-->
<delegatemap>
<delegate decode="autotrace" stealth="True" command=""convert" "%i" "pnm:%u"\n"autotrace" -input-format pnm -output-format svg -output-file "%o" "%u""/>
+ <delegate decode="bpg" command=""bpgdec" -b 16 -o "%o.png" "%i"; mv "%o.png" "%o""/>
+ <delegate decode="png" encode="bpg" command=""bpgenc" -b 12 -o "%o" "%i""/>
<delegate decode="blender" command=""blender" -b "%i" -F PNG -o "%o""\n"convert" -concatenate "%o*.png" "%o""/>
<delegate decode="browse" stealth="True" spawn="True" command=""xdg-open" http://www.imagemagick.org/; rm "%i""/>
<delegate decode="cdr" command=""uniconvertor" "%i" "%o.svg"; mv "%o.svg" "%o""/>
<delegate decode="shtml" command=""html2ps" -U -o "%o" "%i""/>
<delegate decode="sid" command=""mrsidgeodecode" -if sid -i "%i" -of tif -o "%o" > "%u""/>
<delegate decode="svg" command=""rsvg-convert" -o "%o" "%i""/>
- <delegate decode="svg:decode" stealth="True" command=""inkscape" "%s" --export-eps="%s" --export-dpi="%s" --export-background="%s" --export-background-opacity="%s" > "%s" 2>&1"/>
+ <delegate decode="svg:decode" stealth="True" command=""inkscape" "%s" --export-png="%s" --export-dpi="%s" --export-background="%s" --export-background-opacity="%s" > "%s" 2>&1"/>
<delegate decode="tiff" encode="launch" mode="encode" command=""gimp" "%i""/>
<delegate decode="txt" encode="ps" mode="bi" command=""enscript" -o "%o" "%i""/>
<delegate decode="wdp" command="mv "%i" "%i.jxr"; "JxrDecApp" -i "%i.jxr" -o "%o.bmp"; mv "%i.jxr" "%i"; mv "%o.bmp" "%o""/>
<policy domain="resource" name="area" value="1GB"/>
- Define arguments for the memory, map, area, and disk resources with
- SI prefixes (.e.g 100MB). In addition, resource policies are maximums for
- each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
+ Define arguments for the memory, map, area, width, height, and disk resources
+ with SI prefixes (.e.g 100MB). In addition, resource policies are maximums
+ for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
exceeds policy maximum so memory limit is 1GB).
-->
<policymap>
<!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
<!-- <policy domain="resource" name="memory" value="2GiB"/> -->
<!-- <policy domain="resource" name="map" value="4GiB"/> -->
+ <!-- <policy domain="resource" name="width" value="100MP"/> -->
+ <!-- <policy domain="resource" name="height" value="100MP"/> -->
<!-- <policy domain="resource" name="area" value="1GB"/> -->
<!-- <policy domain="resource" name="disk" value="16EB"/> -->
<!-- <policy domain="resource" name="file" value="768"/> -->
<!ATTLIST include file CDATA #REQUIRED>
]>
<typemap>
- <include file="type-dejavu.xml" /> <include file="type-windows.xml" /> <include file="type-ghostscript.xml" />
+ <include file="type-dejavu.xml" /> <include file="type-ghostscript.xml" /> <include file="type-windows.xml" />
</typemap>
acl common-allow-transfer {
213.20.92.7;
80.154.16.7;
- 85.199.64.7;
- 46.16.73.175;
+ 85.199.64.7; // ns3.boreus.de
+ 195.50.185.7; // ns1.boreus.de
+ 46.16.73.175; // uhu1
+ 46.189.56.7; // ns2.boreus.de
85.214.43.33;
85.214.134.152; // helga
85.214.147.150; // leela
144.76.221.169; // maria.acwain.net
- 195.50.185.7;
2a01:238:4239:8a00:d4da:215d:3d01:f9b9; // leela
127.0.0.1;
::1;
2a01:4f8:200:94a8::2; // maria.acwain.net
2001:6f8:1db7::1;
2001:6f8:1c00:365::2;
+
};
acl allow-dyn-update {
allow-transfer {
common-allow-transfer;
};
+ also-notify {
+ 195.50.185.7;
+ 46.189.56.7;
+ 85.199.64.7;
+ };
};
//zone "brehm-online.eu" {
allow-transfer {
common-allow-transfer;
};
+ also-notify {
+ 195.50.185.7;
+ 46.189.56.7;
+ 85.199.64.7;
+ };
};
//zone "uhu-banane.com" IN {
allow-transfer {
common-allow-transfer;
};
+ also-notify {
+ 195.50.185.7;
+ 46.189.56.7;
+ 85.199.64.7;
+ };
};
//zone "uhu-banane.net" IN {
--- /dev/null
+# OpenRC will attempt each of the following in succession to mount /dev.
+#
+# 1. If there is an entry for /dev in fstab, it will be used.
+# 2. If devtmpfs is defined in the kernel, it will be used.
+# 3. If tmpfs is defined in the kernel, it will be used.
+#
+# Set this to yes if you do not want OpenRC to attempt to mount /dev.
+# skip_mount_dev="NO"
# If you want the hwclock script to set the system time (software clock)
# to match the current hardware clock during bootup, leave this
# commented out.
-# However, you can set this to "NO" ifyou are running a modern kernel
-# with CONFIG_RTC_HCTOSYS set to y and your hardware clock set to UTC.
+# However, you can set this to "NO" if you are running a modern kernel
+# and using NTP to synchronize your system clock.
#clock_hctosys="YES"
# If you do not want to set the hardware clock to the current system
# For a list of valid sets, run `dumpkeys --help`
dumpkeys_charset=""
-# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro €
+# Some fonts map AltGr-E to the currency symbol instead of the Euro.
# To fix this, set to "yes"
fix_euro="NO"
extended_keymaps=""
#extended_keymaps="backspace keypad euro2"
-# Tell dumpkeys(1) to interpret character action codes to be
+# Tell dumpkeys(1) to interpret character action codes to be
# from the specified character set.
# This only matters if you set unicode="yes" in /etc/rc.conf.
# For a list of valid sets, run `dumpkeys --help`
# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro €
# To fix this, set to "yes"
fix_euro="NO"
-
--- /dev/null
+# Use keymap to specify the default console keymap. There is a complete tree
+# of keymaps in /usr/share/keymaps to choose from.
+#keymap="us"
+keymap="de-latin1-nodeadkeys"
+
+# Should we first load the 'windowkeys' console keymap? Most x86 users will
+# say "yes" here. Note that non-x86 users should leave it as "no".
+# Loading this keymap will enable VT switching (like ALT+Left/Right)
+# using the special windows keys on the linux console.
+windowkeys="YES"
+
+# The maps to load for extended keyboards. Most users will leave this as is.
+extended_keymaps=""
+#extended_keymaps="backspace keypad euro2"
+
+# Tell dumpkeys(1) to interpret character action codes to be
+# from the specified character set.
+# This only matters if you set unicode="yes" in /etc/rc.conf.
+# For a list of valid sets, run `dumpkeys --help`
+dumpkeys_charset=""
+
+# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro €
+# To fix this, set to "yes"
+fix_euro="NO"
+
# For a list of valid sets, run `dumpkeys --help`
dumpkeys_charset=""
-# Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro €
+# Some fonts map AltGr-E to the currency symbol instead of the Euro.
# To fix this, set to "yes"
fix_euro="NO"
--- /dev/null
+# /etc/mysql/my.cnf: The global mysql configuration file.
+# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.6,v 1.1 2014/10/08 16:42:41 grknight Exp $
+
+# The following options will be passed to all MySQL clients
+[client]
+#password = your_password
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+
+[mysql]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqladmin]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqlcheck]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqldump]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqlimport]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[mysqlshow]
+character-sets-dir=/usr/share/mysql/charsets
+default-character-set=utf8
+
+[myisamchk]
+character-sets-dir=/usr/share/mysql/charsets
+
+[myisampack]
+character-sets-dir=/usr/share/mysql/charsets
+
+# use [safe_mysqld] with mysql-3
+[mysqld_safe]
+err-log = /var/log/mysql/mysql.err
+
+# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations
+[mysqld]
+character-set-server = utf8
+user = mysql
+port = 3306
+socket = /var/run/mysqld/mysqld.sock
+pid-file = /var/run/mysqld/mysqld.pid
+log-error = /var/log/mysql/mysqld.err
+basedir = /usr
+datadir = /var/lib/mysql
+skip-external-locking
+key_buffer_size = 16M
+max_allowed_packet = 4M
+table_open_cache = 400
+sort_buffer_size = 512K
+net_buffer_length = 16K
+read_buffer_size = 256K
+read_rnd_buffer_size = 512K
+myisam_sort_buffer_size = 8M
+lc_messages_dir = /usr/share/mysql
+#Set this to your desired error message language
+lc_messages = en_US
+
+# security:
+# using "localhost" in connects uses sockets by default
+# skip-networking
+bind-address = 127.0.0.1
+
+log-bin
+server-id = 1
+
+# point the following paths to different dedicated disks
+tmpdir = /tmp/
+#log-update = /path-to-dedicated-directory/hostname
+
+# you need the debug USE flag enabled to use the following directives,
+# if needed, uncomment them, start the server and issue
+# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace
+# this will show you *exactly* what's happening in your server ;)
+
+#log = /tmp/mysqld.sql
+#gdb
+#debug = d:t:i:o,/tmp/mysqld.trace
+#one-thread
+
+# the rest of the innodb config follows:
+# don't eat too much memory, we're trying to be safe on 64Mb boxes
+# you might want to bump this up a bit on boxes with more RAM
+innodb_buffer_pool_size = 128M
+#
+# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-(
+# and upstream wants things to be under /var/lib/mysql/, so that's the route
+# we have to take for the moment
+#innodb_data_home_dir = /var/lib/mysql/
+#innodb_log_arch_dir = /var/lib/mysql/
+#innodb_log_group_home_dir = /var/lib/mysql/
+# you may wish to change this size to be more suitable for your system
+# the max is there to avoid run-away growth on your machine
+innodb_data_file_path = ibdata1:10M:autoextend:max:128M
+# we keep this at around 25% of of innodb_buffer_pool_size
+# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size)
+innodb_log_file_size = 48M
+# this is the default, increase it if you have very large transactions going on
+innodb_log_buffer_size = 8M
+# this is the default and won't hurt you
+# you shouldn't need to tweak it
+innodb_log_files_in_group=2
+# see the innodb config docs, the other options are not always safe
+innodb_flush_log_at_trx_commit = 1
+innodb_lock_wait_timeout = 50
+innodb_file_per_table
+
+# Uncomment this to get FEDERATED engine support
+#plugin-load=federated=ha_federated.so
+loose-federated
+
+[mysqldump]
+quick
+max_allowed_packet = 16M
+
+[mysql]
+# uncomment the next directive if you are not familiar with SQL
+#safe-updates
+
+[isamchk]
+key_buffer_size = 20M
+sort_buffer_size = 20M
+read_buffer = 2M
+write_buffer = 2M
+
+[myisamchk]
+key_buffer_size = 20M
+sort_buffer_size = 20M
+read_buffer_size = 2M
+write_buffer_size = 2M
+
+[mysqlhotcopy]
+interactive-timeout
+++ /dev/null
-# /etc/mysql/my.cnf: The global mysql configuration file.
-# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.5,v 1.4 2014/08/28 14:06:54 grknight Exp $
-
-# The following options will be passed to all MySQL clients
-[client]
-#password = your_password
-port = 3306
-socket = /var/run/mysqld/mysqld.sock
-
-[mysql]
-character-sets-dir=/usr/share/mysql/charsets
-default-character-set=utf8
-
-[mysqladmin]
-character-sets-dir=/usr/share/mysql/charsets
-default-character-set=utf8
-
-[mysqlcheck]
-character-sets-dir=/usr/share/mysql/charsets
-default-character-set=utf8
-
-[mysqldump]
-character-sets-dir=/usr/share/mysql/charsets
-default-character-set=utf8
-
-[mysqlimport]
-character-sets-dir=/usr/share/mysql/charsets
-default-character-set=utf8
-
-[mysqlshow]
-character-sets-dir=/usr/share/mysql/charsets
-default-character-set=utf8
-
-[myisamchk]
-character-sets-dir=/usr/share/mysql/charsets
-
-[myisampack]
-character-sets-dir=/usr/share/mysql/charsets
-
-# use [safe_mysqld] with mysql-3
-[mysqld_safe]
-err-log = /var/log/mysql/mysql.err
-
-# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations
-[mysqld]
-character-set-server = utf8
-user = mysql
-port = 3306
-socket = /var/run/mysqld/mysqld.sock
-pid-file = /var/run/mysqld/mysqld.pid
-log-error = /var/log/mysql/mysqld.err
-basedir = /usr
-datadir = /var/lib/mysql
-skip-external-locking
-key_buffer_size = 16M
-max_allowed_packet = 1M
-table_open_cache = 64
-sort_buffer_size = 512K
-net_buffer_length = 8K
-read_buffer_size = 256K
-read_rnd_buffer_size = 512K
-myisam_sort_buffer_size = 8M
-lc_messages_dir = /usr/share/mysql
-#Set this to your desired error message language
-lc_messages = en_US
-
-# security:
-# using "localhost" in connects uses sockets by default
-# skip-networking
-bind-address = 127.0.0.1
-
-log-bin
-server-id = 1
-
-# point the following paths to different dedicated disks
-tmpdir = /tmp/
-#log-update = /path-to-dedicated-directory/hostname
-
-# you need the debug USE flag enabled to use the following directives,
-# if needed, uncomment them, start the server and issue
-# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace
-# this will show you *exactly* what's happening in your server ;)
-
-#log = /tmp/mysqld.sql
-#gdb
-#debug = d:t:i:o,/tmp/mysqld.trace
-#one-thread
-
-# the following is the InnoDB configuration
-# if you wish to disable innodb instead
-# uncomment just the next line
-#skip-innodb
-#
-# the rest of the innodb config follows:
-# don't eat too much memory, we're trying to be safe on 64Mb boxes
-# you might want to bump this up a bit on boxes with more RAM
-innodb_buffer_pool_size = 16M
-# this is the default, increase it if you have lots of tables
-innodb_additional_mem_pool_size = 2M
-#
-# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-(
-# and upstream wants things to be under /var/lib/mysql/, so that's the route
-# we have to take for the moment
-#innodb_data_home_dir = /var/lib/mysql/
-#innodb_log_arch_dir = /var/lib/mysql/
-#innodb_log_group_home_dir = /var/lib/mysql/
-# you may wish to change this size to be more suitable for your system
-# the max is there to avoid run-away growth on your machine
-innodb_data_file_path = ibdata1:10M:autoextend:max:128M
-# we keep this at around 25% of of innodb_buffer_pool_size
-# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size)
-innodb_log_file_size = 5M
-# this is the default, increase it if you have very large transactions going on
-innodb_log_buffer_size = 8M
-# this is the default and won't hurt you
-# you shouldn't need to tweak it
-innodb_log_files_in_group=2
-# see the innodb config docs, the other options are not always safe
-innodb_flush_log_at_trx_commit = 1
-innodb_lock_wait_timeout = 50
-innodb_file_per_table
-
-# Uncomment this to get FEDERATED engine support
-#plugin-load=federated=ha_federated.so
-#loose-federated
-
-[mysqldump]
-quick
-max_allowed_packet = 16M
-
-[mysql]
-# uncomment the next directive if you are not familiar with SQL
-#safe-updates
-
-[isamchk]
-key_buffer_size = 20M
-sort_buffer_size = 20M
-read_buffer = 2M
-write_buffer = 2M
-
-[myisamchk]
-key_buffer_size = 20M
-sort_buffer_size = 20M
-read_buffer_size = 2M
-write_buffer_size = 2M
-
-[mysqlhotcopy]
-interactive-timeout
-
# Set unicode to YES to turn on unicode support for keyboards and screens.
unicode="YES"
+# This is how long fuser should wait for a remote server to respond. The
+# default is 60 seconds, but it can be adjusted here.
+#rc_fuser_timeout=60
+
# Below is the default list of network fstypes.
#
# afs cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs
# Some daemons are started and stopped via start-stop-daemon.
# We can set some things on a per service basis, like the nicelevel.
-#export SSD_NICELEVEL="-19"
+#SSD_NICELEVEL="-19"
# Pass ulimit parameters
#rc_ulimit="-u 30"
# consolefont, numlock, etc ...)
rc_tty_number=12
+##############################################################################
+# CGROUPS RESOURCE MANAGEMENT
+
# If you have cgroups turned on in your kernel, this switch controls
# whether or not a group for each controller is mounted under
# /sys/fs/cgroup.
-# Support for process management by cgroups is planned in the future,
-# so if you turn this off, be aware that you may not be able to use that
-# feature.
+# None of the other options in this section work if this is set to "NO".
#rc_controller_cgroups="YES"
+
+# The following settings allow you to set up values for the cgroup
+# controllers for your services.
+# They can be set in this file;, however, if you do this, the settings
+# will apply to all of your services.
+# If you want different settings for each service, place the settings in
+# /etc/conf.d/foo for service foo.
+# The format is to specify the names of the settings followed by their
+# values. Each variable can hold multiple settings.
+# For example, you would use this to set the cpu.shares setting in the
+# cpu controller to 512 for your service.
+# rc_cgroup_cpu="
+# cpu.shares 512
+# "
+#
+#For more information about the adjustments that can be made with
+#cgroups, see Documentation/cgroups/* in the linux kernel source tree.
+
+# Set the blkio controller settings for this service.
+#rc_cgroup_blkio=""
+
+# Set the cpu controller settings for this service.
+#rc_cgroup_cpu=""
+
+# Add this service to the cpuacct controller (any value means yes).
+#rc_cgroup_cpuacct=""
+
+# Set the cpuset controller settings for this service.
+#rc_cgroup_cpuset=""
+
+# Set the devices controller settings for this service.
+#rc_cgroup_devices=""
+
+# Set the memory controller settings for this service.
+#rc_cgroup_memory=""
+
+# Set the net_prio controller settings for this service.
+#rc_cgroup_net_prio=""
+
+# Set this to YES if yu want all of the processes in a service's cgroup
+# killed when the service is stopped or restarted.
+# This should not be set globally because it kills all of the service's
+# child processes, and most of the time this is undesirable. Please set
+# it in /etc/conf.d/<service>.
+# To perform this cleanup manually for a stopped service, you can
+# execute cgroup_cleanup with /etc/init.d/<service> cgroup_cleanup or
+# rc-service <service> cgroup_cleanup.
+# rc_cgroup_cleanup="NO"
rc_tty_number=12
# If you have cgroups turned on in your kernel, this switch controls
-# whether or not a group for each controler is mounted under
+# whether or not a group for each controller is mounted under
# /sys/fs/cgroup.
# Support for process management by cgroups is planned in the future,
# so if you turn this off, be aware that you may not be able to use that
# Global OpenRC configuration settings
+# Set to "YES" if you want the rc system to try and start services
+# in parallel for a slight speed improvement. When running in parallel we
+# prefix the service output with its name as the output will get
+# jumbled up.
+# WARNING: whilst we have improved parallel, it can still potentially lock
+# the boot process. Don't file bugs about this unless you can supply
+# patches that fix it without breaking other things!
+#rc_parallel="NO"
+
# Set rc_interactive to "YES" and you'll be able to press the I key during
# boot so you can choose to start specific services. Set to "NO" to disable
-# this feature.
+# this feature. This feature is automatically disabled if rc_parallel is
+# set to YES.
#rc_interactive="YES"
# If we need to drop to a shell, you can specify it here.
# These variables are documented here, but should be configured in
# /etc/conf.d/foo for service foo and NOT enabled here unless you
# really want them to work on a global basis.
+# If your service has characters in its name which are not legal in
+# shell variable names and you configure the variables for it in this
+# file, those characters should be replaced with underscores in the
+# variable names as shown below.
# Some daemons are started and stopped via start-stop-daemon.
# We can set some things on a per service basis, like the nicelevel.
#rc_foo_need="openvpn"
#rc_foo_after="clock"
+# Below is an example for service foo-bar. Note that the '-' is illegal
+# in a shell variable name, so we convert it to an underscore.
+# example for service foo-bar.
+#rc_foo_bar_config="/etc/foo-bar"
+#rc_foo_bar_need="openvpn"
+#rc_foo_bar_after="clock"
+
# You can also remove dependencies.
# This is mainly used for saying which servies do NOT provide net.
#rc_net_tap0_provide="!net"
# "vserver" - Linux vserver
# "xen0" - Xen0 Domain
# "xenU" - XenU Domain
-# If this is commented out, automatic detection will be attempted.
-# Note that autodetection will not work in a prefix environment or in a
-# linux container.
+# If this is commented out, automatic detection will be used.
#
# This should be set to the value representing the environment this file is
# PRESENTLY in, not the virtualization the environment is capable of.
# This is the number of tty's used in most of the rc-scripts (like
# consolefont, numlock, etc ...)
rc_tty_number=12
+
+# If you have cgroups turned on in your kernel, this switch controls
+# whether or not a group for each controler is mounted under
+# /sys/fs/cgroup.
+# Support for process management by cgroups is planned in the future,
+# so if you turn this off, be aware that you may not be able to use that
+# feature.
+#rc_controller_cgroups="YES"
--- /dev/null
+# Global OpenRC configuration settings
+
+# Set rc_interactive to "YES" and you'll be able to press the I key during
+# boot so you can choose to start specific services. Set to "NO" to disable
+# this feature.
+#rc_interactive="YES"
+
+# If we need to drop to a shell, you can specify it here.
+# If not specified we use $SHELL, otherwise the one specified in /etc/passwd,
+# otherwise /bin/sh
+# Linux users could specify /sbin/sulogin
+rc_shell=/sbin/sulogin
+
+# Do we allow any started service in the runlevel to satisfy the dependency
+# or do we want all of them regardless of state? For example, if net.eth0
+# and net.eth1 are in the default runlevel then with rc_depend_strict="NO"
+# both will be started, but services that depend on 'net' will work if either
+# one comes up. With rc_depend_strict="YES" we would require them both to
+# come up.
+#rc_depend_strict="YES"
+
+# rc_hotplug is a list of services that we allow to be hotplugged.
+# By default we do not allow hotplugging.
+# A hotplugged service is one started by a dynamic dev manager when a matching
+# hardware device is found.
+# This service is intrinsically included in the boot runlevel.
+# To disable services, prefix with a !
+# Example - rc_hotplug="net.wlan !net.*"
+# This allows net.wlan and any service not matching net.* to be plugged.
+# Example - rc_hotplug="*"
+# This allows all services to be hotplugged
+#rc_hotplug="*"
+
+# rc_logger launches a logging daemon to log the entire rc process to
+# /var/log/rc.log
+# NOTE: Linux systems require the devfs service to be started before
+# logging can take place and as such cannot log the sysinit runlevel.
+rc_logger="YES"
+
+# Through rc_log_path you can specify a custom log file.
+# The default value is: /var/log/rc.log
+rc_log_path="/var/log/rc.log"
+
+# By default we filter the environment for our running scripts. To allow other
+# variables through, add them here. Use a * to allow all variables through.
+#rc_env_allow="VAR1 VAR2"
+
+# By default we assume that all daemons will start correctly.
+# However, some do not - a classic example is that they fork and return 0 AND
+# then child barfs on a configuration error. Or the daemon has a bug and the
+# child crashes. You can set the number of milliseconds start-stop-daemon
+# waits to check that the daemon is still running after starting here.
+# The default is 0 - no checking.
+#rc_start_wait=100
+
+# rc_nostop is a list of services which will not stop when changing runlevels.
+# This still allows the service itself to be stopped when called directly.
+#rc_nostop=""
+
+# rc will attempt to start crashed services by default.
+# However, it will not stop them by default as that could bring down other
+# critical services.
+#rc_crashed_stop=NO
+#rc_crashed_start=YES
+
+##############################################################################
+# MISC CONFIGURATION VARIABLES
+# There variables are shared between many init scripts
+
+# Set unicode to YES to turn on unicode support for keyboards and screens.
+unicode="YES"
+
+# Below is the default list of network fstypes.
+#
+# afs cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs
+# nfs nfs4 ocfs2 shfs smbfs
+#
+# If you would like to add to this list, you can do so by adding your
+# own fstypes to the following variable.
+#extra_net_fs_list=""
+
+##############################################################################
+# SERVICE CONFIGURATION VARIABLES
+# These variables are documented here, but should be configured in
+# /etc/conf.d/foo for service foo and NOT enabled here unless you
+# really want them to work on a global basis.
+
+# Some daemons are started and stopped via start-stop-daemon.
+# We can set some things on a per service basis, like the nicelevel.
+#export SSD_NICELEVEL="-19"
+
+# Pass ulimit parameters
+#rc_ulimit="-u 30"
+
+# It's possible to define extra dependencies for services like so
+#rc_config="/etc/foo"
+#rc_need="openvpn"
+#rc_use="net.eth0"
+#rc_after="clock"
+#rc_before="local"
+#rc_provide="!net"
+
+# You can also enable the above commands here for each service. Below is an
+# example for service foo.
+#rc_foo_config="/etc/foo"
+#rc_foo_need="openvpn"
+#rc_foo_after="clock"
+
+# You can also remove dependencies.
+# This is mainly used for saying which servies do NOT provide net.
+#rc_net_tap0_provide="!net"
+
+##############################################################################
+# LINUX SPECIFIC OPTIONS
+
+# This is the subsystem type. Valid options on Linux:
+# "" - nothing special
+# "lxc" - Linux Containers
+# "openvz" - Linux OpenVZ
+# "prefix" - Prefix
+# "uml" - Usermode Linux
+# "vserver" - Linux vserver
+# "xen0" - Xen0 Domain
+# "xenU" - XenU Domain
+# If this is commented out, automatic detection will be attempted.
+# Note that autodetection will not work in a prefix environment or in a
+# linux container.
+#
+# This should be set to the value representing the environment this file is
+# PRESENTLY in, not the virtualization the environment is capable of.
+rc_sys=""
+
+# This is the number of tty's used in most of the rc-scripts (like
+# consolefont, numlock, etc ...)
+rc_tty_number=12
# The default value is: /var/log/rc.log
#rc_log_path="/var/log/rc.log"
+# If you want verbose output for OpenRC, set this to yes. If you want
+# verbose output for service foo only, set it to yes in /etc/conf.d/foo.
+#rc_verbose=no
+
# By default we filter the environment for our running scripts. To allow other
# variables through, add them here. Use a * to allow all variables through.
#rc_env_allow="VAR1 VAR2"
#rc_crashed_stop=NO
#rc_crashed_start=YES
+# Set rc_nocolor to yes if you do not want colors displayed in OpenRC
+# output.
+#rc_nocolor=NO
+
##############################################################################
# MISC CONFIGURATION VARIABLES
# There variables are shared between many init scripts
# Below is the default list of network fstypes.
#
-# afs cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs
+# afs ceph cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs
# nfs nfs4 ocfs2 shfs smbfs
#
# If you would like to add to this list, you can do so by adding your
# Example configuration for ulogd
-# $Id: ulogd.conf,v 1.3 2010/10/12 07:51:44 root Exp $
# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
[global]
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
-#file=/var/log/ulogd/ulogd.pcap
+#file="/var/log/ulogd/ulogd.pcap"
sync=1
[mysql1]
table="ulog"
pass="changeme"
procedure="INSERT_PACKET_FULL"
+# backlog configuration:
+# set backlog_memcap to the size of memory that will be
+# allocated to store events in memory if data is temporary down
+# and insert them when the database came back.
+#backlog_memcap=1000000
+# number of events to insert at once when backlog is not empty
+#backlog_oneshot_requests=10
[mysql2]
db="nulog"
#schema="public"
pass="changeme"
procedure="INSERT_PACKET_FULL"
+# connstring can be used to define PostgreSQL connection string which
+# contains all parameters of the connection. If set, this value has
+# precedence on other variables used to build the connection string.
+# See http://www.postgresql.org/docs/9.2/static/libpq-connect.html#LIBPQ-CONNSTRING
+# for a complete description of options.
+#connstring="host=localhost port=4321 dbname=nulog user=nupik password=changeme"
+#backlog_memcap=1000000
+#backlog_oneshot_requests=10
+# If superior to 1 a thread dedicated to SQL request execution
+# is created. The value stores the number of SQL request to keep
+# in the ring buffer
+#ring_buffer_size=1000
[pgsql2]
db="nulog"
[nacct1]
sync = 1
+#file = /var/log/ulogd/ulogd_nacct.log
[mark1]
mark = 1
# logfile for status messages
logfile="/var/log/ulogd/daemon.log"
-# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) (default 5)
loglevel=3
######################################################################
plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
+#plugin="/usr/lib64/ulogd/ulogd_inppkt_UNIXSOCK.so"
plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
+#plugin="/usr/lib64/ulogd/ulogd_filter_IP2HBIN.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
-#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so"
+plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
+plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_SQLITE3.so"
+plugin="/usr/lib64/ulogd/ulogd_output_GPRINT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
+plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
+plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
# this is a stack for logging packet send by system via LOGEMU
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for packet-based logging via LOGEMU with filtering on MARK
#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+# this is a stack for packet-based logging via GPRINT
+#stack=log1:NFLOG,gp1:GPRINT
+
# this is a stack for flow-based logging via LOGEMU
#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
-# this is a stack for flow-based logging via OPRINT
-#stack=ct1:NFCT,op1:OPRINT
+# this is a stack for flow-based logging via GPRINT
+#stack=ct1:NFCT,gp1:GPRINT
# this is a stack for flow-based logging via XML
#stack=ct1:NFCT,xml1:XML
# this is a stack for logging in XML
#stack=log1:NFLOG,xml1:XML
+# this is a stack for accounting-based logging via XML
+#stack=acct1:NFACCT,xml1:XML
+
+# this is a stack for accounting-based logging to a Graphite server
+#stack=acct1:NFACCT,graphite1:GRAPHITE
+
# this is a stack for NFLOG packet-based logging to PCAP
#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+# this is a stack for logging packets to syslog after a collect via NuFW
+#stack=nuauth1:UNIXSOCK,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
# this is a stack for flow-based logging to MySQL
#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
# this is a stack for flow-based logging to PGSQL without local hash
#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+# this is a stack for flow-based logging to SQLITE3
+#stack=ct1:NFCT,sqlite3_ct:SQLITE3
+
+# this is a stack for logging packet to SQLITE3
+#stack=log1:NFLOG,sqlite3_pkt:SQLITE3
# this is a stack for flow-based logging in NACCT compatible format
#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+# this is a stack for accounting-based logging via GPRINT
+#stack=acct1:NFACCT,gp1:GPRINT
+
[ct1]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
#pollinterval=10 # use poll-based logging instead of event-driven
+# If pollinterval is not set, NFCT plugin will work in event mode
+# In this case, you can use the following filters on events:
+#accept_src_filter=192.168.1.0/24,1:2::/64 # source ip of connection must belong to these networks
+#accept_dst_filter=192.168.1.0/24 # destination ip of connection must belong to these networks
+#accept_proto_filter=tcp,sctp # layer 4 proto of connections
[ct2]
#netlink_socket_buffer_size=217088
#netlink_socket_buffer_maxsize=1085440
+#reliable=1 # enable reliable flow-based logging (may drop packets)
hash_enable=0
# Logging of system packet through NFLOG
nlgroup=1
#numeric_label=0 # optional argument
+[nuauth1]
+socket_path="/run/nuauth_ulogd2.sock"
+
[emu1]
file="/var/log/ulogd/syslogemu.log"
sync=1
[op1]
file="/var/log/ulogd/oprint.log"
-#file="/var/log/ulogd_oprint.log"
sync=1
+[gp1]
+file="/var/log/ulogd/gprint.log"
+sync=1
+timestamp=1
+
[xml1]
directory="/var/log/ulogd/"
sync=1
[pcap1]
+#default file is /var/log/ulogd/ulogd.pcap
+#file=/var/log/ulogd/ulogd.pcap
sync=1
[mysql1]
db="nulog"
host="localhost"
user="nupik"
-table="ulog"
+table="conntrack"
pass="changeme"
procedure="INSERT_CT"
host="localhost"
user="nupik"
table="ulog"
+#schema="public"
pass="changeme"
procedure="INSERT_PACKET_FULL"
host="localhost"
user="nupik"
table="ulog2_ct"
+#schema="public"
pass="changeme"
procedure="INSERT_CT"
host="localhost"
user="nupik"
table="ulog2_ct"
+#schema="public"
pass="changeme"
procedure="INSERT_OR_REPLACE_CT"
+[pgsql4]
+db="nulog"
+host="localhost"
+user="nupik"
+table="nfacct"
+#schema="public"
+pass="changeme"
+procedure="INSERT_NFACCT"
+
[dbi1]
db="ulog2"
dbtype="pgsql"
pass="ulog2"
procedure="INSERT_PACKET_FULL"
+[sqlite3_ct]
+table="ulog_ct"
+db="/var/log/ulogd/ulogd.sqlite3db"
+buffer=200
+
+[sqlite3_pkt]
+table="ulog_pkt"
+db="/var/log/ulogd/ulogd.sqlite3db"
+buffer=200
+
[sys2]
facility=LOG_LOCAL2
[mark1]
mark = 1
+
+[acct1]
+pollinterval = 2
+# If set to 0, we don't reset the counters for each polling (default is 1).
+#zerocounter = 0
+# Set timestamp (default is 0, which means not set). This timestamp can be
+# interpreted by the output plugin.
+#timestamp = 1
+
+[graphite1]
+host="127.0.0.1"
+port="2003"
+# Prefix of data name sent to graphite server
+prefix="netfilter.nfacct"
--- /dev/null
+# Example configuration for ulogd
+# $Id: ulogd.conf,v 1.3 2010/10/12 07:51:44 root Exp $
+# Adapted to Debian by Achilleas Kotsis <achille@debian.gr>
+
+[global]
+######################################################################
+# GLOBAL OPTIONS
+######################################################################
+
+
+# logfile for status messages
+logfile="/var/log/ulogd/daemon.log"
+
+# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8)
+loglevel=3
+
+######################################################################
+# PLUGIN OPTIONS
+######################################################################
+
+# We have to configure and load all the plugins we want to use
+
+# general rules:
+# 1. load the plugins _first_ from the global section
+# 2. options for each plugin in seperate section below
+
+
+plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so"
+plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so"
+plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so"
+plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so"
+#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so"
+plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_XML.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so"
+plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
+
+# this is a stack for logging packet send by system via LOGEMU
+stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU
+stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for ULOG packet-based logging via LOGEMU
+stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for packet-based logging via LOGEMU with filtering on MARK
+#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
+
+# this is a stack for flow-based logging via LOGEMU
+#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU
+
+# this is a stack for flow-based logging via OPRINT
+#stack=ct1:NFCT,op1:OPRINT
+
+# this is a stack for flow-based logging via XML
+#stack=ct1:NFCT,xml1:XML
+
+# this is a stack for logging in XML
+#stack=log1:NFLOG,xml1:XML
+
+# this is a stack for NFLOG packet-based logging to PCAP
+#stack=log2:NFLOG,base1:BASE,pcap1:PCAP
+
+# this is a stack for logging packet to MySQL
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL
+
+# this is a stack for logging packet to PGsql after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+
+# this is a stack for logging packets to syslog after a collect via NFLOG
+#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
+
+# this is a stack for flow-based logging to MySQL
+#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL
+
+# this is a stack for flow-based logging to PGSQL
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL
+
+# this is a stack for flow-based logging to PGSQL without local hash
+#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL
+
+
+# this is a stack for flow-based logging in NACCT compatible format
+#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT
+
+[ct1]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#netlink_resync_timeout=60 # seconds to wait to perform resynchronization
+#pollinterval=10 # use poll-based logging instead of event-driven
+
+[ct2]
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+hash_enable=0
+
+# Logging of system packet through NFLOG
+[log1]
+# netlink multicast group (the same as the iptables --nflog-group param)
+# Group O is used by the kernel to log connection tracking invalid message
+group=0
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# set number of packet to queue inside kernel
+#netlink_qthreshold=1
+# set the delay before flushing packet in the queue inside kernel (in 10ms)
+#netlink_qtimeout=100
+
+# packet logging through NFLOG for group 1
+[log2]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=1 # Group has to be different from the one use in log1
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+# If your kernel is older than 2.6.29 and if a NFLOG input plugin with
+# group 0 is not used by any stack, you need to have at least one NFLOG
+# input plugin with bind set to 1. If you don't do that you may not
+# receive any message from the kernel.
+#bind=1
+
+# packet logging through NFLOG for group 2, numeric_label is
+# set to 1
+[log3]
+# netlink multicast group (the same as the iptables --nflog-group param)
+group=2 # Group has to be different from the one use in log1/log2
+numeric_label=1 # you can label the log info based on the packet verdict
+#netlink_socket_buffer_size=217088
+#netlink_socket_buffer_maxsize=1085440
+#bind=1
+
+[ulog1]
+# netlink multicast group (the same as the iptables --ulog-nlgroup param)
+nlgroup=1
+#numeric_label=0 # optional argument
+
+[emu1]
+file="/var/log/ulogd/syslogemu.log"
+sync=1
+
+[op1]
+file="/var/log/ulogd/oprint.log"
+#file="/var/log/ulogd_oprint.log"
+sync=1
+
+[xml1]
+directory="/var/log/ulogd/"
+sync=1
+
+[pcap1]
+sync=1
+
+[mysql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+
+[mysql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql1]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog"
+pass="changeme"
+procedure="INSERT_PACKET_FULL"
+
+[pgsql2]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+pass="changeme"
+procedure="INSERT_CT"
+
+[pgsql3]
+db="nulog"
+host="localhost"
+user="nupik"
+table="ulog2_ct"
+pass="changeme"
+procedure="INSERT_OR_REPLACE_CT"
+
+[dbi1]
+db="ulog2"
+dbtype="pgsql"
+host="localhost"
+user="ulog2"
+table="ulog"
+pass="ulog2"
+procedure="INSERT_PACKET_FULL"
+
+[sys2]
+facility=LOG_LOCAL2
+
+[nacct1]
+sync = 1
+
+[mark1]
+mark = 1
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so"
# this is a stack for logging packet send by system via LOGEMU
#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
+
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
directory="/var/log/ulogd/"
sync=1
+[json1]
+sync=1
+#file="/var/log/ulogd/ulogd.json"
+#timestamp=0
+# device name to be used in JSON message
+#device="My awesome Netfilter firewall"
+# If boolean_label is set to 1 then the numeric_label put on packet
+# by the input plugin is coding the action on packet: if 0, then
+# packet has been blocked and if non null it has been accepted.
+#boolean_label=1
+
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
#file="/var/log/ulogd/ulogd.pcap"
#
-# "$Id: cups-files.conf.in 11201 2013-07-26 21:27:27Z msweet $"
-#
-# Sample file/directory/user/group configuration file for the CUPS scheduler.
+# File/directory/user/group configuration file for the CUPS scheduler.
# See "man cups-files.conf" for a complete description of this file.
#
#Group lp
# Administrator user group, used to match @SYSTEM in cupsd.conf policy rules...
+# This cannot contain the Group value for security reasons...
SystemGroup lpadmin
#FontPath /usr/share/cups/fonts
# Location of LPD configuration
-#LPDConfigFile
+#LPDConfigFile xinetd:///etc/xinetd.d/cups-lpd
# Location of the file logging all pages printed by the scheduler and any
# helper programs; may be the name "syslog". If not an absolute path, the value
# scheduler startup and cannot be one of the standard (public) temporary
# directory locations for security reasons...
#TempDir /var/spool/cups/tmp
-
-#
-# End of "$Id: cups-files.conf.in 11201 2013-07-26 21:27:27Z msweet $".
-#
#
-# "$Id: cupsd.conf.in 11025 2013-06-07 01:00:33Z msweet $"
-#
-# Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a
+# Configuration file for the CUPS scheduler. See "man cupsd.conf" for a
# complete description of this file.
#
# Log general information in error_log - change "warn" to "debug"
# for troubleshooting...
LogLevel warn
+PageLogFormat
# Only listen for connections from the local machine.
Listen localhost:631
Order deny,allow
</Limit>
</Policy>
-
-#
-# End of "$Id: cupsd.conf.in 11025 2013-06-07 01:00:33Z msweet $".
-#
#
-# "$Id: snmp.conf.in 11025 2013-06-07 01:00:33Z msweet $"
-#
-# Sample SNMP configuration file for CUPS. See "man cups-snmp.conf" for a
-# complete description of this file.
+# SNMP configuration file for CUPS. See "man cups-snmp.conf" for a complete
+# description of this file.
#
Address @LOCAL
Community public
-
-#
-# End of "$Id: snmp.conf.in 11025 2013-06-07 01:00:33Z msweet $".
-#
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
{
need localmount
before logger
- after clock sysctl
+ after clock root sysctl
keyword -prefix -timeout
}
do
# Clean stale sockets
if [ -S "$x" ]; then
- if type fuser >/dev/null 2>&1; then
+ if command -v fuser >/dev/null 2>&1; then
fuser "$x" >/dev/null 2>&1 || rm -- "$x"
else
rm -- "$x"
clean_run()
{
- [ "$RC_SYS" = VSERVER ] && return 0
+ [ "$RC_SYS" = VSERVER -o "$RC_SYS" = LXC ] && return 0
local dir
dir=$(mktemp -d)
mount --bind / $dir
start()
{
# Remove any added console dirs
- rm -rf "$RC_LIBEXECDIR"/console/*
+ if checkpath -W "$RC_LIBEXECDIR"; then
+ rm -rf "$RC_LIBEXECDIR"/console/*
+ fi
local logw=false runw=false extra=
# Ensure that our basic dirs exist
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-description="Mount system critical filesystems in /dev."
+description="Set up the /dev directory"
-depend() {
- use dev-mount
+depend()
+{
+ provide dev-mount
before dev
keyword -prefix -vserver -lxc
}
-start() {
- # Mount required stuff as user may not have then in /etc/fstab
+mount_dev()
+{
+ local action=--mount devfstype msg=Mounting
+ # Some devices require exec, Bug #92921
+ local mountopts="exec,nosuid,mode=0755"
+ if yesno ${skip_mount_dev:-no} ; then
+ einfo "/dev will not be mounted due to user request"
+ return 0
+ fi
+ if mountinfo -q /dev; then
+ action=--remount
+ mountopts="remount,$mountopts"
+ msg=Remounting
+ fi
+ if fstabinfo -q /dev; then
+ ebegin "$msg /dev according to /etc/fstab"
+ fstabinfo -q $action /dev
+ eend $?
+ return 0
+ fi
+ if grep -q devtmpfs /proc/filesystems; then
+ devfstype=devtmpfs
+ mountopts="$mountopts,size=10M"
+ elif grep -q tmpfs /proc/filesystems; then
+ devfstype=tmpfs
+ mountopts="$mountopts,size=10M"
+ fi
+ if [ -n "$devfstype" ]; then
+ ebegin "$msg $devfstype on /dev"
+ mount -n -t $devfstype -o $mountopts dev /dev
+ eend $?
+ else
+ ewarn "This kernel does not have devtmpfs or tmpfs support, and there"
+ ewarn "is no entry for /dev in fstab."
+ ewarn "This means /dev will not be mounted."
+ ewarn "To avoid this message, set CONFIG_DEVTMPFS or CONFIG_TMPFS to y"
+ ewarn "in your kernel configuration or see /etc/conf.d/devfs"
+ fi
+ return 0
+}
+
+seed_dev()
+{
+ # Seed /dev with some things that we know we need
+
+ # creating /dev/console, /dev/tty and /dev/tty1 to be able to write
+ # to $CONSOLE with/without bootsplash before udevd creates it
+ [ -c /dev/console ] || mknod -m 600 /dev/console c 5 1
+ [ -c /dev/tty1 ] || mknod -m 620 /dev/tty1 c 4 1
+ [ -c /dev/tty ] || mknod -m 666 /dev/tty c 5 0
+
+ # udevd will dup its stdin/stdout/stderr to /dev/null
+ # and we do not want a file which gets buffered in ram
+ [ -c /dev/null ] || mknod -m 666 /dev/null c 1 3
+
+ # so udev can add its start-message to dmesg
+ [ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11
+
+ # extra symbolic links not provided by default
+ [ -e /dev/fd ] || ln -snf /proc/self/fd /dev/fd
+ [ -e /dev/stdin ] || ln -snf /proc/self/fd/0 /dev/stdin
+ [ -e /dev/stdout ] || ln -snf /proc/self/fd/1 /dev/stdout
+ [ -e /dev/stderr ] || ln -snf /proc/self/fd/2 /dev/stderr
+ [ -e /proc/kcore ] && ln -snf /proc/kcore /dev/core
+
+ # Mount required directories as user may not have them in /etc/fstab
for x in \
"mqueue /dev/mqueue 1777 ,nodev mqueue" \
"devpts /dev/pts 0755 ,gid=5,mode=0620 devpts" \
- "tmpfs /dev/shm 1777 ,nodev shm" \
+ "tmpfs /dev/shm 1777 ,nodev,mode=1777 shm" \
; do
set -- $x
grep -Eq "[[:space:]]+$1$" /proc/filesystems || continue
eend $?
fi
done
+}
+
+restorecon_dev()
+{
+ if [ -x /sbin/restorecon ]; then
+ ebegin "Restoring SELinux contexts in /dev"
+ restorecon -rF /dev >/dev/null 2>&1
+ eend $?
+ fi
+
+ return 0
+}
+
+start()
+{
+ mount_dev
+ seed_dev
+ restorecon_dev
return 0
}
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
fi
fi
+ # Always set the kernel's time zone.
+ _hwclock --systz $utc_cmd $clock_args
+ : $(( retval += $? ))
+
if [ -e /etc/adjtime ] && yesno $clock_adjfile; then
_hwclock --adjust $utc_cmd
: $(( retval += $? ))
fi
- # If setting UTC, don't bother to run hwclock when first booting
- # as that's the default
- if [ "$PREVLEVEL" != N -o \
- "$utc_cmd" != --utc -o \
- -n "$clock_args" ];
- then
- if yesno ${clock_hctosys:-YES}; then
- _hwclock --hctosys $utc_cmd $clock_args
- else
- _hwclock --systz $utc_cmd $clock_args
- fi
+ if yesno ${clock_hctosys:-YES}; then
+ _hwclock --hctosys $utc_cmd $clock_args
: $(( retval += $? ))
fi
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
start()
{
- einfo "Starting local"
+ ebegin "Starting local"
- local file
- for file in /etc/local.d/*.start ; do
- [ -x "$file" ] && "$file"
+ local file has_errors=0 retval
+ eindent
+ for file in /etc/local.d/*.start; do
+ if [ -x "${file}" ]; then
+ vebegin "Executing \"${file}\""
+ "${file}" 2>&1 >/dev/null
+ retval=$?
+ if [ ${retval} -ne 0 ]; then
+ has_errors=1
+ fi
+ veend ${retval} "Execution of \"${file}\" failed."
+ fi
done
+ eoutdent
- if type local_start >/dev/null 2>&1; then
- ewarn "/etc/conf.d/local should be removed."
+ if command -v local_start >/dev/null 2>&1; then
+ ewarn "\"/etc/conf.d/local\" should be removed."
ewarn "Please move the code from the local_start function"
- ewarn "to scripts with an .start extension"
- ewarn "in /etc/local.d"
+ ewarn "to executable scripts with an .start extension"
+ ewarn "in \"/etc/local.d\""
local_start
fi
- eend 0
+ eend ${has_errors}
+
+ # We have to end with a zero exit code, because a failed execution
+ # of an executable /etc/local.d/*.start file shouldn't result in
+ # marking the local service as failed. Otherwise we are unable to
+ # execute any executable /etc/local.d/*.stop file, because a failed
+ # marked service cannot be stopped (and the stop function would
+ # actually call the executable /etc/local.d/*.stop file(s)).
+ return 0
}
stop()
{
- einfo "Stopping local"
+ ebegin "Stopping local"
- local file
+ local file has_errors=0 retval
+ eindent
for file in /etc/local.d/*.stop; do
- [ -x "$file" ] && "$file"
+ if [ -x "${file}" ]; then
+ vebegin "Executing \"${file}\""
+ "${file}" 2>&1 >/dev/null
+ retval=$?
+ if [ ${retval} -ne 0 ]; then
+ has_errors=1
+ fi
+ veend ${retval} "Execution of \"${file}\" failed."
+ fi
done
+ eoutdent
- if type local_start >/dev/null 2>&1; then
- ewarn "/etc/conf.d/local should be removed."
+ if command -v local_stop >/dev/null 2>&1; then
+ ewarn "\"/etc/conf.d/local\" should be removed."
ewarn "Please move the code from the local_stop function"
- ewarn "to scripts with an .stop extension"
- ewarn "in /etc/local.d"
+ ewarn "to executable scripts with an .stop extension"
+ ewarn "in \"/etc/local.d\""
local_stop
fi
- eend 0
+ eend ${has_errors}
+
+ # An executable /etc/local.d/*.stop file which failed with a
+ # non-zero exit status is not a reason to mark this service
+ # as failed, therefore we have to end with a zero exit code.
+ return 0
}
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
no_umounts_r="^($no_umounts_r)$"
# Flush all pending disk writes now
- sync; sync
+ sync
. "$RC_LIBEXECDIR"/sh/rc-mount.sh
+ if [ "$RC_UNAME" = Linux ] && [ -d /sys/fs/aufs ] ; then
+ #if / is aufs we remount it noxino during shutdown
+ if mountinfo -q -f '^aufs$' / ; then
+ mount -o remount,noxino,rw /
+ sync
+ fi
+
+ local aufs_branch aufs_mount_dir aufs_mount_point aufs_si_dir aufs_si_id
+ for aufs_si_dir in /sys/fs/aufs/*; do
+ aufs_mount_dir=${aufs_si_dir#/sys/fs/aufs/}
+ aufs_si_id="$(printf "%s" $aufs_mount_dir | sed 's/_/=/g')"
+ aufs_mount_point="$(mountinfo -o ${aufs_si_id})"
+ for x in $aufs_si_dir/br[0-9][0-9][0-9]; do
+ aufs_branch=$(sed 's/=.*//g' $x)
+ eindent
+ if ! mount -o "remount,del:$aufs_branch" "$aufs_mount_point" > /dev/null 2>&1; then
+ ewarn "Failed to remove branch $aufs_branch from aufs \
+ $aufs_mount_point"
+ fi
+ eoutdent
+ sync
+ done
+ done
+ fi
+
# Umount loop devices
einfo "Unmounting loop devices"
eindent
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2013 William Hubbs <w.d.hubbs@gmail.com>
# Released under the 2-clause BSD license.
{
if [ "$RC_UNAME" = Linux ]; then
ebegin "Bringing up network interface lo"
- if type ip > /dev/null 2>&1; then
+ if command -v ip > /dev/null 2>&1; then
ip addr add 127.0.0.1/8 dev lo brd + scope host
ip route add 127.0.0.0/8 dev lo scope host
ip link set lo up
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
local ret=0
# Flush all pending disk writes now
- sync; sync
+ sync
ebegin "Remounting remaining filesystems read-only"
# We need the do_unmount function
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
start()
{
- if [ -L /etc/mtab ]
- then
- einfo "Skipping mtab update (mtab is a symbolic link)"
+ if [ -L /etc/mtab ]; then
return 0
fi
ebegin "Updating /etc/mtab"
+ vewarn "The support for updating /etc/mtab as a file is"
+ vewarn "deprecated and will be removed in the future."
+ vewarn "Please run the following command as root on your system."
+ vewarn
+ vewarn "ln -snf /proc/self/mounts /etc/mtab"
if ! echo 2>/dev/null >/etc/mtab; then
ewend 1 "/etc/mtab is not updateable"
return 0
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-description="Mounts network shares, other than NFS, according to /etc/fstab."
-# We skip all NFS shares in this script because they require extra
-# daemons to be running on the client in order to work correctly.
-# It is best to allow nfs-utils to handle all nfs shares.
+description="Mounts network shares according to /etc/fstab."
depend()
{
{
local x= fs= rc=
for x in $net_fs_list $extra_net_fs_list; do
- case "$x" in
- nfs|nfs4)
- continue
- ;;
- esac
fs="$fs${fs:+,}$x"
done
. "$RC_LIBEXECDIR"/sh/rc-mount.sh
for x in $net_fs_list $extra_net_fs_list; do
- case "$x" in
- nfs|nfs4)
- continue
- ;;
- *)
- fs="$fs${fs:+,}$x"
- ;;
- esac
+ fs="$fs${fs:+,}$x"
done
if [ -n "$fs" ]; then
umount -at $fs || eerror "Failed to simply unmount filesystems"
eindent
fs=
for x in $net_fs_list $extra_net_fs_list; do
- case "$x" in
- nfs|nfs4)
- continue
- ;;
- *)
- fs="$fs${fs:+|}$x"
- ;;
- esac
+ fs="$fs${fs:+|}$x"
done
[ -n "$fs" ] && fs="^($fs)$"
do_unmount umount ${fs:+--fstype-regex} $fs --netdev
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
fi
# Setup Kernel Support for SELinux
- if [ -d /selinux ] && ! mountinfo -q /selinux; then
+ if [ -d /sys/fs/selinux ] && ! mountinfo -q /sys/fs/selinux; then
if grep -qs selinuxfs /proc/filesystems; then
ebegin "Mounting SELinux filesystem"
- mount -t selinuxfs selinuxfs /selinux
+ mount -t selinuxfs selinuxfs /sys/fs/selinux
eend $?
fi
fi
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
return 1
fi
fi
- if ! checkpath -W "$RC_LIBEXECDIR"; then
- ewarn "WARNING: ${RC_LIBEXECDIR} is not writable!"
+ if ! checkpath -W "$RC_LIBEXECDIR"/cache; then
+ ewarn "WARNING: ${RC_LIBEXECDIR}/cache is not writable!"
if ! yesno "${RC_GOINGDOWN}"; then
ewarn "Unable to save deptree cache"
return 1
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
{
ebegin "Setting the local clock based on last shutdown time"
if ! swclock 2> /dev/null; then
- swclock --warn /sbin/runscript
+ swclock --warn /sbin/openrc-run
fi
eend $?
}
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2008 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
depend()
{
before bootmisc logger
- keyword -lxc -prefix -vserver
+ keyword -prefix -vserver
}
start()
{
- local conf= retval=0 err errs
-
ebegin "Configuring kernel parameters"
- eindent
-
- for conf in /etc/sysctl.conf /etc/sysctl.d/*.conf; do
- if [ -r "$conf" ]; then
- vebegin "applying $conf"
- if ! err=$(sysctl -p "$conf" 2>&1 >/dev/null) ; then
- errs="${errs} ${err}"
- sysctl -e -p "${conf}" >/dev/null
- fi
- veend $? || retval=1
- fi
- done
-
- eoutdent
- if [ ${retval} -eq 0 ] && [ -n "${errs}" ] ; then
- ewarn "Unknown keys:${errs}"
- fi
- eend $retval "Some errors were encountered: ${errs}"
+ sysctl --system
+ eend $? "Unable to configure some kernel parameters"
}
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
mount_cgroups()
{
- mountinfo -q /sys/fs/cgroup || return 0
-
- local agent="/lib64/rc/sh/cgroup-release-agent.sh"
- mkdir /sys/fs/cgroup/openrc
- mount -n -t cgroup \
- -o none,${sysfs_opts},name=openrc,release_agent="$agent" \
- openrc /sys/fs/cgroup/openrc
- echo 1 > /sys/fs/cgroup/openrc/notify_on_release
+ mountinfo -q /sys/fs/cgroup || return 0
+
+ if ! mountinfo -q /sys/fs/cgroup/openrc; then
+ local agent="/lib64/rc/sh/cgroup-release-agent.sh"
+ mkdir /sys/fs/cgroup/openrc
+ mount -n -t cgroup \
+ -o none,${sysfs_opts},name=openrc,release_agent="$agent" \
+ openrc /sys/fs/cgroup/openrc
+ echo 1 > /sys/fs/cgroup/openrc/notify_on_release
+ fi
yesno ${rc_controller_cgroups:-YES} && [ -e /proc/cgroups ] || return 0
while read name hier groups enabled rest; do
case "${enabled}" in
- 1) mkdir /sys/fs/cgroup/${name}
+ 1) mountinfo -q /sys/fs/cgroup/${name} && continue
+ mkdir /sys/fs/cgroup/${name}
mount -n -t cgroup -o ${sysfs_opts},${name} \
${name} /sys/fs/cgroup/${name}
;;
done < /proc/cgroups
}
+restorecon_sys()
+{
+ if [ -x /sbin/restorecon ]; then
+ ebegin "Restoring SELinux contexts in /sys"
+ restorecon -F /sys/devices/system/cpu/online >/dev/null 2>&1
+ restorecon -rF /sys/fs/cgroup >/dev/null 2>&1
+ eend $?
+ fi
+}
+
start()
{
- local retval
mount_sys
- retval=$?
- if [ $retval -eq 0 ]; then
- mount_misc
- retval=$?
- fi
- if [ $retval -eq 0 ]; then
- mount_cgroups
- retval=$?
- fi
- return $retval
+ mount_misc
+ mount_cgroups
+ restorecon_sys
+ return 0
}
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2008-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright 1999-2012 Gentoo Foundation
# Released under the 2-clause BSD license.
start()
{
ebegin "setting up tmpfiles.d entries for /dev"
- /lib64/rc/sh/tmpfiles.sh --prefix=/dev --create --remove \
- ${tmpfiles_opts}
+ /lib64/rc/sh/tmpfiles.sh --prefix=/dev --create --boot ${tmpfiles_opts}
eend $?
return 0
}
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright 1999-2012 Gentoo Foundation
# Released under the 2-clause BSD license.
start()
{
ebegin "setting up tmpfiles.d entries"
- /lib64/rc/sh/tmpfiles.sh --exclude-prefix=/dev --create --remove \
+ /lib64/rc/sh/tmpfiles.sh --exclude-prefix=/dev --create --remove --boot \
${tmpfiles_opts}
eend $?
return 0
depend()
{
- # we depend on udev-mount explicitly, not dev-mount generic as we don't
- # want mdev as a dev-mount provider to come in.
provide dev
- need sysfs udev-mount
+ need sysfs dev-mount
before checkfs fsck
# udev does not work inside vservers
keyword -vserver -lxc
}
-disable_oldnet_hotplug()
+start_pre()
{
- if is_service_enabled network; then
- # disable network hotplugging
- local d="/run/udev/rules.d"
- mkdir -p "${d}"
- local f="${d}/90-network.rules"
- echo "# This file disables network hotplug events calling" >> "${f}"
- echo "# old-style openrc net scripts" >> "${f}"
- echo "# as we use /etc/init.d/network to set up our network" >> "${f}"
+ # make sure devtmpfs is in the kernel
+ if ! grep -qs devtmpfs /proc/filesystems; then
+ eerror "CONFIG_DEVTMPFS=y is required in your kernel configuration"
+ eerror "for this version of udev to run successfully."
+ eerror "This requires immediate attention."
+ if ! mountinfo -q /dev; then
+ mount -n -t tmpfs dev /dev
+ busybox mdev -s
+ mkdir /dev/pts
+ fi
+ return 1
fi
-}
-start_pre()
-{
- if [ -e /proc/sys/kernel/hotplug ]; then
- echo "" >/proc/sys/kernel/hotplug
+ # make sure /dev is a mounted devtmpfs
+ if ! mountinfo -q -f devtmpfs /dev; then
+ eerror "Udev requires /dev to be a mounted devtmpfs."
+ eerror "Please reconfigure your system."
+ return 1
fi
# load unix domain sockets if built as module, Bug #221253
fi
fi
- if yesno "${udev_debug:-NO}"; then
- command_args="${command_args} --debug 2> /run/udevdebug.log"
- fi
-
bins="/sbin/udevd /lib/systemd/systemd-udevd /usr/lib/systemd/systemd-udevd"
for f in ${bins}; do
if [ -x "$f" -a ! -L "$f" ]; then
return 1
fi
- # Need to do this before starting udev so it will load the rules.
- disable_oldnet_hotplug
-
- return 0
-}
-
-is_service_enabled()
-{
- local svc="$1"
+ if [ -e /proc/sys/kernel/hotplug ]; then
+ echo "" >/proc/sys/kernel/hotplug
+ fi
- [ ! -e "/etc/init.d/${svc}" ] && return 1
+ if yesno "${udev_debug:-NO}"; then
+ command_args="${command_args} --debug 2> /run/udevdebug.log"
+ fi
- [ -e "/etc/runlevels/${RC_BOOTLEVEL}/${svc}" ] && return 0
- [ -e "/etc/runlevels/${RC_DEFAULTLEVEL}/${svc}" ] && return 0
- return 1
+ return 0
}
start_udevmonitor()
--background --exec /bin/udevadm -- monitor ${udev_monitor_opts}
}
+# This is here because some software expects /dev/root to exist.
+# For more information, see this bug:
+# https://bugs.gentoo.org/show_bug.cgi?id=438380
+dev_root_link()
+{
+ local RULESDIR=/run/udev/rules.d
+ [ -d $RULESDIR ] || mkdir -p $RULESDIR
+ eval $(udevadm info --export --export-prefix=ROOT_ --device-id-of-file=/ ||
+ true)
+ [ "$ROOT_MAJOR" -a "$ROOT_MINOR" ] || return 0
+
+ # btrfs filesystems have bogus major/minor numbers
+ [ "$ROOT_MAJOR" != 0 ] || return 0
+
+ echo 'ACTION=="add|change", SUBSYSTEM=="block", ENV{MAJOR}=="'$ROOT_MAJOR'", ENV{MINOR}=="'$ROOT_MINOR'", SYMLINK+="root"' > $RULESDIR/61-dev-root-link.rules
+}
+
populate_dev()
{
if yesno ${rc_dev_root_symlink:-yes}; then
ebegin "Generating a rule to create a /dev/root symlink"
- /lib/udev/dev-root-link.sh
+ dev_root_link
eend $?
fi
+++ /dev/null
-#!/sbin/runscript
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-description="mount devtmpfs on /dev"
-
-depend()
-{
- provide dev-mount
- keyword -vserver -lxc
-}
-
-mount_dev_directory()
-{
- local mounted=false fstab=false action=--mount msg=Mounting rc=0
-
- if ! grep -qs devtmpfs /proc/filesystems; then
- eerror "CONFIG_DEVTMPFS=y is required in your kernel configuration"
- eerror "for this version of udev to run successfully."
- eerror "This requires immediate attention."
- if ! mountinfo -q /dev; then
- mount -n -t tmpfs dev /dev
- busybox mdev -s
- mkdir /dev/pts
- fi
- return 1
- fi
-
- # Is /dev already a mounted devtmpfs?
- mountinfo -q -f devtmpfs /dev && mounted=true
-
- # If an entry for /dev exists in fstab it must be a devtmpfs.
- fstabinfo -q -t devtmpfs /dev && fstab=true
-
- # No options are processed here as they should all be in /etc/fstab
- if $fstab; then
- $mounted && action=--remount && msg=Remounting
- ebegin "$msg /dev according to /etc/fstab"
- fstabinfo $action /dev
- rc=$?
- elif ! $mounted; then
- ebegin "Mounting /dev"
- # Some devices require exec, Bug #92921
- mount -n -t devtmpfs -o "exec,nosuid,mode=0755,size=10M" udev /dev
- rc=$?
- else
- ebegin "Using /dev mounted from kernel"
- fi
-
- eend $rc
-}
-
-seed_dev()
-{
- # Seed /dev with some things that we know we need
-
- # creating /dev/console, /dev/tty and /dev/tty1 to be able to write
- # to $CONSOLE with/without bootsplash before udevd creates it
- [ -c /dev/console ] || mknod -m 600 /dev/console c 5 1
- [ -c /dev/tty1 ] || mknod -m 620 /dev/tty1 c 4 1
- [ -c /dev/tty ] || mknod -m 666 /dev/tty c 5 0
-
- # udevd will dup its stdin/stdout/stderr to /dev/null
- # and we do not want a file which gets buffered in ram
- [ -c /dev/null ] || mknod -m 666 /dev/null c 1 3
-
- # so udev can add its start-message to dmesg
- [ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11
-
- # Create problematic directories
- mkdir -p /dev/pts /dev/shm
- return 0
-}
-
-start()
-{
- mount_dev_directory || return 1
-
- seed_dev
- return 0
-}
-#!/sbin/runscript
+#!/sbin/openrc-run
# Copyright (c) 2007-2009 Roy Marples <roy@marples.name>
# Released under the 2-clause BSD license.
-0x00 default
-0x10 lowdelay
-0x08 throughput
-0x04 reliability
-# This value overlap with ECT, do not use it!
-0x02 mincost
-# These values seems do not want to die, Cisco likes them by a strange reason.
-0x20 priority
-0x40 immediate
-0x60 flash
-0x80 flash-override
-0xa0 critical
-0xc0 internet
-0xe0 network
+# Differentiated field values
+# These include the DSCP and unused bits
+0x0 default
# Newer RFC2597 values
0x28 AF11
0x30 AF12
0x88 AF41
0x90 AF42
0x98 AF43
+# Older values RFC2474
+0x20 CS1
+0x40 CS2
+0x60 CS3
+0x80 CS4
+0xA0 CS5
+0xC0 CS6
+0xE0 CS7
+0x5C EF
# /etc/mysql/my.cnf: The global mysql configuration file.
-# $Header: /etc/mysql/.rcs/my.cnf,v 1.5 2010/11/30 08:33:13 root Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.6,v 1.1 2014/10/08 16:42:41 grknight Exp $
# The following options will be passed to all MySQL clients
[client]
skip-external-locking
key_buffer = 32M
max_allowed_packet = 4M
-table_cache = 64
+table_open_cache = 400
sort_buffer_size = 2M
net_buffer_length = 8K
read_buffer_size = 2M
read_rnd_buffer_size = 4M
myisam_sort_buffer_size = 32M
#language = /usr/share/mysql/english
-language = /usr/share/mysql/german
+#language = /usr/share/mysql/german
+lc_messages_dir = /usr/share/mysql
+lc_messages = de_DE
# security:
# using "localhost" in connects uses sockets by default
#log-update = /path-to-dedicated-directory/hostname
# you need the debug USE flag enabled to use the following directives,
-# if needed, uncomment them, start the server and issue
+# if needed, uncomment them, start the server and issue
# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace
# this will show you *exactly* what's happening in your server ;)
#debug = d:t:i:o,/tmp/mysqld.trace
#one-thread
-# uncomment the following directives if you are using BDB tables
-#bdb_cache_size = 4M
-#bdb_max_lock = 10000
-
-# the following is the InnoDB configuration
-# if you wish to disable innodb instead
-# uncomment just the next line
-#skip-innodb
-#
# the rest of the innodb config follows:
# don't eat too much memory, we're trying to be safe on 64Mb boxes
# you might want to bump this up a bit on boxes with more RAM
#safe-updates
[isamchk]
-key_buffer = 20M
+key_buffer_size = 20M
sort_buffer_size = 20M
read_buffer = 2M
write_buffer = 2M
#server pool.ntp.org
# Pools for Gentoo users
-server 0.gentoo.pool.ntp.org
-server 1.gentoo.pool.ntp.org
-server 2.gentoo.pool.ntp.org
-server 3.gentoo.pool.ntp.org
+server 0.debian.pool.ntp.org
+server 1.debian.pool.ntp.org
+server 2.debian.pool.ntp.org
+server 3.debian.pool.ntp.org
##
# A list of available servers can be found here:
-Subproject commit 5bbd80281061531b42cf4004af33ca95aab764f2
+Subproject commit f27ca5b113107ed31dc838b92c6efaccde2169fa
# The default value is: /var/log/rc.log
rc_log_path="/var/log/rc.log"
+# If you want verbose output for OpenRC, set this to yes. If you want
+# verbose output for service foo only, set it to yes in /etc/conf.d/foo.
+#rc_verbose=no
+
# By default we filter the environment for our running scripts. To allow other
# variables through, add them here. Use a * to allow all variables through.
#rc_env_allow="VAR1 VAR2"
#rc_crashed_stop=NO
#rc_crashed_start=YES
+# Set rc_nocolor to yes if you do not want colors displayed in OpenRC
+# output.
+#rc_nocolor=NO
+
##############################################################################
# MISC CONFIGURATION VARIABLES
# There variables are shared between many init scripts
# Below is the default list of network fstypes.
#
-# afs cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs
+# afs ceph cifs coda davfs fuse fuse.sshfs gfs glusterfs lustre ncpfs
# nfs nfs4 ocfs2 shfs smbfs
#
# If you would like to add to this list, you can do so by adding your
20sizes.cnf
./updmap.d:
-.keep_app-text_texlive-core-0
00updmap.cfg
+.keep_app-text_texlive-core-0
texlive-basic.cfg
texlive-fontsrecommended.cfg
texlive-latex.cfg
texlive-pictures.cfg
./web2c:
-.keep_app-text_texlive-core-0
fmtutil.cnf
+.keep_app-text_texlive-core-0
texmf.cnf
updmap.cfg
plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so"
plugin="/usr/lib64/ulogd/ulogd_inpflow_NFACCT.so"
plugin="/usr/lib64/ulogd/ulogd_output_GRAPHITE.so"
+#plugin="/usr/lib64/ulogd/ulogd_output_JSON.so"
# this is a stack for logging packet send by system via LOGEMU
stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU
# this is a stack for logging packet to PGsql after a collect via NFLOG
#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL
+# this is a stack for logging packet to JSON formatted file after a collect via NFLOG
+#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,json1:JSON
+
# this is a stack for logging packets to syslog after a collect via NFLOG
#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG
directory="/var/log/ulogd/"
sync=1
+[json1]
+sync=1
+#file="/var/log/ulogd/ulogd.json"
+#timestamp=0
+# device name to be used in JSON message
+#device="My awesome Netfilter firewall"
+# If boolean_label is set to 1 then the numeric_label put on packet
+# by the input plugin is coding the action on packet: if 0, then
+# packet has been blocked and if non null it has been accepted.
+#boolean_label=1
+
[pcap1]
#default file is /var/log/ulogd/ulogd.pcap
#file="/var/log/ulogd/ulogd.pcap"
<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
<public publicId="-//OMF//DTD Scrollkeeper OMF Variant V1.0//EN" uri="/usr/share/xml/scrollkeeper/dtds/scrollkeeper-omf.dtd"/>
<system systemId="http://scrollkeeper.sourceforge.net/dtds/scrollkeeper-omf-1.0/scrollkeeper-omf.dtd" uri="/usr/share/xml/scrollkeeper/dtds/scrollkeeper-omf.dtd"/>
- <delegatePublic publicIdStartString="-//OASIS//ENTITIES DocBook" catalog="file:///etc/xml/docbook"/>
- <delegatePublic publicIdStartString="-//OASIS//ELEMENTS DocBook" catalog="file:///etc/xml/docbook"/>
- <delegatePublic publicIdStartString="-//OASIS//DTD DocBook" catalog="file:///etc/xml/docbook"/>
- <delegateSystem systemIdStartString="http://www.oasis-open.org/docbook/" catalog="file:///etc/xml/docbook"/>
- <delegateURI uriStartString="http://www.oasis-open.org/docbook/" catalog="file:///etc/xml/docbook"/>
- <delegatePublic publicIdStartString="ISO 8879:1986" catalog="file:///etc/xml/docbook"/>
- <delegateSystem systemIdStartString="http://docbook.sourceforge.net/release/xsl/" catalog="file:///etc/xml/docbook"/>
- <delegateURI uriStartString="http://docbook.sourceforge.net/release/xsl/" catalog="file:///etc/xml/docbook"/>
<public publicId="+//IDN faq.org//DTD Frequently Asked Questions" uri="/etc/xml/sgml-data"/>
<system systemId="http://xml.ascc.net/xml/resource/qaml-xml" uri="/etc/xml/sgml-data"/>
<public publicId="+//ISBN 82-7640-023//DTD Frequently Asked Questions//EN" uri="/etc/xml/sgml-data"/>
<system systemId="http://globaltranscorp.org/oasis/catalog/xml/tr9401.dtd" uri="/etc/xml/xml-core"/>
<public publicId="-//GlobalTransCorp//DTD XML Catalogs V1.0-Based Extension V1.0//EN" uri="/etc/xml/xml-core"/>
<system systemId="http://glade.gnome.org/glade-2.0.dtd" uri="/usr/share/xml/libglade/glade-2.0.dtd"/>
+ <delegatePublic publicIdStartString="-//OASIS//ENTITIES DocBook" catalog="file:///etc/xml/docbook"/>
+ <delegatePublic publicIdStartString="-//OASIS//ELEMENTS DocBook" catalog="file:///etc/xml/docbook"/>
+ <delegatePublic publicIdStartString="-//OASIS//DTD DocBook" catalog="file:///etc/xml/docbook"/>
+ <delegateSystem systemIdStartString="http://www.oasis-open.org/docbook/" catalog="file:///etc/xml/docbook"/>
+ <delegateURI uriStartString="http://www.oasis-open.org/docbook/" catalog="file:///etc/xml/docbook"/>
+ <delegatePublic publicIdStartString="ISO 8879:1986" catalog="file:///etc/xml/docbook"/>
+ <delegateSystem systemIdStartString="http://docbook.sourceforge.net/release/xsl/" catalog="file:///etc/xml/docbook"/>
+ <delegateURI uriStartString="http://docbook.sourceforge.net/release/xsl/" catalog="file:///etc/xml/docbook"/>
</catalog>
projects / config / helga / etc.git / commitdiff