
||||
# works correctly.
|
||||
# Notice: Most problems of broken clients are also related to the HTTP
|
||||
# keep-alive facility, so you usually additionally want to disable
|
||||
# keep-alive for those clients, too. Use variable "nokeepalive" for this.
|
||||
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
|
||||
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
|
||||
# "force-response-1.0" for this.
|
||||
SetEnvIf User-Agent ".*MSIE.*" \
|
||||
nokeepalive ssl-unclean-shutdown \
|
||||
downgrade-1.0 force-response-1.0
|
||||
|
||||
# Per-Server Logging:
|
||||
# The home of a custom SSL log file. Use this when you want a
|
||||
# compact non-error SSL logfile on a virtual host basis.
|
||||
CustomLog logs/ssl_request_log \
|
||||
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
|
||||
|
||||
</VirtualHost>
|
||||
|
|
@ -1,67 +0,0 @@
|
|||
#
|
||||
# This file loads most of the modules included with the Apache HTTP
|
||||
# Server itself.
|
||||
#
|
||||
|
||||
LoadModule access_compat_module modules/mod_access_compat.so
|
||||
LoadModule actions_module modules/mod_actions.so
|
||||
LoadModule alias_module modules/mod_alias.so
|
||||
LoadModule allowmethods_module modules/mod_allowmethods.so
|
||||
LoadModule auth_basic_module modules/mod_auth_basic.so
|
||||
LoadModule auth_digest_module modules/mod_auth_digest.so
|
||||
LoadModule authn_anon_module modules/mod_authn_anon.so
|
||||
LoadModule authn_core_module modules/mod_authn_core.so
|
||||
LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||||
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||||
LoadModule authn_file_module modules/mod_authn_file.so
|
||||
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||||
LoadModule authz_core_module modules/mod_authz_core.so
|
||||
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||||
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||||
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
|
||||
LoadModule authz_host_module modules/mod_authz_host.so
|
||||
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||||
LoadModule authz_user_module modules/mod_authz_user.so
|
||||
LoadModule autoindex_module modules/mod_autoindex.so
|
||||
LoadModule cache_module modules/mod_cache.so
|
||||
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||
LoadModule cache_socache_module modules/mod_cache_socache.so
|
||||
LoadModule data_module modules/mod_data.so
|
||||
LoadModule dbd_module modules/mod_dbd.so
|
||||
LoadModule deflate_module modules/mod_deflate.so
|
||||
LoadModule dir_module modules/mod_dir.so
|
||||
LoadModule dumpio_module modules/mod_dumpio.so
|
||||
LoadModule echo_module modules/mod_echo.so
|
||||
LoadModule env_module modules/mod_env.so
|
||||
LoadModule expires_module modules/mod_expires.so
|
||||
LoadModule ext_filter_module modules/mod_ext_filter.so
|
||||
LoadModule filter_module modules/mod_filter.so
|
||||
LoadModule headers_module modules/mod_headers.so
|
||||
LoadModule include_module modules/mod_include.so
|
||||
LoadModule info_module modules/mod_info.so
|
||||
LoadModule log_config_module modules/mod_log_config.so
|
||||
LoadModule logio_module modules/mod_logio.so
|
||||
LoadModule macro_module modules/mod_macro.so
|
||||
LoadModule mime_magic_module modules/mod_mime_magic.so
|
||||
LoadModule mime_module modules/mod_mime.so
|
||||
LoadModule negotiation_module modules/mod_negotiation.so
|
||||
LoadModule remoteip_module modules/mod_remoteip.so
|
||||
LoadModule reqtimeout_module modules/mod_reqtimeout.so
|
||||
LoadModule request_module modules/mod_request.so
|
||||
LoadModule rewrite_module modules/mod_rewrite.so
|
||||
LoadModule setenvif_module modules/mod_setenvif.so
|
||||
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
|
||||
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
|
||||
LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
||||
LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
||||
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
||||
LoadModule status_module modules/mod_status.so
|
||||
LoadModule substitute_module modules/mod_substitute.so
|
||||
LoadModule suexec_module modules/mod_suexec.so
|
||||
LoadModule unique_id_module modules/mod_unique_id.so
|
||||
LoadModule unixd_module modules/mod_unixd.so
|
||||
LoadModule userdir_module modules/mod_userdir.so
|
||||
LoadModule version_module modules/mod_version.so
|
||||
LoadModule vhost_alias_module modules/mod_vhost_alias.so
|
||||
LoadModule watchdog_module modules/mod_watchdog.so
|
||||
|
|
@ -1,3 +0,0 @@
|
|||
LoadModule dav_module modules/mod_dav.so
|
||||
LoadModule dav_fs_module modules/mod_dav_fs.so
|
||||
LoadModule dav_lock_module modules/mod_dav_lock.so
|
|
@ -1 +0,0 @@
|
|||
LoadModule lua_module modules/mod_lua.so
|
|
@ -1,23 +0,0 @@
|
|||
# Select the MPM module which should be used by uncommenting exactly
|
||||
# one of the following LoadModule lines. See the httpd.service(8) man
|
||||
# page for more information on changing the MPM.
|
||||
|
||||
# prefork MPM: Implements a non-threaded, pre-forking web server
|
||||
# See: http://httpd.apache.org/docs/2.4/mod/prefork.html
|
||||
#
|
||||
# NOTE: If enabling prefork, the httpd_graceful_shutdown SELinux
|
||||
# boolean should be enabled, to allow graceful stop/shutdown.
|
||||
#
|
||||
#LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||||
|
||||
# worker MPM: Multi-Processing Module implementing a hybrid
|
||||
# multi-threaded multi-process web server
|
||||
# See: http://httpd.apache.org/docs/2.4/mod/worker.html
|
||||
#
|
||||
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
|
||||
|
||||
# event MPM: A variant of the worker MPM with the goal of consuming
|
||||
# threads only for connections with active processing
|
||||
# See: http://httpd.apache.org/docs/2.4/mod/event.html
|
||||
#
|
||||
LoadModule mpm_event_module modules/mod_mpm_event.so
|
|
@ -1,18 +0,0 @@
|
|||
#
|
||||
# This file lists modules included with the Apache HTTP Server
|
||||
# which are not enabled by default.
|
||||
#
|
||||
|
||||
#LoadModule asis_module modules/mod_asis.so
|
||||
#LoadModule buffer_module modules/mod_buffer.so
|
||||
#LoadModule heartbeat_module modules/mod_heartbeat.so
|
||||
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
|
||||
#LoadModule usertrack_module modules/mod_usertrack.so
|
||||
#LoadModule dialup_module modules/mod_dialup.so
|
||||
#LoadModule charset_lite_module modules/mod_charset_lite.so
|
||||
#LoadModule log_debug_module modules/mod_log_debug.so
|
||||
#LoadModule log_forensic_module modules/mod_log_forensic.so
|
||||
#LoadModule ratelimit_module modules/mod_ratelimit.so
|
||||
#LoadModule reflector_module modules/mod_reflector.so
|
||||
#LoadModule sed_module modules/mod_sed.so
|
||||
#LoadModule speling_module modules/mod_speling.so
|
|
@ -1,17 +0,0 @@
|
|||
# This file configures all the proxy modules:
|
||||
LoadModule proxy_module modules/mod_proxy.so
|
||||
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
|
||||
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
|
||||
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
|
||||
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
|
||||
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
|
||||
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
|
||||
LoadModule proxy_connect_module modules/mod_proxy_connect.so
|
||||
LoadModule proxy_express_module modules/mod_proxy_express.so
|
||||
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
|
||||
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
|
||||
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
|
||||
LoadModule proxy_http_module modules/mod_proxy_http.so
|
||||
LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
|
||||
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
|
||||
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
|
|
@ -1,2 +0,0 @@
|
|||
# This file configures systemd module:
|
||||
LoadModule systemd_module modules/mod_systemd.so
|
|
@ -1,14 +0,0 @@
|
|||
# This configuration file loads a CGI module appropriate to the MPM
|
||||
# which has been configured in 00-mpm.conf. mod_cgid should be used
|
||||
# with a threaded MPM; mod_cgi with the prefork MPM.
|
||||
|
||||
<IfModule mpm_worker_module>
|
||||
LoadModule cgid_module modules/mod_cgid.so
|
||||
</IfModule>
|
||||
<IfModule mpm_event_module>
|
||||
LoadModule cgid_module modules/mod_cgid.so
|
||||
</IfModule>
|
||||
<IfModule mpm_prefork_module>
|
||||
LoadModule cgi_module modules/mod_cgi.so
|
||||
</IfModule>
|
||||
|
|
@ -1 +0,0 @@
|
|||
LoadModule http2_module modules/mod_http2.so
|
|
@ -1 +0,0 @@
|
|||
LoadModule dnssd_module modules/mod_dnssd.so
|
|
@ -1 +0,0 @@
|
|||
LoadModule proxy_http2_module modules/mod_proxy_http2.so
|
|
@ -1,9 +0,0 @@
|
|||
|
||||
This directory holds configuration files for the Apache HTTP Server;
|
||||
any files in this directory which have the ".conf" extension will be
|
||||
processed as httpd configuration files. This directory contains
|
||||
configuration fragments necessary only to load modules.
|
||||
Administrators should use the directory "/etc/httpd/conf.d" to modify
|
||||
the configuration of httpd, or any modules.
|
||||
|
||||
Files are processed in alphanumeric order.
|
|
@ -1,53 +0,0 @@
|
|||
#
|
||||
# inittab This file describes how the INIT process should set up
|
||||
# the system in a certain run-level.
|
||||
#
|
||||
# Author: Miquel van Smoorenburg, <miquels@drinkel.nl.mugnet.org>
|
||||
# Modified for RHS Linux by Marc Ewing and Donnie Barnes
|
||||
#
|
||||
|
||||
# Default runlevel. The runlevels used by RHS are:
|
||||
# 0 - halt (Do NOT set initdefault to this)
|
||||
# 1 - Single user mode
|
||||
# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
|
||||
# 3 - Full multiuser mode
|
||||
# 4 - unused
|
||||
# 5 - X11
|
||||
# 6 - reboot (Do NOT set initdefault to this)
|
||||
#
|
||||
id:5:initdefault:
|
||||
|
||||
# System initialization.
|
||||
si::sysinit:/etc/rc.d/rc.sysinit
|
||||
|
||||
l0:0:wait:/etc/rc.d/rc 0
|
||||
l1:1:wait:/etc/rc.d/rc 1
|
||||
l2:2:wait:/etc/rc.d/rc 2
|
||||
l3:3:wait:/etc/rc.d/rc 3
|
||||
l4:4:wait:/etc/rc.d/rc 4
|
||||
l5:5:wait:/etc/rc.d/rc 5
|
||||
l6:6:wait:/etc/rc.d/rc 6
|
||||
|
||||
# Trap CTRL-ALT-DELETE
|
||||
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
|
||||
|
||||
# When our UPS tells us power has failed, assume we have a few minutes
|
||||
# of power left. Schedule a shutdown for 2 minutes from now.
|
||||
# This does, of course, assume you have powerd installed and your
|
||||
# UPS connected and working correctly.
|
||||
pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"
|
||||
|
||||
# If power was restored before the shutdown kicked in, cancel it.
|
||||
pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"
|
||||
|
||||
|
||||
# Run gettys in standard runlevels
|
||||
1:2345:respawn:/sbin/mingetty tty1
|
||||
2:2345:respawn:/sbin/mingetty tty2
|
||||
3:2345:respawn:/sbin/mingetty tty3
|
||||
4:2345:respawn:/sbin/mingetty tty4
|
||||
5:2345:respawn:/sbin/mingetty tty5
|
||||
6:2345:respawn:/sbin/mingetty tty6
|
||||
|
||||
# Run xdm in runlevel 5
|
||||
x:5:respawn:/etc/X11/prefdm -nodaemon
|
|
@ -1,192 +0,0 @@
|
|||
# This file contains a series of commands to perform (in order) in the kdump
|
||||
# kernel after a kernel crash in the crash kernel(1st kernel) has happened.
|
||||
#
|
||||
# Directives in this file are only applicable to the kdump initramfs, and have
|
||||
# no effect once the root filesystem is mounted and the normal init scripts are
|
||||
# processed.
|
||||
#
|
||||
# Currently, only one dump target and path can be specified. If the dumping to
|
||||
# the configured target fails, the failure action which can be configured via
|
||||
# the "failure_action" directive will be performed.
|
||||
#
|
||||
# Supported options:
|
||||
#
|
||||
# auto_reset_crashkernel <yes|no>
|
||||
# - whether to reset kernel crashkernel to new default value
|
||||
# or not when kexec-tools updates the default crashkernel value and
|
||||
# existing kernels using the old default kernel crashkernel value.
|
||||
# The default value is yes.
|
||||
#
|
||||
# raw <partition>
|
||||
# - Will dd /proc/vmcore into <partition>.
|
||||
# Use persistent device names for partition devices,
|
||||
# such as /dev/vg/<devname>.
|
||||
#
|
||||
# nfs <nfs mount>
|
||||
# - Will mount nfs to <mnt>, and copy /proc/vmcore to
|
||||
# <mnt>/<path>/%HOST-%DATE/, supports DNS.
|
||||
#
|
||||
# ssh <user@server>
|
||||
# - Will save /proc/vmcore to <user@server>:<path>/%HOST-%DATE/,
|
||||
# supports DNS.
|
||||
# NOTE: make sure the user has write permissions on the server.
|
||||
#
|
||||
# sshkey <path>
|
||||
# - Will use the sshkey to do ssh dump.
|
||||
# Specify the path of the ssh key to use when dumping
|
||||
# via ssh. The default value is /root/.ssh/kdump_id_rsa.
|
||||
#
|
||||
# <fs type> <partition>
|
||||
# - Will mount -t <fs type> <partition> <mnt>, and copy
|
||||
# /proc/vmcore to <mnt>/<path>/%HOST_IP-%DATE/.
|
||||
# NOTE: <partition> can be a device node, label or uuid.
|
||||
# It's recommended to use persistent device names
|
||||
# such as /dev/vg/<devname>.
|
||||
# Otherwise it's suggested to use label or uuid.
|
||||
#
|
||||
# path <path>
|
||||
# - "path" represents the file system path in which vmcore
|
||||
# will be saved. If a dump target is specified in
|
||||
# kdump.conf, then "path" is relative to the specified
|
||||
# dump target.
|
||||
#
|
||||
# Interpretation of "path" changes a bit if the user didn't
|
||||
# specify any dump target explicitly in kdump.conf. In this
|
||||
# case, "path" represents the absolute path from root. The
|
||||
# dump target and adjusted path are arrived at automatically
|
||||
# depending on what's mounted in the current system.
|
||||
#
|
||||
# Ignored for raw device dumps. If unset, will use the default
|
||||
# "/var/crash".
|
||||
#
|
||||
# core_collector <command> <options>
|
||||
# - This allows you to specify the command to copy
|
||||
# the vmcore. The default is makedumpfile, which on
|
||||
# some architectures can drastically reduce vmcore size.
|
||||
# See /sbin/makedumpfile --help for a list of options.
|
||||
# Note that the -i and -g options are not needed here,
|
||||
# as the initrd will automatically be populated with a
|
||||
# config file appropriate for the running kernel.
|
||||
# The default core_collector for raw/ssh dump is:
|
||||
# "makedumpfile -F -l --message-level 7 -d 31".
|
||||
# The default core_collector for other targets is:
|
||||
# "makedumpfile -l --message-level 7 -d 31".
|
||||
#
|
||||
# "makedumpfile -F" will create a flattened vmcore.
|
||||
# You need to use "makedumpfile -R" to rearrange the dump data to
|
||||
# a normal dumpfile readable with analysis tools. For example:
|
||||
# "makedumpfile -R vmcore < vmcore.flat".
|
||||
#
|
||||
# For core_collector format details, you can refer to
|
||||
# kexec-kdump-howto.txt or kdump.conf manpage.
|
||||
#
|
||||
# kdump_post <binary | script>
|
||||
# - This directive allows you to run a executable binary
|
||||
# or script after the vmcore dump process terminates.
|
||||
# The exit status of the current dump process is fed to
|
||||
# the executable binary or script as its first argument.
|
||||
# All files under /etc/kdump/post.d are collectively sorted
|
||||
# and executed in lexical order, before binary or script
|
||||
# specified kdump_post parameter is executed.
|
||||
#
|
||||
# kdump_pre <binary | script>
|
||||
# - Works like the "kdump_post" directive, but instead of running
|
||||
# after the dump process, runs immediately before it.
|
||||
# Exit status of this binary is interpreted as follows:
|
||||
# 0 - continue with dump process as usual
|
||||
# non 0 - run the final action (reboot/poweroff/halt)
|
||||
# All files under /etc/kdump/pre.d are collectively sorted and
|
||||
# executed in lexical order, after binary or script specified
|
||||
# kdump_pre parameter is executed.
|
||||
# Even if the binary or script in /etc/kdump/pre.d directory
|
||||
# returns non 0 exit status, the processing is continued.
|
||||
#
|
||||
# extra_bins <binaries | shell scripts>
|
||||
# - This directive allows you to specify additional binaries or
|
||||
# shell scripts to be included in the kdump initrd.
|
||||
# Generally they are useful in conjunction with a kdump_post
|
||||
# or kdump_pre binary or script which depends on these extra_bins.
|
||||
#
|
||||
# extra_modules <module(s)>
|
||||
# - This directive allows you to specify extra kernel modules
|
||||
# that you want to be loaded in the kdump initrd.
|
||||
# Multiple modules can be listed, separated by spaces, and any
|
||||
# dependent modules will automatically be included.
|
||||
#
|
||||
# failure_action <reboot | halt | poweroff | shell | dump_to_rootfs>
|
||||
# - Action to perform in case dumping fails.
|
||||
# reboot: Reboot the system.
|
||||
# halt: Halt the system.
|
||||
# poweroff: Power down the system.
|
||||
# shell: Drop to a bash shell.
|
||||
# Exiting the shell reboots the system by default,
|
||||
# or perform "final_action".
|
||||
# dump_to_rootfs: Dump vmcore to rootfs from initramfs context and
|
||||
# reboot by default or perform "final_action".
|
||||
# Useful when non-root dump target is specified.
|
||||
# The default option is "reboot".
|
||||
#
|
||||
# default <reboot | halt | poweroff | shell | dump_to_rootfs>
|
||||
# - Same as the "failure_action" directive above, but this directive
|
||||
# is obsolete and will be removed in the future.
|
||||
#
|
||||
# final_action <reboot | halt | poweroff>
|
||||
# - Action to perform in case dumping succeeds. Also performed
|
||||
# when "shell" or "dump_to_rootfs" failure action finishes.
|
||||
# Each action is same as the "failure_action" directive above.
|
||||
# The default is "reboot".
|
||||
#
|
||||
# force_rebuild <0 | 1>
|
||||
# - By default, kdump initrd will only be rebuilt when necessary.
|
||||
# Specify 1 to force rebuilding kdump initrd every time when kdump
|
||||
# service starts.
|
||||
#
|
||||
# force_no_rebuild <0 | 1>
|
||||
# - By default, kdump initrd will be rebuilt when necessary.
|
||||
# Specify 1 to bypass rebuilding of kdump initrd.
|
||||
#
|
||||
# force_no_rebuild and force_rebuild options are mutually
|
||||
# exclusive and they should not be set to 1 simultaneously.
|
||||
#
|
||||
# override_resettable <0 | 1>
|
||||
# - Usually an unresettable block device can't be a dump target.
|
||||
# Specifying 1 when you want to dump even though the block
|
||||
# target is unresettable
|
||||
# By default, it is 0, which will not try dumping destined to fail.
|
||||
#
|
||||
# dracut_args <arg(s)>
|
||||
# - Pass extra dracut options when rebuilding kdump initrd.
|
||||
#
|
||||
# fence_kdump_args <arg(s)>
|
||||
# - Command line arguments for fence_kdump_send (it can contain
|
||||
# all valid arguments except hosts to send notification to).
|
||||
#
|
||||
# fence_kdump_nodes <node(s)>
|
||||
# - List of cluster node(s) except localhost, separated by spaces,
|
||||
# to send fence_kdump notifications to.
|
||||
# (this option is mandatory to enable fence_kdump).
|
||||
#
|
||||
|
||||
#raw /dev/vg/lv_kdump
|
||||
#ext4 /dev/vg/lv_kdump
|
||||
#ext4 LABEL=/boot
|
||||
#ext4 UUID=03138356-5e61-4ab3-b58e-27507ac41937
|
||||
#nfs my.server.com:/export/tmp
|
||||
#nfs [2001:db8::1:2:3:4]:/export/tmp
|
||||
#ssh user@my.server.com
|
||||
#ssh user@2001:db8::1:2:3:4
|
||||
#sshkey /root/.ssh/kdump_id_rsa
|
||||
auto_reset_crashkernel yes
|
||||
path /var/crash
|
||||
core_collector makedumpfile -l --message-level 7 -d 31
|
||||
#core_collector scp
|
||||
#kdump_post /var/crash/scripts/kdump-post.sh
|
||||
#kdump_pre /var/crash/scripts/kdump-pre.sh
|
||||
#extra_bins /usr/bin/lftp
|
||||
#extra_modules gfs2
|
||||
#failure_action shell
|
||||
#force_rebuild 1
|
||||
#force_no_rebuild 1
|
||||
#dracut_args --omit-drivers "cfg80211 snd" --add-drivers "ext2 ext3"
|
||||
#fence_kdump_args -p 7410 -f auto -c 0 -i 10
|
||||
#fence_kdump_nodes node1 node2
|
|
@ -1,31 +0,0 @@
|
|||
[logging]
|
||||
default = FILE:/var/log/krb5libs.log
|
||||
kdc = FILE:/var/log/krb5kdc.log
|
||||
admin_server = FILE:/var/log/kadmind.log
|
||||
|
||||
[libdefaults]
|
||||
default_realm = EXAMPLE.COM
|
||||
dns_lookup_realm = false
|
||||
dns_lookup_kdc = false
|
||||
ticket_lifetime = 24h
|
||||
forwardable = yes
|
||||
|
||||
[realms]
|
||||
EXAMPLE.COM = {
|
||||
kdc = kerberos.example.com:88
|
||||
admin_server = kerberos.example.com:749
|
||||
default_domain = example.com
|
||||
}
|
||||
|
||||
[domain_realm]
|
||||
.example.com = EXAMPLE.COM
|
||||
example.com = EXAMPLE.COM
|
||||
|
||||
[appdefaults]
|
||||
pam = {
|
||||
debug = false
|
||||
ticket_lifetime = 36000
|
||||
renew_lifetime = 36000
|
||||
forwardable = true
|
||||
krb4_convert = false
|
||||
}
|
|
@ -1,8 +0,0 @@
|
|||
/var/log/acpid {
|
||||
missingok
|
||||
notifempty
|
||||
size=64k
|
||||
postrotate
|
||||
/etc/init.d/acpid condrestart >/dev/null || :
|
||||
endscript
|
||||
}
|
|
@ -1,6 +0,0 @@
|
|||
/var/log/rpmpkgs {
|
||||
weekly
|
||||
notifempty
|
||||
missingok
|
||||
create 0640 root root
|
||||
}
|
|
@ -1,353 +0,0 @@
|
|||
### This file is automatically generated by update-modules"
|
||||
#
|
||||
# Please do not edit this file directly. If you want to change or add
|
||||
# anything please take a look at the files in /etc/modutils and read
|
||||
# the manpage for update-modules.
|
||||
#
|
||||
### update-modules: start processing /etc/modutils/0keep
|
||||
# DO NOT MODIFY THIS FILE!
|
||||
# This file is not marked as conffile to make sure if you upgrade modutils
|
||||
# it will be restored in case some modifications have been made.
|
||||
#
|
||||
# The keep command is necessary to prevent insmod and friends from ignoring
|
||||
# the builtin defaults of a path-statement is encountered. Until all other
|
||||
# packages use the new `add path'-statement this keep-statement is essential
|
||||
# to keep your system working
|
||||
keep
|
||||
|
||||
### update-modules: end processing /etc/modutils/0keep
|
||||
|
||||
### update-modules: start processing /etc/modutils/1devfsd
|
||||
# /etc/modules.devfs
|
||||
# Richard Gooch <rgooch@atnf.csiro.au> 24-MAR-2002
|
||||
#
|
||||
# THIS IS AN AUTOMATICALLY GENERATED FILE. DO NOT EDIT!!!
|
||||
# THIS FILE WILL BE OVERWRITTEN EACH TIME YOU INSTALL DEVFSD!!!
|
||||
# Modify /etc/modules.conf instead.
|
||||
# This file comes with devfsd-vDEVFSD-VERSION which is available from:
|
||||
# http://www.atnf.csiro.au/~rgooch/linux/
|
||||
# or directly from:
|
||||
# ftp://ftp.atnf.csiro.au/pub/people/rgooch/linux/daemons/devfsd-vDEVFSD-VERSION.tar.gz
|
||||
|
||||
###############################################################################
|
||||
# Sample configurations that you may want to place in /etc/modules.conf
|
||||
#
|
||||
#alias sound-slot-0 sb
|
||||
#alias /dev/v4l bttv
|
||||
#alias /dev/misc/watchdog pcwd
|
||||
#alias gen-md raid0
|
||||
#alias /dev/joysticks joystick
|
||||
#probeall scsi_hostadapter sym53c8xx
|
||||
|
||||
###############################################################################
|
||||
# Generic section: do not change or copy
|
||||
#
|
||||
# All HDDs
|
||||
probeall /dev/discs scsi_hostadapter sd_mod ide-probe-mod ide-disk ide-floppy DAC960
|
||||
alias /dev/discs/* /dev/discs
|
||||
|
||||
# All CD-ROMs
|
||||
probeall /dev/cdroms scsi_hostadapter sr_mod ide-probe-mod ide-cd cdrom
|
||||
alias /dev/cdroms/* /dev/cdroms
|
||||
alias /dev/cdrom /dev/cdroms
|
||||
|
||||
# All tapes
|
||||
probeall /dev/tapes scsi_hostadapter st ide-probe-mod ide-tape
|
||||
alias /dev/tapes/* /dev/tapes
|
||||
|
||||
# All SCSI devices
|
||||
probeall /dev/scsi scsi_hostadapter sd_mod sr_mod st sg
|
||||
|
||||
# All IDE devices
|
||||
alias /dev/hd* /dev/ide
|
||||
alias /dev/ide/host*/bus*/target*/lun*/* /dev/ide
|
||||
probeall /dev/ide ide-probe-mod ide-disk ide-cd ide-tape ide-floppy
|
||||
|
||||
# IDE CD-ROMs
|
||||
alias /dev/ide/*/cd ide-cd
|
||||
|
||||
# SCSI HDDs
|
||||
probeall /dev/sd scsi_hostadapter sd_mod
|
||||
alias /dev/sd* /dev/sd
|
||||
|
||||
# SCSI CD-ROMs
|
||||
probeall /dev/sr scsi_hostadapter sr_mod
|
||||
alias /dev/sr* /dev/sr
|
||||
alias /dev/scsi/*/cd sr_mod
|
||||
|
||||
# SCSI tapes
|
||||
probeall /dev/st scsi_hostadapter st
|
||||
alias /dev/st* /dev/st
|
||||
alias /dev/nst* /dev/st
|
||||
|
||||
# SCSI generic
|
||||
probeall /dev/sg scsi_hostadapter sg
|
||||
alias /dev/sg* /dev/sg
|
||||
alias /dev/scsi/*/generic /dev/sg
|
||||
alias /dev/pg /dev/sg
|
||||
alias /dev/pg* /dev/sg
|
||||
|
||||
# Floppies
|
||||
alias /dev/floppy floppy
|
||||
alias /dev/fd* floppy
|
||||
|
||||
# RAMDISCs
|
||||
alias /dev/rd rd
|
||||
alias /dev/ram* rd
|
||||
|
||||
# Loop devices
|
||||
alias /dev/loop* loop
|
||||
|
||||
# Meta devices
|
||||
alias /dev/md* gen-md
|
||||
|
||||
# Parallel port printers
|
||||
alias /dev/printers* lp
|
||||
alias /dev/lp* /dev/printers
|
||||
|
||||
# Soundcard
|
||||
alias /dev/sound sound-slot-0
|
||||
alias /dev/audio /dev/sound
|
||||
alias /dev/mixer /dev/sound
|
||||
alias /dev/dsp /dev/sound
|
||||
alias /dev/dspW /dev/sound
|
||||
alias /dev/midi /dev/sound
|
||||
|
||||
# Joysticks
|
||||
alias /dev/js* /dev/joysticks
|
||||
|
||||
# Serial ports
|
||||
alias /dev/tts* serial
|
||||
alias /dev/ttyS* /dev/tts
|
||||
alias /dev/cua* /dev/tts
|
||||
|
||||
# Input devices
|
||||
alias /dev/input/mouse* mousedev
|
||||
|
||||
# Miscellaneous devices
|
||||
alias /dev/misc/atibm atixlmouse
|
||||
alias /dev/misc/inportbm msbusmouse
|
||||
alias /dev/misc/logibm busmouse
|
||||
alias /dev/misc/rtc rtc
|
||||
alias /dev/misc/agpgart agpgart
|
||||
alias /dev/rtc /dev/misc/rtc
|
||||
|
||||
# PPP devices
|
||||
alias /dev/ppp* ppp_generic
|
||||
|
||||
# Video capture devices
|
||||
alias /dev/video* /dev/v4l
|
||||
alias /dev/vbi* /dev/v4l
|
||||
|
||||
# agpgart
|
||||
alias /dev/agpgart agpgart
|
||||
alias /dev/dri* agpgart
|
||||
|
||||
# Irda devices
|
||||
alias /dev/ircomm ircomm-tty
|
||||
alias /dev/ircomm* /dev/ircomm
|
||||
|
||||
# Raw I/O devices
|
||||
alias /dev/rawctl /dev/raw
|
||||
|
||||
|
||||
# Pull in the configuration file. Do this last because modprobe(8) processes in
|
||||
# per^H^H^Hreverse order and the sysadmin may want to over-ride what is in the
|
||||
# generic file
|
||||
#include /etc/modules.conf
|
||||
|
||||
### update-modules: end processing /etc/modutils/1devfsd
|
||||
|
||||
### update-modules: start processing /etc/modutils/actions
|
||||
# Special actions that are needed for some modules
|
||||
|
||||
# The BTTV module does not load the tuner module automatically,
|
||||
# so do that in here
|
||||
post-install bttv insmod tuner
|
||||
post-remove bttv rmmod tuner
|
||||
|
||||
|
||||
### update-modules: end processing /etc/modutils/actions
|
||||
|
||||
### update-modules: start processing /etc/modutils/aliases
|
||||
# Aliases to tell insmod/modprobe which modules to use
|
||||
|
||||
# Uncomment the network protocols you don't want loaded:
|
||||
# alias net-pf-1 off # Unix
|
||||
# alias net-pf-2 off # IPv4
|
||||
# alias net-pf-3 off # Amateur Radio AX.25
|
||||
# alias net-pf-4 off # IPX
|
||||
# alias net-pf-5 off # DDP / appletalk
|
||||
# alias net-pf-6 off # Amateur Radio NET/ROM
|
||||
# alias net-pf-9 off # X.25
|
||||
# alias net-pf-10 off # IPv6
|
||||
# alias net-pf-11 off # ROSE / Amateur Radio X.25 PLP
|
||||
# alias net-pf-19 off # Acorn Econet
|
||||
|
||||
alias char-major-10-175 agpgart
|
||||
alias char-major-10-200 tun
|
||||
alias char-major-81 bttv
|
||||
alias char-major-108 ppp_generic
|
||||
alias /dev/ppp ppp_generic
|
||||
alias tty-ldisc-3 ppp_async
|
||||
alias tty-ldisc-14 ppp_synctty
|
||||
alias ppp-compress-21 bsd_comp
|
||||
alias ppp-compress-24 ppp_deflate
|
||||
alias ppp-compress-26 ppp_deflate
|
||||
|
||||
# Crypto modules (see http://www.kerneli.org/)
|
||||
alias loop-xfer-gen-0 loop_gen
|
||||
alias loop-xfer-3 loop_fish2
|
||||
alias loop-xfer-gen-10 loop_gen
|
||||
alias cipher-2 des
|
||||
alias cipher-3 fish2
|
||||
alias cipher-4 blowfish
|
||||
alias cipher-6 idea
|
||||
alias cipher-7 serp6f
|
||||
alias cipher-8 mars6
|
||||
alias cipher-11 rc62
|
||||
alias cipher-15 dfc2
|
||||
alias cipher-16 rijndael
|
||||
alias cipher-17 rc5
|
||||
|
||||
alias char-major-195 NVdriver
|
||||
|
||||
### update-modules: end processing /etc/modutils/aliases
|
||||
|
||||
### update-modules: start processing /etc/modutils/alsa-path
|
||||
# Debian ALSA modules path
|
||||
# Do not edit this unless you understand what you're doing.
|
||||
path=/lib/modules/`uname -r`/alsa
|
||||
|
||||
### update-modules: end processing /etc/modutils/alsa-path
|
||||
|
||||
### update-modules: start processing /etc/modutils/apm
|
||||
alias char-major-10-134 apm
|
||||
alias /dev/apm_bios /dev/misc/apm_bios
|
||||
alias /dev/misc/apm_bios apm
|
||||
|
||||
### update-modules: end processing /etc/modutils/apm
|
||||
|
||||
### update-modules: start processing /etc/modutils/cdrw
|
||||
options ide-cd ignore=hdc # tell the ide-cd module to ignore hdb
|
||||
alias scd0 sr_mod # load sr_mod upon access of scd0
|
||||
#pre-install ide-scsi modprobe imm # uncomment for some ZIP drives only
|
||||
pre-install sg modprobe ide-scsi # load ide-scsi before sg
|
||||
pre-install sr_mod modprobe ide-scsi # load ide-scsi before sr_mod
|
||||
pre-install ide-scsi modprobe ide-cd # load ide-cd before ide-scsi
|
||||
|
||||
### update-modules: end processing /etc/modutils/cdrw
|
||||
|
||||
### update-modules: start processing /etc/modutils/irda
|
||||
alias tty-ldisc-11 irtty
|
||||
alias char-major-161 ircomm-tty
|
||||
alias char-major-60 ircomm_tty
|
||||
|
||||
# for dongle
|
||||
alias irda-dongle-0 tekram
|
||||
alias irda-dongle-1 esi
|
||||
alias irda-dongle-2 actisys
|
||||
alias irda-dongle-3 actisys
|
||||
alias irda-dongle-4 girbil
|
||||
alias irda-dongle-5 litelink
|
||||
alias irda-dongle-6 airport
|
||||
alias irda-dongle-7 old_belkin
|
||||
|
||||
# for FIR device
|
||||
alias irda0 smc-ircc
|
||||
#dongle_id=0x09
|
||||
pre-install smc-ircc /usr/local/sbin/tosh5100-smcinit
|
||||
|
||||
### update-modules: end processing /etc/modutils/irda
|
||||
|
||||
### update-modules: start processing /etc/modutils/paths
|
||||
# This file contains a list of paths that modprobe should scan,
|
||||
# beside the once that are compiled into the modutils tools
|
||||
# themselves.
|
||||
|
||||
|
||||
### update-modules: end processing /etc/modutils/paths
|
||||
|
||||
### update-modules: start processing /etc/modutils/pcmcia
|
||||
pre-install ide-cs /etc/init.d/irda stop
|
||||
post-remove ide-cs /etc/init.d/irda start
|
||||
|
||||
|
||||
|
||||
### update-modules: end processing /etc/modutils/pcmcia
|
||||
|
||||
### update-modules: start processing /etc/modutils/ppp
|
||||
alias /dev/ppp ppp_generic
|
||||
alias char-major-108 ppp_generic
|
||||
alias tty-ldisc-3 ppp_async
|
||||
alias tty-ldisc-14 ppp_synctty
|
||||
alias ppp-compress-21 bsd_comp
|
||||
alias ppp-compress-24 ppp_deflate
|
||||
alias ppp-compress-26 ppp_deflate
|
||||
|
||||
### update-modules: end processing /etc/modutils/ppp
|
||||
|
||||
### update-modules: start processing /etc/modutils/setserial
|
||||
#
|
||||
# This is what I wanted to do, but logger is in /usr/bin, which isn't loaded
|
||||
# when the module is first loaded into the kernel at boot time!
|
||||
#
|
||||
#post-install serial /etc/init.d/setserial start | logger -p daemon.info -t "setserial-module reload"
|
||||
#pre-remove serial /etc/init.d/setserial stop | logger -p daemon.info -t "setserial-module uload"
|
||||
#
|
||||
alias /dev/tts serial
|
||||
alias /dev/tts/0 serial
|
||||
alias /dev/tts/1 serial
|
||||
alias /dev/tts/2 serial
|
||||
alias /dev/tts/3 serial
|
||||
post-install serial /etc/init.d/setserial modload > /dev/null 2> /dev/null
|
||||
pre-remove serial /etc/init.d/setserial modsave > /dev/null 2> /dev/null
|
||||
|
||||
### update-modules: end processing /etc/modutils/setserial
|
||||
|
||||
### update-modules: start processing /etc/modutils/sound
|
||||
# ALSA portion
|
||||
alias char-major-116 snd
|
||||
# OSS/Free portion
|
||||
alias char-major-14 soundcore
|
||||
alias snd-card-0 snd-intel8x0
|
||||
alias sound-slot-0 snd-card-0
|
||||
# OSS/Free portion - card #1
|
||||
alias sound-service-0-0 snd-mixer-oss
|
||||
alias sound-service-0-1 snd-seq-oss
|
||||
alias sound-service-0-3 snd-pcm-oss
|
||||
alias sound-service-0-8 snd-seq-oss
|
||||
alias sound-service-0-12 snd-pcm-oss
|
||||
alias sound-service-1-0 off
|
||||
alias sound-slot-1 off
|
||||
#gentoo suggestion
|
||||
alias /dev/dsp snd-pcm-oss
|
||||
alias /dev/mixer snd-mixer-oss
|
||||
alias /dev/midi snd-seq-oss
|
||||
|
||||
|
||||
### update-modules: end processing /etc/modutils/sound
|
||||
|
||||
### update-modules: start processing /etc/modutils/toshutils
|
||||
alias char-major-10-181 toshiba
|
||||
options toshiba tosh_fn=0x62
|
||||
### update-modules: end processing /etc/modutils/toshutils
|
||||
|
||||
### update-modules: start processing /etc/modutils/usb
|
||||
options usb-uhci debug 3
|
||||
post-install belkin_sa /usr/local/sbin/belkin-usb-serial
|
||||
|
||||
|
||||
### update-modules: end processing /etc/modutils/usb
|
||||
|
||||
### update-modules: start processing /etc/modutils/arch/i386
|
||||
#alias parport_lowlevel parport_pc
|
||||
alias char-major-10-144 nvram
|
||||
alias binfmt-0064 binfmt_aout
|
||||
alias char-major-10-135 rtc
|
||||
|
||||
alias parport_lowlevel off
|
||||
alias char-major-6 off
|
||||
|
||||
### update-modules: end processing /etc/modutils/arch/i386
|
||||
|
|
@ -1,97 +0,0 @@
|
|||
# This is a basic configuration file with some examples, for device mapper
|
||||
# multipath.
|
||||
# For a complete list of the default configuration values, see
|
||||
# /usr/share/doc/device-mapper-multipath-0.4.8/multipath.conf.defaults
|
||||
# For a list of configuration options with descriptions, see
|
||||
# /usr/share/doc/device-mapper-multipath-0.4.8/multipath.conf.annotated
|
||||
|
||||
|
||||
# Blacklist all devices by default. Remove this to enable multipathing
|
||||
# on the default devices.
|
||||
blacklist {
|
||||
devnode "*"
|
||||
}
|
||||
|
||||
# By default, devices with vendor = "IBM" and product = "S/390.*" are
|
||||
# blacklisted. To enable mulitpathing on these devies, uncomment the
|
||||
# following lines.
|
||||
blacklist_exceptions {
|
||||
device {
|
||||
vendor "IBM"
|
||||
product "S/390.*"
|
||||
}
|
||||
}
|
||||
|
||||
## Use user friendly names, instead of using WWIDs as names.
|
||||
defaults {
|
||||
user_friendly_names yes
|
||||
}
|
||||
#
|
||||
# Here is an example of how to configure some standard options.
|
||||
#
|
||||
|
||||
defaults {
|
||||
udev_dir /dev
|
||||
polling_interval 10
|
||||
selector "round-robin 0"
|
||||
path_grouping_policy multibus
|
||||
getuid_callout "/sbin/scsi_id --whitelisted /dev/%n"
|
||||
prio alua
|
||||
path_checker readsector0
|
||||
rr_min_io 100
|
||||
max_fds 8192
|
||||
rr_weight priorities
|
||||
failback immediate
|
||||
no_path_retry fail
|
||||
user_friendly_names yes
|
||||
}
|
||||
#
|
||||
# The wwid line in the following blacklist section is shown as an example
|
||||
# of how to blacklist devices by wwid. The 2 devnode lines are the
|
||||
# compiled in default blacklist. If you want to blacklist entire types
|
||||
# of devices, such as all scsi devices, you should use a devnode line.
|
||||
# However, if you want to blacklist specific devices, you should use
|
||||
# a wwid line. Since there is no guarantee that a specific device will
|
||||
# not change names on reboot (from /dev/sda to /dev/sdb for example)
|
||||
# devnode lines are not recommended for blacklisting specific devices.
|
||||
#
|
||||
blacklist {
|
||||
wwid 26353900f02796769
|
||||
devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st)[0-9]*"
|
||||
devnode "^hd[a-z]"
|
||||
}
|
||||
multipaths {
|
||||
multipath {
|
||||
wwid 3600508b4000156d700012000000b0000
|
||||
alias yellow
|
||||
path_grouping_policy multibus
|
||||
path_checker readsector0
|
||||
path_selector "round-robin 0"
|
||||
failback manual
|
||||
rr_weight priorities
|
||||
no_path_retry 5
|
||||
}
|
||||
multipath {
|
||||
wwid 1DEC_____321816758474
|
||||
alias red
|
||||
}
|
||||
}
|
||||
devices {
|
||||
device {
|
||||
vendor "COMPAQ "
|
||||
product "HSV110 (C)COMPAQ"
|
||||
path_grouping_policy multibus
|
||||
getuid_callout "/sbin/scsi_id --whitelisted /dev/%n"
|
||||
path_checker readsector0
|
||||
path_selector "round-robin 0"
|
||||
hardware_handler "0"
|
||||
failback 15
|
||||
rr_weight priorities
|
||||
no_path_retry queue
|
||||
}
|
||||
device {
|
||||
vendor "COMPAQ "
|
||||
product "MSA1000 "
|
||||
path_grouping_policy multibus
|
||||
}
|
||||
}
|
|
@ -1,39 +0,0 @@
|
|||
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
|
||||
|
||||
# The loopback interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
# The first network card - this entry was created during the Debian installation
|
||||
## auto eth0
|
||||
iface eth0 inet dhcp
|
||||
pre-up /etc/init.d/ntp-server stop || true
|
||||
up /etc/init.d/ntpdate restart || true
|
||||
up /etc/init.d/ntp-server start || true
|
||||
|
||||
iface eth0-0 inet static
|
||||
address 134.158.129.99
|
||||
netmask 255.255.254.0
|
||||
network 134.158.128.0
|
||||
broadcast 134.158.129.255
|
||||
gateway 134.158.128.1
|
||||
|
||||
iface eth0-2 inet static
|
||||
address 192.168.1.160
|
||||
netmask 255.255.255.0
|
||||
network 192.168.1.0
|
||||
broadcast 192.168.1.255
|
||||
gateway 192.168.1.1
|
||||
|
||||
iface eth0-3 inet static
|
||||
address 192.168.1.7
|
||||
netmask 255.255.255.0
|
||||
network 192.168.1.0
|
||||
broadcast 192.168.1.255
|
||||
|
||||
iface adsl0 inet dhcp
|
||||
pre-up /sbin/modprobe adiusbadsl
|
||||
pre-up /usr/sbin/adictrl -i
|
||||
pre-up /usr/sbin/adictrl -f
|
||||
pre-up /usr/sbin/adictrl -d
|
||||
pre-up /usr/sbin/adictrl -s
|
|
@ -1,117 +0,0 @@
|
|||
|
||||
user nobody;
|
||||
worker_processes 1;
|
||||
|
||||
error_log logs/error.log;
|
||||
error_log logs/error.log notice;
|
||||
error_log logs/error.log info;
|
||||
|
||||
pid logs/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log logs/access.log main;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
|
||||
keepalive_timeout 0;
|
||||
keepalive_timeout 65;
|
||||
|
||||
gzip on;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name localhost;
|
||||
|
||||
charset koi8-r;
|
||||
|
||||
access_log logs/host.access.log main;
|
||||
|
||||
location / {
|
||||
root html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
error_page 404 /404.html;
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root html;
|
||||
}
|
||||
|
||||
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
||||
|
||||
location ~ \.php$ {
|
||||
proxy_pass http://127.0.0.1;
|
||||
}
|
||||
|
||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||||
#
|
||||
location ~ \.php$ {
|
||||
root html;
|
||||
fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
||||
include fastcgi_params;
|
||||
}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# another virtual host using mix of IP-, name-, and port-based configuration
|
||||
|
||||
server {
|
||||
listen 8000;
|
||||
listen somename:8080;
|
||||
server_name somename alias another.alias;
|
||||
|
||||
location / {
|
||||
root html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# HTTPS server
|
||||
#
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name localhost;
|
||||
|
||||
ssl_certificate cert.pem;
|
||||
ssl_certificate_key cert.key;
|
||||
|
||||
ssl_session_cache shared:SSL:1m;
|
||||
ssl_session_timeout 5m;
|
||||
|
||||
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
location / {
|
||||
root html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -1 +0,0 @@
|
|||
#
|
|
@ -1,126 +0,0 @@
|
|||
# /etc/nslcd.conf
|
||||
# nslcd configuration file. See nslcd.conf(5)
|
||||
# for details.
|
||||
|
||||
# Specifies the number of threads to start that can handle requests and perform LDAP queries.
|
||||
threads 5
|
||||
|
||||
# The user and group nslcd should run as.
|
||||
uid nslcd
|
||||
gid nslcd
|
||||
|
||||
# This option controls the way logging is done.
|
||||
log syslog info
|
||||
|
||||
# The location at which the LDAP server(s) should be reachable.
|
||||
uri ldaps://XXX.XXX.XXX
|
||||
|
||||
# The search base that will be used for all queries.
|
||||
base dc=XXX,dc=XXX
|
||||
|
||||
# The LDAP protocol version to use.
|
||||
ldap_version 3
|
||||
|
||||
# The DN to bind with for normal lookups.
|
||||
binddn cn=annonymous,dc=example,dc=net
|
||||
bindpw secret
|
||||
|
||||
|
||||
# The DN used for password modifications by root.
|
||||
rootpwmoddn cn=admin,dc=example,dc=com
|
||||
|
||||
# The password used for password modifications by root.
|
||||
rootpwmodpw XXXXXX
|
||||
|
||||
|
||||
# SASL authentication options
|
||||
sasl_mech OTP
|
||||
sasl_realm realm
|
||||
sasl_authcid authcid
|
||||
sasl_authzid dn:cn=annonymous,dc=example,dc=net
|
||||
sasl_secprops noanonymous,noplain,minssf=0,maxssf=2,maxbufsize=65535
|
||||
sasl_canonicalize yes
|
||||
|
||||
# Kerberos authentication options
|
||||
krb5_ccname ccname
|
||||
|
||||
# Search/mapping options
|
||||
|
||||
# Specifies the base distinguished name (DN) to use as search base.
|
||||
base dc=people,dc=example,dc=com
|
||||
base dc=morepeople,dc=example,dc=com
|
||||
base alias dc=aliases,dc=example,dc=com
|
||||
base alias dc=morealiases,dc=example,dc=com
|
||||
base group dc=group,dc=example,dc=com
|
||||
base group dc=moregroup,dc=example,dc=com
|
||||
base passwd dc=users,dc=example,dc=com
|
||||
|
||||
# Specifies the search scope (subtree, onelevel, base or children).
|
||||
scope sub
|
||||
scope passwd sub
|
||||
scope aliases sub
|
||||
|
||||
# Specifies the policy for dereferencing aliases.
|
||||
deref never
|
||||
|
||||
# Specifies whether automatic referral chasing should be enabled.
|
||||
referrals yes
|
||||
|
||||
# The FILTER is an LDAP search filter to use for a specific map.
|
||||
filter passwd (objectClass=posixAccount)
|
||||
|
||||
# This option allows for custom attributes to be looked up instead of the default RFC 2307 attributes.
|
||||
map passwd homeDirectory \"${homeDirectory:-/home/$uid}\"
|
||||
map passwd loginShell \"${loginShell:-/bin/bash}\"
|
||||
map shadow userPassword myPassword
|
||||
|
||||
# Timing/reconnect options
|
||||
|
||||
# Specifies the time limit (in seconds) to use when connecting to the directory server.
|
||||
bind_timelimit 30
|
||||
|
||||
# Specifies the time limit (in seconds) to wait for a response from the LDAP server.
|
||||
timelimit 5
|
||||
|
||||
# Specifies the period if inactivity (in seconds) after which the connection to the LDAP server will be closed.
|
||||
idle_timelimit 10
|
||||
|
||||
# Specifies the number of seconds to sleep when connecting to all LDAP servers fails.
|
||||
reconnect_sleeptime 10
|
||||
|
||||
# Specifies the time after which the LDAP server is considered to be permanently unavailable.
|
||||
reconnect_retrytime 10
|
||||
|
||||
# SSL/TLS options
|
||||
|
||||
# Specifies whether to use SSL/TLS or not (the default is not to).
|
||||
ssl start_tls
|
||||
# Specifies what checks to perform on a server-supplied certificate.
|
||||
tls_reqcert never
|
||||
# Specifies the directory containing X.509 certificates for peer authentication.
|
||||
tls_cacertdir /etc/ssl/ca
|
||||
# Specifies the path to the X.509 certificate for peer authentication.
|
||||
tls_cacertfile /etc/ssl/certs/ca-certificates.crt
|
||||
# Specifies the path to an entropy source.
|
||||
tls_randfile /dev/random
|
||||
# Specifies the ciphers to use for TLS.
|
||||
tls_ciphers TLSv1
|
||||
# Specifies the path to the file containing the local certificate for client TLS authentication.
|
||||
tls_cert /etc/ssl/certs/cert.pem
|
||||
# Specifies the path to the file containing the private key for client TLS authentication.
|
||||
tls_key /etc/ssl/private/cert.pem
|
||||
|
||||
# Other options
|
||||
pagesize 100
|
||||
nss_initgroups_ignoreusers user1,user2,user3
|
||||
nss_min_uid 1000
|
||||
nss_nested_groups yes
|
||||
nss_getgrent_skipmembers yes
|
||||
nss_disable_enumeration yes
|
||||
validnames /^[a-z0-9._@$()]([a-z0-9._@$() \\~-]*[a-z0-9._@$()~-])?$/i
|
||||
ignorecase yes
|
||||
pam_authc_ppolicy yes
|
||||
pam_authz_search (&(objectClass=posixAccount)(uid=$username)(|(authorizedService=$service)(!(authorizedService=*))))
|
||||
pam_password_prohibit_message "MESSAGE LONG AND WITH SPACES"
|
||||
reconnect_invalidate nfsidmap,db2,db3
|
||||
cache dn2uid 1s 2h
|
|
@ -1,50 +0,0 @@
|
|||
# Permit time synchronization with our time source, but do not
|
||||
# permit the source to query or modify the service on this system.
|
||||
restrict default kod nomodify notrap nopeer noquery
|
||||
restrict -6 default kod nomodify notrap nopeer noquery
|
||||
|
||||
# Permit all access over the loopback interface. This could
|
||||
# be tightened as well, but to do so would effect some of
|
||||
# the administrative functions.
|
||||
restrict 127.0.0.1
|
||||
restrict -6 ::1
|
||||
|
||||
# Hosts on local network are less restricted.
|
||||
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
|
||||
|
||||
# Use public servers from the pool.ntp.org project.
|
||||
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
|
||||
server 0.centos.pool.ntp.org
|
||||
server 1.centos.pool.ntp.org
|
||||
server 2.centos.pool.ntp.org
|
||||
|
||||
broadcast 192.168.1.255 key 42 # broadcast server
|
||||
broadcastclient # broadcast client
|
||||
broadcast 224.0.1.1 key 42 # multicast server
|
||||
multicastclient 224.0.1.1 # multicast client
|
||||
manycastserver 239.255.254.254 # manycast server
|
||||
manycastclient 239.255.254.254 key 42 # manycast client
|
||||
|
||||
# Undisciplined Local Clock. This is a fake driver intended for backup
|
||||
# and when no outside source of synchronized time is available.
|
||||
server 127.127.1.0 # local clock
|
||||
fudge 127.127.1.0 stratum 10
|
||||
|
||||
# Drift file. Put this in a directory which the daemon can write to.
|
||||
# No symbolic links allowed, either, since the daemon updates the file
|
||||
# by creating a temporary in the same directory and then rename()'ing
|
||||
# it to the file.
|
||||
driftfile /var/lib/ntp/drift
|
||||
|
||||
# Key file containing the keys and key identifiers used when operating
|
||||
# with symmetric key cryptography.
|
||||
keys /etc/ntp/keys
|
||||
|
||||
# Specify the key identifiers which are trusted.
|
||||
trustedkey 4 8 42
|
||||
|
||||
# Specify the key identifier to use with the ntpdc utility.
|
||||
requestkey 8
|
||||
|
||||
# Specify the key identifier to use with the ntpq utility.
|
||||
controlkey 8
|
|
@ -1,15 +0,0 @@
|
|||
#%PAM-1.0
|
||||
auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
|
||||
auth include system-auth
|
||||
account required pam_nologin.so
|
||||
account include system-auth
|
||||
password include system-auth
|
||||
# pam_selinux.so close should be the first session rule
|
||||
session required pam_selinux.so close
|
||||
session optional pam_keyinit.so force revoke
|
||||
session include system-auth
|
||||
session required pam_loginuid.so
|
||||
session optional pam_console.so
|
||||
# pam_selinux.so open should only be followed by sessions to be executed in the user context
|
||||
session required pam_selinux.so open
|
||||
session optional pam_ck_connector.so
|
|
@ -1,5 +0,0 @@
|
|||
#%PAM-1.0
|
||||
auth include system-auth
|
||||
account include system-auth
|
||||
password include system-auth
|
||||
session required pam_namespace.so unmnt_remnt no_unmount_on_close
|
|
@ -1,3 +0,0 @@
|
|||
#%PAM-1.0
|
||||
auth include system-auth
|
||||
account include system-auth
|
|
@ -1,19 +0,0 @@
|
|||
root:x:0:0:root:/root:/bin/bash
|
||||
bin:x:1:1:bin:/bin:/sbin/nologin
|
||||
daemon:x:2:2:daemon:/sbin:/sbin/nologin
|
||||
adm:x:3:4:adm:/var/adm:/sbin/nologin
|
||||
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
|
||||
sync:x:5:0:sync:/sbin:/bin/sync
|
||||
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
|
||||
halt:x:7:0:halt:/sbin:/sbin/halt
|
||||
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
|
||||
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
|
||||
operator:x:11:0:operator:/root:/sbin/nologin
|
||||
games:x:12:100:games:/usr/games:/sbin/nologin
|
||||
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
|
||||
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
|
||||
nobody:x:99:99:Nobody:/:/sbin/nologin
|
||||
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
|
||||
rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/sbin/nologin
|
||||
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
|
||||
nfsnobody:x:4294967294:499:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
|
1221
root/etc/php.ini
1221
root/etc/php.ini
File diff suppressed because it is too large
Load Diff
|
@ -1,29 +0,0 @@
|
|||
[main]
|
||||
# Where Puppet stores dynamic and growing data.
|
||||
# The default value is '/var/puppet'.
|
||||
vardir = /var/lib/puppet
|
||||
|
||||
# The Puppet log directory.
|
||||
# The default value is '$vardir/log'.
|
||||
logdir = /var/log/puppet
|
||||
|
||||
# Where Puppet PID files are kept.
|
||||
# The default value is '$vardir/run'.
|
||||
rundir = /var/run/puppet
|
||||
|
||||
# Where SSL certificates are kept.
|
||||
# The default value is '$confdir/ssl'.
|
||||
ssldir = $vardir/ssl
|
||||
|
||||
[puppetd]
|
||||
# The file in which puppetd stores a list of the classes
|
||||
# associated with the retrieved configuratiion. Can be loaded in
|
||||
# the separate ``puppet`` executable using the ``--loadclasses``
|
||||
# option.
|
||||
# The default value is '$confdir/classes.txt'.
|
||||
classfile = $vardir/classes.txt
|
||||
|
||||
# Where puppetd caches the local configuration. An
|
||||
# extension indicating the cache format is added automatically.
|
||||
# The default value is '$confdir/localconfig'.
|
||||
localconfig = $vardir/localconfig
|
|
@ -1,6 +0,0 @@
|
|||
; Created by cloud-init on instance boot automatically, do not edit.
|
||||
;
|
||||
search awsqualif.net aws.eu-west-1.censured_here
|
||||
nameserver 192.168.0.1
|
||||
nameserver 192.168.0.2
|
||||
options timeout:2 rotate
|
|
@ -1,288 +0,0 @@
|
|||
# This is the main Samba configuration file. You should read the
|
||||
# smb.conf(5) manual page in order to understand the options listed
|
||||
# here. Samba has a huge number of configurable options (perhaps too
|
||||
# many!) most of which are not shown in this example
|
||||
#
|
||||
# For a step to step guide on installing, configuring and using samba,
|
||||
# read the Samba-HOWTO-Collection. This may be obtained from:
|
||||
# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf
|
||||
#
|
||||
# Many working examples of smb.conf files can be found in the
|
||||
# Samba-Guide which is generated daily and can be downloaded from:
|
||||
# http://www.samba.org/samba/docs/Samba-Guide.pdf
|
||||
#
|
||||
# Any line which starts with a ; (semi-colon) or a # (hash)
|
||||
# is a comment and is ignored. In this example we will use a #
|
||||
# for commentry and a ; for parts of the config file that you
|
||||
# may wish to enable
|
||||
#
|
||||
# NOTE: Whenever you modify this file you should run the command "testparm"
|
||||
# to check that you have not made any basic syntactic errors.
|
||||
#
|
||||
#---------------
|
||||
# SELINUX NOTES:
|
||||
#
|
||||
# If you want to use the useradd/groupadd family of binaries please run:
|
||||
# setsebool -P samba_domain_controller on
|
||||
#
|
||||
# If you want to share home directories via samba please run:
|
||||
# setsebool -P samba_enable_home_dirs on
|
||||
#
|
||||
# If you create a new directory you want to share you should mark it as
|
||||
# "samba-share_t" so that selinux will let you write into it.
|
||||
# Make sure not to do that on system directories as they may already have
|
||||
# been marked with othe SELinux labels.
|
||||
#
|
||||
# Use ls -ldZ /path to see which context a directory has
|
||||
#
|
||||
# Set labels only on directories you created!
|
||||
# To set a label use the following: chcon -t samba_share_t /path
|
||||
#
|
||||
# If you need to share a system created directory you can use one of the
|
||||
# following (read-only/read-write):
|
||||
# setsebool -P samba_export_all_ro on
|
||||
# or
|
||||
# setsebool -P samba_export_all_rw on
|
||||
#
|
||||
# If you want to run scripts (preexec/root prexec/print command/...) please
|
||||
# put them into the /var/lib/samba/scripts directory so that smbd will be
|
||||
# allowed to run them.
|
||||
# Make sure you COPY them and not MOVE them so that the right SELinux context
|
||||
# is applied, to check all is ok use restorecon -R -v /var/lib/samba/scripts
|
||||
#
|
||||
#--------------
|
||||
#
|
||||
#======================= Global Settings =====================================
|
||||
|
||||
[global]
|
||||
|
||||
# ----------------------- Netwrok Related Options -------------------------
|
||||
#
|
||||
# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH
|
||||
#
|
||||
# server string is the equivalent of the NT Description field
|
||||
#
|
||||
# netbios name can be used to specify a server name not tied to the hostname
|
||||
#
|
||||
# Interfaces lets you configure Samba to use multiple interfaces
|
||||
# If you have multiple network interfaces then you can list the ones
|
||||
# you want to listen on (never omit localhost)
|
||||
#
|
||||
# Hosts Allow/Hosts Deny lets you restrict who can connect, and you can
|
||||
# specify it as a per share option as well
|
||||
#
|
||||
workgroup = MYGROUP
|
||||
server string = Samba Server Version %v
|
||||
|
||||
; netbios name = MYSERVER
|
||||
|
||||
; interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
|
||||
; hosts allow = 127. 192.168.12. 192.168.13.
|
||||
|
||||
# --------------------------- Logging Options -----------------------------
|
||||
#
|
||||
# Log File let you specify where to put logs and how to split them up.
|
||||
#
|
||||
# Max Log Size let you specify the max size log files should reach
|
||||
|
||||
# logs split per machine
|
||||
log file = /var/log/samba/log.%m
|
||||
# max 50KB per log file, then rotate
|
||||
max log size = 50
|
||||
|
||||
# ----------------------- Standalone Server Options ------------------------
|
||||
#
|
||||
# Scurity can be set to user, share(deprecated) or server(deprecated)
|
||||
#
|
||||
# Backend to store user information in. New installations should
|
||||
# use either tdbsam or ldapsam. smbpasswd is available for backwards
|
||||
# compatibility. tdbsam requires no further configuration.
|
||||
|
||||
security = user
|
||||
passdb backend = tdbsam
|
||||
|
||||
|
||||
# ----------------------- Domain Members Options ------------------------
|
||||
#
|
||||
# Security must be set to domain or ads
|
||||
#
|
||||
# Use the realm option only with security = ads
|
||||
# Specifies the Active Directory realm the host is part of
|
||||
#
|
||||
# Backend to store user information in. New installations should
|
||||
# use either tdbsam or ldapsam. smbpasswd is available for backwards
|
||||
# compatibility. tdbsam requires no further configuration.
|
||||
#
|
||||
# Use password server option only with security = server or if you can't
|
||||
# use the DNS to locate Domain Controllers
|
||||
# The argument list may include:
|
||||
# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name]
|
||||
# or to auto-locate the domain controller/s
|
||||
# password server = *
|
||||
|
||||
|
||||
; security = domain
|
||||
; passdb backend = tdbsam
|
||||
; realm = MY_REALM
|
||||
|
||||
; password server = <NT-Server-Name>
|
||||
|
||||
# ----------------------- Domain Controller Options ------------------------
|
||||
#
|
||||
# Security must be set to user for domain controllers
|
||||
#
|
||||
# Backend to store user information in. New installations should
|
||||
# use either tdbsam or ldapsam. smbpasswd is available for backwards
|
||||
# compatibility. tdbsam requires no further configuration.
|
||||
#
|
||||
# Domain Master specifies Samba to be the Domain Master Browser. This
|
||||
# allows Samba to collate browse lists between subnets. Don't use this
|
||||
# if you already have a Windows NT domain controller doing this job
|
||||
#
|
||||
# Domain Logons let Samba be a domain logon server for Windows workstations.
|
||||
#
|
||||
# Logon Scrpit let yuou specify a script to be run at login time on the client
|
||||
# You need to provide it in a share called NETLOGON
|
||||
#
|
||||
# Logon Path let you specify where user profiles are stored (UNC path)
|
||||
#
|
||||
# Various scripts can be used on a domain controller or stand-alone
|
||||
# machine to add or delete corresponding unix accounts
|
||||
#
|
||||
; security = user
|
||||
; passdb backend = tdbsam
|
||||
|
||||
; domain master = yes
|
||||
; domain logons = yes
|
||||
|
||||
# the login script name depends on the machine name
|
||||
; logon script = %m.bat
|
||||
# the login script name depends on the unix user used
|
||||
; logon script = %u.bat
|
||||
; logon path = \\%L\Profiles\%u
|
||||
# disables profiles support by specifying an empty path
|
||||
; logon path =
|
||||
|
||||
; add user script = /usr/sbin/useradd "%u" -n -g users
|
||||
; add group script = /usr/sbin/groupadd "%g"
|
||||
; add machine script = /usr/sbin/useradd -n -c "Workstation (%u)" -M -d /nohome -s /bin/false "%u"
|
||||
; delete user script = /usr/sbin/userdel "%u"
|
||||
; delete user from group script = /usr/sbin/userdel "%u" "%g"
|
||||
; delete group script = /usr/sbin/groupdel "%g"
|
||||
|
||||
|
||||
# ----------------------- Browser Control Options ----------------------------
|
||||
#
|
||||
# set local master to no if you don't want Samba to become a master
|
||||
# browser on your network. Otherwise the normal election rules apply
|
||||
#
|
||||
# OS Level determines the precedence of this server in master browser
|
||||
# elections. The default value should be reasonable
|
||||
#
|
||||
# Preferred Master causes Samba to force a local browser election on startup
|
||||
# and gives it a slightly higher chance of winning the election
|
||||
; local master = no
|
||||
; os level = 33
|
||||
; preferred master = yes
|
||||
|
||||
#----------------------------- Name Resolution -------------------------------
|
||||
# Windows Internet Name Serving Support Section:
|
||||
# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both
|
||||
#
|
||||
# - WINS Support: Tells the NMBD component of Samba to enable it's WINS Server
|
||||
#
|
||||
# - WINS Server: Tells the NMBD components of Samba to be a WINS Client
|
||||
#
|
||||
# - WINS Proxy: Tells Samba to answer name resolution queries on
|
||||
# behalf of a non WINS capable client, for this to work there must be
|
||||
# at least one WINS Server on the network. The default is NO.
|
||||
#
|
||||
# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names
|
||||
# via DNS nslookups.
|
||||
|
||||
; wins support = yes
|
||||
; wins server = w.x.y.z
|
||||
; wins proxy = yes
|
||||
|
||||
; dns proxy = yes
|
||||
|
||||
# --------------------------- Printing Options -----------------------------
|
||||
#
|
||||
# Load Printers let you load automatically the list of printers rather
|
||||
# than setting them up individually
|
||||
#
|
||||
# Cups Options let you pass the cups libs custom options, setting it to raw
|
||||
# for example will let you use drivers on your Windows clients
|
||||
#
|
||||
# Printcap Name let you specify an alternative printcap file
|
||||
#
|
||||
# You can choose a non default printing system using the Printing option
|
||||
|
||||
load printers = yes
|
||||
cups options = raw
|
||||
|
||||
; printcap name = /etc/printcap
|
||||
#obtain list of printers automatically on SystemV
|
||||
; printcap name = lpstat
|
||||
; printing = cups
|
||||
|
||||
# --------------------------- Filesystem Options ---------------------------
|
||||
#
|
||||
# The following options can be uncommented if the filesystem supports
|
||||
# Extended Attributes and they are enabled (usually by the mount option
|
||||
# user_xattr). Thess options will let the admin store the DOS attributes
|
||||
# in an EA and make samba not mess with the permission bits.
|
||||
#
|
||||
# Note: these options can also be set just per share, setting them in global
|
||||
# makes them the default for all shares
|
||||
|
||||
; map archive = no
|
||||
; map hidden = no
|
||||
; map read only = no
|
||||
; map system = no
|
||||
; store dos attributes = yes
|
||||
|
||||
|
||||
#============================ Share Definitions ==============================
|
||||
|
||||
[homes]
|
||||
comment = Home Directories
|
||||
browseable = no
|
||||
writable = yes
|
||||
; valid users = %S
|
||||
; valid users = MYDOMAIN\%S
|
||||
|
||||
[printers]
|
||||
comment = All Printers
|
||||
path = /var/spool/samba
|
||||
browseable = no
|
||||
guest ok = no
|
||||
writable = no
|
||||
printable = yes
|
||||
|
||||
# Un-comment the following and create the netlogon directory for Domain Logons
|
||||
; [netlogon]
|
||||
; comment = Network Logon Service
|
||||
; path = /var/lib/samba/netlogon
|
||||
; guest ok = yes
|
||||
; writable = no
|
||||
; share modes = no
|
||||
|
||||
|
||||
# Un-comment the following to provide a specific roving profile share
|
||||
# the default is to use the user's home directory
|
||||
; [Profiles]
|
||||
; path = /var/lib/samba/profiles
|
||||
; browseable = no
|
||||
; guest ok = yes
|
||||
|
||||
|
||||
# A publicly accessible directory, but read only, except for people in
|
||||
# the "staff" group
|
||||
; [public]
|
||||
; comment = Public Stuff
|
||||
; path = /home/samba
|
||||
; public = yes
|
||||
; writable = yes
|
||||
; printable = no
|
||||
; write list = +staff
|
|
@ -1,58 +0,0 @@
|
|||
# /etc/security/limits.conf
|
||||
#
|
||||
#Each line describes a limit for a user in the form:
|
||||
#
|
||||
#<domain> <type> <item> <value>
|
||||
#
|
||||
#Where:
|
||||
#<domain> can be:
|
||||
# - an user name
|
||||
# - a group name, with @group syntax
|
||||
# - the wildcard *, for default entry
|
||||
# - the wildcard %, can be also used with %group syntax,
|
||||
# for maxlogin limit
|
||||
#
|
||||
#<type> can have the two values:
|
||||
# - "soft" for enforcing the soft limits
|
||||
# - "hard" for enforcing hard limits
|
||||
#
|
||||
#<item> can be one of the following:
|
||||
# - core - limits the core file size (KB)
|
||||
# - data - max data size (KB)
|
||||
# - fsize - maximum filesize (KB)
|
||||
# - memlock - max locked-in-memory address space (KB)
|
||||
# - nofile - max number of open files
|
||||
# - rss - max resident set size (KB)
|
||||
# - stack - max stack size (KB)
|
||||
# - cpu - max CPU time (MIN)
|
||||
# - nproc - max number of processes
|
||||
# - as - address space limit
|
||||
# - maxlogins - max number of logins for this user
|
||||
# - maxsyslogins - max number of logins on the system
|
||||
# - priority - the priority to run user process with
|
||||
# - locks - max number of file locks the user can hold
|
||||
# - sigpending - max number of pending signals
|
||||
# - msgqueue - max memory used by POSIX message queues (bytes)
|
||||
# - nice - max nice priority allowed to raise to
|
||||
# - rtprio - max realtime priority
|
||||
#
|
||||
#<domain> <type> <item> <value>
|
||||
#
|
||||
|
||||
#* soft core 0
|
||||
#* hard rss 10000
|
||||
#@student hard nproc 20
|
||||
#@faculty soft nproc 20
|
||||
#@faculty hard nproc 50
|
||||
#ftp hard nproc 0
|
||||
#@student - maxlogins 4
|
||||
|
||||
# End of file
|
||||
|
||||
## Automatically appended by jack-audio-connection-kit
|
||||
@jackuser - rtprio 20
|
||||
@jackuser - memlock 4194304
|
||||
|
||||
## Automatically appended by jack-audio-connection-kit
|
||||
@pulse-rt - rtprio 20
|
||||
@pulse-rt - nice -20
|
|
@ -1,60 +0,0 @@
|
|||
# Authors: Jason Tang <jtang@tresys.com>
|
||||
#
|
||||
# Copyright (C) 2004-2005 Tresys Technology, LLC
|
||||
#
|
||||
# This library is free software; you can redistribute it and/or
|
||||
# modify it under the terms of the GNU Lesser General Public
|
||||
# License as published by the Free Software Foundation; either
|
||||
# version 2.1 of the License, or (at your option) any later version.
|
||||
#
|
||||
# This library is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
# Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public
|
||||
# License along with this library; if not, write to the Free Software
|
||||
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
||||
#
|
||||
# Specify how libsemanage will interact with a SELinux policy manager.
|
||||
# The four options are:
|
||||
#
|
||||
# "source" - libsemanage manipulates a source SELinux policy
|
||||
# "direct" - libsemanage will write directly to a module store.
|
||||
# /foo/bar - Write by way of a policy management server, whose
|
||||
# named socket is at /foo/bar. The path must begin
|
||||
# with a '/'.
|
||||
# foo.com:4242 - Establish a TCP connection to a remote policy
|
||||
# management server at foo.com. If there is a colon
|
||||
# then the remainder is interpreted as a port number;
|
||||
# otherwise default to port 4242.
|
||||
module-store = direct
|
||||
|
||||
# When generating the final linked and expanded policy, by default
|
||||
# semanage will set the policy version to POLICYDB_VERSION_MAX, as
|
||||
# given in <sepol/policydb.h>. Change this setting if a different
|
||||
# version is necessary.
|
||||
#policy-version = 19
|
||||
|
||||
# expand-check check neverallow rules when executing all semanage
|
||||
# commands. There might be a penalty in execution time if this
|
||||
# option is enabled.
|
||||
expand-check=0
|
||||
|
||||
# usepasswd check tells semanage to scan all pass word records for home directories
|
||||
# and setup the labeling correctly. If this is turned off, SELinux will label only /home
|
||||
# and home directories of users with SELinux login mappings defined, see
|
||||
# semanage login -l for the list of such users.
|
||||
# If you want to use a different home directory, you will need to use semanage fcontext command.
|
||||
# For example, if you had home dirs in /althome directory you would have to execute
|
||||
# semanage fcontext -a -e /home /althome
|
||||
usepasswd=False
|
||||
bzip-small=true
|
||||
bzip-blocksize=5
|
||||
ignoredirs=/root;/bin;/boot;/dev;/etc;/lib;/lib64;/proc;/run;/sbin;/sys;/tmp;/usr;/var
|
||||
optimize-policy=true
|
||||
|
||||
[sefcontext_compile]
|
||||
path = /usr/sbin/sefcontext_compile
|
||||
args = -r $@
|
||||
[end]
|
|
@ -1,387 +0,0 @@
|
|||
# /etc/services:
|
||||
# $Id: services,v 1.44 2008/04/07 21:30:33 pknirsch Exp $
|
||||
#
|
||||
#
|
||||
# Truncated version of Fedora's /etc/services, the original is gigantic
|
||||
#
|
||||
# Network services, Internet style
|
||||
#
|
||||
# Note that it is presently the policy of IANA to assign a single well-known
|
||||
# port number for both TCP and UDP; hence, most entries here have two entries
|
||||
# even if the protocol doesn't support UDP operations.
|
||||
# Updated from RFC 1700, ``Assigned Numbers'' (October 1994). Not all ports
|
||||
# are included, only the more common ones.
|
||||
#
|
||||
# The latest IANA port assignments can be gotten from
|
||||
# http://www.iana.org/assignments/port-numbers
|
||||
# The Well Known Ports are those from 0 through 1023.
|
||||
# The Registered Ports are those from 1024 through 49151
|
||||
# The Dynamic and/or Private Ports are those from 49152 through 65535
|
||||
#
|
||||
# Each line describes one service, and is of the form:
|
||||
#
|
||||
# service-name port/protocol [aliases ...] [# comment]
|
||||
|
||||
tcpmux 1/tcp # TCP port service multiplexer
|
||||
tcpmux 1/udp # TCP port service multiplexer
|
||||
rje 5/tcp # Remote Job Entry
|
||||
rje 5/udp # Remote Job Entry
|
||||
echo 7/tcp
|
||||
echo 7/udp
|
||||
discard 9/tcp sink null
|
||||
discard 9/udp sink null
|
||||
systat 11/tcp users
|
||||
systat 11/udp users
|
||||
daytime 13/tcp
|
||||
daytime 13/udp
|
||||
qotd 17/tcp quote
|
||||
qotd 17/udp quote
|
||||
msp 18/tcp # message send protocol
|
||||
msp 18/udp # message send protocol
|
||||
chargen 19/tcp ttytst source
|
||||
chargen 19/udp ttytst source
|
||||
ftp-data 20/tcp
|
||||
ftp-data 20/udp
|
||||
# 21 is registered to ftp, but also used by fsp
|
||||
ftp 21/tcp
|
||||
ftp 21/udp fsp fspd
|
||||
ssh 22/tcp # SSH Remote Login Protocol
|
||||
ssh 22/udp # SSH Remote Login Protocol
|
||||
telnet 23/tcp
|
||||
telnet 23/udp
|
||||
# 24 - private mail system
|
||||
lmtp 24/tcp # LMTP Mail Delivery
|
||||
lmtp 24/udp # LMTP Mail Delivery
|
||||
smtp 25/tcp mail
|
||||
smtp 25/udp mail
|
||||
time 37/tcp timserver
|
||||
time 37/udp timserver
|
||||
rlp 39/tcp resource # resource location
|
||||
rlp 39/udp resource # resource location
|
||||
nameserver 42/tcp name # IEN 116
|
||||
nameserver 42/udp name # IEN 116
|
||||
nicname 43/tcp whois
|
||||
nicname 43/udp whois
|
||||
tacacs 49/tcp # Login Host Protocol (TACACS)
|
||||
tacacs 49/udp # Login Host Protocol (TACACS)
|
||||
re-mail-ck 50/tcp # Remote Mail Checking Protocol
|
||||
re-mail-ck 50/udp # Remote Mail Checking Protocol
|
||||
domain 53/tcp # name-domain server
|
||||
domain 53/udp
|
||||
whois++ 63/tcp
|
||||
whois++ 63/udp
|
||||
bootps 67/tcp # BOOTP server
|
||||
bootps 67/udp
|
||||
bootpc 68/tcp dhcpc # BOOTP client
|
||||
bootpc 68/udp dhcpc
|
||||
tftp 69/tcp
|
||||
tftp 69/udp
|
||||
gopher 70/tcp # Internet Gopher
|
||||
gopher 70/udp
|
||||
netrjs-1 71/tcp # Remote Job Service
|
||||
netrjs-1 71/udp # Remote Job Service
|
||||
netrjs-2 72/tcp # Remote Job Service
|
||||
netrjs-2 72/udp # Remote Job Service
|
||||
netrjs-3 73/tcp # Remote Job Service
|
||||
netrjs-3 73/udp # Remote Job Service
|
||||
netrjs-4 74/tcp # Remote Job Service
|
||||
netrjs-4 74/udp # Remote Job Service
|
||||
finger 79/tcp
|
||||
finger 79/udp
|
||||
http 80/tcp www www-http # WorldWideWeb HTTP
|
||||
http 80/udp www www-http # HyperText Transfer Protocol
|
||||
kerberos 88/tcp kerberos5 krb5 # Kerberos v5
|
||||
kerberos 88/udp kerberos5 krb5 # Kerberos v5
|
||||
supdup 95/tcp
|
||||
supdup 95/udp
|
||||
hostname 101/tcp hostnames # usually from sri-nic
|
||||
hostname 101/udp hostnames # usually from sri-nic
|
||||
iso-tsap 102/tcp tsap # part of ISODE.
|
||||
csnet-ns 105/tcp cso # also used by CSO name server
|
||||
csnet-ns 105/udp cso
|
||||
# unfortunately the poppassd (Eudora) uses a port which has already
|
||||
# been assigned to a different service. We list the poppassd as an
|
||||
# alias here. This should work for programs asking for this service.
|
||||
# (due to a bug in inetd the 3com-tsmux line is disabled)
|
||||
#3com-tsmux 106/tcp poppassd
|
||||
#3com-tsmux 106/udp poppassd
|
||||
rtelnet 107/tcp # Remote Telnet
|
||||
rtelnet 107/udp
|
||||
pop2 109/tcp pop-2 postoffice # POP version 2
|
||||
pop2 109/udp pop-2
|
||||
pop3 110/tcp pop-3 # POP version 3
|
||||
pop3 110/udp pop-3
|
||||
sunrpc 111/tcp portmapper rpcbind # RPC 4.0 portmapper TCP
|
||||
sunrpc 111/udp portmapper rpcbind # RPC 4.0 portmapper UDP
|
||||
auth 113/tcp authentication tap ident
|
||||
auth 113/udp authentication tap ident
|
||||
sftp 115/tcp
|
||||
sftp 115/udp
|
||||
uucp-path 117/tcp
|
||||
uucp-path 117/udp
|
||||
nntp 119/tcp readnews untp # USENET News Transfer Protocol
|
||||
nntp 119/udp readnews untp # USENET News Transfer Protocol
|
||||
ntp 123/tcp
|
||||
ntp 123/udp # Network Time Protocol
|
||||
netbios-ns 137/tcp # NETBIOS Name Service
|
||||
netbios-ns 137/udp
|
||||
netbios-dgm 138/tcp # NETBIOS Datagram Service
|
||||
netbios-dgm 138/udp
|
||||
netbios-ssn 139/tcp # NETBIOS session service
|
||||
netbios-ssn 139/udp
|
||||
imap 143/tcp imap2 # Interim Mail Access Proto v2
|
||||
imap 143/udp imap2
|
||||
snmp 161/tcp # Simple Net Mgmt Proto
|
||||
snmp 161/udp # Simple Net Mgmt Proto
|
||||
snmptrap 162/tcp # SNMPTRAP
|
||||
snmptrap 162/udp snmp-trap # Traps for SNMP
|
||||
cmip-man 163/tcp # ISO mgmt over IP (CMOT)
|
||||
cmip-man 163/udp
|
||||
cmip-agent 164/tcp
|
||||
cmip-agent 164/udp
|
||||
mailq 174/tcp # MAILQ
|
||||
mailq 174/udp # MAILQ
|
||||
xdmcp 177/tcp # X Display Mgr. Control Proto
|
||||
xdmcp 177/udp
|
||||
nextstep 178/tcp NeXTStep NextStep # NeXTStep window
|
||||
nextstep 178/udp NeXTStep NextStep # server
|
||||
bgp 179/tcp # Border Gateway Proto.
|
||||
bgp 179/udp
|
||||
prospero 191/tcp # Cliff Neuman's Prospero
|
||||
prospero 191/udp
|
||||
irc 194/tcp # Internet Relay Chat
|
||||
irc 194/udp
|
||||
smux 199/tcp # SNMP Unix Multiplexer
|
||||
smux 199/udp
|
||||
at-rtmp 201/tcp # AppleTalk routing
|
||||
at-rtmp 201/udp
|
||||
at-nbp 202/tcp # AppleTalk name binding
|
||||
at-nbp 202/udp
|
||||
at-echo 204/tcp # AppleTalk echo
|
||||
at-echo 204/udp
|
||||
at-zis 206/tcp # AppleTalk zone information
|
||||
at-zis 206/udp
|
||||
qmtp 209/tcp # Quick Mail Transfer Protocol
|
||||
qmtp 209/udp # Quick Mail Transfer Protocol
|
||||
z39.50 210/tcp z3950 wais # NISO Z39.50 database
|
||||
z39.50 210/udp z3950 wais
|
||||
ipx 213/tcp # IPX
|
||||
ipx 213/udp
|
||||
imap3 220/tcp # Interactive Mail Access
|
||||
imap3 220/udp # Protocol v3
|
||||
link 245/tcp ttylink
|
||||
link 245/udp ttylink
|
||||
fatserv 347/tcp # Fatmen Server
|
||||
fatserv 347/udp # Fatmen Server
|
||||
rsvp_tunnel 363/tcp
|
||||
rsvp_tunnel 363/udp
|
||||
odmr 366/tcp # odmr required by fetchmail
|
||||
odmr 366/udp # odmr required by fetchmail
|
||||
rpc2portmap 369/tcp
|
||||
rpc2portmap 369/udp # Coda portmapper
|
||||
codaauth2 370/tcp
|
||||
codaauth2 370/udp # Coda authentication server
|
||||
ulistproc 372/tcp ulistserv # UNIX Listserv
|
||||
ulistproc 372/udp ulistserv
|
||||
ldap 389/tcp
|
||||
ldap 389/udp
|
||||
svrloc 427/tcp # Server Location Protocl
|
||||
svrloc 427/udp # Server Location Protocl
|
||||
mobileip-agent 434/tcp
|
||||
mobileip-agent 434/udp
|
||||
mobilip-mn 435/tcp
|
||||
mobilip-mn 435/udp
|
||||
https 443/tcp # MCom
|
||||
https 443/udp # MCom
|
||||
snpp 444/tcp # Simple Network Paging Protocol
|
||||
snpp 444/udp # Simple Network Paging Protocol
|
||||
microsoft-ds 445/tcp
|
||||
microsoft-ds 445/udp
|
||||
kpasswd 464/tcp kpwd # Kerberos "passwd"
|
||||
kpasswd 464/udp kpwd # Kerberos "passwd"
|
||||
photuris 468/tcp
|
||||
photuris 468/udp
|
||||
saft 487/tcp # Simple Asynchronous File Transfer
|
||||
saft 487/udp # Simple Asynchronous File Transfer
|
||||
gss-http 488/tcp
|
||||
gss-http 488/udp
|
||||
pim-rp-disc 496/tcp
|
||||
pim-rp-disc 496/udp
|
||||
isakmp 500/tcp
|
||||
isakmp 500/udp
|
||||
gdomap 538/tcp # GNUstep distributed objects
|
||||
gdomap 538/udp # GNUstep distributed objects
|
||||
iiop 535/tcp
|
||||
iiop 535/udp
|
||||
dhcpv6-client 546/tcp
|
||||
dhcpv6-client 546/udp
|
||||
dhcpv6-server 547/tcp
|
||||
dhcpv6-server 547/udp
|
||||
rtsp 554/tcp # Real Time Stream Control Protocol
|
||||
rtsp 554/udp # Real Time Stream Control Protocol
|
||||
nntps 563/tcp # NNTP over SSL
|
||||
nntps 563/udp # NNTP over SSL
|
||||
whoami 565/tcp
|
||||
whoami 565/udp
|
||||
submission 587/tcp msa # mail message submission
|
||||
submission 587/udp msa # mail message submission
|
||||
npmp-local 610/tcp dqs313_qmaster # npmp-local / DQS
|
||||
npmp-local 610/udp dqs313_qmaster # npmp-local / DQS
|
||||
npmp-gui 611/tcp dqs313_execd # npmp-gui / DQS
|
||||
npmp-gui 611/udp dqs313_execd # npmp-gui / DQS
|
||||
hmmp-ind 612/tcp dqs313_intercell # HMMP Indication / DQS
|
||||
hmmp-ind 612/udp dqs313_intercell # HMMP Indication / DQS
|
||||
ipp 631/tcp # Internet Printing Protocol
|
||||
ipp 631/udp # Internet Printing Protocol
|
||||
ldaps 636/tcp # LDAP over SSL
|
||||
ldaps 636/udp # LDAP over SSL
|
||||
acap 674/tcp
|
||||
acap 674/udp
|
||||
ha-cluster 694/tcp # Heartbeat HA-cluster
|
||||
ha-cluster 694/udp # Heartbeat HA-cluster
|
||||
kerberos-adm 749/tcp # Kerberos `kadmin' (v5)
|
||||
kerberos-adm 749/udp # kerberos administration
|
||||
kerberos-iv 750/udp kerberos4 kerberos-sec kdc loadav
|
||||
kerberos-iv 750/tcp kerberos4 kerberos-sec kdc rfile
|
||||
webster 765/tcp # Network dictionary
|
||||
webster 765/udp
|
||||
phonebook 767/tcp # Network phonebook
|
||||
phonebook 767/udp
|
||||
rsync 873/tcp # rsync
|
||||
rsync 873/udp # rsync
|
||||
rquotad 875/tcp # rquota daemon
|
||||
rquotad 875/udp # rquota daemon
|
||||
telnets 992/tcp
|
||||
telnets 992/udp
|
||||
imaps 993/tcp # IMAP over SSL
|
||||
imaps 993/udp # IMAP over SSL
|
||||
ircs 994/tcp
|
||||
ircs 994/udp
|
||||
pop3s 995/tcp # POP-3 over SSL
|
||||
pop3s 995/udp # POP-3 over SSL
|
||||
|
||||
#
|
||||
# UNIX specific services
|
||||
#
|
||||
exec 512/tcp
|
||||
biff 512/udp comsat
|
||||
login 513/tcp
|
||||
who 513/udp whod
|
||||
shell 514/tcp cmd # no passwords used
|
||||
syslog 514/udp
|
||||
printer 515/tcp spooler # line printer spooler
|
||||
printer 515/udp spooler # line printer spooler
|
||||
talk 517/udp
|
||||
ntalk 518/udp
|
||||
utime 519/tcp unixtime
|
||||
utime 519/udp unixtime
|
||||
efs 520/tcp
|
||||
router 520/udp route routed # RIP
|
||||
ripng 521/tcp
|
||||
ripng 521/udp
|
||||
timed 525/tcp timeserver
|
||||
timed 525/udp timeserver
|
||||
tempo 526/tcp newdate
|
||||
courier 530/tcp rpc
|
||||
conference 531/tcp chat
|
||||
netnews 532/tcp
|
||||
netwall 533/udp # -for emergency broadcasts
|
||||
uucp 540/tcp uucpd # uucp daemon
|
||||
klogin 543/tcp # Kerberized `rlogin' (v5)
|
||||
kshell 544/tcp krcmd # Kerberized `rsh' (v5)
|
||||
afpovertcp 548/tcp # AFP over TCP
|
||||
afpovertcp 548/udp # AFP over TCP
|
||||
remotefs 556/tcp rfs_server rfs # Brunhoff remote filesystem
|
||||
|
||||
#
|
||||
# From ``PORT NUMBERS'':
|
||||
#
|
||||
#>REGISTERED PORT NUMBERS
|
||||
#>
|
||||
#>The Registered Ports are listed by the IANA and on most systems can be
|
||||
#>used by ordinary user processes or programs executed by ordinary
|
||||
#>users.
|
||||
#>
|
||||
#>Ports are used in the TCP [RFC793] to name the ends of logical
|
||||
#>connections which carry long term conversations. For the purpose of
|
||||
#>providing services to unknown callers, a service contact port is
|
||||
#>defined. This list specifies the port used by the server process as
|
||||
#>its contact port.
|
||||
#>
|
||||
#>The IANA registers uses of these ports as a convienence to the
|
||||
#>community.
|
||||
#
|
||||
socks 1080/tcp # socks proxy server
|
||||
socks 1080/udp # socks proxy server
|
||||
|
||||
# Port 1236 is registered as `bvcontrol', but is also used by the
|
||||
# Gracilis Packeten remote config server. The official name is listed as
|
||||
# the primary name, with the unregistered name as an alias.
|
||||
bvcontrol 1236/tcp rmtcfg # Daniel J. Walsh, Gracilis Packeten remote config server
|
||||
bvcontrol 1236/udp # Daniel J. Walsh
|
||||
|
||||
h323hostcallsc 1300/tcp # H323 Host Call Secure
|
||||
h323hostcallsc 1300/udp # H323 Host Call Secure
|
||||
ms-sql-s 1433/tcp # Microsoft-SQL-Server
|
||||
ms-sql-s 1433/udp # Microsoft-SQL-Server
|
||||
ms-sql-m 1434/tcp # Microsoft-SQL-Monitor
|
||||
ms-sql-m 1434/udp # Microsoft-SQL-Monitor
|
||||
ica 1494/tcp # Citrix ICA Client
|
||||
ica 1494/udp # Citrix ICA Client
|
||||
wins 1512/tcp # Microsoft's Windows Internet Name Service
|
||||
wins 1512/udp # Microsoft's Windows Internet Name Service
|
||||
ingreslock 1524/tcp
|
||||
ingreslock 1524/udp
|
||||
prospero-np 1525/tcp orasrv # Prospero non-privileged/oracle
|
||||
prospero-np 1525/udp orasrv
|
||||
datametrics 1645/tcp old-radius sightline # datametrics / old radius entry
|
||||
datametrics 1645/udp old-radius sightline # datametrics / old radius entry
|
||||
sa-msg-port 1646/tcp old-radacct # sa-msg-port / old radacct entry
|
||||
sa-msg-port 1646/udp old-radacct # sa-msg-port / old radacct entry
|
||||
kermit 1649/tcp
|
||||
kermit 1649/udp
|
||||
l2tp 1701/tcp l2f
|
||||
l2tp 1701/udp l2f
|
||||
h323gatedisc 1718/tcp
|
||||
h323gatedisc 1718/udp
|
||||
h323gatestat 1719/tcp
|
||||
h323gatestat 1719/udp
|
||||
h323hostcall 1720/tcp
|
||||
h323hostcall 1720/udp
|
||||
tftp-mcast 1758/tcp
|
||||
tftp-mcast 1758/udp
|
||||
mtftp 1759/udp spss-lm
|
||||
hello 1789/tcp
|
||||
hello 1789/udp
|
||||
radius 1812/tcp # Radius
|
||||
radius 1812/udp # Radius
|
||||
radius-acct 1813/tcp radacct # Radius Accounting
|
||||
radius-acct 1813/udp radacct # Radius Accounting
|
||||
mtp 1911/tcp #
|
||||
mtp 1911/udp #
|
||||
hsrp 1985/tcp # Cisco Hot Standby Router Protocol
|
||||
hsrp 1985/udp # Cisco Hot Standby Router Protocol
|
||||
licensedaemon 1986/tcp
|
||||
licensedaemon 1986/udp
|
||||
gdp-port 1997/tcp # Cisco Gateway Discovery Protocol
|
||||
gdp-port 1997/udp # Cisco Gateway Discovery Protocol
|
||||
sieve 2000/tcp cisco-sccp # Sieve Mail Filter Daemon
|
||||
sieve 2000/udp cisco-sccp # Sieve Mail Filter Daemon
|
||||
nfs 2049/tcp nfsd shilp
|
||||
nfs 2049/udp nfsd shilp
|
||||
zephyr-srv 2102/tcp # Zephyr server
|
||||
zephyr-srv 2102/udp # Zephyr server
|
||||
zephyr-clt 2103/tcp # Zephyr serv-hm connection
|
||||
zephyr-clt 2103/udp # Zephyr serv-hm connection
|
||||
zephyr-hm 2104/tcp # Zephyr hostmanager
|
||||
zephyr-hm 2104/udp # Zephyr hostmanager
|
||||
cvspserver 2401/tcp # CVS client/server operations
|
||||
cvspserver 2401/udp # CVS client/server operations
|
||||
venus 2430/tcp # codacon port
|
||||
venus 2430/udp # Venus callback/wbc interface
|
||||
venus-se 2431/tcp # tcp side effects
|
||||
venus-se 2431/udp # udp sftp side effect
|
||||
codasrv 2432/tcp # not used
|
||||
codasrv 2432/udp # server port
|
||||
codasrv-se 2433/tcp # tcp side effects
|
||||
codasrv-se 2433/udp # udp sftp side effectQ
|
|
@ -1,19 +0,0 @@
|
|||
root:$5$rounds=1000$TMTRLLOM$h24vGZsHaf6aNdz3dsUuE4z/fy5at1Luuu.FBI6D6M:16200::999999:7:::
|
||||
bin:x:16200::999999:7:::
|
||||
daemon:x:16200::999999:7:::
|
||||
adm:x:16200::999999:7:::
|
||||
lp:x:16200::999999:7:::
|
||||
sync:x:16200::999999:7:::
|
||||
shutdown:x:16200::999999:7:::
|
||||
halt:x:16200::999999:7:::
|
||||
mail:x:16200::999999:7:::
|
||||
uucp:x:16200::999999:7:::
|
||||
operator:x:16200::999999:7:::
|
||||
games:x:16200::999999:7:::
|
||||
gopher:x:16200::999999:7:::
|
||||
ftp:x:16200::999999:7:::
|
||||
nobody:x:16200::999999:7:::
|
||||
vcsa:x:16200::999999:7:::
|
||||
rpc:x:16200::999999:7:::
|
||||
rpcuser:x:16200::999999:7:::
|
||||
nfsnobody:x:16200::999999:7:::
|
File diff suppressed because it is too large
Load Diff
|
@ -1,66 +0,0 @@
|
|||
# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $
|
||||
|
||||
# This is the ssh client system-wide configuration file. See
|
||||
# ssh_config(5) for more information. This file provides defaults for
|
||||
# users, and the values can be changed in per-user configuration files
|
||||
# or on the command line.
|
||||
|
||||
# Configuration data is parsed as follows:
|
||||
# 1. command line options
|
||||
# 2. user-specific file
|
||||
# 3. system-wide file
|
||||
# Any configuration value is only changed the first time it is set.
|
||||
# Thus, host-specific definitions should be at the beginning of the
|
||||
# configuration file, and defaults at the end.
|
||||
|
||||
# Site-wide defaults for some commonly used options. For a comprehensive
|
||||
# list of available options, their meanings and defaults, please see the
|
||||
# ssh_config(5) man page.
|
||||
|
||||
# Host *
|
||||
# ForwardAgent no
|
||||
# ForwardX11 no
|
||||
# RhostsRSAAuthentication no
|
||||
# RSAAuthentication yes
|
||||
# PasswordAuthentication yes
|
||||
# HostbasedAuthentication no
|
||||
# GSSAPIAuthentication no
|
||||
# GSSAPIDelegateCredentials no
|
||||
# GSSAPIKeyExchange no
|
||||
# GSSAPITrustDNS no
|
||||
# BatchMode no
|
||||
# CheckHostIP yes
|
||||
# AddressFamily any
|
||||
# ConnectTimeout 0
|
||||
# StrictHostKeyChecking ask
|
||||
# IdentityFile ~/.ssh/identity
|
||||
# IdentityFile ~/.ssh/id_rsa
|
||||
# IdentityFile ~/.ssh/id_dsa
|
||||
# Port 22
|
||||
# Protocol 2,1
|
||||
# Cipher 3des
|
||||
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
|
||||
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
|
||||
# EscapeChar ~
|
||||
# Tunnel no
|
||||
# TunnelDevice any:any
|
||||
# PermitLocalCommand no
|
||||
# VisualHostKey no
|
||||
# ProxyCommand ssh -q -W %h:%p gateway.example.com
|
||||
# RekeyLimit 1G 1h
|
||||
#
|
||||
# Uncomment this if you want to use .local domain
|
||||
# Host *.local
|
||||
# CheckHostIP no
|
||||
|
||||
Host *
|
||||
GSSAPIAuthentication no
|
||||
# If this option is set to yes then remote X11 clients will have full access
|
||||
# to the original X11 display. As virtually no X11 client supports the untrusted
|
||||
# mode correctly we set this to yes.
|
||||
ForwardX11Trusted = yes
|
||||
# Send locale-related environment variables
|
||||
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
||||
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
||||
SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
|
||||
SendEnv XMODIFIERS
|
|
@ -1,131 +0,0 @@
|
|||
# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $
|
||||
|
||||
# This is the sshd server system-wide configuration file. See
|
||||
# sshd_config(5) for more information.
|
||||
|
||||
# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
|
||||
|
||||
# The strategy used for options in the default sshd_config shipped with
|
||||
# OpenSSH is to specify options with their default value where
|
||||
# possible, but leave them commented. Uncommented options change a
|
||||
# default value.
|
||||
|
||||
#Port 22
|
||||
#AddressFamily any
|
||||
#ListenAddress 0.0.0.0
|
||||
#ListenAddress ::
|
||||
|
||||
# Disable legacy (protocol version 1) support in the server for new
|
||||
# installations. In future the default will change to require explicit
|
||||
# activation of protocol 1
|
||||
Protocol 2
|
||||
|
||||
# HostKey for protocol version 1
|
||||
#HostKey /etc/ssh/ssh_host_key
|
||||
# HostKeys for protocol version 2
|
||||
#HostKey /etc/ssh/ssh_host_rsa_key
|
||||
#HostKey /etc/ssh/ssh_host_dsa_key
|
||||
|
||||
# Lifetime and size of ephemeral version 1 server key
|
||||
#KeyRegenerationInterval 1h
|
||||
#ServerKeyBits 768
|
||||
|
||||
# Logging
|
||||
# obsoletes QuietMode and FascistLogging
|
||||
#SyslogFacility AUTH
|
||||
SyslogFacility AUTHPRIV
|
||||
#LogLevel INFO
|
||||
|
||||
# Authentication:
|
||||
|
||||
#LoginGraceTime 2m
|
||||
#PermitRootLogin yes
|
||||
#StrictModes yes
|
||||
#MaxAuthTries 6
|
||||
|
||||
#RSAAuthentication yes
|
||||
#PubkeyAuthentication yes
|
||||
#AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
|
||||
#RhostsRSAAuthentication no
|
||||
# similar for protocol version 2
|
||||
#HostbasedAuthentication no
|
||||
# Change to yes if you don't trust ~/.ssh/known_hosts for
|
||||
# RhostsRSAAuthentication and HostbasedAuthentication
|
||||
#IgnoreUserKnownHosts no
|
||||
# Don't read the user's ~/.rhosts and ~/.shosts files
|
||||
#IgnoreRhosts yes
|
||||
|
||||
# To disable tunneled clear text passwords, change to no here!
|
||||
#PasswordAuthentication yes
|
||||
#PermitEmptyPasswords no
|
||||
PasswordAuthentication yes
|
||||
|
||||
# Change to no to disable s/key passwords
|
||||
#ChallengeResponseAuthentication yes
|
||||
ChallengeResponseAuthentication no
|
||||
|
||||
# Kerberos options
|
||||
#KerberosAuthentication no
|
||||
#KerberosOrLocalPasswd yes
|
||||
#KerberosTicketCleanup yes
|
||||
#KerberosGetAFSToken no
|
||||
|
||||
# GSSAPI options
|
||||
#GSSAPIAuthentication no
|
||||
GSSAPIAuthentication yes
|
||||
#GSSAPICleanupCredentials yes
|
||||
GSSAPICleanupCredentials yes
|
||||
|
||||
# Set this to 'yes' to enable PAM authentication, account processing,
|
||||
# and session processing. If this is enabled, PAM authentication will
|
||||
# be allowed through the ChallengeResponseAuthentication and
|
||||
# PasswordAuthentication. Depending on your PAM configuration,
|
||||
# PAM authentication via ChallengeResponseAuthentication may bypass
|
||||
# the setting of "PermitRootLogin without-password".
|
||||
# If you just want the PAM account and session checks to run without
|
||||
# PAM authentication, then enable this but set PasswordAuthentication
|
||||
# and ChallengeResponseAuthentication to 'no'.
|
||||
#UsePAM no
|
||||
UsePAM yes
|
||||
|
||||
# Accept locale-related environment variables
|
||||
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
||||
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
||||
AcceptEnv LC_IDENTIFICATION LC_ALL
|
||||
#AllowTcpForwarding yes
|
||||
#GatewayPorts no
|
||||
#X11Forwarding no
|
||||
X11Forwarding yes
|
||||
#X11DisplayOffset 10
|
||||
#X11UseLocalhost yes
|
||||
#PrintMotd yes
|
||||
#PrintLastLog yes
|
||||
#TCPKeepAlive yes
|
||||
#UseLogin no
|
||||
#UsePrivilegeSeparation yes
|
||||
#PermitUserEnvironment no
|
||||
#Compression delayed
|
||||
#ClientAliveInterval 0
|
||||
#ClientAliveCountMax 3
|
||||
#ShowPatchLevel no
|
||||
#UseDNS yes
|
||||
#PidFile /var/run/sshd.pid
|
||||
#MaxStartups 10
|
||||
#PermitTunnel no
|
||||
|
||||
# no default banner path
|
||||
#Banner /some/path
|
||||
|
||||
# override default of no subsystems
|
||||
Subsystem sftp /usr/libexec/openssh/sftp-server
|
||||
|
||||
# Example of overriding settings on a per-user basis
|
||||
Match User anoncvs
|
||||
X11Forwarding no
|
||||
AllowTcpForwarding no
|
||||
ForceCommand cvs server
|
||||
|
||||
Match Group restricted
|
||||
ForceCommand /usr/local/bin/restricted_group_command
|
|
@ -1,95 +0,0 @@
|
|||
## Sudoers allows particular users to run various commands as
|
||||
## the root user, without needing the root password.
|
||||
##
|
||||
## Examples are provided at the bottom of the file for collections
|
||||
## of related commands, which can then be delegated out to particular
|
||||
## users or groups.
|
||||
##
|
||||
## This file must be edited with the 'visudo' command.
|
||||
|
||||
## Host Aliases
|
||||
## Groups of machines. You may prefer to use hostnames (perhaps using
|
||||
## wildcards for entire domains) or IP addresses instead.
|
||||
# Host_Alias FILESERVERS = fs1, fs2
|
||||
# Host_Alias MAILSERVERS = smtp, smtp2
|
||||
|
||||
## User Aliases
|
||||
## These aren't often necessary, as you can use regular groups
|
||||
## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname
|
||||
## rather than USERALIAS
|
||||
# User_Alias ADMINS = jsmith, mikem
|
||||
|
||||
|
||||
## Command Aliases
|
||||
## These are groups of related commands...
|
||||
|
||||
## Networking
|
||||
Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
|
||||
|
||||
## Installation and management of software
|
||||
Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
|
||||
|
||||
## Services
|
||||
Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
|
||||
|
||||
## Updating the locate database
|
||||
Cmnd_Alias LOCATE = /usr/bin/updatedb
|
||||
|
||||
## Storage
|
||||
Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
|
||||
|
||||
## Delegating permissions
|
||||
Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
|
||||
|
||||
## Processes
|
||||
Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
|
||||
|
||||
## Drivers
|
||||
Cmnd_Alias DRIVERS = /sbin/modprobe
|
||||
|
||||
# Defaults specification
|
||||
|
||||
#
|
||||
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
|
||||
# You have to run "ssh -t hostname sudo <cmd>".
|
||||
#
|
||||
Defaults requiretty
|
||||
|
||||
Defaults env_reset
|
||||
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS"
|
||||
Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
|
||||
Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
|
||||
Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
|
||||
Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
|
||||
|
||||
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
|
||||
|
||||
## Next comes the main part: which users can run what software on
|
||||
## which machines (the sudoers file can be shared between multiple
|
||||
## systems).
|
||||
## Syntax:
|
||||
##
|
||||
## user MACHINE=COMMANDS
|
||||
##
|
||||
## The COMMANDS section may have other options added to it.
|
||||
##
|
||||
## Allow root to run any commands anywhere
|
||||
root ALL=(ALL) ALL
|
||||
|
||||
## Allows members of the 'sys' group to run networking, software,
|
||||
## service management apps and more.
|
||||
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
|
||||
|
||||
## Allows people in group wheel to run all commands
|
||||
%wheel ALL=(ALL) ALL
|
||||
|
||||
## Same thing without a password
|
||||
# %wheel ALL=(ALL) NOPASSWD: ALL
|
||||
|
||||
## Allows members of the users group to mount and unmount the
|
||||
## cdrom as root
|
||||
# %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
|
||||
|
||||
## Allows members of the users group to shutdown this system
|
||||
# %users localhost=/sbin/shutdown -h now
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
# This file has been generated by the Anaconda Installer 21.48.22.134-1
|
||||
|
||||
[ProgressSpoke]
|
||||
visited = 1
|
||||
|
|
@ -1,9 +0,0 @@
|
|||
# specify additional command line arguments for atd
|
||||
#
|
||||
# -l Specifies a limiting load factor, over which batch jobs should not be run, instead of the compile-time
|
||||
# choice of 0.8. For an SMP system with n CPUs, you will probably want to set this higher than n-1.
|
||||
#
|
||||
# -b Specify the minimum interval in seconds between the start of two batch jobs (60 default).
|
||||
|
||||
#example:
|
||||
#OPTS="-l 4 -b 120"
|
|
@ -1,17 +0,0 @@
|
|||
USEWINBINDAUTH=no
|
||||
USEHESIOD=no
|
||||
USESYSNETAUTH=no
|
||||
USEKERBEROS=no
|
||||
FORCESMARTCARD=no
|
||||
USESMBAUTH=no
|
||||
USESMARTCARD=no
|
||||
USELDAPAUTH=no
|
||||
USELOCAUTHORIZE=no
|
||||
USEWINBIND=no
|
||||
USESHADOW=yes
|
||||
USEDB=no
|
||||
USEPASSWDQC=no
|
||||
USEMD5=yes
|
||||
USELDAP=no
|
||||
USECRACKLIB=yes
|
||||
USENIS=no
|
|
@ -1,91 +0,0 @@
|
|||
#
|
||||
# Define default options for autofs.
|
||||
#
|
||||
# MASTER_MAP_NAME - default map name for the master map.
|
||||
#
|
||||
#MASTER_MAP_NAME="auto.master"
|
||||
#
|
||||
# TIMEOUT - set the default mount timeout (default 600).
|
||||
#
|
||||
TIMEOUT=3600
|
||||
#
|
||||
# NEGATIVE_TIMEOUT - set the default negative timeout for
|
||||
# failed mount attempts (default 60).
|
||||
#
|
||||
#NEGATIVE_TIMEOUT=60
|
||||
#
|
||||
# BROWSE_MODE - maps are browsable by default.
|
||||
#
|
||||
BROWSE_MODE="yes"
|
||||
#
|
||||
# APPEND_OPTIONS - append to global options instead of replace.
|
||||
#
|
||||
#APPEND_OPTIONS="yes"
|
||||
#
|
||||
# LOGGING - set default log level "none", "verbose" or "debug"
|
||||
#
|
||||
#LOGGING="none"
|
||||
#
|
||||
# Define base dn for map dn lookup.
|
||||
#
|
||||
# Define server URIs
|
||||
#
|
||||
# LDAP_URI - space separated list of server uris of the form
|
||||
# <proto>://<server>[/] where <proto> can be ldap
|
||||
# or ldaps. The option can be given multiple times.
|
||||
# Map entries that include a server name override
|
||||
# this option.
|
||||
#
|
||||
#LDAP_URI=""
|
||||
#
|
||||
# LDAP__TIMEOUT - timeout value for the synchronous API calls
|
||||
# (default is LDAP library default).
|
||||
#
|
||||
#LDAP_TIMEOUT=-1
|
||||
#
|
||||
# LDAP_NETWORK_TIMEOUT - set the network response timeout (default 8).
|
||||
#
|
||||
#LDAP_NETWORK_TIMEOUT=8
|
||||
#
|
||||
# SEARCH_BASE - base dn to use for searching for map search dn.
|
||||
# Multiple entries can be given and they are checked
|
||||
# in the order they occur here.
|
||||
#
|
||||
#SEARCH_BASE=""
|
||||
#
|
||||
# Define the LDAP schema to used for lookups
|
||||
#
|
||||
# If no schema is set autofs will check each of the schemas
|
||||
# below in the order given to try and locate an appropriate
|
||||
# basdn for lookups. If you want to minimize the number of
|
||||
# queries to the server set the values here.
|
||||
#
|
||||
#MAP_OBJECT_CLASS="nisMap"
|
||||
#ENTRY_OBJECT_CLASS="nisObject"
|
||||
#MAP_ATTRIBUTE="nisMapName"
|
||||
#ENTRY_ATTRIBUTE="cn"
|
||||
#VALUE_ATTRIBUTE="nisMapEntry"
|
||||
#
|
||||
# Other common LDAP nameing
|
||||
#
|
||||
#MAP_OBJECT_CLASS="automountMap"
|
||||
#ENTRY_OBJECT_CLASS="automount"
|
||||
#MAP_ATTRIBUTE="ou"
|
||||
#ENTRY_ATTRIBUTE="cn"
|
||||
#VALUE_ATTRIBUTE="automountInformation"
|
||||
#
|
||||
#MAP_OBJECT_CLASS="automountMap"
|
||||
#ENTRY_OBJECT_CLASS="automount"
|
||||
#MAP_ATTRIBUTE="automountMapName"
|
||||
#ENTRY_ATTRIBUTE="automountKey"
|
||||
#VALUE_ATTRIBUTE="automountInformation"
|
||||
#
|
||||
# AUTH_CONF_FILE - set the default location for the SASL
|
||||
# authentication configuration file.
|
||||
#
|
||||
#AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf"
|
||||
#
|
||||
# General global options
|
||||
#
|
||||
#OPTIONS=""
|
||||
#
|
|
@ -1,5 +0,0 @@
|
|||
# The ZONE parameter is only evaluated by system-config-date.
|
||||
# The timezone of the system is defined by the contents of /etc/localtime.
|
||||
ZONE="America/Los Angeles"
|
||||
UTC=true
|
||||
ARC=false
|
|
@ -1,72 +0,0 @@
|
|||
# /etc/sysconfig/cpuspeed
|
||||
#
|
||||
# This configuration file controls the behavior of both the
|
||||
# cpuspeed daemon and various cpufreq modules.
|
||||
# For the vast majority of users, there shouldn't be any need to
|
||||
# alter the contents of this file at all. By and large, frequency
|
||||
# scaling should Just Work(tm) with the defaults.
|
||||
|
||||
### DRIVER ###
|
||||
# Your CPUFreq driver module
|
||||
# Note that many drivers are now built-in, rather than built as modules,
|
||||
# so its usually best not to specify one. The most commonly-needed driver
|
||||
# module these days is 'p4-clockmod', however, in most cases, it is not
|
||||
# recommended for use. See: http://lkml.org/lkml/2006/2/25/84
|
||||
# default value: empty (try to auto-detect/use built-in)
|
||||
DRIVER=
|
||||
|
||||
### GOVERNOR ###
|
||||
# Which scaling governor to use
|
||||
# Details on scaling governors for your cpu(s) can be found in
|
||||
# cpu-freq/governors.txt, part of the kernel-doc package
|
||||
# NOTES:
|
||||
# - The GOVERNOR parameter is only valid on centrino, powernow-k8 (amd64)
|
||||
# and p4-clockmod platforms, other platforms that support frequency
|
||||
# scaling always use the 'userspace' governor.
|
||||
# - Using the 'userspace' governor will trigger the cpuspeed daemon to run,
|
||||
# which provides said user-space frequency scaling.
|
||||
# default value: empty (defaults to ondemand on centrino, powernow-k8,
|
||||
# and p4-clockmod systems, userspace on others)
|
||||
GOVERNOR=
|
||||
|
||||
### FREQUENCIES ###
|
||||
# NOTE: valid max/min frequencies for your cpu(s) can be found in
|
||||
# /sys/devices/system/cpu/cpu*/cpufreq/scaling_available_frequencies
|
||||
# on systems that support frequency scaling (though only after the
|
||||
# appropriate drivers have been loaded via the cpuspeed initscript).
|
||||
# maximum speed to scale up to
|
||||
# default value: empty (use cpu reported maximum)
|
||||
MAX_SPEED=
|
||||
# minimum speed to scale down to
|
||||
# default value: empty (use cpu reported minimum)
|
||||
MIN_SPEED=
|
||||
|
||||
### SCALING THRESHOLDS ###
|
||||
# Busy percentage threshold over which to scale up to max frequency
|
||||
# default value: empty (use governor default)
|
||||
UP_THRESHOLD=
|
||||
# Busy percentage threshold under which to scale frequency down
|
||||
# default value: empty (use governor default)
|
||||
DOWN_THRESHOLD=
|
||||
|
||||
### NICE PROCESS HANDLING ###
|
||||
# Let background (nice) processes speed up the cpu
|
||||
# default value: 0 (background process usage can speed up cpu)
|
||||
# alternate value: 1 (background processes will be ignored)
|
||||
IGNORE_NICE=0
|
||||
|
||||
|
||||
#####################################################
|
||||
########## HISTORICAL CPUSPEED CONFIG BITS ##########
|
||||
#####################################################
|
||||
VMAJOR=1
|
||||
VMINOR=1
|
||||
|
||||
# Add your favorite options here
|
||||
#OPTS="$OPTS -s 0 -i 10 -r"
|
||||
|
||||
# uncomment and modify this to check the state of the AC adapter
|
||||
#OPTS="$OPTS -a /proc/acpi/ac_adapter/*/state"
|
||||
|
||||
# uncomment and modify this to check the system temperature
|
||||
#OPTS="$OPTS -t /proc/acpi/thermal_zone/*/temperature 75"
|
|
@ -1,9 +0,0 @@
|
|||
# Settings for the CRON daemon.
|
||||
# CRONDARGS= : any extra command-line startup arguments for crond
|
||||
# CRON_VALIDATE_MAILRCPTS=1:a non-empty value of this variable will
|
||||
# enable vixie-cron-4.1's validation of
|
||||
# mail recipient names, which would then be
|
||||
# restricted to contain only the chars
|
||||
# from this tr(1) set : [@!:%-_.,:alnum:]
|
||||
# otherwise mailing is not attempted.
|
||||
CRONDARGS=
|
|
@ -1,6 +0,0 @@
|
|||
# Possible values are 1, 2, ... or nothing
|
||||
# Delay is determined using the hostname and the variable (Delay) from this configuration file.
|
||||
# Bigger value means shorter delay.
|
||||
# This delay could be switched off, but then you can have problems with network overload
|
||||
# (for example yum updates in cron.daily run on all your computers etc.)
|
||||
DELAY=1
|
|
@ -1 +0,0 @@
|
|||
RUN_FIRSTBOOT=NO
|
|
@ -1,2 +0,0 @@
|
|||
boot=/dev/sda
|
||||
forcelba=0
|
|
@ -1,128 +0,0 @@
|
|||
# $Id: hsqldb-1.73.0-standard.cfg,v 1.1 2004/12/23 22:21:08 fnasser Exp $
|
||||
|
||||
# Sample configuration file for HSQLDB database server.
|
||||
# See the "UNIX Quick Start" chapter of the Hsqldb User Guide.
|
||||
|
||||
# N.b.!!!! You must place this in the right location for your type of UNIX.
|
||||
# See the init script "hsqldb" to see where this must be placed and
|
||||
# what it should be renamed to.
|
||||
|
||||
# This file is "sourced" by a Bourne shell, so use Bourne shell syntax.
|
||||
|
||||
# This file WILL NOT WORK until you set (at least) the non-commented
|
||||
# variables to the appropriate values for your system.
|
||||
# Life will be easier if you avoid all filepaths with spaces or any other
|
||||
# funny characters. Don't ask for support if you ignore this advice.
|
||||
|
||||
# Thanks to Meikel Bisping for his contributions. -- Blaine
|
||||
|
||||
# JPackage hsqldb home is /var/lib/hsqldb
|
||||
|
||||
HSQLDB_HOME=/var/lib/hsqldb
|
||||
|
||||
# JPackage source Java config
|
||||
|
||||
. /etc/java/java.conf
|
||||
|
||||
JAVA_EXECUTABLE=${JAVA_HOME}/bin/java
|
||||
|
||||
# Unless you copied a hsqldb.jar file from another system, this typically
|
||||
# resides at $HSQLDB_HOME/lib/hsqldb.jar, where $HSQLDB_HOME is your HSQLDB
|
||||
# software base directory.
|
||||
HSQLDB_JAR_PATH=${HSQLDB_HOME}/lib/hsqldb.jar
|
||||
|
||||
# Where the file "server.properties" (or "webserver.properties") resides.
|
||||
SERVER_HOME=${HSQLDB_HOME}
|
||||
|
||||
# What UNIX user the Server/WebServer process will run as.
|
||||
# (The shutdown client is always run as root or the invoker of the init script).
|
||||
# Runs as root by default, but you should take the time to set database file
|
||||
# ownerships to another user and set that user name here.
|
||||
# You do need to run as root if your Server/WebServer will run on a privileged
|
||||
# (< 1024) port.
|
||||
# If you really do want to run as root, comment out the HSQLDB_OWNER setting
|
||||
# completely. I.e., do not set it to root. This will run Server/Webserver
|
||||
# without any "su" at all.
|
||||
HSQLDB_OWNER=hsqldb
|
||||
|
||||
# We require all Server/WebServer instances to be accessible within
|
||||
# $MAX_START_SECS from when the Server/WebServer is started.
|
||||
# Defaults to 60.
|
||||
# Raise this is you are running lots of DB instances or have a slow server.
|
||||
#MAX_START_SECS=200
|
||||
# Ditto for this one
|
||||
#SU_ECHO_SECS=1
|
||||
|
||||
# Time to allow for JVM to die after all HSQLDB instances stopped.
|
||||
# Defaults to 1.
|
||||
#MAX_TERMINATE_SECS=0
|
||||
|
||||
# These are "urlid" values from a SqlTool authentication file
|
||||
# ** IN ADDITION TO THOSE IN YOUR server.properties OR webserver.properties **
|
||||
# file. All server.urlid.X values from your properties file will automatically
|
||||
# be started/stopped/tested. $SHUTDOWN_URLIDS is for additional urlids which
|
||||
# will stopped. (Therefore, most users will not set this at all).
|
||||
# Separate multiple values with white space. NO OTHER SPECIAL CHARACTERS!
|
||||
# Make sure to quote the entire value if it contains white space separator(s).
|
||||
# Defaults to none (i.e., only urlids set in properties file will be stopped).
|
||||
#SHUTDOWN_URLIDS='sa mygms'
|
||||
|
||||
# SqlTool authentication file used only for shutdown.
|
||||
# The default value will be sqltool.rc in root's home directory, since it is
|
||||
# root who runs the init script.
|
||||
# (See the SqlTool chapter of the HSQLDB User Guide if you don't understand
|
||||
# this).
|
||||
AUTH_FILE=${HSQLDB_HOME}/sqltool.rc
|
||||
|
||||
# Set to 'WebServer' to start a HSQLDB WebServer instead of a Server.
|
||||
# Defaults to 'Server'.
|
||||
#TARGET_CLASS=WebServer
|
||||
|
||||
# Server-side classpath IN ADDITION TO the HSQLDB_JAR_PATH set above.
|
||||
# The classpath here is *earlier* than HSQLDB_JAR_PATH, to allow you
|
||||
# override classes in the HSQLDB_JAR_PATH jar file.
|
||||
# In particular, you will want to add classpath elements to give access of
|
||||
# all of your store procedures (store procedures are documented in the
|
||||
# HSQLDB User Guide in the SQL Syntax chapter.
|
||||
#
|
||||
# N.B.!
|
||||
# If you're adding files to the classpath in order to be able to call them
|
||||
# from SQL queries, you will be unable to access them unless you adjust the
|
||||
# value of the system property hsqldb.method_class_names. Please see the
|
||||
# comments on SERVER_JVMARGS, at the end of this file.
|
||||
# SERVER_ADDL_CLASSPATH=/home/blaine/storedprocs.jar:/usr/dev/dbutil/classes
|
||||
|
||||
# For TLS encryption for your Server, set these two variables.
|
||||
# N.b.: If you set these, then make this file unreadable to non-root users!!!!
|
||||
# See the TLS chapter of the HSQLDB User Guide, paying attention to the
|
||||
# security warning(s).
|
||||
# If you are running with a private server cert, then you will also need to
|
||||
# set "truststore" in the your SqlTool config file (location is set by the
|
||||
# AUTH_FILE variable in this file, or it must be at the default location for
|
||||
# HSQLDB_OWNER).
|
||||
#TLS_KEYSTORE=/path/to/jks/server.store
|
||||
#TLS_PASSWORD=password
|
||||
|
||||
# Any JVM args for the invocation of the JDBC client used to verify DB
|
||||
# instances and to shut them down (SqlToolSprayer).
|
||||
# For multiple args, put quotes around entire value.
|
||||
#CLIENT_JVMARGS=-Djavax.net.debug=ssl
|
||||
|
||||
# Any JVM args for the server.
|
||||
# For multiple args, put quotes around entire value.
|
||||
#
|
||||
# N.B.!
|
||||
# The default value of SERVER_JVMARGS sets the system property
|
||||
# hsqldb.method_class_names to be empty. This is in order to lessen the
|
||||
# security risk posed by HSQLDB allowing Java method calls in SQL statements.
|
||||
# The implications of changing this value (as explained by the authors of
|
||||
# HSQLDB) are as follows:
|
||||
# If [it] is not set, then static methods of all available Java classes
|
||||
# can be accessed as functions in HSQLDB. If the property is set, then
|
||||
# only the list of semicolon separated method names becomes accessible.
|
||||
# An empty property value means no class is accessible.
|
||||
# Regardless of the value of hsqldb.method_class_names, methods in
|
||||
# org.hsqldb.Library will be accessible.
|
||||
# Before making changes to the value below, please be advised of the possible
|
||||
# dangers involved in allowing SQL queries to contain Java method calls.
|
||||
SERVER_JVMARGS=-Dhsqldb.method_class_names=\"\"
|
|
@ -1,22 +0,0 @@
|
|||
# Configuration file for the httpd service.
|
||||
|
||||
#
|
||||
# The default processing model (MPM) is the process-based
|
||||
# 'prefork' model. A thread-based model, 'worker', is also
|
||||
# available, but does not work with some modules (such as PHP).
|
||||
# The service must be stopped before changing this variable.
|
||||
#
|
||||
#HTTPD=/usr/sbin/httpd.worker
|
||||
|
||||
#
|
||||
# To pass additional options (for instance, -D definitions) to the
|
||||
# httpd binary at startup, set OPTIONS here.
|
||||
#
|
||||
#OPTIONS=
|
||||
|
||||
#
|
||||
# By default, the httpd process is started in the C locale; to
|
||||
# change the locale in which the server runs, the HTTPD_LANG
|
||||
# variable can be set.
|
||||
#
|
||||
#HTTPD_LANG=C
|
|
@ -1 +0,0 @@
|
|||
9a1c565e-3b93-4e74-9611-2b71b9b84a05
|
|
@ -1,672 +0,0 @@
|
|||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
desc: "Intel Corporation Mobile 945GM/PM/GMS, 943/940GML and 945GT Express Memory Controller Hub"
|
||||
vendorId: 8086
|
||||
deviceId: 27a0
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 2017
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 0
|
||||
pcifn: 0
|
||||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: shpchp
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 1"
|
||||
vendorId: 8086
|
||||
deviceId: 27d0
|
||||
subVendorId: 0000
|
||||
subDeviceId: 0000
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1c
|
||||
pcifn: 0
|
||||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: shpchp
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 2"
|
||||
vendorId: 8086
|
||||
deviceId: 27d2
|
||||
subVendorId: 0000
|
||||
subDeviceId: 0000
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1c
|
||||
pcifn: 1
|
||||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: shpchp
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 3"
|
||||
vendorId: 8086
|
||||
deviceId: 27d4
|
||||
subVendorId: 0000
|
||||
subDeviceId: 0000
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1c
|
||||
pcifn: 2
|
||||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: shpchp
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) PCI Express Port 4"
|
||||
vendorId: 8086
|
||||
deviceId: 27d6
|
||||
subVendorId: 0000
|
||||
subDeviceId: 0000
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1c
|
||||
pcifn: 3
|
||||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
desc: "Intel Corporation 82801 Mobile PCI Bridge"
|
||||
vendorId: 8086
|
||||
deviceId: 2448
|
||||
subVendorId: 0000
|
||||
subDeviceId: 0000
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1e
|
||||
pcifn: 0
|
||||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: intel-rng
|
||||
desc: "Intel Corporation 82801GBM (ICH7-M) LPC Interface Bridge"
|
||||
vendorId: 8086
|
||||
deviceId: 27b9
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 2009
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1f
|
||||
pcifn: 0
|
||||
-
|
||||
class: OTHER
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: i2c-i801
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) SMBus Controller"
|
||||
vendorId: 8086
|
||||
deviceId: 27da
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200f
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1f
|
||||
pcifn: 3
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "ATM1200"
|
||||
deviceId: ATM1200
|
||||
compat: PNP0c31
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
driver: hci_usb
|
||||
desc: "Broadcom Corp BCM2045B"
|
||||
usbclass: 254
|
||||
usbsubclass: 1
|
||||
usbprotocol: 0
|
||||
usbbus: 5
|
||||
usblevel: 1
|
||||
usbport: 0
|
||||
usbdev: 2
|
||||
vendorId: 0a5c
|
||||
deviceId: 2110
|
||||
usbmfr: Broadcom Corp
|
||||
usbprod: BCM2045B
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
driver: hci_usb
|
||||
desc: "Broadcom Corp BCM2045B"
|
||||
usbclass: 255
|
||||
usbsubclass: 255
|
||||
usbprotocol: 255
|
||||
usbbus: 5
|
||||
usblevel: 1
|
||||
usbport: 0
|
||||
usbdev: 2
|
||||
vendorId: 0a5c
|
||||
deviceId: 2110
|
||||
usbmfr: Broadcom Corp
|
||||
usbprod: BCM2045B
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
driver: hci_usb
|
||||
desc: "Broadcom Corp BCM2045B"
|
||||
usbclass: 224
|
||||
usbsubclass: 1
|
||||
usbprotocol: 1
|
||||
usbbus: 5
|
||||
usblevel: 1
|
||||
usbport: 0
|
||||
usbdev: 2
|
||||
vendorId: 0a5c
|
||||
deviceId: 2110
|
||||
usbmfr: Broadcom Corp
|
||||
usbprod: BCM2045B
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "IBM0057"
|
||||
deviceId: IBM0057
|
||||
compat: PNP0f13
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
driver: nsc-ircc
|
||||
desc: "IBM0071"
|
||||
deviceId: IBM0071
|
||||
compat: PNP0511
|
||||
-
|
||||
class: OTHER
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
desc: "Lid Switch"
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
desc: "Linux 2.6.24.4-64.fc8 ehci_hcd EHCI Host Controller"
|
||||
usbclass: 9
|
||||
usbsubclass: 0
|
||||
usbprotocol: 0
|
||||
usbbus: 1
|
||||
usblevel: 0
|
||||
usbport: 0
|
||||
usbdev: 1
|
||||
vendorId: 0000
|
||||
deviceId: 0000
|
||||
usbmfr: Linux 2.6.24.4-64.fc8 ehci_hcd
|
||||
usbprod: EHCI Host Controller
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
|
||||
usbclass: 9
|
||||
usbsubclass: 0
|
||||
usbprotocol: 0
|
||||
usbbus: 5
|
||||
usblevel: 0
|
||||
usbport: 0
|
||||
usbdev: 1
|
||||
vendorId: 0000
|
||||
deviceId: 0000
|
||||
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
|
||||
usbprod: UHCI Host Controller
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
|
||||
usbclass: 9
|
||||
usbsubclass: 0
|
||||
usbprotocol: 0
|
||||
usbbus: 4
|
||||
usblevel: 0
|
||||
usbport: 0
|
||||
usbdev: 1
|
||||
vendorId: 0000
|
||||
deviceId: 0000
|
||||
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
|
||||
usbprod: UHCI Host Controller
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
|
||||
usbclass: 9
|
||||
usbsubclass: 0
|
||||
usbprotocol: 0
|
||||
usbbus: 3
|
||||
usblevel: 0
|
||||
usbport: 0
|
||||
usbdev: 1
|
||||
vendorId: 0000
|
||||
deviceId: 0000
|
||||
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
|
||||
usbprod: UHCI Host Controller
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
desc: "Linux 2.6.24.4-64.fc8 uhci_hcd UHCI Host Controller"
|
||||
usbclass: 9
|
||||
usbsubclass: 0
|
||||
usbprotocol: 0
|
||||
usbbus: 2
|
||||
usblevel: 0
|
||||
usbport: 0
|
||||
usbdev: 1
|
||||
vendorId: 0000
|
||||
deviceId: 0000
|
||||
usbmfr: Linux 2.6.24.4-64.fc8 uhci_hcd
|
||||
usbprod: UHCI Host Controller
|
||||
-
|
||||
class: OTHER
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
driver: pcspkr
|
||||
desc: "PC Speaker"
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0103"
|
||||
deviceId: PNP0103
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0200"
|
||||
deviceId: PNP0200
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0303"
|
||||
deviceId: PNP0303
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0800"
|
||||
deviceId: PNP0800
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0a08"
|
||||
deviceId: PNP0a08
|
||||
compat: PNP0a03
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0b00"
|
||||
deviceId: PNP0b00
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0c01"
|
||||
deviceId: PNP0c01
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0c02"
|
||||
deviceId: PNP0c02
|
||||
-
|
||||
class: OTHER
|
||||
bus: ISAPNP
|
||||
detached: 0
|
||||
desc: "PNP0c04"
|
||||
deviceId: PNP0c04
|
||||
-
|
||||
class: OTHER
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
desc: "Power Button (FF)"
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
desc: "STMicroelectronics Biometric Coprocessor"
|
||||
usbclass: 255
|
||||
usbsubclass: 0
|
||||
usbprotocol: 0
|
||||
usbbus: 5
|
||||
usblevel: 1
|
||||
usbport: 1
|
||||
usbdev: 3
|
||||
vendorId: 0483
|
||||
deviceId: 2016
|
||||
usbmfr: STMicroelectronics
|
||||
usbprod: Biometric Coprocessor
|
||||
-
|
||||
class: OTHER
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
desc: "Sleep Button (CM)"
|
||||
-
|
||||
class: OTHER
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
desc: "TPPS/2 IBM TrackPoint"
|
||||
-
|
||||
class: OTHER
|
||||
bus: USB
|
||||
detached: 0
|
||||
desc: "Unknown USB device 0x451:0x2046"
|
||||
usbclass: 9
|
||||
usbsubclass: 0
|
||||
usbprotocol: 0
|
||||
usbbus: 1
|
||||
usblevel: 2
|
||||
usbport: 0
|
||||
usbdev: 5
|
||||
vendorId: 0451
|
||||
deviceId: 2046
|
||||
-
|
||||
class: OTHER
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
desc: "Video Bus"
|
||||
-
|
||||
class: OTHER
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
desc: "Video Bus"
|
||||
-
|
||||
class: NETWORK
|
||||
bus: PCI
|
||||
detached: 0
|
||||
device: eth0
|
||||
driver: e1000
|
||||
desc: "Intel Corporation 82573L Gigabit Ethernet Controller"
|
||||
network.hwaddr: 00:15:58:81:5b:0e
|
||||
vendorId: 8086
|
||||
deviceId: 109a
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 2001
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 2
|
||||
pcidev: 0
|
||||
pcifn: 0
|
||||
-
|
||||
class: NETWORK
|
||||
bus: PCI
|
||||
detached: 0
|
||||
device: wlan0
|
||||
driver: iwl3945
|
||||
desc: "Intel Corporation PRO/Wireless 3945ABG Network Connection"
|
||||
network.hwaddr: 00:19:d2:9f:88:96
|
||||
vendorId: 8086
|
||||
deviceId: 4227
|
||||
subVendorId: 8086
|
||||
subDeviceId: 1010
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 3
|
||||
pcidev: 0
|
||||
pcifn: 0
|
||||
-
|
||||
class: MOUSE
|
||||
bus: USB
|
||||
detached: 0
|
||||
device: input/mice
|
||||
driver: genericwheelusb
|
||||
desc: "ATEN 4 Port USB KVM B V1.80"
|
||||
usbclass: 3
|
||||
usbsubclass: 1
|
||||
usbprotocol: 2
|
||||
usbbus: 1
|
||||
usblevel: 3
|
||||
usbport: 0
|
||||
usbdev: 6
|
||||
vendorId: 0557
|
||||
deviceId: 2205
|
||||
usbmfr: ATEN
|
||||
usbprod: 4 Port USB KVM B V1.80
|
||||
-
|
||||
class: MOUSE
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
device: input/mice
|
||||
driver: generic3ps/2
|
||||
desc: "Macintosh mouse button emulation"
|
||||
-
|
||||
class: MOUSE
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
device: input/mice
|
||||
driver: synaptics
|
||||
desc: "SynPS/2 Synaptics TouchPad"
|
||||
-
|
||||
class: MOUSE
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
device: input/mice
|
||||
driver: generic3ps/2
|
||||
desc: "ThinkPad Extra Buttons"
|
||||
-
|
||||
class: AUDIO
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: snd-hda-intel
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) High Definition Audio Controller"
|
||||
vendorId: 8086
|
||||
deviceId: 27d8
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 2010
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1b
|
||||
pcifn: 0
|
||||
-
|
||||
class: CDROM
|
||||
bus: SCSI
|
||||
detached: 0
|
||||
device: scd0
|
||||
desc: "MATSHITA DVD-RAM UJ-842"
|
||||
host: 4
|
||||
id: 0
|
||||
channel: 0
|
||||
lun: 0
|
||||
-
|
||||
class: VIDEO
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: intelfb
|
||||
desc: "Intel Corporation Mobile 945GM/GMS, 943/940GML Express Integrated Graphics Controller"
|
||||
video.xdriver: intel
|
||||
vendorId: 8086
|
||||
deviceId: 27a2
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 201a
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 2
|
||||
pcifn: 0
|
||||
-
|
||||
class: VIDEO
|
||||
bus: PCI
|
||||
detached: 0
|
||||
desc: "Intel Corporation Mobile 945GM/GMS/GME, 943/940GML Express Integrated Graphics Controller"
|
||||
vendorId: 8086
|
||||
deviceId: 27a6
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 201a
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 2
|
||||
pcifn: 1
|
||||
-
|
||||
class: HD
|
||||
bus: SCSI
|
||||
detached: 0
|
||||
device: sda
|
||||
desc: "ATA HTS721010G9SA00"
|
||||
host: 0
|
||||
id: 0
|
||||
channel: 0
|
||||
lun: 0
|
||||
-
|
||||
class: KEYBOARD
|
||||
bus: PSAUX
|
||||
detached: 0
|
||||
desc: "AT Translated Set 2 keyboard"
|
||||
-
|
||||
class: KEYBOARD
|
||||
bus: USB
|
||||
detached: 0
|
||||
driver: keybdev
|
||||
desc: "ATEN 4 Port USB KVM B V1.80"
|
||||
usbclass: 3
|
||||
usbsubclass: 1
|
||||
usbprotocol: 1
|
||||
usbbus: 1
|
||||
usblevel: 3
|
||||
usbport: 0
|
||||
usbdev: 6
|
||||
vendorId: 0557
|
||||
deviceId: 2205
|
||||
usbmfr: ATEN
|
||||
usbprod: 4 Port USB KVM B V1.80
|
||||
-
|
||||
class: USB
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: uhci-hcd
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #1"
|
||||
vendorId: 8086
|
||||
deviceId: 27c8
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200a
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1d
|
||||
pcifn: 0
|
||||
-
|
||||
class: USB
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: uhci-hcd
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #2"
|
||||
vendorId: 8086
|
||||
deviceId: 27c9
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200a
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1d
|
||||
pcifn: 1
|
||||
-
|
||||
class: USB
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: uhci-hcd
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #3"
|
||||
vendorId: 8086
|
||||
deviceId: 27ca
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200a
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1d
|
||||
pcifn: 2
|
||||
-
|
||||
class: USB
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: uhci-hcd
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #4"
|
||||
vendorId: 8086
|
||||
deviceId: 27cb
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200a
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1d
|
||||
pcifn: 3
|
||||
-
|
||||
class: USB
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: ehci-hcd
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) USB2 EHCI Controller"
|
||||
vendorId: 8086
|
||||
deviceId: 27cc
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200b
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1d
|
||||
pcifn: 7
|
||||
-
|
||||
class: SOCKET
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: yenta_socket
|
||||
desc: "Texas Instruments PCI1510 PC card Cardbus Controller"
|
||||
vendorId: 104c
|
||||
deviceId: ac56
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 2012
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 15
|
||||
pcidev: 0
|
||||
pcifn: 0
|
||||
-
|
||||
class: IDE
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: ata_piix
|
||||
desc: "Intel Corporation 82801G (ICH7 Family) IDE Controller"
|
||||
vendorId: 8086
|
||||
deviceId: 27df
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200c
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1f
|
||||
pcifn: 1
|
||||
-
|
||||
class: SATA
|
||||
bus: PCI
|
||||
detached: 0
|
||||
driver: ahci
|
||||
desc: "Intel Corporation 82801GBM/GHM (ICH7 Family) SATA AHCI Controller"
|
||||
vendorId: 8086
|
||||
deviceId: 27c5
|
||||
subVendorId: 17aa
|
||||
subDeviceId: 200d
|
||||
pciType: 1
|
||||
pcidom: 0
|
||||
pcibus: 0
|
||||
pcidev: 1f
|
||||
pcifn: 2
|
|
@ -1,2 +0,0 @@
|
|||
LANG="en_US.UTF-8"
|
||||
SYSFONT="latarcyrheb-sun16"
|
|
@ -1,25 +0,0 @@
|
|||
# color => new RH6.0 bootup
|
||||
# verbose => old-style bootup
|
||||
# anything else => new style bootup without ANSI colors or positioning
|
||||
BOOTUP=color
|
||||
# Turn on graphical boot
|
||||
GRAPHICAL=yes
|
||||
# column to start "[ OK ]" label in
|
||||
RES_COL=60
|
||||
# terminal sequence to move to that column. You could change this
|
||||
# to something like "tput hpa ${RES_COL}" if your terminal supports it
|
||||
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
|
||||
# terminal sequence to set color to a 'success' color (currently: green)
|
||||
SETCOLOR_SUCCESS="echo -en \\033[0;32m"
|
||||
# terminal sequence to set color to a 'failure' color (currently: red)
|
||||
SETCOLOR_FAILURE="echo -en \\033[0;31m"
|
||||
# terminal sequence to set color to a 'warning' color (currently: yellow)
|
||||
SETCOLOR_WARNING="echo -en \\033[0;33m"
|
||||
# terminal sequence to reset to the default color.
|
||||
SETCOLOR_NORMAL="echo -en \\033[0;39m"
|
||||
# default kernel loglevel on boot (syslog will reset this)
|
||||
LOGLEVEL=3
|
||||
# Set to anything other than 'no' to allow hotkey interactive startup...
|
||||
PROMPT=yes
|
||||
# Set to 'yes' to allow probing for devices with swap signatures
|
||||
AUTOSWAP=no
|
|
@ -1,48 +0,0 @@
|
|||
# Firewall configuration written by system-config-firewall
|
||||
# Manual customization of this file is not recommended.
|
||||
*filter
|
||||
:INPUT ACCEPT [0:0]
|
||||
:FORWARD ACCEPT [0:0]
|
||||
:OUTPUT ACCEPT [0:0]
|
||||
:RH-Firewall-1-INPUT - [0:0]
|
||||
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
||||
-A INPUT -p icmp -j ACCEPT
|
||||
-A INPUT -i lo -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
|
||||
-A INPUT -p ah -j ACCEPT
|
||||
-A INPUT -p esp -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 631 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 631 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2020 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 32769 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 32803 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5900 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 5900 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5901 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 5901 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 662 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m tcp -p tcp --dport 892 -j ACCEPT
|
||||
-A INPUT -m state --state NEW -m udp -p udp --dport 892 -j ACCEPT
|
||||
-A INPUT --tcp-flags SYN,RST,ACK,FIN SYN -j ACCEPT
|
||||
-I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
|
||||
-A INPUT -j REJECT --reject-with icmp-host-prohibited
|
||||
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
|
||||
-A INPUT -j RH-Firewall-1-INPUT
|
||||
-A FORWARD -j RH-Firewall-1-INPUT
|
||||
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
|
||||
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
|
||||
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
|
||||
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
|
||||
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
|
||||
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
|
||||
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
|
||||
COMMIT
|
|
@ -1,48 +0,0 @@
|
|||
# Load additional iptables modules (nat helpers)
|
||||
# Default: -none-
|
||||
# Space separated list of nat helpers (e.g. 'ip_nat_ftp ip_nat_irc'), which
|
||||
# are loaded after the firewall rules are applied. Options for the helpers are
|
||||
# stored in /etc/modprobe.conf.
|
||||
IPTABLES_MODULES="ip_conntrack_netbios_ns"
|
||||
|
||||
# Unload modules on restart and stop
|
||||
# Value: yes|no, default: yes
|
||||
# This option has to be 'yes' to get to a sane state for a firewall
|
||||
# restart or stop. Only set to 'no' if there are problems unloading netfilter
|
||||
# modules.
|
||||
IPTABLES_MODULES_UNLOAD="yes"
|
||||
|
||||
# Save current firewall rules on stop.
|
||||
# Value: yes|no, default: no
|
||||
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets stopped
|
||||
# (e.g. on system shutdown).
|
||||
IPTABLES_SAVE_ON_STOP="no"
|
||||
|
||||
# Save current firewall rules on restart.
|
||||
# Value: yes|no, default: no
|
||||
# Saves all firewall rules to /etc/sysconfig/iptables if firewall gets
|
||||
# restarted.
|
||||
IPTABLES_SAVE_ON_RESTART="no"
|
||||
|
||||
# Save (and restore) rule and chain counter.
|
||||
# Value: yes|no, default: no
|
||||
# Save counters for rules and chains to /etc/sysconfig/iptables if
|
||||
# 'service iptables save' is called or on stop or restart if SAVE_ON_STOP or
|
||||
# SAVE_ON_RESTART is enabled.
|
||||
IPTABLES_SAVE_COUNTER="no"
|
||||
|
||||
# Numeric status output
|
||||
# Value: yes|no, default: yes
|
||||
# Print IP addresses and port numbers in numeric format in the status output.
|
||||
IPTABLES_STATUS_NUMERIC="yes"
|
||||
|
||||
# Verbose status output
|
||||
# Value: yes|no, default: yes
|
||||
# Print info about the number of packets and bytes plus the "input-" and
|
||||
# "outputdevice" in the status output.
|
||||
IPTABLES_STATUS_VERBOSE="no"
|
||||
|
||||
# Status output with numbered lines
|
||||
# Value: yes|no, default: yes
|
||||
# Print a counter/number for every rule in the status output.
|
||||
IPTABLES_STATUS_LINENUMBERS="yes"
|
|
@ -1,4 +0,0 @@
|
|||
IRDA=yes
|
||||
DEVICE=/dev/ttyS2
|
||||
#DONGLE=actisys+
|
||||
DISCOVERY=yes
|
|
@ -1,18 +0,0 @@
|
|||
# irqbalance is a daemon process that distributes interrupts across
|
||||
# CPUS on SMP systems. The default is to rebalance once every 10
|
||||
# seconds. There is one configuration option:
|
||||
#
|
||||
# ONESHOT=yes
|
||||
# after starting, wait for a minute, then look at the interrupt
|
||||
# load and balance it once; after balancing exit and do not change
|
||||
# it again.
|
||||
ONESHOT=
|
||||
|
||||
#
|
||||
# IRQ_AFFINITY_MASK
|
||||
# 64 bit bitmask which allows you to indicate which cpu's should
|
||||
# be skipped when reblancing irqs. Cpu numbers which have their
|
||||
# corresponding bits set to zero in this mask will not have any
|
||||
# irq's assigned to them on rebalance
|
||||
#
|
||||
#IRQ_AFFINITY_MASK=
|
|
@ -1,32 +0,0 @@
|
|||
# Kernel Version string for the -kdump kernel, such as 2.6.13-1544.FC5kdump
|
||||
# If no version is specified, then the init script will try to find a
|
||||
# kdump kernel with the same version number as the running kernel.
|
||||
KDUMP_KERNELVER=""
|
||||
|
||||
# The kdump commandline is the command line that needs to be passed off to
|
||||
# the kdump kernel. This will likely match the contents of the grub kernel
|
||||
# line. For example:
|
||||
# KDUMP_COMMANDLINE="ro root=LABEL=/"
|
||||
# If a command line is not specified, the default will be taken from
|
||||
# /proc/cmdline
|
||||
KDUMP_COMMANDLINE=""
|
||||
|
||||
# This variable lets us append arguments to the current kdump commandline
|
||||
# As taken from either KDUMP_COMMANDLINE above, or from /proc/cmdline
|
||||
KDUMP_COMMANDLINE_APPEND="irqpoll maxcpus=1"
|
||||
|
||||
# Any additional kexec arguments required. In most situations, this should
|
||||
# be left empty
|
||||
#
|
||||
# Example:
|
||||
# KEXEC_ARGS="--elf32-core-headers"
|
||||
KEXEC_ARGS=" --args-linux"
|
||||
|
||||
#Where to find the boot image
|
||||
KDUMP_BOOTDIR="/boot"
|
||||
|
||||
#What is the image type used for kdump
|
||||
KDUMP_IMG="vmlinuz"
|
||||
|
||||
#What is the images extension. Relocatable kernels don't have one
|
||||
KDUMP_IMG_EXT=""
|
|
@ -1,6 +0,0 @@
|
|||
# UPDATEDEFAULT specifies if new-kernel-pkg should make
|
||||
# new kernels the default
|
||||
UPDATEDEFAULT=yes
|
||||
|
||||
# DEFAULTKERNEL specifies the default kernel package type
|
||||
DEFAULTKERNEL=kernel-xen
|
|
@ -1,2 +0,0 @@
|
|||
KEYBOARDTYPE="pc"
|
||||
KEYTABLE="us"
|
|
@ -1,6 +0,0 @@
|
|||
# Set to anything other than 'no' to force a 'safe' probe on startup.
|
||||
# 'safe' probe disables:
|
||||
# - serial port probing
|
||||
# - DDC monitor probing
|
||||
# - PS/2 probing
|
||||
SAFE=no
|
|
@ -1,9 +0,0 @@
|
|||
# Override the default config file
|
||||
#LIBVIRTD_CONFIG=/etc/libvirt/libvirtd.conf
|
||||
|
||||
# Listen for TCP/IP connections
|
||||
# NB. must setup TLS/SSL keys prior to using this
|
||||
#LIBVIRTD_ARGS="--listen"
|
||||
|
||||
# Override Kerberos service keytab for SASL/GSSAPI
|
||||
#KRB5_KTNAME=/etc/libvirt/krb5.tab
|
|
@ -1,2 +0,0 @@
|
|||
# Options to lircd
|
||||
LIRCD_OPTIONS=
|
|
@ -1,2 +0,0 @@
|
|||
# /etc/sysconfig/sensors - Defines modules loaded by /etc/rc.d/init.d/lm_sensors
|
||||
# Run sensors-detect to generate this config file
|
|
@ -1,10 +0,0 @@
|
|||
# Options to nasd
|
||||
# See nasd(1) for more details
|
||||
# -aa allow any client to connect
|
||||
# -local allow local clients only
|
||||
# -b detach and run in background
|
||||
# -v enable verbose messages
|
||||
# -d <num> enable debug messages at level <num>
|
||||
# -pn partial networking enabled
|
||||
# -nopn partial networking disabled [default]
|
||||
NASD_OPTIONS="-b -local"
|
|
@ -1,20 +0,0 @@
|
|||
# This is the configuration file for the netconsole service. By starting
|
||||
# this service you allow a remote syslog daemon to record console output
|
||||
# from this system.
|
||||
|
||||
# The local port number that the netconsole module will use
|
||||
# LOCALPORT=6666
|
||||
|
||||
# The ethernet device to send console messages out of (only set this if it
|
||||
# can't be automatically determined)
|
||||
# DEV=
|
||||
|
||||
# The IP address of the remote syslog server to send messages to
|
||||
# SYSLOGADDR=
|
||||
|
||||
# The listening port of the remote syslog daemon
|
||||
# SYSLOGPORT=514
|
||||
|
||||
# The MAC address of the remote syslog server (only set this if it can't
|
||||
# be automatically determined)
|
||||
# SYSLOGMACADDR=
|
|
@ -1 +0,0 @@
|
|||
ssh-dss AAAAB3NzaC1kc3MAAACBAN4hXeRHrCzo+hdWYlXNK17bVODegv1x4HxDbrCZK92tRxHBsYFng1+oWTZs607LQ/dfcLxFRfPREuKLXiWFY6bDdJDfB5V5HzCBFCH+o5NQ48y8IcIpGic/5+cqWyY6pcxnwfzEQHtdLEeo93lRMzpMsFsbkST3qpBe8QJM3/gtAAAAFQDWWFFtL9NeP0zjhJv6FNDNfZ75CwAAAIAJansjnrRm3FKDxeFf6FuiBvioa4UJszeaSfoGpd6ugScfOyM/u1r08xPgn9ud5/kwRPxV56HWkqgxJQ0dChIMij3HiraZmyg5AY9i85ZW1ZUOEgMRDmWRTOMHK++u9Dmh1d1FtugrUeP6e4wP9nC2y/r+3qhsPTrqBUTXZikkFgAAAIA8Oue6cIFNZSzQRB4UM6hLwxfXAgWBHzoa7UxF7Zh6H65xnKswpIIcQHX77RFK0oF5Y4ks0Fjy5GLTlAGbSy2IcH9ecugRK6+bnEzO09NNO+yXzh/xahCX3ubOmdoFNm4dwdlQy7n3NgFqI99tHIvY/B1MCs7XkMKV4s6yzLVS4Q== root@localhost.localdomain
|
|
@ -1,3 +0,0 @@
|
|||
NETWORKING=yes
|
||||
NETWORKING_IPV6=no
|
||||
HOSTNAME=galia.watzmann.net
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue