+++ /dev/null
-# This is a modification of the default Apache 2.2 configuration file
-# for Gentoo Linux.
-#
-# Support:
-# http://www.gentoo.org/main/en/lists.xml [mailing lists]
-# http://forums.gentoo.org/ [web forums]
-# irc://irc.freenode.net#gentoo-apache [irc chat]
-#
-# Bug Reports:
-# http://bugs.gentoo.org [gentoo related bugs]
-# http://httpd.apache.org/bug_report.html [apache httpd related bugs]
-#
-#
-# This is the main Apache HTTP server configuration file. It contains the
-# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
-# In particular, see
-# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
-# for a discussion of each configuration directive.
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-#
-# Configuration and logfile names: If the filenames you specify for many
-# of the server's control files begin with "/" (or "drive:/" for Win32), the
-# server will use that explicit path. If the filenames do *not* begin
-# with "/", the value of ServerRoot is prepended -- so "var/log/apache2/foo_log"
-# with ServerRoot set to "/usr" will be interpreted by the
-# server as "/usr/var/log/apache2/foo.log".
-
-# ServerRoot: The top of the directory tree under which the server's
-# configuration, error, and log files are kept.
-#
-# Do not add a slash at the end of the directory path. If you point
-# ServerRoot at a non-local disk, be sure to point the LockFile directive
-# at a local disk. If you wish to share the same ServerRoot for multiple
-# httpd daemons, you will need to change at least LockFile and PidFile.
-ServerRoot "/usr/lib64/apache2"
-
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-# have to place corresponding `LoadModule' lines at this location so the
-# directives contained in it are actually available _before_ they are used.
-# Statically compiled modules (those listed by `httpd -l') do not need
-# to be loaded here.
-#
-# Example:
-# LoadModule foo_module modules/mod_foo.so
-#
-# GENTOO: Automatically defined based on APACHE2_MODULES USE_EXPAND variable.
-# Do not change manually, it will be overwritten on upgrade.
-#
-# The following modules are considered as the default configuration.
-# If you wish to disable one of them, you may have to alter other
-# configuration directives.
-#
-# Change these at your own risk!
-
-LoadModule actions_module modules/mod_actions.so
-LoadModule alias_module modules/mod_alias.so
-LoadModule auth_basic_module modules/mod_auth_basic.so
-LoadModule authn_alias_module modules/mod_authn_alias.so
-LoadModule authn_anon_module modules/mod_authn_anon.so
-LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_default_module modules/mod_authn_default.so
-LoadModule authn_file_module modules/mod_authn_file.so
-<IfDefine AUTHNZ_LDAP>
-LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
-</IfDefine>
-LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_default_module modules/mod_authz_default.so
-LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
-LoadModule authz_host_module modules/mod_authz_host.so
-LoadModule authz_owner_module modules/mod_authz_owner.so
-LoadModule authz_user_module modules/mod_authz_user.so
-LoadModule autoindex_module modules/mod_autoindex.so
-<IfDefine CACHE>
-LoadModule cache_module modules/mod_cache.so
-</IfDefine>
-LoadModule cgi_module modules/mod_cgi.so
-LoadModule cgid_module modules/mod_cgid.so
-<IfDefine DAV>
-LoadModule dav_module modules/mod_dav.so
-</IfDefine>
-<IfDefine DAV>
-LoadModule dav_fs_module modules/mod_dav_fs.so
-</IfDefine>
-<IfDefine DAV>
-LoadModule dav_lock_module modules/mod_dav_lock.so
-</IfDefine>
-LoadModule deflate_module modules/mod_deflate.so
-LoadModule dir_module modules/mod_dir.so
-<IfDefine CACHE>
-LoadModule disk_cache_module modules/mod_disk_cache.so
-</IfDefine>
-LoadModule env_module modules/mod_env.so
-LoadModule expires_module modules/mod_expires.so
-LoadModule ext_filter_module modules/mod_ext_filter.so
-<IfDefine CACHE>
-LoadModule file_cache_module modules/mod_file_cache.so
-</IfDefine>
-LoadModule filter_module modules/mod_filter.so
-LoadModule headers_module modules/mod_headers.so
-LoadModule include_module modules/mod_include.so
-<IfDefine INFO>
-LoadModule info_module modules/mod_info.so
-</IfDefine>
-<IfDefine LDAP>
-LoadModule ldap_module modules/mod_ldap.so
-</IfDefine>
-LoadModule log_config_module modules/mod_log_config.so
-LoadModule logio_module modules/mod_logio.so
-<IfDefine CACHE>
-LoadModule mem_cache_module modules/mod_mem_cache.so
-</IfDefine>
-LoadModule mime_module modules/mod_mime.so
-LoadModule mime_magic_module modules/mod_mime_magic.so
-LoadModule negotiation_module modules/mod_negotiation.so
-LoadModule rewrite_module modules/mod_rewrite.so
-LoadModule setenvif_module modules/mod_setenvif.so
-LoadModule speling_module modules/mod_speling.so
-<IfDefine SSL>
-LoadModule ssl_module modules/mod_ssl.so
-</IfDefine>
-<IfDefine STATUS>
-LoadModule status_module modules/mod_status.so
-</IfDefine>
-<IfDefine SUEXEC>
-LoadModule suexec_module modules/mod_suexec.so
-</IfDefine>
-LoadModule unique_id_module modules/mod_unique_id.so
-<IfDefine USERDIR>
-LoadModule userdir_module modules/mod_userdir.so
-</IfDefine>
-LoadModule usertrack_module modules/mod_usertrack.so
-LoadModule vhost_alias_module modules/mod_vhost_alias.so
-
-# If you wish httpd to run as a different user or group, you must run
-# httpd as root initially and it will switch.
-#
-# User/Group: The name (or #number) of the user/group to run httpd as.
-# It is usually good practice to create a dedicated user and group for
-# running httpd, as with most system services.
-User apache
-Group apache
-
-# Supplemental configuration
-#
-# Most of the configuration files in the /etc/apache2/modules.d/ directory can
-# be turned on using APACHE2_OPTS in /etc/conf.d/apache2 to add extra features
-# or to modify the default configuration of the server.
-#
-# To know which flag to add to APACHE2_OPTS, look at the first line of the
-# the file, which will usually be an <IfDefine OPTION> where OPTION is the
-# flag to use.
-Include /etc/apache2/modules.d/*.conf
-
-# Virtual-host support
-#
-# Gentoo has made using virtual-hosts easy. In /etc/apache2/vhosts.d/ we
-# include a default vhost (enabled by adding -D DEFAULT_VHOST to
-# APACHE2_OPTS in /etc/conf.d/apache2).
-Include /etc/apache2/vhosts.d/*.conf
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# Magic data for mod_mime_magic Apache module (originally for file(1) command)
-# The module is described in /manual/mod/mod_mime_magic.html
-#
-# The format is 4-5 columns:
-# Column #1: byte number to begin checking from, ">" indicates continuation
-# Column #2: type of data to match
-# Column #3: contents of data to match
-# Column #4: MIME type of result
-# Column #5: MIME encoding of result (optional)
-
-#------------------------------------------------------------------------------
-# Localstuff: file(1) magic for locally observed files
-# Add any locally observed files here.
-
-#------------------------------------------------------------------------------
-# end local stuff
-#------------------------------------------------------------------------------
-
-#------------------------------------------------------------------------------
-# Java
-
-0 short 0xcafe
->2 short 0xbabe application/java
-
-#------------------------------------------------------------------------------
-# audio: file(1) magic for sound formats
-#
-# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
-#
-
-# Sun/NeXT audio data
-0 string .snd
->12 belong 1 audio/basic
->12 belong 2 audio/basic
->12 belong 3 audio/basic
->12 belong 4 audio/basic
->12 belong 5 audio/basic
->12 belong 6 audio/basic
->12 belong 7 audio/basic
-
->12 belong 23 audio/x-adpcm
-
-# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
-# that uses little-endian encoding and has a different magic number
-# (0x0064732E in little-endian encoding).
-0 lelong 0x0064732E
->12 lelong 1 audio/x-dec-basic
->12 lelong 2 audio/x-dec-basic
->12 lelong 3 audio/x-dec-basic
->12 lelong 4 audio/x-dec-basic
->12 lelong 5 audio/x-dec-basic
->12 lelong 6 audio/x-dec-basic
->12 lelong 7 audio/x-dec-basic
-# compressed (G.721 ADPCM)
->12 lelong 23 audio/x-dec-adpcm
-
-# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
-# AIFF audio data
-8 string AIFF audio/x-aiff
-# AIFF-C audio data
-8 string AIFC audio/x-aiff
-# IFF/8SVX audio data
-8 string 8SVX audio/x-aiff
-
-# Creative Labs AUDIO stuff
-# Standard MIDI data
-0 string MThd audio/unknown
-#>9 byte >0 (format %d)
-#>11 byte >1 using %d channels
-# Creative Music (CMF) data
-0 string CTMF audio/unknown
-# SoundBlaster instrument data
-0 string SBI audio/unknown
-# Creative Labs voice data
-0 string Creative\ Voice\ File audio/unknown
-## is this next line right? it came this way...
-#>19 byte 0x1A
-#>23 byte >0 - version %d
-#>22 byte >0 \b.%d
-
-# [GRR 950115: is this also Creative Labs? Guessing that first line
-# should be string instead of unknown-endian long...]
-#0 long 0x4e54524b MultiTrack sound data
-#0 string NTRK MultiTrack sound data
-#>4 long x - version %ld
-
-# Microsoft WAVE format (*.wav)
-# [GRR 950115: probably all of the shorts and longs should be leshort/lelong]
-# Microsoft RIFF
-0 string RIFF audio/unknown
-# - WAVE format
->8 string WAVE audio/x-wav
-# MPEG audio.
-0 beshort&0xfff0 0xfff0 audio/mpeg
-# C64 SID Music files, from Linus Walleij <triad@df.lth.se>
-0 string PSID audio/prs.sid
-
-#------------------------------------------------------------------------------
-# c-lang: file(1) magic for C programs or various scripts
-#
-
-# XPM icons (Greg Roelofs, newt@uchicago.edu)
-# ideally should go into "images", but entries below would tag XPM as C source
-0 string /*\ XPM image/x-xbm 7bit
-
-# this first will upset you if you're a PL/1 shop... (are there any left?)
-# in which case rm it; ascmagic will catch real C programs
-# C or REXX program text
-0 string /* text/plain
-# C++ program text
-0 string // text/plain
-
-#------------------------------------------------------------------------------
-# compress: file(1) magic for pure-compression formats (no archives)
-#
-# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
-#
-# Formats for various forms of compressed data
-# Formats for "compress" proper have been moved into "compress.c",
-# because it tries to uncompress it to figure out what's inside.
-
-# standard unix compress
-0 string \037\235 application/octet-stream x-compress
-
-# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
-0 string \037\213 application/octet-stream x-gzip
-
-# According to gzip.h, this is the correct byte order for packed data.
-0 string \037\036 application/octet-stream
-#
-# This magic number is byte-order-independent.
-#
-0 short 017437 application/octet-stream
-
-# XXX - why *two* entries for "compacted data", one of which is
-# byte-order independent, and one of which is byte-order dependent?
-#
-# compacted data
-0 short 0x1fff application/octet-stream
-0 string \377\037 application/octet-stream
-# huf output
-0 short 0145405 application/octet-stream
-
-# Squeeze and Crunch...
-# These numbers were gleaned from the Unix versions of the programs to
-# handle these formats. Note that I can only uncrunch, not crunch, and
-# I didn't have a crunched file handy, so the crunch number is untested.
-# Keith Waclena <keith@cerberus.uchicago.edu>
-#0 leshort 0x76FF squeezed data (CP/M, DOS)
-#0 leshort 0x76FE crunched data (CP/M, DOS)
-
-# Freeze
-#0 string \037\237 Frozen file 2.1
-#0 string \037\236 Frozen file 1.0 (or gzip 0.5)
-
-# lzh?
-#0 string \037\240 LZH compressed data
-
-#------------------------------------------------------------------------------
-# frame: file(1) magic for FrameMaker files
-#
-# This stuff came on a FrameMaker demo tape, most of which is
-# copyright, but this file is "published" as witness the following:
-#
-0 string \<MakerFile application/x-frame
-0 string \<MIFFile application/x-frame
-0 string \<MakerDictionary application/x-frame
-0 string \<MakerScreenFon application/x-frame
-0 string \<MML application/x-frame
-0 string \<Book application/x-frame
-0 string \<Maker application/x-frame
-
-#------------------------------------------------------------------------------
-# html: file(1) magic for HTML (HyperText Markup Language) docs
-#
-# from Daniel Quinlan <quinlan@yggdrasil.com>
-# and Anna Shergold <anna@inext.co.uk>
-#
-0 string \<!DOCTYPE\ HTML text/html
-0 string \<!doctype\ html text/html
-0 string \<HEAD text/html
-0 string \<head text/html
-0 string \<TITLE text/html
-0 string \<title text/html
-0 string \<html text/html
-0 string \<HTML text/html
-0 string \<!-- text/html
-0 string \<h1 text/html
-0 string \<H1 text/html
-
-# XML eXtensible Markup Language, from Linus Walleij <triad@df.lth.se>
-0 string \<?xml text/xml
-
-#------------------------------------------------------------------------------
-# images: file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
-#
-# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
-# additions by janl@ifi.uio.no as well as others. Jan also suggested
-# merging several one- and two-line files into here.
-#
-# XXX - byte order for GIF and TIFF fields?
-# [GRR: TIFF allows both byte orders; GIF is probably little-endian]
-#
-
-# [GRR: what the hell is this doing in here?]
-#0 string xbtoa btoa'd file
-
-# PBMPLUS
-# PBM file
-0 string P1 image/x-portable-bitmap 7bit
-# PGM file
-0 string P2 image/x-portable-greymap 7bit
-# PPM file
-0 string P3 image/x-portable-pixmap 7bit
-# PBM "rawbits" file
-0 string P4 image/x-portable-bitmap
-# PGM "rawbits" file
-0 string P5 image/x-portable-greymap
-# PPM "rawbits" file
-0 string P6 image/x-portable-pixmap
-
-# NIFF (Navy Interchange File Format, a modification of TIFF)
-# [GRR: this *must* go before TIFF]
-0 string IIN1 image/x-niff
-
-# TIFF and friends
-# TIFF file, big-endian
-0 string MM image/tiff
-# TIFF file, little-endian
-0 string II image/tiff
-
-# possible GIF replacements; none yet released!
-# (Greg Roelofs, newt@uchicago.edu)
-#
-# GRR 950115: this was mine ("Zip GIF"):
-# ZIF image (GIF+deflate alpha)
-0 string GIF94z image/unknown
-#
-# GRR 950115: this is Jeremy Wohl's Free Graphics Format (better):
-# FGF image (GIF+deflate beta)
-0 string FGF95a image/unknown
-#
-# GRR 950115: this is Thomas Boutell's Portable Bitmap Format proposal
-# (best; not yet implemented):
-# PBF image (deflate compression)
-0 string PBF image/unknown
-
-# GIF
-0 string GIF image/gif
-
-# JPEG images
-0 beshort 0xffd8 image/jpeg
-
-# PC bitmaps (OS/2, Windoze BMP files) (Greg Roelofs, newt@uchicago.edu)
-0 string BM image/bmp
-#>14 byte 12 (OS/2 1.x format)
-#>14 byte 64 (OS/2 2.x format)
-#>14 byte 40 (Windows 3.x format)
-#0 string IC icon
-#0 string PI pointer
-#0 string CI color icon
-#0 string CP color pointer
-#0 string BA bitmap array
-
-
-#------------------------------------------------------------------------------
-# lisp: file(1) magic for lisp programs
-#
-# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
-0 string ;; text/plain 8bit
-# Emacs 18 - this is always correct, but not very magical.
-0 string \012( application/x-elc
-# Emacs 19
-0 string ;ELC\023\000\000\000 application/x-elc
-
-#------------------------------------------------------------------------------
-# mail.news: file(1) magic for mail and news
-#
-# There are tests to ascmagic.c to cope with mail and news.
-0 string Relay-Version: message/rfc822 7bit
-0 string #!\ rnews message/rfc822 7bit
-0 string N#!\ rnews message/rfc822 7bit
-0 string Forward\ to message/rfc822 7bit
-0 string Pipe\ to message/rfc822 7bit
-0 string Return-Path: message/rfc822 7bit
-0 string Path: message/news 8bit
-0 string Xref: message/news 8bit
-0 string From: message/rfc822 7bit
-0 string Article message/news 8bit
-#------------------------------------------------------------------------------
-# msword: file(1) magic for MS Word files
-#
-# Contributor claims:
-# Reversed-engineered MS Word magic numbers
-#
-
-0 string \376\067\0\043 application/msword
-0 string \333\245-\0\0\0 application/msword
-
-# disable this one because it applies also to other
-# Office/OLE documents for which msword is not correct. See PR#2608.
-#0 string \320\317\021\340\241\261 application/msword
-
-
-
-#------------------------------------------------------------------------------
-# printer: file(1) magic for printer-formatted files
-#
-
-# PostScript
-0 string %! application/postscript
-0 string \004%! application/postscript
-
-# Acrobat
-# (due to clamen@cs.cmu.edu)
-0 string %PDF- application/pdf
-
-#------------------------------------------------------------------------------
-# sc: file(1) magic for "sc" spreadsheet
-#
-38 string Spreadsheet application/x-sc
-
-#------------------------------------------------------------------------------
-# tex: file(1) magic for TeX files
-#
-# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
-#
-# From <conklin@talisman.kaleida.com>
-
-# Although we may know the offset of certain text fields in TeX DVI
-# and font files, we can't use them reliably because they are not
-# zero terminated. [but we do anyway, christos]
-0 string \367\002 application/x-dvi
-#0 string \367\203 TeX generic font data
-#0 string \367\131 TeX packed font data
-#0 string \367\312 TeX virtual font data
-#0 string This\ is\ TeX, TeX transcript text
-#0 string This\ is\ METAFONT, METAFONT transcript text
-
-# There is no way to detect TeX Font Metric (*.tfm) files without
-# breaking them apart and reading the data. The following patterns
-# match most *.tfm files generated by METAFONT or afm2tfm.
-#2 string \000\021 TeX font metric data
-#2 string \000\022 TeX font metric data
-#>34 string >\0 (%s)
-
-# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
-#0 string \\input\ texinfo Texinfo source text
-#0 string This\ is\ Info\ file GNU Info text
-
-# correct TeX magic for Linux (and maybe more)
-# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
-#
-0 leshort 0x02f7 application/x-dvi
-
-# RTF - Rich Text Format
-0 string {\\rtf application/rtf
-
-#------------------------------------------------------------------------------
-# animation: file(1) magic for animation/movie formats
-#
-# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
-# MPEG file
-0 string \000\000\001\263 video/mpeg
-#
-# The contributor claims:
-# I couldn't find a real magic number for these, however, this
-# -appears- to work. Note that it might catch other files, too,
-# so BE CAREFUL!
-#
-# Note that title and author appear in the two 20-byte chunks
-# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
-# 255 (hex FF)! DL format SUCKS BIG ROCKS.
-#
-# DL file version 1 , medium format (160x100, 4 images/screen)
-0 byte 1 video/unknown
-0 byte 2 video/unknown
-# Quicktime video, from Linus Walleij <triad@df.lth.se>
-# from Apple quicktime file format documentation.
-4 string moov video/quicktime
-4 string mdat video/quicktime
-
+++ /dev/null
-# This configuration file reflects default settings for Apache HTTP Server.
-# You may change these, but chances are that you may not need to.
-
-# Timeout: The number of seconds before receives and sends time out.
-Timeout 300
-
-# KeepAlive: Whether or not to allow persistent connections (more than
-# one request per connection). Set to "Off" to deactivate.
-KeepAlive On
-
-# MaxKeepAliveRequests: The maximum number of requests to allow
-# during a persistent connection. Set to 0 to allow an unlimited amount.
-# We recommend you leave this number high, for maximum performance.
-MaxKeepAliveRequests 100
-
-# KeepAliveTimeout: Number of seconds to wait for the next request from the
-# same client on the same connection.
-KeepAliveTimeout 15
-
-# UseCanonicalName: Determines how Apache constructs self-referencing
-# URLs and the SERVER_NAME and SERVER_PORT variables.
-# When set "Off", Apache will use the Hostname and Port supplied
-# by the client. When set "On", Apache will use the value of the
-# ServerName directive.
-UseCanonicalName Off
-
-# AccessFileName: The name of the file to look for in each directory
-# for additional configuration directives. See also the AllowOverride
-# directive.
-AccessFileName .htaccess
-
-# ServerTokens
-# This directive configures what you return as the Server HTTP response
-# Header. The default is 'Full' which sends information about the OS-Type
-# and compiled in modules.
-# Set to one of: Full | OS | Minor | Minimal | Major | Prod
-# where Full conveys the most information, and Prod the least.
-ServerTokens Prod
-
-# TraceEnable
-# This directive overrides the behavior of TRACE for both the core server and
-# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616,
-# which disallows any request body to accompany the request. TraceEnable off
-# causes the core server and mod_proxy to return a 405 (Method not allowed)
-# error to the client.
-# For security reasons this is turned off by default. (bug #240680)
-TraceEnable off
-
-# Optionally add a line containing the server version and virtual host
-# name to server-generated pages (internal error documents, FTP directory
-# listings, mod_status and mod_info output etc., but not CGI generated
-# documents or custom error documents).
-# Set to "EMail" to also include a mailto: link to the ServerAdmin.
-# Set to one of: On | Off | EMail
-ServerSignature On
-
-# HostnameLookups: Log the names of clients or just their IP addresses
-# e.g., www.apache.org (on) or 204.62.129.132 (off).
-# The default is off because it'd be overall better for the net if people
-# had to knowingly turn this feature on, since enabling it means that
-# each client request will result in AT LEAST one lookup request to the
-# nameserver.
-HostnameLookups Off
-
-# EnableMMAP and EnableSendfile: On systems that support it,
-# memory-mapping or the sendfile syscall is used to deliver
-# files. This usually improves server performance, but must
-# be turned off when serving from networked-mounted
-# filesystems or if support for these functions is otherwise
-# broken on your system.
-EnableMMAP On
-EnableSendfile On
-
-# FileEtag: Configures the file attributes that are used to create
-# the ETag (entity tag) response header field when the document is
-# based on a static file. (The ETag value is used in cache management
-# to save network bandwidth.)
-FileEtag INode MTime Size
-
-# ContentDigest: This directive enables the generation of Content-MD5
-# headers as defined in RFC1864 respectively RFC2616.
-# The Content-MD5 header provides an end-to-end message integrity
-# check (MIC) of the entity-body. A proxy or client may check this
-# header for detecting accidental modification of the entity-body
-# in transit.
-# Note that this can cause performance problems on your server since
-# the message digest is computed on every request (the values are
-# not cached).
-# Content-MD5 is only sent for documents served by the core, and not
-# by any module. For example, SSI documents, output from CGI scripts,
-# and byte range responses do not have this header.
-ContentDigest Off
-
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a <VirtualHost>
-# container, error messages relating to that virtual host will be
-# logged here. If you *do* define an error logfile for a <VirtualHost>
-# container, that host's errors will be logged there and not here.
-ErrorLog /var/log/apache2/error_log
-
-# LogLevel: Control the number of messages logged to the error_log.
-# Possible values include: debug, info, notice, warn, error, crit,
-# alert, emerg.
-LogLevel warn
-
-# We configure the "default" to be a very restrictive set of features.
-<Directory />
- Options FollowSymLinks
- AllowOverride None
- Order deny,allow
- Deny from all
-</Directory>
-
-# DirectoryIndex: sets the file that Apache will serve if a directory
-# is requested.
-#
-# The index.html.var file (a type-map) is used to deliver content-
-# negotiated documents. The MultiViews Options can be used for the
-# same purpose, but it is much slower.
-#
-# To add files to that list use AddDirectoryIndex in a custom config
-# file. Do not change this entry unless you know what you are doing.
-<IfModule dir_module>
- DirectoryIndex index.html index.html.var
-</IfModule>
-
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
-<FilesMatch "^\.ht">
- Order allow,deny
- Deny from all
-</FilesMatch>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# The configuration below implements multi-language error documents through
-# content-negotiation.
-
-# Customizable error responses come in three flavors:
-# 1) plain text 2) local redirects 3) external redirects
-# Some examples:
-#ErrorDocument 500 "The server made a boo boo."
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-
-# Required modules: mod_alias, mod_include, mod_negotiation
-# We use Alias to redirect any /error/HTTP_<error>.html.var response to
-# our collection of by-error message multi-language collections. We use
-# includes to substitute the appropriate text.
-# You can modify the messages' appearance without changing any of the
-# default HTTP_<error>.html.var files by adding the line:
-# Alias /error/include/ "/your/include/path/"
-# which allows you to create your own set of files by starting with the
-# /var/www/localhost/error/include/ files and copying them to /your/include/path/,
-# even on a per-VirtualHost basis. The default include files will display
-# your Apache version number and your ServerAdmin email address regardless
-# of the setting of ServerSignature.
-
-<IfDefine ERRORDOCS>
-Alias /error/ "/usr/share/apache2/error/"
-
-<Directory "/usr/share/apache2/error">
- AllowOverride None
- Options IncludesNoExec
- AddOutputFilter Includes html
- AddHandler type-map var
- Order allow,deny
- Allow from all
- LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
- ForceLanguagePriority Prefer Fallback
-</Directory>
-
-ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
-ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
-ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
-ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
-ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
-ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
-ErrorDocument 410 /error/HTTP_GONE.html.var
-ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
-ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
-ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
-ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
-ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
-ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
-ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
-ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
-ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
-ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# Settings for hosting different languages.
-<IfDefine LANGUAGE>
-# DefaultLanguage and AddLanguage allows you to specify the language of
-# a document. You can then use content negotiation to give a browser a
-# file in a language the user can understand.
-#
-# Specify a default language. This means that all data
-# going out without a specific language tag (see below) will
-# be marked with this one. You probably do NOT want to set
-# this unless you are sure it is correct for all cases.
-#
-# It is generally better to not mark a page as
-# being a certain language than marking it with the wrong
-# language!
-#
-# DefaultLanguage nl
-#
-# Note 1: The suffix does not have to be the same as the language
-# keyword --- those with documents in Polish (whose net-standard
-# language code is pl) may wish to use "AddLanguage pl .po" to
-# avoid the ambiguity with the common suffix for perl scripts.
-#
-# Note 2: The example entries below illustrate that in some cases
-# the two character 'Language' abbreviation is not identical to
-# the two character 'Country' code for its country,
-# E.g. 'Danmark/dk' versus 'Danish/da'.
-#
-# Note 3: In the case of 'ltz' we violate the RFC by using a three char
-# specifier. There is 'work in progress' to fix this and get
-# the reference data for rfc1766 cleaned up.
-#
-# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
-# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
-# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
-# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
-# Norwegian (no) - Polish (pl) - Portugese (pt)
-# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
-# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
-AddLanguage ca .ca
-AddLanguage cs .cz .cs
-AddLanguage da .dk
-AddLanguage de .de
-AddLanguage el .el
-AddLanguage en .en
-AddLanguage eo .eo
-AddLanguage es .es
-AddLanguage et .et
-AddLanguage fr .fr
-AddLanguage he .he
-AddLanguage hr .hr
-AddLanguage it .it
-AddLanguage ja .ja
-AddLanguage ko .ko
-AddLanguage ltz .ltz
-AddLanguage nl .nl
-AddLanguage nn .nn
-AddLanguage no .no
-AddLanguage pl .po
-AddLanguage pt .pt
-AddLanguage pt-BR .pt-br
-AddLanguage ru .ru
-AddLanguage sv .sv
-AddLanguage zh-CN .zh-cn
-AddLanguage zh-TW .zh-tw
-
-# LanguagePriority allows you to give precedence to some languages
-# in case of a tie during content negotiation.
-#
-# Just list the languages in decreasing order of preference. We have
-# more or less alphabetized them here. You probably want to change this.
-LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
-
-# ForceLanguagePriority allows you to serve a result page rather than
-# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
-# [in case no accepted languages matched the available variants]
-ForceLanguagePriority Prefer Fallback
-
-# Commonly used filename extensions to character sets. You probably
-# want to avoid clashes with the language extensions, unless you
-# are good at carefully testing your setup after each change.
-# See http://www.iana.org/assignments/character-sets for the
-# official list of charset names and their respective RFCs.
-AddCharset us-ascii.ascii .us-ascii
-AddCharset ISO-8859-1 .iso8859-1 .latin1
-AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
-AddCharset ISO-8859-3 .iso8859-3 .latin3
-AddCharset ISO-8859-4 .iso8859-4 .latin4
-AddCharset ISO-8859-5 .iso8859-5 .cyr .iso-ru
-AddCharset ISO-8859-6 .iso8859-6 .arb .arabic
-AddCharset ISO-8859-7 .iso8859-7 .grk .greek
-AddCharset ISO-8859-8 .iso8859-8 .heb .hebrew
-AddCharset ISO-8859-9 .iso8859-9 .latin5 .trk
-AddCharset ISO-8859-10 .iso8859-10 .latin6
-AddCharset ISO-8859-13 .iso8859-13
-AddCharset ISO-8859-14 .iso8859-14 .latin8
-AddCharset ISO-8859-15 .iso8859-15 .latin9
-AddCharset ISO-8859-16 .iso8859-16 .latin10
-AddCharset ISO-2022-JP .iso2022-jp .jis
-AddCharset ISO-2022-KR .iso2022-kr .kis
-AddCharset ISO-2022-CN .iso2022-cn .cis
-AddCharset Big5.Big5 .big5 .b5
-AddCharset cn-Big5 .cn-big5
-# For russian, more than one charset is used (depends on client, mostly):
-AddCharset WINDOWS-1251 .cp-1251 .win-1251
-AddCharset CP866 .cp866
-AddCharset KOI8 .koi8
-AddCharset KOI8-E .koi8-e
-AddCharset KOI8-r .koi8-r .koi8-ru
-AddCharset KOI8-U .koi8-u
-AddCharset KOI8-ru .koi8-uk .ua
-AddCharset ISO-10646-UCS-2 .ucs2
-AddCharset ISO-10646-UCS-4 .ucs4
-AddCharset UTF-7 .utf7
-AddCharset UTF-8 .utf8
-AddCharset UTF-16 .utf16
-AddCharset UTF-16BE .utf16be
-AddCharset UTF-16LE .utf16le
-AddCharset UTF-32 .utf32
-AddCharset UTF-32BE .utf32be
-AddCharset UTF-32LE .utf32le
-AddCharset euc-cn .euc-cn
-AddCharset euc-gb .euc-gb
-AddCharset euc-jp .euc-jp
-AddCharset euc-kr .euc-kr
-# Not sure how euc-tw got in - IANA doesn't list it???
-AddCharset EUC-TW .euc-tw
-AddCharset gb2312 .gb2312 .gb
-AddCharset iso-10646-ucs-2 .ucs-2 .iso-10646-ucs-2
-AddCharset iso-10646-ucs-4 .ucs-4 .iso-10646-ucs-4
-AddCharset shift_jis .shift_jis .sjis
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-<IfModule autoindex_module>
-<IfModule alias_module>
-# We include the /icons/ alias for FancyIndexed directory listings. If
-# you do not use FancyIndexing, you may comment this out.
-Alias /icons/ "/usr/share/apache2/icons/"
-
-<Directory "/usr/share/apache2/icons">
- Options Indexes MultiViews
- AllowOverride None
- Order allow,deny
- Allow from all
-</Directory>
-</IfModule>
-
-# Directives controlling the display of server-generated directory listings.
-#
-# To see the listing of a directory, the Options directive for the
-# directory must include "Indexes", and the directory must not contain
-# a file matching those listed in the DirectoryIndex directive.
-
-# IndexOptions: Controls the appearance of server-generated directory
-# listings.
-IndexOptions FancyIndexing VersionSort
-
-# AddIcon* directives tell the server which icon to show for different
-# files or filename extensions. These are only displayed for
-# FancyIndexed directories.
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
-
-AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
-
-AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
-AddIcon /icons/bomb.gif core
-
-AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
-
-# DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
-DefaultIcon /icons/unknown.gif
-
-# AddDescription allows you to place a short description after a file in
-# server-generated indexes. These are only displayed for FancyIndexed
-# directories.
-# Format: AddDescription "description" filename
-
-#AddDescription "GZIP compressed document" .gz
-#AddDescription "tar archive" .tar
-#AddDescription "GZIP compressed tar archive" .tgz
-
-# ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
-
-# HeaderName is the name of a file which should be prepended to
-# directory indexes.
-ReadmeName README.html
-HeaderName HEADER.html
-
-# IndexIgnore is a set of filenames which directory indexing should ignore
-# and not include in the listing. Shell-style wildcarding is permitted.
-IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
-</IfModule>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-<IfDefine INFO>
-# Allow remote server configuration reports, with the URL of
-# http://servername/server-info
-<Location /server-info>
- SetHandler server-info
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
-</Location>
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-<IfModule log_config_module>
-# The following directives define some format nicknames for use with
-# a CustomLog directive (see below).
-LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
-
-LogFormat "%{Referer}i -> %U" referer
-LogFormat "%{User-Agent}i" agent
-LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script
-LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost
-
-<IfModule logio_module>
-# You need to enable mod_logio.c to use %I and %O
-LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
-LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" vhostio
-</IfModule>
-
-# The location and format of the access logfile (Common Logfile Format).
-# If you do not define any access logfiles within a <VirtualHost>
-# container, they will be logged here. Contrariwise, if you *do*
-# define per-<VirtualHost> access logfiles, transactions will be
-# logged therein and *not* in this file.
-CustomLog /var/log/apache2/access_log common
-
-# If you would like to have agent and referer logfiles,
-# uncomment the following directives.
-#CustomLog /var/log/apache2/referer_log referer
-#CustomLog /var/log/apache2/agent_logs agent
-
-# If you prefer a logfile with access, agent, and referer information
-# (Combined Logfile Format) you can use the following directive.
-#CustomLog /var/log/apache2/access_log combined
-</IfModule>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# DefaultType: the default MIME type the server will use for a document
-# if it cannot otherwise determine one, such as from filename extensions.
-# If your server contains mostly text or HTML documents, "text/plain" is
-# a good value. If most of your content is binary, such as applications
-# or images, you may want to use "application/octet-stream" instead to
-# keep browsers from trying to display binary files as though they are
-# text.
-DefaultType text/plain
-
-<IfModule mime_module>
-# TypesConfig points to the file containing the list of mappings from
-# filename extension to MIME-type.
-TypesConfig /etc/mime.types
-
-# AddType allows you to add to or override the MIME configuration
-# file specified in TypesConfig for specific file types.
-#AddType application/x-gzip .tgz
-
-# AddEncoding allows you to have certain browsers uncompress
-# information on the fly. Note: Not all browsers support this.
-#AddEncoding x-compress .Z
-#AddEncoding x-gzip .gz .tgz
-
-# If the AddEncoding directives above are commented-out, then you
-# probably should define those extensions to indicate media types:
-AddType application/x-compress .Z
-AddType application/x-gzip .gz .tgz
-
-# AddHandler allows you to map certain file extensions to "handlers":
-# actions unrelated to filetype. These can be either built into the server
-# or added with the Action directive (see below)
-
-# To use CGI scripts outside of ScriptAliased directories:
-# (You will also need to add "ExecCGI" to the "Options" directive.)
-#AddHandler cgi-script .cgi
-
-# For type maps (negotiated resources):
-#AddHandler type-map var
-
-# Filters allow you to process content before it is sent to the client.
-#
-# To parse .shtml files for server-side includes (SSI):
-# (You will also need to add "Includes" to the "Options" directive.)
-#AddType text/html .shtml
-#AddOutputFilter INCLUDES .shtml
-</IfModule>
-
-<IfModule mime_magic_module>
-# The mod_mime_magic module allows the server to use various hints from the
-# contents of the file itself to determine its type. The MIMEMagicFile
-# directive tells the module where the hint definitions are located.
-MIMEMagicFile /etc/apache2/magic
-</IfModule>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-<IfDefine STATUS>
-# Allow server status reports generated by mod_status,
-# with the URL of http://servername/server-status
-<Location /server-status>
- SetHandler server-status
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
-</Location>
-
-# ExtendedStatus controls whether Apache will generate "full" status
-# information (ExtendedStatus On) or just basic information (ExtendedStatus
-# Off) when the "server-status" handler is called.
-ExtendedStatus On
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# Settings for user home directories
-<IfDefine USERDIR>
-# UserDir: The name of the directory that is appended onto a user's home
-# directory if a ~user request is received. Note that you must also set
-# the default access control for these directories, as in the example below.
-UserDir public_html
-
-# Control access to UserDir directories. The following is an example
-# for a site where these directories are restricted to read-only.
-<Directory /home/*/public_html>
- AllowOverride FileInfo AuthConfig Limit Indexes
- Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
- <Limit GET POST OPTIONS>
- Order allow,deny
- Allow from all
- </Limit>
- <LimitExcept GET POST OPTIONS>
- Order deny,allow
- Deny from all
- </LimitExcept>
-</Directory>
-
-# Suexec isn't really required to run cgi-scripts, but it's a really good
-# idea if you have multiple users serving websites...
-<IfDefine SUEXEC>
-<Directory /home/*/public_html/cgi-bin>
- Options ExecCGI
- SetHandler cgi-script
-</Directory>
-</IfDefine>
-
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# Server-Pool Management (MPM specific)
-
-# PidFile: The file in which the server should record its process
-# identification number when it starts.
-#
-# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
-PidFile /var/run/apache2.pid
-
-# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-#LockFile /var/run/apache2.lock
-
-# Only one of the below sections will be relevant on your
-# installed httpd. Use "/usr/sbin/apache2 -l" to find out the
-# active mpm.
-
-# common MPM configuration
-# These configuration directives apply to all MPMs
-#
-# StartServers: Number of child server processes created at startup
-# MaxClients: Maximum number of child processes to serve requests
-# MaxRequestsPerChild: Limit on the number of requests that an individual child
-# server will handle during its life
-
-
-# prefork MPM
-# This is the default MPM if USE=-threads
-#
-# MinSpareServers: Minimum number of idle child server processes
-# MaxSpareServers: Maximum number of idle child server processes
-<IfModule mpm_prefork_module>
- StartServers 5
- MinSpareServers 5
- MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 10000
-</IfModule>
-
-# worker MPM
-# This is the default MPM if USE=threads
-#
-# MinSpareThreads: Minimum number of idle threads available to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads
-# ThreadsPerChild: Number of threads created by each child process
-<IfModule mpm_worker_module>
- StartServers 2
- MinSpareThreads 25
- MaxSpareThreads 75
- ThreadsPerChild 25
- MaxClients 150
- MaxRequestsPerChild 10000
-</IfModule>
-
-# event MPM
-#
-# MinSpareThreads: Minimum number of idle threads available to handle request spikes
-# MaxSpareThreads: Maximum number of idle threads
-# ThreadsPerChild: Number of threads created by each child process
-<IfModule mpm_event_module>
- StartServers 2
- MinSpareThreads 25
- MaxSpareThreads 75
- ThreadsPerChild 25
- MaxClients 150
- MaxRequestsPerChild 10000
-</IfModule>
-
-# peruser MPM
-#
-# MinSpareProcessors: Minimum number of idle child server processes
-# MinProcessors: Minimum number of processors per virtual host
-# MaxProcessors: Maximum number of processors per virtual host
-# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable
-# Multiplexer: Specify a Multiplexer child configuration.
-# Processor: Specify a user and group for a specific child process
-<IfModule mpm_peruser_module>
- MinSpareProcessors 2
- MinProcessors 2
- MaxProcessors 10
- MaxClients 150
- MaxRequestsPerChild 1000
- ExpireTimeout 1800
-
- Multiplexer nobody nobody
- Processor apache apache
-</IfModule>
-
-# itk MPM
-#
-# MinSpareServers: Minimum number of idle child server processes
-# MaxSpareServers: Maximum number of idle child server processes
-<IfModule mpm_itk_module>
- StartServers 5
- MinSpareServers 5
- MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 10000
-</IfModule>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-<IfDefine MEM_CACHE>
-# 128MB cache for objects < 2MB
-CacheEnable mem /
-MCacheSize 131072
-MCacheMaxObjectCount 1000
-MCacheMinObjectSize 1
-MCacheMaxObjectSize 2097152
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# Note: The following must must be present to support
-# starting without SSL on platforms with no /dev/random equivalent
-# but a statically compiled-in mod_ssl.
-<IfModule ssl_module>
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-</IfModule>
-
-<IfDefine SSL>
-# This is the Apache server configuration file providing SSL support.
-# It contains the configuration directives to instruct the server how to
-# serve pages over an https connection. For detailing information about these
-# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
-
-# Do NOT simply read the instructions in here without understanding
-# what they do. They're here only as hints or reminders. If you are unsure
-# consult the online docs. You have been warned.
-
-## Pseudo Random Number Generator (PRNG):
-# Configure one or more sources to seed the PRNG of the SSL library.
-# The seed data should be of good random quality.
-# WARNING! On some platforms /dev/random blocks if not enough entropy
-# is available. This means you then cannot use the /dev/random device
-# because it would lead to very long connection times (as long as
-# it requires to make more entropy available). But usually those
-# platforms additionally provide a /dev/urandom device which doesn't
-# block. So, if available, use this one instead. Read the mod_ssl User
-# Manual for more details.
-#SSLRandomSeed startup file:/dev/random 512
-#SSLRandomSeed startup file:/dev/urandom 512
-#SSLRandomSeed connect file:/dev/random 512
-#SSLRandomSeed connect file:/dev/urandom 512
-
-## SSL Global Context:
-# All SSL configuration in this context applies both to the main server and
-# all SSL-enabled virtual hosts.
-
-# Some MIME-types for downloading Certificates and CRLs
-<IfModule mime_module>
- AddType application/x-x509-ca-cert .crt
- AddType application/x-pkcs7-crl .crl
-</IfModule>
-
-## Pass Phrase Dialog:
-# Configure the pass phrase gathering process. The filtering dialog program
-# (`builtin' is a internal terminal dialog) has to provide the pass phrase on
-# stdout.
-SSLPassPhraseDialog builtin
-
-## Inter-Process Session Cache:
-# Configure the SSL Session Cache: First the mechanism to use and second the
-# expiring timeout (in seconds).
-#SSLSessionCache dbm:/var/run/ssl_scache
-SSLSessionCache shmcb:/var/run/ssl_scache(512000)
-SSLSessionCacheTimeout 300
-
-## Semaphore:
-# Configure the path to the mutual exclusion semaphore the SSL engine uses
-# internally for inter-process synchronization.
-SSLMutex file:/var/run/ssl_mutex
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-<IfDefine DAV>
-DavLockDB "/var/lib/dav/lockdb"
-
-# The following directives disable redirects on non-GET requests for
-# a directory that does not include the trailing slash. This fixes a
-# problem with several clients that do not appropriately handle
-# redirects for folders with DAV methods.
-<IfModule setenvif_module>
-BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
-BrowserMatch "MS FrontPage" redirect-carefully
-BrowserMatch "^WebDrive" redirect-carefully
-BrowserMatch "^WebDAVFS/1.[012345678]" redirect-carefully
-BrowserMatch "^gnome-vfs/1.0" redirect-carefully
-BrowserMatch "^XML Spy" redirect-carefully
-BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
-</IfModule>
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# Examples below are taken from the online documentation
-# Refer to:
-# http://localhost/manual/mod/mod_ldap.html
-# http://localhost/manual/mod/mod_auth_ldap.html
-<IfDefine LDAP>
-LDAPSharedCacheSize 200000
-LDAPCacheEntries 1024
-LDAPCacheTTL 600
-LDAPOpCacheEntries 1024
-LDAPOpCacheTTL 600
-
-<Location /ldap-status>
- SetHandler ldap-status
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
-</Location>
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-<IfDefine SSL>
-<IfDefine SSL_DEFAULT_VHOST>
-<IfModule ssl_module>
-# see bug #178966 why this is in here
-
-# When we also provide SSL we have to listen to the HTTPS port
-# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two
-# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443"
-Listen 443
-
-<VirtualHost _default_:443>
- ServerName localhost
- Include /etc/apache2/vhosts.d/default_vhost.include
- ErrorLog /var/log/apache2/ssl_error_log
-
- <IfModule log_config_module>
- TransferLog /var/log/apache2/ssl_access_log
- </IfModule>
-
- ## SSL Engine Switch:
- # Enable/Disable SSL for this virtual host.
- SSLEngine on
-
- ## SSL Cipher Suite:
- # List the ciphers that the client is permitted to negotiate.
- # See the mod_ssl documentation for a complete list.
- SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-
- ## Server Certificate:
- # Point SSLCertificateFile at a PEM encoded certificate. If the certificate
- # is encrypted, then you will be prompted for a pass phrase. Note that a
- # kill -HUP will prompt again. Keep in mind that if you have both an RSA
- # and a DSA certificate you can configure both in parallel (to also allow
- # the use of DSA ciphers, etc.)
- SSLCertificateFile /etc/ssl/apache2/server.crt
-
- ## Server Private Key:
- # If the key is not combined with the certificate, use this directive to
- # point at the key file. Keep in mind that if you've both a RSA and a DSA
- # private key you can configure both in parallel (to also allow the use of
- # DSA ciphers, etc.)
- SSLCertificateKeyFile /etc/ssl/apache2/server.key
-
- ## Server Certificate Chain:
- # Point SSLCertificateChainFile at a file containing the concatenation of
- # PEM encoded CA certificates which form the certificate chain for the
- # server certificate. Alternatively the referenced file can be the same as
- # SSLCertificateFile when the CA certificates are directly appended to the
- # server certificate for convinience.
- #SSLCertificateChainFile /etc/ssl/apache2/ca.crt
-
- ## Certificate Authority (CA):
- # Set the CA certificate verification path where to find CA certificates
- # for client authentication or alternatively one huge file containing all
- # of them (file must be PEM encoded).
- # Note: Inside SSLCACertificatePath you need hash symlinks to point to the
- # certificate files. Use the provided Makefile to update the hash symlinks
- # after changes.
- #SSLCACertificatePath /etc/ssl/apache2/ssl.crt
- #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt
-
- ## Certificate Revocation Lists (CRL):
- # Set the CA revocation path where to find CA CRLs for client authentication
- # or alternatively one huge file containing all of them (file must be PEM
- # encoded).
- # Note: Inside SSLCARevocationPath you need hash symlinks to point to the
- # certificate files. Use the provided Makefile to update the hash symlinks
- # after changes.
- #SSLCARevocationPath /etc/ssl/apache2/ssl.crl
- #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl
-
- ## Client Authentication (Type):
- # Client certificate verification type and depth. Types are none, optional,
- # require and optional_no_ca. Depth is a number which specifies how deeply
- # to verify the certificate issuer chain before deciding the certificate is
- # not valid.
- #SSLVerifyClient require
- #SSLVerifyDepth 10
-
- ## Access Control:
- # With SSLRequire you can do per-directory access control based on arbitrary
- # complex boolean expressions containing server variable checks and other
- # lookup directives. The syntax is a mixture between C and Perl. See the
- # mod_ssl documentation for more details.
- #<Location />
- # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
- # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
- # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
- # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
- # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
- # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
- #</Location>
-
- ## SSL Engine Options:
- # Set various options for the SSL engine.
-
- ## FakeBasicAuth:
- # Translate the client X.509 into a Basic Authorisation. This means that the
- # standard Auth/DBMAuth methods can be used for access control. The user
- # name is the `one line' version of the client's X.509 certificate.
- # Note that no password is obtained from the user. Every entry in the user
- # file needs this password: `xxj31ZMTZzkVA'.
-
- ## ExportCertData:
- # This exports two additional environment variables: SSL_CLIENT_CERT and
- # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server
- # (always existing) and the client (only existing when client
- # authentication is used). This can be used to import the certificates into
- # CGI scripts.
-
- ## StdEnvVars:
- # This exports the standard SSL/TLS related `SSL_*' environment variables.
- # Per default this exportation is switched off for performance reasons,
- # because the extraction step is an expensive operation and is usually
- # useless for serving static content. So one usually enables the exportation
- # for CGI and SSI requests only.
-
- ## StrictRequire:
- # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under
- # a "Satisfy any" situation, i.e. when it applies access is denied and no
- # other module can change it.
-
- ## OptRenegotiate:
- # This enables optimized SSL connection renegotiation handling when SSL
- # directives are used in per-directory context.
- #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
- <FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
- </FilesMatch>
-
- <Directory "/var/www/localhost/cgi-bin">
- SSLOptions +StdEnvVars
- </Directory>
-
- ## SSL Protocol Adjustments:
- # The safe and default but still SSL/TLS standard compliant shutdown
- # approach is that mod_ssl sends the close notify alert but doesn't wait
- # for the close notify alert from client. When you need a different
- # shutdown approach you can use one of the following variables:
-
- ## ssl-unclean-shutdown:
- # This forces an unclean shutdown when the connection is closed, i.e. no
- # SSL close notify alert is send or allowed to received. This violates the
- # SSL/TLS standard but is needed for some brain-dead browsers. Use this when
- # you receive I/O errors because of the standard approach where mod_ssl
- # sends the close notify alert.
-
- ## ssl-accurate-shutdown:
- # This forces an accurate shutdown when the connection is closed, i.e. a
- # SSL close notify alert is send and mod_ssl waits for the close notify
- # alert of the client. This is 100% SSL/TLS standard compliant, but in
- # practice often causes hanging connections with brain-dead browsers. Use
- # this only for browsers where you know that their SSL implementation works
- # correctly.
- # Notice: Most problems of broken clients are also related to the HTTP
- # keep-alive facility, so you usually additionally want to disable
- # keep-alive for those clients, too. Use variable "nokeepalive" for this.
- # Similarly, one has to force some clients to use HTTP/1.0 to workaround
- # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
- # "force-response-1.0" for this.
- <IfModule setenvif_module>
- BrowserMatch ".*MSIE.*" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- </IfModule>
-
- ## Per-Server Logging:
- # The home of a custom SSL log file. Use this when you want a compact
- # non-error SSL logfile on a virtual host basis.
- <IfModule log_config_module>
- CustomLog /var/log/apache2/ssl_request_log \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
- </IfModule>
-</VirtualHost>
-</IfModule>
-</IfDefine>
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# Virtual Hosts
-#
-# If you want to maintain multiple domains/hostnames on your
-# machine you can setup VirtualHost containers for them. Most configurations
-# use only name-based virtual hosts so the server doesn't need to worry about
-# IP addresses. This is indicated by the asterisks in the directives below.
-#
-# Please see the documentation at
-# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
-# for further details before you try to setup virtual hosts.
-#
-# You may use the command line option '-S' to verify your virtual host
-# configuration.
-
-<IfDefine DEFAULT_VHOST>
-# see bug #178966 why this is in here
-
-# Listen: Allows you to bind Apache to specific IP addresses and/or
-# ports, instead of the default. See also the <VirtualHost>
-# directive.
-#
-# Change this to Listen on specific IP addresses as shown below to
-# prevent Apache from glomming onto all bound IP addresses.
-#
-#Listen 12.34.56.78:80
-Listen 80
-
-# Use name-based virtual hosting.
-NameVirtualHost *:80
-
-# When virtual hosts are enabled, the main host defined in the default
-# httpd.conf configuration will go away. We redefine it here so that it is
-# still available.
-#
-# If you disable this vhost by removing -D DEFAULT_VHOST from
-# /etc/conf.d/apache2, the first defined virtual host elsewhere will be
-# the default.
-<VirtualHost *:80>
- ServerName localhost
- Include /etc/apache2/vhosts.d/default_vhost.include
-
- <IfModule mpm_peruser_module>
- ServerEnvironment apache apache
- </IfModule>
-</VirtualHost>
-</IfDefine>
-
-# vim: ts=4 filetype=apache
+++ /dev/null
-# ServerAdmin: Your address, where problems with the server should be
-# e-mailed. This address appears on some server-generated pages, such
-# as error documents. e.g. admin@your-domain.com
-ServerAdmin root@localhost
-
-# DocumentRoot: The directory out of which you will serve your
-# documents. By default, all requests are taken from this directory, but
-# symbolic links and aliases may be used to point to other locations.
-#
-# If you change this to something that isn't under /var/www then suexec
-# will no longer work.
-DocumentRoot "/var/www/localhost/htdocs"
-
-# This should be changed to whatever you set DocumentRoot to.
-<Directory "/var/www/localhost/htdocs">
- # Possible values for the Options directive are "None", "All",
- # or any combination of:
- # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
- #
- # Note that "MultiViews" must be named *explicitly* --- "Options All"
- # doesn't give it to you.
- #
- # The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.2/mod/core.html#options
- # for more information.
- Options Indexes FollowSymLinks
-
- # AllowOverride controls what directives may be placed in .htaccess files.
- # It can be "All", "None", or any combination of the keywords:
- # Options FileInfo AuthConfig Limit
- AllowOverride All
-
- # Controls who can get stuff from this server.
- Order allow,deny
- Allow from all
-</Directory>
-
-<IfModule alias_module>
- # Redirect: Allows you to tell clients about documents that used to
- # exist in your server's namespace, but do not anymore. The client
- # will make a new request for the document at its new location.
- # Example:
- # Redirect permanent /foo http://www.example.com/bar
-
- # Alias: Maps web paths into filesystem paths and is used to
- # access content that does not live under the DocumentRoot.
- # Example:
- # Alias /webpath /full/filesystem/path
- #
- # If you include a trailing / on /webpath then the server will
- # require it to be present in the URL. You will also likely
- # need to provide a <Directory> section to allow access to
- # the filesystem path.
-
- # ScriptAlias: This controls which directories contain server scripts.
- # ScriptAliases are essentially the same as Aliases, except that
- # documents in the target directory are treated as applications and
- # run by the server when requested rather than as documents sent to the
- # client. The same rules about trailing "/" apply to ScriptAlias
- # directives as to Alias.
- ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
-</IfModule>
-
-# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased
-# CGI directory exists, if you have that configured.
-<Directory "/var/www/localhost/cgi-bin">
- AllowOverride None
- Options None
- Order allow,deny
- Allow from all
-</Directory>
-
-# vim: ts=4 filetype=apache
-# Automatically generated by app-misc/ca-certificates-20130906
-# Mo 17. Mär 21:20:18 UTC 2014
+# Automatically generated by app-misc/ca-certificates-20130906-r1
+# Di 1. Apr 21:03:01 UTC 2014
# Do not edit.
cacert.org/cacert.org_class3.crt
cacert.org/cacert.org_root.crt
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
-#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
+#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
# "key type names" for X.509 certificates with DSA key
# Note first defined is used in signature operations!
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
+# Ciphers and keying
+#RekeyLimit default none
+
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
# but this is overridden so installations will only check .ssh/authorized_keys
#AuthorizedKeysFile .ssh/authorized_keys
+#AuthorizedPrincipalsFile none
+
+#AuthorizedKeysCommand none
+#AuthorizedKeysCommandUser nobody
+
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
PrintLastLog no
TCPKeepAlive yes
#UseLogin no
-#UsePrivilegeSeparation yes
+UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
-#MaxStartups 10
+#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
+#VersionAddendum none
# no default banner path
#Banner none
-# Allow client to pass locale environment variables
-AcceptEnv LANG LC_*
-
# override default of no subsystems
Subsystem sftp /usr/lib64/misc/sftp-server
# tcp receive buffer polling. disable in non autotuning kernels
#TcpRcvBufPoll yes
-# allow the use of the none cipher
-#NoneEnabled no
-
-# disable hpn performance boosts.
+# disable hpn performance boosts
#HPNDisabled no
# buffer size for hpn to non-hpn connections
#HPNBufferSize 2048
+# allow the use of the none cipher
+#NoneEnabled no
+
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# ForceCommand cvs server
+
+# Allow client to pass locale environment variables #367017
+AcceptEnv LANG LC_*
--- /dev/null
+# $OpenBSD$
+
+# This is the sshd server system-wide configuration file. See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented. Uncommented options override the
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# The default requires explicit activation of protocol 1
+#Protocol 2
+
+# HostKey for protocol version 1
+#HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+#HostKey /etc/ssh/ssh_host_rsa_key
+#HostKey /etc/ssh/ssh_host_dsa_key
+#HostKey /etc/ssh/ssh_host_ecdsa_key
+
+# "key type names" for X.509 certificates with RSA key
+# Note first defined is used in signature operations!
+#X509KeyAlgorithm x509v3-sign-rsa,rsa-md5
+#X509KeyAlgorithm x509v3-sign-rsa,rsa-sha1
+
+# "key type names" for X.509 certificates with DSA key
+# Note first defined is used in signature operations!
+#X509KeyAlgorithm x509v3-sign-dss,dss-asn1
+#X509KeyAlgorithm x509v3-sign-dss,dss-raw
+
+# The intended use for the X509 client certificate. Without this option
+# no chain verification will be done. Currently accepted uses are case
+# insensitive:
+# - "sslclient", "SSL client", "SSL_client" or "client"
+# - "any", "Any Purpose", "Any_Purpose" or "AnyPurpose"
+# - "skip" or ""(empty): don`t check purpose.
+#AllowedCertPurpose sslclient
+
+# Specifies whether self-issued(self-signed) X.509 certificate can be
+# allowed only by entry in AutorizedKeysFile that contain matching
+# public key or certificate blob.
+#KeyAllowSelfIssued no
+
+# Specifies whether CRL must present in store for all certificates in
+# certificate chain with atribute "cRLDistributionPoints"
+#MandatoryCRL no
+
+# A file with multiple certificates of certificate signers
+# in PEM format concatenated together.
+#CACertificateFile /etc/ssh/ca/ca-bundle.crt
+
+# A directory with certificates of certificate signers.
+# The certificates should have name of the form: [HASH].[NUMBER]
+# or have symbolic links to them of this form.
+#CACertificatePath /etc/ssh/ca/crt
+
+# A file with multiple CRL of certificate signers
+# in PEM format concatenated together.
+#CARevocationFile /etc/ssh/ca/ca-bundle.crl
+
+# A directory with CRL of certificate signers.
+# The CRL should have name of the form: [HASH].r[NUMBER]
+# or have symbolic links to them of this form.
+#CARevocationPath /etc/ssh/ca/crl
+
+# LDAP protocol version.
+# Example:
+# CAldapVersion 2
+
+# Note because of OpenSSH options parser limitation
+# use %3D instead of = !
+# LDAP initialization may require URL to be escaped, i.e.
+# use %2C instead of ,(comma). Escaped URL don't depend from
+# LDAP initialization method.
+# Example:
+# CAldapURL ldap://localhost:389/dc%3Dexample%2Cdc%3Dcom
+
+# SSH can use "Online Certificate Status Protocol"(OCSP)
+# to validate certificate. Set VAType to
+# - none : do not use OCSP to validate certificates;
+# - ocspcert: validate only certificates that specify `OCSP
+# Service Locator' URL;
+# - ocspspec: use specified in the configuration 'OCSP Responder'
+# to validate all certificates.
+#VAType none
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 1024
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+#PermitRootLogin yes
+#StrictModes yes
+#MaxAuthTries 6
+#MaxSessions 10
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
+#AuthorizedKeysFile .ssh/authorized_keys
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication no
+#PermitEmptyPasswords no
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+#GSSAPIStrictAcceptorCheck yes
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+UsePAM yes
+
+#AllowAgentForwarding yes
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+PrintMotd no
+PrintLastLog no
+TCPKeepAlive yes
+#UseLogin no
+#UsePrivilegeSeparation yes
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+#UseDNS yes
+#PidFile /var/run/sshd.pid
+#MaxStartups 10
+#PermitTunnel no
+#ChrootDirectory none
+
+# no default banner path
+#Banner none
+
+# Allow client to pass locale environment variables
+AcceptEnv LANG LC_*
+
+# override default of no subsystems
+Subsystem sftp /usr/lib64/misc/sftp-server
+
+# the following are HPN related configuration options
+# tcp receive buffer polling. disable in non autotuning kernels
+#TcpRcvBufPoll yes
+
+# allow the use of the none cipher
+#NoneEnabled no
+
+# disable hpn performance boosts.
+#HPNDisabled no
+
+# buffer size for hpn to non-hpn connections
+#HPNBufferSize 2048
+
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+# X11Forwarding no
+# AllowTcpForwarding no
+# ForceCommand cvs server
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
+#PermitTTY yes
PrintMotd no
PrintLastLog no
#TCPKeepAlive yes
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
+# PermitTTY no
# ForceCommand cvs server
# Allow client to pass locale environment variables #367017
+<!--
+
+============================================
+Application bugs worked around in this file:
+============================================
+
+* Various Unigine products don't use the #version and #extension GLSL
+ directives, meaning they only get GLSL 1.10 and no extensions for their
+ shaders.
+ Enabling all extensions for Unigine fixes most issues, but the GLSL version
+ is still 1.10.
+
+* Unigine Heaven 3.0 with ARB_texture_multisample uses a "ivec4 * vec4"
+ expression, which fails to compile with GLSL 1.10.
+ Adding "#version 130" fixes this.
+
+* Unigine Heaven 3.0 with ARB_shader_bit_encoding uses the uint keyword, which
+ fails to compile with GLSL 1.10.
+ Adding "#version 130" fixes this.
+
+* Unigine Heaven 3.0 with ARB_shader_bit_encoding uses a "uint & int"
+ expression, which fails (and should fail) to compile with any GLSL version.
+ Disabling ARB_shader_bit_encoding fixes this.
+
+TODO: document the other workarounds.
+
+-->
+
<driconf>
- <device screen="0" driver="i965">
+ <!-- Please always enable app-specific workarounds for all drivers and
+ screens. -->
+ <device>
<application name="Unigine Sanctuary" executable="Sanctuary">
<option name="force_glsl_extensions_warn" value="true" />
<option name="disable_blend_func_extended" value="true" />
</application>
+
<application name="Unigine Tropics" executable="Tropics">
<option name="force_glsl_extensions_warn" value="true" />
<option name="disable_blend_func_extended" value="true" />
</application>
+
<application name="Unigine Heaven (32-bit)" executable="heaven_x86">
<option name="force_glsl_extensions_warn" value="true" />
<option name="disable_blend_func_extended" value="true" />
+ <option name="force_glsl_version" value="130" />
+ <option name="disable_shader_bit_encoding" value="true" />
</application>
+
<application name="Unigine Heaven (64-bit)" executable="heaven_x64">
<option name="force_glsl_extensions_warn" value="true" />
<option name="disable_blend_func_extended" value="true" />
+ <option name="force_glsl_version" value="130" />
+ <option name="disable_shader_bit_encoding" value="true" />
</application>
+
<application name="Unigine OilRush (32-bit)" executable="OilRush_x86">
<option name="disable_blend_func_extended" value="true" />
</application>
+
<application name="Unigine OilRush (64-bit)" executable="OilRush_x64">
<option name="disable_blend_func_extended" value="true" />
</application>
+
<application name="Savage 2" executable="savage2.bin">
<option name="disable_glsl_line_continuations" value="true" />
</application>
+
+ <application name="Topogun (32-bit)" executable="topogun32">
+ <option name="always_have_depth_buffer" value="true" />
+ </application>
+
+ <application name="Topogun (64-bit)" executable="topogun64">
+ <option name="always_have_depth_buffer" value="true" />
+ </application>
</device>
</driconf>
--- /dev/null
+# For more information, please see the hosts.allow(5) manpage
+
+# Rule format:
+# daemon : client list
+# The value for 'daemon' is determined by the name of the binary.
+# OpenSSH runs as 'sshd' so you would use 'sshd' for 'daemon'.
+# Client list can be a list of ip's or hostnames.
+
+# Allow only sshd connections from ips matching 192.168.0.*
+#sshd: 192.168.0.
+
+# Only allow sendmail connections from the localhost
+#sendmail: localhost
+
+# Allow everyone from foobar.edu to access everything except for
+# the terminalserver
+#ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
+++ /dev/null
-#!/sbin/runscript
-# Copyright 1999-2011 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-extra_commands="configtest modules virtualhosts"
-extra_started_commands="configdump fullstatus graceful gracefulstop reload"
-
-description_configdump="Dumps the configuration of the runing apache server. Requires server-info to be enabled and www-client/lynx."
-description_configtest="Run syntax tests for configuration files."
-description_fullstatus="Gives the full status of the server. Requires lynx and server-status to be enabled."
-description_graceful="A graceful restart advises the children to exit after the current request and reloads the configuration."
-description_gracefulstop="A graceful stop advises the children to exit after the current request and stops the server."
-description_modules="Dump a list of loaded Static and Shared Modules."
-description_reload="Kills all children and reloads the configuration."
-description_virtualhosts="Show the settings as parsed from the config file (currently only shows the virtualhost settings)."
-description_stop="Kills all children and stops the server."
-
-depend() {
- need net
- use mysql dns logger netmount postgresql
- after sshd
-}
-
-configtest() {
- ebegin "Checking ${SVCNAME} configuration"
- checkconfig
- eend $?
-}
-
-checkconfd() {
- if [ ! -f /etc/init.d/sysfs ]; then
- eerror "This init script works only with openrc (baselayout-2)."
- eerror "If you still need baselayout-1.x, please, use"
- eerror "apache2.initd-baselayout-1 from /usr/share/doc/apache2-*/"
- fi
-
- PIDFILE="${PIDFILE:-/var/run/apache2.pid}"
- TIMEOUT=${TIMEOUT:-15}
-
- SERVERROOT="${SERVERROOT:-/usr/lib64/apache2}"
- if [ ! -d ${SERVERROOT} ]; then
- eerror "SERVERROOT does not exist: ${SERVERROOT}"
- return 1
- fi
-
- CONFIGFILE="${CONFIGFILE:-/etc/apache2/httpd.conf}"
- [ "${CONFIGFILE#/}" = "${CONFIGFILE}" ] && CONFIGFILE="${SERVERROOT}/${CONFIGFILE}"
- if [ ! -r "${CONFIGFILE}" ]; then
- eerror "Unable to read configuration file: ${CONFIGFILE}"
- return 1
- fi
-
- APACHE2_OPTS="${APACHE2_OPTS} -d ${SERVERROOT}"
- APACHE2_OPTS="${APACHE2_OPTS} -f ${CONFIGFILE}"
- [ -n "${STARTUPERRORLOG}" ] && APACHE2_OPTS="${APACHE2_OPTS} -E ${STARTUPERRORLOG}"
-
- APACHE2="/usr/sbin/apache2"
-}
-
-checkconfig() {
- checkconfd || return 1
-
- ${APACHE2} ${APACHE2_OPTS} -t 1>/dev/null 2>&1
- ret=$?
- if [ $ret -ne 0 ]; then
- eerror "${SVCNAME} has detected an error in your setup:"
- ${APACHE2} ${APACHE2_OPTS} -t
- fi
-
- return $ret
-}
-
-start() {
- checkconfig || return 1
-
- ebegin "Starting ${SVCNAME}"
- # Use start stop daemon to apply system limits #347301
- start-stop-daemon --start -- ${APACHE2} ${APACHE2_OPTS} -k start
-
- i=0
- while [ ! -e "${PIDFILE}" ] && [ $i -lt ${TIMEOUT} ]; do
- sleep 1 && i=$(expr $i + 1)
- done
-
- eend $(test $i -lt ${TIMEOUT})
-}
-
-stop() {
- if [ "${RC_CMD}" = "restart" ]; then
- checkconfig || return 1
- else
- checkconfd || return 1
- fi
-
- PID=$(cat "${PIDFILE}" 2>/dev/null)
- if [ -z "${PID}" ]; then
- einfo "${SVCNAME} not running (no pid file)"
- return 0
- fi
-
- ebegin "Stopping ${SVCNAME}"
- ${APACHE2} ${APACHE2_OPTS} -k stop
-
- i=0
- while ( test -f "${PIDFILE}" && pgrep -P ${PID} apache2 >/dev/null ) \
- && [ $i -lt ${TIMEOUT} ]; do
- sleep 1 && i=$(expr $i + 1)
- done
-
- eend $(test $i -lt ${TIMEOUT})
-}
-
-reload() {
- RELOAD_TYPE="${RELOAD_TYPE:-graceful}"
-
- checkconfig || return 1
-
- if [ "${RELOAD_TYPE}" = "restart" ]; then
- ebegin "Restarting ${SVCNAME}"
- ${APACHE2} ${APACHE2_OPTS} -k restart
- eend $?
- elif [ "${RELOAD_TYPE}" = "graceful" ]; then
- ebegin "Gracefully restarting ${SVCNAME}"
- ${APACHE2} ${APACHE2_OPTS} -k graceful
- eend $?
- else
- eerror "${RELOAD_TYPE} is not a valid RELOAD_TYPE. Please edit /etc/conf.d/${SVCNAME}"
- fi
-}
-
-graceful() {
- checkconfig || return 1
- ebegin "Gracefully restarting ${SVCNAME}"
- ${APACHE2} ${APACHE2_OPTS} -k graceful
- eend $?
-}
-
-gracefulstop() {
- checkconfig || return 1
- ebegin "Gracefully stopping ${SVCNAME}"
- ${APACHE2} ${APACHE2_OPTS} -k graceful-stop
- eend $?
-}
-
-modules() {
- checkconfig || return 1
- ${APACHE2} ${APACHE2_OPTS} -M 2>&1
-}
-
-fullstatus() {
- LYNX="${LYNX:-lynx -dump}"
- STATUSURL="${STATUSURL:-http://localhost/server-status}"
-
- if ! type -p $(set -- ${LYNX}; echo $1) 2>&1 >/dev/null; then
- eerror "lynx not found! you need to emerge www-client/lynx"
- else
- ${LYNX} ${STATUSURL}
- fi
-}
-
-virtualhosts() {
- checkconfig || return 1
- ${APACHE2} ${APACHE2_OPTS} -S
-}
-
-configdump() {
- LYNX="${LYNX:-lynx -dump}"
- INFOURL="${INFOURL:-http://localhost/server-info}"
-
- checkconfd || return 1
-
- if ! type -p $(set -- ${LYNX}; echo $1) 2>&1 >/dev/null; then
- eerror "lynx not found! you need to emerge www-client/lynx"
- else
- echo "${APACHE2} started with '${APACHE2_OPTS}'"
- for i in config server list; do
- ${LYNX} "${INFOURL}/?${i}" | sed '/Apache Server Information/d;/^[[:space:]]\+[_]\+$/Q'
- done
- fi
-}
-
-# vim: ts=4 filetype=gentoo-init-d
#!/sbin/runscript
-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License, v2 or later
-# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.6/samba.initd,v 1.3 2011/09/14 22:52:33 polynomial-c Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.6/samba.initd,v 1.4 2014/03/14 09:30:41 polynomial-c Exp $
extra_started_commands="reload"
+piddir="/var/run/samba"
depend() {
after slapd
}
mkdir_sambadirs() {
- [ -d /var/run/samba ] || mkdir -p /var/run/samba
+ [ -d "${piddir}" ] || mkdir -p ${piddir}
}
start() {
+++ /dev/null
-# Apache2 logrotate snipet for Gentoo Linux
-# Contributes by Chuck Short
-#
-/var/log/apache2/*log {
- missingok
- notifempty
- sharedscripts
- postrotate
- /etc/init.d/apache2 reload > /dev/null 2>&1 || true
- endscript
-}
--- /dev/null
+/var/log/ConsoleKit/history {
+ monthly
+ rotate 6
+ delaycompress
+ compress
+ notifempty
+ missingok
+}
# Fedora Core
auth include system-auth
-auth optional pam_mate_keyring.so
+auth optional pam_gnome_keyring.so
account include system-auth
password include system-auth
session include system-auth
# SuSE/Novell
#auth include common-auth
-#auth optional pam_mate_keyring.so
+#auth optional pam_gnome_keyring.so
#account include common-account
#password include common-password
#session include common-session
~app-emulation/emul-linux-x86-qtlibs-20120520
~app-emulation/emul-linux-x86-soundlibs-20120520
~app-emulation/emul-linux-x86-xlibs-20120520
+~app-emulation/vagrant-1.4.3
app-emulation/virtualbox
app-emulation/virtualbox-additions
app-emulation/virtualbox-extpack-oracle
~dev-python/iniparse-0.4
~dev-python/jinja-2.7.1
~dev-python/netaddr-0.7.10_p20130801
+~dev-python/netaddr-0.7.11
~dev-python/netifaces-0.6
dev-python/pb-base
dev-python/pb-logging
~dev-ruby/dnsruby-1.53
~dev-ruby/zonecheck-3.0.4
+~dev-ruby/zonecheck-3.0.5
~dev-util/kbuild-0.1.9998_pre20120806
~dev-util/kbuild-0.1.9998_pre20131130
media-libs/libquicktime lame
media-libs/libvorbis aotuv
media-libs/libwmf -expat
-media-libs/mesa g3dvl gles gles1 gles2 llvm shared-dricore xa xvmc
+media-libs/mesa g3dvl gbm gles gles1 gles2 llvm shared-dricore xa xvmc
media-libs/netpbm rle
media-libs/openjpeg tools
media-libs/phonon gstreamer
--- /dev/null
+/etc/init.d/xdm
\ No newline at end of file
--- /dev/null
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACC/csXoOEX1zs2ulPcnyc5GS3sa9rSwJnPUX0oVbbfvoQAAAJCD3jXAg941
+wAAAAAtzc2gtZWQyNTUxOQAAACC/csXoOEX1zs2ulPcnyc5GS3sa9rSwJnPUX0oVbbfvoQ
+AAAEBP27g1NZ/yz7oKLaIY7Neu+9/YCzVqXS6Qv80OSimsk79yxeg4RfXOza6U9yfJzkZL
+exr2tLAmc9RfShVtt++hAAAAC3Jvb3RAc2FtYXJhAQI=
+-----END OPENSSH PRIVATE KEY-----
--- /dev/null
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL9yxeg4RfXOza6U9yfJzkZLexr2tLAmc9RfShVtt++h root@samara
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
+#HostKey /etc/ssh/ssh_host_ed25519_key
# "key type names" for X.509 certificates with RSA key
# Note first defined is used in signature operations!
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
+#PermitTTY yes
PrintMotd no
PrintLastLog no
TCPKeepAlive yes
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
+# PermitTTY no
# ForceCommand cvs server
# Allow client to pass locale environment variables #367017
+++ /dev/null
-Equifax_Secure_eBusiness_CA_2.pem
\ No newline at end of file
+++ /dev/null
-ca.pem
\ No newline at end of file
+++ /dev/null
-TC_TrustCenter_Universal_CA_III.pem
\ No newline at end of file
+++ /dev/null
-spi-ca-2003.pem
\ No newline at end of file
+++ /dev/null
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE config PUBLIC "-//ZoneCheck//DTD Config V1.0//EN" "config.dtd">
-<config>
-<!-- $Id: afnic.profile,v 1.8 2008/10/29 17:02:11 redon Exp $ -->
-
- <profile name="afnic"
- longdesc="delegation under .fr/.re done by AFNIC registry">
- <const name="registry" value="AFNIC"/>
-
- <!-- Minimum and maximum for SOA fields -->
- <!-- min: 0 / max: 2147483647 -->
- <const name="soa:expire:min" value="604800"/>
- <const name="soa:expire:max" value="60480000"/>
- <const name="soa:minimum:min" value="180"/>
- <const name="soa:minimum:max" value="604800"/>
- <const name="soa:refresh:min" value="3600"/>
- <const name="soa:refresh:max" value="172800"/>
- <const name="soa:retry:min" value="900"/>
- <const name="soa:retry:max" value="86400"/>
-
- <rules class="generic">
- <!-- Domain name check -->
- <check name="dn_sntx" severity="f" category="dns:sntx"/>
- <check name="dn_orp_hyph" severity="f" category="dns:sntx"/>
- <check name="dn_dbl_hyph" severity="w" category="dns:sntx"/>
- <check name="one_ns" severity="f" category="dns"/>
- <check name="several_ns" severity="f" category="dns"/>
-
- <!-- IP address check -->
- <check name="ip_distinct" severity="f" category="ip"/>
- <check name="ip_all_same_net" severity="w" category="ip"/>
- </rules>
-
- <rules class="nameserver">
- <!-- IP address check -->
- <check name="ip_private" severity="w" category="ip"/>
- <check name="ip_bogon" severity="w" category="ip"/>
- </rules>
-
-
- <rules class="address">
- <!-- Connectivity -->
- <check name="icmp" severity="w" category="connectivity:l3"/>
- <check name="udp" severity="f" category="connectivity:l4"/>
- <check name="tcp" severity="f" category="connectivity:l4"/>
-
- <!-- Interoperability -->
- <check name="aaaa" severity="f" category="dns:interop"/>
-
- <!-- SOA -->
- <check name="soa" severity="f" category="dns"/>
- <check name="soa_auth" severity="f" category="dns"/>
- <check name="given_nsprim_vs_soa" severity="w" category="dns"/>
- <check name="soa_master_fq" severity="w" category="dns:soa"/>
- <check name="soa_master_sntx" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx_at" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx" severity="f" category="dns:soa"/>
- <check name="soa_serial_fmt_YYYYMMDDnn" severity="w" category="dns:soa"/>
- <check name="soa_expire" severity="f" category="dns:soa"/>
- <check name="soa_minimum" severity="w" category="dns:soa"/>
- <check name="soa_refresh" severity="w" category="dns:soa"/>
- <check name="soa_retry" severity="w" category="dns:soa"/>
- <check name="soa_retry_refresh" severity="f" category="dns:soa"/>
- <check name="soa_expire_7refresh" severity="f" category="dns:soa"/>
- <check name="soa_ns_cname" severity="w" category="dns:soa"/>
- <check name="soa_vs_any" severity="f" category="dns:soa"/>
- <check name="soa_coherence_serial" severity="w" category="dns:soa"/>
- <check name="soa_coherence_contact" severity="f" category="dns:soa"/>
- <check name="soa_coherence_master" severity="f" category="dns:soa"/>
- <check name="soa_coherence" severity="w" category="dns:soa"/>
-
- <!-- NS -->
- <check name="ns" severity="f" category="dns:ns"/>
- <check name="ns_auth" severity="f" category="dns:ns"/>
- <check name="given_ns_vs_ns" severity="f" category="dns"/>
- <check name="ns_sntx" severity="f" category="dns:ns"/>
- <check name="ns_cname" severity="f" category="dns:ns"/>
- <check name="ns_vs_any" severity="f" category="dns:ns"/>
- <check name="ns_ip" severity="f" category="dns:ns"/>
- <check name="ns_reverse" severity="w" category="dns:ns"/>
- <check name="ns_matching_reverse" severity="w" category="dns:ns"/>
-
- <case test="mail_by_mx_or_a">
- <when value="MX">
- <check name="mx" severity="f" category="dns:mx"/>
- <check name="mx_auth" severity="f" category="dns:mx"/>
- <check name="mx_sntx" severity="f" category="dns:mx"/>
- <check name="mx_cname" severity="f" category="dns:mx"/>
- <check name="mx_no_wildcard" severity="i" category="dns:mx"/>
- <check name="mx_ip" severity="f" category="dns:mx"/>
- <check name="mx_vs_any" severity="f" category="dns:mx"/>
- </when>
- </case>
-
- <check name="correct_recursive_flag" severity="f" category="dns"/>
-
- <check name="not_recursive" severity="w" category="dns"/>
-
- <case test="recursive_server">
- <when value="true">
- <!-- Loopback -->
- <check name="loopback_delegation" severity="w" category="dns:loopback"/>
- <check name="loopback_host" severity="w" category="dns:loopback"/>
-
- <!-- Root servers -->
- <check name="root_servers" severity="f" category="dns:root"/>
- <check name="root_servers_ns_vs_icann" severity="f" category="dns:root"/>
- <check name="root_servers_ip_vs_icann" severity="w" category="dns:root"/>
- </when>
- </case>
- </rules>
-
- <rules class="extra">
- <!-- Mail -->
- <check name="mail_mx_or_addr" severity="w" category="mail"/>
- <case test="mail_delivery">
- <when value="nodelivery"/>
- <else>
- <check name="mail_delivery_postmaster" severity="w" category="mail:delivery"/>
- </else>
- </case>
- <check name="mail_hostmaster_mx_cname" severity="f" category="mail"/>
- </rules>
- </profile>
-
- <!-- Local Variables: -->
- <!-- mode: xml -->
- <!-- End: -->
-</config>
+++ /dev/null
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE config PUBLIC "-//ZoneCheck//DTD Config V1.0//EN" "config.dtd">
-<config>
-<!-- $Id: de.profile,v 1.6 2010/06/01 15:36:07 chabannf Exp $ -->
-
- <profile name="de"
- longdesc="delegation under .de done by DENIC registry">
- <const name="registry" value="DENIC"/>
-
- <!-- min: 0 / max: 2147483647 -->
- <const name="soa:expire:min" value="604800"/>
- <const name="soa:expire:max" value="3600000"/>
- <const name="soa:minimum:min" value="180"/>
- <const name="soa:minimum:max" value="345600"/>
- <const name="soa:refresh:min" value="3600"/>
- <const name="soa:refresh:max" value="86400"/>
- <const name="soa:retry:min" value="900"/>
- <const name="soa:retry:max" value="28800"/>
-
- <rules class="generic">
- <!-- Domain name check -->
- <check name="dn_sntx" severity="f" category="dns:sntx"/>
- <check name="dn_orp_hyph" severity="f" category="dns:sntx"/>
- <check name="dn_dbl_hyph" severity="w" category="dns:sntx"/>
- <check name="one_ns" severity="f" category="dns"/>
- <check name="several_ns" severity="f" category="dns"/>
-
- <!-- IP address check -->
- <check name="ip_distinct" severity="f" category="ip"/>
- <check name="ip_all_same_net" severity="w" category="ip"/>
-
- <!-- Interop -->
- <check name="delegation_udp512" severity="f" category="dns:interop"/>
- <check name="delegation_udp512_additional" severity="f" category="dns:interop"/>
- </rules>
-
- <rules class="nameserver">
- <!-- IP address check -->
- <check name="ip_private" severity="w" category="ip"/>
- <check name="ip_bogon" severity="w" category="ip"/>
- </rules>
-
-
- <rules class="address">
- <!-- Connectivity -->
- <check name="icmp" severity="w" category="connectivity:l3"/>
- <check name="udp" severity="f" category="connectivity:l4"/>
- <check name="tcp" severity="f" category="connectivity:l4"/>
-
- <!-- Interoperability -->
- <check name="aaaa" severity="f" category="dns:interop"/>
-
- <!-- SOA -->
- <check name="soa" severity="f" category="dns"/>
- <check name="soa_auth" severity="f" category="dns"/>
- <check name="given_nsprim_vs_soa" severity="f" category="dns"/>
- <check name="soa_master_fq" severity="w" category="dns:soa"/>
- <check name="soa_master_sntx" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx_at" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx" severity="f" category="dns:soa"/>
- <check name="soa_serial_fmt_YYYYMMDDnn" severity="w" category="dns:soa"/>
- <check name="soa_expire" severity="f" category="dns:soa"/>
- <check name="soa_minimum" severity="w" category="dns:soa"/>
- <check name="soa_refresh" severity="w" category="dns:soa"/>
- <check name="soa_retry" severity="w" category="dns:soa"/>
- <check name="soa_retry_refresh" severity="f" category="dns:soa"/>
- <check name="soa_expire_7refresh" severity="f" category="dns:soa"/>
- <check name="soa_ns_cname" severity="w" category="dns:soa"/>
- <check name="soa_vs_any" severity="f" category="dns:soa"/>
- <check name="soa_coherence_serial" severity="f" category="dns:soa"/>
- <check name="soa_coherence_contact" severity="f" category="dns:soa"/>
- <check name="soa_coherence_master" severity="f" category="dns:soa"/>
- <check name="soa_coherence" severity="f" category="dns:soa"/>
-
- <!-- NS -->
- <check name="ns" severity="f" category="dns:ns"/>
- <check name="ns_auth" severity="f" category="dns:ns"/>
- <check name="given_ns_vs_ns" severity="f" category="dns"/>
- <check name="ns_sntx" severity="f" category="dns:ns"/>
- <check name="ns_cname" severity="f" category="dns:ns"/>
- <check name="ns_vs_any" severity="f" category="dns:ns"/>
- <check name="ns_ip" severity="f" category="dns:ns"/>
- <check name="ns_reverse" severity="w" category="dns:ns"/>
- <check name="ns_matching_reverse" severity="w" category="dns:ns"/>
-
- <case test="mail_by_mx_or_a">
- <when value="MX">
- <check name="mx" severity="f" category="dns:mx"/>
- <check name="mx_auth" severity="f" category="dns:mx"/>
- <check name="mx_sntx" severity="f" category="dns:mx"/>
- <check name="mx_cname" severity="f" category="dns:mx"/>
- <check name="mx_no_wildcard" severity="i" category="dns:mx"/>
- <check name="mx_ip" severity="f" category="dns:mx"/>
- <check name="mx_vs_any" severity="f" category="dns:mx"/>
- </when>
- </case>
-
- <check name="not_recursive" severity="w" category="dns"/>
- <check name="correct_recursive_flag" severity="f" category="dns"/>
-
- <case test="recursive_server">
- <when value="true">
- <!-- Loopback -->
- <check name="loopback_delegation" severity="w" category="dns:loopback"/>
- <check name="loopback_host" severity="f" category="dns:loopback"/>
-
- <!-- Root servers -->
- <check name="root_servers" severity="f" category="dns:root"/>
- <check name="root_servers_ns_vs_icann" severity="f" category="dns:root"/>
- <check name="root_servers_ip_vs_icann" severity="w" category="dns:root"/>
- </when>
- </case>
- </rules>
-
- <rules class="extra">
- <!-- Mail -->
- <check name="mail_mx_or_addr" severity="w" category="mail"/>
- <case test="mail_delivery">
- <when value="nodelivery"/>
- <else>
- <check name="mail_openrelay_domain" severity="w" category="mail:openrelay"/>
- <check name="mail_delivery_postmaster" severity="w" category="mail:delivery"/>
- </else>
- </case>
- <check name="mail_hostmaster_mx_cname" severity="f" category="mail"/>
- <check name="mail_openrelay_hostmaster" severity="w" category="mail:openrelay"/>
- <check name="mail_delivery_hostmaster" severity="f" category="mail:delivery"/>
- </rules>
- </profile>
-
- <!-- Local Variables: -->
- <!-- mode: xml -->
- <!-- End: -->
-</config>
+++ /dev/null
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE config PUBLIC "-//ZoneCheck//DTD Config V1.0//EN" "config.dtd">
-<config>
-<!-- $Id: default.profile,v 1.7 2010/06/29 13:12:22 chabannf Exp $ -->
-
- <profile name="default"
- longdesc="default profile for checking delegations">
- <const name="registry" value="default"/>
-
- <rules class="generic">
- <!-- Domain name check -->
- <check name="dn_sntx" severity="f" category="dns:sntx"/>
- <check name="dn_orp_hyph" severity="f" category="dns:sntx"/>
- <check name="dn_dbl_hyph" severity="w" category="dns:sntx"/>
- <check name="one_ns" severity="f" category="dns">
- <check name="several_ns" severity="f" category="dns"/>
- </check>
-
- <!-- IP address check -->
- <check name="ip_distinct" severity="f" category="ip"/>
- <check name="ip_all_same_net" severity="w" category="ip"/>
- <check name="all_same_asn" severity="w" category="ip"/>
-
- <!-- Interop -->
- <check name="delegation_udp512" severity="f" category="dns:interop"/>
- <check name="delegation_udp512_additional" severity="w" category="dns:interop"/>
- </rules>
-
- <rules class="nameserver">
- <!-- IP address check -->
- <check name="ip_private" severity="w" category="ip"/>
- <check name="ip_bogon" severity="w" category="ip"/>
- </rules>
-
-
- <rules class="address">
- <!-- Connectivity -->
- <check name="icmp" severity="w" category="connectivity:l3"/>
- <check name="udp" severity="f" category="connectivity:l4"/>
- <check name="tcp" severity="f" category="connectivity:l4"/>
-
- <!-- Interoperability -->
- <check name="aaaa" severity="f" category="dns:interop"/>
-
- <!-- SOA -->
- <check name="soa" severity="f" category="dns">
- <check name="soa_auth" severity="f" category="dns"/>
- <check name="given_nsprim_vs_soa" severity="f" category="dns"/>
- <check name="soa_master_fq" severity="w" category="dns:soa"/>
- <check name="soa_master_sntx" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx_at" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx" severity="f" category="dns:soa"/>
- <check name="soa_serial_fmt_YYYYMMDDnn" severity="w" category="dns:soa"/>
- <check name="soa_expire" severity="f" category="dns:soa"/>
- <check name="soa_minimum" severity="w" category="dns:soa"/>
- <check name="soa_refresh" severity="w" category="dns:soa"/>
- <check name="soa_retry" severity="w" category="dns:soa"/>
- <check name="soa_retry_refresh" severity="f" category="dns:soa"/>
- <check name="soa_expire_7refresh" severity="f" category="dns:soa"/>
- <check name="soa_ns_cname" severity="w" category="dns:soa"/>
- <check name="soa_vs_any" severity="f" category="dns:soa"/>
- <check name="soa_drift_serial" severity="w" category="dns:soa"/>
- <check name="soa_coherence_serial" severity="f" category="dns:soa"/>
- <check name="soa_coherence_contact" severity="f" category="dns:soa"/>
- <check name="soa_coherence_master" severity="w" category="dns:soa"/>
- <check name="soa_coherence" severity="w" category="dns:soa"/>
- </check>
-
- <!-- NS -->
- <check name="ns" severity="f" category="dns:ns">
- <check name="ns_auth" severity="f" category="dns:ns"/>
- <check name="given_ns_vs_ns" severity="f" category="dns"/>
- <check name="ns_sntx" severity="f" category="dns:ns"/>
- <check name="ns_cname" severity="f" category="dns:ns"/>
- <check name="ns_vs_any" severity="f" category="dns:ns"/>
- <check name="ns_ip" severity="f" category="dns:ns"/>
- <check name="ns_reverse" severity="w" category="dns:ns"/>
- <check name="ns_matching_reverse" severity="w" category="dns:ns"/>
- </check>
-
- <case test="mail_by_mx_or_a">
- <when value="MX">
- <check name="mx" severity="f" category="dns:mx">
- <check name="mx_auth" severity="f" category="dns:mx"/>
- <check name="mx_sntx" severity="f" category="dns:mx"/>
- <check name="mx_cname" severity="f" category="dns:mx"/>
- <check name="mx_no_wildcard" severity="i" category="dns:mx"/>
- <check name="mx_ip" severity="f" category="dns:mx"/>
- <check name="mx_vs_any" severity="f" category="dns:mx"/>
- </check>
- </when>
- </case>
-
- <check name="correct_recursive_flag" severity="f" category="dns"/>
-
- <case test="recursive_server">
- <when value="true">
- <!-- Loopback -->
- <check name="loopback_delegation" severity="w" category="dns:loopback"/>
- <check name="loopback_host" severity="f" category="dns:loopback"/>
-
- <!-- Root servers -->
- <check name="root_servers" severity="f" category="dns:root">
- <check name="root_servers_ns_vs_icann" severity="f" category="dns:root"/>
- <check name="root_servers_ip_vs_icann" severity="w" category="dns:root"/>
- </check>
- </when>
- </case>
- </rules>
-
-
- <rules class="extra">
- <!-- Mail -->
- <check name="mail_mx_or_addr" severity="w" category="mail"/>
- <case test="mail_delivery">
- <when value="nodelivery"/>
- <else>
- <check name="mail_openrelay_domain" severity="w" category="mail:openrelay"/>
- <check name="mail_delivery_postmaster" severity="w" category="mail:delivery"/>
- </else>
- </case>
- <check name="mail_hostmaster_mx_cname" severity="f" category="mail"/>
- <check name="mail_openrelay_hostmaster" severity="w" category="mail:openrelay"/>
- <check name="mail_delivery_hostmaster" severity="f" category="mail:delivery"/>
- </rules>
-
- <rules class="dnssec">
- <case test="dnssec_policy">
- <when value="full">
- <case test="a_ds_or_dnskey_is_given">
- <when value="true">
- <check name="ds_and_dnskey_coherence" severity="f" category="dns:dnssec"/>
- </when>
- </case>
- <check name="edns" severity="f" category="dns:dnssec">
- <check name="one_dnskey" severity="f" category="dns:dnssec">
- <check name="several_dnskey" severity="w" category="dns:dnssec"/>
- </check>
- <check name="has_soa_rrsig" severity="f" category="dns:dnssec">
- <check name="zsk_and_ksk" severity="w" category="dns:dnssec"/>
- <check name="key_length" severity="w" category="dns:dnssec"/>
- <check name="soa_rrsig_expiration" severity="w" category="dns:dnssec"/>
- <check name="soa_rrsig_validity_period" severity="w" category="dns:dnssec"/>
- <check name="algorithm" severity="w" category="dns:dnssec">
- <check name="verify_soa_rrsig" severity="f" category="dns:dnssec"/>
- </check>
- </check>
- </check>
- </when>
- <when value="lax">
- <check name="edns" severity="w" category="dns:dnssec">
- <check name="one_dnskey" severity="w" category="dns:dnssec">
- <check name="several_dnskey" severity="w" category="dns:dnssec"/>
- </check>
- <check name="has_soa_rrsig" severity="w" category="dns:dnssec">
- <check name="zsk_and_ksk" severity="w" category="dns:dnssec"/>
- <check name="key_length" severity="w" category="dns:dnssec"/>
- <check name="soa_rrsig_expiration" severity="w" category="dns:dnssec"/>
- <check name="soa_rrsig_validity_period" severity="w" category="dns:dnssec"/>
- <check name="algorithm" severity="w" category="dns:dnssec">
- <check name="verify_soa_rrsig" severity="w" category="dns:dnssec"/>
- </check>
- </check>
- </check>
- </when>
- </case>
- </rules>
-
- </profile>
-
- <!-- Local Variables: -->
- <!-- mode: xml -->
- <!-- End: -->
-</config>
+++ /dev/null
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE config PUBLIC "-//ZoneCheck//DTD Config V1.0//EN" "config.dtd">
-<config>
-<!-- $Id: reverse.profile,v 1.4 2010/06/01 15:36:07 chabannf Exp $ -->
-
- <profile name="reverse"
- longdesc="default profile for checking reverse delegations">
- <const name="registry" value="reverse"/>
-
- <rules class="generic">
- <!-- Domain name check -->
- <check name="dn_sntx" severity="f" category="dns:sntx"/>
- <check name="dn_orp_hyph" severity="f" category="dns:sntx"/>
- <check name="dn_dbl_hyph" severity="w" category="dns:sntx"/>
- <check name="one_ns" severity="f" category="dns"/>
- <check name="several_ns" severity="f" category="dns"/>
-
- <!-- IP address check -->
- <check name="ip_distinct" severity="f" category="ip"/>
- <check name="ip_all_same_net" severity="w" category="ip"/>
- </rules>
-
-
- <rules class="nameserver">
- <!-- IP address check -->
- <check name="ip_private" severity="w" category="ip"/>
- <check name="ip_bogon" severity="w" category="ip"/>
- </rules>
-
-
- <rules class="address">
- <!-- Connectivity -->
- <check name="icmp" severity="w" category="connectivity:l3"/>
- <check name="udp" severity="f" category="connectivity:l4"/>
- <check name="tcp" severity="f" category="connectivity:l4"/>
-
- <!-- Interoperability -->
- <check name="aaaa" severity="f" category="dns:interop"/>
-
- <!-- SOA -->
- <check name="soa" severity="f" category="dns"/>
- <check name="soa_auth" severity="f" category="dns"/>
- <check name="given_nsprim_vs_soa" severity="f" category="dns"/>
- <check name="soa_master_fq" severity="w" category="dns:soa"/>
- <check name="soa_master_sntx" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx_at" severity="f" category="dns:soa"/>
- <check name="soa_contact_sntx" severity="f" category="dns:soa"/>
- <check name="soa_serial_fmt_YYYYMMDDnn" severity="w" category="dns:soa"/>
- <check name="soa_expire" severity="f" category="dns:soa"/>
- <check name="soa_minimum" severity="w" category="dns:soa"/>
- <check name="soa_refresh" severity="w" category="dns:soa"/>
- <check name="soa_retry" severity="w" category="dns:soa"/>
- <check name="soa_retry_refresh" severity="f" category="dns:soa"/>
- <check name="soa_expire_7refresh" severity="f" category="dns:soa"/>
- <check name="soa_ns_cname" severity="w" category="dns:soa"/>
- <check name="soa_vs_any" severity="f" category="dns:soa"/>
- <check name="soa_coherence_serial" severity="f" category="dns:soa"/>
- <check name="soa_coherence_contact" severity="f" category="dns:soa"/>
- <check name="soa_coherence_master" severity="f" category="dns:soa"/>
- <check name="soa_coherence" severity="f" category="dns:soa"/>
-
- <!-- NS -->
- <check name="ns" severity="f" category="dns:ns"/>
- <check name="ns_auth" severity="f" category="dns:ns"/>
- <check name="given_ns_vs_ns" severity="f" category="dns"/>
- <check name="ns_sntx" severity="f" category="dns:ns"/>
- <check name="ns_cname" severity="f" category="dns:ns"/>
- <check name="ns_vs_any" severity="f" category="dns:ns"/>
- <check name="ns_ip" severity="f" category="dns:ns"/>
- <check name="ns_reverse" severity="w" category="dns:ns"/>
- <check name="ns_matching_reverse" severity="w" category="dns:ns"/>
-
- <case test="mail_by_mx_or_a">
- <when value="MX">
- <check name="mx" severity="f" category="dns:mx"/>
- <check name="mx_auth" severity="f" category="dns:mx"/>
- <check name="mx_sntx" severity="f" category="dns:mx"/>
- <check name="mx_cname" severity="f" category="dns:mx"/>
- <check name="mx_no_wildcard" severity="i" category="dns:mx"/>
- <check name="mx_ip" severity="f" category="dns:mx"/>
- <check name="mx_vs_any" severity="f" category="dns:mx"/>
- </when>
- </case>
-
- <check name="correct_recursive_flag" severity="f" category="dns"/>
-
- <case test="recursive_server">
- <when value="true">
- <!-- Loopback -->
- <check name="loopback_delegation" severity="w" category="dns:loopback"/>
- <check name="loopback_host" severity="f" category="dns:loopback"/>
-
- <!-- Root servers -->
- <check name="root_servers" severity="f" category="dns:root"/>
- <check name="root_servers_ns_vs_icann" severity="f" category="dns:root"/>
- <check name="root_servers_ip_vs_icann" severity="w" category="dns:root"/>
- </when>
- </case>
- </rules>
-
-
- <rules class="extra"/>
- </profile>
-
- <!-- Local Variables: -->
- <!-- mode: xml -->
- <!-- End: -->
-</config>
+++ /dev/null
-# $Id: rootservers,v 1.8 2010/06/18 13:28:09 bortzmeyer Exp $
-#
-# This file is in YAML format
-# ( for more information about YAML see: http://yaml.org/ )
-#
-# Tips:
-# - don't use tabulation
-# - don't forget the final dot of the name servers
-#
-#
-# This list can be generated by the following shell-script (sh):
-#
-# for ns in `dig +short . ns | tr 'A-Z' 'a-z' | sort` ; do
-# ips=`(dig +short $ns a; dig +short $ns aaaa) | tr '\n' ',' | sed 's/,$//'`
-# echo "$ns: [ $ips ]"
-# done
-# TODO: bad syntax?
-
-a.root-servers.net.: [ 198.41.0.4 , 2001:503:ba3e::2:30 ]
-b.root-servers.net.: [ 192.228.79.201 ]
-c.root-servers.net.: [ 192.33.4.12 ]
-d.root-servers.net.: [ 128.8.10.90 ]
-e.root-servers.net.: [ 192.203.230.10 ]
-f.root-servers.net.: [ 192.5.5.241 , 2001:500:2f::f ]
-g.root-servers.net.: [ 192.112.36.4 ]
-h.root-servers.net.: [ 128.63.2.53 , 2001:500:1::803f:235 ]
-i.root-servers.net.: [ 192.36.148.17, 2001:7FE:0:0:0:0:0:53 ]
-j.root-servers.net.: [ 192.58.128.30 , 2001:503:c27::2:30 ]
-k.root-servers.net.: [ 193.0.14.129 , 2001:7fd::1 ]
-l.root-servers.net.: [ 199.7.83.42 , 2001:500:3::42 ]
-m.root-servers.net.: [ 202.12.27.33 , 2001:dc3::35 ]
+++ /dev/null
-<?xml version='1.0' encoding='UTF-8'?>
-<!DOCTYPE config PUBLIC "-//ZoneCheck//DTD Config V1.0//EN" "config.dtd">
-<config>
-<!-- $Id: zc.conf,v 1.23 2010/06/17 08:22:56 chabannf Exp $ -->
-
- <!-- [ Preset configurations ] -->
- <!-- -->
- <!-- Can be reverted -->
- <!-- verbose: intro,testname,explain,details,reportok,fatalonly -->
- <!-- testdesc,counter -->
- <!-- transp : ipv4,ipv6,udp,tcp,std -->
- <!-- output : byseverity,byhost,text,html -->
- <!-- error : allfatal,allwarning,dfltseverity,stop,nostop -->
- <!-- Cannot be reverted -->
- <!-- quiet : any values enable this mode -->
- <!-- one : any values enable this mode -->
- <!-- -->
- <preset name="default">
- <param name="verbose" value="explain,details,intro,counter"/>
- </preset>
-
- <preset name="verbose">
- <param name="transp" value="ipv4,ipv6,std"/>
- <param name="output" value="byseverity,text"/>
- <param name="verbose" value="explain,details,intro,counter"/>
- <param name="error" value="dfltseverity"/>
- </preset>
-
- <preset name="minimal">
- <param name="verbose" value="explain,details,fatalonly"/>
- <param name="error" value="stop"/>
- <param name="quiet" value=""/>
- </preset>
-
-
- <!-- [ Constants ] -->
- <!-- -->
- <!-- We are providing here default values that can be -->
- <!-- overwritten in the different profiles -->
- <!-- -->
-
- <!-- For connectivity testing -->
- <!-- the '%s' will be replaced by the IP address -->
- <const name="ping4" value="ping -n -q -w 5 -c 5 %s >/dev/null"/>
- <const name="ping6" value="ping6 -n -q -w 5 -c 5 %s >/dev/null"/>
-
- <const name="dnsruby:retrytimes" value="1"/>
- <const name="dnsruby:retrydelay" value="1"/>
- <const name="dnsruby:querytimeout" value="2"/>
-
- <!-- For openrelay testing -->
- <const name="fake_mail_user" value="zonecheck"/>
- <const name="fake_mail_dest" value="nic.fr"/>
- <const name="fake_mail_from" value="afnic.fr"/>
- <const name="fake_mail_host" value="relay2.nic.fr"/>
-
- <!-- For delegation in 512 bytes tests -->
- <const name="inexistant_hostname" value="doesntexist"/>
- <const name="delegation_query_size" value="255"/>
-
- <!-- Minimum and maximum for SOA fields -->
- <!-- min: 0 / max: 2147483647 -->
- <const name="soa:expire:min" value="604800"/>
- <const name="soa:expire:max" value="3628800"/>
- <const name="soa:minimum:min" value="180"/>
- <const name="soa:minimum:max" value="604800"/>
- <const name="soa:refresh:min" value="3600"/>
- <const name="soa:refresh:max" value="172800"/>
- <const name="soa:retry:min" value="900"/>
- <const name="soa:retry:max" value="86400"/>
- <const name="rrsig:validityperiod:min" value="259560"/>
- <const name="rrsig:validityperiod:max" value="16070400"/>
-
- <!-- Allowed serial drift for SOA -->
- <!-- . A drift of the serial number can be allowed between -->
- <!-- the master and its slaves, to try avoiding reporting errors -->
- <!-- due to the zone transfert being done -->
- <!-- . If the serial follow rfc1912 recommandation and use the -->
- <!-- YYYYMMDDnn format the soa:serial:drift_days will be applied -->
- <!-- otherwise the soa:serial:drift_ticks -->
- <!-- Value must be >= 0 (use carefully) -->
- <const name="soa:serial:drift_days" value="200"/>
- <const name="soa:serial:drift_ticks" value="100"/>
-
- <!-- SMTP testing -->
- <!-- The following timeout value (in seconds) can be specified -->
- <!-- . open: time allowed to TCP for establishing the connection -->
- <!-- . session: time allowed for the whole session -->
- <!-- (note: time required for establishing the TCP session -->
- <!-- is not taken into account) -->
- <const name="smtp:open:timeout" value="10"/>
- <const name="smtp:session:timeout" value="40"/>
-
- <!-- [ Mapping ] -->
- <!-- -->
- <!-- Allow to automatically apply a particular test profile -->
- <!-- by looking at the zone in which the domain belongs -->
- <!-- -->
-
- <!-- Reverse -->
- <map zone="in-addr.arpa." profile="reverse"/>
- <map zone="ip6.arpa." profile="reverse"/>
- <map zone="ip6.int." profile="reverse"/>
-
- <!-- TLD / ccTLD -->
- <!-- You need to realize that you can obtain different results -->
- <!-- for the same zone configuration if they belong to different -->
- <!-- TLD /ccTLD as they will now use a different profile -->
- <!-- Now that you have been informed, you can uncomment the -->
- <!-- following lines -->
-<!-- <map zone="fr." profile="afnic"/> -->
-<!-- <map zone="re." profile="afnic"/> -->
-<!-- <map zone="de." profile="de"/> -->
-
- <!-- Default -->
- <map zone="." profile="default"/>
-
-
- <!-- Local Variables: -->
- <!-- mode: xml -->
- <!-- End: -->
-</config>
projects / config / samara / etc.git / commitdiff