From: Frank Brehm Date: Mon, 30 Jul 2012 10:09:17 +0000 (+0200) Subject: New state after crashing and rebuild machine X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=0d737653340f452cd70b72d7317f1a6a351e08d7;p=config%2Fhelga%2Fetc.git New state after crashing and rebuild machine --- diff --git a/.rcs/amavisd.conf,v b/.rcs/amavisd.conf,v deleted file mode 100644 index 1be6eba..0000000 --- a/.rcs/amavisd.conf,v +++ /dev/null @@ -1,2725 +0,0 @@ -head 1.4; -access; -symbols; -locks; strict; -comment @# @; - - -1.4 -date 2010.12.01.23.32.18; author root; state Exp; -branches; -next 1.3; - -1.3 -date 2010.12.01.15.48.50; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.05.27.13.09.20; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.26.13.08.21; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.4 -log -@Checked in. -@ -text -@use strict; - -# Sample configuration file for amavisd-new (traditional style, chatty, -# you may prefer to start with the more concise supplied amavisd.conf) -# -# See amavisd.conf-default for a list of all variables with their defaults; -# for more details see documentation in INSTALL, README_FILES/* -# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html - -# This software is licensed under the GNU General Public License (GPL). -# See comments at the start of amavisd-new for the whole license text. - -#Sections: -# Section I - Essential daemon and MTA settings -# Section II - MTA specific -# Section III - Logging -# Section IV - Notifications/DSN, bounce/reject/discard/pass, quarantine -# Section V - Per-recipient and per-sender handling, whitelisting, etc. -# Section VI - Resource limits -# Section VII - External programs, virus scanners, SpamAssassin -# Section VIII - Debugging -# Section IX - Policy banks (dynamic policy switching) - -#GENERAL NOTES: -# This file is a normal Perl code, interpreted by Perl itself. -# - make sure this file (or directory where it resides) is NOT WRITABLE -# by mere mortals (not even vscan/amavis; best to make it owned by root), -# otherwise it can represent a severe security risk! -# - for values which are interpreted as booleans, it is recommended -# to use 1 for true, and 0 or undef or '' for false; -# Note that this interpretation of boolean values does not apply directly -# to LDAP and SQL lookups, which follow their own rules - see README.lookups -# and README.ldap (in short: use Y/N in SQL, and TRUE/FALSE in LDAP); -# - Perl syntax applies. Most notably: strings in "" may include variables -# (which start with $ or @@); to include characters $ and @@ and \ in double -# quoted strings precede them by a backslash; in single-quoted strings -# the $ and @@ lose their special meaning, so it is usually easier to use -# single quoted strings (or qw operator) for e-mail addresses. -# In both types of quoting a backslash should to be doubled. -# - variables with names starting with a '@@' are lists, the values assigned -# to them should be lists too, e.g. ('one@@foo', $mydomain, "three"); -# note the comma-separation and parenthesis. If strings in the list -# do not contain spaces nor variables, a Perl operator qw() may be used -# as a shorthand to split its argument on whitespace and produce a list -# of strings, e.g. qw( one@@foo example.com three ); Note that the argument -# to qw is quoted implicitly and no variable interpretation is done within -# (no '$' variable evaluations). The #-initiated comments can NOT be used -# within a string. In other words, $ and # lose their special meaning -# within a qw argument, just like within '...' strings. -# - all e-mail addresses in this file and as used internally by the daemon -# are in their raw (rfc2821-unquoted and non-bracketed) form, i.e. -# Bob "Funny" Dude@@example.com, not: "Bob \"Funny\" Dude"@@example.com -# and not <"Bob \"Funny\" Dude"@@example.com>; also: '' and not '<>'. -# - the term 'default value' in examples below refers to the value of a -# variable pre-assigned to it by the program; any explicit assignment -# to a variable in this configuration file overrides the default value; - - -# -# Section I - Essential daemon and MTA settings -# - -# $MYHOME serves as a quick default for some other configuration settings. -# More refined control is available with each individual setting further down. -# $MYHOME is not used directly by the program. No trailing slash! -$MYHOME = '/var/amavis'; # (default is '/var/amavis'), -H - -# $mydomain serves as a quick default for some other configuration settings. -# More refined control is available with each individual setting further down. -# $mydomain is never used directly by the program. -$mydomain = 'brehm-online.com'; # (no useful default) - -# $myhostname = 'host.example.com'; # fqdn of this host, default by uname(3) -$myhostname = 'helga.brehm-online.com'; - -# Set the user and group to which the daemon will change if started as root -# (otherwise just keeps the UID unchanged, and these settings have no effect): -$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u -$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g - -# Runtime working directory (cwd), and a place where -# temporary directories for unpacking mail are created. -# (no trailing slash, may be a scratch file system) -#$TEMPBASE = $MYHOME; # (must be set if other config vars use is), -T -$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? - -#$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db", -D - -# $helpers_home sets environment variable HOME, and is passed as option -# 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory -# on a normal persistent file system, not a scratch or temporary file system -#$helpers_home = $MYHOME; # (defaults to $MYHOME), -S - -# Run the daemon in the specified chroot jail if nonempty: -#$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot), -R - -#$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid"), -P -#$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock"), -L - -# set environment variables if you want (no defaults): -$ENV{TMPDIR} = $TEMPBASE; # used for SA temporary files, by some decoders, etc. - -$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) -$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 - -$enable_dkim_verification = 0; # enable DKIM signatures verification -$enable_dkim_signing = 0; # load DKIM signing code, keys defined by dkim_key - -# MTA SETTINGS, UNCOMMENT AS APPROPRIATE, -# both $forward_method and $notify_method default to 'smtp:[127.0.0.1]:10025' - -# POSTFIX, or SENDMAIL in dual-MTA setup, or EXIM V4 -# (set host and port number as required; host can be specified -# as an IP address or a DNS name (A or CNAME, but MX is ignored) -#$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail -#$notify_method = $forward_method; # where to submit notifications - -#$os_fingerprint_method = 'p0f:127.0.0.1:2345'; # query p0f-analyzer.pl - -# To make it possible for several hosts to share one content checking daemon, -# the IP address and/or the port number in $forward_method and $notify_method -# may be spacified as an asterisk. An asterisk in the colon-separated -# second field (host) will be replaced by the SMTP client peer address, -# An asterisk in the third field (tcp port) will be replaced by the incoming -# SMTP/LMTP session port number plus one. This obsoletes the previously used -# less flexible configuration parameter $relayhost_is_client. An example: -# $forward_method = 'smtp:*:*'; $notify_method = 'smtp:*:10587'; - - -# NOTE: The defaults (above) are good for Postfix or dual-sendmail. You MUST -# uncomment the appropriate settings below if using other setups! - -# SENDMAIL MILTER, using amavis-milter.c helper program: -#$forward_method = undef; # no explicit forwarding, sendmail does it by itself -# milter; option -odd is needed to avoid deadlocks -#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -odd -f ${sender} -- ${recipient}'; -# just a thought: can we use use -Am instead of -odd ? - -# SENDMAIL (old non-milter setup, as relay, deprecated): -#$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail -C/etc/sendmail.orig.cf -i -f ${sender} -- ${recipient}'; -#$notify_method = $forward_method; - -# SENDMAIL (old non-milter setup, amavis.c calls local delivery agent, deprecated): -#$forward_method = undef; # no explicit forwarding, amavis.c will call LDA -#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -f ${sender} -- ${recipient}'; - -# EXIM v3 (not recommended with v4 or later, which can use SMTP setup instead): -#$forward_method = 'pipe:flags=q argv=/usr/sbin/exim -oMr scanned-ok -i -f ${sender} -- ${recipient}'; -#$notify_method = $forward_method; - -# COURIER using courierfilter -#$forward_method = undef; # no explicit forwarding, Courier does it itself -#$notify_method = 'pipe:flags=q argv=perl -e $pid=fork();if($pid==-1){exit(75)}elsif($pid==0){exec(@@ARGV)}else{exit(0)} /usr/sbin/sendmail -f ${sender} -- ${recipient}'; -# Only set $courierfilter_shutdown to 1 if you are using courierfilter to -# control the startup and shutdown of amavis -#$courierfilter_shutdown = 1; # (default 0) - -# prefer to collect mail for forwarding as BSMTP files? -#$forward_method = "bsmtp:$MYHOME/out-%i-%n.bsmtp"; -#$notify_method = $forward_method; - -@@auth_mech_avail = qw(PLAIN LOGIN); -$auth_required_inp = 0; -$auth_required_out = 0; - -# Net::Server pre-forking settings -# The $max_servers should match the width of your MTA pipe -# feeding amavisd, e.g. with Postfix the 'Max procs' field in the -# master.cf file, like the '2' in the: smtp-amavis unix - - n - 2 smtp -# -$max_servers = 2; # num of pre-forked children (2..30 is common), -m -$max_requests = 20; # retire a child after that many accepts (default 20) - -$child_timeout=5*60; # abort child if it does not complete its processing in - # approximately n seconds (default: 8*60 seconds) - -$smtpd_timeout = 120; # disconnect session if client is idle for too long - # (default: 8*60 seconds); should be higher than a - # Postfix setting max_idle (default 100s) - -# Here is a QUICK WAY to completely DISABLE some sections of code -# that WE DO NOT WANT (it won't even be compiled-in). -# For more refined controls leave the following two lines commented out, -# and see further down what these two lookup lists really mean. -# -# @@bypass_virus_checks_maps = (1); # controls running of anti-virus code -# @@bypass_spam_checks_maps = (1); # controls running of anti-spam code -# $bypass_decode_parts = 1; # controls running of decoders&dearchivers -# -# Any setting can be changed with a new assignment, so make sure -# you do not unintentionally override these settings further down! - -# Check also the settings of @@av_scanners at the end if you want to use -# virus scanners. If not, you may want to delete the whole long assignment -# to the variable @@av_scanners and @@av_scanners_backup, which will also -# remove the virus checking code (e.g. if you only want to do spam scanning). - - -# Lookup list of local domains (see README.lookups for syntax details) -# -# @@local_domains_maps is a list of lookup tables which are used in deciding -# whether a recipient is local or not, or in other words, if the message is -# outgoing or not. This affects inserting spam-related and OS fingerprinting -# header fields for local recipients, editing Subject header field and allowing -# mail body defanging, limiting recipient notifications to local recipients, -# in deciding if address extension may be appended, in matching mail addresses -# to non-fqdn SQL record keys, for proper operation of pen pals feature, -# for selecting statistics counters (distinguishing outgoing from internal- -# to internal mail), and possibly more in future versions. -# Set it up correctly if you need features that rely on this setting. -# -# With Postfix (2.0) a quick hint on what local domains normally are: -# a union of domains specified in: mydestination, virtual_alias_domains, -# virtual_mailbox_domains, and relay_domains. - -@@local_domains_maps = ( [".$mydomain"] ); # $mydomain and its subdomains -# @@local_domains_maps = (); # default is empty list, no recip. considered local -# @@local_domains_maps = # using ACL lookup table -# ( [ ".$mydomain", 'sub.example.net', '.example.com' ] ); -# @@local_domains_maps = # similar, split list elements on whitespace -# ( [qw( .example.com !host.sub.example.net .sub.example.net )] ); -# @@local_domains_maps = ( new_RE( qr'[@@.]example\.com$'i ) ); # using regexp -# @@local_domains_maps = ( read_hash("$MYHOME/local_domains") ); # using hash -# perhaps combined with Postfix: mydestination = /var/amavis/local_domains -# for debugging purposes: dump_hash($local_domains_maps[0]); -# -# Section II - MTA specific (defaults should be ok) -# - -#$insert_received_line = 1; # behave like MTA: insert 'Received:' header - # (does not apply to sendmail/milter) - # (default is true) - -# AMAVIS-CLIENT AND COURIER PROTOCOL INPUT SETTINGS (e.g. amavisd-release, or -# sendmail milter through helper clients like amavis-milter.c and amavis.c) -# option(s) -p overrides $inet_socket_port and $unix_socketname -$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket -#$unix_socketname = undef; # disable listening on a unix socket - # (default is undef, i.e. disabled) -#$unix_socketname = "/var/lib/courier/allfilters/amavisd"; # Courier socket - # (usual setting is $MYHOME/amavisd.sock) - -# SMTP SERVER (INPUT) PROTOCOL SETTINGS (e.g. with Postfix, Exim v4, ...) -# (used when MTA is configured to pass mail to amavisd via SMTP or LMTP) -$inet_socket_port = 10024; # accept SMTP on this local TCP port - # (default is undef, i.e. disabled) -# multiple ports may be provided: $inet_socket_port = [10024, 10026, 10028]; - -# SMTP SERVER (INPUT) access control -# - do not allow free access to the amavisd SMTP port !!! -# -# when MTA is at the same host, use the following (one or the other or both): -#$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface - # (default is '127.0.0.1') -@@inet_acl = qw(127.0.0.1 [::1]); # allow SMTP access only from localhost IP - # (default is qw(127.0.0.1 [::1]) ) - -# when MTA (one or more) is on a different host, use the following: -#@@inet_acl = qw(127.0.0.0/8 [::1] 10.1.0.1 10.1.0.2); # adjust list as needed -#$inet_socket_bind = undef; # bind to all IP interfaces if undef - -# -# Example1: -# @@inet_acl = qw( 127/8 10/8 172.16/12 192.168/16 ); -# permit only SMTP access from loopback and rfc1918 private address space -# -# Example2: -# @@inet_acl = qw( !192.168.1.12 172.16.3.3 !172.16.3/255.255.255.0 -# 127.0.0.1 10/8 172.16/12 192.168/16 ); -# matches loopback and rfc1918 private address space except host 192.168.1.12 -# and net 172.16.3/24 (but host 172.16.3.3 within 172.16.3/24 still matches) -# -# Example3: -# @@inet_acl = qw( 127/8 -# !172.16.3.0 !172.16.3.127 172.16.3.0/25 -# !172.16.3.128 !172.16.3.255 172.16.3.128/25 ); -# matches loopback and both halves of the 172.16.3/24 C-class, -# split into two subnets, except all four broadcast addresses -# for these subnets - - -# @@mynetworks is an IP access list which determines if the original SMTP client -# IP address belongs to our internal networks, i.e. mail is coming from inside. -# It is much like the Postfix parameter 'mynetworks' in semantics and similar -# in syntax, and its value should normally match the Postfix counterpart. -# It only affects the value of a macro %l (=sender-is-local), -# and the loading of policy 'MYNETS' if present (see below). -# Note that '-o smtp_send_xforward_command=yes' (or its lmtp counterpart) -# must be enabled in the Postfix service that feeds amavisd, otherwise -# client IP address is not available to amavisd-new. -# -# @@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 -# 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); # default -# -# A list of networks can also be read from a file, either as an IP acl in -# CIDR notation, one address per line (comments and empty lines are allowed): -# @@mynetworks_maps = (read_array('/etc/amavisd-mynetworks'), \@@mynetworks); -# -# or less flexibly (but provides faster lookups for large lists) by reading -# into a hash lookup table, which only allows for full addresses or classful -# IPv4 subnets with truncated octets, such as 127, 10, 192.168, 10.11.12.13, -# one address per line (comments and empty lines are allowed): -# @@mynetworks_maps = (read_hash('/etc/amavisd-mynetworks'), \@@mynetworks); - -# See README.lookups for details on specifying access control lists. - - -# -# Section III - Logging -# - -# true (e.g. 1) => syslog; false (e.g. 0) => logging to file -$DO_SYSLOG = 1; # (defaults to 0) - -$syslog_ident = 'amavis'; # Syslog ident string (defaults to 'amavis') -$syslog_facility = 'mail'; # Syslog facility as a string - # e.g.: mail, daemon, user, local0, ... local7, ... -$syslog_priority = 'info'; # Syslog base (minimal) priority as a string, - # choose from: emerg, alert, crit, err, warning, notice, info, debug - -# Log file (if not using syslog) -$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log) - -#NOTE: levels are not strictly observed and are somewhat arbitrary -# 0: startup/exit/failure messages, viruses detected -# 1: args passed from client, some more interesting messages -# 2: virus scanner output, timing -# 3: server, client -# 4: decompose parts -# 5: more debug details -$log_level = 3; # (defaults to 0), -d - -# Customizable template for the most interesting log file entry (e.g. with -# $log_level=0) (take care to properly quote Perl special characters like '\') -# For a list of available macros see README.customize . - -# $log_templ = undef; # undef disables by-message level-0 log entries -$log_recip_templ = undef; # undef disables by-recipient level-0 log entries - - -# log both infected and noninfected messages (as deflt, with size,subj,tests): -# (remove the leading '#' and a space in the following lines to activate) - -# $log_templ = <<'EOD'; -# [?%#D|#|Passed # -# [? [:ccat|major] |OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ -# UNCHECKED|BANNED (%F)|INFECTED (%V)]# -# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%D|,]# -# [? %q ||, quarantine: %q]# -# [? %Q ||, Queue-ID: %Q]# -# [? %m ||, Message-ID: %m]# -# [? %r ||, Resent-Message-ID: %r]# -# , mail_id: %i# -# , Hits: [:SCORE]# -# , size: %z# -# [~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\ -# [remote_mta_smtp_response|[~%x|["queued as ([0-9A-Z]+)$"]|["%1"]|["%0"]]|/]# -# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject]]]# -# [? [:header_field|From] ||, From: [:uquote|[:header_field|From]]]# -# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# -# [? %#T ||, Tests: \[[%T|,]\]]# -# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# -# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# -# , %y ms# -# ] -# [?%#O|#|Blocked # -# [? [:ccat|major|blocking] |# -# OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ -# UNCHECKED|BANNED (%F)|INFECTED (%V)]# -# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%O|,]# -# [? %q ||, quarantine: %q]# -# [? %Q ||, Queue-ID: %Q]# -# [? %m ||, Message-ID: %m]# -# [? %r ||, Resent-Message-ID: %r]# -# , mail_id: %i# -# , Hits: [:SCORE]# -# , size: %z# -# #, smtp_resp: [:smtp_response]# -# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject]]]# -# [? [:header_field|From] ||, From: [:uquote|[:header_field|From]]]# -# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# -# [? %#T ||, Tests: \[[%T|,]\]]# -# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# -# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# -# , %y ms# -# ] -# EOD - -# -# Section IV - Notifications/DSN, bounce/reject/discard/pass, quarantine -# - -# Select notifications text encoding when Unicode-aware Perl is converting -# text from internal character representation to external encoding (charset -# in MIME terminology). Used as argument to Perl Encode::encode subroutine. -# -# to be used in RFC 2047-encoded header field bodies, e.g. in Subject: -#$hdr_encoding = 'iso-8859-1'; # MIME charset (default: 'iso-8859-1') -#$hdr_encoding_qb = 'Q'; # MIME encoding: quoted-printable (default) -#$hdr_encoding_qb = 'B'; # MIME encoding: base64 -# -# to be used in notification body text: its encoding and Content-type.charset -#$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1') - -# Default template texts for notifications may be overruled by directly -# assigning new text to template variables, or by reading template text -# from files. A second argument may be specified in a call to read_text(), -# specifying character encoding layer to be used when reading from the -# external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding. -# Text will be converted to internal character representation by Perl 5.8.0 -# or later; second argument is ignored otherwise. See PerlIO::encoding, -# Encode::PerlIO and perluniintro man pages. -# -# $notify_sender_templ = read_text("$MYHOME/notify_sender.txt"); -# $notify_virus_sender_templ= read_text("$MYHOME/notify_virus_sender.txt"); -# $notify_virus_admin_templ = read_text("$MYHOME/notify_virus_admin.txt"); -# $notify_virus_recips_templ= read_text("$MYHOME/notify_virus_recips.txt"); -# $notify_spam_sender_templ = read_text("$MYHOME/notify_spam_sender.txt"); -# $notify_spam_admin_templ = read_text("$MYHOME/notify_spam_admin.txt"); - -# If notification template files are collectively available in some directory, -# one may call read_l10n_templates which invokes read_text for each known -# template. This is primarily a Debian-specific feature, but was incorporated -# into base code to facilitate porting. -# -# read_l10n_templates('/etc/amavis/en_US'); -# -# If read_l10n_templates is called, a localization template directory must -# contain the following files: -# charset this file should contain a one-line name -# of the character set used in the template -# files (e.g. utf8, iso-8859-2, ...) and is -# passed as the second argument to read_text; -# template-dsn.txt content fills the $notify_sender_templ -# template-virus-sender.txt content fills the $notify_virus_sender_templ -# template-virus-admin.txt content fills the $notify_virus_admin_templ -# template-virus-recipient.txt content fills the $notify_virus_recips_templ -# template-spam-sender.txt content fills the $notify_spam_sender_templ -# template-spam-admin.txt content fills the $notify_spam_admin_templ - -# Here is an overall picture (sequence of events) of how pieces fit together -# -# bypass_virus_checks set for all recipients? ==> PASS -# no viruses? ==> PASS -# log virus if $log_templ is nonempty -# quarantine if $virus_quarantine_to is nonempty -# notify admin if $virus_admin (lookup) nonempty -# notify recips if $warnvirusrecip and (recipient is local or $warn_offsite) -# add address extensions for local recipients (when enabled) -# send (non-)delivery notifications -# to sender if DSN needed (BOUNCE or ($warnvirussender and D_PASS)) -# virus_lovers or final_destiny==D_PASS ==> PASS -# DISCARD (2xx) or REJECT (5xx) (depending on final_*_destiny) -# -# Equivalent flow diagram applies for spam checks. -# If a virus is detected, spam checking is skipped entirely. - -# The following symbolic constants can be used in *_destiny settings: -# -# D_PASS mail will pass to recipients, regardless of bad contents; -# -# D_DISCARD mail will not be delivered to its recipients, sender will NOT be -# notified. Effectively we lose mail (but will be quarantined -# unless disabled). Losing mail is not decent for a mailer, -# but might be desired. -# -# D_BOUNCE mail will not be delivered to its recipients, a non-delivery -# notification (bounce) will be sent to the sender by amavisd-new; -# Exception: bounce (DSN) will not be sent if a virus name matches -# @@viruses_that_fake_sender_maps, or to messages from mailing lists -# (Precedence: bulk|list|junk), or for spam level that exceeds -# the $sa_dsn_cutoff_level. -# -# D_REJECT mail will not be delivered to its recipients, sender should -# preferably get a reject, e.g. SMTP permanent reject response -# (e.g. with milter), or non-delivery notification from MTA -# (e.g. Postfix). If this is not possible (e.g. different recipients -# have different tolerances to bad mail contents and not using LMTP) -# amavisd-new sends a bounce by itself (same as D_BOUNCE). -# Not to be used with Postfix or dual-MTA setups! -# -# Notes: -# D_REJECT and D_BOUNCE are similar, the difference is in who is responsible -# for informing the sender about non-delivery, and how informative -# the notification can be (amavisd-new knows more than MTA); -# With D_REJECT, MTA may reject original SMTP, or send DSN (delivery status -# notification, colloquially called 'bounce') - depending on MTA; -# Best suited for sendmail milter and Courier, especially for spam. -# With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain the -# reason for mail non-delivery or even suppress DSN, but unable -# to reject the original SMTP session). Best suited to reporting -# viruses, and for Postfix and other dual-MTA setups, which can't -# reject original client SMTP session, as the mail has already -# been enqueued. - -# Alternatives to consider for spam: -# - use D_PASS if clients will do filtering based on inserted -# mail headers or added address extensions ('plus-addressing'); -# - use D_DISCARD, if kill_level is set comfortably high; -# -# D_BOUNCE is preferred for viruses, but consider: -# - use D_PASS (or virus_lovers) to deliver viruses; -# - use D_REJECT instead of D_BOUNCE if using Courier or milter and under heavy -# virus storm; - - -# The use of new *_by_ccat hashes is illustrated by the following examples -# on configuring final_*_destiny. - - -# using traditional settings of $final_*_destiny variables, relying on a -# default setting of an associative array %final_destiny_by_ccat which is -# backwards compatible and contains references to these traditional variables: -# -$final_virus_destiny = D_REJECT; # (defaults to D_DISCARD) -$final_banned_destiny = D_REJECT; # (defaults to D_BOUNCE) -$final_spam_destiny = D_REJECT; # (defaults to D_BOUNCE) -$final_bad_header_destiny = D_PASS; # (defaults to D_PASS) - -######## -# -# Please think about what you are doing when you set these options. -# If necessary, question your origanization's e-mail policies: -# -# D_BOUNCE contributes to the overall spread of virii and spam on the -# internet. Both the envelope and header from addresses can be forged -# accurately with no effort, causing the bounces to go to innocent parties, -# whose addresses have been forged. -# -# D_DISCARD breaks internet mail specifications. However, with a -# properly implemented Quaratine system, the concern for breaking the -# specification is addressed to some extent. -# -# D_PASS is the safest way to handle e-mails. You must implement -# client-side filtering to handle this method. -# -# -Cory Visi 07/28/04 -# -####### - -# to explicitly list all (or most) possible contents category (ccat) keys: -%final_destiny_by_ccat = ( - CC_VIRUS, D_DISCARD, - CC_BANNED, D_BOUNCE, - CC_UNCHECKED, D_PASS, - CC_SPAM, D_DISCARD, - CC_BADH, D_PASS, - CC_OVERSIZED, D_BOUNCE, - CC_CLEAN, D_PASS, - CC_CATCHALL, D_PASS, -); - -# to rely on a catchall ccat key and only list exceptions (alternative 1): -#%final_destiny_by_ccat = ( -# CC_VIRUS, D_DISCARD, -# CC_BANNED, D_BOUNCE, -# CC_SPAM, D_BOUNCE, -# CC_BADH.',4', D_BOUNCE, # BadHdrSpace -# CC_BADH.',3', D_BOUNCE, # BadHdrChar -# CC_OVERSIZED, D_BOUNCE, -# CC_CATCHALL, D_PASS, -#); - -# to rely on a catchall ccat key and list exceptions (alternative 2): -#%final_destiny_by_ccat = ( -# CC_VIRUS, D_DISCARD, -# CC_UNCHECKED, D_PASS, -# CC_BADH.',6', D_PASS, # BadHdrSyntax -# CC_BADH.',5', D_PASS, # BadHdrLong -# CC_BADH.',2', D_PASS, # BadHdr8bit -# CC_BADH.',1', D_PASS, # BadHdrMime -# CC_CLEAN, D_PASS, -# CC_CATCHALL, D_BOUNCE, -#); - -# to rely on a catchall ccat key and list exceptions (alternative 3): -#%final_destiny_by_ccat = ( -# CC_VIRUS, D_DISCARD, -# CC_UNCHECKED, D_PASS, -# CC_BADH.',4', D_BOUNCE, # BadHdrSpace -# CC_BADH.',3', D_BOUNCE, # BadHdrChar -# CC_BADH, D_PASS, # sub-catchall for CC_BADH -# CC_CLEAN, D_PASS, -# CC_CATCHALL, D_BOUNCE, -#); - -# to rely on a default %final_destiny_by_ccat and only change few settings: -#$final_destiny_by_ccat{+CC_SPAM} = D_PASS; -#$final_destiny_by_ccat{+CC_BADH} = D_BOUNCE; -#$final_destiny_by_ccat{+CC_BADH.',2'} = D_PASS; # BadHdr8bit - - - -# For monitoring / testing purposes let the administrator receive a copy -# of certain delivery status notifications that are mailed back to senders: -# -#%dsn_bcc_by_ccat = ( -# CC_BANNED, undef, -# CC_SPAM, undef, -# CC_BADH, undef, -# CC_CATCHALL, 'admin+test@@example.com', -#); -# -# or use a simpler form, taking advantage of defaults in %dsn_bcc_by_ccat: -#$dsn_bcc = 'admin+test@@example.com'; - - -# The following $warn*sender settings are ONLY used when mail is -# actually passed to recipients ($final_*_destiny=D_PASS, or *_lovers*). -# Bounces or rejects produce non-delivery status notification regardless. -# -# Notify sender of syntactically invalid header containing non-ASCII chars? -#$warnbadhsender = 1; # (defaults to false (undef)) - -# Notify virus (or banned files or bad headers) RECIPIENT? -# (not very useful, but some policies demand it) -#$warnvirusrecip = 1; # (defaults to false (undef)) -#$warnbannedrecip = 1; # (defaults to false (undef)) -#$warnbadhrecip = 1; # (defaults to false (undef)) - -# Notify also non-local virus/banned recipients if $warn*recip is true? -# (including those not matching local_domains*) -#$warn_offsite = 1; # (defaults to false (undef), i.e. only notify locals) - - -# Treat envelope sender address as unreliable and don't send sender -# notification / bounces if name(s) of detected virus(es) match the list. -# Note that virus names are supplied by external virus scanner(s) and are -# not standardized, so virus names may need to be adjusted. -# See README.lookups for syntax, check also README.policy-on-notifications. -# If the intention is to treat all viruses as faking the sender address, it -# is equivalent but more efficient to just set $final_virus_destiny=D_DISCARD; -# -@@viruses_that_fake_sender_maps = (new_RE( - qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i, - qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i, - qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i, - qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i, - qr'@@mm|@@MM', # mass mailing viruses as labeled by f-prot and uvscan - qr'Worm'i, # worms as labeled by ClamAV, Kaspersky, etc -# [qr'^(EICAR|Joke\.|Junk\.)'i => 0], -# [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0], - [qr/^/ => 1], # true by default (remove or comment-out if undesired) -)); - -# where to send ADMIN VIRUS NOTIFICATIONS (should be a fully qualified address) -# - the administrator envelope address may be a simple fixed e-mail address -# (a scalar), or may depend on the RECIPIENT address (e.g. its domain). -# -# Empty or undef lookup disables virus admin notifications. - -# The full set of configurable administrator addresses is: -# @@virus_admin_maps ... notifications to admin about viruses -# @@newvirus_admin_maps ... newly encountered viruses since amavisd startup -# @@spam_admin_maps ... notifications to admin about spam -# @@banned_admin_maps ... notifications to admin about banned contents -# @@bad_header_admin_maps ... notifications to admin about bad headers - -$virus_admin = "virusalert\@@$mydomain"; -# $virus_admin = 'virus-admin@@example.com'; -# $virus_admin = undef; # do not send virus admin notifications (default) -# -#@@virus_admin_maps = ( # by-recipient maps -# {'not.example.com' => '', -# '.' => 'virusalert@@example.com'}, -# $virus_admin, # the usual default -#); - -# equivalent to $virus_admin, but for spam admin notifications: -# $spam_admin = "spamalert\@@$mydomain"; -# $spam_admin = undef; # do not send spam admin notifications (default) -#@@spam_admin_maps = ( # by-recipient maps -# {'not.example.com' => '', -# '.' => 'spamalert@@example.com'}, -# $spam_admin, # the usual default -#); - -# receive a copy of all delivery status notifications sent; -# useful for testing or monitoring -#$dsn_bcc = "mailadmin\@@$mydomain"; - -#advanced example, using a hash lookup table and a scalar default, -#lookup key is a recipient envelope address: -#@@virus_admin_maps = ( # by-recipient maps -# { 'baduser@@sub1.example.com' => 'HisBoss@@sub1.example.com', -# '.sub1.example.com' => 'virusalert@@sub1.example.com', -# '.sub2.example.com' => '', # don't send admin notifications -# 'a.sub3.example.com' => 'abuse@@sub3.example.com', -# '.sub3.example.com' => 'virusalert@@sub3.example.com', -# '.example.com' => 'noc@@example.com', # default for our virus senders -# }, -# 'virusalert@@hq.example.com', # catchall for the rest -#); - -# sender envelope address, from which notification reports are sent from; -# may be a null reverse path, or a fully qualified address: -# (admin and recip sender addresses default to a null return path). -# If using strings in double quotes, don't forget to quote @@, i.e. \@@ -# -$mailfrom_notify_admin = "virusalert\@@$mydomain"; -$mailfrom_notify_recip = "virusalert\@@$mydomain"; -$mailfrom_notify_spamadmin = "spam.police\@@$mydomain"; - -# 'From' HEADER FIELD for sender and admin notifications. -# This should be a replyable address, see rfc1894. Not to be confused -# with $mailfrom_notify_sender, which is the envelope return address -# and can be empty (null reverse path) according to rfc2821. -# -# The syntax of the 'From' header field is specified in rfc2822, section -# '3.4. Address Specification'. Note in particular that display-name must be -# a quoted-string if it contains any special characters like spaces and dots. -# -# $hdrfrom_notify_sender = "amavisd-new "; -# $hdrfrom_notify_sender = 'amavisd-new '; -# $hdrfrom_notify_sender = '"Content-Filter Master" '; -# $hdrfrom_notify_admin = $mailfrom_notify_admin; -# $hdrfrom_notify_spamadmin = $mailfrom_notify_spamadmin; -# (default: "\"Content-filter at $myhostname\" ") - -# whom quarantined messages appear to be sent from (envelope sender); -# keeps original sender if undef, or set it explicitly, default is undef -$mailfrom_to_quarantine = ''; # override sender address with null return path - - -# Location to put infected mail into: (applies to 'local:' quarantine method) -# empty for not quarantining, may be a file (Unix-style mailbox), -# or a directory (no trailing slash) -# (the default value is undef, meaning no quarantine) -# -$QUARANTINEDIR = "$MYHOME/quarantine"; - -#$quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine - -#$clean_quarantine_method = 'local:clean-%m'; # disabled by default -#$virus_quarantine_method = 'local:virus-%m'; # default -#$spam_quarantine_method = 'local:spam-%m.gz'; # default -#$banned_files_quarantine_method = 'local:banned-%m'; # default -#$bad_header_quarantine_method = 'local:badh-%m'; # default - -# Separate quarantine subdirectories virus, spam, banned and badh within -# the directory $QUARANTINEDIR may be specified by the following settings -# (the subdirectories need to exist - must be created manually): -#$clean_quarantine_method = 'local:clean/%m'; -#$virus_quarantine_method = 'local:virus/%m'; -#$spam_quarantine_method = 'local:spam/%m.gz'; -#$banned_files_quarantine_method = 'local:banned/%m'; -#$bad_header_quarantine_method = 'local:badh/%m'; -# -#use the 'bsmtp:' method as an alternative to the default 'local:' -#$virus_quarantine_method = "bsmtp:$QUARANTINEDIR/virus-%m.bsmtp"; -#$spam_quarantine_method = "bsmtp:$QUARANTINEDIR/spam-%m.bsmtp"; -# -#using the 'pipe:' method might be useful for some special purpose: -#$mailfrom_to_quarantine = undef; # pass on the original sender address -#$spam_quarantine_method = 'pipe:argv=/usr/bin/myscript.sh spam-%b ${sender}'; -# -#using the 'sql:' method to store quarantined message to a SQL database: -#$virus_quarantine_method = $spam_quarantine_method = -# $banned_files_quarantine_method = $bad_header_quarantine_method = 'sql:'; - -# Send copy of every mail to an archival mail address: -#$archive_quarantine_method = $notify_method; -#@@archive_quarantine_to_maps = ( 'collector@@example.com' ); - - -# When using the 'local:' quarantine method (default), the following applies: -# -# A finer control of quarantining is available through -# variables $virus_quarantine_method/$spam_quarantine_method/ -# $banned_files_quarantine_method/$bad_header_quarantine_method. -# -# The value of scalar $virus_quarantine_to/$spam_quarantine_to (or a -# per-recipient lookup result from lookup tables @@virus_quarantine_to_maps) -# is/are interpreted as follows: -# -# VARIANT 1: -# empty or undef disables quarantine; -# -# VARIANT 2: -# a string NOT containing an '@@'; -# amavisd will behave as a local delivery agent (LDA) and will quarantine -# viruses to local files according to hash %local_delivery_aliases (pseudo -# aliases map) - see subroutine mail_to_local_mailbox() for details. -# Some of the predefined aliases are 'virus-quarantine' and 'spam-quarantine'. -# Setting $virus_quarantine_to ($spam_quarantine_to) to this string will: -# -# * if $QUARANTINEDIR is a directory, each quarantined virus will go -# to a separate file in the $QUARANTINEDIR directory (traditional -# amavis style, similar to maildir mailbox format); -# -# * otherwise $QUARANTINEDIR is treated as a file name of a Unix-style -# mailbox. All quarantined messages will be appended to this file. -# Amavisd child process must obtain an exclusive lock on the file during -# delivery, so this may be less efficient than using individual files -# or forwarding to MTA, and it may not work across NFS or other non-local -# file systems (but may be handy for pickup of quarantined files via IMAP -# for example); -# -# VARIANT 3: -# any email address (must contain '@@'). -# The e-mail messages to be quarantined will be handed to MTA -# for delivery to the specified address. If a recipient address local to MTA -# is desired, you may leave the domain part empty, e.g. 'infected@@', but the -# '@@' character must nevertheless be included to distinguish it from variant 2. -# -# This variant enables more refined delivery control made available by MTA -# (e.g. its aliases file, other local delivery agents, dealing with -# privileges and file locking when delivering to user's mailbox, nonlocal -# delivery and forwarding, fan-out lists). Make sure the mail-to-be-quarantined -# will not be handed back to amavisd for checking, as this will cause a loop -# (hopefully broken at some stage)! If this can be assured, notifications -# will benefit too from not being unnecessarily virus-scanned. -# -# By default this is safe to do with Postfix and Exim v4 and dual-sendmail -# setup, but probably not safe with sendmail milter interface without tricks. - -# (default values are: virus-quarantine, banned-quarantine, spam-quarantine) - -$virus_quarantine_to = 'virus-quarantine'; # traditional local quarantine -#$virus_quarantine_to = 'infected@@'; # forward to MTA for delivery -#$virus_quarantine_to = "virus-quarantine\@@$mydomain"; # similar -#$virus_quarantine_to = 'virus-quarantine@@example.com'; # similar -#$virus_quarantine_to = undef; # no quarantine -# -# lookup key is envelope recipient address: -#@@virus_quarantine_to_maps = ( # per-recip multiple quarantines -# new_RE( [qr'^user@@example\.com$'i => 'infected@@'], -# [qr'^(.*)@@example\.com$'i => 'virus-${1}@@example.com'], -# [qr'^(.*)(@@[^@@])?$'i => 'virus-${1}${2}'] ), -# $virus_quarantine_to, # the usual default -#); - -# similar for banned names and bad headers and spam (set to undef to disable) -$banned_quarantine_to = 'banned-quarantine'; # local quarantine -$bad_header_quarantine_to = 'bad-header-quarantine'; # local quarantine -$spam_quarantine_to = 'spam-quarantine'; # local quarantine - -# or to a mailbox: -#$spam_quarantine_to = "spam-quarantine\@@$mydomain"; -# -#@@spam_quarantine_to_maps = ( # per-recip quarantines -# new_RE( [qr'^(.*)@@example\.com$'i => 'spam-${1}@@example.com'] ), -# $spam_quarantine_to, # the usual default -#); - - -# In addition to per-recip quarantine, a by-sender lookup is possible. -# It is similar to $spam_quarantine_to, but the lookup key is the -# envelope sender address: -#$spam_quarantine_bysender_to = undef; # dflt: no by-sender spam quarantine - - -# Spam level beyond which quarantining is disabled (global value): -#$sa_quarantine_cutoff_level = 20; # dflt: undef, which disables this feature - -#@@spam_quarantine_cutoff_level_maps = ( # per-recip. quarantine cutoff levels -# { 'user1@@example.com' => 20.5, -# 'postmaster@@example.com' => 9999, -# '.example.com' => 25 }, -# \$sa_quarantine_cutoff_level, # catchall default -#); - - -# Add X-Virus-Scanned header field to mail? -$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: 'X-Virus-Scanned') - -# Set to empty to add no header field # (dflt "$myproduct_name at $mydomain") -# $X_HEADER_LINE = "$myproduct_name at $mydomain"; -# $X_HEADER_LINE = "by $myproduct_name using ClamAV at $mydomain"; -# $X_HEADER_LINE = "$myproduct_name $myversion_id ($myversion_date) at $mydomain"; - -# a string to prepend to Subject (for local recipients only) if mail could -# not be decoded or checked entirely, e.g. due to password-protected archives -$undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it - -# MIME defanging wraps the entire original mail in a MIME container of type -# 'Content-type: multipart/mixed', where the first part is a text/plain with -# a short explanation, and the second part is a complete original mail, -# enclosed in a 'Content-type: message/rfc822' MIME part. -# Defanging is only done when enabled (selectively by malware type), -# and mail is considered malware (virus/spam/...), and the malware is allowed -# to pass (*_lovers or *_destiny=D_PASS) -# -$defang_virus = 1; # default is false: don't modify mail body -$defang_banned = 1; # default is false: don't modify mail body -# $defang_bad_header = 1; # default is false: don't modify mail body -# $defang_undecipherable = 1; # default is false: don't modify mail body -# $defang_spam = 1; # default is false: don't modify mail body - -# NOTE: setting the following variables to true may break mail signatures -# (DKIM and DomainKeys) when verification is done after content filtering: -# $remove_existing_x_scanned_headers, $remove_existing_x_scanned_headers, -# and $allow_fixing_improper_header_folding (and defanging, described -# elsewhere). This is rarely an issue, as mail signing should be done -# after content filtering, and mail verification should preferably be done -# before filtering or by SpamAssassin called from within amavisd, which -# sees still-unmodified mail. -# -$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone - # (defaults to false) -#$remove_existing_x_scanned_headers= 1; # remove existing X-Virus-Scanned -#$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone -$remove_existing_spam_headers = 1; # remove existing spam headers if - # spam scanning is enabled (default) -#$allow_fixing_improper_header_folding = 1; # (default is true) - -# set $bypass_decode_parts to true if you only do spam scanning, or if you -# have a good virus scanner that can deal with compression and recursively -# unpacking archives by itself, and save amavisd the trouble. -# Disabling decoding also causes banned_files checking NOT to see MIME types -# and content classification types as provided by the file(1) utility. -# It is a double-edged sword, make sure you know what you are doing! -# -#$bypass_decode_parts = 1; # (defaults to false) - -# don't trust this file type or corresponding unpacker for this file type, -# keep both the original and the unpacked file for a virus checker to see -# (lookup key is what file(1) utility returned): -# -@@keep_decoded_original_maps = (new_RE( -# qr'^MAIL$', # retain full original message for virus checking (can be slow) - qr'^MAIL-UNDECIPHERABLE$', # retain full mail if it contains undecipherables - qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, -# qr'^Zip archive data', # don't trust Archive::Zip -)); - - -# Checking for banned MIME types and names. If any mail part matches, -# the whole mail is rejected. Object $banned_filename_re provides a list -# of Perl regular expressions to be matched against each part's: -# -# * Content-Type value (both declared and effective mime-type), -# such as the possible security-risk content types -# 'message/partial' and 'message/external-body', as specified in rfc2046 -# or 'application/x-msdownload' and 'application/x-msdos-program'; -# -# * declared (recommended) file names as specified by MIME subfields -# Content-Disposition.filename and Content-Type.name, both in their -# raw (encoded) form and in rfc2047-decoded form if applicable -# as well as (recommended) file names specified in archives; -# -# * file content type as guessed by 'file(1)' utility, mapped -# (by @@map_full_type_to_short_type_maps) into short type names such as -# .asc, .txt, .html, .doc, .jpg, .pdf, .zip, .exe-ms, ..., which always -# starts with a dot. These short types are available unless -# $bypass_decode_parts is true. -# -# All nodes (mail parts) of the fully recursively decoded mail and embedded -# archives are checked, each node independently from remaining nodes. -# -# For each node all its ancestor nodes including itself are checked against -# $banned_filename_re lookup list, top-down. The search for a node stops -# at the first match, the right-hand side of the matching key determines -# the result (true or false, absent right-hand side implies true, as explained -# in README.lookups). -# -# Although repeatedly re-checking ancestor nodes may seem excessive, it gives -# the opportunity to specify rules which make a particular node hide its -# descendents, e.g. allow any name or file type within a .zip, even though -# .exe files may otherwise not be allowed. -# -# Leave $banned_filename_re undefined to disable these checks -# (giving an empty list to new_RE() will also always return false) - -# for $banned_namepath_re (a new-style of banned table) see amavisd.conf-sample - -$banned_filename_re = new_RE( - -### BLOCKED ANYWHERE -# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components - qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary -# qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types - -### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: -# [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 - [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives - - qr'.\.(pif|scr)$'i, # banned extensions - rudimentary -# qr'^\.zip$', # block zip type - -### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES: -# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives - - qr'^application/x-msdownload$'i, # block these MIME types - qr'^application/x-msdos-program$'i, - qr'^application/hta$'i, - -# qr'^message/partial$'i, # rfc2046 MIME type -# qr'^message/external-body$'i, # rfc2046 MIME type - -# qr'^(application/x-msmetafile|image/x-wmf)$'i, # Windows Metafile MIME type -# qr'^\.wmf$', # Windows Metafile file(1) type - - # block certain double extensions in filenames - qr'\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i, - -# qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Class ID CLSID, strict -# qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose - - qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic -# qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd -# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| -# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst| -# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| -# wmf|wsc|wsf|wsh)$'ix, # banned ext - long -# qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename -# qr'^\.ani$', # banned animated cursor file(1) type - -# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. -); -# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631 -# and http://www.cknow.com/vtutor/vtextensions.htm - -# A little trick: a pattern qr'\.exe$' matches both a short type name '.exe', -# as well as any file name which happens to end with .exe. If only matching -# a file name is desired, but not the short type, a pattern qr'.\.exe$'i -# or similar may be used, which requires that at least one character precedes -# the '.exe', and so it will never match short file types which always start -# with a dot. - - -# the syntax of these Perl regular expressions is a bit awkward if not -# familiar with them, so please do follow examples and stick to the idioms: -# \A ... at the beginning of the first component -# \z ... at the end of the the last (leaf) component -# ^ ... at the beginning of each component in the path -# $ ... at the end of each component in the path -# (.*\t)? ... at the beginning of a field -# (\t.*)? ... at the end of a field -# \t(.*\t)* ... separating fields -# [^\t\n] ... any single character, but don't escape from this field -# (.*\n)+ ... one or more levels down -# (?#...) ... a comment within a regexp - -# new-style of banned lookup table -$banned_namepath_re = new_RE( - -### BLOCKED ANYWHERE - - qr'(?# BLOCK Microsoft EXECUTABLES and DLL ) - ^ (.*\t)? T=(exe-ms|dll) (\t.*)? $'xm, # banned file(1) types, rudimentary - -# qr'(?# BLOCK ANY EXECUTABLE ) -# ^ (.*\t)? T=exe (\t.*)? $'xm, # banned file(1) type - -# qr'(?# BLOCK THESE TYPES ) -# ^ (.*\t)? T=(exe|lha|tnef|cab|dll) (\t.*)? $'xm, # banned file(1) types - - -### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: - -# # within traditional gzip and bzip2 allow any name and type -# [ qr'(?#rule-3) ^ (.*\t)? T=(gz|bz2) (\t.*)? $'xmi => 0 ], # allow - - # within traditional Unix archives allow any name and type - [ qr'(?#rule-4) ^ (.*\t)? T=(tar|rpm|cpio) (\t.*)? $'xmi => 0 ], # allow - - # banned filename extensions (in declared names) anywhere - rudimentary - qr'(?# BLOCK COMMON NAME EXENSIONS ) - ^ (.*\t)? N= [^\t\n]* \. (pif|scr) (\t.*)? $'xmi, - -# # block anything within a zip -# qr'(?#rule-5) ^ (.*\t)? T=zip (\t.*)? (.*\n)+ .* $'xmi, - - -### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES OR CRYPTED: - -# # within PC archives allow any types or names at any depth -# [ qr'(?#rule-7) ^ (.*\t)? T=(zip|rar|arc|arj|zoo) (\t.*)? $'xmi => 0 ], # ok - -# # within certain archives allow leaf members at any depth if crypted -# [ qr'(?# ALLOW ENCRYPTED ) -# ^ (.*\t)? T=(zip|rar|arj) (.*\n)+ (.*\t)? A=C (\t.*)? \z'xmi => 0 ], - -# # allow crypted leaf members regardless of their name or type -# [ qr'(?# ALLOW IF ENCRYPTED ) ^ (.*\t)? A=C (\t.*)? \z'xmi => 0 ], - - # block these MIME types - qr'(?#NO X-MSDOWNLOAD) ^(.*\t)? M=application/x-msdownload (\t.*)? $'xmi, - qr'(?#NO X-MSDOS-PROGRAM)^(.*\t)? M=application/x-msdos-program(\t.*)? $'xmi, - qr'(?#NO HTA) ^(.*\t)? M=application/hta (\t.*)? $'xmi, - -# # block rfc2046 MIME types -# qr'(?# BLOCK RFC2046 ) ^ (.*\t)? M=message/partial (\t.*)? $'xmi, -# qr'(?# BLOCK RFC2046 ) ^ (.*\t)? M=message/external-body (\t.*)? $'xmi, - -# qr'(?#No Metafile MIME) ^(.*\t)? M=application/x-msmetafile (\t.*)? $'xmi, -# qr'(?#No Metafile MIME) ^(.*\t)? M=image/x-wmf (\t.*)? $'xmi, -# qr'(?#No Metafile file) ^(.*\t)? T=wmf (\t.*)? $'xm, -# qr'(?#No animated cursors) ^(.*\t)? T=ani (\t.*)? $'xm, - - # block certain double extensions in filenames - qr'(?# BLOCK DOUBLE-EXTENSIONS ) - ^ (.*\t)? N= [^\t\n]* \. [^./\t\n]* [A-Za-z] [^./\t\n]* \. \ * - (exe|vbs|pif|scr|bat|cmd|com|cpl|dll) [. ]* (\t.*)? $'xmi, - - [ qr'(?# BLOCK EMPTY MIME PART APPLICATION/OCTET-STREAM ) - ^ (.*\t)? M=application/(octet-stream|x-msdownload|x-msdos-program) - \t(.*\t)* T=empty (\t.*)? $'xmi - => 'DISCARD' ], - -# [ qr'(?# BLOCK EMPTY MIME PARTS ) -# ^ (.*\t)? M= [^\t\n]+ \t(.*\t)* T=empty (\t.*)? $'xmi => 'DISCARD' ], - -# # block Class ID (CLSID) extensions in filenames, strict -# qr'(?# BLOCK CLSID-EXTENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}? -# [^\t\n]* (\t.*)? $'xmi, - -# # banned suggested names with three or more consecutive spaces -# qr'(?# BLOCK NAMES WITH SPACES ) -# ^ (.*\t)? N= [^\t\n]* [ ]{3,} 'xmi, - -# # block if any component can not be decoded (is encrypted or bad archive) -# qr'(?# BLOCK IF UNDECIPHERABLE ) ^ (.*\t)? A=U (\t.*)? \z'xmi, - -# [ qr'(?# SPECIAL ALLOWANCES - MAGIC NAMES) -# \A (.*\t)? T=(rpm|cpio|tar|zip|rar|arc|arj|zoo|Z|gz|bz2) -# \t(.*\t)* N=example\d+[^\t\n]* -# (\t.*)? $'xmi => 0 ], - - # banned filename extensions (in suggested names) anywhere - basic - qr'(?# BLOCK COMMON NAME EXENSIONS ) - ^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|cpl) (\t.*)? $'xmi, - -# # banned filename extensions (in suggested names) anywhere - basic+cmd -# qr'(?# BLOCK COMMON NAME EXENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|cpl|bat|cmd|com) (\t.*)? $'xmi, - -# # banned filename extensions (in suggested names) anywhere - long -# qr'(?# BLOCK MORE NAME EXTENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. ( -# ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| -# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst| -# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| -# wmf|wsc|wsf|wsh) (\t.*)? $'xmi, - -# qr'(?# BLOCK CURSOR AND ICON NAME EXENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. (ani|cur|ico) (\t.*)? $'xmi, - -# # banned filename extensions anywhere - WinZip vulnerability (pre-V9) -# qr'(?# BLOCK WinZip VULNERABILITY EXENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. (mim|b64|bhx|hqx|xxe|uu|uue) (\t.*)? $'xmi, - -); - -# use old or new style of banned lookup table; not both to avoid confusion -# -# @@banned_filename_maps = (); # to disable old-style - $banned_namepath_re = undef; # to disable new-style - - -%banned_rules = ( - 'MYNETS-DEFAULT' => new_RE( # permissive set of rules for internal hosts - [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any name/type in Unix archives - qr'.\.(vbs|pif|scr)$'i, # banned extension - rudimentary - ), - 'DEFAULT' => $banned_filename_re, -); - - -# -# Section V - Per-recipient and per-sender handling, whitelisting, etc. -# - -# @@virus_lovers_maps list of lookup tables: -# (this should be considered a policy option, is does not disable checks, -# see bypass*checks for that!) -# -# Exclude certain RECIPIENTS from virus filtering by adding their (lower-cased) -# envelope e-mail address (or domain only) to one of the lookup tables in -# the @@virus_lovers_maps list - see README.lookups and examples. -# Make sure the appropriate form (e.g. external/internal) of address -# is used in case of virtual domains, or when mapping external to internal -# addresses, etc. - this is MTA-specific. -# -# Notifications would still be generated however (see the overall -# picture above), and infected mail (if passed) gets additional header: -# X-AMaViS-Alert: INFECTED, message contains virus: ... -# (header not inserted with Courier or milter interface!) -# -# Setting $final_*_destiny=D_PASS is functionally equivalent to having -# all recipients match the @@*_lovers_maps. -# -# NOTE (milter interface only): in case of multiple recipients, -# it is only possible to drop or accept the message in its entirety - for all -# recipients. If all of them are virus lovers, we'll accept mail, but if -# at least one recipient is not a virus lover, we'll discard the message. - - -# @@bypass_virus_checks_maps list of lookup tables: -# (this is mainly a time-saving option, unlike virus_lovers* !) -# -# Similar in concept to @@virus_lovers_maps, a @@bypass_virus_checks_maps -# is used to skip entirely the decoding, unpacking and virus checking, -# but only if ALL recipients match the lookup. -# -# @@bypass_virus_checks_maps does NOT GUARANTEE the message will NOT be checked -# for viruses - this may still happen when there is more than one recipient -# for a message and not all of them match these lookup tables, or when -# check result was cached (i.e. the same contents was recently sent to other -# recipients). To guarantee virus delivery, a recipient must also match -# @@virus_lovers_maps lookups (but see milter limitations above), -# -# The following table summarizes the possible combinations: -# bypass lover -# 0 0 useful, check for malware and block it -# 0 1 useful, check but deliver nevertheless, possibly tagged -# 1 0 not too useful, free riding on cached or other-people's checks -# 1 1 useful, no checks if possible, and no effects - -# NOTE: it would not be clever to base enabling of virus checks on SENDER -# address, since there are no guarantees that it is genuine. Many viruses -# and spam messages fake sender address. To achieve selective filtering -# based on the source of the mail (e.g. IP address, MTA port number, ...), -# use mechanisms provided by MTA if available, possibly combined with policy -# banks feature. - -# Similar to lists of lookup tables controlling virus checking, there are -# counterparts for spam scanning, banned names/types, and headers_checks -# control: -# @@spam_lovers_maps, -# @@banned_files_lovers_maps, -# @@bad_header_lovers_maps -# and: -# @@bypass_spam_checks_maps, -# @@bypass_banned_checks_maps, -# @@bypass_header_checks_maps - -# Example: -# @@bypass_header_checks_maps = ( [qw( user@@example.com )] ); -# @@bad_header_lovers_maps = ( [qw( user@@example.com )] ); - -# The following example disables spam checking altogether, -# since it matches any recipient e-mail address. -# @@bypass_spam_checks_maps = (1); - - -# See README.lookups for further detail, and examples below. - -# In the following example a list of lookup tables @@virus_lovers_maps -# contains three elements, the first is a reference to an ACL lookup table -# (brackets in Perl indicate a ref to a list), the second is a reference -# to a hash lookup table (curly braces in Perl indicate a ref to a hash), -# the third is a regexp lookup table, indicated by the type of object -# created by new_RE() : -# -#@@virus_lovers_maps = ( -# [ qw( me@@lab.xxx.com !lab.xxx.com .xxx.com yyy.org ) ], -# { "postmaster\@@$mydomain" => 1, # double quotes permit variable evaluation -# 'postmaster@@example.com'=> 1, # in single quotes the '@@' need not be quoted -# 'abuse@@example.com'=> 1, -# 'some.user@@' => 1, # this recipient, regardless of domain -# 'boss@@example.com' => 0, # never, even if domain matches -# 'example.com' => 1, # this domain, but not its subdomains -# '.example.com' => 1, # this domain, including its subdomains -# }, -# new_RE( qr'^(helpdesk|postmaster)@@example\.com$'i ), -#); - -#@@spam_lovers_maps = ( -# ["postmaster\@@$mydomain", 'postmaster@@example.com', 'abuse@@example.com'], -#); - -#@@bad_header_lovers_maps = ( -# ["postmaster\@@", "abuse\@@$mydomain"], -#); - - -# as an alternative to fiddling with @@_lovers_maps and similar _maps, here -# is an illustration of using a more general *_by_ccat associative array, -# introduced with 2.4.0, like %lovers_maps_by_ccat in this example: -# -#$lovers_maps_by_ccat{+CC_SPAM} = [ -# read_hash("$MYHOME/etc/spam_lovers.txt"), -# [qw(postmaster@@example.com abuse@@example.com)], -#]; -# -#$lovers_maps_by_ccat{+CC_BANNED} = [ -# { map {lc $_ => 1} # construct a hash lookup table from a list -# qw(user1@@example.com user2.example.com) -# }, -#]; - - -# to save some typing of quotes and commas, a Perl operator qw can be used -# to split its argument on whitespace and to quote resulting elements: -#@@bypass_spam_checks_maps = ( -# [ qw( some.ddd !butnot.example.com .example.com ) ], -#); - - -# don't run spam check for these RECIPIENT domains: -# @@bypass_spam_checks_maps = ( [qw( d1.com .d2.com a.d3.com )] ); -# or the other way around (bypass check for all BUT these): -# @@bypass_spam_checks_maps = ( [qw( !d1.com !.d2.com !a.d3.com . )] ); -# a practical application: don't check outgoing mail for spam: -# @@bypass_spam_checks_maps = ( [ "!.$mydomain", "." ] ); -# or calculated (negated) from the %local_domains: -# @@bypass_spam_checks_maps = -# ( {map {$_ => !$local_domains{$_}} keys %local_domains}, 1); -# (a downside of which is that such mail will not count as ham in SA bayes db) -# -# Note that 'outgoing' is not the same as 'originating from inside'. We refer -# to 'outgoing' here as 'mail addressed to recipients outside our domain(s)'. -# The internal-to-internal mail is not outgoing, but is still originating from -# inside. To base rules on 'originating from inside', the use of a policy bank -# with 'originating => 1' is needed (such as MYNETS), in conjunction with -# XFORWARD Postfix extension to SMTP. - -# Where to find SQL server(s) and database to support SQL lookups? -# A list of triples: (dsn,user,passw). (dsn = data source name) -# More than one entry may be specified for multiple (backup) SQL servers. -# See 'man DBI', 'man DBD::mysql', 'man DBD::Pg', ... for details. -# When chroot-ed, accessing SQL server over inet socket may be more convenient. -# -# @@lookup_sql_dsn = -# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'], -# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'], -# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] ); -# @@storage_sql_dsn = @@lookup_sql_dsn; # none, same, or separate database -# -# ('mail' in the example is the database name, choose what you like) -# With PostgreSQL the dsn (first element of the triple) may look like: -# 'DBI:Pg:dbname=mail;host=host1' - -# The SQL select clause to fetch per-recipient policy settings. -# The %k will be replaced by a comma-separated list of query addresses -# (e.g. full address, domain only (stripped level by level), and a catchall). -# Use ORDER if there is a chance that multiple records will match - the first -# match wins. If field names are not unique (e.g. 'id'), the later field -# overwrites the earlier in a hash returned by lookup, which is why we use -# '*,users.id' instead of just '*'. No need to uncomment the following -# assignment if the default is ok. -# $sql_select_policy = 'SELECT *,users.id FROM users,policy'. -# ' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'. -# ' ORDER BY users.priority DESC'; -# -# The SQL select clause to check sender in per-recipient whitelist/blacklist -# The first SELECT argument '?' will be users.id from recipient SQL lookup, -# the %k will be sender addresses (e.g. full address, domain only, catchall). -# The default value is: -# $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'. -# ' WHERE (wblist.rid=?) AND (wblist.sid=mailaddr.id)'. -# ' AND (mailaddr.email IN (%k))'. -# ' ORDER BY mailaddr.priority DESC'; -# -# To disable SQL white/black list, set to undef (otherwise comment-out -# the following statement, leaving it at the default value): -$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting - -# Controls the format of timestamps in the field msgs.time_iso: -# $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; -# defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) - -# Does a database mail address field with no '@@' character represent a -# local username or a domain name? By default it implies a username in -# SQL and LDAP lookups (but represents a domain in hash and acl lookups), -# so domain names in SQL and LDAP should be specified as '@@domain'. -# Setting these to true will cause 'xxx' to be interpreted as a domain -# name, just like in hash or acl lookups. -# -# $sql_lookups_no_at_means_domain = 0; # default is 0 -# $ldap_lookups_no_at_means_domain = 0; # default is 0 - -# Here is an example of a SELECT clause that fabricates an artificial 'users' -# table from actual table 'postfix_domains' containing a field 'domain_name'. -# The effect is that domains listed in the 'postfix_domains' table will be -# treated as local by amavisd, and be given settings from a policy id 99 -# if such a policy id exists, or just fall back to static lookups. -# The user.id (with a value 1) is there only to provide a user id (same id -# for all listed domains) when global SQL-based white/blacklisting is used. -# -# $sql_lookups_no_at_means_domain = 1; -# $sql_select_policy = -# 'SELECT *, user.id'. -# ' FROM (SELECT 1 as id, 99 as policy_id, "Y" AS local'. -# ' FROM postfix_domains WHERE domain_name IN (%k)) AS user'. -# ' LEFT JOIN policy ON policy_id=policy.id'; - -# If passing malware to certain recipients ($final_*_destiny=D_PASS or -# *_lovers), the recipient-based lookup tables @@addr_extension_*_maps may -# return a string, which (if nonempty) will be added as an address extension -# to the local-part of the recipient's address. This extension may be used -# by the final local delivery agent (LDA) to place such mail into different -# subfolders (the extension is usually interpreted as a folder name). -# This is sometimes known as the 'plus addressing'. Appending address -# extensions is prevented when: -# - recipient does not match lookup tables @@local_domains_maps; -# - lookup into corresponding @@addr_extension_*_maps results -# in an empty string or undef; -# - $recipient_delimiter is empty (see below) -# LDAs usually default to stripping away address extension if no special -# handling is specified or if a named subfolder or alias does not exist, -# so adding address extensions normally does no harm. - -# @@addr_extension_virus_maps = ('virus'); # defaults to empty -# @@addr_extension_spam_maps = ('spam'); # defaults to empty -# @@addr_extension_banned_maps = ('banned'); # defaults to empty -# @@addr_extension_bad_header_maps = ('badh'); # defaults to empty -# -# A more complex example: -# @@addr_extension_virus_maps = ( -# {'sub.example.com'=>'infected', '.example.com'=>'filtered'}, 'virus' ); - -# Delimiter between local part of the envelope recipient address and address -# extension (which can optionally be added, see @@addr_extension_*_maps. E.g. -# recipient address is changed to . -# -# Delimiter must match the equivalent (final) MTA delimiter setting. -# (e.g. for Postfix add 'recipient_delimiter = +' to main.cf) -# Setting it to an empty string or to undef disables adding extensions -# regardless of $addr_extension_*_maps. - -# $recipient_delimiter = '+'; # (default is undef, i.e. disabled) - -# true: replace extension; false: append extension -# $replace_existing_extension = 1; # (default is true) - -# Affects matching of localpart of e-mail addresses (left of '@@') -# in lookups: true = case sensitive, false = case insensitive -$localpart_is_case_sensitive = 0; # (default is false) - - -# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING - -# Instead of hard black- or whitelisting, a softer approach is to add -# score points (penalties) to the SA score for mail from certain senders. -# Positive points lean towards blacklisting, negative towards whitelisting. -# This is much like adding SA rules or using its white/blacklisting, except -# that here only envelope sender addresses are considered (not addresses -# in a mail header), and that score points can be assigned per-recipient -# (or globally), and the assigned penalties are customarily much lower -# than the default SA white/blacklisting score. -# -# The table structure is similar to $per_recip_blacklist_sender_lookup_tables -# i.e. the first level key is recipient, pointing to by-sender lookup tables. -# The essential difference is that scores from _all_ matching by-recipient -# lookups (not just the first that matches) are summed to give the final -# score boost. That means that both the site and domain administrators, -# as well as the recipient can have a say on the final score. -# -# NOTE: keep hash keys in lowercase, either manually or by using function lc - -@@score_sender_maps = ({ # a by-recipient hash lookup table - -# # per-recipient personal tables (NOTE: positive: black, negative: white) -# 'user1@@example.com' => [{'bla-mobile.press@@example.com' => 10.0}], -# 'user3@@example.com' => [{'.ebay.com' => -3.0}], -# 'user4@@example.com' => [{'cleargreen@@cleargreen.com' => -7.0, -# '.cleargreen.com' => -5.0}], - - # site-wide opinions about senders (the '.' matches any recipient) - '.' => [ # the _first_ matching sender determines the score boost - - new_RE( # regexp-type lookup table, just happens to be all soft-blacklist - [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@@'i => 5.0], - [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@@'i=> 5.0], - [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@@'i=> 5.0], - [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@@'i => 5.0], - [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@@'i => 5.0], - [qr'^(your_friend|greatoffers)@@'i => 5.0], - [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@@'i => 5.0], - [ qr'@@strato(?:-rz)\.de$'i => -5.0 ], - [ qr'^Doris\.Hennig@@BA-MH\.Verwalt-Berlin\.de$'i => -5.0 ], - [ qr'^doris@@hennig-berlin\.org$'i => -5.0 ], - ), - -# read_hash("/var/amavis/sender_scores_sitewide"), - - { # a hash-type lookup table (associative array) - 'nobody@@cert.org' => -3.0, - 'cert-advisory@@us-cert.gov' => -3.0, - 'owner-alert@@iss.net' => -3.0, - 'slashdot@@slashdot.org' => -3.0, - 'securityfocus.com' => -3.0, - 'ntbugtraq@@listserv.ntbugtraq.com' => -3.0, - 'security-alerts@@linuxsecurity.com' => -3.0, - 'mailman-announce-admin@@python.org' => -3.0, - 'amavis-user-admin@@lists.sourceforge.net'=> -3.0, - 'amavis-user-bounces@@lists.sourceforge.net' => -3.0, - 'spamassassin.apache.org' => -3.0, - 'notification-return@@lists.sophos.com' => -3.0, - 'owner-postfix-users@@postfix.org' => -3.0, - 'owner-postfix-announce@@postfix.org' => -3.0, - 'owner-sendmail-announce@@lists.sendmail.org' => -3.0, - 'sendmail-announce-request@@lists.sendmail.org' => -3.0, - 'donotreply@@sendmail.org' => -3.0, - 'ca+envelope@@sendmail.org' => -3.0, - 'noreply@@freshmeat.net' => -3.0, - 'owner-technews@@postel.acm.org' => -3.0, - 'ietf-123-owner@@loki.ietf.org' => -3.0, - 'cvs-commits-list-admin@@gnome.org' => -3.0, - 'rt-users-admin@@lists.fsck.com' => -3.0, - 'clp-request@@comp.nus.edu.sg' => -3.0, - 'surveys-errors@@lists.nua.ie' => -3.0, - 'emailnews@@genomeweb.com' => -5.0, - 'yahoo-dev-null@@yahoo-inc.com' => -3.0, - 'returns.groups.yahoo.com' => -3.0, - 'clusternews@@linuxnetworx.com' => -3.0, - lc('lvs-users-admin@@LinuxVirtualServer.org') => -3.0, - lc('owner-textbreakingnews@@CNNIMAIL12.CNN.COM') => -5.0, - 'niels@@google.com' => -3.0, - 'kameu@@gmx.de' => -3.0, - - # soft-blacklisting (positive score) - 'sender@@example.net' => 3.0, - '.example.net' => 1.0, - - }, - ], # end of site-wide tables -}); - - -# ENVELOPE SENDER WHITELISTING / BLACKLISTING - GLOBAL (RECIPIENT-INDEPENDENT) -# (affects spam checking only, has no effect on virus and other checks) - -# WHITELISTING: use ENVELOPE SENDER lookups to ENSURE DELIVERY from whitelisted -# senders even if the message would be recognized as spam. Effectively, for -# the specified senders, message recipients temporarily become 'spam_lovers'. -# To avoid surprises, whitelisted sender also suppresses inserting/editing -# the tag2-level header fields (X-Spam-*, Subject), appending spam address -# extension, and quarantining. -# -# BLACKLISTING: messages from specified SENDERS are DECLARED SPAM. -# Effectively, for messages from blacklisted envelope sender addresses, spam -# level is artificially pushed high, and the normal spam processing applies, -# resulting in 'X-Spam-Flag: YES', high 'X-Spam-Level' bar and other usual -# reactions to spam, including possible rejection. If the message nevertheless -# still passes (e.g. for spam loving recipients), it is tagged as BLACKLISTED -# in the 'X-Spam-Status' header field, but the reported spam value and -# set of tests in this report header field (if available from SpamAssassin, -# which may or may not have been called) is not adjusted. -# -# A sender may be both white- and blacklisted at the same time, settings -# are independent. For example, being both white- and blacklisted, message -# is delivered to recipients, but is not tagged as spam (X-Spam-Flag: No; -# X-Spam-Status: No, ...), but the reported spam level (if computed) may -# still indicate high spam score. -# -# If ALL recipients of the message either white- or blacklist the sender, -# spam scanning (calling the SpamAssassin) is bypassed, saving on time. -# -# The following variables (lists of lookup tables) are available, -# with the semantics and syntax as specified in README.lookups: -# @@whitelist_sender_maps, @@blacklist_sender_maps - -# SOME EXAMPLES: -# -#ACL: -# @@whitelist_sender_maps = ( ['.example.org', '.example.net'] ); -# @@whitelist_sender_maps = ( [qw(.example.org .example.net)] ); # same thing -# -# @@whitelist_sender_maps = ( [".$mydomain"] ); # $mydomain and its subdomains -# NOTE: This is not a reliable way of turning off spam checks for -# locally-originating mail, as sender address can easily be faked. -# To reliably avoid spam-scanning outgoing mail, use @@bypass_spam_checks_maps -# for nonlocal recipients. To reliably avoid spam scanning for locally -# originating mail (including internal-to-internal mail), recognized by -# the original SMTP client IP address matching @@mynetworks, use policy bank -# MYNETS, adjust @@mynetworks, and turn on XFORWARD in the Postfix smtp client -# service feeding amavisd. - -#with regexps: -# @@whitelist_sender_maps = ( new_RE( -# qr'^postmaster@@.*\bexample\.com$'i, -# qr'^owner-[^@@]*@@'i, qr'-request@@'i, -# qr'\.example\.com$'i -# )); - - -# illustrates the use of regexp lookup table: - -@@blacklist_sender_maps = ( new_RE( - qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@@'i, - qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@@'i, - qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@@'i, - qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@@'i, - qr'^(workathome|yesitsfree|your_friend|greatoffers)@@'i, - qr'^(inkjetplanet|marketopt|MakeMoney)\d*@@'i, -)); - - -# NOTE: whitelisting is becoming deprecated because sender address is -# all too often faked; use @@score_sender_maps for soft-whitelisting! -# -# Illustrates the use of several lookup tables: -# -# @@whitelist_sender_maps = ( -# -# # read_hash("$MYHOME/whitelist_sender"), # a hash table read from a file -# -# # and another hash lookup table constructed in-line, with keys lowercased: -# { map {lc $_ => 1} qw( -# nobody@@cert.org -# cert-advisory@@us-cert.gov -# owner-alert@@iss.net -# slashdot@@slashdot.org -# bugtraq@@securityfocus.com -# NTBUGTRAQ@@LISTSERV.NTBUGTRAQ.COM -# security-alerts@@linuxsecurity.com -# amavis-user-admin@@lists.sourceforge.net -# amavis-user-bounces@@lists.sourceforge.net -# notification-return@@lists.sophos.com -# mailman-announce-admin@@python.org -# owner-postfix-users@@postfix.org -# owner-postfix-announce@@postfix.org -# owner-sendmail-announce@@lists.sendmail.org -# sendmail-announce-request@@lists.sendmail.org -# owner-technews@@postel.ACM.ORG -# lvs-users-admin@@LinuxVirtualServer.org -# ietf-123-owner@@loki.ietf.org -# cvs-commits-list-admin@@gnome.org -# rt-users-admin@@lists.fsck.com -# clp-request@@comp.nus.edu.sg -# surveys-errors@@lists.nua.ie -# emailNews@@genomeweb.com -# owner-textbreakingnews@@CNNIMAIL12.CNN.COM -# yahoo-dev-null@@yahoo-inc.com -# returns.groups.yahoo.com -# )}, -# -# # { '' => 1 }, # and another one, containing just an empty reverse path (DSN) -# -# ); - - -# ENVELOPE SENDER WHITELISTING / BLACKLISTING - PER-RECIPIENT - -# The same semantics as for global white/blacklisting applies, but this -# time each recipient (or its domain, or subdomain, ...) can be given -# an individual lookup table for matching senders. The per-recipient lookups -# take precedence over the global lookups, which serve as a fallback default. - -# Specify a two-level lookup table: the key for the outer table is recipient, -# and the result should be an inner lookup table (hash or ACL or RE), -# where the key used will be the sender. (Note that this structure is flatter -# than @@score_sender_maps, where the first level result is a ref to a _list_ -# of inner lookup tables, not a ref to a single lookup table.) -# -#$per_recip_blacklist_sender_lookup_tables = { -# 'user1@@my.example.com'=>new_RE(qr'^(inkjetplanet|marketopt|MakeMoney)\d*@@'i), -# 'user2@@my.example.com'=>[qw( spammer@@d1.example,org .d2.example,org )], -#}; -#$per_recip_whitelist_sender_lookup_tables = { -# 'user@@my.example.com' => [qw( friend@@example.org .other.example.org )], -# '.my1.example.com' => [qw( !foe.other.example,org .other.example,org )], -# '.my2.example.com' => read_hash("$MYHOME/my2-wl.dat"), -# 'abuse@@' => { 'postmaster@@'=>1, -# 'cert-advisory-owner@@cert.org'=>1, 'owner-alert@@iss.net'=>1 }, -#}; - - -# -# Section VI - Resource limits -# - -# Sanity limit to the number of allowed recipients per SMTP transaction -# $smtpd_recipient_limit = 1100; # (default is 1100) - -# Resource limits to protect unpackers, decompressors and virus scanners -# against mail bombs (e.g. 42.zip) - - -# Maximum recursion level for extraction/decoding (0 or undef disables limit) -$MAXLEVELS = 14; # (default is undef, no limit) - -# Maximum number of extracted files (0 or undef disables the limit) -$MAXFILES = 1500; # (default is undef, no limit) - -# For the cumulative total of all decoded mail parts we set max storage size -# to defend against mail bombs. Even though parts may be deleted (replaced -# by decoded text) during decoding, the size they occupied is _not_ returned -# to the quota pool. -# -# Parameters to storage quota formula for unpacking/decoding/decompressing -# Formula: -# quota = max($MIN_EXPANSION_QUOTA, -# $mail_size*$MIN_EXPANSION_FACTOR, -# min($MAX_EXPANSION_QUOTA, $mail_size*$MAX_EXPANSION_FACTOR)) -# In plain words (later condition overrules previous ones): -# allow MAX_EXPANSION_FACTOR times initial mail size, -# but not more than MAX_EXPANSION_QUOTA, -# but not less than MIN_EXPANSION_FACTOR times initial mail size, -# but never less than MIN_EXPANSION_QUOTA -# -$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) -$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) -$MIN_EXPANSION_FACTOR = 5; # times original mail size (default is 5) -$MAX_EXPANSION_FACTOR = 500; # times original mail size (default is 500) - -# expiration time of cached results: time to live in seconds -# (how long the result of a virus/spam test remains valid) -$virus_check_negative_ttl= 3*60; # time to remember that mail was not infected -$virus_check_positive_ttl= 30*60; # time to remember that mail was infected -$spam_check_negative_ttl = 10*60; # time to remember that mail was not spam -$spam_check_positive_ttl = 30*60; # time to remember that mail was spam -# -# NOTE: -# Cache size will be determined by the largest of the $*_ttl values. -# Depending on the mail rate, the cache database may grow quite large. -# Reasonable compromise for the max value is 15 minutes to 2 hours. - -# -# Section VII - External programs, virus scanners -# - -# Specify a path string, which is a colon-separated string of directories -# (no trailing slashes!) to be assigned to the environment variable PATH -# and to serve for locating external programs below. - -# NOTE: if $daemon_chroot_dir is nonempty, the directories will be -# relative to the chroot directory specified; - -$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/bin'; - -# For external programs specify one string or a search list of strings (first -# match wins). The string (or: each string in a list) may be an absolute path, -# or just a program name, to be located via $path; -# Empty string or undef (=default) disables the use of that external program. -# Optionally command arguments may be specified - only the first substring -# up to the whitespace is used for file searching. - -$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability -$dspam = 'dspam'; - -# A list of pairs or n-tuples: [short-type, code_ref, optional-args...]. -# Maps short types to a decoding routine, the first match wins. -# Arguments beyond the first two can be program path string (or a listref of -# paths to be searched) or a reference to a variable containing such a path, -# which allows for lazy evaluation, making possible to assign values to -# legacy configuration variables even after the assignment to @@decoders. -# -@@decoders = ( - ['mail', \&do_mime_decode], - ['asc', \&do_ascii], - ['uue', \&do_ascii], - ['hqx', \&do_ascii], - ['ync', \&do_ascii], - ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ], - ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ], - ['gz', \&do_uncompress, 'gzip -d'], - ['gz', \&do_gunzip], - ['bz2', \&do_uncompress, 'bzip2 -d'], - ['lzo', \&do_uncompress, 'lzop -d'], - ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ], - ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ], - ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ], - ['deb', \&do_ar, 'ar'], -# ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill - ['zip', \&do_unzip], - ['7z', \&do_7zip, ['7zr','7za','7z'] ], - ['rar', \&do_unrar, ['rar','unrar'] ], - ['arj', \&do_unarj, ['arj','unarj'] ], - ['arc', \&do_arc, ['nomarch','arc'] ], - ['zoo', \&do_zoo, ['zoo','unzoo'] ], - ['lha', \&do_lha, 'lha'], -# ['doc', \&do_ole, 'ripole'], - ['cab', \&do_cabextract, 'cabextract'], - ['tnef', \&do_tnef_ext, 'tnef'], - ['tnef', \&do_tnef], -# ['sit', \&do_unstuff, 'unstuff'], # broken/unsafe decoder - ['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ], -); - - -# SpamAssassin settings - -# $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value -# of the option local_tests_only. See Mail::SpamAssassin man page. -# If set to 1, no SA tests that require internet access will be performed. -# -$sa_local_tests_only = 0; # only tests which do not require internet access? -#$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant - # for SA 3.0, its cf option is use_auto_whitelist) - -$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger - # (less than 1% of spam is > 64k) - # default: undef, no limitations - -# default values, customarily used in the @@spam_*_level_maps as the last entry -$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level; - # undef is interpreted as lower than any spam level -$sa_tag2_level_deflt = 6.31;# add 'spam detected' headers at that level to - # passed mail, adding address extensions; -$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions - # at or above that level: bounce/reject/drop, - # quarantine -$sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, - # effectively turning D_BOUNCE into D_DISCARD; - # undef disables this feature and is a default; -# see also $sa_quarantine_cutoff_level above, which only controls quarantining - -# $penpals_bonus_score = 5; # (positive) score by which spam score is lowered - # when sender is known to have previously received mail from our - # local user from this mail system; zero or undef disables penpals - # lookups in SQL; default: undef -# $penpals_halflife = 10*24*60*60; #exponential decay time constant in seconds; - # penpal bonus is halved for each halflife period from the last mail - # sent by a local user to a current mail's sender; default: 7 days -# $penpals_threshold_low = 1.0; # no need for pen pals lookup on low spam score -# $penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam - -# $bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces - # bounce killer needs operational SQL logging (pen pals) ! - -# advanced example specifying per-recipient values using a hash lookup: -#@@spam_tag_level_maps = (\$sa_tag_level_deflt); # this is a default -#@@spam_tag2_level_maps = ( -# { 'user1@@example.com' => 8.0, '.example.com' => 6.0 }, -# \$sa_tag2_level_deflt, # catchall default -#); -#@@spam_kill_level_maps = ( -# { 'user1@@example.com' => 8.0, '.example.com' => 6.0 }, -# \$sa_kill_level_deflt, # catchall default -#); -#@@spam_dsn_cutoff_level_maps = ( -# { 'user1@@example.com' => 10, '.example.com' => 15 }, -# \$sa_dsn_cutoff_level, # catchall default -#); - -# selectively trim down bounces to domains sending their own bounces with -# non-null return path, to frequently abused domains, or to those sending -# marginal spam -@@spam_dsn_cutoff_level_bysender_maps = ( - { # an associative array (hash) lookup table, use lowercase keys - 'virgilio.it' => 7, 'mail.ru' => 7, '0451.com' => 7, - 'yahoo.co.uk' => 7, 'yahoo.co.jp' => 7, 'nobody@@' => 7, - 'noreply@@' => 0, 'no-reply@@' => 0, 'donotreply@@' => 0, - 'opt-in@@' => 0, 'opt-out@@' => 0, 'yahoo-dev-null@@' => 0, - '.optin-out.com' => 0, 'daily@@astrocenter.com' => 0, - 'spamadmin@@fraunhofer.de'=> 7, # Sophos PureMessage spam bounces - }, - \$sa_dsn_cutoff_level, # catchall default value -); - -# a quick reference: -# tag_level contents category: CC_CLEAN, -# controls adding the X-Spam-Status and X-Spam-Level headers, -# tag2_level contents category: CC_SPAMMY, -# controls adding 'X-Spam-Flag: YES', editing (tagging) Subject, -# and adding address extensions, -# tag3_level contents category: CC_SPAMMY, minor category 1, -# like tag2, but may insert different Subject tag -# e.g. @@spam_subject_tag3_maps=('***BLATANT*SPAM*** '); -# kill_level contents category: CC_SPAM, -# controls 'evasive actions' (reject, quarantine); -# it only makes sense to maintain the relationship: -# tag_level <= tag2_level <= tag3_level <= kill_level < -# < dsn_cutoff_level <= quarantine_cutoff_level - -# string to prepend to Subject header field when message exceeds tag2 level -#$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled) - # (only seen when spam is passed and recipient is - # in local_domains*) -# more examples, using @@*_maps directly: -#@@spam_subject_tag_maps = ('[possible-spam:_SCORE_] '); -#@@spam_subject_tag2_maps = ('***SPAM*** _SCORE_ (_REQD_) '); -#@@spam_subject_tag3_maps = ('***BLATANT*SPAM**** _SCORE_ (_REQD_) '); -# another examples, using _maps_by_ccat: -#$subject_tag_maps_by_ccat{+CC_CLEAN} = [ -# { lc('TestUser@@example.net') => -# '**TEST:_U_,hits=_SCORE_,req=_REQD_,amid=_TASKID_,mid=_MAILID_**' } ]; - -#$sa_spam_modifies_subj = 1; # in @@spam_modifies_subj_maps, default is true - -# Example: modify Subject for all local recipients except user@@example.com -#@@spam_modifies_subj_maps = ( [qw( !user@@example.com . )] ); - -#$sa_spam_level_char = '*'; # char for X-Spam-Level bar, defaults to '*'; - # undef or empty disables inserting X-Spam-Level -#$sa_spam_report_header = 0; # insert X-Spam-Report header field? default false - -# stop anti-virus scanning when the first scanner detects a virus? -#$first_infected_stops_scan = 1; # default is false, all scanners in a section - # are called - -# @@av_scanners is a list of n-tuples, where fields semantics is: -# 1. av scanner plain name, to be used in log and reports; -# 2a.scanner program name; this string will be submitted to subroutine -# find_external_programs(), which will try to find the full program path -# name during startup; if program is not found, this scanner is disabled. -# Besides a simple string (full program path name or just the basename -# to be looked for in PATH), this may be an array ref of alternative -# program names or full paths - the first match in the list will be used; -# 2b.alternatively, this second field may be a subroutine reference, -# and the whole n-tuple entry is passed to it as args; it should return -# a triple: ($scan_status,$output,$virusnames_ref), where: -# - $scan_status is: true if a virus was found, 0 if no viruses, -# undef if scanner was unable to complete its job (failed); -# - $output is an optional result string to appear in logging and macro %v; -# - $virusnames_ref is a ref to a list of detected virus names (may be -# undef or a ref to an empty list); -# 3. command arguments to be given to the scanner program; -# a substring {} will be replaced by the directory name to be scanned, i.e. -# "$tempdir/parts", a "*" will be replaced by base file names of parts; -# 4. an array ref of av scanner exit status values, or a regexp (to be -# matched against scanner output), indicating NO VIRUSES found; -# a special case is a value undef, which does not claim file to be clean -# (i.e. it never matches, similar to []), but suppresses a failure warning; -# to be used when the result is inconclusive (useful for specialized and -# quick partial scanners such as jpeg checker); -# 5. an array ref of av scanner exit status values, or a regexp (to be -# matched against scanner output), indicating VIRUSES WERE FOUND; -# a value undef may be used and it never matches (for consistency with 4.); -# Note: the virus match prevails over a 'not found' match, so it is safe -# even if the no. 4. matches for viruses too; -# 6. a regexp (to be matched against scanner output), returning a list -# of virus names found, or a sub ref, returning such a list when given -# scanner output as argument; -# 7. and 8.: (optional) subroutines to be executed before and after scanner -# (e.g. to set environment or current directory); -# see examples for these at KasperskyLab AVP and NAI uvscan. - -# NOTES: -# -# - NOT DEFINING @@av_scanners (e.g. setting it to empty list, or deleting the -# whole assignment) TURNS OFF LOADING AND COMPILING OF THE ANTIVIRUS CODE -# (which can be handy if all you want to do is spam scanning); -# -# - the order matters: although _all_ available entries from the list -# are tried regardless of their verdict, scanners are run in the order -# specified: the report from the first one detecting a virus will be used -# (providing virus names and scanner output); REARRANGE THE ORDER TO WILL; -# see also $first_infected_stops_scan; -# -# - it doesn't hurt to keep an unused command line scanner entry in the list -# if the program can not be found; the path search is only performed once -# during the program startup; -# -# COROLLARY: to disable a scanner that _does_ exist on your system, -# comment out its entry or use undef or '' as its program name/path -# (second parameter). An example where this is almost a must: disable -# Sophos 'sweep' if you have its daemonized version Sophie or SAVI-Perl -# (same for Trophie/vscan, and clamd/clamscan), or if another unrelated -# program happens to have a name matching one of the entries ('sweep' -# again comes to mind); -# -# - it DOES HURT to keep unwanted entries which use INTERNAL SUBROUTINES -# for interfacing (where the second parameter starts with \&). -# Keeping such entry and not having a corresponding virus scanner daemon -# causes an unnecessary connection attempt (which eventually times out, -# but it wastes precious time). For this reason the daemonized entries -# are commented in the distribution - just remove the '#' where needed. -# -# CERT list of av resources: http://www.cert.org/other_sources/viruses.html - -@@av_scanners = ( - -# ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/) -# ['Sophie', -# \&ask_daemon, ["{}/\n", '/var/run/sophie'], -# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, -# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], - -# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/ -# ['Sophos SAVI', \&sophos_savi ], - -### http://www.clamav.net/ -['ClamAV-clamd', - \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], - qr/\bOK$/m, qr/\bFOUND$/m, - qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], -# NOTE: run clamd under the same user as amavisd, or run it under its own -# uid such as clamav, add user clamav to the amavis group, and then add -# AllowSupplementaryGroups to clamd.conf; -# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in -# this entry; when running chrooted one may prefer socket "$MYHOME/clamd". - -# ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) -# # note that Mail::ClamAV requires perl to be build with threading! -# ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/m ], - -# ### http://www.openantivirus.org/ -# ['OpenAntiVirus ScannerDaemon (OAV)', -# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'], -# qr/^OK/m, qr/^FOUND: /m, qr/^FOUND: (.+)/m ], - -# ### http://www.vanja.com/tools/trophie/ -# ['Trophie', -# \&ask_daemon, ["{}/\n", '/var/run/trophie'], -# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, -# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], - -# ### http://www.grisoft.com/ -# ['AVG Anti-Virus', -# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'], -# qr/^200/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ], - -# ### http://www.f-prot.com/ -# ['F-Prot fpscand', # F-PROT Antivirus for BSD/Linux/Solaris, version 6 -# \&ask_daemon, -# ["SCAN FILE {}/*\n", '127.0.0.1:10200'], -# qr/^(0|8|64) /m, -# qr/^([1235679]|1[01345]) |<[^>:]*(?i)(infected|suspicious|unwanted)/m, -# qr/(?i)<[^>:]*(?:infected|suspicious|unwanted)[^>:]*: ([^>]*)>/m ], - -# ### http://www.f-prot.com/ -# ['F-Prot f-protd', # old version -# \&ask_daemon, -# ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n", -# ['127.0.0.1:10200', '127.0.0.1:10201', '127.0.0.1:10202', -# '127.0.0.1:10203', '127.0.0.1:10204'] ], -# qr/(?i)]*>clean<\/summary>/m, -# qr/(?i)]*>infected<\/summary>/m, -# qr/(?i)(.+)<\/name>/m ], - -# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/ -# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later -# [pack('N',1). # DRWEBD_SCAN_CMD -# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES -# pack('N', # path length -# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")). -# '{}/*'. # path -# pack('N',0). # content size -# pack('N',0), -# '/var/drweb/run/drwebd.sock', -# # '/var/amavis/var/run/drwebd.sock', # suitable for chroot -# # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default -# # '127.0.0.1:3000', # or over an inet socket -# ], -# qr/\A\x00[\x10\x11][\x00\x10]\x00/sm, # IS_CLEAN,EVAL_KEY; SKIPPED -# qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/sm,# KNOWN_V,UNKNOWN_V,V._MODIF -# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/sm, -# ], -# # NOTE: If using amavis-milter, change length to: -# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx"). - - ### http://www.kaspersky.com/ (kav4mailservers) - ['KasperskyLab AVP - aveclient', - ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient', - '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'], - '-p /var/run/aveserver -s {}/*', - [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m, - qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m, - ], - # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious, - # currupted or protected archives are to be handled - - ### http://www.kaspersky.com/ - ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'], - '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ? - qr/infected: (.+)/m, - sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"}, - sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, - ], - - ### The kavdaemon and AVPDaemonClient have been removed from Kasperky - ### products and replaced by aveserver and aveclient - ['KasperskyLab AVPDaemonClient', - [ '/opt/AVP/kavdaemon', 'kavdaemon', - '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient', - '/opt/AVP/AvpTeamDream', 'AvpTeamDream', - '/opt/AVP/avpdc', 'avpdc' ], - "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ], - # change the startup-script in /etc/init.d/kavd to: - # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis" - # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" ) - # adjusting /var/amavis above to match your $TEMPBASE. - # The '-f=/var/amavis' is needed if not running it as root, so it - # can find, read, and write its pid file, etc., see 'man kavdaemon'. - # defUnix.prf: there must be an entry "*/var/amavis" (or whatever - # directory $TEMPBASE specifies) in the 'Names=' section. - # cd /opt/AVP/DaemonClients; configure; cd Sample; make - # cp AvpDaemonClient /opt/AVP/ - # su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}" - - ### http://www.centralcommand.com/ - ['CentralCommand Vexira (new) vascan', - ['vascan','/usr/lib/Vexira/vascan'], - "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". - "--log=/var/log/vascan.log {}", - [0,3], [1,2,5], - qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ], - # Adjust the path of the binary and the virus database as needed. - # 'vascan' does not allow to have the temp directory to be the same as - # the quarantine directory, and the quarantine option can not be disabled. - # If $QUARANTINEDIR is not used, then another directory must be specified - # to appease 'vascan'. Move status 3 to the second list if password - # protected files are to be considered infected. - - ### http://www.avira.com/ - ### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus - ['Avira AntiVir', ['antivir','vexira'], - '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, - qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | - (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ], - # NOTE: if you only have a demo version, remove -z and add 214, as in: - # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, - - ### http://www.commandsoftware.com/ - ['Command AntiVirus for Linux', 'csav', - '-all -archive -packed {}', [50], [51,52,53], - qr/Infection: (.+)/m ], - - ### http://www.symantec.com/ - ['Symantec CarrierScan via Symantec CommandLineScanner', - 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}', - qr/^Files Infected:\s+0$/m, qr/^Infected\b/m, - qr/^(?:Info|Virus Name):\s+(.+)/m ], - - ### http://www.symantec.com/ - ['Symantec AntiVirus Scan Engine', - 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}', - [0], qr/^Infected\b/m, - qr/^(?:Info|Virus Name):\s+(.+)/m ], - # NOTE: check options and patterns to see which entry better applies - -# ### http://www.f-secure.com/products/anti-virus/ version 4.65 -# ['F-Secure Antivirus for Linux servers', -# ['/opt/f-secure/fsav/bin/fsav', 'fsav'], -# '--delete=no --disinf=no --rename=no --archive=yes --auto=yes '. -# '--dumb=yes --list=no --mime=yes {}', [0], [3,6,8], -# qr/(?:infection|Infected|Suspected): (.+)/m ], - - ### http://www.f-secure.com/products/anti-virus/ version 5.52 - ['F-Secure Antivirus for Linux servers', - ['/opt/f-secure/fsav/bin/fsav', 'fsav'], - '--virus-action1=report --archive=yes --auto=yes '. - '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8], - qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], - # NOTE: internal archive handling may be switched off by '--archive=no' - # to prevent fsav from exiting with status 9 on broken archives - -# ### http://www.avast.com/ -# ['avast! Antivirus daemon', -# \&ask_daemon, # greets with 220, terminate with QUIT -# ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'], -# qr/\t\[\+\]/m, qr/\t\[L\]\t/m, qr/\t\[L\]\t([^[ \t\015\012]+)/m ], - -# ### http://www.avast.com/ -# ['avast! Antivirus - Client/Server Version', 'avastlite', -# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1], -# qr/\t\[L\]\t([^[ \t\015\012]+)/m ], - - ['CAI InoculateIT', 'inocucmd', # retired product - '-sec -nex {}', [0], [100], - qr/was infected by virus (.+)/m ], - # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html - - ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT) - ['CAI eTrust Antivirus', 'etrust-wrapper', - '-arc -nex -spm h {}', [0], [101], - qr/is infected by virus: (.+)/m ], - # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer - # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 - - ### http://mks.com.pl/english.html - ['MkS_Vir for Linux (beta)', ['mks32','mks'], - '-s {}/*', [0], [1,2], - qr/--[ \t]*(.+)/m ], - - ### http://mks.com.pl/english.html - ['MkS_Vir daemon', 'mksscan', - '-s -q {}', [0], [1..7], - qr/^... (\S+)/m ], - -# ### http://www.nod32.com/, version v2.52 (old) -# ['ESET NOD32 for Linux Mail servers', -# ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'], -# '--subdir --files -z --sfx --rtp --adware --unsafe --pattern --heur '. -# '-w -a --action-on-infected=accept --action-on-uncleanable=accept '. -# '--action-on-notscanned=accept {}', -# [0,3], [1,2], qr/virus="([^"]+)"/m ], - -# ### http://www.eset.com/, version v2.7 (old) -# ['ESET NOD32 Linux Mail Server - command line interface', -# ['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'], -# '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/m ], - -# ### http://www.eset.com/, version 2.71.12 -# ['ESET Software ESETS Command Line Interface', -# ['/usr/bin/esets_cli', 'esets_cli'], -# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ], - - ### http://www.eset.com/, version 3.0 - ['ESET Software ESETS Command Line Interface', - ['/usr/bin/esets_cli', 'esets_cli'], - '--subdir {}', [0], [1,2,3], - qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ], - - ## http://www.nod32.com/, NOD32LFS version 2.5 and above - ['ESET NOD32 for Linux File servers', - ['/opt/eset/nod32/sbin/nod32','nod32'], - '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '. - '-w -a --action=1 -b {}', - [0], [1,10], qr/^object=.*, virus="(.*?)",/m ], - -# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31 -# ['ESET Software NOD32 Client/Server (NOD32SS)', -# \&ask_daemon2, # greets with 200, persistent, terminate with QUIT -# ["SCAN {}/*\r\n", '127.0.0.1:8448' ], -# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ], - - ### http://www.norman.com/products_nvc.shtml - ['Norman Virus Control v5 / Linux', 'nvcc', - '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14], - qr/(?i).* virus in .* -> \'(.+)\'/m ], - - ### http://www.pandasoftware.com/ - ['Panda CommandLineSecure 9 for Linux', - ['/opt/pavcl/usr/bin/pavcl','pavcl'], - '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', - qr/Number of files infected[ .]*: 0+(?!\d)/m, - qr/Number of files infected[ .]*: 0*[1-9]/m, - qr/Found virus :\s*(\S+)/m ], - # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' - # before starting amavisd - the bases are then loaded only once at startup. - # To reload bases in a signature update script: - # /opt/pavcl/usr/bin/pavcl -tsr -ulr; /opt/pavcl/usr/bin/pavcl -tsr - # Please review other options of pavcl, for example: - # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies - -# ### http://www.pandasoftware.com/ -# ['Panda Antivirus for Linux', ['pavcl'], -# '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}', -# [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0], -# qr/Found virus :\s*(\S+)/m ], - -# GeCAD AV technology is acquired by Microsoft; RAV has been discontinued. -# Check your RAV license terms before fiddling with the following two lines! -# ['GeCAD RAV AntiVirus 8', 'ravav', -# '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/m ], -# # NOTE: the command line switches changed with scan engine 8.5 ! -# # (btw, assigning stdin to /dev/null causes RAV to fail) - - ### http://www.nai.com/ - ['NAI McAfee AntiVirus (uvscan)', 'uvscan', - '--secure -rv --mime --summary --noboot --mailbox --program --timeout 180 - {}', [0], [13], - qr/(?x) Found (?: - \ the\ (.+)\ (?:virus|trojan) | - \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | - :\ (.+)\ NOT\ a\ virus)/m, - # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'}, - # sub {delete $ENV{LD_PRELOAD}}, - ], - # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before - # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6 - # and then clear it when finished to avoid confusing anything else. - # NOTE2: to treat encrypted files as viruses replace the [13] with: - # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/ - - ### http://www.virusbuster.hu/en/ - ['VirusBuster', ['vbuster', 'vbengcl'], - "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1], - qr/: '(.*)' - Virus/m ], - # VirusBuster Ltd. does not support the daemon version for the workstation - # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of - # binaries, some parameters AND return codes have changed (from 3 to 1). - # See also the new Vexira entry 'vascan' which is possibly related. - -# ### http://www.virusbuster.hu/en/ -# ['VirusBuster (Client + Daemon)', 'vbengd', -# '-f -log scandir {}', [0], [3], -# qr/Virus found = (.*);/m ], -# # HINT: for an infected file it always returns 3, -# # although the man-page tells a different story - - ### http://www.cyber.com/ - ['CyberSoft VFind', 'vfind', - '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m, - # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'}, - ], - - ### http://www.avast.com/ - ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'], - '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ], - - ### http://www.ikarus-software.com/ - ['Ikarus AntiVirus for Linux', 'ikarus', - '{}', [0], [40], qr/Signature (.+) found/m ], - - ### http://www.bitdefender.com/ - ['BitDefender', 'bdscan', # new version - '--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/m, - qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, - qr/(?:suspected|infected): (.*)(?:\033|$)/m ], - - ### http://www.bitdefender.com/ - ['BitDefender', 'bdc', # old version - '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m, - qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, - qr/(?:suspected|infected): (.*)(?:\033|$)/m ], - # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may - # not apply to your version of bdc, check documentation and see 'bdc --help' - - ### ArcaVir for Linux and Unix http://www.arcabit.pl/ - ['ArcaVir for Linux', ['arcacmd','arcacmd.static'], - '-v 1 -summary 0 -s {}', [0], [1,2], - qr/(?:VIR|WIR):[ \t]*(.+)/m ], - -# ['File::Scan', sub {Amavis::AV::ask_av(sub{ -# use File::Scan; my($fn)=@@_; -# my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0); -# my($vname) = $f->scan($fn); -# $f->error ? (2,"Error: ".$f->error) -# : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @@_) }, -# ["{}/*"], [0], [1], qr/^(.*) FOUND$/m ], - -# ### fully-fledged checker for JPEG marker segments of invalid length -# ['check-jpeg', -# sub { use JpegTester (); Amavis::AV::ask_av(\&JpegTester::test_jpeg, @@_) }, -# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], -# # NOTE: place file JpegTester.pm somewhere where Perl can find it, -# # for example in /usr/local/lib/perl5/site_perl - -# ### example: simpleminded checker for JPEG marker segments with -# ### invalid length (only checks first 32k, which is not thorough enough) -# ['check-jpeg-simple', -# sub { Amavis::AV::ask_av(sub { -# my($f)=@@_; local(*FF,$_,$1,$2); my(@@r)=(0,'not jpeg'); -# open(FF,$f) or die "jpeg: open err $f: $!"; -# binmode(FF) or die "jpeg: binmode err $f: $!"; -# defined read(FF,$_,32000) or die "jpeg: read err $f: $!"; -# close(FF) or die "jpeg: close err $f: $!"; -# if (/^\xff\xd8\xff/) { -# @@r=(0,'jpeg ok'); -# while (!/\G(?:\xff\xd9|\z)/gc) { # EOI or eof -# if (/\G\xff+(?=\xff|\z)/gc) {} # fill-bytes before marker -# elsif (/\G\xff([\x01\xd0-\xd8])/gc) {} # TEM, RSTi, SOI -# elsif (/\G\xff([^\x00\xff])(..)/gcs) { # marker segment start -# my($n)=unpack("n",$2)-2; -# $n=32766 if $n>32766; # Perl regexp limit -# if ($n<0) {@@r=(1,"bad jpeg: len=$n, pos=".pos); last} -# elsif (/\G.{$n}/gcs) {} # ok -# elsif (/\G.{0,$n}\z/gcs) {last} # truncated -# else {@@r=(1,"bad jpeg: unexpected, pos=".pos); last} -# } -# elsif (/\G[^\xff]+/gc) {} # ECS -# elsif (/\G(?:\xff\x00)+/gc) {} # ECS -# else {@@r=(2,"bad jpeg: unexpected char, pos=".pos); last} -# } -# }; @@r}, @@_) }, -# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], - -# ### an example/testing/template virus scanner (external), wastes 3 seconds -# ['wasteful sleeper example', -# '/bin/sleep', '3', # calls external program -# undef, undef, qr/no such/m ], - -# ### an example/testing/template virus scanner (internal), does nothing -# ['null', -# sub {}, ["{}"], # supplies its own subroutine, no external program -# undef, undef, qr/no such/m ], - -); - - -# If no virus scanners from the @@av_scanners list produce 'clean' nor -# 'infected' status (i.e. they all fail to run or the list is empty), -# then _all_ scanners from the @@av_scanners_backup list are tried -# (again, subject to $first_infected_stops_scan). When there are both -# daemonized and equivalent or similar command-line scanners available, -# it is customary to place slower command-line scanners in the -# @@av_scanners_backup list. The default choice is somewhat arbitrary, -# move entries from one list to another as desired, keeping main scanners -# in the primary list to avoid warnings. - -@@av_scanners_backup = ( - - ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV - ['ClamAV-clamscan', 'clamscan', - "--stdout --no-summary -r --tempdir=$TEMPBASE {}", - [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], - - ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6 - ['F-PROT Antivirus for UNIX', ['fpscan'], - '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10 - [0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3], - qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/m ], - - ### http://www.f-prot.com/ - backs up F-Prot Daemon (old) - ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'], - '-dumb -ai -archive -packed -server {}', [0,8], [3,6], # or: [0], [3,6,8], - qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ], - - ### http://www.trendmicro.com/ - backs up Trophie - ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'], - '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ], - - ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD - ['drweb - DrWeb Antivirus', # security LHA hole in Dr.Web 4.33 and earlier - ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'], - '-path={} -al -go -ot -cn -upn -ok-', - [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'m ], - - ### http://www.kaspersky.com/ - ['Kaspersky Antivirus v5.5', - ['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner', - '/opt/kav/5.5/kav4unix/bin/kavscanner', - '/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'], - '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25], - qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m, -# sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"}, -# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, - ], - -# Commented out because the name 'sweep' clashes with Debian and FreeBSD -# package/port of an audio editor. Make sure the correct 'sweep' is found -# in the path when enabling. -# -# ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl -# ['Sophos Anti Virus (sweep)', 'sweep', -# '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '. -# '--no-reset-atime {}', -# [0,2], qr/Virus .*? found/m, -# qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m, -# ], -# # other options to consider: -idedir=/usr/local/sav - -# Always succeeds and considers mail clean. -# Potentially useful when all other scanners fail and it is desirable -# to let mail continue to flow with no virus checking (when uncommented). -# ['always-clean', sub {0}], - -); - - -# -# Section VIII - Debugging -# - -# The most useful debugging tool is to run amavisd-new non-detached -# from a terminal window using command: # amavisd debug - -# Some more refined approaches: - -# If sender matches ACL, turn debugging fully up, just for this one message -#@@debug_sender_maps = ( ["test-sender\@@$mydomain"] ); -#@@debug_sender_maps = ( [qw( debug@@example.com debug@@example.net )] ); - -# May be useful along with @@debug_sender_maps: -# Prevent all decoded originals being deleted (replaced by decoded part) -#@@keep_decoded_original_maps = (1); - -# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd debug') -#$sa_debug = '1,all'; # defaults to false - - -# -# Section IX - Policy banks (dynamic policy switching) -# - -## Define some policy banks (sets of settings) and give them -## arbitrary names (the names '', 'MYNETS' and 'MYUSERS' have special meaning): -# -# $policy_bank{'ALT'} = { -# log_level => 3, -# syslog_ident => 'alt-amavis', -# syslog_facility => 'LOCAL3', -# inet_acl => [qw( 10.0.1.14 )], -# final_spam_destiny => D_PASS, final_bad_header_destiny => D_PASS, -# forward_method => 'smtp:*:*', -# notify_method => 'smtp:[127.0.0.1]:10025', -# virus_admin_maps => "abuse\@@$mydomain", -# spam_lovers_maps => [@@spam_lovers_maps, [qw( abuse@@example.com )]], -# spam_tag_level_maps => 2.1, -# spam_tag2_level_maps => 6.32, -# spam_kill_level_maps => 6.72, -# spam_dsn_cutoff_level_maps => 8, -# defang_spam => 1, -# local_client_bind_address => '10.11.12.13', -# localhost_name => 'amavis.example.com', -# smtpd_greeting_banner => -# '${helo-name} ${protocol} ${product} ${version-id} (${version-date}) TEST service ready'; -# auth_mech_avail => [qw(PLAIN LOGIN)], -# auth_required_inp => 1, -# auth_required_out => 1, -# amavis_auth_user => 'amavisd', amavis_auth_pass = 'tOpsecretX', -# av_scanners => [ # provide only 'free' scanners -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/, qr/\bFOUND$/, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/, -# ], -# ], -# av_scanners_backup => [ -# ['ClamAV-clamscan', 'clamscan', -# "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1], -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/, -# ], -# ], -# }; - -# NOTE: the use of policy banks for changing protocol on the input socket is -# only needed when different protocols need to be spoken on different sockets -# at the same time. For normal use just set globally e.g.: $protocol='AM.PDP'; -# -#$policy_bank{'AM.PDP-SOCK'} = { -# protocol => 'AM.PDP', # Amavis policy delegation protocol -# auth_required_release => 0, # do not require secret_id for amavisd-release -#}; -# -#$policy_bank{'AM.PDP-INET'} = { -# protocol => 'AM.PDP', # Amavis policy delegation protocol -# inet_acl => [qw( 127.0.0.1 [::1] )], # restrict to these IP addresses -#}; -# -## the name 'MYNETS' has special semantics: this policy bank gets loaded -## whenever MTA supplies the original SMTP client IP address (Postfix XFORWARD -## extension or a new AM.PDP protocol) and that address matches @@mynetworks. -# -# $terminate_dsn_on_notify_success = 1; -# $policy_bank{'MYNETS'} = { # mail originating from @@mynetworks -# originating => 1, # is true in MYNETS by deflt, but let's make it explicit -# terminate_dsn_on_notify_success => 0, -# spam_kill_level_maps => 6.9, -# syslog_facility => 'LOCAL4', # tell syslog to log to a separate file -# virus_admin_maps => ["virusalert\@@$mydomain"], # alert of internal viruses -# spam_admin_maps => ["spamalert\@@$mydomain"], # alert of internal spam -# bypass_spam_checks_maps => [1], # or: don't spam-check internal mail -# bypass_banned_checks_maps => [1], # don't banned-check internal mail -# warnbadhsender => 1, # warn local senders about their broken MUA -# banned_filename_maps => ['MYNETS-DEFAULT'], # more permissive banning rules -# spam_quarantine_cutoff_level_maps => undef, # quarantine all local spam -# spam_dsn_cutoff_level_maps => undef, # ensure NDN regardless of spam level -# spam_dsn_cutoff_level_bysender_maps => # but only from local domain senders -# [ { lc(".$mydomain") => undef, '.' => 15 } ], -# }; - -## the name 'MYUSERS' has special semantics: this policy bank gets loaded -## whenever the sender matches @@local_domains_maps. This only makes sense -## if local sender addresses can be trusted -- for example by requiring -## authentication before letting users send with their local address. -# -# $policy_bank{'MYUSERS'} = { -# final_virus_destiny => D_BOUNCE, # bounce only to authenticated local users -# final_banned_destiny=> D_BOUNCE, -# }; - -# Needed for Courier: speak courier protocol on the socket -#$interface_policy{'SOCK'} = 'AM-SOCK'; -#$policy_bank{'AM-SOCK'} = {protocol => 'COURIER'}; - -## Now we can assign policy banks to amavisd tcp port numbers listed in -## $inet_socket_port. Whenever the connection from MTA is received, first -## a built-in policy bank $policy_bank{''} gets loaded, which bringings-in -## all the global/legacy settings, then it gets overlaid by the bank -## named in the $interface_policy{$port} if any, and finally the bank -## 'MYNETS' is overlaid if it exists and the SMTP client IP address -## is known (by XFORWARD command from MTA) and it matches @@mynetworks. - -# $interface_policy{'10026'} = 'ALT'; - -# used by amavisd-release utility of a new AM.PDP-based amavis-milter client -#$interface_policy{'9998'} = 'AM.PDP-INET'; -#$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; - -# invoke custom hooks or additional configuration files: -# include_config_files('/etc/amavisd-custom.conf'); - -# Want to execute additional configuration files from some directory? -#{ my($d) = '/etc/amavis/conf.d'; # do *.cf or *.conf files in this directory -# local(*D); opendir(D,$d) or die "Can't open dir $d: $!"; -# my(@@d) = sort grep {/\.(cf|conf)$/ && -f} map {/^(.*)$/,"$d/$1"} readdir(D); -# closedir(D) or die "Can't close $d: $!"; -# include_config_files($_) for (@@d); -#} - -1; # insure a defined return value -@ - - -1.3 -log -@Checked in. -@ -text -@d74 1 -d162 3 -d318 1 -a318 1 -$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string, -d331 1 -a331 1 -$log_level = 2; # (defaults to 0), -d -d515 4 -a518 4 -#$final_virus_destiny = D_DISCARD; # (defaults to D_DISCARD) -#$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE) -#$final_spam_destiny = D_BOUNCE; # (defaults to D_BOUNCE) -#$final_bad_header_destiny = D_PASS; # (defaults to D_PASS) -d921 1 -a921 1 - qr'^MAIL$', # retain full original message for virus checking (can be slow) -d1464 3 -d1503 2 -d1959 10 -a1968 10 -# ### http://www.clamav.net/ -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/m, qr/\bFOUND$/m, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], -# # NOTE: run clamd under the same user as amavisd, or run it under its own -# # uid such as clamav, add user clamav to the amavis group, and then add -# # AllowSupplementaryGroups to clamd.conf; -# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in -# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd". -@ - - -1.2 -log -@Checked in. -@ -text -@a73 1 -$myhostname = 'helga.brehm-online.com'; -a160 3 -@@auth_mech_avail = qw(PLAIN LOGIN); -$auth_required_inp = 0; -$auth_required_out = 0; -d314 1 -a314 1 -$syslog_priority = 'info'; # Syslog base (minimal) priority as a string, -d327 1 -a327 1 -$log_level = 3; # (defaults to 0), -d -d511 4 -a514 4 -$final_virus_destiny = D_REJECT; # (defaults to D_DISCARD) -$final_banned_destiny = D_REJECT; # (defaults to D_BOUNCE) -$final_spam_destiny = D_REJECT; # (defaults to D_BOUNCE) -$final_bad_header_destiny = D_PASS; # (defaults to D_PASS) -d917 1 -a917 1 -# qr'^MAIL$', # retain full original message for virus checking (can be slow) -a1459 3 - [ qr'@@strato(?:-rz)\.de$'i => -5.0 ], - [ qr'^Doris\.Hennig@@BA-MH\.Verwalt-Berlin\.de$'i => -5.0 ], - [ qr'^doris@@hennig-berlin\.org$'i => -5.0 ], -a1495 2 - 'niels@@google.com' => -3.0, - 'kameu@@gmx.de' => -3.0, -d1950 10 -a1959 10 -### http://www.clamav.net/ -['ClamAV-clamd', - \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], - qr/\bOK$/m, qr/\bFOUND$/m, - qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], -# NOTE: run clamd under the same user as amavisd, or run it under its own -# uid such as clamav, add user clamav to the amavis group, and then add -# AllowSupplementaryGroups to clamd.conf; -# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in -# this entry; when running chrooted one may prefer socket "$MYHOME/clamd". -@ - - -1.1 -log -@Initial revision -@ -text -@d74 1 -d162 3 -d318 1 -a318 1 -$syslog_priority = 'debug'; # Syslog base (minimal) priority as a string, -d331 1 -a331 1 -$log_level = 2; # (defaults to 0), -d -d515 4 -a518 4 -#$final_virus_destiny = D_DISCARD; # (defaults to D_DISCARD) -#$final_banned_destiny = D_BOUNCE; # (defaults to D_BOUNCE) -#$final_spam_destiny = D_BOUNCE; # (defaults to D_BOUNCE) -#$final_bad_header_destiny = D_PASS; # (defaults to D_PASS) -d921 1 -a921 1 - qr'^MAIL$', # retain full original message for virus checking (can be slow) -d1464 3 -d1503 2 -d1959 10 -a1968 10 -# ### http://www.clamav.net/ -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/m, qr/\bFOUND$/m, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], -# # NOTE: run clamd under the same user as amavisd, or run it under its own -# # uid such as clamav, add user clamav to the amavis group, and then add -# # AllowSupplementaryGroups to clamd.conf; -# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in -# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd". -@ diff --git a/.rcs/amavisd.conf.orig,v b/.rcs/amavisd.conf.orig,v deleted file mode 100644 index 2af364f..0000000 --- a/.rcs/amavisd.conf.orig,v +++ /dev/null @@ -1,830 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2011.09.08.21.17.36; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@use strict; - -# a minimalistic configuration file for amavisd-new with all necessary settings -# -# see amavisd.conf-default for a list of all variables with their defaults; -# for more details see documentation in INSTALL, README_FILES/* -# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html - - -# COMMONLY ADJUSTED SETTINGS: - -# @@bypass_virus_checks_maps = (1); # controls running of anti-virus code -# @@bypass_spam_checks_maps = (1); # controls running of anti-spam code -# $bypass_decode_parts = 1; # controls running of decoders&dearchivers - -$max_servers = 2; # num of pre-forked children (2..30 is common), -m -$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u -$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g - -$mydomain = 'example.com'; # a convenient default for other settings - -# $MYHOME = '/var/amavis'; # a convenient default for other settings, -H -$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T -$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc. -$QUARANTINEDIR = "$MYHOME/quarantine"; # -Q -# $quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine -# $release_format = 'resend'; # 'attach', 'plain', 'resend' -# $report_format = 'arf'; # 'attach', 'plain', 'resend', 'arf' - -# $daemon_chroot_dir = $MYHOME; # chroot directory or undef, -R - -# $db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D -# $helpers_home = "$MYHOME/var"; # working directory for SpamAssassin, -S -# $lock_file = "$MYHOME/var/amavisd.lock"; # -L -# $pid_file = "$MYHOME/var/amavisd.pid"; # -P -#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually - -$log_level = 0; # verbosity 0..5, -d -$log_recip_templ = undef; # disable by-recipient level-0 log entries -$do_syslog = 1; # log via syslogd (preferred) -$syslog_facility = 'mail'; # Syslog facility as a string - # e.g.: mail, daemon, user, local0, ... local7 - -$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) -$nanny_details_level = 2; # nanny verbosity: 1: traditional, 2: detailed -$enable_dkim_verification = 0; # enable DKIM signatures verification -$enable_dkim_signing = 0; # load DKIM signing code, keys defined by dkim_key - -@@local_domains_maps = ( [".$mydomain"] ); # list of all local domains - -@@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 - 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); - -$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter - # option(s) -p overrides $inet_socket_port and $unix_socketname - -$inet_socket_port = 10024; # listen on this local TCP port(s) -# $inet_socket_port = [10024,10026]; # listen on multiple TCP ports - -$policy_bank{'MYNETS'} = { # mail originating from @@mynetworks - originating => 1, # is true in MYNETS by default, but let's make it explicit - os_fingerprint_method => undef, # don't query p0f for internal clients -}; - -# it is up to MTA to re-route mail from authenticated roaming users or -# from internal hosts to a dedicated TCP port (such as 10026) for filtering -$interface_policy{'10026'} = 'ORIGINATING'; - -$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users - originating => 1, # declare that mail was submitted by our smtp client - allow_disclaimers => 1, # enables disclaimer insertion if available - # notify administrator of locally originating malware - virus_admin_maps => ["virusalert\@@$mydomain"], - spam_admin_maps => ["virusalert\@@$mydomain"], - warnbadhsender => 1, - # forward to a smtpd service providing DKIM signing service - forward_method => 'smtp:[127.0.0.1]:10027', - # force MTA conversion to 7-bit (e.g. before DKIM signing) - smtpd_discard_ehlo_keywords => ['8BITMIME'], - bypass_banned_checks_maps => [1], # allow sending any file names and types - terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option -}; - -$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with $unix_socketname - -# Use with amavis-release over a socket or with Petr Rehor's amavis-milter.c -# (with amavis-milter.c from this package or old amavis.c client use 'AM.CL'): -$policy_bank{'AM.PDP-SOCK'} = { - protocol => 'AM.PDP', - auth_required_release => 0, # do not require secret_id for amavisd-release -}; - -$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level -$sa_tag2_level_deflt = 6.2; # add 'spam detected' headers at that level -$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail) -$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent -$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From -# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off -$penpals_bonus_score = 8; # (no effect without a @@storage_sql_dsn database) -$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam -$bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces - -$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger -$sa_local_tests_only = 0; # only tests which do not require internet access? - -# @@lookup_sql_dsn = -# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'], -# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'], -# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] ); -# @@storage_sql_dsn = @@lookup_sql_dsn; # none, same, or separate database - -# $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; -# defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) - -$virus_admin = "virusalert\@@$mydomain"; # notifications recip. - -$mailfrom_notify_admin = "virusalert\@@$mydomain"; # notifications sender -$mailfrom_notify_recip = "virusalert\@@$mydomain"; # notifications sender -$mailfrom_notify_spamadmin = "spam.police\@@$mydomain"; # notifications sender -$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef - -@@addr_extension_virus_maps = ('virus'); -@@addr_extension_banned_maps = ('banned'); -@@addr_extension_spam_maps = ('spam'); -@@addr_extension_bad_header_maps = ('badh'); -# $recipient_delimiter = '+'; # undef disables address extensions altogether -# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+ - -$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; -# $dspam = 'dspam'; - -$MAXLEVELS = 14; -$MAXFILES = 1500; -$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) -$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) - -$sa_spam_subject_tag = '***Spam*** '; -$defang_virus = 1; # MIME-wrap passed infected mail -$defang_banned = 1; # MIME-wrap passed mail containing banned name -# for defanging bad headers only turn on certain minor contents categories: -$defang_by_ccat{CC_BADH.",3"} = 1; # NUL or CR character in header -$defang_by_ccat{CC_BADH.",5"} = 1; # header line longer than 998 characters -$defang_by_ccat{CC_BADH.",6"} = 1; # header field syntax error - - -# OTHER MORE COMMON SETTINGS (defaults may suffice): - -# $myhostname = 'host.example.com'; # must be a fully-qualified domain name! - -# $notify_method = 'smtp:[127.0.0.1]:10025'; -# $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter! - -# $final_virus_destiny = D_DISCARD; -# $final_banned_destiny = D_DISCARD; -# $final_spam_destiny = D_PASS; #!!! D_DISCARD / D_REJECT -# $final_bad_header_destiny = D_PASS; -# $bad_header_quarantine_method = undef; - -# $os_fingerprint_method = 'p0f:*:2345'; # to query p0f-analyzer.pl - -## hierarchy by which a final setting is chosen: -## policy bank (based on port or IP address) -> *_by_ccat -## *_by_ccat (based on mail contents) -> *_maps -## *_maps (based on recipient address) -> final configuration value - - -# SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all) - -# $warnbadhsender, -# $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or @@warn*recip_maps) -# -# @@bypass_virus_checks_maps, @@bypass_spam_checks_maps, -# @@bypass_banned_checks_maps, @@bypass_header_checks_maps, -# -# @@virus_lovers_maps, @@spam_lovers_maps, -# @@banned_files_lovers_maps, @@bad_header_lovers_maps, -# -# @@blacklist_sender_maps, @@score_sender_maps, -# -# $clean_quarantine_method, $virus_quarantine_to, $banned_quarantine_to, -# $bad_header_quarantine_to, $spam_quarantine_to, -# -# $defang_bad_header, $defang_undecipherable, $defang_spam - - -# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS - -@@keep_decoded_original_maps = (new_RE( - qr'^MAIL$', # retain full original message for virus checking - qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables - qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, -# qr'^Zip archive data', # don't trust Archive::Zip -)); - - -$banned_filename_re = new_RE( - -### BLOCKED ANYWHERE -# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components - qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary -# qr'^\.(exe|lha|cab|dll)$', # banned file(1) types - -### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: -# [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 - [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives - - qr'.\.(pif|scr)$'i, # banned extensions - rudimentary -# qr'^\.zip$', # block zip type - -### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES: -# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives - - qr'^application/x-msdownload$'i, # block these MIME types - qr'^application/x-msdos-program$'i, - qr'^application/hta$'i, - -# qr'^message/partial$'i, # rfc2046 MIME type -# qr'^message/external-body$'i, # rfc2046 MIME type - -# qr'^(application/x-msmetafile|image/x-wmf)$'i, # Windows Metafile MIME type -# qr'^\.wmf$', # Windows Metafile file(1) type - - # block certain double extensions in filenames - qr'^(?!cid:).*\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i, - -# qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Class ID CLSID, strict -# qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose - - qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic -# qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd -# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| -# inf|ini|ins|isp|js|jse|lib|lnk|mda|mdb|mde|mdt|mdw|mdz|msc|msi| -# msp|mst|ocx|ops|pcd|pif|prg|reg|scr|sct|shb|shs|sys|vb|vbe|vbs|vxd| -# wmf|wsc|wsf|wsh)$'ix, # banned extensions - long -# qr'.\.(asd|asf|asx|url|vcs|wmd|wmz)$'i, # consider also -# qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename -# qr'^\.ani$', # banned animated cursor file(1) type -# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. -); -# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631 -# and http://www.cknow.com/vtutor/vtextensions.htm - - -# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING - -@@score_sender_maps = ({ # a by-recipient hash lookup table, - # results from all matching recipient tables are summed - -# ## per-recipient personal tables (NOTE: positive: black, negative: white) -# 'user1@@example.com' => [{'bla-mobile.press@@example.com' => 10.0}], -# 'user3@@example.com' => [{'.ebay.com' => -3.0}], -# 'user4@@example.com' => [{'cleargreen@@cleargreen.com' => -7.0, -# '.cleargreen.com' => -5.0}], - - ## site-wide opinions about senders (the '.' matches any recipient) - '.' => [ # the _first_ matching sender determines the score boost - - new_RE( # regexp-type lookup table, just happens to be all soft-blacklist - [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@@'i => 5.0], - [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@@'i=> 5.0], - [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@@'i=> 5.0], - [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@@'i => 5.0], - [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@@'i => 5.0], - [qr'^(your_friend|greatoffers)@@'i => 5.0], - [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@@'i => 5.0], - ), - -# read_hash("/var/amavis/sender_scores_sitewide"), - - { # a hash-type lookup table (associative array) - 'nobody@@cert.org' => -3.0, - 'cert-advisory@@us-cert.gov' => -3.0, - 'owner-alert@@iss.net' => -3.0, - 'slashdot@@slashdot.org' => -3.0, - 'securityfocus.com' => -3.0, - 'ntbugtraq@@listserv.ntbugtraq.com' => -3.0, - 'security-alerts@@linuxsecurity.com' => -3.0, - 'mailman-announce-admin@@python.org' => -3.0, - 'amavis-user-admin@@lists.sourceforge.net'=> -3.0, - 'amavis-user-bounces@@lists.sourceforge.net' => -3.0, - 'spamassassin.apache.org' => -3.0, - 'notification-return@@lists.sophos.com' => -3.0, - 'owner-postfix-users@@postfix.org' => -3.0, - 'owner-postfix-announce@@postfix.org' => -3.0, - 'owner-sendmail-announce@@lists.sendmail.org' => -3.0, - 'sendmail-announce-request@@lists.sendmail.org' => -3.0, - 'donotreply@@sendmail.org' => -3.0, - 'ca+envelope@@sendmail.org' => -3.0, - 'noreply@@freshmeat.net' => -3.0, - 'owner-technews@@postel.acm.org' => -3.0, - 'ietf-123-owner@@loki.ietf.org' => -3.0, - 'cvs-commits-list-admin@@gnome.org' => -3.0, - 'rt-users-admin@@lists.fsck.com' => -3.0, - 'clp-request@@comp.nus.edu.sg' => -3.0, - 'surveys-errors@@lists.nua.ie' => -3.0, - 'emailnews@@genomeweb.com' => -5.0, - 'yahoo-dev-null@@yahoo-inc.com' => -3.0, - 'returns.groups.yahoo.com' => -3.0, - 'clusternews@@linuxnetworx.com' => -3.0, - lc('lvs-users-admin@@LinuxVirtualServer.org') => -3.0, - lc('owner-textbreakingnews@@CNNIMAIL12.CNN.COM') => -5.0, - - # soft-blacklisting (positive score) - 'sender@@example.net' => 3.0, - '.example.net' => 1.0, - - }, - ], # end of site-wide tables -}); - - -@@decoders = ( - ['mail', \&do_mime_decode], -# ['asc', \&do_ascii], -# ['uue', \&do_ascii], -# ['hqx', \&do_ascii], -# ['ync', \&do_ascii], - ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ], - ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ], - ['gz', \&do_uncompress, 'gzip -d'], - ['gz', \&do_gunzip], - ['bz2', \&do_uncompress, 'bzip2 -d'], - ['xz', \&Amavis::Unpackers::do_uncompress, - ['xzdec'. 'xz -dc', 'unxz -c', 'xzcat'] ], - ['lzma', \&Amavis::Unpackers::do_uncompress, - ['lzmadec', 'xz -dc --format=lzma', - 'lzma -dc', 'unlzma -c', 'lzcat', 'lzmadec'] ], - ['lzo', \&do_uncompress, 'lzop -d'], - ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ], - ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ], - ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ], - ['deb', \&do_ar, 'ar'], -# ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill - ['zip', \&do_unzip], - ['7z', \&do_7zip, ['7zr','7za','7z'] ], - ['rar', \&do_unrar, ['rar','unrar'] ], - ['arj', \&do_unarj, ['arj','unarj'] ], - ['arc', \&do_arc, ['nomarch','arc'] ], - ['zoo', \&do_zoo, ['zoo','unzoo'] ], - ['lha', \&do_lha, 'lha'], -# ['doc', \&do_ole, 'ripole'], - ['cab', \&do_cabextract, 'cabextract'], - ['tnef', \&do_tnef_ext, 'tnef'], - ['tnef', \&do_tnef], -# ['sit', \&do_unstuff, 'unstuff'], # broken/unsafe decoder - ['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ], -); - - -@@av_scanners = ( - -# ### http://www.sophos.com/ -# ['Sophos-SSSP', -# \&ask_daemon, ["{}", 'sssp:/var/run/savdi/sssp.sock'], -# # or: ["{}", 'sssp:[127.0.0.1]:4010'], -# qr/^DONE OK\b/m, qr/^VIRUS\b/m, qr/^VIRUS\s*(\S*)/m ], - -# ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/) -# ['Sophie', -# \&ask_daemon, ["{}/\n", 'sophie:/var/run/sophie'], -# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/, -# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], - -# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/ -# ['Sophos SAVI', \&ask_daemon, ['{}','savi-perl:'] ], - -# ['Avira SAVAPI', -# \&ask_daemon, ["*", 'savapi:/var/tmp/.savapi3', 'product-id'], -# qr/^(200|210)/m, qr/^(310|420|319)/m, -# qr/^(?:310|420)[,\s]*(?:.* <<< )?(.+?)(?: ; |$)/m -# settings for the SAVAPI3.conf: ArchiveScan=1, HeurLevel=2, MailboxScan=1 - -# ### http://www.clamav.net/ -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/m, qr/\bFOUND$/m, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], -# # NOTE: run clamd under the same user as amavisd, or run it under its own -# # uid such as clamav, add user clamav to the amavis group, and then add -# # AllowSupplementaryGroups to clamd.conf; -# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in -# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd". - -# ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) -# # note that Mail::ClamAV requires perl to be build with threading! -# ['Mail::ClamAV', \&ask_daemon, ['{}','clamav-perl:'], -# [0], [1], qr/^INFECTED: (.+)/m], - -# ### http://www.openantivirus.org/ -# ['OpenAntiVirus ScannerDaemon (OAV)', -# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'], -# qr/^OK/m, qr/^FOUND: /m, qr/^FOUND: (.+)/m ], - -# ### http://www.vanja.com/tools/trophie/ -# ['Trophie', -# \&ask_daemon, ["{}/\n", 'trophie:/var/run/trophie'], -# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, -# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], - -# ### http://www.grisoft.com/ -# ['AVG Anti-Virus', -# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'], -# qr/^200/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ], - -# ### http://www.f-prot.com/ -# ['F-Prot fpscand', # F-PROT Antivirus for BSD/Linux/Solaris, version 6 -# \&ask_daemon, -# ["SCAN FILE {}/*\n", '127.0.0.1:10200'], -# qr/^(0|8|64) /m, -# qr/^([1235679]|1[01345]) |<[^>:]*(?i)(infected|suspicious|unwanted)/m, -# qr/(?i)<[^>:]*(?:infected|suspicious|unwanted)[^>:]*: ([^>]*)>/m ], - -# ### http://www.f-prot.com/ -# ['F-Prot f-protd', # old version -# \&ask_daemon, -# ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n", -# ['127.0.0.1:10200', '127.0.0.1:10201', '127.0.0.1:10202', -# '127.0.0.1:10203', '127.0.0.1:10204'] ], -# qr/(?i)]*>clean<\/summary>/m, -# qr/(?i)]*>infected<\/summary>/m, -# qr/(?i)(.+)<\/name>/m ], - -# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/ -# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later -# [pack('N',1). # DRWEBD_SCAN_CMD -# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES -# pack('N', # path length -# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")). -# '{}/*'. # path -# pack('N',0). # content size -# pack('N',0), -# '/var/drweb/run/drwebd.sock', -# # '/var/amavis/var/run/drwebd.sock', # suitable for chroot -# # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default -# # '127.0.0.1:3000', # or over an inet socket -# ], -# qr/\A\x00[\x10\x11][\x00\x10]\x00/sm, # IS_CLEAN,EVAL_KEY; SKIPPED -# qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/sm,# KNOWN_V,UNKNOWN_V,V._MODIF -# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/sm, -# ], -# # NOTE: If using amavis-milter, change length to: -# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx"). - - ### http://www.kaspersky.com/ (kav4mailservers) - ['KasperskyLab AVP - aveclient', - ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient', - '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'], - '-p /var/run/aveserver -s {}/*', - [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m, - qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m, - ], - # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious, - # currupted or protected archives are to be handled - - ### http://www.kaspersky.com/ - ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'], - '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ? - qr/infected: (.+)/m, - sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"}, - sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, - ], - - ### The kavdaemon and AVPDaemonClient have been removed from Kasperky - ### products and replaced by aveserver and aveclient - ['KasperskyLab AVPDaemonClient', - [ '/opt/AVP/kavdaemon', 'kavdaemon', - '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient', - '/opt/AVP/AvpTeamDream', 'AvpTeamDream', - '/opt/AVP/avpdc', 'avpdc' ], - "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ], - # change the startup-script in /etc/init.d/kavd to: - # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis" - # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" ) - # adjusting /var/amavis above to match your $TEMPBASE. - # The '-f=/var/amavis' is needed if not running it as root, so it - # can find, read, and write its pid file, etc., see 'man kavdaemon'. - # defUnix.prf: there must be an entry "*/var/amavis" (or whatever - # directory $TEMPBASE specifies) in the 'Names=' section. - # cd /opt/AVP/DaemonClients; configure; cd Sample; make - # cp AvpDaemonClient /opt/AVP/ - # su - amavis -c "${PREFIX}/kavdaemon ${DPARMS}" - - ### http://www.centralcommand.com/ - ['CentralCommand Vexira (new) vascan', - ['vascan','/usr/lib/Vexira/vascan'], - "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". - "--log=/var/log/vascan.log {}", - [0,3], [1,2,5], - qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ], - # Adjust the path of the binary and the virus database as needed. - # 'vascan' does not allow to have the temp directory to be the same as - # the quarantine directory, and the quarantine option can not be disabled. - # If $QUARANTINEDIR is not used, then another directory must be specified - # to appease 'vascan'. Move status 3 to the second list if password - # protected files are to be considered infected. - - ### http://www.avira.com/ - ### old Avira AntiVir 2.x (ex H+BEDV) or old CentralCommand Vexira Antivirus - ['Avira AntiVir', ['antivir','vexira'], - '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, - qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | - (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ], - # NOTE: if you only have a demo version, remove -z and add 214, as in: - # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, - - ### http://www.avira.com/ - ### Avira for UNIX 3.x - ['Avira AntiVir', ['avscan'], - '-s --batch --alert-action=none {}', [0,4], qr/(?:ALERT|FUND):/m, - qr/(?:ALERT|FUND): (?:.* <<< )?(.+?)(?: ; |$)/m ], - - ### http://www.commandsoftware.com/ - ['Command AntiVirus for Linux', 'csav', - '-all -archive -packed {}', [50], [51,52,53], - qr/Infection: (.+)/m ], - - ### http://www.symantec.com/ - ['Symantec CarrierScan via Symantec CommandLineScanner', - 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}', - qr/^Files Infected:\s+0$/m, qr/^Infected\b/m, - qr/^(?:Info|Virus Name):\s+(.+)/m ], - - ### http://www.symantec.com/ - ['Symantec AntiVirus Scan Engine', - 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}', - [0], qr/^Infected\b/m, - qr/^(?:Info|Virus Name):\s+(.+)/m ], - # NOTE: check options and patterns to see which entry better applies - -# ### http://www.f-secure.com/products/anti-virus/ version 4.65 -# ['F-Secure Antivirus for Linux servers', -# ['/opt/f-secure/fsav/bin/fsav', 'fsav'], -# '--delete=no --disinf=no --rename=no --archive=yes --auto=yes '. -# '--dumb=yes --list=no --mime=yes {}', [0], [3,6,8], -# qr/(?:infection|Infected|Suspected): (.+)/m ], - - ### http://www.f-secure.com/products/anti-virus/ version 5.52 - ['F-Secure Antivirus for Linux servers', - ['/opt/f-secure/fsav/bin/fsav', 'fsav'], - '--virus-action1=report --archive=yes --auto=yes '. - '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8], - qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], - # NOTE: internal archive handling may be switched off by '--archive=no' - # to prevent fsav from exiting with status 9 on broken archives - -# ### http://www.avast.com/ -# ['avast! Antivirus daemon', -# \&ask_daemon, # greets with 220, terminate with QUIT -# ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'], -# qr/\t\[\+\]/m, qr/\t\[L\]\t/m, qr/\t\[L\]\t([^[ \t\015\012]+)/m ], - -# ### http://www.avast.com/ -# ['avast! Antivirus - Client/Server Version', 'avastlite', -# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1], -# qr/\t\[L\]\t([^[ \t\015\012]+)/m ], - - ['CAI InoculateIT', 'inocucmd', # retired product - '-sec -nex {}', [0], [100], - qr/was infected by virus (.+)/m ], - # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html - - ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT) - ['CAI eTrust Antivirus', 'etrust-wrapper', - '-arc -nex -spm h {}', [0], [101], - qr/is infected by virus: (.+)/m ], - # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer - # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 - - ### http://mks.com.pl/english.html - ['MkS_Vir for Linux (beta)', ['mks32','mks'], - '-s {}/*', [0], [1,2], - qr/--[ \t]*(.+)/m ], - - ### http://mks.com.pl/english.html - ['MkS_Vir daemon', 'mksscan', - '-s -q {}', [0], [1..7], - qr/^... (\S+)/m ], - -# ### http://www.nod32.com/, version v2.52 (old) -# ['ESET NOD32 for Linux Mail servers', -# ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'], -# '--subdir --files -z --sfx --rtp --adware --unsafe --pattern --heur '. -# '-w -a --action-on-infected=accept --action-on-uncleanable=accept '. -# '--action-on-notscanned=accept {}', -# [0,3], [1,2], qr/virus="([^"]+)"/m ], - -# ### http://www.eset.com/, version v2.7 (old) -# ['ESET NOD32 Linux Mail Server - command line interface', -# ['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'], -# '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/m ], - -# ### http://www.eset.com/, version 2.71.12 -# ['ESET Software ESETS Command Line Interface', -# ['/usr/bin/esets_cli', 'esets_cli'], -# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ], - - ### http://www.eset.com/, version 3.0 - ['ESET Software ESETS Command Line Interface', - ['/usr/bin/esets_cli', 'esets_cli'], - '--subdir {}', [0], [1,2,3], - qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ], - - ## http://www.nod32.com/, NOD32LFS version 2.5 and above - ['ESET NOD32 for Linux File servers', - ['/opt/eset/nod32/sbin/nod32','nod32'], - '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '. - '-w -a --action=1 -b {}', - [0], [1,10], qr/^object=.*, virus="(.*?)",/m ], - -# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31 -# ['ESET Software NOD32 Client/Server (NOD32SS)', -# \&ask_daemon2, # greets with 200, persistent, terminate with QUIT -# ["SCAN {}/*\r\n", '127.0.0.1:8448' ], -# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ], - - ### http://www.norman.com/products_nvc.shtml - ['Norman Virus Control v5 / Linux', 'nvcc', - '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14], - qr/(?i).* virus in .* -> \'(.+)\'/m ], - - ### http://www.pandasoftware.com/ - ['Panda CommandLineSecure 9 for Linux', - ['/opt/pavcl/usr/bin/pavcl','pavcl'], - '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', - qr/Number of files infected[ .]*: 0+(?!\d)/m, - qr/Number of files infected[ .]*: 0*[1-9]/m, - qr/Found virus :\s*(\S+)/m ], - # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' - # before starting amavisd - the bases are then loaded only once at startup. - # To reload bases in a signature update script: - # /opt/pavcl/usr/bin/pavcl -tsr -ulr; /opt/pavcl/usr/bin/pavcl -tsr - # Please review other options of pavcl, for example: - # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies - -# ### http://www.pandasoftware.com/ -# ['Panda Antivirus for Linux', ['pavcl'], -# '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}', -# [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0], -# qr/Found virus :\s*(\S+)/m ], - -# GeCAD AV technology is acquired by Microsoft; RAV has been discontinued. -# Check your RAV license terms before fiddling with the following two lines! -# ['GeCAD RAV AntiVirus 8', 'ravav', -# '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/m ], -# # NOTE: the command line switches changed with scan engine 8.5 ! -# # (btw, assigning stdin to /dev/null causes RAV to fail) - - ### http://www.nai.com/ - ['NAI McAfee AntiVirus (uvscan)', 'uvscan', - '--secure -rv --mime --summary --noboot - {}', [0], [13], - qr/(?x) Found (?: - \ the\ (.+)\ (?:virus|trojan) | - \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | - :\ (.+)\ NOT\ a\ virus)/m, - # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'}, - # sub {delete $ENV{LD_PRELOAD}}, - ], - # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before - # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6 - # and then clear it when finished to avoid confusing anything else. - # NOTE2: to treat encrypted files as viruses replace the [13] with: - # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/ - - ### http://www.virusbuster.hu/en/ - ['VirusBuster', ['vbuster', 'vbengcl'], - "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1], - qr/: '(.*)' - Virus/m ], - # VirusBuster Ltd. does not support the daemon version for the workstation - # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of - # binaries, some parameters AND return codes have changed (from 3 to 1). - # See also the new Vexira entry 'vascan' which is possibly related. - -# ### http://www.virusbuster.hu/en/ -# ['VirusBuster (Client + Daemon)', 'vbengd', -# '-f -log scandir {}', [0], [3], -# qr/Virus found = (.*);/m ], -# # HINT: for an infected file it always returns 3, -# # although the man-page tells a different story - - ### http://www.cyber.com/ - ['CyberSoft VFind', 'vfind', - '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m, - # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'}, - ], - - ### http://www.avast.com/ - ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'], - '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ], - - ### http://www.ikarus-software.com/ - ['Ikarus AntiVirus for Linux', 'ikarus', - '{}', [0], [40], qr/Signature (.+) found/m ], - - ### http://www.bitdefender.com/ - ['BitDefender', 'bdscan', # new version - '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m, - qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m, - qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ], - - ### http://www.bitdefender.com/ - ['BitDefender', 'bdc', # old version - '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m, - qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, - qr/(?:suspected|infected): (.*)(?:\033|$)/m ], - # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may - # not apply to your version of bdc, check documentation and see 'bdc --help' - - ### ArcaVir for Linux and Unix http://www.arcabit.pl/ - ['ArcaVir for Linux', ['arcacmd','arcacmd.static'], - '-v 1 -summary 0 -s {}', [0], [1,2], - qr/(?:VIR|WIR):[ \t]*(.+)/m ], - -# ### a generic SMTP-client interface to a SMTP-based virus scanner -# ['av_smtp', \&ask_av_smtp, -# ['{}', 'smtp:[127.0.0.1]:5525', 'dummy@@localhost'], -# qr/^2/, qr/^5/, qr/^\s*(.*?)\s*$/m ], - -# ['File::Scan', sub {Amavis::AV::ask_av(sub{ -# use File::Scan; my($fn)=@@_; -# my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0); -# my($vname) = $f->scan($fn); -# $f->error ? (2,"Error: ".$f->error) -# : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @@_) }, -# ["{}/*"], [0], [1], qr/^(.*) FOUND$/m ], - -# ### fully-fledged checker for JPEG marker segments of invalid length -# ['check-jpeg', -# sub { use JpegTester (); Amavis::AV::ask_av(\&JpegTester::test_jpeg, @@_) }, -# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], -# # NOTE: place file JpegTester.pm somewhere where Perl can find it, -# # for example in /usr/local/lib/perl5/site_perl - -); - - -@@av_scanners_backup = ( - - ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV - ['ClamAV-clamscan', 'clamscan', - "--stdout --no-summary -r --tempdir=$TEMPBASE {}", - [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], - -# ### http://www.clamav.net/ - using remote clamd scanner as a backup -# ['ClamAV-clamdscan', 'clamdscan', -# "--stdout --no-summary --config-file=/etc/clamd-client.conf {}", -# [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], - -# ['ClamAV-clamd-stream', -# \&ask_daemon, ["*", 'clamd:/var/run/clamav/clamd'], -# qr/\bOK$/m, qr/\bFOUND$/m, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], - - ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6 - ['F-PROT Antivirus for UNIX', ['fpscan'], - '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10 - [0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3], - qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/m ], - - ### http://www.f-prot.com/ - backs up F-Prot Daemon (old) - ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'], - '-dumb -archive -packed {}', [0,8], [3,6], # or: [0], [3,6,8], - qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ], - - ### http://www.trendmicro.com/ - backs up Trophie - ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'], - '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ], - - ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD - ['drweb - DrWeb Antivirus', # security LHA hole in Dr.Web 4.33 and earlier - ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'], - '-path={} -al -go -ot -cn -upn -ok-', - [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'m ], - - ### http://www.kaspersky.com/ - ['Kaspersky Antivirus v5.5', - ['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner', - '/opt/kav/5.5/kav4unix/bin/kavscanner', - '/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'], - '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25], - qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m, -# sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"}, -# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, - ], - -# Commented out because the name 'sweep' clashes with Debian and FreeBSD -# package/port of an audio editor. Make sure the correct 'sweep' is found -# in the path when enabling. -# -# ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl -# ['Sophos Anti Virus (sweep)', 'sweep', -# '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '. -# '--no-reset-atime {}', -# [0,2], qr/Virus .*? found/m, -# qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m, -# ], -# # other options to consider: -idedir=/usr/local/sav - -# Always succeeds and considers mail clean. -# Potentially useful when all other scanners fail and it is desirable -# to let mail continue to flow with no virus checking (when uncommented). -# ['always-clean', sub {0}], - -); - - -1; # insure a defined return value -@ diff --git a/.rcs/group,v b/.rcs/group,v deleted file mode 100644 index 12a3d4e..0000000 --- a/.rcs/group,v +++ /dev/null @@ -1,141 +0,0 @@ -head 1.3; -access; -symbols; -locks; strict; -comment @# @; - - -1.3 -date 2010.12.01.22.28.49; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.12.01.22.03.57; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.21.14.09; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.3 -log -@Checked in. -@ -text -@root::0:root,frank -bin::1:root,bin,daemon -daemon::2:root,bin,daemon -sys::3:root,bin,adm -adm::4:root,adm,daemon -tty::5:frank,taurec -disk::6:root,adm -lp::7:lp,frank,taurec -mem::8: -kmem::9: -wheel::10:root,frank,taurec,morph -floppy::11:root -mail::12:mail,postfix -news::13:news -uucp::14:uucp -man::15:man -cron:x:16:frank,taurec,morph,patrick,vivi -console::17:frank,taurec -audio::18:frank,taurec -cdrom::19: -dialout::20:root -ftp:x:21: -sshd:x:22: -at:x:25: -tape::26:root -video::27:root,frank,taurec -games:x:35: -named:x:40: -mysql:x:60: -cdrw::80: -apache:x:81: -usb::85: -users::100:games,taurec -postgrey:x:101: -polw:x:102: -teamspeak3:x:103: -nagios:x:104:frank -wireshark:x:105: -lpadmin:x:106: -messagebus:x:110: -rpc:x:111: -locate:x:122:frank,taurec,morph,patrick,vivi -ntp:x:123: -tcpdump:x:196: -ulogd:x:197: -crontab:x:198: -ssmtp:x:199: -nofiles:x:200: -postfix:x:207: -postdrop:x:208: -smmsp:x:209:smmsp -portage::250:portage,frank,taurec -utmp:x:406: -ldap:x:439: -clamav:x:998: -amavis:x:999: -proftpd:x:1008: -vmail:x:1023: -nogroup::65533: -nobody::65534: -@ - - -1.2 -log -@Checked in. -@ -text -@d6 1 -a6 1 -tty::5:frank -d8 1 -a8 1 -lp::7:lp,frank -d11 1 -a11 1 -wheel::10:root,frank -d17 3 -a19 3 -cron:x:16:frank -console::17:frank -audio::18:frank -d26 2 -a27 1 -video::27:root,frank -d33 1 -a33 1 -users::100:games -d37 1 -a37 1 -nagios:x:104: -d42 1 -a42 1 -locate:x:122:frank -d52 1 -a52 1 -portage::250:portage,frank -d58 1 -@ - - -1.1 -log -@Initial revision -@ -text -@d56 1 -@ diff --git a/.rcs/make.conf,v b/.rcs/make.conf,v deleted file mode 100644 index 29d13bb..0000000 --- a/.rcs/make.conf,v +++ /dev/null @@ -1,320 +0,0 @@ -head 1.12; -access; -symbols; -locks; strict; -comment @# @; - - -1.12 -date 2011.12.08.21.02.30; author root; state Exp; -branches; -next 1.11; - -1.11 -date 2011.07.10.23.54.02; author root; state Exp; -branches; -next 1.10; - -1.10 -date 2011.04.05.12.56.57; author root; state Exp; -branches; -next 1.9; - -1.9 -date 2010.12.02.13.04.30; author root; state Exp; -branches; -next 1.8; - -1.8 -date 2010.11.30.16.23.24; author root; state Exp; -branches; -next 1.7; - -1.7 -date 2010.11.29.23.28.22; author root; state Exp; -branches; -next 1.6; - -1.6 -date 2010.11.18.09.24.05; author root; state Exp; -branches; -next 1.5; - -1.5 -date 2010.07.13.20.45.29; author root; state Exp; -branches; -next 1.4; - -1.4 -date 2010.06.29.09.00.42; author root; state Exp; -branches; -next 1.3; - -1.3 -date 2010.06.23.11.39.20; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.06.08.12.01.00; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.29.20.34.38; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.12 -log -@Checked in. -@ -text -@# These settings were set by the catalyst build script that automatically -# built this stage. -# Please consult /usr/share/portage/config/make.conf.example for a more -# detailed example. - -CFLAGS="-O2 -pipe -march=opteron" -CXXFLAGS="${CFLAGS}" - -# WARNING: Changing your CHOST is not something that should be done lightly. -# Please consult http://www.gentoo.org/doc/en/change-chost.xml before changing. -CHOST="x86_64-pc-linux-gnu" - -# These are the USE flags that were used in addition to what is provided by the -# profile used for building. -USE="3dnow X acl apache2 audit bash-completion bazaar bzip2 caps cgi cvs curl \ - darcs djvu doc examples expat fam fastcgi fontconfig ftp gd gif git gmp \ - gnutls gpg graphviz gs gsl gtk guile hscolour html icu idn imagemagick imap ipv6 ithreads \ - jadetex java javascript jbig jpeg jpeg2k kerberos lasi ldap libwww lua \ - lzma lzo maildir mailwrapper mercurial mmx mmxext modperl motif mp3 mysql \ - nis odbc ogg openldap pam pch pcre pdf perl pic png php python rar samba sasl \ - session smtp snmp soap spamassassin spell sqlite sqlite3 sse sse2 ssh \ - subversion svg syslog theora tiff tk truetype unicode vhosts vim-syntax \ - vorbis wmf x264 xattr xml xmlrpc xpm xsl xvid zlib" - -I_KNOW_WHAT_I_AM_DOING=yes - -ACCEPT_LICENSE="DOOM3 PUEL RTCW RTCW-ETEULA" - -APACHE2_MODULES="actions alias asis auth_basic auth_digest authn_alias - authn_anon authn_dbd authn_dbm authn_default authn_file - authz_dbm authz_default authz_groupfile authz_host - authz_owner authz_user autoindex cache cern_meta cgi cgid - charset_lite dav dav_fs dav_lock dbd deflate dir disk_cache - dumpio env expires ext_filter file_cache filter headers icu - ident imagemap include info log_config log_forensic logio - mem_cache mime mime_magic negotiation proxy proxy_ajp - proxy_balancer proxy_connect proxy_ftp proxy_http proxy_scgi - reqtimeout rewrite setenvif speling status substitute - unique_id userdir usertrack version vhost_alias " - -#APACHE2_MPMS="-event% -itk% -peruser% -prefork% -worker%" -APACHE2_MPMS="prefork" - -VIDEO_CARDS="intel mach64 r128 radeon savage via svga" - -CONFIG_PROTECT="/var/www/ldap/htdocs/config \ - /var/www/ldap/htdocs/templates \ - /var/www/bautagebuch/htdocs/wp-config.php \ - /var/www/myadmin/htdocs/config.inc.php \ - /var/www/webmail/htdocs/horde/config \ - " -CONFIG_PROTECT_MASK="/etc/init.d" - -PORTAGE_NICENESS=3 - -AUTOCLEAN="yes" - -PORTDIR_OVERLAY="/usr/local/portage" - -#FETCHCOMMAND="/usr/bin/wget -t 5 --passive-ftp -P \${DISTDIR} \${URI}" -#FETCHCOMMAND="mv -v \${DISTDIR}/.old/\${FILE} \${DISTDIR}/" - -FEATURES="parallel-fetch" -#MAKEOPTS="-j3" -EMERGE_DEFAULT_OPTS="--with-bdeps y " - -LINGUAS="de de_AT de_BE de_CH de_DE de_LU en en_AG en_AU en_BW en_CA en_DK en_GB en_HK en_IE en_IN en_NG en_NZ en_PH en_SG en_ZA en_ZW en_US ru_RU ru_UA" - -#GENTOO_MIRRORS="ftp://mirror.netcologne.de/gentoo/ ftp://mirror.muntinternet.net/pub/gentoo/ http://mirror.muntinternet.net/pub/gentoo/ http://gentoo.supp.name/" -GENTOO_MIRRORS="http://mirror.opteamax.de/gentoo/ http://gentoo.mneisen.org/ http://gentoo.mirror.dkm.cz/pub/gentoo/ http://de-mirror.org/gentoo/ http://gentoo.wheel.sk/" - -#PORT_LOGDIR="/var/log/portage" -source /var/lib/layman/make.conf - -@ - - -1.11 -log -@Checked in. -@ -text -@d17 1 -a17 1 - gnutls gpg graphviz gs gsl gtk guile html icu idn imagemagick imap ipv6 ithreads \ -d21 1 -a21 1 - session smtp snmp soap spamassassin spell sqlite sqlite3 sse sse2 \ -d69 2 -a70 1 -GENTOO_MIRRORS="ftp://mirror.netcologne.de/gentoo/ ftp://mirror.muntinternet.net/pub/gentoo/ http://mirror.muntinternet.net/pub/gentoo/ http://gentoo.supp.name/" -@ - - -1.10 -log -@Checked in. -@ -text -@d17 1 -a17 1 - gnutls gpg gs gsl gtk guile html icu idn imagemagick imap ipv6 ithreads \ -d20 1 -a20 1 - nis odbc ogg pam pch pcre pdf perl pic png php python rar samba sasl \ -@ - - -1.9 -log -@Checked in. -@ -text -@d17 7 -a23 6 - gnutls gpg gs gsl gtk guile html icu idn imagemagick imap ipv6 ithreads jadetex java \ - javascript jbig jpeg jpeg2k kerberos lasi ldap libwww lua lzma lzo maildir \ - mailwrapper mercurial mmx mmxext modperl motif mp3 mysql nis odbc ogg pam \ - pch pcre pdf perl pic png php python rar samba sasl session smtp snmp soap spamassassin \ - spell sqlite sqlite3 sse sse2 subversion svg syslog theora tiff tk truetype \ - unicode vhosts vim-syntax vorbis wmf x264 xattr xml xmlrpc xpm xsl xvid zlib" -d29 11 -a39 9 -APACHE2_MODULES="actions alias asis auth_basic auth_digest authn_alias authn_anon authn_dbd - authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile - authz_host authz_owner authz_user autoindex cache cgi cgid charset_lite dav - dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache - filter headers icu ident imagemap include info log_config log_forensic logio - mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer - proxy_connect proxy_ftp proxy_http rewrite setenvif speling status - substitute unique_id userdir usertrack vhost_alias " -# -cern_meta -dumpio -version -@ - - -1.8 -log -@Checked in. -@ -text -@d20 1 -a20 1 - pch pcre pdf perl php pic png python rar samba sasl session smtp snmp soap spamassassin \ -a23 3 -USE="3dnow X acl audit bash-completion bazaar bzip2 caps \ - idn mmx mysql perl python sqlite sqlite3 sse sse2 vim-syntax xattr zlib" - -@ - - -1.7 -log -@Checked in. -@ -text -@d15 11 -a25 1 -USE="idn mmx perl python sse sse2" -@ - - -1.6 -log -@Checked in. -@ -text -@d15 1 -a15 8 -USE="3dnow X acl apache2 audit bash-completion bazaar bzip2 caps cgi cvs curl \ - darcs djvu doc examples expat fam fastcgi fontconfig ftp gd gif git gmp \ - gnutls gpg gs gsl gtk guile html icu idn imagemagick imap ipv6 ithreads jadetex java \ - javascript jbig jpeg jpeg2k kerberos lasi ldap libwww lua lzma lzo maildir \ - mailwrapper mercurial mmx mmxext modperl motif mp3 mysql nis odbc ogg pam \ - pch pcre pdf perl php pic png python rar samba sasl session smtp snmp soap spamassassin \ - spell sqlite sqlite3 sse sse2 subversion svg syslog theora tiff tk truetype \ - unicode vhosts vim-syntax vorbis wmf x264 xattr xml xmlrpc xpm xsl xvid zlib" -d61 1 -a61 1 -PORT_LOGDIR="/var/log/portage" -d63 1 -@ - - -1.5 -log -@Checked in. -@ -text -@d20 1 -a20 1 - pch pcre pdf php pic png python rar samba sasl session smtp snmp soap spamassassin \ -@ - - -1.4 -log -@Checked in. -@ -text -@d30 2 -a31 2 - authz_host authz_owner authz_user autoindex cache charset_lite dav dav_fs - dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache -d57 2 -@ - - -1.3 -log -@Checked in. -@ -text -@d17 1 -a17 1 - gnutls gpg gs gsl gtk guile html icu idn imap ipv6 ithreads jadetex java \ -@ - - -1.2 -log -@Checked in. -@ -text -@d15 6 -a20 5 -USE="3dnow X acl apache2 audit bash-completion bzip2 caps cgi curl djvu doc examples expat fam \ - fastcgi fontconfig ftp gd gif git gmp gnutls gpg gs gsl gtk guile html icu idn \ - imap ipv6 ithreads jadetex java javascript jbig jpeg jpeg2k kerberos lasi ldap libwww lua \ - lzma lzo maildir mailwrapper mmx mmxext modperl motif mp3 mysql nis odbc ogg pam \ - pch pcre pdf php pic png python samba sasl session smtp snmp soap spamassassin \ -@ - - -1.1 -log -@Initial revision -@ -text -@d18 1 -a18 1 - lzo maildir mailwrapper mmx mmxext modperl motif mp3 mysql nis odbc ogg pam \ -@ diff --git a/.rcs/make.conf.sarah,v b/.rcs/make.conf.sarah,v deleted file mode 100644 index a375e5b..0000000 --- a/.rcs/make.conf.sarah,v +++ /dev/null @@ -1,608 +0,0 @@ -head 1.29; -access; -symbols; -locks; strict; -comment @# @; - - -1.29 -date 2010.04.12.08.42.16; author root; state Exp; -branches; -next 1.28; - -1.28 -date 2010.03.03.09.40.27; author root; state Exp; -branches; -next 1.27; - -1.27 -date 2010.02.04.18.02.12; author root; state Exp; -branches; -next 1.26; - -1.26 -date 2009.11.06.15.40.51; author root; state Exp; -branches; -next 1.25; - -1.25 -date 2009.10.27.10.36.10; author root; state Exp; -branches; -next 1.24; - -1.24 -date 2009.09.15.09.50.26; author root; state Exp; -branches; -next 1.23; - -1.23 -date 2009.07.13.08.48.31; author root; state Exp; -branches; -next 1.22; - -1.22 -date 2009.07.13.08.21.47; author root; state Exp; -branches; -next 1.21; - -1.21 -date 2009.06.15.09.46.43; author root; state Exp; -branches; -next 1.20; - -1.20 -date 2009.05.20.14.56.48; author root; state Exp; -branches; -next 1.19; - -1.19 -date 2009.03.30.21.09.00; author root; state Exp; -branches; -next 1.18; - -1.18 -date 2009.03.16.15.52.36; author root; state Exp; -branches; -next 1.17; - -1.17 -date 2009.02.09.09.54.34; author root; state Exp; -branches; -next 1.16; - -1.16 -date 2008.12.15.09.47.19; author root; state Exp; -branches; -next 1.15; - -1.15 -date 2008.12.08.09.26.17; author root; state Exp; -branches; -next 1.14; - -1.14 -date 2008.10.06.10.16.34; author root; state Exp; -branches; -next 1.13; - -1.13 -date 2008.08.14.19.55.22; author root; state Exp; -branches; -next 1.12; - -1.12 -date 2008.08.04.07.27.22; author root; state Exp; -branches; -next 1.11; - -1.11 -date 2008.07.10.09.16.43; author root; state Exp; -branches; -next 1.10; - -1.10 -date 2008.06.10.14.50.28; author root; state Exp; -branches; -next 1.9; - -1.9 -date 2008.06.10.13.42.07; author root; state Exp; -branches; -next 1.8; - -1.8 -date 2008.03.12.17.05.09; author root; state Exp; -branches; -next 1.7; - -1.7 -date 2008.02.11.08.51.40; author root; state Exp; -branches; -next 1.6; - -1.6 -date 2008.02.04.09.59.35; author root; state Exp; -branches; -next 1.5; - -1.5 -date 2008.01.09.10.00.27; author root; state Exp; -branches; -next 1.4; - -1.4 -date 2007.12.17.08.57.22; author root; state Exp; -branches; -next 1.3; - -1.3 -date 2007.11.19.10.32.09; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2007.10.18.09.26.58; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2007.08.07.10.41.04; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.29 -log -@Checked in. -@ -text -@# These settings were set by the catalyst build script that automatically built this stage -# Please consult /etc/make.conf.example for a more detailed example - -# -# $Header: /etc/make.conf,v 1.28 2010/03/03 09:40:27 root Exp $ -# - -CFLAGS="-O2 -march=i686 -pipe -march=athlon" -CHOST="i686-pc-linux-gnu" -CXXFLAGS="${CFLAGS}" - -I_KNOW_WHAT_I_AM_DOING=yes - -ACCEPT_LICENSE="DOOM3 PUEL RTCW RTCW-ETEULA" - -SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" - -USE="3dnow X acl apache2 audit bash-completion bzip2 caps cgi curl djvu doc examples expat fam - fastcgi fontconfig ftp gd gif git gmp gnome-keyring gnutls gpg gs gsl gtk guile hal html icu idn - imap ipv6 ithreads jadetex java javascript jbig jpeg jpeg2k kerberos lasi ldap libwww lua - lzo maildir mailwrapper mbox mmx mmxext modperl motif mp3 mysql nis nptl odbc ogg pam - pch pcre pdf php pic png pop python ruby samba sasl session slp smtp snmp soap spamassassin - spell sqlite sqlite3 sse subversion svg syslog tcl theora threads tiff tk truetype - unicode usb vhosts vim-syntax vorbis wmf x264 xattr xml xmlrpc xpm xsl xvid zlib" -# ithreads - -APACHE2_MODULES="actions alias asis auth_basic auth_digest authn_alias authn_anon authn_dbd - authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile - authz_host authz_owner authz_user autoindex cache charset_lite dav dav_fs - dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache - filter headers icu ident imagemap include info log_config log_forensic logio - mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer - proxy_connect proxy_ftp proxy_http rewrite setenvif speling status - substitute unique_id userdir usertrack vhost_alias " -# -cern_meta -dumpio -version - -#APACHE2_MPMS="-event% -itk% -peruser% -prefork% -worker%" -APACHE2_MPMS="prefork" - -VIDEO_CARDS="intel mach64 r128 radeon savage via svga" - -CONFIG_PROTECT="/var/www/ldap/htdocs/config /var/www/ldap/htdocs/templates" -CONFIG_PROTECT_MASK="/etc/init.d" - -PORTAGE_NICENESS=3 - -PORT_LOGDIR="/var/log/portage" - -AUTOCLEAN="yes" -PORTAGE_ELOG_CLASSES="info warn error log" -PORTAGE_ELOG_SYSTEM="save mail" -PORTAGE_ELOG_MAILURI="frank@@brehm-online.com localhost" -PORTAGE_ELOG_MAILFROM="portage@@brehm-online.com" - -PORTDIR_OVERLAY="/usr/local/portage" -FEATURES="parallel-fetch" -#MAKEOPTS="-j3" -EMERGE_DEFAULT_OPTS="--with-bdeps y " - -LINGUAS="de en en_GB en_US" - -#FETCHCOMMAND="mv -v \${DISTDIR}/.old/\${FILE} \${DISTDIR}/" - -# GENTOO_MIRRORS="ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ http://ftp.lug.ro/gentoo/ http://ftp.du.se/pub/os/gentoo" -#GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ http://pandemonium.tiscali.de/pub/gentoo/" -GENTOO_MIRRORS="ftp://mirror.netcologne.de/gentoo/ ftp://mirror.muntinternet.net/pub/gentoo/ http://mirror.muntinternet.net/pub/gentoo/ http://gentoo.supp.name/" - -source /var/lib/layman/make.conf - -@ - - -1.28 -log -@Checked in. -@ -text -@d5 1 -a5 1 -# $Header: /etc/make.conf,v 1.27 2010/02/04 18:02:12 root Exp $ -d40 2 -@ - - -1.27 -log -@Checked in. -@ -text -@d5 1 -a5 1 -# $Header: /etc/make.conf,v 1.26 2009/11/06 15:40:51 root Exp $ -d66 1 -a66 1 -source /usr/portage/local/layman/make.conf -@ - - -1.26 -log -@Checked in. -@ -text -@d5 1 -a5 1 -# $Header: /etc/make.conf,v 1.25 2009/10/27 10:36:10 root Exp $ -d8 1 -a8 1 -CFLAGS="-O3 -march=i686 -pipe -march=athlon" -d25 1 -@ - - -1.25 -log -@Checked in. -@ -text -@d5 1 -a5 1 -# $Header: /etc/make.conf,v 1.24 2009/09/15 09:50:26 root Exp $ -d19 1 -a19 1 - fastcgi fontconfig ftp gd gif git gmp gnome-keyring gnutls gpg gs gsl gtk guile hal html idn -d23 1 -a23 1 - spell sqlite sqlite3 sse subversion svg tcl theora threads tiff tk truetype -@ - - -1.24 -log -@Checked in. -@ -text -@d5 1 -a5 1 -# $Header: /etc/make.conf,v 1.23 2009/07/13 08:48:31 root Exp $ -d14 2 -@ - - -1.23 -log -@Checked in. -@ -text -@d5 1 -a5 1 -# $Header: $ -d18 1 -a18 1 - imap ipv6 ithreads jadetex java javascript jbig jpeg jpeg2k kerberos ldap libwww lua -@ - - -1.22 -log -@Checked in. -@ -text -@d4 4 -@ - - -1.21 -log -@Checked in. -@ -text -@d13 2 -a14 2 - fastcgi fontconfig ftp gd gif git gmp gnome-keyring gnutls gpg gs gsl gtk guile hal html idn imap - ipv6 ithreads jadetex java javascript jbig jpeg jpeg2k kerberos ldap libwww lua -@ - - -1.20 -log -@Checked in. -@ -text -@d13 1 -a13 1 - fastcgi fontconfig ftp gd gif git gmp gnutls gpg gs gsl gtk guile hal html idn imap -@ - - -1.19 -log -@Checked in. -@ -text -@d13 1 -a13 1 - fastcgi fontconfig ftp gd gif git gmp gnutls gpg gs gsl gtk guile hal html idn -d16 1 -a16 1 - pch pcre pdf php pic png python ruby samba sasl session slp snmp soap spamassassin -@ - - -1.18 -log -@Checked in. -@ -text -@d56 2 -a57 1 -GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ http://ftp.snt.utwente.nl/pub/os/linux/gentoo http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/ http://pandemonium.tiscali.de/pub/gentoo/" -@ - - -1.17 -log -@Checked in. -@ -text -@d17 1 -a17 1 - spell sqlite sqlite3 sse sse2 subversion svg tcl theora threads tiff tk truetype -@ - - -1.16 -log -@Checked in. -@ -text -@d12 1 -a12 1 -USE="X acl apache2 bash-completion bzip2 caps cgi curl djvu doc examples expat fam -d15 1 -a15 1 - lzo maildir mailwrapper mbox mmx mmxext modperl motif mp3 mysql nis nptl odbc pam -@ - - -1.15 -log -@Checked in. -@ -text -@d15 1 -a15 1 - lzo maildir mailwrapper mbox mmx modperl motif mysql nis nptl odbc pam -d17 2 -a18 2 - spell sqlite sqlite3 sse sse2 subversion svg tcl threads tiff tk truetype - unicode usb vhosts vim-syntax wmf xattr xml xmlrpc xpm xsl zlib" -d28 1 -a28 1 -# -cern_meta -dumpio -version -@ - - -1.14 -log -@Checked in. -@ -text -@d16 1 -a16 1 - pch pcre pdf php pic png python ruby samba sasl session slp snmp soap -@ - - -1.13 -log -@Checked in. -@ -text -@d14 1 -a14 1 - ipv6 ithreads java javascript jbig jpeg jpeg2k kerberos ldap libwww lua -@ - - -1.12 -log -@Checked in. -@ -text -@d12 2 -a13 2 -USE="X acl apache2 bash-completion bzip2 caps curl djvu doc examples expat fam - fastcgi fontconfig ftp gd gif gmp gnutls gs gsl gtk guile hal html idn -d17 2 -a18 2 - spell sqlite sqlite3 sse sse2 svg tcl threads tiff tk truetype unicode - usb vhosts vim-syntax wmf xattr xml xmlrpc xpm xsl zlib" -@ - - -1.11 -log -@Checked in. -@ -text -@d12 7 -a18 7 -USE="X acl apache2 bash-completion bzip2 caps curl djvu doc examples expat fam fastcgi fontconfig ftp - gd gif gmp gnutls gs gsl gtk guile hal html idn ipv6 ithreads java javascript jbig jpeg jpeg2k - kerberos ldap libwww lzo lua maildir mailwrapper mbox mmx modperl motif mysql nis - nptl odbc pam pch pcre pdf php pic - png python ruby samba sasl session slp snmp soap sqlite sqlite3 spell sse sse2 svg tcl - threads tk tiff truetype unicode usb vim-syntax vhosts wmf xattr xml xmlrpc xpm - xsl zlib" -@ - - -1.10 -log -@Checked in. -@ -text -@d8 2 -@ - - -1.9 -log -@Checked in. -@ -text -@d11 1 -a11 1 - gd gif gmp gnutls gs gsl gtk guile hal html idn ipv6 ithreads java javascript jbig jpeg -d25 1 -a25 1 - unique_id userdir usertrack vhost_alias " -@ - - -1.8 -log -@Checked in. -@ -text -@d8 2 -@ - - -1.7 -log -@Checked in. -@ -text -@d9 1 -a9 1 - gd gif gmp gnutls gs gtk guile hal html idn ipv6 ithreads java javascript jbig jpeg -@ - - -1.6 -log -@Checked in. -@ -text -@d8 1 -a8 1 -USE="X acl apache2 bash-completion bzip2 caps curl doc examples expat fam fastcgi ftp -d12 1 -a12 1 - png python ruby samba sasl session slp snmp soap sqlite sqlite3 spell sse sse2 tcl -@ - - -1.5 -log -@Checked in. -@ -text -@d20 1 -a20 1 - filter headers ident imagemap include info log_config log_forensic logio -@ - - -1.4 -log -@Checked in. -@ -text -@d9 2 -a10 2 - gd gif gmp gnutls gs gtk hal html idn ipv6 ithreads java javascript jbig jpeg - kerberos ldap libwww lua maildir mailwrapper mbox mmx modperl motif mysql nis -d12 1 -a12 1 - png python samba sasl session slp snmp soap sqlite sqlite3 spell sse sse2 tcl -d16 13 -@ - - -1.3 -log -@Checked in. -@ -text -@d9 3 -a11 2 - gd gif gmp gnutls gs gtk html idn ipv6 ithreads java javascript jbig jpeg - kerberos ldap lua mailwrapper mbox mmx modperl motif mysql nis nptl odbc pam pcre pdf php pic -d16 1 -@ - - -1.2 -log -@Checked in. -@ -text -@d10 1 -a10 1 - kerberos ldap lua mbox mmx modperl motif mysql nis nptl odbc pam pcre pdf php pic -d12 1 -a12 1 - threads tk tiff truetype unicode usb vhosts wmf xattr xml xmlrpc xpm -@ - - -1.1 -log -@Initial revision -@ -text -@d8 6 -a13 14 -USE="X acl acpi aio apache2 authdaemond bash-completion bcmath bind-mysql - bzip2 bzlib calendar caps cddb cgi cli cpdflib cscope ctype curl - curlwrappers dba dbase dbus dga dio diskio dlz doc elf epydoc examples exif - expat extraengine fam ffmpeg flatfile fontconfig ftp gcj gd gd-external gif gmp - gnutls gs gtk hash iconv idea idn imap inifile innodb ipv6 ithreads java - javascript jbig jpeg kerberos ldap ldap-sasl lm_sensors lua lzw mbox mdb - memlimit mfd-rewrites mhash mime ming mmx mpeg mpg modperl motif mudflap - multiuser mysql mysqli net nis nptl oav objc objc++ objc-gc odbc openssl - pad pam pcntl pcre pdf pdo-external pear perlsuid php pic png posix python - qt3support quotas rle rpc samba sasl search sendmail session shaper sharedext - sharedmem simplexml slp smux snmp soap sqlite sockets spell spl sse sse2 - suhosin syslog sysvipc tcl threads tk tidy tiff tokenizer truetype - unicode usb vda vim-with-x vhosts wddx wmf xattr xml xmlreader xmlrpc xmlwriter - xpm xsl yaz zip zlib" -d34 2 -@ diff --git a/.rcs/mdadm.conf,v b/.rcs/mdadm.conf,v deleted file mode 100644 index 66d436b..0000000 --- a/.rcs/mdadm.conf,v +++ /dev/null @@ -1,96 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.05.26.21.14.42; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.25.14.58.11; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@# mdadm configuration file -# -# mdadm will function properly without the use of a configuration file, -# but this file is useful for keeping track of arrays and member disks. -# In general, a mdadm.conf file is created, and updated, after arrays -# are created. This is the opposite behavior of /etc/raidtab which is -# created prior to array construction. -# -# -# the config file takes two types of lines: -# -# DEVICE lines specify a list of devices of where to look for -# potential member disks -# -# ARRAY lines specify information about how to identify arrays so -# so that they can be activated -# -# You can have more than one device line and use wild cards. The first -# example includes SCSI the first partition of SCSI disks /dev/sdb, -# /dev/sdc, /dev/sdd, /dev/sdj, /dev/sdk, and /dev/sdl. The second -# line looks for array slices on IDE disks. -# -#DEVICE /dev/sd[bcdjkl]1 -#DEVICE /dev/hda1 /dev/hdb1 -# -# If you mount devfs on /dev, then a suitable way to list all devices is: -#DEVICE /dev/discs/*/* -# -# -# -# ARRAY lines specify an array to assemble and a method of identification. -# Arrays can currently be identified by using a UUID, superblock minor number, -# or a listing of devices. -# -# super-minor is usually the minor number of the metadevice -# UUID is the Universally Unique Identifier for the array -# Each can be obtained using -# -# mdadm -D -# -#ARRAY /dev/md0 UUID=3aaa0122:29827cfa:5331ad66:ca767371 -#ARRAY /dev/md1 super-minor=1 -#ARRAY /dev/md2 devices=/dev/hda1,/dev/hdb1 -# -# ARRAY lines can also specify a "spare-group" for each array. mdadm --monitor -# will then move a spare between arrays in a spare-group if one array has a failed -# drive but no spare -#ARRAY /dev/md4 uuid=b23f3c6d:aec43a9f:fd65db85:369432df spare-group=group1 -#ARRAY /dev/md5 uuid=19464854:03f71b1b:e0df2edd:246cc977 spare-group=group1 -# -# When used in --follow (aka --monitor) mode, mdadm needs a -# mail address and/or a program. This can be given with "mailaddr" -# and "program" lines to that monitoring can be started using -# mdadm --follow --scan & echo $! > /var/run/mdadm -# If the lines are not found, mdadm will exit quietly -#MAILADDR root@@mydomain.tld -MAILADDR frank@@brehm-online.com -#PROGRAM /usr/sbin/handle-mdadm-events -@ - - -1.1 -log -@Initial revision -@ -text -@d57 1 -@ diff --git a/.rcs/ntp.conf,v b/.rcs/ntp.conf,v deleted file mode 100644 index 98c9aef..0000000 --- a/.rcs/ntp.conf,v +++ /dev/null @@ -1,97 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.05.26.21.08.58; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.26.14.45.15; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@# NOTES: -# DHCP clients can append or replace NTP configuration files. -# You should consult your DHCP client documentation about its -# default behaviour and how to change it. - -# Name of the servers ntpd should sync with -# Please respect the access policy as stated by the responsible person. -#server ntp.example.tld iburst - -# Common pool for random people -#server pool.ntp.org - -# Pools for Gentoo users -server 0.gentoo.pool.ntp.org -server 1.gentoo.pool.ntp.org -server 2.gentoo.pool.ntp.org -server 3.gentoo.pool.ntp.org - -## -# A list of available servers can be found here: -# http://www.pool.ntp.org/ -# http://www.pool.ntp.org/#use -# A good way to get servers for your machine is: -# netselect -s 3 pool.ntp.org -## - -# you should not need to modify the following paths -driftfile /var/lib/ntp/ntp.drift - -logfile /var/log/ntp - -statsdir /var/log/ntpstats/ -filegen loopstats file loopstats type day enable -filegen peerstats file peerstats type day enable -filegen clockstats file clockstats type day enable - -#server ntplocal.example.com prefer -#server timeserver.example.org - -# Warning: Using default NTP settings will leave your NTP -# server accessible to all hosts on the Internet. - -# If you want to deny all machines (including your own) -# from accessing the NTP server, uncomment: -#restrict default ignore - - -# To deny other machines from changing the -# configuration but allow localhost: -restrict default nomodify nopeer -restrict 127.0.0.1 - - -# To allow machines within your network to synchronize -# their clocks with your server, but ensure they are -# not allowed to configure the server or used as peers -# to synchronize against, uncomment this line. -# -#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap -@ - - -1.1 -log -@Initial revision -@ -text -@d30 7 -@ diff --git a/.rcs/passwd,v b/.rcs/passwd,v deleted file mode 100644 index c678c10..0000000 --- a/.rcs/passwd,v +++ /dev/null @@ -1,131 +0,0 @@ -head 1.3; -access; -symbols; -locks; strict; -comment @# @; - - -1.3 -date 2010.12.01.22.06.55; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.12.01.21.18.58; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.18.53.27; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.3 -log -@Checked in. -@ -text -@root:x:0:0:root Helga:/root:/bin/bash -bin:x:1:1:bin:/bin:/bin/false -daemon:x:2:2:daemon:/sbin:/bin/false -adm:x:3:4:adm:/var/adm:/bin/false -lp:x:4:7:lp:/var/spool/lpd:/bin/false -sync:x:5:0:sync:/sbin:/bin/sync -shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown -halt:x:7:0:halt:/sbin:/sbin/halt -mail:x:8:12:mail:/var/spool/mail:/bin/false -news:x:9:13:news:/usr/lib/news:/bin/false -uucp:x:10:14:uucp:/var/spool/uucppublic:/bin/false -operator:x:11:0:operator:/root:/bin/bash -man:x:13:15:man:/usr/share/man:/bin/false -postmaster:x:14:12:postmaster:/var/spool/mail:/bin/false -cron:x:16:16:added by portage for cronbase:/var/spool/cron:/sbin/nologin -ftp:x:21:21:added by portage for ftpbase:/home/ftp:/sbin/nologin -sshd:x:22:22:added by portage for openssh:/var/empty:/sbin/nologin -at:x:25:25:added by portage for at:/var/spool/at/atjobs:/sbin/nologin -games:x:36:35:added by portage for enemy-territory:/usr/games:/bin/bash -named:x:40:40:added by portage for bind:/etc/bind:/sbin/nologin -mysql:x:60:60:added by portage for mysql:/dev/null:/sbin/nologin -apache:x:81:81:added by portage for apache:/var/www:/sbin/nologin -ulogd:x:101:197:added by portage for ulogd:/var/log/ulogd:/sbin/nologin -tcpdump:x:102:196:added by portage for tcpdump:/dev/null:/sbin/nologin -messagebus:x:103:110:added by portage for dbus:/dev/null:/sbin/nologin -nagios:x:104:104:added by portage for nagios-plugins-snmp:/var/nagios/home:/bin/bash -teamspeak3:x:105:103:added by portage for teamspeak-server-bin:/dev/null:/sbin/nologin -polw:x:106:102:added by portage for policyd-weight:/dev/null:/sbin/nologin -postgrey:x:107:101:added by portage for postgrey:/dev/null:/sbin/nologin -amavis:x:108:999:added by portage for amavisd-new:/var/amavis:/sbin/nologin -clamav:x:109:998:added by portage for clamav:/dev/null:/sbin/nologin -proftpd:x:110:1008:added by portage for proftpd:/dev/null:/sbin/nologin -rpc:x:111:111:added by portage for portmap:/dev/null:/sbin/nologin -ntp:x:123:123:added by portage for ntp:/dev/null:/sbin/nologin -postfix:x:207:207:added by portage for postfix:/var/spool/postfix:/sbin/nologin -smmsp:x:209:209:smmsp:/var/spool/mqueue:/bin/false -portage:x:250:250:portage:/var/tmp/portage:/bin/false -ldap:x:439:439:added by portage for openldap:/usr/lib64/openldap:/sbin/nologin -nobody:x:65534:65534:nobody:/:/bin/false -taurec:x:1000:100:Jörn Valentin:/home/taurec:/bin/bash -morph:x:1001:100:Daniel Wendler:/home/morph:/bin/bash -patrick:x:1004:100:Patrick Hennig:/home/patrick:/bin/bash -vivi:x:1006:100:Vivien Winkler:/home/vivi:/bin/bash -frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash -doris:x:1019:100:Doris Hennig:/home/doris:/bin/bash -davis:x:1020:100:Davis Winkler:/home/davis:/bin/bash -thomas:x:1021:100:Thomas Schmidt:/home/thomas:/bin/bash -vmail:x:1023:1023:Virtual Mailuser:/home/vmail:/bin/false -alfred:x:1024:100:Alfred Haberkorn:/home/alfred:/bin/bash -steffen:x:1025:100:Steffen Brehm:/home/steffen:/bin/bash -heiko:x:1029:100:Heiko Hennig:/home/heiko:/bin/bash -@ - - -1.2 -log -@Checked in. -@ -text -@d19 1 -d32 1 -d36 1 -d40 4 -d45 7 -@ - - -1.1 -log -@Initial revision -@ -text -@d1 1 -a1 1 -root:x:0:0:root:/root:/bin/bash -d15 2 -a16 2 -portage:x:250:250:portage:/var/tmp/portage:/bin/false -nobody:x:65534:65534:nobody:/:/bin/false -d18 1 -a18 1 -cron:x:16:16:added by portage for cronbase:/var/spool/cron:/sbin/nologin -d20 2 -a21 1 -at:x:25:25:added by portage for at:/var/spool/at/atjobs:/sbin/nologin -a23 5 -ntp:x:123:123:added by portage for ntp:/dev/null:/sbin/nologin -frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash -ldap:x:439:439:added by portage for openldap:/usr/lib64/openldap:/sbin/nologin -mysql:x:60:60:added by portage for mysql:/dev/null:/sbin/nologin -rpc:x:111:111:added by portage for portmap:/dev/null:/sbin/nologin -a24 2 -apache:x:81:81:added by portage for apache:/var/www:/sbin/nologin -ftp:x:21:21:added by portage for ftpbase:/home/ftp:/sbin/nologin -a26 1 -postfix:x:207:207:added by portage for postfix:/var/spool/postfix:/sbin/nologin -d31 7 -@ diff --git a/.rcs/policyd-weight.conf,v b/.rcs/policyd-weight.conf,v deleted file mode 100644 index e13d82c..0000000 --- a/.rcs/policyd-weight.conf,v +++ /dev/null @@ -1,284 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.26.13.07.36; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.1 -log -@Initial revision -@ -text -@# ---------------------------------------------------------------- -# policyd-weight configuration (defaults) Version 0.1.14 beta-17 -# ---------------------------------------------------------------- - - - $DEBUG = 0; # 1 or 0 - don't comment - - $REJECTMSG = "550 Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs"; - - $REJECTLEVEL = 1; # Mails with scores which exceed this - # REJECTLEVEL will be rejected - - $DEFER_STRING = 'IN_SPAMCOP= BOGUS_MX='; - # A space separated case-sensitive list of - # strings on which if found in the $RET - # logging-string policyd-weight changes - # its action to $DEFER_ACTION in case - # of rejects. - # USE WITH CAUTION! - # DEFAULT: "IN_SPAMCOP= BOGUS_MX=" - - - $DEFER_ACTION = '450'; # Possible values: DEFER_IF_PERMIT, - # DEFER_IF_REJECT, - # 4xx response codes. See also access(5) - # DEFAULT: 450 - - $DEFER_LEVEL = 5; # DEFER mail only up to this level - # scores greater than DEFER_LEVEL will be - # rejected - # DEFAULT: 5 - - $DNSERRMSG = '450 No DNS entries for your MTA, HELO and Domain. Contact YOUR administrator'; - - $dnsbl_checks_only = 0; # 1: ON, 0: OFF (default) - # If ON request that ALL clients are only - # checked against RBLs - - @@dnsbl_checks_only_regexps = ( - # qr/[^.]*(exch|smtp|mx|mail).*\..*\../, - # qr/yahoo.com$/ -); # specify a comma-separated list of regexps - # for client hostnames which shall only - # be RBL checked. This does not work for - # postfix' "unknown" clients. - # The usage of this should not be the norm - # and is a tool for people which like to - # shoot in their own foot. - # DEFAULT: empty - - - $LOG_BAD_RBL_ONLY = 1; # 1: ON (default), 0: OFF - # When set to ON it logs only RBLs which - # affect scoring (positive or negative) - -## DNSBL settings - @@dnsbl_score = ( -# HOST, HIT SCORE, MISS SCORE, LOG NAME - 'pbl.spamhaus.org', 3.25, 0, 'DYN_PBL_SPAMHAUS', - 'sbl-xbl.spamhaus.org', 4.35, -1.5, 'SBL_XBL_SPAMHAUS', - 'bl.spamcop.net', 3.75, -1.5, 'SPAMCOP', - 'dnsbl.njabl.org', 4.25, -1.5, 'BL_NJABL', - 'list.dsbl.org', 4.35, 0, 'DSBL_ORG', - 'ix.dnsbl.manitu.net', 4.35, 0, 'IX_MANITU' -); - - $MAXDNSBLHITS = 2; # If Client IP is listed in MORE - # DNSBLS than this var, it gets - # REJECTed immediately - - $MAXDNSBLSCORE = 8; # alternatively, if the score of - # DNSBLs is ABOVE this - # level, reject immediately - - $MAXDNSBLMSG = '550 Your MTA is listed in too many DNSBLs'; - -## RHSBL settings - @@rhsbl_score = ( - 'multi.surbl.org', 4, 0, 'SURBL', - 'rhsbl.ahbl.org', 4, 0, 'AHBL', - 'dsn.rfc-ignorant.org', 3.5, 0, 'DSN_RFCI', - 'postmaster.rfc-ignorant.org', 0.1, 0, 'PM_RFCI', - 'abuse.rfc-ignorant.org', 0.1, 0, 'ABUSE_RFCI' -); - - $BL_ERROR_SKIP = 2; # skip a RBL if this RBL had this many continuous - # errors - - $BL_SKIP_RELEASE = 10; # skip a RBL for that many times - -## cache stuff - $LOCKPATH = '/var/run/policyd-weight/'; # must be a directory (add - # trailing slash) - - $SPATH = $LOCKPATH.'/polw.sock'; # socket path for the cache - # daemon. - - $MAXIDLECACHE = 60; # how many seconds the cache may be idle - # before starting maintenance routines - # NOTE: standard maintenance jobs happen - # regardless of this setting. - - $MAINTENANCE_LEVEL = 5; # after this number of requests do following - # maintenance jobs: - # checking for config changes - -# negative (i.e. SPAM) result cache settings ################################## - - $CACHESIZE = 2000; # set to 0 to disable caching for spam results. - # To this level the cache will be cleaned. - - $CACHEMAXSIZE = 4000; # at this number of entries cleanup takes place - - $CACHEREJECTMSG = '550 temporarily blocked because of previous errors'; - - $NTTL = 1; # after NTTL retries the cache entry is deleted - - $NTIME = 30; # client MUST NOT retry within this seconds in order - # to decrease TTL counter - - -# positve (i.,e. HAM) result cache settings ################################### - - $POSCACHESIZE = 1000; # set to 0 to disable caching of HAM. To this number - # of entries the cache will be cleaned - - $POSCACHEMAXSIZE = 2000; # at this number of entries cleanup takes place - - $POSCACHEMSG = 'using cached result'; - - $PTTL = 60; # after PTTL requests the HAM entry must - # succeed one time the RBL checks again - - $PTIME = '3h'; # after $PTIME in HAM Cache the client - # must pass one time the RBL checks again. - # Values must be nonfractal. Accepted - # time-units: s, m, h, d - - $TEMP_PTIME = '1d'; # The client must pass this time the RBL - # checks in order to be listed as hard-HAM - # After this time the client will pass - # immediately for PTTL within PTIME - - -## DNS settings - $DNS_RETRIES = 2; # Retries for ONE DNS-Lookup - - $DNS_RETRY_IVAL = 2; # Retry-interval for ONE DNS-Lookup - - $MAXDNSERR = 3; # max error count for unresponded queries - # in a complete policy query - - $MAXDNSERRMSG = 'passed - too many local DNS-errors'; - - $PUDP = 0; # persistent udp connection for DNS queries. - # broken in Net::DNS version 0.51. Works with - # Net::DNS 0.53; DEFAULT: off - - $USE_NET_DNS = 0; # Force the usage of Net::DNS for RBL lookups. - # Normally policyd-weight tries to use a faster - # RBL lookup routine instead of Net::DNS - - - $NS = ''; # A list of space separated NS IPs - # This overrides resolv.conf settings - # Example: $NS = '1.2.3.4 1.2.3.5'; - # DEFAULT: empty - - - $IPC_TIMEOUT = 2; # timeout for receiving from cache instance - - $TRY_BALANCE = 0; # If set to 1 policyd-weight closes connections - # to smtpd clients in order to avoid too many - # established connections to one policyd-weight - # child - -# scores for checks, WARNING: they may manipulate eachother -# or be factors for other scores. -# HIT score, MISS Score - @@client_ip_eq_helo_score = (1.5, -1.25 ); - @@helo_score = (1.5, -2 ); - @@helo_from_mx_eq_ip_score = (1.5, -3.1 ); - @@helo_numeric_score = (2.5, 0 ); - @@from_match_regex_verified_helo = (1, -2 ); - @@from_match_regex_unverified_helo = (1.6, -1.5 ); - @@from_match_regex_failed_helo = (2.5, 0 ); - @@helo_seems_dialup = (1.5, 0 ); - @@failed_helo_seems_dialup = (2, 0 ); - @@helo_ip_in_client_subnet = (0, -1.2 ); - @@helo_ip_in_cl16_subnet = (0, -0.41 ); - @@client_seems_dialup_score = (3.75, 0 ); - @@from_multiparted = (1.09, 0 ); - @@from_anon = (1.17, 0 ); - @@bogus_mx_score = (2.1, 0 ); - @@random_sender_score = (0.25, 0 ); - @@rhsbl_penalty_score = (3.1, 0 ); - @@enforce_dyndns_score = (3, 0 ); - - - $VERBOSE = 0; - - $ADD_X_HEADER = 1; # Switch on or off an additional - # X-policyd-weight: header - # DEFAULT: on - - - $DEFAULT_RESPONSE = 'DUNNO default'; # Fallback response in case - # the weighted check didn't - # return any response (should never - # appear). - - - -# -# Syslogging options for verbose mode and for fatal errors. -# NOTE: comment out the $syslog_socktype line if syslogging does not -# work on your system. -# - - $syslog_socktype = 'unix'; # inet, unix, stream, console - - $syslog_facility = "mail"; - $syslog_options = "pid"; - $syslog_priority = "info"; - $syslog_ident = "postfix/policyd-weight"; - - -# -# Process Options -# - $USER = "polw"; # User must be a username, no UID - - $GROUP = ""; # specify GROUP if necessary - # DEFAULT: empty, will be initialized as - # $USER - - $MAX_PROC = 50; # Upper limit if child processes - $MIN_PROC = 3; # keep that minimum processes alive - - $TCP_PORT = 12525; # The TCP port on which policyd-weight - # listens for policy requests from postfix - - $BIND_ADDRESS = '127.0.0.1'; # IP-Address on which policyd-weight will - # listen for requests. - # You may only list ONE IP here, if you want - # to listen on all IPs you need to say 'all' - # here. Default is '127.0.0.1'. - # You need to restart policyd-weight if you - # change this. - - $SOMAXCONN = 1024; # Maximum of client connections - # policyd-weight accepts - # Default: 1024 - - - $CHILDIDLE = 240; # how many seconds a child may be idle before - # it dies. - - $PIDFILE = "/var/run/policyd-weight.pid"; - -@ diff --git a/.rcs/shadow,v b/.rcs/shadow,v deleted file mode 100644 index 7218b89..0000000 --- a/.rcs/shadow,v +++ /dev/null @@ -1,135 +0,0 @@ -head 1.3; -access; -symbols; -locks; strict; -comment @# @; - - -1.3 -date 2010.12.01.22.18.09; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.12.01.21.24.20; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.18.53.27; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.3 -log -@Checked in. -@ -text -@root:$6$0briKxmJ$IhtNDwr2yTK6nImlWue6P.NqFEURw9rOYmTXImRGR6EyBsls.yh.CIay2UU01fJ18NGmnNw7NkccUoVNlSgvL1:14942:0::::: -bin:*:9797:0::::: -daemon:*:9797:0::::: -adm:*:9797:0::::: -lp:*:9797:0::::: -sync:*:9797:0::::: -shutdown:*:9797:0::::: -halt:*:9797:0::::: -mail:*:9797:0::::: -news:*:9797:0::::: -uucp:*:9797:0::::: -operator:*:9797:0::::: -man:*:9797:0::::: -postmaster:*:9797:0::::: -cron:!:14942:::::: -ftp:!:14944:::::: -sshd:!:14931:::::: -at:!:14942:::::: -games:!:14755:0:99999:7::: -named:!:14942:::::: -mysql:!:14943:::::: -apache:!:14944:::::: -ulogd:!:14942:::::: -tcpdump:!:14942:::::: -messagebus:!:14943:::::: -nagios:!:14944:::::: -teamspeak3:!:14944:::::: -polw:!:14944:::::: -postgrey:!:14944:::::: -amavis:!:14944:::::: -clamav:!:14944:::::: -proftpd:!:14755:0:99999:7::: -rpc:!:14943:::::: -ntp:!:14942:::::: -postfix:!:14944:::::: -smmsp:!:14944:::::: -portage:!:14944:::::: -ldap:!:14943:::::: -nobody:*:9797:0::::: -taurec:$1$aIByn.zw$HuqtNPuXReU4CqFQ21D0m1:14754:0:99999:7::: -morph:$1$VXZ6JKs.$5BFb1vxIPcpV8qvfGU9721:14756:0:99999:7::: -patrick:$6$cayHKFTo$y3plIUQem6gONYo/D.VqfmcUJRgJ08lxWKzr.Q2NYw9P6BWOGLFgNi6HyWQ8sCjR9Ky7cWvBULtyxJG4xq2Bq1:14756:0:99999:7::: -vivi:$6$XgM4lbim$X2/XVS1Ymb1g0jDaoEFXaBvBRGpTFEk/PwZabvj1f2fRClMCJi4wDW1yOE2ScY6DBwmk9rHfykwI2u5WFgMe..:14756:0:99999:7::: -frank:$6$DFnYHGpc$8YQInxXqQjHzWX/1m3xCeK8Myr1t4NoehN.HYeSrdVQU6IAr7BTjgn4yex.eTTSWysqnfGQxXe5yE.P4aIn8p.:14758:0:99999:7::: -doris:$6$ytvH/1Wr$TBx1U/JLr62XC5slXfmU3fm1qz8wDqS5Awa23RYk7yxNTYEuRukEOOyq6wGhoB32NJqBtLR/8lPW0Ed6jGnFa0:14756:0:99999:7::: -davis:$1$3T8Trt8I$msRWT6I6Th7I4Oh/ZPJ5L0:14756:0:99999:7::: -thomas:$1$0XWKbUsf$U73Y/KdvYm6RVQMwMUowF0:14756:0:99999:7::: -vmail:$1$PlXil62T$WTZDda6da9pKsgvD3S4vu.:14756:0:99999:7::: -alfred:$6$7QGTopxZ$8cZaNAdFh9HPzgmo2J1klt1pXKacybRWfp3BnTY3q8ufnp8lNYFEdstvxgHD9iqSL8FpvrsGeC3V3BXhgzZO/.:14756:0:99999:7::: -steffen:$6$hjuxkJql$9/ANdpksdci1A40kjix8xMXEnrhCeGlfGxHxsWHADY44Xe.NY0sahgAzIAhTtX5/gIaCoTU37z2QbHCoBPy5k0:14756:0:99999:7::: -heiko:$1$OcX7G9Sq$YjjhAKtIp7UyxeZuHysq7/:14756:0:99999:7::: -@ - - -1.2 -log -@Checked in. -@ -text -@d19 1 -d32 1 -d36 1 -d40 4 -d45 7 -@ - - -1.1 -log -@Initial revision -@ -text -@a1 4 -halt:*:9797:0::::: -operator:*:9797:0::::: -shutdown:*:9797:0::::: -sync:*:9797:0::::: -d6 3 -a9 1 -postmaster:*:9797:0::::: -d12 5 -a16 1 -nobody:*:9797:0::::: -d18 1 -a18 1 -cron:!:14942:::::: -d20 2 -a21 1 -at:!:14942:::::: -a23 5 -ntp:!:14942:::::: -frank:$6$DFnYHGpc$8YQInxXqQjHzWX/1m3xCeK8Myr1t4NoehN.HYeSrdVQU6IAr7BTjgn4yex.eTTSWysqnfGQxXe5yE.P4aIn8p.:14758:0:99999:7::: -ldap:!:14943:::::: -mysql:!:14943:::::: -rpc:!:14943:::::: -a24 2 -apache:!:14944:::::: -ftp:!:14944:::::: -a26 1 -postfix:!:14944:::::: -d31 7 -@ diff --git a/.rcs/smartd.conf,v b/.rcs/smartd.conf,v deleted file mode 100644 index 9b7254f..0000000 --- a/.rcs/smartd.conf,v +++ /dev/null @@ -1,162 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.22.15.07; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Sample configuration file for smartd. See man smartd.conf. - -# Home page is: http://smartmontools.sourceforge.net - -# $Id: smartd.conf,v 1.45 2006/11/12 23:39:04 dpgilbert Exp $ - -# smartd will re-read the configuration file if it receives a HUP -# signal - -# The file gives a list of devices to monitor using smartd, with one -# device per line. Text after a hash (#) is ignored, and you may use -# spaces and tabs for white space. You may use '\' to continue lines. - -# You can usually identify which hard disks are on your system by -# looking in /proc/ide and in /proc/scsi. - -# The word DEVICESCAN will cause any remaining lines in this -# configuration file to be ignored: it tells smartd to scan for all -# ATA and SCSI devices. DEVICESCAN may be followed by any of the -# Directives listed below, which will be applied to all devices that -# are found. Most users should comment out DEVICESCAN and explicitly -# list the devices that they wish to monitor. -DEVICESCAN - -# Alternative setting to ignore temperature and power-on hours reports -# in syslog. -#DEVICESCAN -I 194 -I 231 -I 9 - -# Alternative setting to report more useful raw temperature in syslog. -#DEVICESCAN -R 194 -R 231 -I 9 - -# Alternative setting to report raw temperature changes >= 5 Celsius -# and min/max temperatures. -#DEVICESCAN -I 194 -I 231 -I 9 -W 5 - -# First (primary) ATA/IDE hard disk. Monitor all attributes, enable -# automatic online data collection, automatic Attribute autosave, and -# start a short self-test every day between 2-3am, and a long self test -# Saturdays between 3-4am. -#/dev/hda -a -o on -S on -s (S/../.././02|L/../../6/03) - -# Monitor SMART status, ATA Error Log, Self-test log, and track -# changes in all attributes except for attribute 194 -#/dev/hdb -H -l error -l selftest -t -I 194 - -# Monitor all attributes except normalized Temperature (usually 194), -# but track Temperature changes >= 4 Celsius, report Temperatures -# >= 45 Celsius and changes in Raw value of Reallocated_Sector_Ct (5). -# Send mail on SMART failures or when Temperature is >= 55 Celsius. -#/dev/hdc -a -I 194 -W 4,45,55 -R 5 -m admin@@example.com - -# An ATA disk may appear as a SCSI device to the OS. If a SCSI to -# ATA Translation (SAT) layer is between the OS and the device then -# this can be flagged with the '-d sat' option. This situation may -# become common with SATA disks in SAS and FC environments. -# /dev/sda -a -d sat - -# A very silent check. Only report SMART health status if it fails -# But send an email in this case -#/dev/hdc -H -C 0 -U 0 -m admin@@example.com - -# First two SCSI disks. This will monitor everything that smartd can -# monitor. Start extended self-tests Wednesdays between 6-7pm and -# Sundays between 1-2 am -#/dev/sda -d scsi -s L/../../3/18 -#/dev/sdb -d scsi -s L/../../7/01 - -# Monitor 4 ATA disks connected to a 3ware 6/7/8000 controller which uses -# the 3w-xxxx driver. Start long self-tests Sundays between 1-2, 2-3, 3-4, -# and 4-5 am. -# NOTE: starting with the Linux 2.6 kernel series, the /dev/sdX interface -# is DEPRECATED. Use the /dev/tweN character device interface instead. -# For example /dev/twe0, /dev/twe1, and so on. -#/dev/sdc -d 3ware,0 -a -s L/../../7/01 -#/dev/sdc -d 3ware,1 -a -s L/../../7/02 -#/dev/sdc -d 3ware,2 -a -s L/../../7/03 -#/dev/sdc -d 3ware,3 -a -s L/../../7/04 - -# Monitor 2 ATA disks connected to a 3ware 9000 controller which uses -# the 3w-9xxx driver (Linux, FreeBSD). Start long self-tests Tuesdays -# between 1-2 and 3-4 am. -#/dev/twa0 -d 3ware,0 -a -s L/../../2/01 -#/dev/twa0 -d 3ware,1 -a -s L/../../2/03 - -# Same as above for Windows. Option '-d 3ware,N' is not necessary, -# disk (port) number is specified in device name. -# NOTE: On Windows, DEVICESCAN works also for 3ware controllers. -#/dev/hdc,0 -a -s L/../../2/01 -#/dev/hdc,1 -a -s L/../../2/03 - -# Monitor 3 ATA disks directly connected to a HighPoint RocketRAID. Start long -# self-tests Sundays between 1-2, 2-3, and 3-4 am. -#/dev/sdd -d hpt,1/1 -a -s L/../../7/01 -#/dev/sdd -d hpt,1/2 -a -s L/../../7/02 -#/dev/sdd -d hpt,1/3 -a -s L/../../7/03 - -# Monitor 2 ATA disks connected to the same PMPort which connected to the -# HighPoint RocketRAID. Start long self-tests Tuesdays between 1-2 and 3-4 am -#/dev/sdd -d hpt,1/4/1 -a -s L/../../2/01 -#/dev/sdd -d hpt,1/4/2 -a -s L/../../2/03 - -# HERE IS A LIST OF DIRECTIVES FOR THIS CONFIGURATION FILE. -# PLEASE SEE THE smartd.conf MAN PAGE FOR DETAILS -# -# -d TYPE Set the device type: ata, scsi, marvell, removable, 3ware,N, hpt,L/M/N -# -T TYPE set the tolerance to one of: normal, permissive -# -o VAL Enable/disable automatic offline tests (on/off) -# -S VAL Enable/disable attribute autosave (on/off) -# -n MODE No check. MODE is one of: never, sleep, standby, idle -# -H Monitor SMART Health Status, report if failed -# -l TYPE Monitor SMART log. Type is one of: error, selftest -# -f Monitor for failure of any 'Usage' Attributes -# -m ADD Send warning email to ADD for -H, -l error, -l selftest, and -f -# -M TYPE Modify email warning behavior (see man page) -# -s REGE Start self-test when type/date matches regular expression (see man page) -# -p Report changes in 'Prefailure' Normalized Attributes -# -u Report changes in 'Usage' Normalized Attributes -# -t Equivalent to -p and -u Directives -# -r ID Also report Raw values of Attribute ID with -p, -u or -t -# -R ID Track changes in Attribute ID Raw value with -p, -u or -t -# -i ID Ignore Attribute ID for -f Directive -# -I ID Ignore Attribute ID for -p, -u or -t Directive -# -C ID Report if Current Pending Sector count non-zero -# -U ID Report if Offline Uncorrectable count non-zero -# -W D,I,C Monitor Temperature D)ifference, I)nformal limit, C)ritical limit -# -v N,ST Modifies labeling of Attribute N (see man page) -# -a Default: equivalent to -H -f -t -l error -l selftest -C 197 -U 198 -# -F TYPE Use firmware bug workaround. Type is one of: none, samsung -# -P TYPE Drive-specific presets: use, ignore, show, showall -# # Comment: text after a hash sign is ignored -# \ Line continuation character -# Attribute ID is a decimal integer 1 <= ID <= 255 -# except for -C and -U, where ID = 0 turns them off. -# All but -d, -m and -M Directives are only implemented for ATA devices -# -# If the test string DEVICESCAN is the first uncommented text -# then smartd will scan for devices /dev/hd[a-l] and /dev/sd[a-z] -# DEVICESCAN may be followed by any desired Directives. -@ diff --git a/.rcs/ulogd.conf,v b/.rcs/ulogd.conf,v deleted file mode 100644 index 4574ebe..0000000 --- a/.rcs/ulogd.conf,v +++ /dev/null @@ -1,311 +0,0 @@ -head 1.3; -access; -symbols; -locks; strict; -comment @# @; - - -1.3 -date 2010.10.12.07.51.44; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.05.27.09.10.01; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.26.09.20.32; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.3 -log -@Checked in. -@ -text -@# Example configuration for ulogd -# $Id$ -# Adapted to Debian by Achilleas Kotsis - -[global] -###################################################################### -# GLOBAL OPTIONS -###################################################################### - - -# logfile for status messages -logfile="/var/log/ulogd/daemon.log" - -# loglevel: debug(1), info(3), notice(5), error(7) or fatal(8) -loglevel=3 - -###################################################################### -# PLUGIN OPTIONS -###################################################################### - -# We have to configure and load all the plugins we want to use - -# general rules: -# 1. load the plugins _first_ from the global section -# 2. options for each plugin in seperate section below - - -plugin="/usr/lib64/ulogd/ulogd_inppkt_NFLOG.so" -plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" -plugin="/usr/lib64/ulogd/ulogd_inpflow_NFCT.so" -plugin="/usr/lib64/ulogd/ulogd_filter_IFINDEX.so" -plugin="/usr/lib64/ulogd/ulogd_filter_IP2STR.so" -plugin="/usr/lib64/ulogd/ulogd_filter_IP2BIN.so" -plugin="/usr/lib64/ulogd/ulogd_filter_PRINTPKT.so" -plugin="/usr/lib64/ulogd/ulogd_filter_HWHDR.so" -plugin="/usr/lib64/ulogd/ulogd_filter_PRINTFLOW.so" -#plugin="/usr/lib64/ulogd/ulogd_filter_MARK.so" -plugin="/usr/lib64/ulogd/ulogd_output_LOGEMU.so" -#plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" -#plugin="/usr/lib64/ulogd/ulogd_output_XML.so" -#plugin="/usr/lib64/ulogd/ulogd_output_OPRINT.so" -#plugin="/usr/lib64/ulogd/ulogd_output_NACCT.so" -#plugin="/usr/lib64/ulogd/ulogd_output_PCAP.so" -#plugin="/usr/lib64/ulogd/ulogd_output_PGSQL.so" -#plugin="/usr/lib64/ulogd/ulogd_output_MYSQL.so" -#plugin="/usr/lib64/ulogd/ulogd_output_DBI.so" -plugin="/usr/lib64/ulogd/ulogd_raw2packet_BASE.so" - -# this is a stack for logging packet send by system via LOGEMU -stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU - -# this is a stack for packet-based logging via LOGEMU -stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU - -# this is a stack for ULOG packet-based logging via LOGEMU -stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU - -# this is a stack for packet-based logging via LOGEMU with filtering on MARK -#stack=log2:NFLOG,mark1:MARK,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU - -# this is a stack for flow-based logging via LOGEMU -#stack=ct1:NFCT,ip2str1:IP2STR,print1:PRINTFLOW,emu1:LOGEMU - -# this is a stack for flow-based logging via OPRINT -#stack=ct1:NFCT,op1:OPRINT - -# this is a stack for flow-based logging via XML -#stack=ct1:NFCT,xml1:XML - -# this is a stack for logging in XML -#stack=log1:NFLOG,xml1:XML - -# this is a stack for NFLOG packet-based logging to PCAP -#stack=log2:NFLOG,base1:BASE,pcap1:PCAP - -# this is a stack for logging packet to MySQL -#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2bin1:IP2BIN,mac2str1:HWHDR,mysql1:MYSQL - -# this is a stack for logging packet to PGsql after a collect via NFLOG -#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,mac2str1:HWHDR,pgsql1:PGSQL - -# this is a stack for logging packets to syslog after a collect via NFLOG -#stack=log3:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,sys1:SYSLOG - -# this is a stack for flow-based logging to MySQL -#stack=ct1:NFCT,ip2bin1:IP2BIN,mysql2:MYSQL - -# this is a stack for flow-based logging to PGSQL -#stack=ct1:NFCT,ip2str1:IP2STR,pgsql2:PGSQL - -# this is a stack for flow-based logging to PGSQL without local hash -#stack=ct1:NFCT,ip2str1:IP2STR,pgsql3:PGSQL - - -# this is a stack for flow-based logging in NACCT compatible format -#stack=ct1:NFCT,ip2str1:IP2STR,nacct1:NACCT - -[ct1] -#netlink_socket_buffer_size=217088 -#netlink_socket_buffer_maxsize=1085440 -#netlink_resync_timeout=60 # seconds to wait to perform resynchronization -#pollinterval=10 # use poll-based logging instead of event-driven - -[ct2] -#netlink_socket_buffer_size=217088 -#netlink_socket_buffer_maxsize=1085440 -hash_enable=0 - -# Logging of system packet through NFLOG -[log1] -# netlink multicast group (the same as the iptables --nflog-group param) -# Group O is used by the kernel to log connection tracking invalid message -group=0 -#netlink_socket_buffer_size=217088 -#netlink_socket_buffer_maxsize=1085440 -# set number of packet to queue inside kernel -#netlink_qthreshold=1 -# set the delay before flushing packet in the queue inside kernel (in 10ms) -#netlink_qtimeout=100 - -# packet logging through NFLOG for group 1 -[log2] -# netlink multicast group (the same as the iptables --nflog-group param) -group=1 # Group has to be different from the one use in log1 -#netlink_socket_buffer_size=217088 -#netlink_socket_buffer_maxsize=1085440 -# If your kernel is older than 2.6.29 and if a NFLOG input plugin with -# group 0 is not used by any stack, you need to have at least one NFLOG -# input plugin with bind set to 1. If you don't do that you may not -# receive any message from the kernel. -#bind=1 - -# packet logging through NFLOG for group 2, numeric_label is -# set to 1 -[log3] -# netlink multicast group (the same as the iptables --nflog-group param) -group=2 # Group has to be different from the one use in log1/log2 -numeric_label=1 # you can label the log info based on the packet verdict -#netlink_socket_buffer_size=217088 -#netlink_socket_buffer_maxsize=1085440 -#bind=1 - -[ulog1] -# netlink multicast group (the same as the iptables --ulog-nlgroup param) -nlgroup=1 -#numeric_label=0 # optional argument - -[emu1] -file="/var/log/ulogd/syslogemu.log" -sync=1 - -[op1] -file="/var/log/ulogd/oprint.log" -#file="/var/log/ulogd_oprint.log" -sync=1 - -[xml1] -directory="/var/log/ulogd/" -sync=1 - -[pcap1] -sync=1 - -[mysql1] -db="nulog" -host="localhost" -user="nupik" -table="ulog" -pass="changeme" -procedure="INSERT_PACKET_FULL" - -[mysql2] -db="nulog" -host="localhost" -user="nupik" -table="ulog" -pass="changeme" -procedure="INSERT_CT" - -[pgsql1] -db="nulog" -host="localhost" -user="nupik" -table="ulog" -pass="changeme" -procedure="INSERT_PACKET_FULL" - -[pgsql2] -db="nulog" -host="localhost" -user="nupik" -table="ulog2_ct" -pass="changeme" -procedure="INSERT_CT" - -[pgsql3] -db="nulog" -host="localhost" -user="nupik" -table="ulog2_ct" -pass="changeme" -procedure="INSERT_OR_REPLACE_CT" - -[dbi1] -db="ulog2" -dbtype="pgsql" -host="localhost" -user="ulog2" -table="ulog" -pass="ulog2" -procedure="INSERT_PACKET_FULL" - -[sys2] -facility=LOG_LOCAL2 - -[nacct1] -sync = 1 - -[mark1] -mark = 1 -@ - - -1.2 -log -@Checked in. -@ -text -@d2 1 -a2 1 -# $Id: ulogd.conf,v 1.1 2010/05/26 09:20:32 root Exp $ -d40 1 -d67 6 -d101 2 -d118 2 -a119 2 -# set the delay before flushing packet in the queue inside kernel (in ms) -#netlink_qtimeout=1000 -d154 5 -@ - - -1.1 -log -@Initial revision -@ -text -@d2 1 -a2 1 -# $Id$ -d12 1 -a12 1 -logfile="/var/log/ulogd.log" -d15 1 -a15 1 -loglevel=1 -d29 1 -a29 1 -#plugin="/usr/lib64/ulogd/ulogd_inppkt_ULOG.so" -d39 1 -a39 1 -plugin="/usr/lib64/ulogd/ulogd_output_SYSLOG.so" -d49 1 -a49 1 -#stack=log1:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU -d52 1 -a52 1 -#stack=log2:NFLOG,base1:BASE,ifi1:IFINDEX,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU -d55 1 -a55 1 -#stack=ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPKT,emu1:LOGEMU -d140 1 -a140 1 -file="/var/log/ulogd_syslogemu.log" -d144 1 -a144 1 -file="/var/log/ulogd_oprint.log" -@ diff --git a/adjtime b/adjtime index 3537aac..05c2c01 100644 --- a/adjtime +++ b/adjtime @@ -1,3 +1,3 @@ -0.000000 1294695034 0.000000 -1294695034 +0.000000 1343116740 0.000000 +1343116740 UTC diff --git a/amavisd.conf b/amavisd.conf index 0834395..2f797ae 100644 --- a/amavisd.conf +++ b/amavisd.conf @@ -1,975 +1,227 @@ use strict; -# Sample configuration file for amavisd-new (traditional style, chatty, -# you may prefer to start with the more concise supplied amavisd.conf) +# a minimalistic configuration file for amavisd-new with all necessary settings # -# See amavisd.conf-default for a list of all variables with their defaults; -# for more details see documentation in INSTALL, README_FILES/* -# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html - -# This software is licensed under the GNU General Public License (GPL). -# See comments at the start of amavisd-new for the whole license text. - -#Sections: -# Section I - Essential daemon and MTA settings -# Section II - MTA specific -# Section III - Logging -# Section IV - Notifications/DSN, bounce/reject/discard/pass, quarantine -# Section V - Per-recipient and per-sender handling, whitelisting, etc. -# Section VI - Resource limits -# Section VII - External programs, virus scanners, SpamAssassin -# Section VIII - Debugging -# Section IX - Policy banks (dynamic policy switching) - -#GENERAL NOTES: -# This file is a normal Perl code, interpreted by Perl itself. -# - make sure this file (or directory where it resides) is NOT WRITABLE -# by mere mortals (not even vscan/amavis; best to make it owned by root), -# otherwise it can represent a severe security risk! -# - for values which are interpreted as booleans, it is recommended -# to use 1 for true, and 0 or undef or '' for false; -# Note that this interpretation of boolean values does not apply directly -# to LDAP and SQL lookups, which follow their own rules - see README.lookups -# and README.ldap (in short: use Y/N in SQL, and TRUE/FALSE in LDAP); -# - Perl syntax applies. Most notably: strings in "" may include variables -# (which start with $ or @); to include characters $ and @ and \ in double -# quoted strings precede them by a backslash; in single-quoted strings -# the $ and @ lose their special meaning, so it is usually easier to use -# single quoted strings (or qw operator) for e-mail addresses. -# In both types of quoting a backslash should to be doubled. -# - variables with names starting with a '@' are lists, the values assigned -# to them should be lists too, e.g. ('one@foo', $mydomain, "three"); -# note the comma-separation and parenthesis. If strings in the list -# do not contain spaces nor variables, a Perl operator qw() may be used -# as a shorthand to split its argument on whitespace and produce a list -# of strings, e.g. qw( one@foo example.com three ); Note that the argument -# to qw is quoted implicitly and no variable interpretation is done within -# (no '$' variable evaluations). The #-initiated comments can NOT be used -# within a string. In other words, $ and # lose their special meaning -# within a qw argument, just like within '...' strings. -# - all e-mail addresses in this file and as used internally by the daemon -# are in their raw (rfc2821-unquoted and non-bracketed) form, i.e. -# Bob "Funny" Dude@example.com, not: "Bob \"Funny\" Dude"@example.com -# and not <"Bob \"Funny\" Dude"@example.com>; also: '' and not '<>'. -# - the term 'default value' in examples below refers to the value of a -# variable pre-assigned to it by the program; any explicit assignment -# to a variable in this configuration file overrides the default value; +# see amavisd.conf-default for a list of all variables with their defaults; +# for more details see documentation in INSTALL, README_FILES/* +# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html -# -# Section I - Essential daemon and MTA settings -# +# COMMONLY ADJUSTED SETTINGS: -# $MYHOME serves as a quick default for some other configuration settings. -# More refined control is available with each individual setting further down. -# $MYHOME is not used directly by the program. No trailing slash! -$MYHOME = '/var/amavis'; # (default is '/var/amavis'), -H +# @bypass_virus_checks_maps = (1); # controls running of anti-virus code +# @bypass_spam_checks_maps = (1); # controls running of anti-spam code +# $bypass_decode_parts = 1; # controls running of decoders&dearchivers -# $mydomain serves as a quick default for some other configuration settings. -# More refined control is available with each individual setting further down. -# $mydomain is never used directly by the program. -$mydomain = 'brehm-online.com'; # (no useful default) +$max_servers = 2; # num of pre-forked children (2..30 is common), -m +$max_requests = 20; # retire a child after that many accepts (default 20) -# $myhostname = 'host.example.com'; # fqdn of this host, default by uname(3) -$myhostname = 'helga.brehm-online.com'; +$child_timeout=5*60; # abort child if it does not complete its processing in + # approximately n seconds (default: 8*60 seconds) -# Set the user and group to which the daemon will change if started as root -# (otherwise just keeps the UID unchanged, and these settings have no effect): -$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u -$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g +$smtpd_timeout = 120; # disconnect session if client is idle for too long + # (default: 8*60 seconds); should be higher than a + # Postfix setting max_idle (default 100s) -# Runtime working directory (cwd), and a place where -# temporary directories for unpacking mail are created. -# (no trailing slash, may be a scratch file system) -#$TEMPBASE = $MYHOME; # (must be set if other config vars use is), -T -$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean? +$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u +$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g -#$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db", -D +$mydomain = 'brehm-online.com'; # a convenient default for other settings -# $helpers_home sets environment variable HOME, and is passed as option -# 'home_dir_for_helpers' to Mail::SpamAssassin::new. It should be a directory -# on a normal persistent file system, not a scratch or temporary file system -#$helpers_home = $MYHOME; # (defaults to $MYHOME), -S +# $MYHOME = '/var/amavis'; # a convenient default for other settings, -H +$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T +$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc. +$QUARANTINEDIR = "$MYHOME/quarantine"; # -Q +# $quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine +# $release_format = 'resend'; # 'attach', 'plain', 'resend' +# $report_format = 'arf'; # 'attach', 'plain', 'resend', 'arf' -# Run the daemon in the specified chroot jail if nonempty: -#$daemon_chroot_dir = $MYHOME; # (default is undef, meaning: do not chroot), -R +# $daemon_chroot_dir = $MYHOME; # chroot directory or undef, -R -#$pid_file = "$MYHOME/amavisd.pid"; # (default is "$MYHOME/amavisd.pid"), -P -#$lock_file = "$MYHOME/amavisd.lock"; # (default is "$MYHOME/amavisd.lock"), -L +# $db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D +# $helpers_home = "$MYHOME/var"; # working directory for SpamAssassin, -S +# $lock_file = "$MYHOME/var/amavisd.lock"; # -L +# $pid_file = "$MYHOME/var/amavisd.pid"; # -P +#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually -# set environment variables if you want (no defaults): -$ENV{TMPDIR} = $TEMPBASE; # used for SA temporary files, by some decoders, etc. +$log_level = 0; # verbosity 0..5, -d +$log_recip_templ = undef; # disable by-recipient level-0 log entries +$do_syslog = 1; # log via syslogd (preferred) +$syslog_facility = 'mail'; # Syslog facility as a string + # e.g.: mail, daemon, user, local0, ... local7 $enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) -$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1 - +$nanny_details_level = 2; # nanny verbosity: 1: traditional, 2: detailed $enable_dkim_verification = 0; # enable DKIM signatures verification $enable_dkim_signing = 0; # load DKIM signing code, keys defined by dkim_key -# MTA SETTINGS, UNCOMMENT AS APPROPRIATE, -# both $forward_method and $notify_method default to 'smtp:[127.0.0.1]:10025' - -# POSTFIX, or SENDMAIL in dual-MTA setup, or EXIM V4 -# (set host and port number as required; host can be specified -# as an IP address or a DNS name (A or CNAME, but MX is ignored) -#$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail -#$notify_method = $forward_method; # where to submit notifications - -#$os_fingerprint_method = 'p0f:127.0.0.1:2345'; # query p0f-analyzer.pl - -# To make it possible for several hosts to share one content checking daemon, -# the IP address and/or the port number in $forward_method and $notify_method -# may be spacified as an asterisk. An asterisk in the colon-separated -# second field (host) will be replaced by the SMTP client peer address, -# An asterisk in the third field (tcp port) will be replaced by the incoming -# SMTP/LMTP session port number plus one. This obsoletes the previously used -# less flexible configuration parameter $relayhost_is_client. An example: -# $forward_method = 'smtp:*:*'; $notify_method = 'smtp:*:10587'; - - -# NOTE: The defaults (above) are good for Postfix or dual-sendmail. You MUST -# uncomment the appropriate settings below if using other setups! - -# SENDMAIL MILTER, using amavis-milter.c helper program: -#$forward_method = undef; # no explicit forwarding, sendmail does it by itself -# milter; option -odd is needed to avoid deadlocks -#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -odd -f ${sender} -- ${recipient}'; -# just a thought: can we use use -Am instead of -odd ? - -# SENDMAIL (old non-milter setup, as relay, deprecated): -#$forward_method = 'pipe:flags=q argv=/usr/sbin/sendmail -C/etc/sendmail.orig.cf -i -f ${sender} -- ${recipient}'; -#$notify_method = $forward_method; - -# SENDMAIL (old non-milter setup, amavis.c calls local delivery agent, deprecated): -#$forward_method = undef; # no explicit forwarding, amavis.c will call LDA -#$notify_method = 'pipe:flags=q argv=/usr/sbin/sendmail -Ac -i -f ${sender} -- ${recipient}'; - -# EXIM v3 (not recommended with v4 or later, which can use SMTP setup instead): -#$forward_method = 'pipe:flags=q argv=/usr/sbin/exim -oMr scanned-ok -i -f ${sender} -- ${recipient}'; -#$notify_method = $forward_method; - -# COURIER using courierfilter -#$forward_method = undef; # no explicit forwarding, Courier does it itself -#$notify_method = 'pipe:flags=q argv=perl -e $pid=fork();if($pid==-1){exit(75)}elsif($pid==0){exec(@ARGV)}else{exit(0)} /usr/sbin/sendmail -f ${sender} -- ${recipient}'; -# Only set $courierfilter_shutdown to 1 if you are using courierfilter to -# control the startup and shutdown of amavis -#$courierfilter_shutdown = 1; # (default 0) - -# prefer to collect mail for forwarding as BSMTP files? -#$forward_method = "bsmtp:$MYHOME/out-%i-%n.bsmtp"; -#$notify_method = $forward_method; - @auth_mech_avail = qw(PLAIN LOGIN); $auth_required_inp = 0; $auth_required_out = 0; -# Net::Server pre-forking settings -# The $max_servers should match the width of your MTA pipe -# feeding amavisd, e.g. with Postfix the 'Max procs' field in the -# master.cf file, like the '2' in the: smtp-amavis unix - - n - 2 smtp -# -$max_servers = 2; # num of pre-forked children (2..30 is common), -m -$max_requests = 20; # retire a child after that many accepts (default 20) - -$child_timeout=5*60; # abort child if it does not complete its processing in - # approximately n seconds (default: 8*60 seconds) - -$smtpd_timeout = 120; # disconnect session if client is idle for too long - # (default: 8*60 seconds); should be higher than a - # Postfix setting max_idle (default 100s) - -# Here is a QUICK WAY to completely DISABLE some sections of code -# that WE DO NOT WANT (it won't even be compiled-in). -# For more refined controls leave the following two lines commented out, -# and see further down what these two lookup lists really mean. -# -# @bypass_virus_checks_maps = (1); # controls running of anti-virus code -# @bypass_spam_checks_maps = (1); # controls running of anti-spam code -# $bypass_decode_parts = 1; # controls running of decoders&dearchivers -# -# Any setting can be changed with a new assignment, so make sure -# you do not unintentionally override these settings further down! - -# Check also the settings of @av_scanners at the end if you want to use -# virus scanners. If not, you may want to delete the whole long assignment -# to the variable @av_scanners and @av_scanners_backup, which will also -# remove the virus checking code (e.g. if you only want to do spam scanning). +@local_domains_maps = ( [".$mydomain"] ); # list of all local domains +@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 + 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); -# Lookup list of local domains (see README.lookups for syntax details) -# -# @local_domains_maps is a list of lookup tables which are used in deciding -# whether a recipient is local or not, or in other words, if the message is -# outgoing or not. This affects inserting spam-related and OS fingerprinting -# header fields for local recipients, editing Subject header field and allowing -# mail body defanging, limiting recipient notifications to local recipients, -# in deciding if address extension may be appended, in matching mail addresses -# to non-fqdn SQL record keys, for proper operation of pen pals feature, -# for selecting statistics counters (distinguishing outgoing from internal- -# to internal mail), and possibly more in future versions. -# Set it up correctly if you need features that rely on this setting. -# -# With Postfix (2.0) a quick hint on what local domains normally are: -# a union of domains specified in: mydestination, virtual_alias_domains, -# virtual_mailbox_domains, and relay_domains. - -@local_domains_maps = ( [".$mydomain"] ); # $mydomain and its subdomains -# @local_domains_maps = (); # default is empty list, no recip. considered local -# @local_domains_maps = # using ACL lookup table -# ( [ ".$mydomain", 'sub.example.net', '.example.com' ] ); -# @local_domains_maps = # similar, split list elements on whitespace -# ( [qw( .example.com !host.sub.example.net .sub.example.net )] ); -# @local_domains_maps = ( new_RE( qr'[@.]example\.com$'i ) ); # using regexp -# @local_domains_maps = ( read_hash("$MYHOME/local_domains") ); # using hash -# perhaps combined with Postfix: mydestination = /var/amavis/local_domains -# for debugging purposes: dump_hash($local_domains_maps[0]); -# -# Section II - MTA specific (defaults should be ok) -# +$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter + # option(s) -p overrides $inet_socket_port and $unix_socketname -#$insert_received_line = 1; # behave like MTA: insert 'Received:' header - # (does not apply to sendmail/milter) - # (default is true) - -# AMAVIS-CLIENT AND COURIER PROTOCOL INPUT SETTINGS (e.g. amavisd-release, or -# sendmail milter through helper clients like amavis-milter.c and amavis.c) -# option(s) -p overrides $inet_socket_port and $unix_socketname -$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket -#$unix_socketname = undef; # disable listening on a unix socket - # (default is undef, i.e. disabled) -#$unix_socketname = "/var/lib/courier/allfilters/amavisd"; # Courier socket - # (usual setting is $MYHOME/amavisd.sock) - -# SMTP SERVER (INPUT) PROTOCOL SETTINGS (e.g. with Postfix, Exim v4, ...) -# (used when MTA is configured to pass mail to amavisd via SMTP or LMTP) -$inet_socket_port = 10024; # accept SMTP on this local TCP port - # (default is undef, i.e. disabled) -# multiple ports may be provided: $inet_socket_port = [10024, 10026, 10028]; - -# SMTP SERVER (INPUT) access control -# - do not allow free access to the amavisd SMTP port !!! -# -# when MTA is at the same host, use the following (one or the other or both): -#$inet_socket_bind = '127.0.0.1'; # limit socket bind to loopback interface - # (default is '127.0.0.1') +$inet_socket_port = 10024; # listen on this local TCP port(s) +# $inet_socket_port = [10024,10026]; # listen on multiple TCP ports @inet_acl = qw(127.0.0.1 [::1]); # allow SMTP access only from localhost IP # (default is qw(127.0.0.1 [::1]) ) -# when MTA (one or more) is on a different host, use the following: -#@inet_acl = qw(127.0.0.0/8 [::1] 10.1.0.1 10.1.0.2); # adjust list as needed -#$inet_socket_bind = undef; # bind to all IP interfaces if undef +$policy_bank{'MYNETS'} = { # mail originating from @mynetworks + originating => 1, # is true in MYNETS by default, but let's make it explicit + os_fingerprint_method => undef, # don't query p0f for internal clients +}; + +# it is up to MTA to re-route mail from authenticated roaming users or +# from internal hosts to a dedicated TCP port (such as 10026) for filtering +$interface_policy{'10026'} = 'ORIGINATING'; + +$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users + originating => 1, # declare that mail was submitted by our smtp client + allow_disclaimers => 1, # enables disclaimer insertion if available + # notify administrator of locally originating malware + virus_admin_maps => ["virusalert\@$mydomain"], + spam_admin_maps => ["virusalert\@$mydomain"], + warnbadhsender => 1, + # forward to a smtpd service providing DKIM signing service + forward_method => 'smtp:[127.0.0.1]:10027', + # force MTA conversion to 7-bit (e.g. before DKIM signing) + smtpd_discard_ehlo_keywords => ['8BITMIME'], + bypass_banned_checks_maps => [1], # allow sending any file names and types + terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option +}; + +$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with $unix_socketname + +# Use with amavis-release over a socket or with Petr Rehor's amavis-milter.c +# (with amavis-milter.c from this package or old amavis.c client use 'AM.CL'): +$policy_bank{'AM.PDP-SOCK'} = { + protocol => 'AM.PDP', + auth_required_release => 0, # do not require secret_id for amavisd-release +}; + +$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level +$sa_tag2_level_deflt = 6.2; # add 'spam detected' headers at that level +$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail) +$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent +$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From +# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off +$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database) +$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam +$bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces -# -# Example1: -# @inet_acl = qw( 127/8 10/8 172.16/12 192.168/16 ); -# permit only SMTP access from loopback and rfc1918 private address space -# -# Example2: -# @inet_acl = qw( !192.168.1.12 172.16.3.3 !172.16.3/255.255.255.0 -# 127.0.0.1 10/8 172.16/12 192.168/16 ); -# matches loopback and rfc1918 private address space except host 192.168.1.12 -# and net 172.16.3/24 (but host 172.16.3.3 within 172.16.3/24 still matches) -# -# Example3: -# @inet_acl = qw( 127/8 -# !172.16.3.0 !172.16.3.127 172.16.3.0/25 -# !172.16.3.128 !172.16.3.255 172.16.3.128/25 ); -# matches loopback and both halves of the 172.16.3/24 C-class, -# split into two subnets, except all four broadcast addresses -# for these subnets - - -# @mynetworks is an IP access list which determines if the original SMTP client -# IP address belongs to our internal networks, i.e. mail is coming from inside. -# It is much like the Postfix parameter 'mynetworks' in semantics and similar -# in syntax, and its value should normally match the Postfix counterpart. -# It only affects the value of a macro %l (=sender-is-local), -# and the loading of policy 'MYNETS' if present (see below). -# Note that '-o smtp_send_xforward_command=yes' (or its lmtp counterpart) -# must be enabled in the Postfix service that feeds amavisd, otherwise -# client IP address is not available to amavisd-new. -# -# @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 -# 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); # default -# -# A list of networks can also be read from a file, either as an IP acl in -# CIDR notation, one address per line (comments and empty lines are allowed): -# @mynetworks_maps = (read_array('/etc/amavisd-mynetworks'), \@mynetworks); -# -# or less flexibly (but provides faster lookups for large lists) by reading -# into a hash lookup table, which only allows for full addresses or classful -# IPv4 subnets with truncated octets, such as 127, 10, 192.168, 10.11.12.13, -# one address per line (comments and empty lines are allowed): -# @mynetworks_maps = (read_hash('/etc/amavisd-mynetworks'), \@mynetworks); +$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger +$sa_local_tests_only = 0; # only tests which do not require internet access? -# See README.lookups for details on specifying access control lists. +# @lookup_sql_dsn = +# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'], +# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'], +# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] ); +# @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database +# $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; +# defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) -# -# Section III - Logging -# +$virus_admin = "virusalert\@$mydomain"; # notifications recip. -# true (e.g. 1) => syslog; false (e.g. 0) => logging to file -$DO_SYSLOG = 1; # (defaults to 0) - -$syslog_ident = 'amavis'; # Syslog ident string (defaults to 'amavis') -$syslog_facility = 'mail'; # Syslog facility as a string - # e.g.: mail, daemon, user, local0, ... local7, ... -$syslog_priority = 'info'; # Syslog base (minimal) priority as a string, - # choose from: emerg, alert, crit, err, warning, notice, info, debug - -# Log file (if not using syslog) -$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log) - -#NOTE: levels are not strictly observed and are somewhat arbitrary -# 0: startup/exit/failure messages, viruses detected -# 1: args passed from client, some more interesting messages -# 2: virus scanner output, timing -# 3: server, client -# 4: decompose parts -# 5: more debug details -$log_level = 3; # (defaults to 0), -d - -# Customizable template for the most interesting log file entry (e.g. with -# $log_level=0) (take care to properly quote Perl special characters like '\') -# For a list of available macros see README.customize . - -# $log_templ = undef; # undef disables by-message level-0 log entries -$log_recip_templ = undef; # undef disables by-recipient level-0 log entries - - -# log both infected and noninfected messages (as deflt, with size,subj,tests): -# (remove the leading '#' and a space in the following lines to activate) - -# $log_templ = <<'EOD'; -# [?%#D|#|Passed # -# [? [:ccat|major] |OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ -# UNCHECKED|BANNED (%F)|INFECTED (%V)]# -# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%D|,]# -# [? %q ||, quarantine: %q]# -# [? %Q ||, Queue-ID: %Q]# -# [? %m ||, Message-ID: %m]# -# [? %r ||, Resent-Message-ID: %r]# -# , mail_id: %i# -# , Hits: [:SCORE]# -# , size: %z# -# [~[:remote_mta_smtp_response]|["^$"]||[", queued_as: "]]\ -# [remote_mta_smtp_response|[~%x|["queued as ([0-9A-Z]+)$"]|["%1"]|["%0"]]|/]# -# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject]]]# -# [? [:header_field|From] ||, From: [:uquote|[:header_field|From]]]# -# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# -# [? %#T ||, Tests: \[[%T|,]\]]# -# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# -# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# -# , %y ms# -# ] -# [?%#O|#|Blocked # -# [? [:ccat|major|blocking] |# -# OTHER|CLEAN|MTA-BLOCKED|OVERSIZED|BAD-HEADER|SPAMMY|SPAM|\ -# UNCHECKED|BANNED (%F)|INFECTED (%V)]# -# , [? %p ||%p ][?%a||[?%l||LOCAL ]\[%a\] ][?%e||\[%e\] ]%s -> [%O|,]# -# [? %q ||, quarantine: %q]# -# [? %Q ||, Queue-ID: %Q]# -# [? %m ||, Message-ID: %m]# -# [? %r ||, Resent-Message-ID: %r]# -# , mail_id: %i# -# , Hits: [:SCORE]# -# , size: %z# -# #, smtp_resp: [:smtp_response]# -# [? [:header_field|Subject] ||, Subject: [:dquote|[:header_field|Subject]]]# -# [? [:header_field|From] ||, From: [:uquote|[:header_field|From]]]# -# [? [:useragent|name] ||, [:useragent|name]: [:uquote|[:useragent|body]]]# -# [? %#T ||, Tests: \[[%T|,]\]]# -# [:supplementary_info|SCTYPE|, shortcircuit=%%s]# -# [:supplementary_info|AUTOLEARN|, autolearn=%%s]# -# , %y ms# -# ] -# EOD +$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender +$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender +$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender +$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef -# -# Section IV - Notifications/DSN, bounce/reject/discard/pass, quarantine -# +@addr_extension_virus_maps = ('virus'); +@addr_extension_banned_maps = ('banned'); +@addr_extension_spam_maps = ('spam'); +@addr_extension_bad_header_maps = ('badh'); +# $recipient_delimiter = '+'; # undef disables address extensions altogether +# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+ -# Select notifications text encoding when Unicode-aware Perl is converting -# text from internal character representation to external encoding (charset -# in MIME terminology). Used as argument to Perl Encode::encode subroutine. -# -# to be used in RFC 2047-encoded header field bodies, e.g. in Subject: -#$hdr_encoding = 'iso-8859-1'; # MIME charset (default: 'iso-8859-1') -#$hdr_encoding_qb = 'Q'; # MIME encoding: quoted-printable (default) -#$hdr_encoding_qb = 'B'; # MIME encoding: base64 -# -# to be used in notification body text: its encoding and Content-type.charset -#$bdy_encoding = 'iso-8859-1'; # (default: 'iso-8859-1') - -# Default template texts for notifications may be overruled by directly -# assigning new text to template variables, or by reading template text -# from files. A second argument may be specified in a call to read_text(), -# specifying character encoding layer to be used when reading from the -# external file, e.g. 'utf8', 'iso-8859-1', or often just $bdy_encoding. -# Text will be converted to internal character representation by Perl 5.8.0 -# or later; second argument is ignored otherwise. See PerlIO::encoding, -# Encode::PerlIO and perluniintro man pages. -# -# $notify_sender_templ = read_text("$MYHOME/notify_sender.txt"); -# $notify_virus_sender_templ= read_text("$MYHOME/notify_virus_sender.txt"); -# $notify_virus_admin_templ = read_text("$MYHOME/notify_virus_admin.txt"); -# $notify_virus_recips_templ= read_text("$MYHOME/notify_virus_recips.txt"); -# $notify_spam_sender_templ = read_text("$MYHOME/notify_spam_sender.txt"); -# $notify_spam_admin_templ = read_text("$MYHOME/notify_spam_admin.txt"); - -# If notification template files are collectively available in some directory, -# one may call read_l10n_templates which invokes read_text for each known -# template. This is primarily a Debian-specific feature, but was incorporated -# into base code to facilitate porting. -# -# read_l10n_templates('/etc/amavis/en_US'); -# -# If read_l10n_templates is called, a localization template directory must -# contain the following files: -# charset this file should contain a one-line name -# of the character set used in the template -# files (e.g. utf8, iso-8859-2, ...) and is -# passed as the second argument to read_text; -# template-dsn.txt content fills the $notify_sender_templ -# template-virus-sender.txt content fills the $notify_virus_sender_templ -# template-virus-admin.txt content fills the $notify_virus_admin_templ -# template-virus-recipient.txt content fills the $notify_virus_recips_templ -# template-spam-sender.txt content fills the $notify_spam_sender_templ -# template-spam-admin.txt content fills the $notify_spam_admin_templ - -# Here is an overall picture (sequence of events) of how pieces fit together -# -# bypass_virus_checks set for all recipients? ==> PASS -# no viruses? ==> PASS -# log virus if $log_templ is nonempty -# quarantine if $virus_quarantine_to is nonempty -# notify admin if $virus_admin (lookup) nonempty -# notify recips if $warnvirusrecip and (recipient is local or $warn_offsite) -# add address extensions for local recipients (when enabled) -# send (non-)delivery notifications -# to sender if DSN needed (BOUNCE or ($warnvirussender and D_PASS)) -# virus_lovers or final_destiny==D_PASS ==> PASS -# DISCARD (2xx) or REJECT (5xx) (depending on final_*_destiny) -# -# Equivalent flow diagram applies for spam checks. -# If a virus is detected, spam checking is skipped entirely. +$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; +# $dspam = 'dspam'; -# The following symbolic constants can be used in *_destiny settings: -# -# D_PASS mail will pass to recipients, regardless of bad contents; -# -# D_DISCARD mail will not be delivered to its recipients, sender will NOT be -# notified. Effectively we lose mail (but will be quarantined -# unless disabled). Losing mail is not decent for a mailer, -# but might be desired. -# -# D_BOUNCE mail will not be delivered to its recipients, a non-delivery -# notification (bounce) will be sent to the sender by amavisd-new; -# Exception: bounce (DSN) will not be sent if a virus name matches -# @viruses_that_fake_sender_maps, or to messages from mailing lists -# (Precedence: bulk|list|junk), or for spam level that exceeds -# the $sa_dsn_cutoff_level. -# -# D_REJECT mail will not be delivered to its recipients, sender should -# preferably get a reject, e.g. SMTP permanent reject response -# (e.g. with milter), or non-delivery notification from MTA -# (e.g. Postfix). If this is not possible (e.g. different recipients -# have different tolerances to bad mail contents and not using LMTP) -# amavisd-new sends a bounce by itself (same as D_BOUNCE). -# Not to be used with Postfix or dual-MTA setups! -# -# Notes: -# D_REJECT and D_BOUNCE are similar, the difference is in who is responsible -# for informing the sender about non-delivery, and how informative -# the notification can be (amavisd-new knows more than MTA); -# With D_REJECT, MTA may reject original SMTP, or send DSN (delivery status -# notification, colloquially called 'bounce') - depending on MTA; -# Best suited for sendmail milter and Courier, especially for spam. -# With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain the -# reason for mail non-delivery or even suppress DSN, but unable -# to reject the original SMTP session). Best suited to reporting -# viruses, and for Postfix and other dual-MTA setups, which can't -# reject original client SMTP session, as the mail has already -# been enqueued. - -# Alternatives to consider for spam: -# - use D_PASS if clients will do filtering based on inserted -# mail headers or added address extensions ('plus-addressing'); -# - use D_DISCARD, if kill_level is set comfortably high; -# -# D_BOUNCE is preferred for viruses, but consider: -# - use D_PASS (or virus_lovers) to deliver viruses; -# - use D_REJECT instead of D_BOUNCE if using Courier or milter and under heavy -# virus storm; +$MAXLEVELS = 14; +$MAXFILES = 1500; +$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) +$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) +$sa_spam_subject_tag = '***Spam*** '; +$defang_virus = 1; # MIME-wrap passed infected mail +$defang_banned = 1; # MIME-wrap passed mail containing banned name +# for defanging bad headers only turn on certain minor contents categories: +$defang_by_ccat{CC_BADH.",3"} = 1; # NUL or CR character in header +$defang_by_ccat{CC_BADH.",5"} = 1; # header line longer than 998 characters +$defang_by_ccat{CC_BADH.",6"} = 1; # header field syntax error -# The use of new *_by_ccat hashes is illustrated by the following examples -# on configuring final_*_destiny. +# OTHER MORE COMMON SETTINGS (defaults may suffice): -# using traditional settings of $final_*_destiny variables, relying on a -# default setting of an associative array %final_destiny_by_ccat which is -# backwards compatible and contains references to these traditional variables: -# -$final_virus_destiny = D_REJECT; # (defaults to D_DISCARD) -$final_banned_destiny = D_REJECT; # (defaults to D_BOUNCE) -$final_spam_destiny = D_REJECT; # (defaults to D_BOUNCE) -$final_bad_header_destiny = D_PASS; # (defaults to D_PASS) +# $myhostname = 'host.example.com'; # must be a fully-qualified domain name! +$myhostname = 'helga.brehm-online.com'; -######## -# -# Please think about what you are doing when you set these options. -# If necessary, question your origanization's e-mail policies: -# -# D_BOUNCE contributes to the overall spread of virii and spam on the -# internet. Both the envelope and header from addresses can be forged -# accurately with no effort, causing the bounces to go to innocent parties, -# whose addresses have been forged. -# -# D_DISCARD breaks internet mail specifications. However, with a -# properly implemented Quaratine system, the concern for breaking the -# specification is addressed to some extent. -# -# D_PASS is the safest way to handle e-mails. You must implement -# client-side filtering to handle this method. -# -# -Cory Visi 07/28/04 -# -####### - -# to explicitly list all (or most) possible contents category (ccat) keys: -%final_destiny_by_ccat = ( - CC_VIRUS, D_DISCARD, - CC_BANNED, D_BOUNCE, - CC_UNCHECKED, D_PASS, - CC_SPAM, D_DISCARD, - CC_BADH, D_PASS, - CC_OVERSIZED, D_BOUNCE, - CC_CLEAN, D_PASS, - CC_CATCHALL, D_PASS, -); +# $notify_method = 'smtp:[127.0.0.1]:10025'; +# $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter! -# to rely on a catchall ccat key and only list exceptions (alternative 1): -#%final_destiny_by_ccat = ( -# CC_VIRUS, D_DISCARD, -# CC_BANNED, D_BOUNCE, -# CC_SPAM, D_BOUNCE, -# CC_BADH.',4', D_BOUNCE, # BadHdrSpace -# CC_BADH.',3', D_BOUNCE, # BadHdrChar -# CC_OVERSIZED, D_BOUNCE, -# CC_CATCHALL, D_PASS, -#); - -# to rely on a catchall ccat key and list exceptions (alternative 2): -#%final_destiny_by_ccat = ( -# CC_VIRUS, D_DISCARD, -# CC_UNCHECKED, D_PASS, -# CC_BADH.',6', D_PASS, # BadHdrSyntax -# CC_BADH.',5', D_PASS, # BadHdrLong -# CC_BADH.',2', D_PASS, # BadHdr8bit -# CC_BADH.',1', D_PASS, # BadHdrMime -# CC_CLEAN, D_PASS, -# CC_CATCHALL, D_BOUNCE, -#); - -# to rely on a catchall ccat key and list exceptions (alternative 3): -#%final_destiny_by_ccat = ( -# CC_VIRUS, D_DISCARD, -# CC_UNCHECKED, D_PASS, -# CC_BADH.',4', D_BOUNCE, # BadHdrSpace -# CC_BADH.',3', D_BOUNCE, # BadHdrChar -# CC_BADH, D_PASS, # sub-catchall for CC_BADH -# CC_CLEAN, D_PASS, -# CC_CATCHALL, D_BOUNCE, -#); - -# to rely on a default %final_destiny_by_ccat and only change few settings: -#$final_destiny_by_ccat{+CC_SPAM} = D_PASS; -#$final_destiny_by_ccat{+CC_BADH} = D_BOUNCE; -#$final_destiny_by_ccat{+CC_BADH.',2'} = D_PASS; # BadHdr8bit - - - -# For monitoring / testing purposes let the administrator receive a copy -# of certain delivery status notifications that are mailed back to senders: -# -#%dsn_bcc_by_ccat = ( -# CC_BANNED, undef, -# CC_SPAM, undef, -# CC_BADH, undef, -# CC_CATCHALL, 'admin+test@example.com', -#); -# -# or use a simpler form, taking advantage of defaults in %dsn_bcc_by_ccat: -#$dsn_bcc = 'admin+test@example.com'; +# $final_virus_destiny = D_DISCARD; +# $final_banned_destiny = D_DISCARD; +# $final_spam_destiny = D_PASS; #!!! D_DISCARD / D_REJECT +# $final_bad_header_destiny = D_PASS; +# $bad_header_quarantine_method = undef; +$final_virus_destiny = D_REJECT; +$final_banned_destiny = D_REJECT; +$final_spam_destiny = D_REJECT; +$final_bad_header_destiny = D_PASS; +# $os_fingerprint_method = 'p0f:*:2345'; # to query p0f-analyzer.pl -# The following $warn*sender settings are ONLY used when mail is -# actually passed to recipients ($final_*_destiny=D_PASS, or *_lovers*). -# Bounces or rejects produce non-delivery status notification regardless. -# -# Notify sender of syntactically invalid header containing non-ASCII chars? -#$warnbadhsender = 1; # (defaults to false (undef)) - -# Notify virus (or banned files or bad headers) RECIPIENT? -# (not very useful, but some policies demand it) -#$warnvirusrecip = 1; # (defaults to false (undef)) -#$warnbannedrecip = 1; # (defaults to false (undef)) -#$warnbadhrecip = 1; # (defaults to false (undef)) - -# Notify also non-local virus/banned recipients if $warn*recip is true? -# (including those not matching local_domains*) -#$warn_offsite = 1; # (defaults to false (undef), i.e. only notify locals) - - -# Treat envelope sender address as unreliable and don't send sender -# notification / bounces if name(s) of detected virus(es) match the list. -# Note that virus names are supplied by external virus scanner(s) and are -# not standardized, so virus names may need to be adjusted. -# See README.lookups for syntax, check also README.policy-on-notifications. -# If the intention is to treat all viruses as faking the sender address, it -# is equivalent but more efficient to just set $final_virus_destiny=D_DISCARD; -# -@viruses_that_fake_sender_maps = (new_RE( - qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i, - qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i, - qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i, - qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i, - qr'@mm|@MM', # mass mailing viruses as labeled by f-prot and uvscan - qr'Worm'i, # worms as labeled by ClamAV, Kaspersky, etc -# [qr'^(EICAR|Joke\.|Junk\.)'i => 0], -# [qr'^(WM97|OF97|W95/CIH-|JS/Fort)'i => 0], - [qr/^/ => 1], # true by default (remove or comment-out if undesired) -)); +## hierarchy by which a final setting is chosen: +## policy bank (based on port or IP address) -> *_by_ccat +## *_by_ccat (based on mail contents) -> *_maps +## *_maps (based on recipient address) -> final configuration value -# where to send ADMIN VIRUS NOTIFICATIONS (should be a fully qualified address) -# - the administrator envelope address may be a simple fixed e-mail address -# (a scalar), or may depend on the RECIPIENT address (e.g. its domain). -# -# Empty or undef lookup disables virus admin notifications. - -# The full set of configurable administrator addresses is: -# @virus_admin_maps ... notifications to admin about viruses -# @newvirus_admin_maps ... newly encountered viruses since amavisd startup -# @spam_admin_maps ... notifications to admin about spam -# @banned_admin_maps ... notifications to admin about banned contents -# @bad_header_admin_maps ... notifications to admin about bad headers - -$virus_admin = "virusalert\@$mydomain"; -# $virus_admin = 'virus-admin@example.com'; -# $virus_admin = undef; # do not send virus admin notifications (default) -# -#@virus_admin_maps = ( # by-recipient maps -# {'not.example.com' => '', -# '.' => 'virusalert@example.com'}, -# $virus_admin, # the usual default -#); - -# equivalent to $virus_admin, but for spam admin notifications: -# $spam_admin = "spamalert\@$mydomain"; -# $spam_admin = undef; # do not send spam admin notifications (default) -#@spam_admin_maps = ( # by-recipient maps -# {'not.example.com' => '', -# '.' => 'spamalert@example.com'}, -# $spam_admin, # the usual default -#); - -# receive a copy of all delivery status notifications sent; -# useful for testing or monitoring -#$dsn_bcc = "mailadmin\@$mydomain"; - -#advanced example, using a hash lookup table and a scalar default, -#lookup key is a recipient envelope address: -#@virus_admin_maps = ( # by-recipient maps -# { 'baduser@sub1.example.com' => 'HisBoss@sub1.example.com', -# '.sub1.example.com' => 'virusalert@sub1.example.com', -# '.sub2.example.com' => '', # don't send admin notifications -# 'a.sub3.example.com' => 'abuse@sub3.example.com', -# '.sub3.example.com' => 'virusalert@sub3.example.com', -# '.example.com' => 'noc@example.com', # default for our virus senders -# }, -# 'virusalert@hq.example.com', # catchall for the rest -#); - -# sender envelope address, from which notification reports are sent from; -# may be a null reverse path, or a fully qualified address: -# (admin and recip sender addresses default to a null return path). -# If using strings in double quotes, don't forget to quote @, i.e. \@ -# -$mailfrom_notify_admin = "virusalert\@$mydomain"; -$mailfrom_notify_recip = "virusalert\@$mydomain"; -$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; - -# 'From' HEADER FIELD for sender and admin notifications. -# This should be a replyable address, see rfc1894. Not to be confused -# with $mailfrom_notify_sender, which is the envelope return address -# and can be empty (null reverse path) according to rfc2821. -# -# The syntax of the 'From' header field is specified in rfc2822, section -# '3.4. Address Specification'. Note in particular that display-name must be -# a quoted-string if it contains any special characters like spaces and dots. -# -# $hdrfrom_notify_sender = "amavisd-new "; -# $hdrfrom_notify_sender = 'amavisd-new '; -# $hdrfrom_notify_sender = '"Content-Filter Master" '; -# $hdrfrom_notify_admin = $mailfrom_notify_admin; -# $hdrfrom_notify_spamadmin = $mailfrom_notify_spamadmin; -# (default: "\"Content-filter at $myhostname\" ") - -# whom quarantined messages appear to be sent from (envelope sender); -# keeps original sender if undef, or set it explicitly, default is undef -$mailfrom_to_quarantine = ''; # override sender address with null return path - - -# Location to put infected mail into: (applies to 'local:' quarantine method) -# empty for not quarantining, may be a file (Unix-style mailbox), -# or a directory (no trailing slash) -# (the default value is undef, meaning no quarantine) -# -$QUARANTINEDIR = "$MYHOME/quarantine"; - -#$quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine - -#$clean_quarantine_method = 'local:clean-%m'; # disabled by default -#$virus_quarantine_method = 'local:virus-%m'; # default -#$spam_quarantine_method = 'local:spam-%m.gz'; # default -#$banned_files_quarantine_method = 'local:banned-%m'; # default -#$bad_header_quarantine_method = 'local:badh-%m'; # default - -# Separate quarantine subdirectories virus, spam, banned and badh within -# the directory $QUARANTINEDIR may be specified by the following settings -# (the subdirectories need to exist - must be created manually): -#$clean_quarantine_method = 'local:clean/%m'; -#$virus_quarantine_method = 'local:virus/%m'; -#$spam_quarantine_method = 'local:spam/%m.gz'; -#$banned_files_quarantine_method = 'local:banned/%m'; -#$bad_header_quarantine_method = 'local:badh/%m'; -# -#use the 'bsmtp:' method as an alternative to the default 'local:' -#$virus_quarantine_method = "bsmtp:$QUARANTINEDIR/virus-%m.bsmtp"; -#$spam_quarantine_method = "bsmtp:$QUARANTINEDIR/spam-%m.bsmtp"; -# -#using the 'pipe:' method might be useful for some special purpose: -#$mailfrom_to_quarantine = undef; # pass on the original sender address -#$spam_quarantine_method = 'pipe:argv=/usr/bin/myscript.sh spam-%b ${sender}'; -# -#using the 'sql:' method to store quarantined message to a SQL database: -#$virus_quarantine_method = $spam_quarantine_method = -# $banned_files_quarantine_method = $bad_header_quarantine_method = 'sql:'; -# Send copy of every mail to an archival mail address: -#$archive_quarantine_method = $notify_method; -#@archive_quarantine_to_maps = ( 'collector@example.com' ); +# SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all) +# Add X-Virus-Scanned header field to mail? +$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: 'X-Virus-Scanned') -# When using the 'local:' quarantine method (default), the following applies: -# -# A finer control of quarantining is available through -# variables $virus_quarantine_method/$spam_quarantine_method/ -# $banned_files_quarantine_method/$bad_header_quarantine_method. -# -# The value of scalar $virus_quarantine_to/$spam_quarantine_to (or a -# per-recipient lookup result from lookup tables @virus_quarantine_to_maps) -# is/are interpreted as follows: +# $warnbadhsender, +# $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or @warn*recip_maps) # -# VARIANT 1: -# empty or undef disables quarantine; +# @bypass_virus_checks_maps, @bypass_spam_checks_maps, +# @bypass_banned_checks_maps, @bypass_header_checks_maps, # -# VARIANT 2: -# a string NOT containing an '@'; -# amavisd will behave as a local delivery agent (LDA) and will quarantine -# viruses to local files according to hash %local_delivery_aliases (pseudo -# aliases map) - see subroutine mail_to_local_mailbox() for details. -# Some of the predefined aliases are 'virus-quarantine' and 'spam-quarantine'. -# Setting $virus_quarantine_to ($spam_quarantine_to) to this string will: +# @virus_lovers_maps, @spam_lovers_maps, +# @banned_files_lovers_maps, @bad_header_lovers_maps, # -# * if $QUARANTINEDIR is a directory, each quarantined virus will go -# to a separate file in the $QUARANTINEDIR directory (traditional -# amavis style, similar to maildir mailbox format); +# @blacklist_sender_maps, @score_sender_maps, # -# * otherwise $QUARANTINEDIR is treated as a file name of a Unix-style -# mailbox. All quarantined messages will be appended to this file. -# Amavisd child process must obtain an exclusive lock on the file during -# delivery, so this may be less efficient than using individual files -# or forwarding to MTA, and it may not work across NFS or other non-local -# file systems (but may be handy for pickup of quarantined files via IMAP -# for example); +# $clean_quarantine_method, $virus_quarantine_to, $banned_quarantine_to, +# $bad_header_quarantine_to, $spam_quarantine_to, # -# VARIANT 3: -# any email address (must contain '@'). -# The e-mail messages to be quarantined will be handed to MTA -# for delivery to the specified address. If a recipient address local to MTA -# is desired, you may leave the domain part empty, e.g. 'infected@', but the -# '@' character must nevertheless be included to distinguish it from variant 2. -# -# This variant enables more refined delivery control made available by MTA -# (e.g. its aliases file, other local delivery agents, dealing with -# privileges and file locking when delivering to user's mailbox, nonlocal -# delivery and forwarding, fan-out lists). Make sure the mail-to-be-quarantined -# will not be handed back to amavisd for checking, as this will cause a loop -# (hopefully broken at some stage)! If this can be assured, notifications -# will benefit too from not being unnecessarily virus-scanned. -# -# By default this is safe to do with Postfix and Exim v4 and dual-sendmail -# setup, but probably not safe with sendmail milter interface without tricks. - -# (default values are: virus-quarantine, banned-quarantine, spam-quarantine) - -$virus_quarantine_to = 'virus-quarantine'; # traditional local quarantine -#$virus_quarantine_to = 'infected@'; # forward to MTA for delivery -#$virus_quarantine_to = "virus-quarantine\@$mydomain"; # similar -#$virus_quarantine_to = 'virus-quarantine@example.com'; # similar -#$virus_quarantine_to = undef; # no quarantine -# -# lookup key is envelope recipient address: -#@virus_quarantine_to_maps = ( # per-recip multiple quarantines -# new_RE( [qr'^user@example\.com$'i => 'infected@'], -# [qr'^(.*)@example\.com$'i => 'virus-${1}@example.com'], -# [qr'^(.*)(@[^@])?$'i => 'virus-${1}${2}'] ), -# $virus_quarantine_to, # the usual default -#); - -# similar for banned names and bad headers and spam (set to undef to disable) -$banned_quarantine_to = 'banned-quarantine'; # local quarantine -$bad_header_quarantine_to = 'bad-header-quarantine'; # local quarantine -$spam_quarantine_to = 'spam-quarantine'; # local quarantine - -# or to a mailbox: -#$spam_quarantine_to = "spam-quarantine\@$mydomain"; -# -#@spam_quarantine_to_maps = ( # per-recip quarantines -# new_RE( [qr'^(.*)@example\.com$'i => 'spam-${1}@example.com'] ), -# $spam_quarantine_to, # the usual default -#); - - -# In addition to per-recip quarantine, a by-sender lookup is possible. -# It is similar to $spam_quarantine_to, but the lookup key is the -# envelope sender address: -#$spam_quarantine_bysender_to = undef; # dflt: no by-sender spam quarantine - +# $defang_bad_header, $defang_undecipherable, $defang_spam -# Spam level beyond which quarantining is disabled (global value): -#$sa_quarantine_cutoff_level = 20; # dflt: undef, which disables this feature -#@spam_quarantine_cutoff_level_maps = ( # per-recip. quarantine cutoff levels -# { 'user1@example.com' => 20.5, -# 'postmaster@example.com' => 9999, -# '.example.com' => 25 }, -# \$sa_quarantine_cutoff_level, # catchall default -#); +# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS - -# Add X-Virus-Scanned header field to mail? -$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: 'X-Virus-Scanned') - -# Set to empty to add no header field # (dflt "$myproduct_name at $mydomain") -# $X_HEADER_LINE = "$myproduct_name at $mydomain"; -# $X_HEADER_LINE = "by $myproduct_name using ClamAV at $mydomain"; -# $X_HEADER_LINE = "$myproduct_name $myversion_id ($myversion_date) at $mydomain"; - -# a string to prepend to Subject (for local recipients only) if mail could -# not be decoded or checked entirely, e.g. due to password-protected archives -$undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it - -# MIME defanging wraps the entire original mail in a MIME container of type -# 'Content-type: multipart/mixed', where the first part is a text/plain with -# a short explanation, and the second part is a complete original mail, -# enclosed in a 'Content-type: message/rfc822' MIME part. -# Defanging is only done when enabled (selectively by malware type), -# and mail is considered malware (virus/spam/...), and the malware is allowed -# to pass (*_lovers or *_destiny=D_PASS) -# -$defang_virus = 1; # default is false: don't modify mail body -$defang_banned = 1; # default is false: don't modify mail body -# $defang_bad_header = 1; # default is false: don't modify mail body -# $defang_undecipherable = 1; # default is false: don't modify mail body -# $defang_spam = 1; # default is false: don't modify mail body - -# NOTE: setting the following variables to true may break mail signatures -# (DKIM and DomainKeys) when verification is done after content filtering: -# $remove_existing_x_scanned_headers, $remove_existing_x_scanned_headers, -# and $allow_fixing_improper_header_folding (and defanging, described -# elsewhere). This is rarely an issue, as mail signing should be done -# after content filtering, and mail verification should preferably be done -# before filtering or by SpamAssassin called from within amavisd, which -# sees still-unmodified mail. -# -$remove_existing_x_scanned_headers = 0; # leave existing X-Virus-Scanned alone - # (defaults to false) -#$remove_existing_x_scanned_headers= 1; # remove existing X-Virus-Scanned -#$remove_existing_spam_headers = 0; # leave existing X-Spam* headers alone -$remove_existing_spam_headers = 1; # remove existing spam headers if - # spam scanning is enabled (default) -#$allow_fixing_improper_header_folding = 1; # (default is true) - -# set $bypass_decode_parts to true if you only do spam scanning, or if you -# have a good virus scanner that can deal with compression and recursively -# unpacking archives by itself, and save amavisd the trouble. -# Disabling decoding also causes banned_files checking NOT to see MIME types -# and content classification types as provided by the file(1) utility. -# It is a double-edged sword, make sure you know what you are doing! -# -#$bypass_decode_parts = 1; # (defaults to false) - -# don't trust this file type or corresponding unpacker for this file type, -# keep both the original and the unpacked file for a virus checker to see -# (lookup key is what file(1) utility returned): -# @keep_decoded_original_maps = (new_RE( -# qr'^MAIL$', # retain full original message for virus checking (can be slow) - qr'^MAIL-UNDECIPHERABLE$', # retain full mail if it contains undecipherables + qr'^MAIL$', # retain full original message for virus checking + qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, -# qr'^Zip archive data', # don't trust Archive::Zip +# qr'^Zip archive data', # don't trust Archive::Zip )); -# Checking for banned MIME types and names. If any mail part matches, -# the whole mail is rejected. Object $banned_filename_re provides a list -# of Perl regular expressions to be matched against each part's: -# -# * Content-Type value (both declared and effective mime-type), -# such as the possible security-risk content types -# 'message/partial' and 'message/external-body', as specified in rfc2046 -# or 'application/x-msdownload' and 'application/x-msdos-program'; -# -# * declared (recommended) file names as specified by MIME subfields -# Content-Disposition.filename and Content-Type.name, both in their -# raw (encoded) form and in rfc2047-decoded form if applicable -# as well as (recommended) file names specified in archives; -# -# * file content type as guessed by 'file(1)' utility, mapped -# (by @map_full_type_to_short_type_maps) into short type names such as -# .asc, .txt, .html, .doc, .jpg, .pdf, .zip, .exe-ms, ..., which always -# starts with a dot. These short types are available unless -# $bypass_decode_parts is true. -# -# All nodes (mail parts) of the fully recursively decoded mail and embedded -# archives are checked, each node independently from remaining nodes. -# -# For each node all its ancestor nodes including itself are checked against -# $banned_filename_re lookup list, top-down. The search for a node stops -# at the first match, the right-hand side of the matching key determines -# the result (true or false, absent right-hand side implies true, as explained -# in README.lookups). -# -# Although repeatedly re-checking ancestor nodes may seem excessive, it gives -# the opportunity to specify rules which make a particular node hide its -# descendents, e.g. allow any name or file type within a .zip, even though -# .exe files may otherwise not be allowed. -# -# Leave $banned_filename_re undefined to disable these checks -# (giving an empty list to new_RE() will also always return false) - -# for $banned_namepath_re (a new-style of banned table) see amavisd.conf-sample - $banned_filename_re = new_RE( ### BLOCKED ANYWHERE # qr'^UNDECIPHERABLE$', # is or contains any undecipherable components qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary -# qr'^\.(exe|lha|tnef|cab|dll)$', # banned file(1) types +# qr'^\.(exe|lha|cab|dll)$', # banned file(1) types ### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: # [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 @@ -992,7 +244,7 @@ $banned_filename_re = new_RE( # qr'^\.wmf$', # Windows Metafile file(1) type # block certain double extensions in filenames - qr'\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i, + qr'^(?!cid:).*\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i, # qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Class ID CLSID, strict # qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose @@ -1000,457 +252,30 @@ $banned_filename_re = new_RE( qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic # qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd # qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| -# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst| -# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| -# wmf|wsc|wsf|wsh)$'ix, # banned ext - long +# inf|ini|ins|isp|js|jse|lib|lnk|mda|mdb|mde|mdt|mdw|mdz|msc|msi| +# msp|mst|ocx|ops|pcd|pif|prg|reg|scr|sct|shb|shs|sys|vb|vbe|vbs|vxd| +# wmf|wsc|wsf|wsh)$'ix, # banned extensions - long +# qr'.\.(asd|asf|asx|url|vcs|wmd|wmz)$'i, # consider also # qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename # qr'^\.ani$', # banned animated cursor file(1) type - # qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. ); # See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631 # and http://www.cknow.com/vtutor/vtextensions.htm -# A little trick: a pattern qr'\.exe$' matches both a short type name '.exe', -# as well as any file name which happens to end with .exe. If only matching -# a file name is desired, but not the short type, a pattern qr'.\.exe$'i -# or similar may be used, which requires that at least one character precedes -# the '.exe', and so it will never match short file types which always start -# with a dot. - - -# the syntax of these Perl regular expressions is a bit awkward if not -# familiar with them, so please do follow examples and stick to the idioms: -# \A ... at the beginning of the first component -# \z ... at the end of the the last (leaf) component -# ^ ... at the beginning of each component in the path -# $ ... at the end of each component in the path -# (.*\t)? ... at the beginning of a field -# (\t.*)? ... at the end of a field -# \t(.*\t)* ... separating fields -# [^\t\n] ... any single character, but don't escape from this field -# (.*\n)+ ... one or more levels down -# (?#...) ... a comment within a regexp - -# new-style of banned lookup table -$banned_namepath_re = new_RE( - -### BLOCKED ANYWHERE - - qr'(?# BLOCK Microsoft EXECUTABLES and DLL ) - ^ (.*\t)? T=(exe-ms|dll) (\t.*)? $'xm, # banned file(1) types, rudimentary - -# qr'(?# BLOCK ANY EXECUTABLE ) -# ^ (.*\t)? T=exe (\t.*)? $'xm, # banned file(1) type - -# qr'(?# BLOCK THESE TYPES ) -# ^ (.*\t)? T=(exe|lha|tnef|cab|dll) (\t.*)? $'xm, # banned file(1) types - - -### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: - -# # within traditional gzip and bzip2 allow any name and type -# [ qr'(?#rule-3) ^ (.*\t)? T=(gz|bz2) (\t.*)? $'xmi => 0 ], # allow - - # within traditional Unix archives allow any name and type - [ qr'(?#rule-4) ^ (.*\t)? T=(tar|rpm|cpio) (\t.*)? $'xmi => 0 ], # allow - - # banned filename extensions (in declared names) anywhere - rudimentary - qr'(?# BLOCK COMMON NAME EXENSIONS ) - ^ (.*\t)? N= [^\t\n]* \. (pif|scr) (\t.*)? $'xmi, - -# # block anything within a zip -# qr'(?#rule-5) ^ (.*\t)? T=zip (\t.*)? (.*\n)+ .* $'xmi, - - -### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES OR CRYPTED: - -# # within PC archives allow any types or names at any depth -# [ qr'(?#rule-7) ^ (.*\t)? T=(zip|rar|arc|arj|zoo) (\t.*)? $'xmi => 0 ], # ok - -# # within certain archives allow leaf members at any depth if crypted -# [ qr'(?# ALLOW ENCRYPTED ) -# ^ (.*\t)? T=(zip|rar|arj) (.*\n)+ (.*\t)? A=C (\t.*)? \z'xmi => 0 ], - -# # allow crypted leaf members regardless of their name or type -# [ qr'(?# ALLOW IF ENCRYPTED ) ^ (.*\t)? A=C (\t.*)? \z'xmi => 0 ], - - # block these MIME types - qr'(?#NO X-MSDOWNLOAD) ^(.*\t)? M=application/x-msdownload (\t.*)? $'xmi, - qr'(?#NO X-MSDOS-PROGRAM)^(.*\t)? M=application/x-msdos-program(\t.*)? $'xmi, - qr'(?#NO HTA) ^(.*\t)? M=application/hta (\t.*)? $'xmi, - -# # block rfc2046 MIME types -# qr'(?# BLOCK RFC2046 ) ^ (.*\t)? M=message/partial (\t.*)? $'xmi, -# qr'(?# BLOCK RFC2046 ) ^ (.*\t)? M=message/external-body (\t.*)? $'xmi, - -# qr'(?#No Metafile MIME) ^(.*\t)? M=application/x-msmetafile (\t.*)? $'xmi, -# qr'(?#No Metafile MIME) ^(.*\t)? M=image/x-wmf (\t.*)? $'xmi, -# qr'(?#No Metafile file) ^(.*\t)? T=wmf (\t.*)? $'xm, -# qr'(?#No animated cursors) ^(.*\t)? T=ani (\t.*)? $'xm, - - # block certain double extensions in filenames - qr'(?# BLOCK DOUBLE-EXTENSIONS ) - ^ (.*\t)? N= [^\t\n]* \. [^./\t\n]* [A-Za-z] [^./\t\n]* \. \ * - (exe|vbs|pif|scr|bat|cmd|com|cpl|dll) [. ]* (\t.*)? $'xmi, - - [ qr'(?# BLOCK EMPTY MIME PART APPLICATION/OCTET-STREAM ) - ^ (.*\t)? M=application/(octet-stream|x-msdownload|x-msdos-program) - \t(.*\t)* T=empty (\t.*)? $'xmi - => 'DISCARD' ], - -# [ qr'(?# BLOCK EMPTY MIME PARTS ) -# ^ (.*\t)? M= [^\t\n]+ \t(.*\t)* T=empty (\t.*)? $'xmi => 'DISCARD' ], - -# # block Class ID (CLSID) extensions in filenames, strict -# qr'(?# BLOCK CLSID-EXTENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}? -# [^\t\n]* (\t.*)? $'xmi, - -# # banned suggested names with three or more consecutive spaces -# qr'(?# BLOCK NAMES WITH SPACES ) -# ^ (.*\t)? N= [^\t\n]* [ ]{3,} 'xmi, - -# # block if any component can not be decoded (is encrypted or bad archive) -# qr'(?# BLOCK IF UNDECIPHERABLE ) ^ (.*\t)? A=U (\t.*)? \z'xmi, - -# [ qr'(?# SPECIAL ALLOWANCES - MAGIC NAMES) -# \A (.*\t)? T=(rpm|cpio|tar|zip|rar|arc|arj|zoo|Z|gz|bz2) -# \t(.*\t)* N=example\d+[^\t\n]* -# (\t.*)? $'xmi => 0 ], - - # banned filename extensions (in suggested names) anywhere - basic - qr'(?# BLOCK COMMON NAME EXENSIONS ) - ^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|cpl) (\t.*)? $'xmi, - -# # banned filename extensions (in suggested names) anywhere - basic+cmd -# qr'(?# BLOCK COMMON NAME EXENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|cpl|bat|cmd|com) (\t.*)? $'xmi, - -# # banned filename extensions (in suggested names) anywhere - long -# qr'(?# BLOCK MORE NAME EXTENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. ( -# ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| -# inf|ins|isp|js|jse|lnk|mda|mdb|mde|mdw|mdt|mdz|msc|msi|msp|mst| -# ops|pcd|pif|prg|reg|scr|sct|shb|shs|vb|vbe|vbs| -# wmf|wsc|wsf|wsh) (\t.*)? $'xmi, - -# qr'(?# BLOCK CURSOR AND ICON NAME EXENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. (ani|cur|ico) (\t.*)? $'xmi, - -# # banned filename extensions anywhere - WinZip vulnerability (pre-V9) -# qr'(?# BLOCK WinZip VULNERABILITY EXENSIONS ) -# ^ (.*\t)? N= [^\t\n]* \. (mim|b64|bhx|hqx|xxe|uu|uue) (\t.*)? $'xmi, - -); - -# use old or new style of banned lookup table; not both to avoid confusion -# -# @banned_filename_maps = (); # to disable old-style - $banned_namepath_re = undef; # to disable new-style - - -%banned_rules = ( - 'MYNETS-DEFAULT' => new_RE( # permissive set of rules for internal hosts - [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any name/type in Unix archives - qr'.\.(vbs|pif|scr)$'i, # banned extension - rudimentary - ), - 'DEFAULT' => $banned_filename_re, -); - - -# -# Section V - Per-recipient and per-sender handling, whitelisting, etc. -# - -# @virus_lovers_maps list of lookup tables: -# (this should be considered a policy option, is does not disable checks, -# see bypass*checks for that!) -# -# Exclude certain RECIPIENTS from virus filtering by adding their (lower-cased) -# envelope e-mail address (or domain only) to one of the lookup tables in -# the @virus_lovers_maps list - see README.lookups and examples. -# Make sure the appropriate form (e.g. external/internal) of address -# is used in case of virtual domains, or when mapping external to internal -# addresses, etc. - this is MTA-specific. -# -# Notifications would still be generated however (see the overall -# picture above), and infected mail (if passed) gets additional header: -# X-AMaViS-Alert: INFECTED, message contains virus: ... -# (header not inserted with Courier or milter interface!) -# -# Setting $final_*_destiny=D_PASS is functionally equivalent to having -# all recipients match the @*_lovers_maps. -# -# NOTE (milter interface only): in case of multiple recipients, -# it is only possible to drop or accept the message in its entirety - for all -# recipients. If all of them are virus lovers, we'll accept mail, but if -# at least one recipient is not a virus lover, we'll discard the message. - - -# @bypass_virus_checks_maps list of lookup tables: -# (this is mainly a time-saving option, unlike virus_lovers* !) -# -# Similar in concept to @virus_lovers_maps, a @bypass_virus_checks_maps -# is used to skip entirely the decoding, unpacking and virus checking, -# but only if ALL recipients match the lookup. -# -# @bypass_virus_checks_maps does NOT GUARANTEE the message will NOT be checked -# for viruses - this may still happen when there is more than one recipient -# for a message and not all of them match these lookup tables, or when -# check result was cached (i.e. the same contents was recently sent to other -# recipients). To guarantee virus delivery, a recipient must also match -# @virus_lovers_maps lookups (but see milter limitations above), -# -# The following table summarizes the possible combinations: -# bypass lover -# 0 0 useful, check for malware and block it -# 0 1 useful, check but deliver nevertheless, possibly tagged -# 1 0 not too useful, free riding on cached or other-people's checks -# 1 1 useful, no checks if possible, and no effects - -# NOTE: it would not be clever to base enabling of virus checks on SENDER -# address, since there are no guarantees that it is genuine. Many viruses -# and spam messages fake sender address. To achieve selective filtering -# based on the source of the mail (e.g. IP address, MTA port number, ...), -# use mechanisms provided by MTA if available, possibly combined with policy -# banks feature. - -# Similar to lists of lookup tables controlling virus checking, there are -# counterparts for spam scanning, banned names/types, and headers_checks -# control: -# @spam_lovers_maps, -# @banned_files_lovers_maps, -# @bad_header_lovers_maps -# and: -# @bypass_spam_checks_maps, -# @bypass_banned_checks_maps, -# @bypass_header_checks_maps - -# Example: -# @bypass_header_checks_maps = ( [qw( user@example.com )] ); -# @bad_header_lovers_maps = ( [qw( user@example.com )] ); - -# The following example disables spam checking altogether, -# since it matches any recipient e-mail address. -# @bypass_spam_checks_maps = (1); - - -# See README.lookups for further detail, and examples below. - -# In the following example a list of lookup tables @virus_lovers_maps -# contains three elements, the first is a reference to an ACL lookup table -# (brackets in Perl indicate a ref to a list), the second is a reference -# to a hash lookup table (curly braces in Perl indicate a ref to a hash), -# the third is a regexp lookup table, indicated by the type of object -# created by new_RE() : -# -#@virus_lovers_maps = ( -# [ qw( me@lab.xxx.com !lab.xxx.com .xxx.com yyy.org ) ], -# { "postmaster\@$mydomain" => 1, # double quotes permit variable evaluation -# 'postmaster@example.com'=> 1, # in single quotes the '@' need not be quoted -# 'abuse@example.com'=> 1, -# 'some.user@' => 1, # this recipient, regardless of domain -# 'boss@example.com' => 0, # never, even if domain matches -# 'example.com' => 1, # this domain, but not its subdomains -# '.example.com' => 1, # this domain, including its subdomains -# }, -# new_RE( qr'^(helpdesk|postmaster)@example\.com$'i ), -#); - -#@spam_lovers_maps = ( -# ["postmaster\@$mydomain", 'postmaster@example.com', 'abuse@example.com'], -#); - -#@bad_header_lovers_maps = ( -# ["postmaster\@", "abuse\@$mydomain"], -#); - - -# as an alternative to fiddling with @_lovers_maps and similar _maps, here -# is an illustration of using a more general *_by_ccat associative array, -# introduced with 2.4.0, like %lovers_maps_by_ccat in this example: -# -#$lovers_maps_by_ccat{+CC_SPAM} = [ -# read_hash("$MYHOME/etc/spam_lovers.txt"), -# [qw(postmaster@example.com abuse@example.com)], -#]; -# -#$lovers_maps_by_ccat{+CC_BANNED} = [ -# { map {lc $_ => 1} # construct a hash lookup table from a list -# qw(user1@example.com user2.example.com) -# }, -#]; - - -# to save some typing of quotes and commas, a Perl operator qw can be used -# to split its argument on whitespace and to quote resulting elements: -#@bypass_spam_checks_maps = ( -# [ qw( some.ddd !butnot.example.com .example.com ) ], -#); - - -# don't run spam check for these RECIPIENT domains: -# @bypass_spam_checks_maps = ( [qw( d1.com .d2.com a.d3.com )] ); -# or the other way around (bypass check for all BUT these): -# @bypass_spam_checks_maps = ( [qw( !d1.com !.d2.com !a.d3.com . )] ); -# a practical application: don't check outgoing mail for spam: -# @bypass_spam_checks_maps = ( [ "!.$mydomain", "." ] ); -# or calculated (negated) from the %local_domains: -# @bypass_spam_checks_maps = -# ( {map {$_ => !$local_domains{$_}} keys %local_domains}, 1); -# (a downside of which is that such mail will not count as ham in SA bayes db) -# -# Note that 'outgoing' is not the same as 'originating from inside'. We refer -# to 'outgoing' here as 'mail addressed to recipients outside our domain(s)'. -# The internal-to-internal mail is not outgoing, but is still originating from -# inside. To base rules on 'originating from inside', the use of a policy bank -# with 'originating => 1' is needed (such as MYNETS), in conjunction with -# XFORWARD Postfix extension to SMTP. - -# Where to find SQL server(s) and database to support SQL lookups? -# A list of triples: (dsn,user,passw). (dsn = data source name) -# More than one entry may be specified for multiple (backup) SQL servers. -# See 'man DBI', 'man DBD::mysql', 'man DBD::Pg', ... for details. -# When chroot-ed, accessing SQL server over inet socket may be more convenient. -# -# @lookup_sql_dsn = -# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'], -# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'], -# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] ); -# @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database -# -# ('mail' in the example is the database name, choose what you like) -# With PostgreSQL the dsn (first element of the triple) may look like: -# 'DBI:Pg:dbname=mail;host=host1' - -# The SQL select clause to fetch per-recipient policy settings. -# The %k will be replaced by a comma-separated list of query addresses -# (e.g. full address, domain only (stripped level by level), and a catchall). -# Use ORDER if there is a chance that multiple records will match - the first -# match wins. If field names are not unique (e.g. 'id'), the later field -# overwrites the earlier in a hash returned by lookup, which is why we use -# '*,users.id' instead of just '*'. No need to uncomment the following -# assignment if the default is ok. -# $sql_select_policy = 'SELECT *,users.id FROM users,policy'. -# ' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'. -# ' ORDER BY users.priority DESC'; -# -# The SQL select clause to check sender in per-recipient whitelist/blacklist -# The first SELECT argument '?' will be users.id from recipient SQL lookup, -# the %k will be sender addresses (e.g. full address, domain only, catchall). -# The default value is: -# $sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'. -# ' WHERE (wblist.rid=?) AND (wblist.sid=mailaddr.id)'. -# ' AND (mailaddr.email IN (%k))'. -# ' ORDER BY mailaddr.priority DESC'; -# -# To disable SQL white/black list, set to undef (otherwise comment-out -# the following statement, leaving it at the default value): -$sql_select_white_black_list = undef; # undef disables SQL white/blacklisting - -# Controls the format of timestamps in the field msgs.time_iso: -# $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; -# defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) - -# Does a database mail address field with no '@' character represent a -# local username or a domain name? By default it implies a username in -# SQL and LDAP lookups (but represents a domain in hash and acl lookups), -# so domain names in SQL and LDAP should be specified as '@domain'. -# Setting these to true will cause 'xxx' to be interpreted as a domain -# name, just like in hash or acl lookups. -# -# $sql_lookups_no_at_means_domain = 0; # default is 0 -# $ldap_lookups_no_at_means_domain = 0; # default is 0 - -# Here is an example of a SELECT clause that fabricates an artificial 'users' -# table from actual table 'postfix_domains' containing a field 'domain_name'. -# The effect is that domains listed in the 'postfix_domains' table will be -# treated as local by amavisd, and be given settings from a policy id 99 -# if such a policy id exists, or just fall back to static lookups. -# The user.id (with a value 1) is there only to provide a user id (same id -# for all listed domains) when global SQL-based white/blacklisting is used. -# -# $sql_lookups_no_at_means_domain = 1; -# $sql_select_policy = -# 'SELECT *, user.id'. -# ' FROM (SELECT 1 as id, 99 as policy_id, "Y" AS local'. -# ' FROM postfix_domains WHERE domain_name IN (%k)) AS user'. -# ' LEFT JOIN policy ON policy_id=policy.id'; - -# If passing malware to certain recipients ($final_*_destiny=D_PASS or -# *_lovers), the recipient-based lookup tables @addr_extension_*_maps may -# return a string, which (if nonempty) will be added as an address extension -# to the local-part of the recipient's address. This extension may be used -# by the final local delivery agent (LDA) to place such mail into different -# subfolders (the extension is usually interpreted as a folder name). -# This is sometimes known as the 'plus addressing'. Appending address -# extensions is prevented when: -# - recipient does not match lookup tables @local_domains_maps; -# - lookup into corresponding @addr_extension_*_maps results -# in an empty string or undef; -# - $recipient_delimiter is empty (see below) -# LDAs usually default to stripping away address extension if no special -# handling is specified or if a named subfolder or alias does not exist, -# so adding address extensions normally does no harm. - -# @addr_extension_virus_maps = ('virus'); # defaults to empty -# @addr_extension_spam_maps = ('spam'); # defaults to empty -# @addr_extension_banned_maps = ('banned'); # defaults to empty -# @addr_extension_bad_header_maps = ('badh'); # defaults to empty -# -# A more complex example: -# @addr_extension_virus_maps = ( -# {'sub.example.com'=>'infected', '.example.com'=>'filtered'}, 'virus' ); - -# Delimiter between local part of the envelope recipient address and address -# extension (which can optionally be added, see @addr_extension_*_maps. E.g. -# recipient address is changed to . -# -# Delimiter must match the equivalent (final) MTA delimiter setting. -# (e.g. for Postfix add 'recipient_delimiter = +' to main.cf) -# Setting it to an empty string or to undef disables adding extensions -# regardless of $addr_extension_*_maps. - -# $recipient_delimiter = '+'; # (default is undef, i.e. disabled) - -# true: replace extension; false: append extension -# $replace_existing_extension = 1; # (default is true) - -# Affects matching of localpart of e-mail addresses (left of '@') -# in lookups: true = case sensitive, false = case insensitive -$localpart_is_case_sensitive = 0; # (default is false) - # ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING -# Instead of hard black- or whitelisting, a softer approach is to add -# score points (penalties) to the SA score for mail from certain senders. -# Positive points lean towards blacklisting, negative towards whitelisting. -# This is much like adding SA rules or using its white/blacklisting, except -# that here only envelope sender addresses are considered (not addresses -# in a mail header), and that score points can be assigned per-recipient -# (or globally), and the assigned penalties are customarily much lower -# than the default SA white/blacklisting score. -# -# The table structure is similar to $per_recip_blacklist_sender_lookup_tables -# i.e. the first level key is recipient, pointing to by-sender lookup tables. -# The essential difference is that scores from _all_ matching by-recipient -# lookups (not just the first that matches) are summed to give the final -# score boost. That means that both the site and domain administrators, -# as well as the recipient can have a say on the final score. -# -# NOTE: keep hash keys in lowercase, either manually or by using function lc +@score_sender_maps = ({ # a by-recipient hash lookup table, + # results from all matching recipient tables are summed -@score_sender_maps = ({ # a by-recipient hash lookup table - -# # per-recipient personal tables (NOTE: positive: black, negative: white) +# ## per-recipient personal tables (NOTE: positive: black, negative: white) # 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}], # 'user3@example.com' => [{'.ebay.com' => -3.0}], # 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0, # '.cleargreen.com' => -5.0}], - # site-wide opinions about senders (the '.' matches any recipient) + ## site-wide opinions about senders (the '.' matches any recipient) '.' => [ # the _first_ matching sender determines the score boost new_RE( # regexp-type lookup table, just happens to be all soft-blacklist @@ -1461,9 +286,9 @@ $localpart_is_case_sensitive = 0; # (default is false) [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0], [qr'^(your_friend|greatoffers)@'i => 5.0], [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0], - [ qr'@strato(?:-rz)\.de$'i => -5.0 ], - [ qr'^Doris\.Hennig@BA-MH\.Verwalt-Berlin\.de$'i => -5.0 ], - [ qr'^doris@hennig-berlin\.org$'i => -5.0 ], + [qr'@strato(?:-rz)\.de$'i => -5.0 ], + [qr'^Doris\.Hennig@BA-MH\.Verwalt-Berlin\.de$'i => -5.0 ], + [qr'^doris@hennig-berlin\.org$'i => -5.0 ], ), # read_hash("/var/amavis/sender_scores_sitewide"), @@ -1512,249 +337,35 @@ $localpart_is_case_sensitive = 0; # (default is false) }); -# ENVELOPE SENDER WHITELISTING / BLACKLISTING - GLOBAL (RECIPIENT-INDEPENDENT) -# (affects spam checking only, has no effect on virus and other checks) - -# WHITELISTING: use ENVELOPE SENDER lookups to ENSURE DELIVERY from whitelisted -# senders even if the message would be recognized as spam. Effectively, for -# the specified senders, message recipients temporarily become 'spam_lovers'. -# To avoid surprises, whitelisted sender also suppresses inserting/editing -# the tag2-level header fields (X-Spam-*, Subject), appending spam address -# extension, and quarantining. -# -# BLACKLISTING: messages from specified SENDERS are DECLARED SPAM. -# Effectively, for messages from blacklisted envelope sender addresses, spam -# level is artificially pushed high, and the normal spam processing applies, -# resulting in 'X-Spam-Flag: YES', high 'X-Spam-Level' bar and other usual -# reactions to spam, including possible rejection. If the message nevertheless -# still passes (e.g. for spam loving recipients), it is tagged as BLACKLISTED -# in the 'X-Spam-Status' header field, but the reported spam value and -# set of tests in this report header field (if available from SpamAssassin, -# which may or may not have been called) is not adjusted. -# -# A sender may be both white- and blacklisted at the same time, settings -# are independent. For example, being both white- and blacklisted, message -# is delivered to recipients, but is not tagged as spam (X-Spam-Flag: No; -# X-Spam-Status: No, ...), but the reported spam level (if computed) may -# still indicate high spam score. -# -# If ALL recipients of the message either white- or blacklist the sender, -# spam scanning (calling the SpamAssassin) is bypassed, saving on time. -# -# The following variables (lists of lookup tables) are available, -# with the semantics and syntax as specified in README.lookups: -# @whitelist_sender_maps, @blacklist_sender_maps - -# SOME EXAMPLES: -# -#ACL: -# @whitelist_sender_maps = ( ['.example.org', '.example.net'] ); -# @whitelist_sender_maps = ( [qw(.example.org .example.net)] ); # same thing -# -# @whitelist_sender_maps = ( [".$mydomain"] ); # $mydomain and its subdomains -# NOTE: This is not a reliable way of turning off spam checks for -# locally-originating mail, as sender address can easily be faked. -# To reliably avoid spam-scanning outgoing mail, use @bypass_spam_checks_maps -# for nonlocal recipients. To reliably avoid spam scanning for locally -# originating mail (including internal-to-internal mail), recognized by -# the original SMTP client IP address matching @mynetworks, use policy bank -# MYNETS, adjust @mynetworks, and turn on XFORWARD in the Postfix smtp client -# service feeding amavisd. - -#with regexps: -# @whitelist_sender_maps = ( new_RE( -# qr'^postmaster@.*\bexample\.com$'i, -# qr'^owner-[^@]*@'i, qr'-request@'i, -# qr'\.example\.com$'i -# )); - - -# illustrates the use of regexp lookup table: - -@blacklist_sender_maps = ( new_RE( - qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i, - qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@'i, - qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i, - qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i, - qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i, - qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i, -)); - - -# NOTE: whitelisting is becoming deprecated because sender address is -# all too often faked; use @score_sender_maps for soft-whitelisting! -# -# Illustrates the use of several lookup tables: -# -# @whitelist_sender_maps = ( -# -# # read_hash("$MYHOME/whitelist_sender"), # a hash table read from a file -# -# # and another hash lookup table constructed in-line, with keys lowercased: -# { map {lc $_ => 1} qw( -# nobody@cert.org -# cert-advisory@us-cert.gov -# owner-alert@iss.net -# slashdot@slashdot.org -# bugtraq@securityfocus.com -# NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM -# security-alerts@linuxsecurity.com -# amavis-user-admin@lists.sourceforge.net -# amavis-user-bounces@lists.sourceforge.net -# notification-return@lists.sophos.com -# mailman-announce-admin@python.org -# owner-postfix-users@postfix.org -# owner-postfix-announce@postfix.org -# owner-sendmail-announce@lists.sendmail.org -# sendmail-announce-request@lists.sendmail.org -# owner-technews@postel.ACM.ORG -# lvs-users-admin@LinuxVirtualServer.org -# ietf-123-owner@loki.ietf.org -# cvs-commits-list-admin@gnome.org -# rt-users-admin@lists.fsck.com -# clp-request@comp.nus.edu.sg -# surveys-errors@lists.nua.ie -# emailNews@genomeweb.com -# owner-textbreakingnews@CNNIMAIL12.CNN.COM -# yahoo-dev-null@yahoo-inc.com -# returns.groups.yahoo.com -# )}, -# -# # { '' => 1 }, # and another one, containing just an empty reverse path (DSN) -# -# ); - - -# ENVELOPE SENDER WHITELISTING / BLACKLISTING - PER-RECIPIENT - -# The same semantics as for global white/blacklisting applies, but this -# time each recipient (or its domain, or subdomain, ...) can be given -# an individual lookup table for matching senders. The per-recipient lookups -# take precedence over the global lookups, which serve as a fallback default. - -# Specify a two-level lookup table: the key for the outer table is recipient, -# and the result should be an inner lookup table (hash or ACL or RE), -# where the key used will be the sender. (Note that this structure is flatter -# than @score_sender_maps, where the first level result is a ref to a _list_ -# of inner lookup tables, not a ref to a single lookup table.) -# -#$per_recip_blacklist_sender_lookup_tables = { -# 'user1@my.example.com'=>new_RE(qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i), -# 'user2@my.example.com'=>[qw( spammer@d1.example,org .d2.example,org )], -#}; -#$per_recip_whitelist_sender_lookup_tables = { -# 'user@my.example.com' => [qw( friend@example.org .other.example.org )], -# '.my1.example.com' => [qw( !foe.other.example,org .other.example,org )], -# '.my2.example.com' => read_hash("$MYHOME/my2-wl.dat"), -# 'abuse@' => { 'postmaster@'=>1, -# 'cert-advisory-owner@cert.org'=>1, 'owner-alert@iss.net'=>1 }, -#}; - - -# -# Section VI - Resource limits -# - -# Sanity limit to the number of allowed recipients per SMTP transaction -# $smtpd_recipient_limit = 1100; # (default is 1100) - -# Resource limits to protect unpackers, decompressors and virus scanners -# against mail bombs (e.g. 42.zip) - - -# Maximum recursion level for extraction/decoding (0 or undef disables limit) -$MAXLEVELS = 14; # (default is undef, no limit) - -# Maximum number of extracted files (0 or undef disables the limit) -$MAXFILES = 1500; # (default is undef, no limit) - -# For the cumulative total of all decoded mail parts we set max storage size -# to defend against mail bombs. Even though parts may be deleted (replaced -# by decoded text) during decoding, the size they occupied is _not_ returned -# to the quota pool. -# -# Parameters to storage quota formula for unpacking/decoding/decompressing -# Formula: -# quota = max($MIN_EXPANSION_QUOTA, -# $mail_size*$MIN_EXPANSION_FACTOR, -# min($MAX_EXPANSION_QUOTA, $mail_size*$MAX_EXPANSION_FACTOR)) -# In plain words (later condition overrules previous ones): -# allow MAX_EXPANSION_FACTOR times initial mail size, -# but not more than MAX_EXPANSION_QUOTA, -# but not less than MIN_EXPANSION_FACTOR times initial mail size, -# but never less than MIN_EXPANSION_QUOTA -# -$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) -$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) -$MIN_EXPANSION_FACTOR = 5; # times original mail size (default is 5) -$MAX_EXPANSION_FACTOR = 500; # times original mail size (default is 500) - -# expiration time of cached results: time to live in seconds -# (how long the result of a virus/spam test remains valid) -$virus_check_negative_ttl= 3*60; # time to remember that mail was not infected -$virus_check_positive_ttl= 30*60; # time to remember that mail was infected -$spam_check_negative_ttl = 10*60; # time to remember that mail was not spam -$spam_check_positive_ttl = 30*60; # time to remember that mail was spam -# -# NOTE: -# Cache size will be determined by the largest of the $*_ttl values. -# Depending on the mail rate, the cache database may grow quite large. -# Reasonable compromise for the max value is 15 minutes to 2 hours. - -# -# Section VII - External programs, virus scanners -# - -# Specify a path string, which is a colon-separated string of directories -# (no trailing slashes!) to be assigned to the environment variable PATH -# and to serve for locating external programs below. - -# NOTE: if $daemon_chroot_dir is nonempty, the directories will be -# relative to the chroot directory specified; - -$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/bin'; - -# For external programs specify one string or a search list of strings (first -# match wins). The string (or: each string in a list) may be an absolute path, -# or just a program name, to be located via $path; -# Empty string or undef (=default) disables the use of that external program. -# Optionally command arguments may be specified - only the first substring -# up to the whitespace is used for file searching. - -$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability -$dspam = 'dspam'; - -# A list of pairs or n-tuples: [short-type, code_ref, optional-args...]. -# Maps short types to a decoding routine, the first match wins. -# Arguments beyond the first two can be program path string (or a listref of -# paths to be searched) or a reference to a variable containing such a path, -# which allows for lazy evaluation, making possible to assign values to -# legacy configuration variables even after the assignment to @decoders. -# @decoders = ( ['mail', \&do_mime_decode], ['asc', \&do_ascii], - ['uue', \&do_ascii], - ['hqx', \&do_ascii], - ['ync', \&do_ascii], +# ['uue', \&do_ascii], +# ['hqx', \&do_ascii], +# ['ync', \&do_ascii], ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ], ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ], ['gz', \&do_uncompress, 'gzip -d'], ['gz', \&do_gunzip], ['bz2', \&do_uncompress, 'bzip2 -d'], + ['xz', \&Amavis::Unpackers::do_uncompress, + ['xzdec', 'xz -dc', 'unxz -c', 'xzcat'] ], + ['lzma', \&Amavis::Unpackers::do_uncompress, + ['lzmadec', 'xz -dc --format=lzma', + 'lzma -dc', 'unlzma -c', 'lzcat', 'lzmadec'] ], ['lzo', \&do_uncompress, 'lzop -d'], ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ], ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ], ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ], ['deb', \&do_ar, 'ar'], -# ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill + ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill ['zip', \&do_unzip], ['7z', \&do_7zip, ['7zr','7za','7z'] ], ['rar', \&do_unrar, ['rar','unrar'] ], ['arj', \&do_unarj, ['arj','unarj'] ], ['arc', \&do_arc, ['nomarch','arc'] ], ['zoo', \&do_zoo, ['zoo','unzoo'] ], - ['lha', \&do_lha, 'lha'], + ['lha', \&do_lha, 'lha'], # unmaintained - security risk # ['doc', \&do_ole, 'ripole'], ['cab', \&do_cabextract, 'cabextract'], ['tnef', \&do_tnef_ext, 'tnef'], @@ -1764,212 +375,44 @@ $dspam = 'dspam'; ); -# SpamAssassin settings - -# $sa_local_tests_only is passed to Mail::SpamAssassin::new as a value -# of the option local_tests_only. See Mail::SpamAssassin man page. -# If set to 1, no SA tests that require internet access will be performed. -# -$sa_local_tests_only = 0; # only tests which do not require internet access? -#$sa_auto_whitelist = 1; # turn on AWL in SA 2.63 or older (irrelevant - # for SA 3.0, its cf option is use_auto_whitelist) - -$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger - # (less than 1% of spam is > 64k) - # default: undef, no limitations - -# default values, customarily used in the @spam_*_level_maps as the last entry -$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level; - # undef is interpreted as lower than any spam level -$sa_tag2_level_deflt = 6.31;# add 'spam detected' headers at that level to - # passed mail, adding address extensions; -$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions - # at or above that level: bounce/reject/drop, - # quarantine -$sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, - # effectively turning D_BOUNCE into D_DISCARD; - # undef disables this feature and is a default; -# see also $sa_quarantine_cutoff_level above, which only controls quarantining - -# $penpals_bonus_score = 5; # (positive) score by which spam score is lowered - # when sender is known to have previously received mail from our - # local user from this mail system; zero or undef disables penpals - # lookups in SQL; default: undef -# $penpals_halflife = 10*24*60*60; #exponential decay time constant in seconds; - # penpal bonus is halved for each halflife period from the last mail - # sent by a local user to a current mail's sender; default: 7 days -# $penpals_threshold_low = 1.0; # no need for pen pals lookup on low spam score -# $penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam - -# $bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces - # bounce killer needs operational SQL logging (pen pals) ! - -# advanced example specifying per-recipient values using a hash lookup: -#@spam_tag_level_maps = (\$sa_tag_level_deflt); # this is a default -#@spam_tag2_level_maps = ( -# { 'user1@example.com' => 8.0, '.example.com' => 6.0 }, -# \$sa_tag2_level_deflt, # catchall default -#); -#@spam_kill_level_maps = ( -# { 'user1@example.com' => 8.0, '.example.com' => 6.0 }, -# \$sa_kill_level_deflt, # catchall default -#); -#@spam_dsn_cutoff_level_maps = ( -# { 'user1@example.com' => 10, '.example.com' => 15 }, -# \$sa_dsn_cutoff_level, # catchall default -#); - -# selectively trim down bounces to domains sending their own bounces with -# non-null return path, to frequently abused domains, or to those sending -# marginal spam -@spam_dsn_cutoff_level_bysender_maps = ( - { # an associative array (hash) lookup table, use lowercase keys - 'virgilio.it' => 7, 'mail.ru' => 7, '0451.com' => 7, - 'yahoo.co.uk' => 7, 'yahoo.co.jp' => 7, 'nobody@' => 7, - 'noreply@' => 0, 'no-reply@' => 0, 'donotreply@' => 0, - 'opt-in@' => 0, 'opt-out@' => 0, 'yahoo-dev-null@' => 0, - '.optin-out.com' => 0, 'daily@astrocenter.com' => 0, - 'spamadmin@fraunhofer.de'=> 7, # Sophos PureMessage spam bounces - }, - \$sa_dsn_cutoff_level, # catchall default value -); - -# a quick reference: -# tag_level contents category: CC_CLEAN, -# controls adding the X-Spam-Status and X-Spam-Level headers, -# tag2_level contents category: CC_SPAMMY, -# controls adding 'X-Spam-Flag: YES', editing (tagging) Subject, -# and adding address extensions, -# tag3_level contents category: CC_SPAMMY, minor category 1, -# like tag2, but may insert different Subject tag -# e.g. @spam_subject_tag3_maps=('***BLATANT*SPAM*** '); -# kill_level contents category: CC_SPAM, -# controls 'evasive actions' (reject, quarantine); -# it only makes sense to maintain the relationship: -# tag_level <= tag2_level <= tag3_level <= kill_level < -# < dsn_cutoff_level <= quarantine_cutoff_level - -# string to prepend to Subject header field when message exceeds tag2 level -#$sa_spam_subject_tag = '***SPAM*** '; # (defaults to undef, disabled) - # (only seen when spam is passed and recipient is - # in local_domains*) -# more examples, using @*_maps directly: -#@spam_subject_tag_maps = ('[possible-spam:_SCORE_] '); -#@spam_subject_tag2_maps = ('***SPAM*** _SCORE_ (_REQD_) '); -#@spam_subject_tag3_maps = ('***BLATANT*SPAM**** _SCORE_ (_REQD_) '); -# another examples, using _maps_by_ccat: -#$subject_tag_maps_by_ccat{+CC_CLEAN} = [ -# { lc('TestUser@example.net') => -# '**TEST:_U_,hits=_SCORE_,req=_REQD_,amid=_TASKID_,mid=_MAILID_**' } ]; - -#$sa_spam_modifies_subj = 1; # in @spam_modifies_subj_maps, default is true - -# Example: modify Subject for all local recipients except user@example.com -#@spam_modifies_subj_maps = ( [qw( !user@example.com . )] ); - -#$sa_spam_level_char = '*'; # char for X-Spam-Level bar, defaults to '*'; - # undef or empty disables inserting X-Spam-Level -#$sa_spam_report_header = 0; # insert X-Spam-Report header field? default false - -# stop anti-virus scanning when the first scanner detects a virus? -#$first_infected_stops_scan = 1; # default is false, all scanners in a section - # are called - -# @av_scanners is a list of n-tuples, where fields semantics is: -# 1. av scanner plain name, to be used in log and reports; -# 2a.scanner program name; this string will be submitted to subroutine -# find_external_programs(), which will try to find the full program path -# name during startup; if program is not found, this scanner is disabled. -# Besides a simple string (full program path name or just the basename -# to be looked for in PATH), this may be an array ref of alternative -# program names or full paths - the first match in the list will be used; -# 2b.alternatively, this second field may be a subroutine reference, -# and the whole n-tuple entry is passed to it as args; it should return -# a triple: ($scan_status,$output,$virusnames_ref), where: -# - $scan_status is: true if a virus was found, 0 if no viruses, -# undef if scanner was unable to complete its job (failed); -# - $output is an optional result string to appear in logging and macro %v; -# - $virusnames_ref is a ref to a list of detected virus names (may be -# undef or a ref to an empty list); -# 3. command arguments to be given to the scanner program; -# a substring {} will be replaced by the directory name to be scanned, i.e. -# "$tempdir/parts", a "*" will be replaced by base file names of parts; -# 4. an array ref of av scanner exit status values, or a regexp (to be -# matched against scanner output), indicating NO VIRUSES found; -# a special case is a value undef, which does not claim file to be clean -# (i.e. it never matches, similar to []), but suppresses a failure warning; -# to be used when the result is inconclusive (useful for specialized and -# quick partial scanners such as jpeg checker); -# 5. an array ref of av scanner exit status values, or a regexp (to be -# matched against scanner output), indicating VIRUSES WERE FOUND; -# a value undef may be used and it never matches (for consistency with 4.); -# Note: the virus match prevails over a 'not found' match, so it is safe -# even if the no. 4. matches for viruses too; -# 6. a regexp (to be matched against scanner output), returning a list -# of virus names found, or a sub ref, returning such a list when given -# scanner output as argument; -# 7. and 8.: (optional) subroutines to be executed before and after scanner -# (e.g. to set environment or current directory); -# see examples for these at KasperskyLab AVP and NAI uvscan. - -# NOTES: -# -# - NOT DEFINING @av_scanners (e.g. setting it to empty list, or deleting the -# whole assignment) TURNS OFF LOADING AND COMPILING OF THE ANTIVIRUS CODE -# (which can be handy if all you want to do is spam scanning); -# -# - the order matters: although _all_ available entries from the list -# are tried regardless of their verdict, scanners are run in the order -# specified: the report from the first one detecting a virus will be used -# (providing virus names and scanner output); REARRANGE THE ORDER TO WILL; -# see also $first_infected_stops_scan; -# -# - it doesn't hurt to keep an unused command line scanner entry in the list -# if the program can not be found; the path search is only performed once -# during the program startup; -# -# COROLLARY: to disable a scanner that _does_ exist on your system, -# comment out its entry or use undef or '' as its program name/path -# (second parameter). An example where this is almost a must: disable -# Sophos 'sweep' if you have its daemonized version Sophie or SAVI-Perl -# (same for Trophie/vscan, and clamd/clamscan), or if another unrelated -# program happens to have a name matching one of the entries ('sweep' -# again comes to mind); -# -# - it DOES HURT to keep unwanted entries which use INTERNAL SUBROUTINES -# for interfacing (where the second parameter starts with \&). -# Keeping such entry and not having a corresponding virus scanner daemon -# causes an unnecessary connection attempt (which eventually times out, -# but it wastes precious time). For this reason the daemonized entries -# are commented in the distribution - just remove the '#' where needed. -# -# CERT list of av resources: http://www.cert.org/other_sources/viruses.html - @av_scanners = ( +# ### http://www.sophos.com/ +# ['Sophos-SSSP', +# \&ask_daemon, ["{}", 'sssp:/var/run/savdi/sssp.sock'], +# # or: ["{}", 'sssp:[127.0.0.1]:4010'], +# qr/^DONE OK\b/m, qr/^VIRUS\b/m, qr/^VIRUS\s*(\S*)/m ], + # ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/) # ['Sophie', -# \&ask_daemon, ["{}/\n", '/var/run/sophie'], -# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, +# \&ask_daemon, ["{}/\n", 'sophie:/var/run/sophie'], +# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/, # qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], # ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/ -# ['Sophos SAVI', \&sophos_savi ], +# ['Sophos SAVI', \&ask_daemon, ['{}','savi-perl:'] ], + +# ['Avira SAVAPI', +# \&ask_daemon, ["*", 'savapi:/var/tmp/.savapi3', 'product-id'], +# qr/^(200|210)/m, qr/^(310|420|319)/m, +# qr/^(?:310|420)[,\s]*(?:.* <<< )?(.+?)(?: ; |$)/m ], +# settings for the SAVAPI3.conf: ArchiveScan=1, HeurLevel=2, MailboxScan=1 ### http://www.clamav.net/ ['ClamAV-clamd', \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], qr/\bOK$/m, qr/\bFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], -# NOTE: run clamd under the same user as amavisd, or run it under its own -# uid such as clamav, add user clamav to the amavis group, and then add -# AllowSupplementaryGroups to clamd.conf; -# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in -# this entry; when running chrooted one may prefer socket "$MYHOME/clamd". +# NOTE: run clamd under the same user as amavisd - or run it under its own +# # uid such as clamav, add user clamav to the amavis group, and then add +# # AllowSupplementaryGroups to clamd.conf; +# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in +# # this entry; when running chrooted one may prefer a socket under $MYHOME. # ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) # # note that Mail::ClamAV requires perl to be build with threading! -# ['Mail::ClamAV', \&ask_clamav, "*", [0], [1], qr/^INFECTED: (.+)/m ], +# ['Mail::ClamAV', \&ask_daemon, ['{}','clamav-perl:'], +# [0], [1], qr/^INFECTED: (.+)/m], # ### http://www.openantivirus.org/ # ['OpenAntiVirus ScannerDaemon (OAV)', @@ -1978,7 +421,7 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, # ### http://www.vanja.com/tools/trophie/ # ['Trophie', -# \&ask_daemon, ["{}/\n", '/var/run/trophie'], +# \&ask_daemon, ["{}/\n", 'trophie:/var/run/trophie'], # qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, # qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], @@ -2063,7 +506,7 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, # directory $TEMPBASE specifies) in the 'Names=' section. # cd /opt/AVP/DaemonClients; configure; cd Sample; make # cp AvpDaemonClient /opt/AVP/ - # su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}" + # su - amavis -c "${PREFIX}/kavdaemon ${DPARMS}" ### http://www.centralcommand.com/ ['CentralCommand Vexira (new) vascan', @@ -2080,7 +523,7 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, # protected files are to be considered infected. ### http://www.avira.com/ - ### Avira AntiVir (formerly H+BEDV) or (old) CentralCommand Vexira Antivirus + ### old Avira AntiVir 2.x (ex H+BEDV) or old CentralCommand Vexira Antivirus ['Avira AntiVir', ['antivir','vexira'], '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | @@ -2088,6 +531,12 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, # NOTE: if you only have a demo version, remove -z and add 214, as in: # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, + ### http://www.avira.com/ + ### Avira for UNIX 3.x + ['Avira AntiVir', ['avscan'], + '-s --batch --alert-action=none {}', [0,4], qr/(?:ALERT|FUND):/m, + qr/(?:ALERT|FUND): (?:.* <<< )?(.+?)(?: ; |$)/m ], + ### http://www.commandsoftware.com/ ['Command AntiVirus for Linux', 'csav', '-all -archive -packed {}', [50], [51,52,53], @@ -2226,7 +675,7 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, ### http://www.nai.com/ ['NAI McAfee AntiVirus (uvscan)', 'uvscan', - '--secure -rv --mime --summary --noboot --mailbox --program --timeout 180 - {}', [0], [13], + '--secure -rv --mime --summary --noboot - {}', [0], [13], qr/(?x) Found (?: \ the\ (.+)\ (?:virus|trojan) | \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | @@ -2272,9 +721,9 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, ### http://www.bitdefender.com/ ['BitDefender', 'bdscan', # new version - '--action=ignore --no-list {}', qr/^Infected files *:0+(?!\d)/m, - qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, - qr/(?:suspected|infected): (.*)(?:\033|$)/m ], + '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m, + qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m, + qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ], ### http://www.bitdefender.com/ ['BitDefender', 'bdc', # old version @@ -2289,6 +738,11 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, '-v 1 -summary 0 -s {}', [0], [1,2], qr/(?:VIR|WIR):[ \t]*(.+)/m ], +# ### a generic SMTP-client interface to a SMTP-based virus scanner +# ['av_smtp', \&ask_av_smtp, +# ['{}', 'smtp:[127.0.0.1]:5525', 'dummy@localhost'], +# qr/^2/, qr/^5/, qr/^\s*(.*?)\s*$/m ], + # ['File::Scan', sub {Amavis::AV::ask_av(sub{ # use File::Scan; my($fn)=@_; # my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0); @@ -2304,58 +758,9 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, # # NOTE: place file JpegTester.pm somewhere where Perl can find it, # # for example in /usr/local/lib/perl5/site_perl -# ### example: simpleminded checker for JPEG marker segments with -# ### invalid length (only checks first 32k, which is not thorough enough) -# ['check-jpeg-simple', -# sub { Amavis::AV::ask_av(sub { -# my($f)=@_; local(*FF,$_,$1,$2); my(@r)=(0,'not jpeg'); -# open(FF,$f) or die "jpeg: open err $f: $!"; -# binmode(FF) or die "jpeg: binmode err $f: $!"; -# defined read(FF,$_,32000) or die "jpeg: read err $f: $!"; -# close(FF) or die "jpeg: close err $f: $!"; -# if (/^\xff\xd8\xff/) { -# @r=(0,'jpeg ok'); -# while (!/\G(?:\xff\xd9|\z)/gc) { # EOI or eof -# if (/\G\xff+(?=\xff|\z)/gc) {} # fill-bytes before marker -# elsif (/\G\xff([\x01\xd0-\xd8])/gc) {} # TEM, RSTi, SOI -# elsif (/\G\xff([^\x00\xff])(..)/gcs) { # marker segment start -# my($n)=unpack("n",$2)-2; -# $n=32766 if $n>32766; # Perl regexp limit -# if ($n<0) {@r=(1,"bad jpeg: len=$n, pos=".pos); last} -# elsif (/\G.{$n}/gcs) {} # ok -# elsif (/\G.{0,$n}\z/gcs) {last} # truncated -# else {@r=(1,"bad jpeg: unexpected, pos=".pos); last} -# } -# elsif (/\G[^\xff]+/gc) {} # ECS -# elsif (/\G(?:\xff\x00)+/gc) {} # ECS -# else {@r=(2,"bad jpeg: unexpected char, pos=".pos); last} -# } -# }; @r}, @_) }, -# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], - -# ### an example/testing/template virus scanner (external), wastes 3 seconds -# ['wasteful sleeper example', -# '/bin/sleep', '3', # calls external program -# undef, undef, qr/no such/m ], - -# ### an example/testing/template virus scanner (internal), does nothing -# ['null', -# sub {}, ["{}"], # supplies its own subroutine, no external program -# undef, undef, qr/no such/m ], - ); -# If no virus scanners from the @av_scanners list produce 'clean' nor -# 'infected' status (i.e. they all fail to run or the list is empty), -# then _all_ scanners from the @av_scanners_backup list are tried -# (again, subject to $first_infected_stops_scan). When there are both -# daemonized and equivalent or similar command-line scanners available, -# it is customary to place slower command-line scanners in the -# @av_scanners_backup list. The default choice is somewhat arbitrary, -# move entries from one list to another as desired, keeping main scanners -# in the primary list to avoid warnings. - @av_scanners_backup = ( ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV @@ -2363,6 +768,16 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, "--stdout --no-summary -r --tempdir=$TEMPBASE {}", [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], +# ### http://www.clamav.net/ - using remote clamd scanner as a backup +# ['ClamAV-clamdscan', 'clamdscan', +# "--stdout --no-summary --config-file=/etc/clamd-client.conf {}", +# [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], + +# ['ClamAV-clamd-stream', +# \&ask_daemon, ["*", 'clamd:/var/run/clamav/clamd.sock'], +# qr/\bOK$/m, qr/\bFOUND$/m, +# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], + ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6 ['F-PROT Antivirus for UNIX', ['fpscan'], '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10 @@ -2371,7 +786,7 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, ### http://www.f-prot.com/ - backs up F-Prot Daemon (old) ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'], - '-dumb -ai -archive -packed -server {}', [0,8], [3,6], # or: [0], [3,6,8], + '-dumb -archive -packed {}', [0,8], [3,6], # or: [0], [3,6,8], qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ], ### http://www.trendmicro.com/ - backs up Trophie @@ -2416,145 +831,4 @@ $sa_dsn_cutoff_level = 9; # spam level beyond which a DSN is not sent, ); -# -# Section VIII - Debugging -# - -# The most useful debugging tool is to run amavisd-new non-detached -# from a terminal window using command: # amavisd debug - -# Some more refined approaches: - -# If sender matches ACL, turn debugging fully up, just for this one message -#@debug_sender_maps = ( ["test-sender\@$mydomain"] ); -#@debug_sender_maps = ( [qw( debug@example.com debug@example.net )] ); - -# May be useful along with @debug_sender_maps: -# Prevent all decoded originals being deleted (replaced by decoded part) -#@keep_decoded_original_maps = (1); - -# Turn on SpamAssassin debugging (output to STDERR, use with 'amavisd debug') -#$sa_debug = '1,all'; # defaults to false - - -# -# Section IX - Policy banks (dynamic policy switching) -# - -## Define some policy banks (sets of settings) and give them -## arbitrary names (the names '', 'MYNETS' and 'MYUSERS' have special meaning): -# -# $policy_bank{'ALT'} = { -# log_level => 3, -# syslog_ident => 'alt-amavis', -# syslog_facility => 'LOCAL3', -# inet_acl => [qw( 10.0.1.14 )], -# final_spam_destiny => D_PASS, final_bad_header_destiny => D_PASS, -# forward_method => 'smtp:*:*', -# notify_method => 'smtp:[127.0.0.1]:10025', -# virus_admin_maps => "abuse\@$mydomain", -# spam_lovers_maps => [@spam_lovers_maps, [qw( abuse@example.com )]], -# spam_tag_level_maps => 2.1, -# spam_tag2_level_maps => 6.32, -# spam_kill_level_maps => 6.72, -# spam_dsn_cutoff_level_maps => 8, -# defang_spam => 1, -# local_client_bind_address => '10.11.12.13', -# localhost_name => 'amavis.example.com', -# smtpd_greeting_banner => -# '${helo-name} ${protocol} ${product} ${version-id} (${version-date}) TEST service ready'; -# auth_mech_avail => [qw(PLAIN LOGIN)], -# auth_required_inp => 1, -# auth_required_out => 1, -# amavis_auth_user => 'amavisd', amavis_auth_pass = 'tOpsecretX', -# av_scanners => [ # provide only 'free' scanners -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/, qr/\bFOUND$/, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/, -# ], -# ], -# av_scanners_backup => [ -# ['ClamAV-clamscan', 'clamscan', -# "--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1], -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/, -# ], -# ], -# }; - -# NOTE: the use of policy banks for changing protocol on the input socket is -# only needed when different protocols need to be spoken on different sockets -# at the same time. For normal use just set globally e.g.: $protocol='AM.PDP'; -# -#$policy_bank{'AM.PDP-SOCK'} = { -# protocol => 'AM.PDP', # Amavis policy delegation protocol -# auth_required_release => 0, # do not require secret_id for amavisd-release -#}; -# -#$policy_bank{'AM.PDP-INET'} = { -# protocol => 'AM.PDP', # Amavis policy delegation protocol -# inet_acl => [qw( 127.0.0.1 [::1] )], # restrict to these IP addresses -#}; -# -## the name 'MYNETS' has special semantics: this policy bank gets loaded -## whenever MTA supplies the original SMTP client IP address (Postfix XFORWARD -## extension or a new AM.PDP protocol) and that address matches @mynetworks. -# -# $terminate_dsn_on_notify_success = 1; -# $policy_bank{'MYNETS'} = { # mail originating from @mynetworks -# originating => 1, # is true in MYNETS by deflt, but let's make it explicit -# terminate_dsn_on_notify_success => 0, -# spam_kill_level_maps => 6.9, -# syslog_facility => 'LOCAL4', # tell syslog to log to a separate file -# virus_admin_maps => ["virusalert\@$mydomain"], # alert of internal viruses -# spam_admin_maps => ["spamalert\@$mydomain"], # alert of internal spam -# bypass_spam_checks_maps => [1], # or: don't spam-check internal mail -# bypass_banned_checks_maps => [1], # don't banned-check internal mail -# warnbadhsender => 1, # warn local senders about their broken MUA -# banned_filename_maps => ['MYNETS-DEFAULT'], # more permissive banning rules -# spam_quarantine_cutoff_level_maps => undef, # quarantine all local spam -# spam_dsn_cutoff_level_maps => undef, # ensure NDN regardless of spam level -# spam_dsn_cutoff_level_bysender_maps => # but only from local domain senders -# [ { lc(".$mydomain") => undef, '.' => 15 } ], -# }; - -## the name 'MYUSERS' has special semantics: this policy bank gets loaded -## whenever the sender matches @local_domains_maps. This only makes sense -## if local sender addresses can be trusted -- for example by requiring -## authentication before letting users send with their local address. -# -# $policy_bank{'MYUSERS'} = { -# final_virus_destiny => D_BOUNCE, # bounce only to authenticated local users -# final_banned_destiny=> D_BOUNCE, -# }; - -# Needed for Courier: speak courier protocol on the socket -#$interface_policy{'SOCK'} = 'AM-SOCK'; -#$policy_bank{'AM-SOCK'} = {protocol => 'COURIER'}; - -## Now we can assign policy banks to amavisd tcp port numbers listed in -## $inet_socket_port. Whenever the connection from MTA is received, first -## a built-in policy bank $policy_bank{''} gets loaded, which bringings-in -## all the global/legacy settings, then it gets overlaid by the bank -## named in the $interface_policy{$port} if any, and finally the bank -## 'MYNETS' is overlaid if it exists and the SMTP client IP address -## is known (by XFORWARD command from MTA) and it matches @mynetworks. - -# $interface_policy{'10026'} = 'ALT'; - -# used by amavisd-release utility of a new AM.PDP-based amavis-milter client -#$interface_policy{'9998'} = 'AM.PDP-INET'; -#$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; - -# invoke custom hooks or additional configuration files: -# include_config_files('/etc/amavisd-custom.conf'); - -# Want to execute additional configuration files from some directory? -#{ my($d) = '/etc/amavis/conf.d'; # do *.cf or *.conf files in this directory -# local(*D); opendir(D,$d) or die "Can't open dir $d: $!"; -# my(@d) = sort grep {/\.(cf|conf)$/ && -f} map {/^(.*)$/,"$d/$1"} readdir(D); -# closedir(D) or die "Can't close $d: $!"; -# include_config_files($_) for (@d); -#} - 1; # insure a defined return value diff --git a/amavisd.conf.orig b/amavisd.conf.orig deleted file mode 100644 index 7e6eb35..0000000 --- a/amavisd.conf.orig +++ /dev/null @@ -1,806 +0,0 @@ -use strict; - -# a minimalistic configuration file for amavisd-new with all necessary settings -# -# see amavisd.conf-default for a list of all variables with their defaults; -# for more details see documentation in INSTALL, README_FILES/* -# and at http://www.ijs.si/software/amavisd/amavisd-new-docs.html - - -# COMMONLY ADJUSTED SETTINGS: - -# @bypass_virus_checks_maps = (1); # controls running of anti-virus code -# @bypass_spam_checks_maps = (1); # controls running of anti-spam code -# $bypass_decode_parts = 1; # controls running of decoders&dearchivers - -$max_servers = 2; # num of pre-forked children (2..30 is common), -m -$daemon_user = 'amavis'; # (no default; customary: vscan or amavis), -u -$daemon_group = 'amavis'; # (no default; customary: vscan or amavis), -g - -$mydomain = 'example.com'; # a convenient default for other settings - -# $MYHOME = '/var/amavis'; # a convenient default for other settings, -H -$TEMPBASE = "$MYHOME/tmp"; # working directory, needs to exist, -T -$ENV{TMPDIR} = $TEMPBASE; # environment variable TMPDIR, used by SA, etc. -$QUARANTINEDIR = "$MYHOME/quarantine"; # -Q -# $quarantine_subdir_levels = 1; # add level of subdirs to disperse quarantine -# $release_format = 'resend'; # 'attach', 'plain', 'resend' -# $report_format = 'arf'; # 'attach', 'plain', 'resend', 'arf' - -# $daemon_chroot_dir = $MYHOME; # chroot directory or undef, -R - -# $db_home = "$MYHOME/db"; # dir for bdb nanny/cache/snmp databases, -D -# $helpers_home = "$MYHOME/var"; # working directory for SpamAssassin, -S -# $lock_file = "$MYHOME/var/amavisd.lock"; # -L -# $pid_file = "$MYHOME/var/amavisd.pid"; # -P -#NOTE: create directories $MYHOME/tmp, $MYHOME/var, $MYHOME/db manually - -$log_level = 0; # verbosity 0..5, -d -$log_recip_templ = undef; # disable by-recipient level-0 log entries -$do_syslog = 1; # log via syslogd (preferred) -$syslog_facility = 'mail'; # Syslog facility as a string - # e.g.: mail, daemon, user, local0, ... local7 - -$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny) -$nanny_details_level = 2; # nanny verbosity: 1: traditional, 2: detailed -$enable_dkim_verification = 0; # enable DKIM signatures verification -$enable_dkim_signing = 0; # load DKIM signing code, keys defined by dkim_key - -@local_domains_maps = ( [".$mydomain"] ); # list of all local domains - -@mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 - 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 ); - -$unix_socketname = "$MYHOME/amavisd.sock"; # amavisd-release or amavis-milter - # option(s) -p overrides $inet_socket_port and $unix_socketname - -$inet_socket_port = 10024; # listen on this local TCP port(s) -# $inet_socket_port = [10024,10026]; # listen on multiple TCP ports - -$policy_bank{'MYNETS'} = { # mail originating from @mynetworks - originating => 1, # is true in MYNETS by default, but let's make it explicit - os_fingerprint_method => undef, # don't query p0f for internal clients -}; - -# it is up to MTA to re-route mail from authenticated roaming users or -# from internal hosts to a dedicated TCP port (such as 10026) for filtering -$interface_policy{'10026'} = 'ORIGINATING'; - -$policy_bank{'ORIGINATING'} = { # mail supposedly originating from our users - originating => 1, # declare that mail was submitted by our smtp client - allow_disclaimers => 1, # enables disclaimer insertion if available - # notify administrator of locally originating malware - virus_admin_maps => ["virusalert\@$mydomain"], - spam_admin_maps => ["virusalert\@$mydomain"], - warnbadhsender => 1, - # forward to a smtpd service providing DKIM signing service - forward_method => 'smtp:[127.0.0.1]:10027', - # force MTA conversion to 7-bit (e.g. before DKIM signing) - smtpd_discard_ehlo_keywords => ['8BITMIME'], - bypass_banned_checks_maps => [1], # allow sending any file names and types - terminate_dsn_on_notify_success => 0, # don't remove NOTIFY=SUCCESS option -}; - -$interface_policy{'SOCK'} = 'AM.PDP-SOCK'; # only applies with $unix_socketname - -# Use with amavis-release over a socket or with Petr Rehor's amavis-milter.c -# (with amavis-milter.c from this package or old amavis.c client use 'AM.CL'): -$policy_bank{'AM.PDP-SOCK'} = { - protocol => 'AM.PDP', - auth_required_release => 0, # do not require secret_id for amavisd-release -}; - -$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level -$sa_tag2_level_deflt = 6.2; # add 'spam detected' headers at that level -$sa_kill_level_deflt = 6.9; # triggers spam evasive actions (e.g. blocks mail) -$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent -$sa_crediblefrom_dsn_cutoff_level = 18; # likewise, but for a likely valid From -# $sa_quarantine_cutoff_level = 25; # spam level beyond which quarantine is off -$penpals_bonus_score = 8; # (no effect without a @storage_sql_dsn database) -$penpals_threshold_high = $sa_kill_level_deflt; # don't waste time on hi spam -$bounce_killer_score = 100; # spam score points to add for joe-jobbed bounces - -$sa_mail_body_size_limit = 400*1024; # don't waste time on SA if mail is larger -$sa_local_tests_only = 0; # only tests which do not require internet access? - -# @lookup_sql_dsn = -# ( ['DBI:mysql:database=mail;host=127.0.0.1;port=3306', 'user1', 'passwd1'], -# ['DBI:mysql:database=mail;host=host2', 'username2', 'password2'], -# ["DBI:SQLite:dbname=$MYHOME/sql/mail_prefs.sqlite", '', ''] ); -# @storage_sql_dsn = @lookup_sql_dsn; # none, same, or separate database - -# $timestamp_fmt_mysql = 1; # if using MySQL *and* msgs.time_iso is TIMESTAMP; -# defaults to 0, which is good for non-MySQL or if msgs.time_iso is CHAR(16) - -$virus_admin = "virusalert\@$mydomain"; # notifications recip. - -$mailfrom_notify_admin = "virusalert\@$mydomain"; # notifications sender -$mailfrom_notify_recip = "virusalert\@$mydomain"; # notifications sender -$mailfrom_notify_spamadmin = "spam.police\@$mydomain"; # notifications sender -$mailfrom_to_quarantine = ''; # null return path; uses original sender if undef - -@addr_extension_virus_maps = ('virus'); -@addr_extension_banned_maps = ('banned'); -@addr_extension_spam_maps = ('spam'); -@addr_extension_bad_header_maps = ('badh'); -# $recipient_delimiter = '+'; # undef disables address extensions altogether -# when enabling addr extensions do also Postfix/main.cf: recipient_delimiter=+ - -$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin'; -# $dspam = 'dspam'; - -$MAXLEVELS = 14; -$MAXFILES = 1500; -$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced) -$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced) - -$sa_spam_subject_tag = '***Spam*** '; -$defang_virus = 1; # MIME-wrap passed infected mail -$defang_banned = 1; # MIME-wrap passed mail containing banned name -# for defanging bad headers only turn on certain minor contents categories: -$defang_by_ccat{CC_BADH.",3"} = 1; # NUL or CR character in header -$defang_by_ccat{CC_BADH.",5"} = 1; # header line longer than 998 characters -$defang_by_ccat{CC_BADH.",6"} = 1; # header field syntax error - - -# OTHER MORE COMMON SETTINGS (defaults may suffice): - -# $myhostname = 'host.example.com'; # must be a fully-qualified domain name! - -# $notify_method = 'smtp:[127.0.0.1]:10025'; -# $forward_method = 'smtp:[127.0.0.1]:10025'; # set to undef with milter! - -# $final_virus_destiny = D_DISCARD; -# $final_banned_destiny = D_DISCARD; -# $final_spam_destiny = D_PASS; #!!! D_DISCARD / D_REJECT -# $final_bad_header_destiny = D_PASS; -# $bad_header_quarantine_method = undef; - -# $os_fingerprint_method = 'p0f:*:2345'; # to query p0f-analyzer.pl - -## hierarchy by which a final setting is chosen: -## policy bank (based on port or IP address) -> *_by_ccat -## *_by_ccat (based on mail contents) -> *_maps -## *_maps (based on recipient address) -> final configuration value - - -# SOME OTHER VARIABLES WORTH CONSIDERING (see amavisd.conf-default for all) - -# $warnbadhsender, -# $warnvirusrecip, $warnbannedrecip, $warnbadhrecip, (or @warn*recip_maps) -# -# @bypass_virus_checks_maps, @bypass_spam_checks_maps, -# @bypass_banned_checks_maps, @bypass_header_checks_maps, -# -# @virus_lovers_maps, @spam_lovers_maps, -# @banned_files_lovers_maps, @bad_header_lovers_maps, -# -# @blacklist_sender_maps, @score_sender_maps, -# -# $clean_quarantine_method, $virus_quarantine_to, $banned_quarantine_to, -# $bad_header_quarantine_to, $spam_quarantine_to, -# -# $defang_bad_header, $defang_undecipherable, $defang_spam - - -# REMAINING IMPORTANT VARIABLES ARE LISTED HERE BECAUSE OF LONGER ASSIGNMENTS - -@keep_decoded_original_maps = (new_RE( - qr'^MAIL$', # retain full original message for virus checking - qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables - qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i, -# qr'^Zip archive data', # don't trust Archive::Zip -)); - - -$banned_filename_re = new_RE( - -### BLOCKED ANYWHERE -# qr'^UNDECIPHERABLE$', # is or contains any undecipherable components - qr'^\.(exe-ms|dll)$', # banned file(1) types, rudimentary -# qr'^\.(exe|lha|cab|dll)$', # banned file(1) types - -### BLOCK THE FOLLOWING, EXCEPT WITHIN UNIX ARCHIVES: -# [ qr'^\.(gz|bz2)$' => 0 ], # allow any in gzip or bzip2 - [ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives - - qr'.\.(pif|scr)$'i, # banned extensions - rudimentary -# qr'^\.zip$', # block zip type - -### BLOCK THE FOLLOWING, EXCEPT WITHIN ARCHIVES: -# [ qr'^\.(zip|rar|arc|arj|zoo)$'=> 0 ], # allow any within these archives - - qr'^application/x-msdownload$'i, # block these MIME types - qr'^application/x-msdos-program$'i, - qr'^application/hta$'i, - -# qr'^message/partial$'i, # rfc2046 MIME type -# qr'^message/external-body$'i, # rfc2046 MIME type - -# qr'^(application/x-msmetafile|image/x-wmf)$'i, # Windows Metafile MIME type -# qr'^\.wmf$', # Windows Metafile file(1) type - - # block certain double extensions in filenames - qr'^(?!cid:).*\.[^./]*[A-Za-z][^./]*\.\s*(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)[.\s]*$'i, - -# qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?'i, # Class ID CLSID, strict -# qr'\{[0-9a-z]{4,}(-[0-9a-z]{4,}){0,7}\}?'i, # Class ID extension CLSID, loose - - qr'.\.(exe|vbs|pif|scr|cpl)$'i, # banned extension - basic -# qr'.\.(exe|vbs|pif|scr|cpl|bat|cmd|com)$'i, # banned extension - basic+cmd -# qr'.\.(ade|adp|app|bas|bat|chm|cmd|com|cpl|crt|emf|exe|fxp|grp|hlp|hta| -# inf|ini|ins|isp|js|jse|lib|lnk|mda|mdb|mde|mdt|mdw|mdz|msc|msi| -# msp|mst|ocx|ops|pcd|pif|prg|reg|scr|sct|shb|shs|sys|vb|vbe|vbs|vxd| -# wmf|wsc|wsf|wsh)$'ix, # banned extensions - long -# qr'.\.(asd|asf|asx|url|vcs|wmd|wmz)$'i, # consider also -# qr'.\.(ani|cur|ico)$'i, # banned cursors and icons filename -# qr'^\.ani$', # banned animated cursor file(1) type -# qr'.\.(mim|b64|bhx|hqx|xxe|uu|uue)$'i, # banned extension - WinZip vulnerab. -); -# See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q262631 -# and http://www.cknow.com/vtutor/vtextensions.htm - - -# ENVELOPE SENDER SOFT-WHITELISTING / SOFT-BLACKLISTING - -@score_sender_maps = ({ # a by-recipient hash lookup table, - # results from all matching recipient tables are summed - -# ## per-recipient personal tables (NOTE: positive: black, negative: white) -# 'user1@example.com' => [{'bla-mobile.press@example.com' => 10.0}], -# 'user3@example.com' => [{'.ebay.com' => -3.0}], -# 'user4@example.com' => [{'cleargreen@cleargreen.com' => -7.0, -# '.cleargreen.com' => -5.0}], - - ## site-wide opinions about senders (the '.' matches any recipient) - '.' => [ # the _first_ matching sender determines the score boost - - new_RE( # regexp-type lookup table, just happens to be all soft-blacklist - [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0], - [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0], - [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0], - [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0], - [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0], - [qr'^(your_friend|greatoffers)@'i => 5.0], - [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0], - ), - -# read_hash("/var/amavis/sender_scores_sitewide"), - - { # a hash-type lookup table (associative array) - 'nobody@cert.org' => -3.0, - 'cert-advisory@us-cert.gov' => -3.0, - 'owner-alert@iss.net' => -3.0, - 'slashdot@slashdot.org' => -3.0, - 'securityfocus.com' => -3.0, - 'ntbugtraq@listserv.ntbugtraq.com' => -3.0, - 'security-alerts@linuxsecurity.com' => -3.0, - 'mailman-announce-admin@python.org' => -3.0, - 'amavis-user-admin@lists.sourceforge.net'=> -3.0, - 'amavis-user-bounces@lists.sourceforge.net' => -3.0, - 'spamassassin.apache.org' => -3.0, - 'notification-return@lists.sophos.com' => -3.0, - 'owner-postfix-users@postfix.org' => -3.0, - 'owner-postfix-announce@postfix.org' => -3.0, - 'owner-sendmail-announce@lists.sendmail.org' => -3.0, - 'sendmail-announce-request@lists.sendmail.org' => -3.0, - 'donotreply@sendmail.org' => -3.0, - 'ca+envelope@sendmail.org' => -3.0, - 'noreply@freshmeat.net' => -3.0, - 'owner-technews@postel.acm.org' => -3.0, - 'ietf-123-owner@loki.ietf.org' => -3.0, - 'cvs-commits-list-admin@gnome.org' => -3.0, - 'rt-users-admin@lists.fsck.com' => -3.0, - 'clp-request@comp.nus.edu.sg' => -3.0, - 'surveys-errors@lists.nua.ie' => -3.0, - 'emailnews@genomeweb.com' => -5.0, - 'yahoo-dev-null@yahoo-inc.com' => -3.0, - 'returns.groups.yahoo.com' => -3.0, - 'clusternews@linuxnetworx.com' => -3.0, - lc('lvs-users-admin@LinuxVirtualServer.org') => -3.0, - lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0, - - # soft-blacklisting (positive score) - 'sender@example.net' => 3.0, - '.example.net' => 1.0, - - }, - ], # end of site-wide tables -}); - - -@decoders = ( - ['mail', \&do_mime_decode], -# ['asc', \&do_ascii], -# ['uue', \&do_ascii], -# ['hqx', \&do_ascii], -# ['ync', \&do_ascii], - ['F', \&do_uncompress, ['unfreeze','freeze -d','melt','fcat'] ], - ['Z', \&do_uncompress, ['uncompress','gzip -d','zcat'] ], - ['gz', \&do_uncompress, 'gzip -d'], - ['gz', \&do_gunzip], - ['bz2', \&do_uncompress, 'bzip2 -d'], - ['xz', \&Amavis::Unpackers::do_uncompress, - ['xzdec'. 'xz -dc', 'unxz -c', 'xzcat'] ], - ['lzma', \&Amavis::Unpackers::do_uncompress, - ['lzmadec', 'xz -dc --format=lzma', - 'lzma -dc', 'unlzma -c', 'lzcat', 'lzmadec'] ], - ['lzo', \&do_uncompress, 'lzop -d'], - ['rpm', \&do_uncompress, ['rpm2cpio.pl','rpm2cpio'] ], - ['cpio', \&do_pax_cpio, ['pax','gcpio','cpio'] ], - ['tar', \&do_pax_cpio, ['pax','gcpio','cpio'] ], - ['deb', \&do_ar, 'ar'], -# ['a', \&do_ar, 'ar'], # unpacking .a seems an overkill - ['zip', \&do_unzip], - ['7z', \&do_7zip, ['7zr','7za','7z'] ], - ['rar', \&do_unrar, ['rar','unrar'] ], - ['arj', \&do_unarj, ['arj','unarj'] ], - ['arc', \&do_arc, ['nomarch','arc'] ], - ['zoo', \&do_zoo, ['zoo','unzoo'] ], - ['lha', \&do_lha, 'lha'], -# ['doc', \&do_ole, 'ripole'], - ['cab', \&do_cabextract, 'cabextract'], - ['tnef', \&do_tnef_ext, 'tnef'], - ['tnef', \&do_tnef], -# ['sit', \&do_unstuff, 'unstuff'], # broken/unsafe decoder - ['exe', \&do_executable, ['rar','unrar'], 'lha', ['arj','unarj'] ], -); - - -@av_scanners = ( - -# ### http://www.sophos.com/ -# ['Sophos-SSSP', -# \&ask_daemon, ["{}", 'sssp:/var/run/savdi/sssp.sock'], -# # or: ["{}", 'sssp:[127.0.0.1]:4010'], -# qr/^DONE OK\b/m, qr/^VIRUS\b/m, qr/^VIRUS\s*(\S*)/m ], - -# ### http://www.clanfield.info/sophie/ (http://www.vanja.com/tools/sophie/) -# ['Sophie', -# \&ask_daemon, ["{}/\n", 'sophie:/var/run/sophie'], -# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/, qr/(?x)^ 1 ( : | [\000\r\n]* $)/, -# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], - -# ### http://www.csupomona.edu/~henson/www/projects/SAVI-Perl/ -# ['Sophos SAVI', \&ask_daemon, ['{}','savi-perl:'] ], - -# ['Avira SAVAPI', -# \&ask_daemon, ["*", 'savapi:/var/tmp/.savapi3', 'product-id'], -# qr/^(200|210)/m, qr/^(310|420|319)/m, -# qr/^(?:310|420)[,\s]*(?:.* <<< )?(.+?)(?: ; |$)/m -# settings for the SAVAPI3.conf: ArchiveScan=1, HeurLevel=2, MailboxScan=1 - -# ### http://www.clamav.net/ -# ['ClamAV-clamd', -# \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"], -# qr/\bOK$/m, qr/\bFOUND$/m, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], -# # NOTE: run clamd under the same user as amavisd, or run it under its own -# # uid such as clamav, add user clamav to the amavis group, and then add -# # AllowSupplementaryGroups to clamd.conf; -# # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in -# # this entry; when running chrooted one may prefer socket "$MYHOME/clamd". - -# ### http://www.clamav.net/ and CPAN (memory-hungry! clamd is preferred) -# # note that Mail::ClamAV requires perl to be build with threading! -# ['Mail::ClamAV', \&ask_daemon, ['{}','clamav-perl:'], -# [0], [1], qr/^INFECTED: (.+)/m], - -# ### http://www.openantivirus.org/ -# ['OpenAntiVirus ScannerDaemon (OAV)', -# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:8127'], -# qr/^OK/m, qr/^FOUND: /m, qr/^FOUND: (.+)/m ], - -# ### http://www.vanja.com/tools/trophie/ -# ['Trophie', -# \&ask_daemon, ["{}/\n", 'trophie:/var/run/trophie'], -# qr/(?x)^ 0+ ( : | [\000\r\n]* $)/m, qr/(?x)^ 1 ( : | [\000\r\n]* $)/m, -# qr/(?x)^ [-+]? \d+ : (.*?) [\000\r\n]* $/m ], - -# ### http://www.grisoft.com/ -# ['AVG Anti-Virus', -# \&ask_daemon, ["SCAN {}\n", '127.0.0.1:55555'], -# qr/^200/m, qr/^403/m, qr/^403 .*?: ([^\r\n]+)/m ], - -# ### http://www.f-prot.com/ -# ['F-Prot fpscand', # F-PROT Antivirus for BSD/Linux/Solaris, version 6 -# \&ask_daemon, -# ["SCAN FILE {}/*\n", '127.0.0.1:10200'], -# qr/^(0|8|64) /m, -# qr/^([1235679]|1[01345]) |<[^>:]*(?i)(infected|suspicious|unwanted)/m, -# qr/(?i)<[^>:]*(?:infected|suspicious|unwanted)[^>:]*: ([^>]*)>/m ], - -# ### http://www.f-prot.com/ -# ['F-Prot f-protd', # old version -# \&ask_daemon, -# ["GET {}/*?-dumb%20-archive%20-packed HTTP/1.0\r\n\r\n", -# ['127.0.0.1:10200', '127.0.0.1:10201', '127.0.0.1:10202', -# '127.0.0.1:10203', '127.0.0.1:10204'] ], -# qr/(?i)]*>clean<\/summary>/m, -# qr/(?i)]*>infected<\/summary>/m, -# qr/(?i)(.+)<\/name>/m ], - -# ### http://www.sald.com/, http://www.dials.ru/english/, http://www.drweb.ru/ -# ['DrWebD', \&ask_daemon, # DrWebD 4.31 or later -# [pack('N',1). # DRWEBD_SCAN_CMD -# pack('N',0x00280001). # DONT_CHANGEMAIL, IS_MAIL, RETURN_VIRUSES -# pack('N', # path length -# length("$TEMPBASE/amavis-yyyymmddTHHMMSS-xxxxx/parts/pxxx")). -# '{}/*'. # path -# pack('N',0). # content size -# pack('N',0), -# '/var/drweb/run/drwebd.sock', -# # '/var/amavis/var/run/drwebd.sock', # suitable for chroot -# # '/usr/local/drweb/run/drwebd.sock', # FreeBSD drweb ports default -# # '127.0.0.1:3000', # or over an inet socket -# ], -# qr/\A\x00[\x10\x11][\x00\x10]\x00/sm, # IS_CLEAN,EVAL_KEY; SKIPPED -# qr/\A\x00[\x00\x01][\x00\x10][\x20\x40\x80]/sm,# KNOWN_V,UNKNOWN_V,V._MODIF -# qr/\A.{12}(?:infected with )?([^\x00]+)\x00/sm, -# ], -# # NOTE: If using amavis-milter, change length to: -# # length("$TEMPBASE/amavis-milter-xxxxxxxxxxxxxx/parts/pxxx"). - - ### http://www.kaspersky.com/ (kav4mailservers) - ['KasperskyLab AVP - aveclient', - ['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient', - '/opt/kav/5.5/kav4mailservers/bin/aveclient','aveclient'], - '-p /var/run/aveserver -s {}/*', - [0,3,6,8], qr/\b(INFECTED|SUSPICION|SUSPICIOUS)\b/m, - qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.+)/m, - ], - # NOTE: one may prefer [0],[2,3,4,5], depending on how suspicious, - # currupted or protected archives are to be handled - - ### http://www.kaspersky.com/ - ['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'], - '-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ? - qr/infected: (.+)/m, - sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"}, - sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, - ], - - ### The kavdaemon and AVPDaemonClient have been removed from Kasperky - ### products and replaced by aveserver and aveclient - ['KasperskyLab AVPDaemonClient', - [ '/opt/AVP/kavdaemon', 'kavdaemon', - '/opt/AVP/AvpDaemonClient', 'AvpDaemonClient', - '/opt/AVP/AvpTeamDream', 'AvpTeamDream', - '/opt/AVP/avpdc', 'avpdc' ], - "-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/m ], - # change the startup-script in /etc/init.d/kavd to: - # DPARMS="-* -Y -dl -f=/var/amavis /var/amavis" - # (or perhaps: DPARMS="-I0 -Y -* /var/amavis" ) - # adjusting /var/amavis above to match your $TEMPBASE. - # The '-f=/var/amavis' is needed if not running it as root, so it - # can find, read, and write its pid file, etc., see 'man kavdaemon'. - # defUnix.prf: there must be an entry "*/var/amavis" (or whatever - # directory $TEMPBASE specifies) in the 'Names=' section. - # cd /opt/AVP/DaemonClients; configure; cd Sample; make - # cp AvpDaemonClient /opt/AVP/ - # su - amavis -c "${PREFIX}/kavdaemon ${DPARMS}" - - ### http://www.centralcommand.com/ - ['CentralCommand Vexira (new) vascan', - ['vascan','/usr/lib/Vexira/vascan'], - "-a s --timeout=60 --temp=$TEMPBASE -y $QUARANTINEDIR ". - "--log=/var/log/vascan.log {}", - [0,3], [1,2,5], - qr/(?x)^\s* (?:virus|iworm|macro|mutant|sequence|trojan)\ found:\ ( [^\]\s']+ )\ \.\.\.\ /m ], - # Adjust the path of the binary and the virus database as needed. - # 'vascan' does not allow to have the temp directory to be the same as - # the quarantine directory, and the quarantine option can not be disabled. - # If $QUARANTINEDIR is not used, then another directory must be specified - # to appease 'vascan'. Move status 3 to the second list if password - # protected files are to be considered infected. - - ### http://www.avira.com/ - ### old Avira AntiVir 2.x (ex H+BEDV) or old CentralCommand Vexira Antivirus - ['Avira AntiVir', ['antivir','vexira'], - '--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/m, - qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) | - (?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/m ], - # NOTE: if you only have a demo version, remove -z and add 214, as in: - # '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/, - - ### http://www.avira.com/ - ### Avira for UNIX 3.x - ['Avira AntiVir', ['avscan'], - '-s --batch --alert-action=none {}', [0,4], qr/(?:ALERT|FUND):/m, - qr/(?:ALERT|FUND): (?:.* <<< )?(.+?)(?: ; |$)/m ], - - ### http://www.commandsoftware.com/ - ['Command AntiVirus for Linux', 'csav', - '-all -archive -packed {}', [50], [51,52,53], - qr/Infection: (.+)/m ], - - ### http://www.symantec.com/ - ['Symantec CarrierScan via Symantec CommandLineScanner', - 'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}', - qr/^Files Infected:\s+0$/m, qr/^Infected\b/m, - qr/^(?:Info|Virus Name):\s+(.+)/m ], - - ### http://www.symantec.com/ - ['Symantec AntiVirus Scan Engine', - 'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}', - [0], qr/^Infected\b/m, - qr/^(?:Info|Virus Name):\s+(.+)/m ], - # NOTE: check options and patterns to see which entry better applies - -# ### http://www.f-secure.com/products/anti-virus/ version 4.65 -# ['F-Secure Antivirus for Linux servers', -# ['/opt/f-secure/fsav/bin/fsav', 'fsav'], -# '--delete=no --disinf=no --rename=no --archive=yes --auto=yes '. -# '--dumb=yes --list=no --mime=yes {}', [0], [3,6,8], -# qr/(?:infection|Infected|Suspected): (.+)/m ], - - ### http://www.f-secure.com/products/anti-virus/ version 5.52 - ['F-Secure Antivirus for Linux servers', - ['/opt/f-secure/fsav/bin/fsav', 'fsav'], - '--virus-action1=report --archive=yes --auto=yes '. - '--dumb=yes --list=no --mime=yes {}', [0], [3,4,6,8], - qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ], - # NOTE: internal archive handling may be switched off by '--archive=no' - # to prevent fsav from exiting with status 9 on broken archives - -# ### http://www.avast.com/ -# ['avast! Antivirus daemon', -# \&ask_daemon, # greets with 220, terminate with QUIT -# ["SCAN {}\015\012QUIT\015\012", '/var/run/avast4/mailscanner.sock'], -# qr/\t\[\+\]/m, qr/\t\[L\]\t/m, qr/\t\[L\]\t([^[ \t\015\012]+)/m ], - -# ### http://www.avast.com/ -# ['avast! Antivirus - Client/Server Version', 'avastlite', -# '-a /var/run/avast4/mailscanner.sock -n {}', [0], [1], -# qr/\t\[L\]\t([^[ \t\015\012]+)/m ], - - ['CAI InoculateIT', 'inocucmd', # retired product - '-sec -nex {}', [0], [100], - qr/was infected by virus (.+)/m ], - # see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html - - ### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT) - ['CAI eTrust Antivirus', 'etrust-wrapper', - '-arc -nex -spm h {}', [0], [101], - qr/is infected by virus: (.+)/m ], - # NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer - # see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783 - - ### http://mks.com.pl/english.html - ['MkS_Vir for Linux (beta)', ['mks32','mks'], - '-s {}/*', [0], [1,2], - qr/--[ \t]*(.+)/m ], - - ### http://mks.com.pl/english.html - ['MkS_Vir daemon', 'mksscan', - '-s -q {}', [0], [1..7], - qr/^... (\S+)/m ], - -# ### http://www.nod32.com/, version v2.52 (old) -# ['ESET NOD32 for Linux Mail servers', -# ['/opt/eset/nod32/bin/nod32cli', 'nod32cli'], -# '--subdir --files -z --sfx --rtp --adware --unsafe --pattern --heur '. -# '-w -a --action-on-infected=accept --action-on-uncleanable=accept '. -# '--action-on-notscanned=accept {}', -# [0,3], [1,2], qr/virus="([^"]+)"/m ], - -# ### http://www.eset.com/, version v2.7 (old) -# ['ESET NOD32 Linux Mail Server - command line interface', -# ['/usr/bin/nod32cli', '/opt/eset/nod32/bin/nod32cli', 'nod32cli'], -# '--subdir {}', [0,3], [1,2], qr/virus="([^"]+)"/m ], - -# ### http://www.eset.com/, version 2.71.12 -# ['ESET Software ESETS Command Line Interface', -# ['/usr/bin/esets_cli', 'esets_cli'], -# '--subdir {}', [0], [1,2,3], qr/virus="([^"]+)"/m ], - - ### http://www.eset.com/, version 3.0 - ['ESET Software ESETS Command Line Interface', - ['/usr/bin/esets_cli', 'esets_cli'], - '--subdir {}', [0], [1,2,3], - qr/:\s*action="(?!accepted)[^"]*"\n.*:\s*virus="([^"]*)"/m ], - - ## http://www.nod32.com/, NOD32LFS version 2.5 and above - ['ESET NOD32 for Linux File servers', - ['/opt/eset/nod32/sbin/nod32','nod32'], - '--files -z --mail --sfx --rtp --adware --unsafe --pattern --heur '. - '-w -a --action=1 -b {}', - [0], [1,10], qr/^object=.*, virus="(.*?)",/m ], - -# Experimental, based on posting from Rado Dibarbora (Dibo) on 2002-05-31 -# ['ESET Software NOD32 Client/Server (NOD32SS)', -# \&ask_daemon2, # greets with 200, persistent, terminate with QUIT -# ["SCAN {}/*\r\n", '127.0.0.1:8448' ], -# qr/^200 File OK/m, qr/^201 /m, qr/^201 (.+)/m ], - - ### http://www.norman.com/products_nvc.shtml - ['Norman Virus Control v5 / Linux', 'nvcc', - '-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14], - qr/(?i).* virus in .* -> \'(.+)\'/m ], - - ### http://www.pandasoftware.com/ - ['Panda CommandLineSecure 9 for Linux', - ['/opt/pavcl/usr/bin/pavcl','pavcl'], - '-auto -aex -heu -cmp -nbr -nor -nos -eng -nob {}', - qr/Number of files infected[ .]*: 0+(?!\d)/m, - qr/Number of files infected[ .]*: 0*[1-9]/m, - qr/Found virus :\s*(\S+)/m ], - # NOTE: for efficiency, start the Panda in resident mode with 'pavcl -tsr' - # before starting amavisd - the bases are then loaded only once at startup. - # To reload bases in a signature update script: - # /opt/pavcl/usr/bin/pavcl -tsr -ulr; /opt/pavcl/usr/bin/pavcl -tsr - # Please review other options of pavcl, for example: - # -nomalw, -nojoke, -nodial, -nohackt, -nospyw, -nocookies - -# ### http://www.pandasoftware.com/ -# ['Panda Antivirus for Linux', ['pavcl'], -# '-TSR -aut -aex -heu -cmp -nbr -nor -nso -eng {}', -# [0], [0x10, 0x30, 0x50, 0x70, 0x90, 0xB0, 0xD0, 0xF0], -# qr/Found virus :\s*(\S+)/m ], - -# GeCAD AV technology is acquired by Microsoft; RAV has been discontinued. -# Check your RAV license terms before fiddling with the following two lines! -# ['GeCAD RAV AntiVirus 8', 'ravav', -# '--all --archive --mail {}', [1], [2,3,4,5], qr/Infected: (.+)/m ], -# # NOTE: the command line switches changed with scan engine 8.5 ! -# # (btw, assigning stdin to /dev/null causes RAV to fail) - - ### http://www.nai.com/ - ['NAI McAfee AntiVirus (uvscan)', 'uvscan', - '--secure -rv --mime --summary --noboot - {}', [0], [13], - qr/(?x) Found (?: - \ the\ (.+)\ (?:virus|trojan) | - \ (?:virus|trojan)\ or\ variant\ ([^ ]+) | - :\ (.+)\ NOT\ a\ virus)/m, - # sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'}, - # sub {delete $ENV{LD_PRELOAD}}, - ], - # NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before - # anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6 - # and then clear it when finished to avoid confusing anything else. - # NOTE2: to treat encrypted files as viruses replace the [13] with: - # qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/ - - ### http://www.virusbuster.hu/en/ - ['VirusBuster', ['vbuster', 'vbengcl'], - "{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1], - qr/: '(.*)' - Virus/m ], - # VirusBuster Ltd. does not support the daemon version for the workstation - # engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of - # binaries, some parameters AND return codes have changed (from 3 to 1). - # See also the new Vexira entry 'vascan' which is possibly related. - -# ### http://www.virusbuster.hu/en/ -# ['VirusBuster (Client + Daemon)', 'vbengd', -# '-f -log scandir {}', [0], [3], -# qr/Virus found = (.*);/m ], -# # HINT: for an infected file it always returns 3, -# # although the man-page tells a different story - - ### http://www.cyber.com/ - ['CyberSoft VFind', 'vfind', - '--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/m, - # sub {$ENV{VSTK_HOME}='/usr/lib/vstk'}, - ], - - ### http://www.avast.com/ - ['avast! Antivirus', ['/usr/bin/avastcmd','avastcmd'], - '-a -i -n -t=A {}', [0], [1], qr/\binfected by:\s+([^ \t\n\[\]]+)/m ], - - ### http://www.ikarus-software.com/ - ['Ikarus AntiVirus for Linux', 'ikarus', - '{}', [0], [40], qr/Signature (.+) found/m ], - - ### http://www.bitdefender.com/ - ['BitDefender', 'bdscan', # new version - '--action=ignore --no-list {}', qr/^Infected files\s*:\s*0+(?!\d)/m, - qr/^(?:Infected files|Identified viruses|Suspect files)\s*:\s*0*[1-9]/m, - qr/(?:suspected|infected)\s*:\s*(.*)(?:\033|$)/m ], - - ### http://www.bitdefender.com/ - ['BitDefender', 'bdc', # old version - '--arc --mail {}', qr/^Infected files *:0+(?!\d)/m, - qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/m, - qr/(?:suspected|infected): (.*)(?:\033|$)/m ], - # consider also: --all --nowarn --alev=15 --flev=15. The --all argument may - # not apply to your version of bdc, check documentation and see 'bdc --help' - - ### ArcaVir for Linux and Unix http://www.arcabit.pl/ - ['ArcaVir for Linux', ['arcacmd','arcacmd.static'], - '-v 1 -summary 0 -s {}', [0], [1,2], - qr/(?:VIR|WIR):[ \t]*(.+)/m ], - -# ### a generic SMTP-client interface to a SMTP-based virus scanner -# ['av_smtp', \&ask_av_smtp, -# ['{}', 'smtp:[127.0.0.1]:5525', 'dummy@localhost'], -# qr/^2/, qr/^5/, qr/^\s*(.*?)\s*$/m ], - -# ['File::Scan', sub {Amavis::AV::ask_av(sub{ -# use File::Scan; my($fn)=@_; -# my($f)=File::Scan->new(max_txt_size=>0, max_bin_size=>0); -# my($vname) = $f->scan($fn); -# $f->error ? (2,"Error: ".$f->error) -# : ($vname ne '') ? (1,"$vname FOUND") : (0,"Clean")}, @_) }, -# ["{}/*"], [0], [1], qr/^(.*) FOUND$/m ], - -# ### fully-fledged checker for JPEG marker segments of invalid length -# ['check-jpeg', -# sub { use JpegTester (); Amavis::AV::ask_av(\&JpegTester::test_jpeg, @_) }, -# ["{}/*"], undef, [1], qr/^(bad jpeg: .*)$/m ], -# # NOTE: place file JpegTester.pm somewhere where Perl can find it, -# # for example in /usr/local/lib/perl5/site_perl - -); - - -@av_scanners_backup = ( - - ### http://www.clamav.net/ - backs up clamd or Mail::ClamAV - ['ClamAV-clamscan', 'clamscan', - "--stdout --no-summary -r --tempdir=$TEMPBASE {}", - [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], - -# ### http://www.clamav.net/ - using remote clamd scanner as a backup -# ['ClamAV-clamdscan', 'clamdscan', -# "--stdout --no-summary --config-file=/etc/clamd-client.conf {}", -# [0], qr/:.*\sFOUND$/m, qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], - -# ['ClamAV-clamd-stream', -# \&ask_daemon, ["*", 'clamd:/var/run/clamav/clamd'], -# qr/\bOK$/m, qr/\bFOUND$/m, -# qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], - - ### http://www.f-prot.com/ - backs up F-Prot Daemon, V6 - ['F-PROT Antivirus for UNIX', ['fpscan'], - '--report --mount --adware {}', # consider: --applications -s 4 -u 3 -z 10 - [0,8,64], [1,2,3, 4+1,4+2,4+3, 8+1,8+2,8+3, 12+1,12+2,12+3], - qr/^\[Found\s+[^\]]*\]\s+<([^ \t(>]*)/m ], - - ### http://www.f-prot.com/ - backs up F-Prot Daemon (old) - ['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'], - '-dumb -archive -packed {}', [0,8], [3,6], # or: [0], [3,6,8], - qr/(?:Infection:|security risk named) (.+)|\s+contains\s+(.+)$/m ], - - ### http://www.trendmicro.com/ - backs up Trophie - ['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'], - '-za -a {}', [0], qr/Found virus/m, qr/Found virus (.+) in/m ], - - ### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD - ['drweb - DrWeb Antivirus', # security LHA hole in Dr.Web 4.33 and earlier - ['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'], - '-path={} -al -go -ot -cn -upn -ok-', - [0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'m ], - - ### http://www.kaspersky.com/ - ['Kaspersky Antivirus v5.5', - ['/opt/kaspersky/kav4fs/bin/kav4fs-kavscanner', - '/opt/kav/5.5/kav4unix/bin/kavscanner', - '/opt/kav/5.5/kav4mailservers/bin/kavscanner', 'kavscanner'], - '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25], - qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m, -# sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"}, -# sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"}, - ], - -# Commented out because the name 'sweep' clashes with Debian and FreeBSD -# package/port of an audio editor. Make sure the correct 'sweep' is found -# in the path when enabling. -# -# ### http://www.sophos.com/ - backs up Sophie or SAVI-Perl -# ['Sophos Anti Virus (sweep)', 'sweep', -# '-nb -f -all -rec -ss -sc -archive -cab -mime -oe -tnef '. -# '--no-reset-atime {}', -# [0,2], qr/Virus .*? found/m, -# qr/^>>> Virus(?: fragment)? '?(.*?)'? found/m, -# ], -# # other options to consider: -idedir=/usr/local/sav - -# Always succeeds and considers mail clean. -# Potentially useful when all other scanners fail and it is desirable -# to let mail continue to flow with no virus checking (when uncommented). -# ['always-clean', sub {0}], - -); - - -1; # insure a defined return value diff --git a/apache2/modules.d/00_apache_manual.conf b/apache2/modules.d/00_apache_manual.conf index 25de5d1..c08b2a6 100644 --- a/apache2/modules.d/00_apache_manual.conf +++ b/apache2/modules.d/00_apache_manual.conf @@ -3,9 +3,9 @@ # The documentation is always available at # http://httpd.apache.org/docs/2.2/ -AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.22/manual$1" +AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.22-r1/manual$1" - + Options Indexes AllowOverride None Order allow,deny diff --git a/apache2/vhosts.d/.original/00_default_ssl_vhost.conf b/apache2/vhosts.d/.original/00_default_ssl_vhost.conf new file mode 100644 index 0000000..98bfc2f --- /dev/null +++ b/apache2/vhosts.d/.original/00_default_ssl_vhost.conf @@ -0,0 +1,179 @@ + + + +# see bug #178966 why this is in here + +# When we also provide SSL we have to listen to the HTTPS port +# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two +# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" +Listen 443 + + + ServerName localhost + Include /etc/apache2/vhosts.d/default_vhost.include + ErrorLog /var/log/apache2/ssl_error_log + + + TransferLog /var/log/apache2/ssl_access_log + + + ## SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + ## SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + ## Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If the certificate + # is encrypted, then you will be prompted for a pass phrase. Note that a + # kill -HUP will prompt again. Keep in mind that if you have both an RSA + # and a DSA certificate you can configure both in parallel (to also allow + # the use of DSA ciphers, etc.) + SSLCertificateFile /etc/ssl/apache2/server.crt + + ## Server Private Key: + # If the key is not combined with the certificate, use this directive to + # point at the key file. Keep in mind that if you've both a RSA and a DSA + # private key you can configure both in parallel (to also allow the use of + # DSA ciphers, etc.) + SSLCertificateKeyFile /etc/ssl/apache2/server.key + + ## Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the concatenation of + # PEM encoded CA certificates which form the certificate chain for the + # server certificate. Alternatively the referenced file can be the same as + # SSLCertificateFile when the CA certificates are directly appended to the + # server certificate for convinience. + #SSLCertificateChainFile /etc/ssl/apache2/ca.crt + + ## Certificate Authority (CA): + # Set the CA certificate verification path where to find CA certificates + # for client authentication or alternatively one huge file containing all + # of them (file must be PEM encoded). + # Note: Inside SSLCACertificatePath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCACertificatePath /etc/ssl/apache2/ssl.crt + #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt + + ## Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client authentication + # or alternatively one huge file containing all of them (file must be PEM + # encoded). + # Note: Inside SSLCARevocationPath you need hash symlinks to point to the + # certificate files. Use the provided Makefile to update the hash symlinks + # after changes. + #SSLCARevocationPath /etc/ssl/apache2/ssl.crl + #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl + + ## Client Authentication (Type): + # Client certificate verification type and depth. Types are none, optional, + # require and optional_no_ca. Depth is a number which specifies how deeply + # to verify the certificate issuer chain before deciding the certificate is + # not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + ## Access Control: + # With SSLRequire you can do per-directory access control based on arbitrary + # complex boolean expressions containing server variable checks and other + # lookup directives. The syntax is a mixture between C and Perl. See the + # mod_ssl documentation for more details. + # + # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + # + + ## SSL Engine Options: + # Set various options for the SSL engine. + + ## FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that the + # standard Auth/DBMAuth methods can be used for access control. The user + # name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + + ## ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server + # (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates into + # CGI scripts. + + ## StdEnvVars: + # This exports the standard SSL/TLS related `SSL_*' environment variables. + # Per default this exportation is switched off for performance reasons, + # because the extraction step is an expensive operation and is usually + # useless for serving static content. So one usually enables the exportation + # for CGI and SSI requests only. + + ## StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under + # a "Satisfy any" situation, i.e. when it applies access is denied and no + # other module can change it. + + ## OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire + + SSLOptions +StdEnvVars + + + + SSLOptions +StdEnvVars + + + ## SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait + # for the close notify alert from client. When you need a different + # shutdown approach you can use one of the following variables: + + ## ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates the + # SSL/TLS standard but is needed for some brain-dead browsers. Use this when + # you receive I/O errors because of the standard approach where mod_ssl + # sends the close notify alert. + + ## ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation works + # correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + # Similarly, one has to force some clients to use HTTP/1.0 to workaround + # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and + # "force-response-1.0" for this. + + BrowserMatch ".*MSIE.*" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + + + ## Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a compact + # non-error SSL logfile on a virtual host basis. + + CustomLog /var/log/apache2/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/vhosts.d/.original/00_default_vhost.conf b/apache2/vhosts.d/.original/00_default_vhost.conf new file mode 100644 index 0000000..9fa425a --- /dev/null +++ b/apache2/vhosts.d/.original/00_default_vhost.conf @@ -0,0 +1,48 @@ +# Virtual Hosts +# +# If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. + + +# see bug #178966 why this is in here + +# Listen: Allows you to bind Apache to specific IP addresses and/or +# ports, instead of the default. See also the +# directive. +# +# Change this to Listen on specific IP addresses as shown below to +# prevent Apache from glomming onto all bound IP addresses. +# +#Listen 12.34.56.78:80 +Listen 80 + +# Use name-based virtual hosting. +NameVirtualHost *:80 + +# When virtual hosts are enabled, the main host defined in the default +# httpd.conf configuration will go away. We redefine it here so that it is +# still available. +# +# If you disable this vhost by removing -D DEFAULT_VHOST from +# /etc/conf.d/apache2, the first defined virtual host elsewhere will be +# the default. + + ServerName localhost + Include /etc/apache2/vhosts.d/default_vhost.include + + + ServerEnvironment apache apache + + + + +# vim: ts=4 filetype=apache diff --git a/apache2/vhosts.d/.original/default_vhost.include b/apache2/vhosts.d/.original/default_vhost.include new file mode 100644 index 0000000..6d45888 --- /dev/null +++ b/apache2/vhosts.d/.original/default_vhost.include @@ -0,0 +1,73 @@ +# ServerAdmin: Your address, where problems with the server should be +# e-mailed. This address appears on some server-generated pages, such +# as error documents. e.g. admin@your-domain.com +ServerAdmin root@localhost + +# DocumentRoot: The directory out of which you will serve your +# documents. By default, all requests are taken from this directory, but +# symbolic links and aliases may be used to point to other locations. +# +# If you change this to something that isn't under /var/www then suexec +# will no longer work. +DocumentRoot "/var/www/localhost/htdocs" + +# This should be changed to whatever you set DocumentRoot to. + + # Possible values for the Options directive are "None", "All", + # or any combination of: + # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews + # + # Note that "MultiViews" must be named *explicitly* --- "Options All" + # doesn't give it to you. + # + # The Options directive is both complicated and important. Please see + # http://httpd.apache.org/docs/2.2/mod/core.html#options + # for more information. + Options Indexes FollowSymLinks + + # AllowOverride controls what directives may be placed in .htaccess files. + # It can be "All", "None", or any combination of the keywords: + # Options FileInfo AuthConfig Limit + AllowOverride All + + # Controls who can get stuff from this server. + Order allow,deny + Allow from all + + + + # Redirect: Allows you to tell clients about documents that used to + # exist in your server's namespace, but do not anymore. The client + # will make a new request for the document at its new location. + # Example: + # Redirect permanent /foo http://www.example.com/bar + + # Alias: Maps web paths into filesystem paths and is used to + # access content that does not live under the DocumentRoot. + # Example: + # Alias /webpath /full/filesystem/path + # + # If you include a trailing / on /webpath then the server will + # require it to be present in the URL. You will also likely + # need to provide a section to allow access to + # the filesystem path. + + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the target directory are treated as applications and + # run by the server when requested rather than as documents sent to the + # client. The same rules about trailing "/" apply to ScriptAlias + # directives as to Alias. + ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" + + +# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased +# CGI directory exists, if you have that configured. + + AllowOverride None + Options None + Order allow,deny + Allow from all + + +# vim: ts=4 filetype=apache diff --git a/apache2/vhosts.d/.rcs/00_default_ssl_vhost.conf,v b/apache2/vhosts.d/.rcs/00_default_ssl_vhost.conf,v deleted file mode 100644 index 1eac4b8..0000000 --- a/apache2/vhosts.d/.rcs/00_default_ssl_vhost.conf,v +++ /dev/null @@ -1,249 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.05.28.11.50.45; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.28.10.14.26; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@ - - -# see bug #178966 why this is in here - -# When we also provide SSL we have to listen to the HTTPS port -# Note: Configurations that use IPv6 but not IPv4-mapped addresses need two -# Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" -Listen 443 -#Listen 127.0.0.1:443 -#Listen 85.214.134.152:443 -#Listen [::1]:443 -#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:443 -#Listen [fe80::4261:86ff:feec:c1eb]:443 - -# Use name-based virtual hosting. -NameVirtualHost *:443 - -# - - ServerName www.brehm-online.com - Include /etc/apache2/vhosts.d/default_vhost.include - #Include /etc/apache2/vhosts.d/nagios.include - ErrorLog /var/log/apache2/ssl_error.log - - - #TransferLog /var/log/apache2/ssl_access_log - CustomLog /var/log/apache2/ssl_access.log full - - - ## SSL Engine Switch: - # Enable/Disable SSL for this virtual host. - SSLEngine on - - ## SSL Cipher Suite: - # List the ciphers that the client is permitted to negotiate. - # See the mod_ssl documentation for a complete list. - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - - ## Server Certificate: - # Point SSLCertificateFile at a PEM encoded certificate. If the certificate - # is encrypted, then you will be prompted for a pass phrase. Note that a - # kill -HUP will prompt again. Keep in mind that if you have both an RSA - # and a DSA certificate you can configure both in parallel (to also allow - # the use of DSA ciphers, etc.) - #SSLCertificateFile /etc/ssl/apache2/server.crt - SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem - - ## Server Private Key: - # If the key is not combined with the certificate, use this directive to - # point at the key file. Keep in mind that if you've both a RSA and a DSA - # private key you can configure both in parallel (to also allow the use of - # DSA ciphers, etc.) - #SSLCertificateKeyFile /etc/ssl/apache2/server.key - SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem - - ## Server Certificate Chain: - # Point SSLCertificateChainFile at a file containing the concatenation of - # PEM encoded CA certificates which form the certificate chain for the - # server certificate. Alternatively the referenced file can be the same as - # SSLCertificateFile when the CA certificates are directly appended to the - # server certificate for convinience. - #SSLCertificateChainFile /etc/ssl/apache2/ca.crt - - ## Certificate Authority (CA): - # Set the CA certificate verification path where to find CA certificates - # for client authentication or alternatively one huge file containing all - # of them (file must be PEM encoded). - # Note: Inside SSLCACertificatePath you need hash symlinks to point to the - # certificate files. Use the provided Makefile to update the hash symlinks - # after changes. - #SSLCACertificatePath /etc/ssl/apache2/ssl.crt - #SSLCACertificateFile /etc/ssl/apache2/ca-bundle.crt - - ## Certificate Revocation Lists (CRL): - # Set the CA revocation path where to find CA CRLs for client authentication - # or alternatively one huge file containing all of them (file must be PEM - # encoded). - # Note: Inside SSLCARevocationPath you need hash symlinks to point to the - # certificate files. Use the provided Makefile to update the hash symlinks - # after changes. - #SSLCARevocationPath /etc/ssl/apache2/ssl.crl - #SSLCARevocationFile /etc/ssl/apache2/ca-bundle.crl - - ## Client Authentication (Type): - # Client certificate verification type and depth. Types are none, optional, - # require and optional_no_ca. Depth is a number which specifies how deeply - # to verify the certificate issuer chain before deciding the certificate is - # not valid. - #SSLVerifyClient require - #SSLVerifyDepth 10 - - ## Access Control: - # With SSLRequire you can do per-directory access control based on arbitrary - # complex boolean expressions containing server variable checks and other - # lookup directives. The syntax is a mixture between C and Perl. See the - # mod_ssl documentation for more details. - # - # #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ - # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ - # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ - # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ - # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ - # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ - # - - ## SSL Engine Options: - # Set various options for the SSL engine. - - ## FakeBasicAuth: - # Translate the client X.509 into a Basic Authorisation. This means that the - # standard Auth/DBMAuth methods can be used for access control. The user - # name is the `one line' version of the client's X.509 certificate. - # Note that no password is obtained from the user. Every entry in the user - # file needs this password: `xxj31ZMTZzkVA'. - - ## ExportCertData: - # This exports two additional environment variables: SSL_CLIENT_CERT and - # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the server - # (always existing) and the client (only existing when client - # authentication is used). This can be used to import the certificates into - # CGI scripts. - - ## StdEnvVars: - # This exports the standard SSL/TLS related `SSL_*' environment variables. - # Per default this exportation is switched off for performance reasons, - # because the extraction step is an expensive operation and is usually - # useless for serving static content. So one usually enables the exportation - # for CGI and SSI requests only. - - ## StrictRequire: - # This denies access when "SSLRequireSSL" or "SSLRequire" applied even under - # a "Satisfy any" situation, i.e. when it applies access is denied and no - # other module can change it. - - ## OptRenegotiate: - # This enables optimized SSL connection renegotiation handling when SSL - # directives are used in per-directory context. - #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire - - SSLOptions +StdEnvVars - - - - SSLOptions +StdEnvVars - - - ## SSL Protocol Adjustments: - # The safe and default but still SSL/TLS standard compliant shutdown - # approach is that mod_ssl sends the close notify alert but doesn't wait - # for the close notify alert from client. When you need a different - # shutdown approach you can use one of the following variables: - - ## ssl-unclean-shutdown: - # This forces an unclean shutdown when the connection is closed, i.e. no - # SSL close notify alert is send or allowed to received. This violates the - # SSL/TLS standard but is needed for some brain-dead browsers. Use this when - # you receive I/O errors because of the standard approach where mod_ssl - # sends the close notify alert. - - ## ssl-accurate-shutdown: - # This forces an accurate shutdown when the connection is closed, i.e. a - # SSL close notify alert is send and mod_ssl waits for the close notify - # alert of the client. This is 100% SSL/TLS standard compliant, but in - # practice often causes hanging connections with brain-dead browsers. Use - # this only for browsers where you know that their SSL implementation works - # correctly. - # Notice: Most problems of broken clients are also related to the HTTP - # keep-alive facility, so you usually additionally want to disable - # keep-alive for those clients, too. Use variable "nokeepalive" for this. - # Similarly, one has to force some clients to use HTTP/1.0 to workaround - # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and - # "force-response-1.0" for this. - - BrowserMatch ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - - - ## Per-Server Logging: - # The home of a custom SSL log file. Use this when you want a compact - # non-error SSL logfile on a virtual host basis. - - CustomLog /var/log/apache2/ssl_request.log \ - "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - - - - - -# vim: ts=4 filetype=apache -@ - - -1.1 -log -@Initial revision -@ -text -@d10 12 -a21 3 - - - ServerName localhost -d23 2 -a24 1 - ErrorLog /var/log/apache2/ssl_error_log -d27 2 -a28 1 - TransferLog /var/log/apache2/ssl_access_log -d46 2 -a47 1 - SSLCertificateFile /etc/ssl/apache2/server.crt -d54 2 -a55 1 - SSLCertificateKeyFile /etc/ssl/apache2/server.key -d184 1 -a184 1 - CustomLog /var/log/apache2/ssl_request_log \ -@ diff --git a/apache2/vhosts.d/.rcs/00_default_vhost.conf,v b/apache2/vhosts.d/.rcs/00_default_vhost.conf,v deleted file mode 100644 index 39d2bac..0000000 --- a/apache2/vhosts.d/.rcs/00_default_vhost.conf,v +++ /dev/null @@ -1,96 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.05.28.11.26.56; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.28.10.14.26; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@# Virtual Hosts -# -# If you want to maintain multiple domains/hostnames on your -# machine you can setup VirtualHost containers for them. Most configurations -# use only name-based virtual hosts so the server doesn't need to worry about -# IP addresses. This is indicated by the asterisks in the directives below. -# -# Please see the documentation at -# -# for further details before you try to setup virtual hosts. -# -# You may use the command line option '-S' to verify your virtual host -# configuration. - - -# see bug #178966 why this is in here - -# Listen: Allows you to bind Apache to specific IP addresses and/or -# ports, instead of the default. See also the -# directive. -# -# Change this to Listen on specific IP addresses as shown below to -# prevent Apache from glomming onto all bound IP addresses. -# -#Listen 12.34.56.78:80 -Listen 80 -#Listen 127.0.0.1:80 -#Listen 85.214.134.152:80 -#Listen [::1]:80 -#Listen [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]:80 -#Listen [fe80::4261:86ff:feec:c1eb]:80 - -# Use name-based virtual hosting. -NameVirtualHost *:80 - -# When virtual hosts are enabled, the main host defined in the default -# httpd.conf configuration will go away. We redefine it here so that it is -# still available. -# -# If you disable this vhost by removing -D DEFAULT_VHOST from -# /etc/conf.d/apache2, the first defined virtual host elsewhere will be -# the default. - - ServerName www.brehm-online.com - Include /etc/apache2/vhosts.d/default_vhost.include - #Include /etc/apache2/vhosts.d/nagios.include - - - ServerEnvironment apache apache - - - - -# vim: ts=4 filetype=apache -@ - - -1.1 -log -@Initial revision -@ -text -@d27 5 -d44 1 -a44 1 - ServerName localhost -d46 1 -@ diff --git a/apache2/vhosts.d/.rcs/01_myadmin.conf,v b/apache2/vhosts.d/.rcs/01_myadmin.conf,v deleted file mode 100644 index a96ba1b..0000000 --- a/apache2/vhosts.d/.rcs/01_myadmin.conf,v +++ /dev/null @@ -1,123 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.10.20.08.45.11; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.28.12.47.02; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@ - - - - - - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem - SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem - - SSLOptions +StdEnvVars - - - - SSLOptions +StdEnvVars - - - - BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - ServerName myadmin.brehm-online.com - ServerAlias myadmin - ServerAlias myadmin.brehm-online.eu - ServerAlias myadmin.brehm-berlin.de - - DocumentRoot /var/www/myadmin/htdocs - - ErrorLog /var/log/apache2/myadmin-error.log - LogLevel warn - CustomLog /var/log/apache2/myadmin-access.log full - - - php_value session.gc_maxlifetime 3600 - - - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all -# AuthType Basic -# AuthName "phpMyadmin brehm-online.com" -# AuthUserFile /etc/apache2/myadmin.passwd -# Require valid-user - - - - #AddType application/x-httpd-php .php - - php_flag magic_quotes_gpc Off - php_flag track_vars On - php_flag register_globals Off - #php_value include_path . - - # Suhosin dependend .. - # suhosin.request.max_vars should be increased (eg. 2048) - php_value suhosin.request.max_vars 2048 - # suhosin.post.max_vars should be increased (eg. 2048) - php_value suhosin.post.max_vars 2048 - # suhosin.request.max_array_index_length should be increased (eg. 256) - php_value suhosin.request.max_array_index_length 256 - # suhosin.post.max_array_index_length should be increased (eg. 256) - php_value suhosin.post.max_array_index_length 256 - # suhosin.request.max_totalname_length should be increased (eg. 8192) - php_value suhosin.request.max_totalname_length 8192 - # suhosin.post.max_totalname_length should be increased (eg. 8192) - php_value suhosin.post.max_totalname_length 8192 - # suhosin.sql.bailout_on_error needs to be disabled (the default) - php_flag suhosin.sql.bailout_on_error off - # suhosin.log.* should not include SQL, otherwise you get big slowdown - - - - - - - - - - - - -# vim: ts=4 filetype=apache -@ - - -1.1 -log -@Initial revision -@ -text -@d47 30 -@ diff --git a/apache2/vhosts.d/.rcs/02_morph.conf,v b/apache2/vhosts.d/.rcs/02_morph.conf,v deleted file mode 100644 index bdf2064..0000000 --- a/apache2/vhosts.d/.rcs/02_morph.conf,v +++ /dev/null @@ -1,263 +0,0 @@ -head 1.5; -access; -symbols; -locks; strict; -comment @# @; - - -1.5 -date 2011.02.04.11.40.09; author root; state Exp; -branches; -next 1.4; - -1.4 -date 2010.11.25.08.59.29; author root; state Exp; -branches; -next 1.3; - -1.3 -date 2010.08.13.07.28.35; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.05.28.13.29.15; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.28.13.23.42; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.5 -log -@Checked in. -@ -text -@ - - ServerName bmrmorph.de - ServerAlias www.bmrmorph.de - - redirect permanent / http://blog.bmrmorph.de/ - - ErrorLog /var/log/apache2/morph-error.log - LogLevel warn - CustomLog /var/log/apache2/morph-access.log full - - - - - - ServerName ddr.bmrmorph.de - ServerAlias www.ddr.bmrmorph.de - - DocumentRoot /home/morph/htdocs/ddr.bmrmorph.de - - ErrorLog /var/log/apache2/morph-error.log - LogLevel warn - CustomLog /var/log/apache2/morph-access.log full - - - Options -Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - - - - - - ServerName allianz-der-schattenritter.de - ServerAlias www.allianz-der-schattenritter.de - - DocumentRoot /home/morph/htdocs/allianz-der-schattenritter.de - - ErrorLog /var/log/apache2/morph-error.log - LogLevel warn - CustomLog /var/log/apache2/morph-access.log full - - - Options -Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - - - - - - ServerName blog.bmrmorph.de - - DocumentRoot /home/morph/htdocs/blog.bmrmorph.de - - ErrorLog /var/log/apache2/morph-error.log - LogLevel warn - CustomLog /var/log/apache2/morph-access.log full - - - Options -Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - Options -Indexes FollowSymLinks - AllowOverride None - ErrorDocument 403 http://blog.bmrmorph.de/ - RewriteEngine On - RewriteCond %{HTTP_REFERER} !^http://blog\.bmrmorph\.de/ [NC] - RewriteRule .*\.(jpg|bmp|png|gif|doc|xls|pdf|xlsx|docx|zip|tar|gz)$ http://blog.bmrmorph.de/ [NC] - - - - - - - ServerName testing.bmrmorph.de - - DocumentRoot /home/morph/htdocs/testing.bmrmorph.de - - ErrorLog /var/log/apache2/morph-error.log - LogLevel warn - CustomLog /var/log/apache2/morph-access.log full - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - - -# vim: ts=4 filetype=apache -@ - - -1.4 -log -@Checked in. -@ -text -@d6 1 -a6 1 - DocumentRoot /home/morph/htdocs -a11 7 - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - -d26 1 -a26 1 - Options Indexes FollowSymLinks -d46 1 -a46 1 - Options Indexes FollowSymLinks -d56 1 -a56 2 - ServerName reunion.bmrmorph.de - ServerAlias www.reunion.bmrmorph.de -d58 1 -a58 1 - DocumentRoot /home/morph/htdocs/reunion.bmrmorph.de -d64 2 -a65 2 - - Options Indexes FollowSymLinks -d70 8 -@ - - -1.3 -log -@Checked in. -@ -text -@d83 1 -a83 2 - ServerName joomla.bmrmorph.de - ServerAlias www.joomla.bmrmorph.de -d85 1 -a85 1 - DocumentRoot /home/morph/htdocs/joomla.bmrmorph.de -d91 1 -a91 1 - -@ - - -1.2 -log -@Checked in. -@ -text -@a62 40 - ServerName webalizer.bmrmorph.de - ServerAlias www.webalizer.bmrmorph.de - - DocumentRoot /home/morph/htdocs/webalizer.bmrmorph.de - - ErrorLog /var/log/apache2/morph-error.log - LogLevel warn - CustomLog /var/log/apache2/morph-access.log full - - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - - - - - - ServerName phpmyadmin.bmrmorph.de - ServerAlias www.phpmyadmin.bmrmorph.de - - DocumentRoot /home/morph/htdocs/phpmyadmin.bmrmorph.de - - ErrorLog /var/log/apache2/morph-error.log - LogLevel warn - CustomLog /var/log/apache2/morph-access.log full - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - - - - -@ - - -1.1 -log -@Initial revision -@ -text -@d9 1 -d29 1 -d49 1 -d69 1 -d89 1 -d109 1 -d129 1 -@ diff --git a/apache2/vhosts.d/.rcs/04_fotoalbum.conf,v b/apache2/vhosts.d/.rcs/04_fotoalbum.conf,v deleted file mode 100644 index 7424b2e..0000000 --- a/apache2/vhosts.d/.rcs/04_fotoalbum.conf,v +++ /dev/null @@ -1,64 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.28.13.36.49; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.1 -log -@Initial revision -@ -text -@ - - ServerName fotoalbum.brehm-online.com - ServerAlias fotoalbum.hennig-berlin.org - ServerAlias fotoalbum.uhu-banane.de - ServerAlias fotoalbum.uhu-banane.net - ServerAlias fotoalbum.brehm-online.eu - ServerAlias fotoalbum - - DocumentRoot /var/www/fotoalbum/htdocs - - ErrorLog /var/log/apache2/fotoalbum-error.log - LogLevel warn - CustomLog /var/log/apache2/fotoalbum-access.log full - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - Alias /album_themes "/var/www/localhost/htdocs/album_themes" - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - - ScriptAlias /cgi-bin/ "/var/www/fotoalbum/cgi-bin/" - - AllowOverride None - Options None - Order allow,deny - Allow from all - - - - -@ diff --git a/apache2/vhosts.d/.rcs/05_bautagebuch.conf,v b/apache2/vhosts.d/.rcs/05_bautagebuch.conf,v deleted file mode 100644 index ea3ede4..0000000 --- a/apache2/vhosts.d/.rcs/05_bautagebuch.conf,v +++ /dev/null @@ -1,56 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.28.13.47.18; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.1 -log -@Initial revision -@ -text -@ - - ServerName bautagebuch.brehm-online.com - ServerAlias bautagebuch.hennig-berlin.org - ServerAlias bautagebuch.uhu-banane.de - ServerAlias bautagebuch.uhu-banane.net - ServerAlias bautagebuch.brehm-online.eu - ServerAlias bautagebuch - - DocumentRoot /var/www/bautagebuch/htdocs - - ErrorLog /var/log/apache2/bautagebuch-error.log - LogLevel warn - CustomLog /var/log/apache2/bautagebuch-access.log full - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - ScriptAlias /cgi-bin/ "/var/www/bautagebuch/cgi-bin/" - - AllowOverride None - Options None - Order allow,deny - Allow from all - - - - -@ diff --git a/apache2/vhosts.d/.rcs/06_webmail.conf,v b/apache2/vhosts.d/.rcs/06_webmail.conf,v deleted file mode 100644 index 44cb11e..0000000 --- a/apache2/vhosts.d/.rcs/06_webmail.conf,v +++ /dev/null @@ -1,154 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.29.21.41.01; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.1 -log -@Initial revision -@ -text -@ - - - - - - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem - SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem - - SSLOptions +StdEnvVars - - - - SSLOptions +StdEnvVars - - - - BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - ServerName webmail.brehm-online.com -# ServerAlias webmail -# ServerAlias webmail.brehm-online.eu -# ServerAlias webmail.brehm-berlin.de -# ServerAlias webmail.hennig-berlin.org -# ServerAlias webmail.uhu-banane.de -# ServerAlias webmail.uhu-banane.com - -# DocumentRoot /var/www/webmail/htdocs/horde/imp - DocumentRoot /var/www/webmail/htdocs/horde - - Alias /horde/ /var/www/webmail/htdocs/horde/ -# Alias /js/ /var/www/webmail/htdocs/horde/js/ - Alias /gollem/ /var/www/webmail/htdocs/horde/gollem/ - Alias /imp/ /var/www/webmail/htdocs/horde/imp/ - Alias /ingo/ /var/www/webmail/htdocs/horde/ingo/ - Alias /kronolith/ /var/www/webmail/htdocs/horde/kronolith/ - Alias /mnemo/ /var/www/webmail/htdocs/horde/mnemo/ - Alias /nag/ /var/www/webmail/htdocs/horde/nag/ - Alias /passwd/ /var/www/webmail/htdocs/horde/passwd/ - Alias /turba/ /var/www/webmail/htdocs/horde/turba/ - - ErrorLog /var/log/apache2/webmail-error.log - LogLevel warn - CustomLog /var/log/apache2/webmail-access.log full - - - php_admin_flag engine on - php_admin_flag magic_quotes_gpc off - php_admin_flag safe_mode off - php_admin_flag display_errors off - php_admin_flag log_errors on - php_admin_value error_reporting "E_ALL & ~E_NOTICE" - - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - # AuthType Basic - # AuthName "phpMyadmin brehm-online.com" - # AuthUserFile /etc/apache2/myadmin.passwd - # Require valid-user - - - - - - - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem - SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem - - SSLOptions +StdEnvVars - - - - SSLOptions +StdEnvVars - - - - BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - ServerName webmail.brehm-online.eu - ServerAlias webmail - ServerAlias webmail.brehm-berlin.de - ServerAlias webmail.hennig-berlin.org - ServerAlias webmail.uhu-banane.de - ServerAlias webmail.uhu-banane.com - - DocumentRoot /var/www/webmail/htdocs/horde/imp - - Redirect permanent / https://webmail.brehm-online.com/ - - ErrorLog /var/log/apache2/webmail-error.log - LogLevel warn - CustomLog /var/log/apache2/webmail-access-redirect.log full - - - - - - - - - - ServerName webmail.brehm-online.com - ServerAlias webmail - ServerAlias webmail.brehm-online.eu - ServerAlias webmail.brehm-berlin.de - ServerAlias webmail.hennig-berlin.org - ServerAlias webmail.uhu-banane.de - ServerAlias webmail.uhu-banane.com - - DocumentRoot /var/www/webmail/htdocs/horde/imp - - Redirect permanent / https://webmail.brehm-online.com/ - - ErrorLog /var/log/apache2/webmail-error.log - LogLevel warn - CustomLog /var/log/apache2/webmail-access-redirect.log full - - - - -@ diff --git a/apache2/vhosts.d/.rcs/09_ldap.conf,v b/apache2/vhosts.d/.rcs/09_ldap.conf,v deleted file mode 100644 index 0ee9be7..0000000 --- a/apache2/vhosts.d/.rcs/09_ldap.conf,v +++ /dev/null @@ -1,113 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.06.17.19.54.00; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2007.12.02.14.58.10; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@ - - ServerName ldap.brehm-online.com - ServerAlias ldap - ServerAlias ldap.brehm-online.eu - ServerAlias ldap.brehm-berlin.de - - DocumentRoot /var/www/ldap/htdocs/htdocs - - ErrorLog /var/log/apache2/ldap-error.log - LogLevel warn - CustomLog /var/log/apache2/ldap-access.log full - - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all -# AuthType Basic -# AuthName "phpldapadmin brehm-online.com" -# AuthUserFile /etc/apache2/myadmin.passwd -# Require valid-user - - - - - - - - - - - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem - SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem - - SSLOptions +StdEnvVars - - - - BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - ServerName ldap.brehm-online.com - ServerAlias ldap - ServerAlias ldap.brehm-online.eu - ServerAlias ldap.brehm-berlin.de - - DocumentRoot /var/www/ldap/htdocs/htdocs - - ErrorLog /var/log/apache2/ldap-error.log - LogLevel warn - CustomLog /var/log/apache2/ldap-access.log full - - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all -# AuthType Basic -# AuthName "phpldapadmin brehm-online.com" -# AuthUserFile /etc/apache2/myadmin.passwd -# Require valid-user - - - - - - - - - - -@ - - -1.1 -log -@Initial revision -@ -text -@d11 1 -d53 1 -@ diff --git a/apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v b/apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v deleted file mode 100644 index 0db6f56..0000000 --- a/apache2/vhosts.d/.rcs/10_kfz-dlb.conf,v +++ /dev/null @@ -1,88 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.11.02.19.49.03; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.30.07.35.31; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@ - - ServerName kfz-dlb.uhu-banane.net - ServerAlias kfz-dlb.uhu-banane.de - ServerAlias kfz-dlb.brehm-online.com - ServerAlias kfz-dlb.brehm-online.eu - ServerAlias www.kfz-dlb.uhu-banane.net - ServerAlias www.kfz-dlb.uhu-banane.de - ServerAlias www.kfz-dlb.brehm-online.com - ServerAlias www.kfz-dlb.brehm-online.eu - - DocumentRoot /var/www/kfz-dlb/htdocs - - ErrorLog /var/log/apache2/kfz-dlb-error.log - CustomLog /var/log/apache2/kfz-dlb-access.log full - - Alias /uploads "/var/www/kfz-dlb/htdocs/uploads" - - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - - - php_flag session.auto_start Off - php_value default_charset "utf-8" - php_value upload_max_filesize "15M" - php_admin_flag allow_url_fopen off - php_flag register_globals off - php_flag register_argc_argv off - php_flag magic_quotes_gpc off - php_value variables_order "GPCS" - # php_value error_reporting "E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR" - php_value error_reporting "4177" - - - - -@ - - -1.1 -log -@Initial revision -@ -text -@d27 3 -a29 3 - php_flag session.auto_start Off - php_value default_charset "utf-8" - php_value upload_max_filesize "15M" -d31 6 -a36 4 - php_flag register_globals off - php_flag register_argc_argv off - php_flag magic_quotes_gpc off - php_value variables_order "GPCS" -@ diff --git a/apache2/vhosts.d/.rcs/11-books-nossl.conf,v b/apache2/vhosts.d/.rcs/11-books-nossl.conf,v deleted file mode 100644 index 62abb8f..0000000 --- a/apache2/vhosts.d/.rcs/11-books-nossl.conf,v +++ /dev/null @@ -1,31 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2011.03.25.19.14.06; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@ - - Include /etc/apache2/vhosts.d/books_vhost.include - - - -# vim: ts=4 filetype=apache expandtab fileencoding=utf-8 -@ diff --git a/apache2/vhosts.d/.rcs/11-books-ssl.conf,v b/apache2/vhosts.d/.rcs/11-books-ssl.conf,v deleted file mode 100644 index a0df0c9..0000000 --- a/apache2/vhosts.d/.rcs/11-books-ssl.conf,v +++ /dev/null @@ -1,62 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2011.03.25.19.22.26; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@ - - - - - Include /etc/apache2/vhosts.d/books_vhost.include - - #TransferLog /var/log/apache2/ssl_access_log - CustomLog /var/log/apache2/ssl_access.log full - - - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem - SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem - - - SSLOptions +StdEnvVars - - - - SSLOptions +StdEnvVars - - - - BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - - CustomLog /var/log/apache2/ssl_request.log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - - - - - - -# vim: ts=4 filetype=apache expandtab fileencoding=utf-8 -@ diff --git a/apache2/vhosts.d/.rcs/12_dyndns.conf,v b/apache2/vhosts.d/.rcs/12_dyndns.conf,v deleted file mode 100644 index fc5c1d2..0000000 --- a/apache2/vhosts.d/.rcs/12_dyndns.conf,v +++ /dev/null @@ -1,84 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.30.07.15.57; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.1 -log -@Initial revision -@ -text -@ - - - - - - SSLEngine on - SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL - SSLCertificateFile /etc/apache2/ssl/myadmin-cert.pem - SSLCertificateKeyFile /etc/apache2/ssl/myadmin-cert.pem - - SSLOptions +StdEnvVars - - - - ScriptAlias /cgi-bin/ "/var/www/dyndns/cgi-bin/" - - - - SSLOptions +StdEnvVars - AllowOverride None - Options None - Order allow,deny - Allow from all - - - - BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 - - - ServerName dyndns.uhu-banane.de - ServerAlias dyndns - ServerAlias dyndns.brehm-online.eu - ServerAlias dyndns.brehm-berlin.de - ServerAlias dyndns.brehm-online.com - ServerAlias dyndns.uhu-banane.net - - DocumentRoot /var/www/dyndns/htdocs - - ErrorLog /var/log/apache2/dyndns-error.log - LogLevel warn - CustomLog /var/log/apache2/dyndns-access.log full - - - Options Indexes FollowSymLinks - AllowOverride None - Order allow,deny - Allow from all - - - - - - - - - - - - -@ diff --git a/apache2/vhosts.d/.rcs/books_vhost.include,v b/apache2/vhosts.d/.rcs/books_vhost.include,v deleted file mode 100644 index 1da70b9..0000000 --- a/apache2/vhosts.d/.rcs/books_vhost.include,v +++ /dev/null @@ -1,51 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2011.03.25.19.47.39; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@ServerName books.brehm-online.com -ServerAlias books -ServerAlias buecher -ServerAlias buecher.brehm-online.com -ServerAlias books.brehm-berlin.de -ServerAlias buecher.brehm-berlin.de -ServerAlias books.brehm-online.eu -ServerAlias buecher.brehm-online.eu - -#FastCgiExternalServer /tmp/frbr_books1_app.fcgi -socket /tmp/frbr_books_app.sock - -DocumentRoot /var/www/books/root -Alias /static /var/www/books/root/static -Alias / /tmp/frbr_books_app.fcgi/ - -ErrorLog /var/log/apache2/books-error.log -LogLevel info -CustomLog /var/log/apache2/books-access.log full - - - #AllowOverride None - Options None - Order allow,deny - Allow from all - - -# vim: filetype=apache ts=4 expandtab fileencoding=utf-8 -@ diff --git a/apache2/vhosts.d/.rcs/default_vhost.include,v b/apache2/vhosts.d/.rcs/default_vhost.include,v deleted file mode 100644 index e8c3d2c..0000000 --- a/apache2/vhosts.d/.rcs/default_vhost.include,v +++ /dev/null @@ -1,277 +0,0 @@ -head 1.5; -access; -symbols; -locks; strict; -comment @# @; - - -1.5 -date 2011.03.25.19.03.28; author root; state Exp; -branches; -next 1.4; - -1.4 -date 2010.08.20.05.30.45; author root; state Exp; -branches; -next 1.3; - -1.3 -date 2010.06.07.20.36.11; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.05.28.11.43.29; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.28.10.14.26; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.5 -log -@Checked in. -@ -text -@# ServerAdmin: Your address, where problems with the server should be -# e-mailed. This address appears on some server-generated pages, such -# as error documents. e.g. admin@@your-domain.com -#ServerAdmin root@@localhost -ServerAdmin frank@@brehm-online.com - -# DocumentRoot: The directory out of which you will serve your -# documents. By default, all requests are taken from this directory, but -# symbolic links and aliases may be used to point to other locations. -# -# If you change this to something that isn't under /var/www then suexec -# will no longer work. -DocumentRoot "/var/www/localhost/htdocs" - -# This should be changed to whatever you set DocumentRoot to. - - # Possible values for the Options directive are "None", "All", - # or any combination of: - # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews - # - # Note that "MultiViews" must be named *explicitly* --- "Options All" - # doesn't give it to you. - # - # The Options directive is both complicated and important. Please see - # http://httpd.apache.org/docs/2.2/mod/core.html#options - # for more information. - Options Indexes FollowSymLinks - - # AllowOverride controls what directives may be placed in .htaccess files. - # It can be "All", "None", or any combination of the keywords: - # Options FileInfo AuthConfig Limit - AllowOverride All - - # Controls who can get stuff from this server. - Order allow,deny - Allow from all - - - - # Redirect: Allows you to tell clients about documents that used to - # exist in your server's namespace, but do not anymore. The client - # will make a new request for the document at its new location. - # Example: - # Redirect permanent /foo http://www.example.com/bar - - # Alias: Maps web paths into filesystem paths and is used to - # access content that does not live under the DocumentRoot. - # Example: - # Alias /webpath /full/filesystem/path - # - # If you include a trailing / on /webpath then the server will - # require it to be present in the URL. You will also likely - # need to provide a section to allow access to - # the filesystem path. - - Alias /distfiles/ /usr/portage/distfiles/ - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - Redirect permanent /FotoAlbum http://fotoalbum.brehm-online.com - Redirect permanent /fotoalbum http://fotoalbum.brehm-online.com - Redirect permanent /Foto_Album http://fotoalbum.brehm-online.com - Redirect permanent /foto_album http://fotoalbum.brehm-online.com - Redirect permanent /Foto-Album http://fotoalbum.brehm-online.com - Redirect permanent /foto-album http://fotoalbum.brehm-online.com - - Alias /Neues_Haus /home/frank/docs/Neues_Haus - Alias /neues_haus /home/frank/docs/Neues_Haus - Alias /Neues-Haus /home/frank/docs/Neues_Haus - Alias /neues-haus /home/frank/docs/Neues_Haus - Alias /NeuesHaus /home/frank/docs/Neues_Haus - Alias /neueshaus /home/frank/docs/Neues_Haus - - - Options Indexes FollowSymLinks - # IndexOptions FancyIndexing FoldersFirst IgnoreCase NameWidth=60 - # IndexOptions FancyIndexing FoldersFirst HTMLTable IgnoreCase NameWidth=50 - # AddDefaultCharset utf-8 - AddDefaultCharset utf-8 - AllowOverride All - Order allow,deny - Allow from all - - - Alias /oreilly /var/lib/backup-once/oreilly - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - # ScriptAlias: This controls which directories contain server scripts. - # ScriptAliases are essentially the same as Aliases, except that - # documents in the target directory are treated as applications and - # run by the server when requested rather than as documents sent to the - # client. The same rules about trailing "/" apply to ScriptAlias - # directives as to Alias. - ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/" - - - Alias /books/static /var/www/books/root/static - Alias /books/ /tmp/frbr_books_app.fcgi/ - #Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ - - #AllowOverride None - Options None - Order allow,deny - Allow from all - - - - Alias /repo-browser/books/ /home/frank/devel/books/repo-browser/ - - Options Indexes FollowSymLinks - Allow from all - - - - -# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased -# CGI directory exists, if you have that configured. - - AllowOverride None - Options None - Order allow,deny - Allow from all - - -# vim: filetype=apache ts=4 expandtab fileencoding=utf-8 -@ - - -1.4 -log -@Checked in. -@ -text -@d17 20 -a36 20 - # Possible values for the Options directive are "None", "All", - # or any combination of: - # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews - # - # Note that "MultiViews" must be named *explicitly* --- "Options All" - # doesn't give it to you. - # - # The Options directive is both complicated and important. Please see - # http://httpd.apache.org/docs/2.2/mod/core.html#options - # for more information. - Options Indexes FollowSymLinks - - # AllowOverride controls what directives may be placed in .htaccess files. - # It can be "All", "None", or any combination of the keywords: - # Options FileInfo AuthConfig Limit - AllowOverride All - - # Controls who can get stuff from this server. - Order allow,deny - Allow from all -d40 21 -a60 21 - # Redirect: Allows you to tell clients about documents that used to - # exist in your server's namespace, but do not anymore. The client - # will make a new request for the document at its new location. - # Example: - # Redirect permanent /foo http://www.example.com/bar - - # Alias: Maps web paths into filesystem paths and is used to - # access content that does not live under the DocumentRoot. - # Example: - # Alias /webpath /full/filesystem/path - # - # If you include a trailing / on /webpath then the server will - # require it to be present in the URL. You will also likely - # need to provide a section to allow access to - # the filesystem path. - - Alias /distfiles/ /usr/portage/distfiles/ - - - Options Indexes FollowSymLinks - AllowOverride All -d135 1 -a135 1 -# vim: ts=4 filetype=apache -@ - - -1.3 -log -@Checked in. -@ -text -@d90 8 -@ - - -1.2 -log -@Checked in. -@ -text -@d98 11 -a108 10 -# -# Alias /books/static /var/www/books/root/static -# Alias /books/ /var/www/books/script/frbr_books_fastcgi.pl/ -# -# #AllowOverride None -# Options None -# Order allow,deny -# Allow from all -# -# -@ - - -1.1 -log -@Initial revision -@ -text -@d4 2 -a5 1 -ServerAdmin root@@localhost -d56 34 -d97 18 -@ diff --git a/apache2/vhosts.d/05_bautagebuch.conf b/apache2/vhosts.d/05_bautagebuch.conf index 8785dbe..7c61307 100644 --- a/apache2/vhosts.d/05_bautagebuch.conf +++ b/apache2/vhosts.d/05_bautagebuch.conf @@ -1,32 +1,32 @@ - - - ServerName bautagebuch.brehm-online.com - ServerAlias bautagebuch.hennig-berlin.org - ServerAlias bautagebuch.uhu-banane.de - ServerAlias bautagebuch.uhu-banane.net - ServerAlias bautagebuch.brehm-online.eu - ServerAlias bautagebuch - - DocumentRoot /var/www/bautagebuch/htdocs - - ErrorLog /var/log/apache2/bautagebuch-error.log - LogLevel warn - CustomLog /var/log/apache2/bautagebuch-access.log full - - - Options Indexes FollowSymLinks - AllowOverride All - Order allow,deny - Allow from all - - - ScriptAlias /cgi-bin/ "/var/www/bautagebuch/cgi-bin/" - - AllowOverride None - Options None - Order allow,deny - Allow from all - - - +# +# +# ServerName bautagebuch.brehm-online.com +# ServerAlias bautagebuch.hennig-berlin.org +# ServerAlias bautagebuch.uhu-banane.de +# ServerAlias bautagebuch.uhu-banane.net +# ServerAlias bautagebuch.brehm-online.eu +# ServerAlias bautagebuch +# +# DocumentRoot /var/www/bautagebuch/htdocs +# +# ErrorLog /var/log/apache2/bautagebuch-error.log +# LogLevel warn +# CustomLog /var/log/apache2/bautagebuch-access.log full +# +# +# Options Indexes FollowSymLinks +# AllowOverride All +# Order allow,deny +# Allow from all +# +# +# ScriptAlias /cgi-bin/ "/var/www/bautagebuch/cgi-bin/" +# +# AllowOverride None +# Options None +# Order allow,deny +# Allow from all +# +# +# diff --git a/audisp/audisp-remote.conf b/audisp/audisp-remote.conf index 93d01c1..608e070 100644 --- a/audisp/audisp-remote.conf +++ b/audisp/audisp-remote.conf @@ -5,8 +5,27 @@ remote_server = port = 60 +##local_port = transport = tcp +queue_file = /var/spool/audit/remote.log mode = immediate -queue_depth = 20 -fail_action = SYSLOG +queue_depth = 2048 +format = managed +network_retry_time = 1 +max_tries_per_record = 3 +max_time_per_record = 5 +heartbeat_timeout = 0 +network_failure_action = stop +disk_low_action = ignore +disk_full_action = ignore +disk_error_action = syslog +remote_ending_action = suspend +generic_error_action = syslog +generic_warning_action = syslog +overflow_action = syslog + +##enable_krb5 = no +##krb5_principal = +##krb5_client_name = auditd +##krb5_key_file = /etc/audisp/audisp-remote.key diff --git a/audisp/audispd.conf b/audisp/audispd.conf index 9989dc2..eff4103 100644 --- a/audisp/audispd.conf +++ b/audisp/audispd.conf @@ -3,9 +3,10 @@ # dispatcher daemon, audispd. # -q_depth = 80 +q_depth = 120 overflow_action = SYSLOG priority_boost = 4 +max_restarts = 10 name_format = HOSTNAME #name = mydomain diff --git a/audisp/plugins.d/af_unix.conf b/audisp/plugins.d/af_unix.conf index 8bba3e3..a5ba8b1 100644 --- a/audisp/plugins.d/af_unix.conf +++ b/audisp/plugins.d/af_unix.conf @@ -5,7 +5,7 @@ # plugin can take 2 arguments, the path for the # socket and the socket permissions in octal. -active = yes +active = no direction = out path = builtin_af_unix type = builtin diff --git a/audisp/plugins.d/syslog.conf b/audisp/plugins.d/syslog.conf index a0c9df7..d603b2f 100644 --- a/audisp/plugins.d/syslog.conf +++ b/audisp/plugins.d/syslog.conf @@ -1,6 +1,9 @@ -# This file controls the configuration of the -# syslog plugin. It simply takes events and writes -# them to syslog. +# This file controls the configuration of the syslog plugin. +# It simply takes events and writes them to syslog. The +# arguments provided can be the default priority that you +# want the events written with. And optionally, you can give +# a second argument indicating the facility that you want events +# logged to. Valid options are LOG_LOCAL0 through 7. active = no direction = out diff --git a/audit/audit.rules b/audit/audit.rules index 9d9578e..b2b4f02 100644 --- a/audit/audit.rules +++ b/audit/audit.rules @@ -1,6 +1,6 @@ -# Copyright 1999-2005 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $ # # This file contains the auditctl rules that are loaded # whenever the audit daemon is started via the initscripts. @@ -14,12 +14,13 @@ # Feel free to add below this line. See auditctl man page # The following rule would cause all of the syscalls listed to be ignored in logging. -# -a entry,never -S read -S write -S open -S fstat -S fstat64 -S mmap -S brk -S munmap -S _llseek -S nanosleep -S fcntl64 -S close -S dup2 -S rt_sigaction -S stat64 -S stat +-a exit,never -F arch=b32 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat +-a exit,never -F arch=b64 -S read -S write -S open -S fstat -S mmap -S brk -S munmap -S nanosleep -S fcntl -S close -S dup2 -S rt_sigaction -S stat # The following rule would cause the capture of all systems not caught above. -# -a entry,always -S all +# -a exit,always -S all # Increase the buffers to survive stress events --b 256 +-b 8192 # vim:ft=conf: diff --git a/audit/audit.rules.stop.pre b/audit/audit.rules.stop.pre index c404b51..c5fb4f9 100644 --- a/audit/audit.rules.stop.pre +++ b/audit/audit.rules.stop.pre @@ -1,6 +1,6 @@ -# Copyright 1999-2005 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.pre,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/audit.rules.stop.pre,v 1.2 2011/09/11 02:58:55 robbat2 Exp $ # # This file contains the auditctl rules that are loaded immediately before the # audit deamon is stopped via the initscripts. @@ -10,4 +10,7 @@ # auditd is stopping, don't capture events anymore -D +# Disable kernel generating audit events +-e 0 + # vim:ft=conf: diff --git a/audit/auditd.conf b/audit/auditd.conf index e8071a0..fdc93f0 100644 --- a/audit/auditd.conf +++ b/audit/auditd.conf @@ -8,12 +8,12 @@ log_group = root priority_boost = 4 flush = INCREMENTAL freq = 20 -num_logs = 4 +num_logs = 5 disp_qos = lossy dispatcher = /sbin/audispd name_format = NONE ##name = mydomain -max_log_file = 5 +max_log_file = 6 max_log_file_action = ROTATE space_left = 75 space_left_action = SYSLOG @@ -22,4 +22,11 @@ admin_space_left = 50 admin_space_left_action = SUSPEND disk_full_action = SUSPEND disk_error_action = SUSPEND - +##tcp_listen_port = +tcp_listen_queue = 5 +tcp_max_per_addr = 1 +##tcp_client_ports = 1024-65535 +tcp_client_max_idle = 0 +enable_krb5 = no +krb5_principal = auditd +##krb5_key_file = /etc/audit/audit.key diff --git a/auto.master b/auto.master new file mode 100644 index 0000000..9fe5609 --- /dev/null +++ b/auto.master @@ -0,0 +1,23 @@ +# +# Sample auto.master file +# This is an automounter map and it has the following format +# key [ -mount-options-separated-by-comma ] location +# For details of the format look at autofs(5). +# +/misc /etc/auto.misc +# +# NOTE: mounts done from a hosts map will be mounted with the +# "nosuid" and "nodev" options unless the "suid" and "dev" +# options are explicitly given. +# +/net -hosts +# +# Include central master map if it can be found using +# nsswitch sources. +# +# Note that if there are entries for /net or /misc (as +# above) in the included master map any keys that are the +# same will not be seen as the first read key seen takes +# precedence. +# ++auto.master diff --git a/auto.misc b/auto.misc new file mode 100644 index 0000000..0ee5e75 --- /dev/null +++ b/auto.misc @@ -0,0 +1,15 @@ +# +# This is an automounter map and it has the following format +# key [ -mount-options-separated-by-comma ] location +# Details may be found in the autofs(5) manpage + +cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom + +# the following entries are samples to pique your imagination +#linux -ro,soft,intr ftp.example.org:/pub/linux +#boot -fstype=ext2 :/dev/hda1 +#floppy -fstype=auto :/dev/fd0 +#floppy -fstype=ext2 :/dev/fd0 +#e2floppy -fstype=ext2 :/dev/fd0 +#jaz -fstype=ext2 :/dev/sdc1 +#removable -fstype=ext2 :/dev/hdd diff --git a/auto.net b/auto.net new file mode 100755 index 0000000..ba03447 --- /dev/null +++ b/auto.net @@ -0,0 +1,43 @@ +#!/bin/bash + +# This file must be executable to work! chmod 755! + +# Look at what a host is exporting to determine what we can mount. +# This is very simple, but it appears to work surprisingly well + +key="$1" + +# add "nosymlink" here if you want to suppress symlinking local filesystems +# add "nonstrict" to make it OK for some filesystems to not mount +opts="-fstype=nfs,hard,intr,nodev,nosuid" + +# Showmount comes in a number of names and varieties. "showmount" is +# typically an older version which accepts the '--no-headers' flag +# but ignores it. "kshowmount" is the newer version installed with knfsd, +# which both accepts and acts on the '--no-headers' flag. +#SHOWMOUNT="kshowmount --no-headers -e $key" +#SHOWMOUNT="showmount -e $key | tail -n +2" + +for P in /bin /sbin /usr/bin /usr/sbin +do + for M in showmount kshowmount + do + if [ -x $P/$M ] + then + SMNT=$P/$M + break + fi + done +done + +[ -x $SMNT ] || exit 1 + +# Newer distributions get this right +SHOWMOUNT="$SMNT --no-headers -e $key" + +$SHOWMOUNT | LC_ALL=C sort -k 1 | \ + awk -v key="$key" -v opts="$opts" -- ' + BEGIN { ORS=""; first=1 } + { if (first) { print opts; first=0 }; print " \\\n\t" $1, key ":" $1 } + END { if (!first) print "\n"; else exit 1 } + ' | sed 's/#/\\#/g' diff --git a/auto.smb b/auto.smb new file mode 100755 index 0000000..2dfb8f8 --- /dev/null +++ b/auto.smb @@ -0,0 +1,34 @@ +#!/bin/bash + +# This file must be executable to work! chmod 755! + +key="$1" +opts="-fstype=cifs" + +for P in /bin /sbin /usr/bin /usr/sbin +do + if [ -x $P/smbclient ] + then + SMBCLIENT=$P/smbclient + break + fi +done + +[ -x $SMBCLIENT ] || exit 1 + +$SMBCLIENT -gNL $key 2>/dev/null| awk -v key="$key" -v opts="$opts" -F'|' -- ' + BEGIN { ORS=""; first=1 } + /Disk/ { + if (first) + print opts; first=0 + dir = $2 + loc = $2 + # Enclose mount dir and location in quotes + # Double quote "$" in location as it is special + gsub(/\$$/, "\\$", loc); + gsub(/\&/,"\\\\&",loc) + print " \\\n\t \"/" dir "\"", "\"://" key "/" loc "\"" + } + END { if (!first) print "\n"; else exit 1 } + ' + diff --git a/autofs_ldap_auth.conf b/autofs_ldap_auth.conf new file mode 100644 index 0000000..4033ba0 --- /dev/null +++ b/autofs_ldap_auth.conf @@ -0,0 +1,11 @@ + + + + diff --git a/bash/.rcs/bashrc,v b/bash/.rcs/bashrc,v deleted file mode 100644 index 7fb24c5..0000000 --- a/bash/.rcs/bashrc,v +++ /dev/null @@ -1,187 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.05.25.13.31.55; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.25.08.08.20; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@# /etc/bash/bashrc -# -# This file is sourced by all *interactive* bash shells on startup, -# including some apparently interactive shells such as scp and rcp -# that can't tolerate any output. So make sure this doesn't display -# anything or bad things will happen ! - - -if [ -d /usr/scripts ] ; then - PATH=/usr/scripts:$PATH - export PATH -fi - -if [ -d $HOME/bin ] ; then - PATH=$PATH:$HOME/bin - export PATH -fi - -if [ -d $HOME/lib ] ; then - PERL5LIB=$HOME/lib - export PERL5LIB -fi - -# Test for an interactive shell. There is no need to set anything -# past this point for scp and rcp, and it's important to refrain from -# outputting anything in those cases. -if [[ $- != *i* ]] ; then - # Shell is non-interactive. Be done now! - return -fi - -# Bash won't get SIGWINCH if another process is in the foreground. -# Enable checkwinsize so that bash will check the terminal size when -# it regains control. #65623 -# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) -shopt -s checkwinsize - -# Enable history appending instead of overwriting. #139609 -shopt -s histappend - -# Change the window title of X terminals -case ${TERM} in - xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) - PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' - ;; - screen) - PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' - ;; -esac - -use_color=false - -# Set colorful PS1 only on colorful terminals. -# dircolors --print-database uses its own built-in database -# instead of using /etc/DIR_COLORS. Try to use the external file -# first to take advantage of user additions. Use internal bash -# globbing instead of external grep binary. -safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM -match_lhs="" -[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" -[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ - && match_lhs=$(dircolors --print-database) -[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true - -if ${use_color} ; then - # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 - if type -P dircolors >/dev/null ; then - if [[ -f ~/.dir_colors ]] ; then - eval $(dircolors -b ~/.dir_colors) - elif [[ -f /etc/DIR_COLORS ]] ; then - eval $(dircolors -b /etc/DIR_COLORS) - fi - fi - - if [[ ${EUID} == 0 ]] ; then - #PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' - PS1='$? \[\033[01;31m\]\h\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' - #PS1='$? \[\033[01;31m\]Gentoo (chroot)\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' - else - #PS1='\[\033[01;32m\]\u@@\h\[\033[01;34m\] \w \$\[\033[00m\] ' - PS1='$? \[\033[01;32m\]\u@@\h\[\033[01;30m\]:\[\033[01;34m\]\w > \[\033[00m\]' - fi - - alias ls='ls --color=auto' - #alias grep='grep --colour=auto' -else - if [[ ${EUID} == 0 ]] ; then - # show root@@ when we don't have colors - PS1='\u@@\h \W \$ ' - else - PS1='\u@@\h \w \$ ' - fi -fi - -if [[ ${EUID} == 0 ]] ; then - alias ll="ls -lA" -else - alias ll="ls -l" -fi -alias la="ls -la" -alias md=mkdir -alias rd=rmdir -alias ..='cd ..' -alias ...='cd ../..' -alias cd..='cd ..' -alias cd...='cd ../..' -alias pl="ps -fu $USER" -grep='grep --colour=auto' -alias cpwd='cd `realpath .`' - -HISTCONTROL=ignoreboth -HISTSIZE=5000 -HISTFILESIZE=5000 -HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S ' - -# Change the window title of X terminals -case $TERM in - xterm*|rxvt|Eterm|eterm) - PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' - ;; - screen) - PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' - ;; -esac - -if [ -f /usr/share/mc/mc.gentoo ]; then - . /usr/share/mc/mc.gentoo -fi - -if [ -f /etc/profile.d/bash-completion ]; then - . /etc/profile.d/bash-completion -fi - - - -# Try to keep environment pollution down, EPA loves us. -unset use_color safe_term match_lhs -@ - - -1.1 -log -@Initial revision -@ -text -@d9 15 -d78 3 -a80 1 - PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' -d82 2 -a83 1 - PS1='\[\033[01;32m\]\u@@\h\[\033[01;34m\] \w \$\[\033[00m\] ' -d87 1 -a87 1 - alias grep='grep --colour=auto' -d97 41 -@ diff --git a/bash/.rcs/bashrc.orig,v b/bash/.rcs/bashrc.orig,v deleted file mode 100644 index 1f5ab0e..0000000 --- a/bash/.rcs/bashrc.orig,v +++ /dev/null @@ -1,104 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.25.08.08.20; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/bash/bashrc -# -# This file is sourced by all *interactive* bash shells on startup, -# including some apparently interactive shells such as scp and rcp -# that can't tolerate any output. So make sure this doesn't display -# anything or bad things will happen ! - - -# Test for an interactive shell. There is no need to set anything -# past this point for scp and rcp, and it's important to refrain from -# outputting anything in those cases. -if [[ $- != *i* ]] ; then - # Shell is non-interactive. Be done now! - return -fi - -# Bash won't get SIGWINCH if another process is in the foreground. -# Enable checkwinsize so that bash will check the terminal size when -# it regains control. #65623 -# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) -shopt -s checkwinsize - -# Enable history appending instead of overwriting. #139609 -shopt -s histappend - -# Change the window title of X terminals -case ${TERM} in - xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) - PROMPT_COMMAND='echo -ne "\033]0;${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' - ;; - screen) - PROMPT_COMMAND='echo -ne "\033_${USER}@@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' - ;; -esac - -use_color=false - -# Set colorful PS1 only on colorful terminals. -# dircolors --print-database uses its own built-in database -# instead of using /etc/DIR_COLORS. Try to use the external file -# first to take advantage of user additions. Use internal bash -# globbing instead of external grep binary. -safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM -match_lhs="" -[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" -[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ - && match_lhs=$(dircolors --print-database) -[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true - -if ${use_color} ; then - # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 - if type -P dircolors >/dev/null ; then - if [[ -f ~/.dir_colors ]] ; then - eval $(dircolors -b ~/.dir_colors) - elif [[ -f /etc/DIR_COLORS ]] ; then - eval $(dircolors -b /etc/DIR_COLORS) - fi - fi - - if [[ ${EUID} == 0 ]] ; then - PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' - else - PS1='\[\033[01;32m\]\u@@\h\[\033[01;34m\] \w \$\[\033[00m\] ' - fi - - alias ls='ls --color=auto' - alias grep='grep --colour=auto' -else - if [[ ${EUID} == 0 ]] ; then - # show root@@ when we don't have colors - PS1='\u@@\h \W \$ ' - else - PS1='\u@@\h \w \$ ' - fi -fi - -# Try to keep environment pollution down, EPA loves us. -unset use_color safe_term match_lhs -@ diff --git a/bash/bashrc b/bash/bashrc index 6262977..fc0515b 100644 --- a/bash/bashrc +++ b/bash/bashrc @@ -7,26 +7,26 @@ if [ -d /usr/scripts ] ; then - PATH=/usr/scripts:$PATH - export PATH + PATH=/usr/scripts:$PATH + export PATH fi if [ -d $HOME/bin ] ; then - PATH=$PATH:$HOME/bin - export PATH + PATH=$PATH:$HOME/bin + export PATH fi if [ -d $HOME/lib ] ; then - PERL5LIB=$HOME/lib - export PERL5LIB + PERL5LIB=$HOME/lib + export PERL5LIB fi # Test for an interactive shell. There is no need to set anything # past this point for scp and rcp, and it's important to refrain from # outputting anything in those cases. if [[ $- != *i* ]] ; then - # Shell is non-interactive. Be done now! - return + # Shell is non-interactive. Be done now! + return fi # Bash won't get SIGWINCH if another process is in the foreground. @@ -40,12 +40,12 @@ shopt -s histappend # Change the window title of X terminals case ${TERM} in - xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) - PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\007"' - ;; - screen) - PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\033\\"' - ;; + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\033\\"' + ;; esac use_color=false @@ -60,8 +60,8 @@ match_lhs="" [[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" [[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ - && match_lhs=$(dircolors --print-database) + && type -P dircolors >/dev/null \ + && match_lhs=$(dircolors --print-database) [[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true if ${use_color} ; then @@ -127,11 +127,12 @@ printf("%s\n", $newa); HISTCONTROL=ignoreboth -HISTSIZE=5000 -HISTFILESIZE=5000 +HISTSIZE=50000 +HISTFILESIZE=50000 HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S ' export LESSCOLOR=yes +export LESSCHARSET="utf-8" # Change the window title of X terminals case $TERM in @@ -147,11 +148,30 @@ if [ -f /usr/share/mc/mc.gentoo ]; then . /usr/share/mc/mc.gentoo fi -if [ -f /etc/profile.d/bash-completion ]; then - . /etc/profile.d/bash-completion +#if [ -f /etc/profile.d/bash-completion ]; then +# . /etc/profile.d/bash-completion +#fi + +if [ -e /etc/bash_completion.d/git -o "${HOME}"/.bash_completion.d/git ] ; then + #echo "/etc/bash_completion.d/git or ${HOME}/.bash_completion.d/git exists ..." + if ${use_color} ; then + if [ "$UID" = 0 ]; then + PS1='$? \[\033[01;31m\]\h\[\033[01;30m\]:\[\033[01;34m\]\w\[\033[01;31m\]$(__git_ps1)\[\033[01;34m\] \$ \[\033[00m\]' + else + PS1='$? \[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[01;31m\]$(__git_ps1)\[\033[01;34m\] > \[\033[00m\]' + fi + else + if [ "$UID" = 0 ]; then + PS1='$? \h:\w$(__git_ps1) \$ ' + else + PS1='$? \u@\h:\w$(__git_ps1) > ' + fi + fi fi # Try to keep environment pollution down, EPA loves us. unset use_color safe_term match_lhs + +# vim: ts=4 expandtab diff --git a/bash/bashrc.orig b/bash/bashrc.orig index 9ee6b9d..d46cd1e 100644 --- a/bash/bashrc.orig +++ b/bash/bashrc.orig @@ -26,10 +26,10 @@ shopt -s histappend # Change the window title of X terminals case ${TERM} in xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) - PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\007"' ;; screen) - PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\033\\"' ;; esac diff --git a/bash_completion.d/base b/bash_completion.d/base index 9864b2d..2e036d1 120000 --- a/bash_completion.d/base +++ b/bash_completion.d/base @@ -1 +1 @@ -/usr/share/bash-completion/base \ No newline at end of file +../../usr/share/bash-completion/base \ No newline at end of file diff --git a/bash_completion.d/bash-builtins b/bash_completion.d/bash-builtins index 8f0dbcb..648ed6d 120000 --- a/bash_completion.d/bash-builtins +++ b/bash_completion.d/bash-builtins @@ -1 +1 @@ -/usr/share/bash-completion/bash-builtins \ No newline at end of file +../../usr/share/bash-completion/bash-builtins \ No newline at end of file diff --git a/bash_completion.d/bind-utils b/bash_completion.d/bind-utils index 7c83bdd..39eddb3 120000 --- a/bash_completion.d/bind-utils +++ b/bash_completion.d/bind-utils @@ -1 +1 @@ -/usr/share/bash-completion/bind-utils \ No newline at end of file +../../usr/share/bash-completion/bind-utils \ No newline at end of file diff --git a/bash_completion.d/bzip2 b/bash_completion.d/bzip2 index 459b394..326a69b 120000 --- a/bash_completion.d/bzip2 +++ b/bash_completion.d/bzip2 @@ -1 +1 @@ -/usr/share/bash-completion/bzip2 \ No newline at end of file +../../usr/share/bash-completion/bzip2 \ No newline at end of file diff --git a/bash_completion.d/coreutils b/bash_completion.d/coreutils new file mode 120000 index 0000000..56ce8c1 --- /dev/null +++ b/bash_completion.d/coreutils @@ -0,0 +1 @@ +../../usr/share/bash-completion/coreutils \ No newline at end of file diff --git a/bash_completion.d/crontab b/bash_completion.d/crontab new file mode 120000 index 0000000..9ec9333 --- /dev/null +++ b/bash_completion.d/crontab @@ -0,0 +1 @@ +../../usr/share/bash-completion/crontab \ No newline at end of file diff --git a/bash_completion.d/dd b/bash_completion.d/dd index a1d0e89..8fa6d94 120000 --- a/bash_completion.d/dd +++ b/bash_completion.d/dd @@ -1 +1 @@ -/usr/share/bash-completion/dd \ No newline at end of file +../../usr/share/bash-completion/dd \ No newline at end of file diff --git a/bash_completion.d/e2fsprogs b/bash_completion.d/e2fsprogs new file mode 120000 index 0000000..626e75a --- /dev/null +++ b/bash_completion.d/e2fsprogs @@ -0,0 +1 @@ +../../usr/share/bash-completion/e2fsprogs \ No newline at end of file diff --git a/bash_completion.d/eix b/bash_completion.d/eix new file mode 120000 index 0000000..e4aa83f --- /dev/null +++ b/bash_completion.d/eix @@ -0,0 +1 @@ +../../usr/share/bash-completion/eix \ No newline at end of file diff --git a/bash_completion.d/eselect b/bash_completion.d/eselect new file mode 120000 index 0000000..4512d10 --- /dev/null +++ b/bash_completion.d/eselect @@ -0,0 +1 @@ +../../usr/share/bash-completion/eselect \ No newline at end of file diff --git a/bash_completion.d/figlet b/bash_completion.d/figlet index c575644..53d0f8d 120000 --- a/bash_completion.d/figlet +++ b/bash_completion.d/figlet @@ -1 +1 @@ -/usr/share/bash-completion/figlet \ No newline at end of file +../../usr/share/bash-completion/figlet \ No newline at end of file diff --git a/bash_completion.d/findutils b/bash_completion.d/findutils index dafec1c..1ce8b52 120000 --- a/bash_completion.d/findutils +++ b/bash_completion.d/findutils @@ -1 +1 @@ -/usr/share/bash-completion/findutils \ No newline at end of file +../../usr/share/bash-completion/findutils \ No newline at end of file diff --git a/bash_completion.d/fuse b/bash_completion.d/fuse new file mode 120000 index 0000000..4cb39f7 --- /dev/null +++ b/bash_completion.d/fuse @@ -0,0 +1 @@ +../../usr/share/bash-completion/fuse \ No newline at end of file diff --git a/bash_completion.d/getent b/bash_completion.d/getent index 2930d94..00934bf 120000 --- a/bash_completion.d/getent +++ b/bash_completion.d/getent @@ -1 +1 @@ -/usr/share/bash-completion/getent \ No newline at end of file +../../usr/share/bash-completion/getent \ No newline at end of file diff --git a/bash_completion.d/git b/bash_completion.d/git index 3768409..794cbb2 120000 --- a/bash_completion.d/git +++ b/bash_completion.d/git @@ -1 +1 @@ -/usr/share/bash-completion/git \ No newline at end of file +../../usr/share/bash-completion/git \ No newline at end of file diff --git a/bash_completion.d/gpg b/bash_completion.d/gpg new file mode 120000 index 0000000..92096b8 --- /dev/null +++ b/bash_completion.d/gpg @@ -0,0 +1 @@ +../../usr/share/bash-completion/gpg \ No newline at end of file diff --git a/bash_completion.d/gpg2 b/bash_completion.d/gpg2 new file mode 120000 index 0000000..aefe1c5 --- /dev/null +++ b/bash_completion.d/gpg2 @@ -0,0 +1 @@ +../../usr/share/bash-completion/gpg2 \ No newline at end of file diff --git a/bash_completion.d/gzip b/bash_completion.d/gzip index 949a9a8..bfb9c7a 120000 --- a/bash_completion.d/gzip +++ b/bash_completion.d/gzip @@ -1 +1 @@ -/usr/share/bash-completion/gzip \ No newline at end of file +../../usr/share/bash-completion/gzip \ No newline at end of file diff --git a/bash_completion.d/iconv b/bash_completion.d/iconv index b4dd5be..b18d3f5 120000 --- a/bash_completion.d/iconv +++ b/bash_completion.d/iconv @@ -1 +1 @@ -/usr/share/bash-completion/iconv \ No newline at end of file +../../usr/share/bash-completion/iconv \ No newline at end of file diff --git a/bash_completion.d/imagemagick b/bash_completion.d/imagemagick index 4f4728b..b39e61b 120000 --- a/bash_completion.d/imagemagick +++ b/bash_completion.d/imagemagick @@ -1 +1 @@ -/usr/share/bash-completion/imagemagick \ No newline at end of file +../../usr/share/bash-completion/imagemagick \ No newline at end of file diff --git a/bash_completion.d/iproute2 b/bash_completion.d/iproute2 new file mode 120000 index 0000000..31560bb --- /dev/null +++ b/bash_completion.d/iproute2 @@ -0,0 +1 @@ +../../usr/share/bash-completion/iproute2 \ No newline at end of file diff --git a/bash_completion.d/iptables b/bash_completion.d/iptables index c34199e..0b433ad 120000 --- a/bash_completion.d/iptables +++ b/bash_completion.d/iptables @@ -1 +1 @@ -/usr/share/bash-completion/iptables \ No newline at end of file +../../usr/share/bash-completion/iptables \ No newline at end of file diff --git a/bash_completion.d/lftp b/bash_completion.d/lftp index 76b1e9d..3cb1406 120000 --- a/bash_completion.d/lftp +++ b/bash_completion.d/lftp @@ -1 +1 @@ -/usr/share/bash-completion/lftp \ No newline at end of file +../../usr/share/bash-completion/lftp \ No newline at end of file diff --git a/bash_completion.d/lsof b/bash_completion.d/lsof new file mode 120000 index 0000000..977735e --- /dev/null +++ b/bash_completion.d/lsof @@ -0,0 +1 @@ +../../usr/share/bash-completion/lsof \ No newline at end of file diff --git a/bash_completion.d/lzma b/bash_completion.d/lzma index 42ba9d5..50049ba 120000 --- a/bash_completion.d/lzma +++ b/bash_completion.d/lzma @@ -1 +1 @@ -/usr/share/bash-completion/lzma \ No newline at end of file +../../usr/share/bash-completion/lzma \ No newline at end of file diff --git a/bash_completion.d/man b/bash_completion.d/man index bf92da6..2784b23 120000 --- a/bash_completion.d/man +++ b/bash_completion.d/man @@ -1 +1 @@ -/usr/share/bash-completion/man \ No newline at end of file +../../usr/share/bash-completion/man \ No newline at end of file diff --git a/bash_completion.d/ncftp b/bash_completion.d/ncftp new file mode 120000 index 0000000..61b4ac0 --- /dev/null +++ b/bash_completion.d/ncftp @@ -0,0 +1 @@ +../../usr/share/bash-completion/ncftp \ No newline at end of file diff --git a/bash_completion.d/net-tools b/bash_completion.d/net-tools new file mode 120000 index 0000000..8a73a24 --- /dev/null +++ b/bash_completion.d/net-tools @@ -0,0 +1 @@ +../../usr/share/bash-completion/net-tools \ No newline at end of file diff --git a/bash_completion.d/openssl b/bash_completion.d/openssl index 2173e2c..ff76adf 120000 --- a/bash_completion.d/openssl +++ b/bash_completion.d/openssl @@ -1 +1 @@ -/usr/share/bash-completion/openssl \ No newline at end of file +../../usr/share/bash-completion/openssl \ No newline at end of file diff --git a/bash_completion.d/perl b/bash_completion.d/perl index e77b7dc..2fadcc9 120000 --- a/bash_completion.d/perl +++ b/bash_completion.d/perl @@ -1 +1 @@ -/usr/share/bash-completion/perl \ No newline at end of file +../../usr/share/bash-completion/perl \ No newline at end of file diff --git a/bash_completion.d/procps b/bash_completion.d/procps new file mode 120000 index 0000000..13ea167 --- /dev/null +++ b/bash_completion.d/procps @@ -0,0 +1 @@ +../../usr/share/bash-completion/procps \ No newline at end of file diff --git a/bash_completion.d/python b/bash_completion.d/python new file mode 120000 index 0000000..3e18e2a --- /dev/null +++ b/bash_completion.d/python @@ -0,0 +1 @@ +../../usr/share/bash-completion/python \ No newline at end of file diff --git a/bash_completion.d/rcs b/bash_completion.d/rcs index 713e394..a05b823 120000 --- a/bash_completion.d/rcs +++ b/bash_completion.d/rcs @@ -1 +1 @@ -/usr/share/bash-completion/rcs \ No newline at end of file +../../usr/share/bash-completion/rcs \ No newline at end of file diff --git a/bash_completion.d/rrdtool b/bash_completion.d/rrdtool index 257acae..d9169fd 120000 --- a/bash_completion.d/rrdtool +++ b/bash_completion.d/rrdtool @@ -1 +1 @@ -/usr/share/bash-completion/rrdtool \ No newline at end of file +../../usr/share/bash-completion/rrdtool \ No newline at end of file diff --git a/bash_completion.d/rsync b/bash_completion.d/rsync index af8edc8..9d7e0d7 120000 --- a/bash_completion.d/rsync +++ b/bash_completion.d/rsync @@ -1 +1 @@ -/usr/share/bash-completion/rsync \ No newline at end of file +../../usr/share/bash-completion/rsync \ No newline at end of file diff --git a/bash_completion.d/screen b/bash_completion.d/screen index 786889b..837a302 120000 --- a/bash_completion.d/screen +++ b/bash_completion.d/screen @@ -1 +1 @@ -/usr/share/bash-completion/screen \ No newline at end of file +../../usr/share/bash-completion/screen \ No newline at end of file diff --git a/bash_completion.d/sqlite3 b/bash_completion.d/sqlite3 new file mode 120000 index 0000000..4678721 --- /dev/null +++ b/bash_completion.d/sqlite3 @@ -0,0 +1 @@ +../../usr/share/bash-completion/sqlite3 \ No newline at end of file diff --git a/bash_completion.d/ssh b/bash_completion.d/ssh index e0cc2bb..12aa924 120000 --- a/bash_completion.d/ssh +++ b/bash_completion.d/ssh @@ -1 +1 @@ -/usr/share/bash-completion/ssh \ No newline at end of file +../../usr/share/bash-completion/ssh \ No newline at end of file diff --git a/bash_completion.d/strace b/bash_completion.d/strace index 534a6b1..b76dd13 120000 --- a/bash_completion.d/strace +++ b/bash_completion.d/strace @@ -1 +1 @@ -/usr/share/bash-completion/strace \ No newline at end of file +../../usr/share/bash-completion/strace \ No newline at end of file diff --git a/bash_completion.d/subversion b/bash_completion.d/subversion index 3a08c00..d695b86 120000 --- a/bash_completion.d/subversion +++ b/bash_completion.d/subversion @@ -1 +1 @@ -/usr/share/bash-completion/subversion \ No newline at end of file +../../usr/share/bash-completion/subversion \ No newline at end of file diff --git a/bash_completion.d/tar b/bash_completion.d/tar index 74657bc..49c64dd 120000 --- a/bash_completion.d/tar +++ b/bash_completion.d/tar @@ -1 +1 @@ -/usr/share/bash-completion/tar \ No newline at end of file +../../usr/share/bash-completion/tar \ No newline at end of file diff --git a/bash_completion.d/tcpdump b/bash_completion.d/tcpdump index 5e7a522..480050e 120000 --- a/bash_completion.d/tcpdump +++ b/bash_completion.d/tcpdump @@ -1 +1 @@ -/usr/share/bash-completion/tcpdump \ No newline at end of file +../../usr/share/bash-completion/tcpdump \ No newline at end of file diff --git a/bash_completion.d/tree b/bash_completion.d/tree index a0a85b4..50aa20b 120000 --- a/bash_completion.d/tree +++ b/bash_completion.d/tree @@ -1 +1 @@ -/usr/share/bash-completion/tree \ No newline at end of file +../../usr/share/bash-completion/tree \ No newline at end of file diff --git a/bash_completion.d/unrar b/bash_completion.d/unrar index 855098b..d40496b 120000 --- a/bash_completion.d/unrar +++ b/bash_completion.d/unrar @@ -1 +1 @@ -/usr/share/bash-completion/unrar \ No newline at end of file +../../usr/share/bash-completion/unrar \ No newline at end of file diff --git a/bash_completion.d/util-linux b/bash_completion.d/util-linux new file mode 120000 index 0000000..5e4c72e --- /dev/null +++ b/bash_completion.d/util-linux @@ -0,0 +1 @@ +../../usr/share/bash-completion/util-linux \ No newline at end of file diff --git a/bash_completion.d/vim b/bash_completion.d/vim index 5a66274..a077149 120000 --- a/bash_completion.d/vim +++ b/bash_completion.d/vim @@ -1 +1 @@ -/usr/share/bash-completion/vim \ No newline at end of file +../../usr/share/bash-completion/vim \ No newline at end of file diff --git a/bind/.orig/.rcs/bind.keys,v b/bind/.orig/.rcs/bind.keys,v deleted file mode 100644 index d59319e..0000000 --- a/bind/.orig/.rcs/bind.keys,v +++ /dev/null @@ -1,30 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.20.45.42; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@managed-keys { - # NOTE: This key is current as of October 2009. - # If it fails to initialize correctly, it may have expired; - # see https://www.isc.org/solutions/dlv for a replacement. - dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt TDN0YUuWrBNh"; -}; -@ diff --git a/bind/.orig/.rcs/named.conf,v b/bind/.orig/.rcs/named.conf,v deleted file mode 100644 index 3b72334..0000000 --- a/bind/.orig/.rcs/named.conf,v +++ /dev/null @@ -1,240 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.20.45.42; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@/* - * Refer to the named.conf(5) and named(8) man pages, and the documentation - * in /usr/share/doc/bind-9 for more details. - * Online versions of the documentation can be found here: - * http://www.isc.org/software/bind/documentation - * - * If you are going to set up an authoritative server, make sure you - * understand the hairy details of how DNS works. Even with simple mistakes, - * you can break connectivity for affected parties, or cause huge amounts of - * useless Internet traffic. - */ - -acl "xfer" { - /* Allow no transfers. If we have other name servers, place them here. */ - //127.0.0.1/32; - //::1/128; - "none"; -}; - -/* - * You might put in here some ips which are allowed to use the cache or - * recursive queries - */ -acl "trusted" { - 127.0.0.0/8; - ::1/128; -}; - -options { - directory "/var/bind"; - pid-file "/var/run/named/named.pid"; - - /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ - // bindkeys-file "/etc/bind/bind.keys"; - - listen-on-v6 { ::1; }; - listen-on { 127.0.0.1; }; - - allow-query { - /* - * Accept queries from our "trusted" ACL. We will - * allow anyone to query our master zones below. - * This prevents us from becoming a free DNS server - * to the masses. - */ - trusted; - }; - - allow-query-cache { - /* Use the cache for the "trusted" ACL. */ - trusted; - }; - - allow-transfer { - /* - * Zone tranfers limited to members of the - * "xfer" ACL (e.g. secondary nameserver). - */ - xfer; - }; - -/* - * If you've got a DNS server around at your upstream provider, enter its - * IP address here, and enable the line below. This will make you benefit - * from its cache, thus reduce overall DNS traffic in the Internet. - * - * Uncomment the following lines to turn on DNS forwarding, and change - * and/or update the forwarding ip address(es): - */ -/* - forward first; - forwarders { - // 123.123.123.123; // Your ISP NS - // 124.124.124.124; // Your ISP NS - 4.2.2.1; // Level3 Public DNS - 4.2.2.2; // Level3 Public DNS - 8.8.8.8; // Google Open DNS - 8.8.4.4; // Google Open DNS - }; - -*/ - - // dnssec-enable yes; - // dnssec-validation yes; - - /* if you have problems and are behind a firewall: */ - //query-source address * port 53; -}; - -logging { - channel default_log { - file "/var/log/named/named.log" versions 5 size 50M; - print-time yes; - print-severity yes; - print-category yes; - }; - - category default { default_log; }; - category general { default_log; }; -}; - -include "/etc/bind/rndc.key"; -controls { - inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; -}; - - -view "internal" in { - /* - * Our internal (trusted) view. We permit the internal networks - * to freely access this view. We perform recursion for our - * internal hosts, and retrieve data from the cache for them. - */ - - match-clients { trusted; }; - recursion yes; - additional-from-auth yes; - additional-from-cache yes; - - zone "." in { - type hint; - file "/var/bind/root.cache"; - }; - - zone "localhost" IN { - type master; - file "pri/localhost.zone"; - allow-update { none; }; - notify no; - allow-query { any; }; - allow-transfer { none; }; - }; - - zone "127.in-addr.arpa" IN { - type master; - file "pri/127.zone"; - allow-update { none; }; - notify no; - allow-query { any; }; - allow-transfer { none; }; - }; - - /* - * NOTE: All zone blocks for "public" view should be listed here in "internal" - * too! Otherwise you'll have trouble to resolv the public zones properly. - * That affects all hosts from the "trusted" ACL. - * A separate config, which contains all zone blocks, might be better in - * this case. Then you can simply add: - * include "/etc/bind/zones.cfg"; - * for "internal" and "public" view. - */ - - /* - * Briefly, a zone which has been declared delegation-only will be effectively - * limited to containing NS RRs for subdomains, but no actual data beyond its - * own apex (for example, its SOA RR and apex NS RRset). This can be used to - * filter out "wildcard" or "synthesized" data from NAT boxes or from - * authoritative name servers whose undelegated (in-zone) data is of no - * interest. - * See http://www.isc.org/software/bind/delegation-only for more info - */ - - //zone "COM" { type delegation-only; }; - //zone "NET" { type delegation-only; }; -}; - -view "public" in { - /* - * Our external (untrusted) view. We permit any client to access - * portions of this view. We do not perform recursion or cache - * access for hosts using this view. - */ - - match-clients { any; }; - recursion no; - additional-from-auth no; - additional-from-cache no; - - zone "." in { - type hint; - file "/var/bind/root.cache"; - }; - - //zone "YOUR-DOMAIN.TLD" { - // type master; - // file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; - // allow-query { any; }; - // allow-transfer { xfer; }; - //}; - - //zone "YOUR-SLAVE.TLD" { - // type slave; - // file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; - // masters { ; }; - - // /* Anybody is allowed to query but transfer should be controlled by the master. */ - // allow-query { any; }; - // allow-transfer { none; }; - - // /* The master should be the only one who notifies the slaves, shouldn't it? */ - // allow-notify { ; }; - // notify no; - //}; -}; - -/* Hide the bind version */ -/* -view "chaos" chaos { - match-clients { any; }; - allow-query { none; }; - zone "." { - type hint; - file "/dev/null"; // or any empty file - }; -}; -*/ -@ diff --git a/bind/.orig/.rcs/rndc.key,v b/bind/.orig/.rcs/rndc.key,v deleted file mode 100644 index 33c41b2..0000000 --- a/bind/.orig/.rcs/rndc.key,v +++ /dev/null @@ -1,28 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.20.45.49; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@key "rndc-key" { - algorithm hmac-md5; - secret "cFBAmcAZaLb9yFB5HQG9Qg=="; -}; -@ diff --git a/bind/.orig/bind.keys b/bind/.orig/bind.keys index 1b5cab1..068a8ce 100644 --- a/bind/.orig/bind.keys +++ b/bind/.orig/bind.keys @@ -1,6 +1,46 @@ +/* $Id: bind.keys,v 1.7 2011/01/03 23:45:07 each Exp $ */ +# The bind.keys file is used to override the built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release, the only +# trust anchors it contains are those for the DNS root zone ("."), and for +# the ISC DNSSEC Lookaside Validation zone ("dlv.isc.org"). Trust anchors +# for any other zones MUST be configured elsewhere; if they are configured +# here, they will not be recognized or used by named. +# +# The built-in trust anchors are provided for convenience of configuration. +# They are not activated within named.conf unless specifically switched on. +# To use the built-in root key, set "dnssec-validation auto;" in +# named.conf options. To use the built-in DLV key, set +# "dnssec-lookaside auto;". Without these options being set, +# the keys in this file are ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of January 2011. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + managed-keys { - # NOTE: This key is current as of October 2009. - # If it fails to initialize correctly, it may have expired; - # see https://www.isc.org/solutions/dlv for a replacement. - dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt TDN0YUuWrBNh"; + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # NOTE: This key is activated by setting "dnssec-lookaside auto;" + # in named.conf. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # NOTE: This key is activated by setting "dnssec-validation auto;" + # in named.conf. + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; }; diff --git a/bind/.orig/named.conf b/bind/.orig/named.conf index 35ee364..aab639f 100644 --- a/bind/.orig/named.conf +++ b/bind/.orig/named.conf @@ -11,13 +11,13 @@ */ acl "xfer" { - /* Allow no transfers. If we have other name servers, place them here. */ - //127.0.0.1/32; - //::1/128; - "none"; + /* Deny transfers by default except for the listed hosts. + * If we have other name servers, place them here. + */ + none; }; -/* +/* * You might put in here some ips which are allowed to use the cache or * recursive queries */ @@ -31,7 +31,7 @@ options { pid-file "/var/run/named/named.pid"; /* https://www.isc.org/solutions/dlv >=bind-9.7.x only */ - // bindkeys-file "/etc/bind/bind.keys"; + //bindkeys-file "/etc/bind/bind.keys"; listen-on-v6 { ::1; }; listen-on { 127.0.0.1; }; @@ -51,42 +51,57 @@ options { trusted; }; + allow-recursion { + /* Only trusted addresses are allowed to use recursion. */ + trusted; + }; + allow-transfer { - /* - * Zone tranfers limited to members of the - * "xfer" ACL (e.g. secondary nameserver). - */ - xfer; + /* Zone tranfers are denied by default. */ + none; }; -/* - * If you've got a DNS server around at your upstream provider, enter its - * IP address here, and enable the line below. This will make you benefit - * from its cache, thus reduce overall DNS traffic in the Internet. - * - * Uncomment the following lines to turn on DNS forwarding, and change - * and/or update the forwarding ip address(es): - */ + allow-update { + /* Don't allow updates, e.g. via nsupdate. */ + none; + }; + + /* + * If you've got a DNS server around at your upstream provider, enter its + * IP address here, and enable the line below. This will make you benefit + * from its cache, thus reduce overall DNS traffic in the Internet. + * + * Uncomment the following lines to turn on DNS forwarding, and change + * and/or update the forwarding ip address(es): + */ /* forward first; forwarders { // 123.123.123.123; // Your ISP NS // 124.124.124.124; // Your ISP NS - 4.2.2.1; // Level3 Public DNS - 4.2.2.2; // Level3 Public DNS + // 4.2.2.1; // Level3 Public DNS + // 4.2.2.2; // Level3 Public DNS 8.8.8.8; // Google Open DNS 8.8.4.4; // Google Open DNS }; */ - // dnssec-enable yes; - // dnssec-validation yes; + //dnssec-enable yes; + //dnssec-validation yes; + + /* + * As of bind 9.8.0: + * "If the root key provided has expired, + * named will log the expiration and validation will not work." + */ + //dnssec-validation auto; /* if you have problems and are behind a firewall: */ //query-source address * port 53; }; +/* logging { channel default_log { file "/var/log/named/named.log" versions 5 size 50M; @@ -98,119 +113,60 @@ logging { category default { default_log; }; category general { default_log; }; }; +*/ include "/etc/bind/rndc.key"; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; }; }; - -view "internal" in { - /* - * Our internal (trusted) view. We permit the internal networks - * to freely access this view. We perform recursion for our - * internal hosts, and retrieve data from the cache for them. - */ - - match-clients { trusted; }; - recursion yes; - additional-from-auth yes; - additional-from-cache yes; - - zone "." in { - type hint; - file "/var/bind/root.cache"; - }; - - zone "localhost" IN { - type master; - file "pri/localhost.zone"; - allow-update { none; }; - notify no; - allow-query { any; }; - allow-transfer { none; }; - }; - - zone "127.in-addr.arpa" IN { - type master; - file "pri/127.zone"; - allow-update { none; }; - notify no; - allow-query { any; }; - allow-transfer { none; }; - }; - - /* - * NOTE: All zone blocks for "public" view should be listed here in "internal" - * too! Otherwise you'll have trouble to resolv the public zones properly. - * That affects all hosts from the "trusted" ACL. - * A separate config, which contains all zone blocks, might be better in - * this case. Then you can simply add: - * include "/etc/bind/zones.cfg"; - * for "internal" and "public" view. - */ - - /* - * Briefly, a zone which has been declared delegation-only will be effectively - * limited to containing NS RRs for subdomains, but no actual data beyond its - * own apex (for example, its SOA RR and apex NS RRset). This can be used to - * filter out "wildcard" or "synthesized" data from NAT boxes or from - * authoritative name servers whose undelegated (in-zone) data is of no - * interest. - * See http://www.isc.org/software/bind/delegation-only for more info - */ - - //zone "COM" { type delegation-only; }; - //zone "NET" { type delegation-only; }; +zone "." in { + type hint; + file "/var/bind/root.cache"; }; -view "public" in { - /* - * Our external (untrusted) view. We permit any client to access - * portions of this view. We do not perform recursion or cache - * access for hosts using this view. - */ - - match-clients { any; }; - recursion no; - additional-from-auth no; - additional-from-cache no; - - zone "." in { - type hint; - file "/var/bind/root.cache"; - }; +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + notify no; +}; - //zone "YOUR-DOMAIN.TLD" { - // type master; - // file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; - // allow-query { any; }; - // allow-transfer { xfer; }; - //}; - - //zone "YOUR-SLAVE.TLD" { - // type slave; - // file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; - // masters { ; }; - - // /* Anybody is allowed to query but transfer should be controlled by the master. */ - // allow-query { any; }; - // allow-transfer { none; }; - - // /* The master should be the only one who notifies the slaves, shouldn't it? */ - // allow-notify { ; }; - // notify no; - //}; +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + notify no; }; -/* Hide the bind version */ /* -view "chaos" chaos { - match-clients { any; }; - allow-query { none; }; - zone "." { - type hint; - file "/dev/null"; // or any empty file - }; -}; -*/ + * Briefly, a zone which has been declared delegation-only will be effectively + * limited to containing NS RRs for subdomains, but no actual data beyond its + * own apex (for example, its SOA RR and apex NS RRset). This can be used to + * filter out "wildcard" or "synthesized" data from NAT boxes or from + * authoritative name servers whose undelegated (in-zone) data is of no + * interest. + * See http://www.isc.org/software/bind/delegation-only for more info + */ + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//zone "YOUR-DOMAIN.TLD" { +// type master; +// file "/var/bind/pri/YOUR-DOMAIN.TLD.zone"; +// allow-query { any; }; +// allow-transfer { xfer; }; +//}; + +//zone "YOUR-SLAVE.TLD" { +// type slave; +// file "/var/bind/sec/YOUR-SLAVE.TLD.zone"; +// masters { ; }; + + /* Anybody is allowed to query but transfer should be controlled by the master. */ +// allow-query { any; }; +// allow-transfer { none; }; + + /* The master should be the only one who notifies the slaves, shouldn't it? */ +// allow-notify { ; }; +// notify no; +//}; diff --git a/bind/.orig/rndc.key b/bind/.orig/rndc.key index d617dc1..ad4c3ad 100644 --- a/bind/.orig/rndc.key +++ b/bind/.orig/rndc.key @@ -1,4 +1,4 @@ key "rndc-key" { algorithm hmac-md5; - secret "cFBAmcAZaLb9yFB5HQG9Qg=="; + secret "6suJnYlADz5TDyfyfvi/5A=="; }; diff --git a/bind/bind.keys b/bind/bind.keys index f6d79dc..d932678 100644 --- a/bind/bind.keys +++ b/bind/bind.keys @@ -1,4 +1,4 @@ -/* $Id: bind.keys,v 1.7 2011-01-03 23:45:07 each Exp $ */ +/* $Id: bind.keys,v 1.7 2011/01/03 23:45:07 each Exp $ */ # The bind.keys file is used to override the built-in DNSSEC trust anchors # which are included as part of BIND 9. As of the current release, the only # trust anchors it contains are those for the DNS root zone ("."), and for diff --git a/ca-certificates.conf b/ca-certificates.conf index 8a20bad..74bc2a6 100644 --- a/ca-certificates.conf +++ b/ca-certificates.conf @@ -1,5 +1,5 @@ # Automatically generated by app-misc/ca-certificates-20111025 -# Sa 7. Jan 08:53:15 UTC 2012 +# So 22. Jul 22:05:12 UTC 2012 # Do not edit. brasil.gov.br/brasil.gov.br.crt cacert.org/cacert.org.crt diff --git a/conf.d/.rcs/apache2,v b/conf.d/.rcs/apache2,v deleted file mode 100644 index ed380fa..0000000 --- a/conf.d/.rcs/apache2,v +++ /dev/null @@ -1,117 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.13.19.02; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.28.10.14.26; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.2 -log -@Checked in. -@ -text -@# /etc/conf.d/apache2: config file for /etc/init.d/apache2 - -# When you install a module it is easy to activate or deactivate the modules -# and other features of apache using the APACHE2_OPTS line. Every module should -# install a configuration in /etc/apache2/modules.d. In that file will have an -# directive where NNN is the option to enable that module. -# -# Here are the options available in the default configuration: -# -# AUTH_DIGEST Enables mod_auth_digest -# AUTHNZ_LDAP Enables authentication through mod_ldap (available if USE=ldap) -# CACHE Enables mod_cache -# DAV Enables mod_dav -# ERRORDOCS Enables default error documents for many languages. -# INFO Enables mod_info, a useful module for debugging -# LANGUAGE Enables content-negotiation based on language and charset. -# LDAP Enables mod_ldap (available if USE=ldap) -# MANUAL Enables /manual/ to be the apache manual (available if USE=docs) -# MEM_CACHE Enables default configuration mod_mem_cache -# PROXY Enables mod_proxy -# SSL Enables SSL (available if USE=ssl) -# SUEXEC Enables running CGI scripts (in USERDIR) through suexec. -# USERDIR Enables /~username mapping to /home/username/public_html -# -# -# The following two options provide the default virtual host for the HTTP and -# HTTPS protocol. YOU NEED TO ENABLE AT LEAST ONE OF THEM, otherwise apache -# will not listen for incomming connections on the approriate port. -# -# DEFAULT_VHOST Enables name-based virtual hosts, with the default -# virtual host being in /var/www/localhost/htdocs -# SSL_DEFAULT_VHOST Enables default vhost for SSL (you should enable this -# when you enable SSL) -# -#APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE" -APACHE2_OPTS="-D DEFAULT_VHOST -D PHP5 -D SSL -D SSL_DEFAULT_VHOST -D MANUAL -D PERL -D INFO -D STATUS -D DAV -D SVN -D ERRORDOCS -D LANGUAGE -D FASTCGI" - -# Extended options for advanced uses of Apache ONLY -# You don't need to edit these unless you are doing crazy Apache stuff -# As not having them set correctly, or feeding in an incorrect configuration -# via them will result in Apache failing to start -# YOU HAVE BEEN WARNED. - -# PID file -#PIDFILE=/var/run/apache2.pid - -# timeout for startup/shutdown checks -#TIMEOUT=10 - -# ServerRoot setting -#SERVERROOT=/usr/lib64/apache2 - -# Configuration file location -# - If this does NOT start with a '/', then it is treated relative to -# $SERVERROOT by Apache -#CONFIGFILE=/etc/apache2/httpd.conf - -# Location to log startup errors to -# They are normally dumped to your terminal. -STARTUPERRORLOG="/var/log/apache2/startuperror.log" - -# A command that outputs a formatted text version of the HTML at the URL -# of the command line. Designed for lynx, however other programs may work. -#LYNX="lynx -dump" - -# The URL to your server's mod_status status page. -# Required for status and fullstatus -#STATUSURL="http://localhost/server-status" - -# Method to use when reloading the server -# Valid options are 'restart' and 'graceful' -# See http://httpd.apache.org/docs/2.2/stopping.html for information on -# what they do and how they differ. -#RELOAD_TYPE="graceful" -@ - - -1.1 -log -@Initial revision -@ -text -@d35 2 -a36 1 -APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D MANUAL -D SSL -D SSL_DEFAULT_VHOST -D SUEXEC -D LANGUAGE" -d60 1 -a60 1 -#STARTUPERRORLOG="/var/log/apache2/startuperror.log" -@ diff --git a/conf.d/.rcs/auditd,v b/conf.d/.rcs/auditd,v deleted file mode 100644 index 177e7e9..0000000 --- a/conf.d/.rcs/auditd,v +++ /dev/null @@ -1,40 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.21.59.04; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-conf.d-1.2.3,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ - -# Configuration options for auditd -# -f for foreground mode -# There are some other options as well, but you'll have to look in the source -# code to find them as they aren't ready for use yet. -EXTRAOPTIONS='' - -# Audit rules file to run after starting auditd -RULEFILE_STARTUP=/etc/audit/audit.rules - -# Audit rules file to run before and after stopping auditd -RULEFILE_STOP_PRE=/etc/audit/audit.rules.stop.pre -RULEFILE_STOP_POST=/etc/audit/audit.rules.stop.post -@ diff --git a/conf.d/.rcs/autofs,v b/conf.d/.rcs/autofs,v deleted file mode 100644 index e5c6a53..0000000 --- a/conf.d/.rcs/autofs,v +++ /dev/null @@ -1,151 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.11.29.45; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# -# Define default options for autofs. -# -# MASTER_MAP_NAME - default map name for the master map. -# -#MASTER_MAP_NAME="auto.master" -# -# TIMEOUT - set the default mount timeout (default 600). -# -TIMEOUT=300 -# -# NEGATIVE_TIMEOUT - set the default negative timeout for -# failed mount attempts (default 60). -# -#NEGATIVE_TIMEOUT=60 -# -# UMOUNT_WAIT - time to wait for a response from umount(8). -# -#UMOUNT_WAIT=12 -# -# BROWSE_MODE - maps are browsable by default. -# -BROWSE_MODE="no" -# -# MOUNT_NFS_DEFAULT_PROTOCOL - specify the default protocol used by -# mount.nfs(8). Since we can't identify -# the default automatically we need to -# set it in our configuration. This will -# only make a difference for replicated -# map entries as availability probing isn't -# used for single host map entries. -# -#MOUNT_NFS_DEFAULT_PROTOCOL=3 -# -# APPEND_OPTIONS - append to global options instead of replace. -# -#APPEND_OPTIONS="yes" -# -# LOGGING - set default log level "none", "verbose" or "debug" -# -#LOGGING="none" -# -# Define server URIs -# -# LDAP_URI - space seperated list of server uris of the form -# ://[/] where can be ldap -# or ldaps. The option can be given multiple times. -# Map entries that include a server name override -# this option. -# -# This configuration option can also be used to -# request autofs lookup SRV RRs for a domain of -# the form :///[]. Note that a -# trailing "/" is not allowed when using this form. -# If the domain dn is not specified the dns domain -# name (if any) is used to construct the domain dn -# for the SRV RR lookup. The server list returned -# from an SRV RR lookup is refreshed according to -# the minimum ttl found in the SRV RR records or -# after one hour, whichever is less. -# -#LDAP_URI="" -# -# LDAP__TIMEOUT - timeout value for the synchronous API calls -# (default is LDAP library default). -# -#LDAP_TIMEOUT=-1 -# -# LDAP_NETWORK_TIMEOUT - set the network response timeout (default 8). -# -#LDAP_NETWORK_TIMEOUT=8 -# -# Define base dn for map dn lookup. -# -# SEARCH_BASE - base dn to use for searching for map search dn. -# Multiple entries can be given and they are checked -# in the order they occur here. -# -#SEARCH_BASE="" -# -# Define the LDAP schema to used for lookups -# -# If no schema is set autofs will check each of the schemas -# below in the order given to try and locate an appropriate -# basdn for lookups. If you want to minimize the number of -# queries to the server set the values here. -# -#MAP_OBJECT_CLASS="nisMap" -#ENTRY_OBJECT_CLASS="nisObject" -#MAP_ATTRIBUTE="nisMapName" -#ENTRY_ATTRIBUTE="cn" -#VALUE_ATTRIBUTE="nisMapEntry" -# -# Other common LDAP nameing -# -#MAP_OBJECT_CLASS="automountMap" -#ENTRY_OBJECT_CLASS="automount" -#MAP_ATTRIBUTE="ou" -#ENTRY_ATTRIBUTE="cn" -#VALUE_ATTRIBUTE="automountInformation" -# -#MAP_OBJECT_CLASS="automountMap" -#ENTRY_OBJECT_CLASS="automount" -#MAP_ATTRIBUTE="automountMapName" -#ENTRY_ATTRIBUTE="automountKey" -#VALUE_ATTRIBUTE="automountInformation" -# -# AUTH_CONF_FILE - set the default location for the SASL -# authentication configuration file. -# -#AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf" -# -# MAP_HASH_TABLE_SIZE - set the map cache hash table size. -# Should be a power of 2 with a ratio roughly -# between 1:10 and 1:20 for each map. -# -#MAP_HASH_TABLE_SIZE=1024 -# -# General global options -# -# If the kernel supports using the autofs miscellanous device -# and you wish to use it you must set this configuration option -# to "yes" otherwise it will not be used. -USE_MISC_DEVICE="yes" -# -#OPTIONS="" -# -@ diff --git a/conf.d/.rcs/books-prod-fcgi,v b/conf.d/.rcs/books-prod-fcgi,v deleted file mode 100644 index 79cb9cd..0000000 --- a/conf.d/.rcs/books-prod-fcgi,v +++ /dev/null @@ -1,45 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.06.07.20.12.35; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/books-prod-fcgi: config file for /etc/init.d/books-prod-fcgi - -DAEMON_USER="frank" -DAEMON_GROUP="users" -PID_DIR="/var/run/frank" - -# Pid file to use (needs to be absolute path). -DAEMON_PIDFILE="${PID_DIR}/books-prod.pid" - -# Working directory (needs to be absolute path). -DAEMON_DIR="/var/www/books" - -# Path to the binary (needs to be absolute path). -DAEMON_BINARY="${DAEMON_DIR}/script/frbr_books_fastcgi.pl" - -# Path to the socket for Apache mod_fastcgi -DAEMON_SOCKET="/tmp/frbr_books_app.sock" - -# Count of daemon processes -DAEMON_COUNT=2 - -@ diff --git a/conf.d/.rcs/bootmisc,v b/conf.d/.rcs/bootmisc,v deleted file mode 100644 index 7c9e7a0..0000000 --- a/conf.d/.rcs/bootmisc,v +++ /dev/null @@ -1,36 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.18.08.57.19; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/bootmisc - -# Put a nologin file in /etc to prevent people from logging in before -# system startup is complete - -DELAYLOGIN="no" - - -# Should we completely wipe out /tmp or just selectively remove known -# locks / files / etc... ? - -WIPE_TMP="yes" -@ diff --git a/conf.d/.rcs/clamd,v b/conf.d/.rcs/clamd,v deleted file mode 100644 index 2190c7c..0000000 --- a/conf.d/.rcs/clamd,v +++ /dev/null @@ -1,33 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.19.01.48; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Config file for /etc/init.d/clamd - -# NOTICE: Since clamav-0.85-r1, only START_CLAMD and START_FRESHCLAM settings -# are used, other are silently ignored - -START_CLAMD=yes -START_FRESHCLAM=yes -CLAMD_NICELEVEL=3 -FRESHCLAM_NICELEVEL=19 -@ diff --git a/conf.d/.rcs/clock,v b/conf.d/.rcs/clock,v deleted file mode 100644 index d77e050..0000000 --- a/conf.d/.rcs/clock,v +++ /dev/null @@ -1,60 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.17.41.04; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/clock - -# Set CLOCK to "UTC" if your hardware clock is set to UTC (also known as -# Greenwich Mean Time). If that clock is set to the local time, then -# set CLOCK to "local". -# Note that if you dual boot with Windows, then you should set it to -# "local" because Windows always sets the hardware clock to local time. - -CLOCK="UTC" - -# Select the proper timezone. For valid values, peek inside of the -# /usr/share/zoneinfo/ directory. For example, some common values are -# "America/New_York" or "EST5EDT" or "Europe/Berlin". If you want to -# manage /etc/localtime yourself, set this to "". - -#TIMEZONE="Factory" -TIMEZONE="Europe/Berlin" - -# If you wish to pass any other arguments to hwclock during bootup, -# you may do so here. - -CLOCK_OPTS="" - -# If you want to set the Hardware Clock to the current System Time (software -# clock) during shutdown, then say "yes" here. - -CLOCK_SYSTOHC="yes" - - -### ALPHA SPECIFIC OPTIONS ### - -# If your alpha uses the SRM console, set this to "yes". -SRM="no" - -# If your alpha uses the ARC console, set this to "yes". -ARC="no" -@ diff --git a/conf.d/.rcs/consolefont,v b/conf.d/.rcs/consolefont,v deleted file mode 100644 index fea392c..0000000 --- a/conf.d/.rcs/consolefont,v +++ /dev/null @@ -1,40 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.18.08.57.19; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/consolefont - -# CONSOLEFONT specifies the default font that you'd like Linux to use on the -# console. You can find a good selection of fonts in /usr/share/consolefonts; -# you shouldn't specify the trailing ".psf.gz", just the font name below. -# To use the default console font, comment out the CONSOLEFONT setting below. -# This setting is used by the /etc/init.d/consolefont script (NOTE: if you do -# not want to use it, run "rc-update del consolefont" as root). - -CONSOLEFONT="default8x16" - -# CONSOLETRANSLATION is the charset map file to use. Leave commented to use -# the default one. Have a look in /usr/share/consoletrans for a selection of -# map files you can use. - -#CONSOLETRANSLATION="8859-1_to_uni" -@ diff --git a/conf.d/.rcs/crypto-loop,v b/conf.d/.rcs/crypto-loop,v deleted file mode 100644 index 56cdcf9..0000000 --- a/conf.d/.rcs/crypto-loop,v +++ /dev/null @@ -1,33 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.18.39.55; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/crypto-loop: Configuration file for /etc/init.d/crypto-loop - -# More info can be found in the init.d script - -# Specify loopback configurations here. The format of this file is -# shown in the following commented-out example. One line per loopback -# configuration. For possible hash values, see `man hashalot`. - -# loop=/dev/loop0 hash='' cipher=serpent keysize=256 device=/dev/system/test other='' -@ diff --git a/conf.d/.rcs/device-mapper,v b/conf.d/.rcs/device-mapper,v deleted file mode 100644 index 5f7987b..0000000 --- a/conf.d/.rcs/device-mapper,v +++ /dev/null @@ -1,25 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.17.49.09; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@RC_AFTER="lvm" -@ diff --git a/conf.d/.rcs/env_whitelist,v b/conf.d/.rcs/env_whitelist,v deleted file mode 100644 index 5fcc907..0000000 --- a/conf.d/.rcs/env_whitelist,v +++ /dev/null @@ -1,30 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.18.08.57.19; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/env_whitelist: Environment whitelist for rc-system - -# Specify which variables are allowed to be passed from the environment to the -# rc-system. If it is not set by the environment, then the variable will be -# taken from /etc/profile.env - meaning, if you need to set LANG or such, -# do it in a /etc/env.d/99myownstuff file for example, and run env-update. -@ diff --git a/conf.d/.rcs/git-daemon,v b/conf.d/.rcs/git-daemon,v deleted file mode 100644 index 26b1e75..0000000 --- a/conf.d/.rcs/git-daemon,v +++ /dev/null @@ -1,43 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.22.59.33; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# conf.d file for git-daemon -# -# Please check man 1 git-daemon for more information about the options -# git-daemon accepts. You MUST edit this to include your repositories you wish -# to serve. -# -# Some of the meaningful options are: -# --syslog --- Enables syslog logging -# --verbose --- Enables verbose logging -# --export-all --- Exports all repositories -# --port=XXXX --- Starts in port XXXX instead of 9418 -# -GITDAEMON_OPTS="--syslog /var/git" - -# To run an anonymous git safely, the following user should be able to only -# read your Git repositories. It should not able able to write to anywhere on -# your system, esp. not the repositories. -GIT_USER="nobody" -GIT_GROUP="nobody" -@ diff --git a/conf.d/.rcs/gpm,v b/conf.d/.rcs/gpm,v deleted file mode 100644 index b93e0cd..0000000 --- a/conf.d/.rcs/gpm,v +++ /dev/null @@ -1,47 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.17.43.30; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/init.d/gpm - -# Please uncomment the type of mouse you have and the appropriate MOUSEDEV entry - -MOUSE=ps2 -#MOUSE=imps2 -#MOUSEDEV=/dev/psaux -MOUSEDEV=/dev/input/mice - -# Extra settings - -#RESPONSIVENESS= -#REPEAT_TYPE=raw - -# Please uncomment this line if you want gpm to understand charsets used -# in URLs and names with ~ or : in them, etc. This is a good idea to turn on! - -#APPEND="-l \"a-zA-Z0-9_.:~/\300-\326\330-\366\370-\377\"" - -# Various other options, see gpm(8) manpage for more. - -#APPEND="-g 1 -A60" -#APPEND="-l \"a-zA-Z0-9_.:~/\300-\326\330-\366\370-\377\" -g 1 -A60" -@ diff --git a/conf.d/.rcs/hostname,v b/conf.d/.rcs/hostname,v deleted file mode 100644 index d19e43b..0000000 --- a/conf.d/.rcs/hostname,v +++ /dev/null @@ -1,28 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.25.11.05.48; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/hostname - -# Set to the hostname of this machine -HOSTNAME="helga" -@ diff --git a/conf.d/.rcs/ip6tables,v b/conf.d/.rcs/ip6tables,v deleted file mode 100644 index 20d9a4c..0000000 --- a/conf.d/.rcs/ip6tables,v +++ /dev/null @@ -1,35 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.21.26.03; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/ip6tables - -# Location in which iptables initscript will save set rules on -# service shutdown -IP6TABLES_SAVE="/var/lib/ip6tables/rules-save" - -# Options to pass to iptables-save and iptables-restore -SAVE_RESTORE_OPTIONS="-c" - -# Save state on stopping iptables -SAVE_ON_STOP="yes" -@ diff --git a/conf.d/.rcs/iptables,v b/conf.d/.rcs/iptables,v deleted file mode 100644 index 0c97f7d..0000000 --- a/conf.d/.rcs/iptables,v +++ /dev/null @@ -1,35 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.21.26.03; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/iptables - -# Location in which iptables initscript will save set rules on -# service shutdown -IPTABLES_SAVE="/var/lib/iptables/rules-save" - -# Options to pass to iptables-save and iptables-restore -SAVE_RESTORE_OPTIONS="-c" - -# Save state on stopping iptables -SAVE_ON_STOP="yes" -@ diff --git a/conf.d/.rcs/keymaps,v b/conf.d/.rcs/keymaps,v deleted file mode 100644 index b640b20..0000000 --- a/conf.d/.rcs/keymaps,v +++ /dev/null @@ -1,51 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.25.11.41.40; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/keymaps - -# Use KEYMAP to specify the default console keymap. There is a complete tree -# of keymaps in /usr/share/keymaps to choose from. - -#KEYMAP="us" -KEYMAP="de-latin1-nodeadkeys" - - -# Should we first load the 'windowkeys' console keymap? Most x86 users will -# say "yes" here. Note that non-x86 users should leave it as "no". - -SET_WINDOWKEYS="no" - - -# The maps to load for extended keyboards. Most users will leave this as is. - -EXTENDED_KEYMAPS="" -#EXTENDED_KEYMAPS="backspace keypad euro" - - -# Tell dumpkeys(1) to interpret character action codes to be -# from the specified character set. -# This only matters if you set UNICODE="yes" in /etc/rc.conf. -# For a list of valid sets, run `dumpkeys --help` - -DUMPKEYS_CHARSET="" -@ diff --git a/conf.d/.rcs/lm_sensors,v b/conf.d/.rcs/lm_sensors,v deleted file mode 100644 index 262e9d3..0000000 --- a/conf.d/.rcs/lm_sensors,v +++ /dev/null @@ -1,49 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.22.57.50; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Generated by sensors-detect on Wed Dec 1 23:57:50 2010 -# This file is sourced by /etc/init.d/lm_sensors and defines the modules to -# be loaded/unloaded. -# -# The format of this file is a shell script that simply defines variables: -# HWMON_MODULES for hardware monitoring driver modules, and optionally -# BUS_MODULES for any required bus driver module (for example for I2C or SPI). - -# Load modules at startup -LOADMODULES=yes - -# Initialize sensors at startup -INITSENSORS=yes - -HWMON_MODULES="w83627ehf" - -# For compatibility reasons, modules are also listed individually as variables -# MODULE_0, MODULE_1, MODULE_2, etc. -# Please note that the numbers in MODULE_X must start at 0 and increase in -# steps of 1. Any number that is missing will make the init script skip the -# rest of the modules. Use MODULE_X_ARGS for arguments. -# -# You should use BUS_MODULES and HWMON_MODULES instead if possible. - -MODULE_0=w83627ehf -@ diff --git a/conf.d/.rcs/local.start,v b/conf.d/.rcs/local.start,v deleted file mode 100644 index b403c9f..0000000 --- a/conf.d/.rcs/local.start,v +++ /dev/null @@ -1,35 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.07.06.20.56.22; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/local.start - -# This is a good place to load any misc programs -# on startup (use &>/dev/null to hide output) - -echo "Setze Standard-Route IPv6 via fe80::1 dev eth0" -/sbin/ip -6 route add default via fe80::1 dev eth0 - -echo "Sende Mail wegen Boot ..." -echo "Server `hostname` wird '`date`' gebootet" | /usr/bin/mailx -s "Boot von `hostname`" root@@localhost - -@ diff --git a/conf.d/.rcs/local.stop,v b/conf.d/.rcs/local.stop,v deleted file mode 100644 index bad247f..0000000 --- a/conf.d/.rcs/local.stop,v +++ /dev/null @@ -1,40 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.07.06.20.54.37; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/local.stop - -# This is a good place to unload any misc. -# programs you started above. -# For example, if you are using OSS and have -# "/usr/local/bin/soundon" above, put -# "/usr/local/bin/soundoff" here. - -echo "Sende Mail wegen Shutdown ..." -echo "Server `hostname` wird '`date`' ordentlich heruntergefahren" | /usr/bin/mailx -s "Shutdown von `hostname`" root@@localhost - -echo -echo "Warte 5 Sekunden ..." -echo -sleep 5 - -@ diff --git a/conf.d/.rcs/lvm,v b/conf.d/.rcs/lvm,v deleted file mode 100644 index adab529..0000000 --- a/conf.d/.rcs/lvm,v +++ /dev/null @@ -1,29 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.17.49.08; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# LVM should normally only be started after mdraid is available -# this is because LVM physical volumes are very often MD devices. -RC_AFTER="mdraid" - -# vim: ft=gentoo-conf-d -@ diff --git a/conf.d/.rcs/mdadm,v b/conf.d/.rcs/mdadm,v deleted file mode 100644 index 6d3f36c..0000000 --- a/conf.d/.rcs/mdadm,v +++ /dev/null @@ -1,31 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.17.47.44; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/mdadm: config file for /etc/init.d/mdadm - -# Misc options to pass to mdadm in monitor mode. -# For more info, run `mdadm --monitor --help` or see -# the mdadm(8) manpage. - -MDADM_OPTS="--syslog" -@ diff --git a/conf.d/.rcs/mdraid,v b/conf.d/.rcs/mdraid,v deleted file mode 100644 index c3b7118..0000000 --- a/conf.d/.rcs/mdraid,v +++ /dev/null @@ -1,29 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.17.47.44; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/mdraid: config file for /etc/init.d/mdraid - -# For people who run raid on top of some other layer (like -# dmcrypt), use rc_need to specify that requirement. See -# the runscript(8) man page for more information. -@ diff --git a/conf.d/.rcs/mysql,v b/conf.d/.rcs/mysql,v deleted file mode 100644 index cfbfde7..0000000 --- a/conf.d/.rcs/mysql,v +++ /dev/null @@ -1,104 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.06.29.11; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Here is where we define which server(s) to start. -# Additional parameters to be passed to mysqld at startup may be added here, -# which will override the ones in "my.cnf". -# -# Below are described some suggested parameters to use. -# The parameters not recognized will be passed through to the mysqld daemon -# directly! -# To avoid starting a server just comment it's definition. -# -# Last but not least, SPACES are NOT allowed inside the parameters! -# -# Parameter : description -# ----------------+----------------------------------------------------------- -# nice : integer [-20 .. 19 ] default 0 -# : change the priority of the server -20 (high) to 19 (low) -# : see "man nice 1" for description -# ----------------+----------------------------------------------------------- -# mycnf : string [full path to my.cnf] -# : specify the path to my.cnf file to be used -# ----------------+----------------------------------------------------------- -# startup_timeout : integer [seconds] default 15 -# : time to wait for mysqld up and running, after this it's -# : marked as failed -# ----------------+----------------------------------------------------------- -# -# Additional parameters -# Parameter : description -# ----------------+----------------------------------------------------------- -# server-id : integer [1 .. 255] -# : Uniquely identifies the server instance in the community -# : of replication partners. -# ----------------+----------------------------------------------------------- -# port : integer [1025 .. 65535] default 3306 -# : Port number to use for connection. -# : Looses any meaning if skip-networking is set. -# ----------------+----------------------------------------------------------- -# skip-networking : NULL -# : Don't allow connection through TCP/IP. -# ----------------+----------------------------------------------------------- -# log-bin : string [name of the binlog files] -# : Log update queries in binary format. Optional (but -# : strongly recommended to avoid replication problems if -# : server's hostname changes) argument should be the chosen -# : location for the binary log files. -# ----------------+----------------------------------------------------------- -# Additionally the following variables are recognized: -# -# Be more verbose, accepts values from 1 to 4 -#DEBUG=4 -# -# The default location for the "master" pid file -#MYSQL_GLOB_PID_FILE="/var/run/svc-started-mysqld" -# -# The timeout for a failed attempt to stop a server -#STOPTIMEOUT=120 -# - -# The parameters are passed in a bash array variable, -# the variable name is mysql_slot_0_[server-num] -# "server-num" is an optional number used to start multiple servers -# -# Examples: -# -# start a default server with default options: -#mysql_slot_0=() -# -# start MySQL reniced, overriding some start parameters -#mysql_slot_0=( -# "nice=-5" -# "server-id=123" -# "log-bin="myhost" -# "port=3307" -#) -# -# start another server, different my.cnf -#mysql_slot_0_1=( -# "mycnf=/home/test/my.cnf" -# "server-id=124" -#) -# -@ diff --git a/conf.d/.rcs/mysqlmanager,v b/conf.d/.rcs/mysqlmanager,v deleted file mode 100644 index ceeb2f0..0000000 --- a/conf.d/.rcs/mysqlmanager,v +++ /dev/null @@ -1,52 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.06.29.11; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Here is where we define which server(s) to start. -# Additional parameters to be passed to mysqlmanager at startup may be added here, -# which will override the ones in "my.cnf". -# -# To avoid starting a server just comment it's definition -# here or it will rant (no default start). -# Last but not least, spaces are NOT allowed inside the parameters! -# -# Below are described some suggested parameters to use. -# The parameters not recognized will be passed through to the mysqlmanager directly. -# -# Parameter : description - -# ----------------+----------------------------------------------------------- -# mycnf : string [full path to my.cnf] -# : specify the path to my.cnf file to be used -# : may contain a [manager] section -# ----------------+----------------------------------------------------------- -# -# Basic default -# -#mysqlmanager_slot_0=() -# -# Start MySQL 5.0.X overriding the my.cnf path -#mysqlmanager_slot_500=( -# "mycnf=/home/test/my.cnf" -#) -# -@ diff --git a/conf.d/.rcs/nagios,v b/conf.d/.rcs/nagios,v deleted file mode 100644 index 057f758..0000000 --- a/conf.d/.rcs/nagios,v +++ /dev/null @@ -1,34 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.11.49.07; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-core/files/conf.d,v 1.1 2004/08/20 13:38:13 eldad Exp $ - -# Distributed monitoring users will want to configure here the ip/hostname of the central server. -# It will be used by submit_check_result_via_nsca. -NAGIOS_NSCA_HOST="localhost" - - - -@ diff --git a/conf.d/.rcs/named,v b/conf.d/.rcs/named,v deleted file mode 100644 index cec8e61..0000000 --- a/conf.d/.rcs/named,v +++ /dev/null @@ -1,50 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.22.05.00; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Set various named options here. -# -OPTIONS="" - -# Set this to the number of processors you want bind to use. -# Leave this unchanged if you want bind to automatically detect the number -#CPU="1" - -# If you wish to run bind in a chroot: -# 1) un-comment the CHROOT= assignment, below. You may use -# a different chroot directory but MAKE SURE it's empty. -# 2) run: emerge --config = -# -# CHROOT="/chroot/dns" - -# RNDC needs to be told what server we're using sometimes. -#SERVER="-s 127.0.0.1" -# rndc key to use -RNDC_KEY="${CHROOT}/etc/bind/rndc.key" - -# Default pid file location -PIDFILE="${CHROOT}/var/run/named/named.pid" - -# Scheduling priority: 19 is the lowest and -20 is the highest. -# -NAMED_NICELEVEL="0" -@ diff --git a/conf.d/.rcs/net,v b/conf.d/.rcs/net,v deleted file mode 100644 index 5fb46d2..0000000 --- a/conf.d/.rcs/net,v +++ /dev/null @@ -1,58 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.19.09.20.15; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# This blank configuration will automatically use DHCP for any net.* -# scripts in /etc/init.d. To create a more complete configuration, -# please review /etc/conf.d/net.example and save your configuration -# in /etc/conf.d/net (this file :]!). - -dns_domain_lo="brehm-online.com" -dns_servers_lo="127.0.0.1 81.169.163.106 85.214.7.22" -dns_search_lo="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" - -config_eth0=( - "85.214.134.152/32 brd 85.214.134.152" - "2a01:238:4225:6e00:8f8c:808a:7fb8:88df/128" -) - -#routes_eth0=( -# "default via 192.168.0.1" # IPv4 default route -# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route -# "::/0" # IPv6 unicast -#) - -# 85.214.128.1 dev eth0 scope link -# 169.254.0.0/16 dev eth0 scope link -# default via 85.214.128.1 dev eth0 - -routes_eth0=( - "85.214.128.1 dev eth0 scope link" - "169.254.0.0/16 dev eth0 scope link" - "default via 85.214.128.1" -) -# "-family inet6 default via fe80::1 dev eth0" - -dns_domain_eth0="brehm-online.com" -dns_servers_eth0="127.0.0.1 81.169.163.106 85.214.7.22" -dns_search_eth0="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" -@ diff --git a/conf.d/.rcs/net.example,v b/conf.d/.rcs/net.example,v deleted file mode 100644 index 24ae334..0000000 --- a/conf.d/.rcs/net.example,v +++ /dev/null @@ -1,889 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.18.08.57.19; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@############################################################################## -# QUICK-START -# -# The quickest start is if you want to use DHCP. -# In that case, everything should work out of the box, no configuration -# necessary, though the startup script will warn you that you haven't -# specified anything. - -# WARNING :- some examples have a mixture of IPv4 (ie 192.168.0.1) and IPv6 -# (ie 4321:0:1:2:3:4:567:89ab) internet addresses. They only work if you have -# the relevant kernel option enabled. So if you don't have an IPv6 enabled -# kernel then remove the IPv6 address from your config. - -# If you want to use a static address or use DHCP explicitly, jump -# down to the section labelled INTERFACE HANDLERS. -# -# If you want to do anything more fancy, you should take the time to -# read through the rest of this file. - -############################################################################## -# MODULES -# -# We now support modular networking scripts which means we can easily -# add support for new interface types and modules while keeping -# compatability with existing ones. -# -# Modules load by default if the package they need is installed. If -# you specify a module here that doesn't have it's package installed -# then you get an error stating which package you need to install. -# Ideally, you only use the modules setting when you have two or more -# packages installed that supply the same service. -# -# In other words, you probably should DO NOTHING HERE... - -# Prefer ifconfig over iproute2 -#modules=( "ifconfig" ) - -# You can also specify other modules for an interface -# In this case we prefer udhcpc over dhcpcd -#modules_eth0=( "udhcpc" ) - -# You can also specify which modules not to use - for example you may be -# using a supplicant or linux-wlan-ng to control wireless configuration but -# you still want to configure network settings per ESSID associated with. -#modules=( "!iwconfig" "!wpa_supplicant" ) -# IMPORTANT: If you need the above, please disable modules in that order - - -############################################################################## -# INTERFACE HANDLERS -# -# We provide two interface handlers presently: ifconfig and iproute2. -# You need one of these to do any kind of network configuration. -# For ifconfig support, emerge sys-apps/net-tools -# For iproute2 support, emerge sys-apps/iproute2 - -# If you don't specify an interface then we prefer iproute2 if it's installed -# To prefer ifconfig over iproute2 -#modules=( "ifconfig" ) - -# For a static configuration, use something like this -# (They all do exactly the same thing btw) -#config_eth0=( "192.168.0.2/24" ) -#config_eth0=( "192.168.0.2 netmask 255.255.255.0" ) - -# We can also specify a broadcast -#config_eth0=( "192.168.0.2/24 brd 192.168.0.255" ) -#config_eth0=( "192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255" ) - -# If you need more than one address, you can use something like this -# NOTE: ifconfig creates an aliased device for each extra IPv4 address -# (eth0:1, eth0:2, etc) -# iproute2 does not do this as there is no need to -#config_eth0=( -# "192.168.0.2/24" -# "192.168.0.3/24" -# "192.168.0.4/24" -#) -# Or you can use sequence expressions -#config_eth0=( "192.168.0.{2..4}/24" ) -# which does the same as above. Be careful though as if you use this and -# fallbacks, you have to ensure that both end up with the same number of -# values otherwise your fallback won't work correctly. - -# You can also use IPv6 addresses -# (you should always specify a prefix length with IPv6 here) -#config_eth0=( -# "192.168.0.2/24" -# "4321:0:1:2:3:4:567:89ab/64" -# "4321:0:1:2:3:4:567:89ac/64" -#) - -# If you wish to keep existing addresses + routing and the interface is up, -# you can specify a noop (no operation). If the interface is down or there -# are no addresses assigned, then we move onto the next step (default dhcp) -# This is useful when configuring your interface with a kernel command line -# or similar -#config_eth0=( "noop" "192.168.0.2/24" ) - -# If you don't want ANY address (only useful when calling for advanced stuff) -#config_eth0=( "null" ) - -# Here's how to do routing if you need it -#routes_eth0=( -# "default via 192.168.0.1" # IPv4 default route -# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route -# "::/0" # IPv6 unicast -#) - -# If a specified module fails (like dhcp - see below), you can specify a -# fallback like so -#fallback_eth0=( "192.168.0.2 netmask 255.255.255.0" ) -#fallback_route_eth0=( "default via 192.168.0.1" ) - -# NOTE: fallback entry must match the entry location in config_eth0 -# As such you can only have one fallback route. - -# Some users may need to alter the MTU - here's how -#mtu_eth0="1500" - -# Each module described below can set a default base metric, lower is -# preferred over higher. This is so we can prefer a wired route over a -# wireless route automaticaly. You can override this by setting -#metric_eth0="100" -# or on a global basis -#metric="100" -# The only downside of the global setting is that you have to ensure that -# there are no conflicting routes yourself. For users with large routing -# tables you may have to set a global metric as the due to a simple read of -# the routing table taking over a minute at a time. - -############################################################################## -# OPTIONAL MODULES - -# INTERFACE RENAMING -# There is no consistent device renaming scheme for Linux. -# The preferred way of naming devices is via the kernel module directly or -# by using udev (http://www.reactivated.net/udevrules.php) - -# If you are unable to write udev rules, then we do provide a way of renaming -# the interface based on it's MAC address, but it is not optimal. -# Here is how to rename an interface whose MAC address is 00:11:22:33:44:55 -# to foo1 -#rename_001122334455="foo1" - -# You can also do this based on current device name - although this is not -# recommended. Here we rename eth1 to foo2. -#rename_eth1="foo2" - -#----------------------------------------------------------------------------- -# WIRELESS (802.11 support) -# Wireless can be provided by iwconfig or wpa_supplicant - -# iwconfig -# emerge net-wireless/wireless-tools -# Wireless options are held in /etc/conf.d/wireless - but could be here too -# Consult the sample file /etc/conf.d/wireless.example for instructions -# iwconfig is the default - -# wpa_supplicant -# emerge net-wireless/wpa_supplicant -# Wireless options are held in /etc/wpa_supplicant/wpa_supplicant.conf -# Consult the wpa_supplicant.conf.example that is installed in -# /usr/share/doc/wpa_supplicant -# To choose wpa_supplicant over iwconfig -#modules=( "wpa_supplicant" ) -# To configure wpa_supplicant -#wpa_supplicant_eth0="-Dwext" # For generic wireless -#wpa_supplicant_ath0="-Dmadwifi" # For Atheros based cards -# Consult wpa_supplicant for more drivers -# By default don't wait for wpa_suppliant to associate and authenticate. -# If you would like to, so can specify how long in seconds -#associate_timeout_eth0=60 -# A value of 0 means wait forever. - -# GENERIC WIRELESS OPTIONS -# PLEASE READ THE INSTRUCTIONS IN /etc/conf.d/wireless.example FOR -# HOW TO USE THIS ESSID VARIABLE -# You can also override any settings found here per ESSID - which is very -# handy if you use different networks a lot -#config_ESSID=( "dhcp" ) -#dhcpcd_ESSID="-t 5" - -# Setting name/domain server causes /etc/resolv.conf to be overwritten -# Note that if DHCP is used, and you want this to take precedence then -# set dhcp_ESSID="nodns" -#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) -#dns_domain_ESSID="some.domain" -#dns_search_ESSID="search.this.domain search.that.domain" -# Please check the man page for resolv.conf for more information -# as domain and search are mutually exclusive. - -# You can also override any settings found here per MAC address of the AP -# in case you use Access Points with the same ESSID but need different -# networking configs. Below is an example - of course you use the same -# method with other variables -#mac_config_001122334455=( "dhcp" ) -#mac_dhcpcd_001122334455="-t 10" -#mac_dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) - -# When an interface has been associated with an Access Point, a global -# variable called ESSID is set to the Access Point's ESSID for use in the -# pre/post user functions below (although it's not available in preup as you -# won't have associated then) - -# If you're using anything else to configure wireless on your interface AND -# you have installed any of the above packages, you need to disable them -#modules=( "!iwconfig" "!wpa_supplicant" ) - -#----------------------------------------------------------------------------- -# DHCP -# DHCP can be provided by dhclient, dhcpcd, pump or udhcpc. -# -# dhclient: emerge net-misc/dhcp -# dhcpcd: emerge net-misc/dhcpcd -# pump: emerge net-misc/pump -# udhcpc: emerge net-misc/udhcp - -# If you have more than one DHCP client installed, you need to specify which -# one to use - otherwise we default to dhcpcd if available. -#modules=( "dhclient" ) # to select dhclient over dhcpcd -# -# Notes: -# - All clients send the current hostname to the DHCP server by default -# - dhcpcd does not daemonize when the lease time is infinite -# - udhcp-0.9.3-r3 and earlier do not support getting NTP servers -# - pump does not support getting NIS servers -# - DHCP tends to erase any existing device information - so add -# static addresses after dhcp if you need them -# - dhclient and udhcpc can set other resolv.conf options such as "option" -# and "sortlist"- see the System module for more details - -# Regardless of which DHCP client you prefer, you configure them the -# same way using one of following depending on which interface modules -# you're using. -#config_eth0=( "dhcp" ) - -# For passing custom options to dhcpcd use something like the following. This -# example reduces the timeout for retrieving an address from 60 seconds (the -# default) to 10 seconds. -#dhcpcd_eth0="-t 10" - -# dhclient, udhcpc and pump don't have many runtime options -# You can pass options to them in a similar manner to dhcpcd though -#dhclient_eth0="..." -#udhcpc_eth0="..." -#pump_eth0="..." - -# GENERIC DHCP OPTIONS -# Set generic DHCP options like so -#dhcp_eth0="release nodns nontp nonis nogateway nosendhost" - -# This tells the dhcp client to release it's lease when it stops, not to -# overwrite dns, ntp and nis settings, not to set a default route and not to -# send the current hostname to the dhcp server and when it starts. -# You can use any combination of the above options - the default is not to -# use any of them. - -#----------------------------------------------------------------------------- -# For APIPA support, emerge net-misc/iputils or net-analyzer/arping - -# APIPA is a module that tries to find a free address in the range -# 169.254.0.0-169.254.255.255 by arping a random address in that range on the -# interface. If no reply is found then we assign that address to the interface - -# This is only useful for LANs where there is no DHCP server and you don't -# connect directly to the internet. -#config_eth0=( "dhcp" ) -#fallback_eth0=( "apipa" ) - -#----------------------------------------------------------------------------- -# ARPING Gateway configuration -# and -# Automatic Private IP Addressing (APIPA) -# For arpingnet / apipa support, emerge net-misc/iputils or net-analyzer/arping -# -# This is a module that tries to find a gateway IP. If it exists then we use -# that gateways configuration for our own. For the configuration variables -# simply ensure that each octet is zero padded and the dots are removed. -# Below is an example. -# -#gateways_eth0="192.168.0.1 10.0.0.1" -#config_192168000001=( "192.168.0.2/24" ) -#routes_192168000001=( "default via 192.168.0.1" ) -#dns_servers_192168000001=( "192.168.0.1" ) -#config_010000000001=( "10.0.0.254/8" ) -#routes_010000000001=( "default via 10.0.0.1" ) -#dns_servers_010000000001=( "10.0.0.1" ) - -# We can also specify a specific MAC address for each gateway if different -# networks have the same gateway. -#gateways_eth0="192.168.0.1,00:11:22:AA:BB:CC 10.0.0.1,33:44:55:DD:EE:FF" -#config_192168000001_001122AABBCC=( "192.168.0.2/24" ) -#routes_192168000001_001122AABBCC=( "default via 192.168.0.1" ) -#dns_servers_192168000001_001122AABBCC=( "192.168.0.1" ) -#config_010000000001_334455DDEEFF=( "10.0.0.254/8" ) -#routes_010000000001_334455DDEEFF=( "default via 10.0.0.1" ) -#dns_servers_010000000001_334455DDEEFF=( "10.0.0.1" ) - -# If we don't find any gateways (or there are none configured) then we try and -# use APIPA to find a free address in the range 169.254.0.0-169.254.255.255 -# by arping a random address in that range on the interface. If no reply is -# found then we assign that address to the interface. - -# This is only useful for LANs where there is no DHCP server. -#config_eth0=( "arping" ) - -# or if no DHCP server can be found -#config_eth0=( "dhcp" ) -#fallback_eth0=( "arping" ) - -# NOTE: We default to sleeping for 1 second the first time we attempt an -# arping to give the interface time to settle on the LAN. This appears to -# be a good default for most instances, but if not you can alter it here. -#arping_sleep=5 -#arping_sleep_lan=7 - -# NOTE: We default to waiting 3 seconds to get an arping response. You can -# change the default wait like so. -#arping_wait=3 -#arping_wait_lan=2 - -#----------------------------------------------------------------------------- -# VLAN (802.1q support) -# For VLAN support, emerge net-misc/vconfig - -# Specify the VLAN numbers for the interface like so -# Please ensure your VLAN IDs are NOT zero-padded -#vlans_eth0="1 2" - -# You may not want to assign an IP the the physical interface, but we still -# need it up. -#config_eth0=( "null" ) - -# You can also configure the VLAN - see for vconfig man page for more details -#vconfig_eth0=( "set_name_type VLAN_PLUS_VID_NO_PAD" ) -#vconfig_vlan1=( "set_flag 1" "set_egress_map 2 6" ) -#config_vlan1=( "172.16.3.1 netmask 255.255.254.0" ) -#config_vlan2=( "172.16.2.1 netmask 255.255.254.0" ) - -# NOTE: Vlans can be configured with a . in their interface names -# When configuring vlans with this name type, you need to replace . with a _ -#config_eth0.1=( "dhcp" ) - does not work -#config_eth0_1=( "dhcp" ) - does work - -# NOTE: Vlans are controlled by their physical interface and not per vlan -# This means you do not need to create init scripts in /etc/init.d for each -# vlan, you must need to create one for the physical interface. -# If you wish to control the configuration of each vlan through a separate -# script, or wish to rename the vlan interface to something that vconfig -# cannot then you need to do this. -#vlan_start_eth0="no" - -# If you do the above then you may want to depend on eth0 like so -# RC_NEED_vlan1="net.eth0" -# NOTE: depend functions only work in /etc/conf.d/net -# and not in profile configs such as /etc/conf.d/net.foo - -#----------------------------------------------------------------------------- -# Bonding -# For link bonding/trunking emerge net-misc/ifenslave - -# To bond interfaces together -#slaves_bond0="eth0 eth1 eth2" -#config_bond0=( "null" ) # You may not want to assign an IP the the bond - -# If any of the slaves require extra configuration - for example wireless or -# ppp devices - we need to depend function on the bonded interfaces -#RC_NEED_bond0="net.eth0 net.eth1" - - -#----------------------------------------------------------------------------- -# Classical IP over ATM -# For CLIP support emerge net-dialup/linux-atm - -# Ensure that you have /etc/atmsigd.conf setup correctly -# Now setup each clip interface like so -#clip_atm0=( "peer_ip [if.]vpi.vci [opts]" ... ) -# where "peer_ip" is the IP address of a PVC peer (in case of an ATM connection -# with your ISP, your only peer is usually the ISP gateway closest to you), -# "if" is the number of the ATM interface which will carry the PVC, "vpi.vci" -# is the ATM VC address, and "opts" may optionally specify VC parameters like -# qos, pcr, and the like (see "atmarp -s" for further reference). Please also -# note quoting: it is meant to distinguish the VCs you want to create. You may, -# in example, create an atm0 interface to more peers, like this: -#clip_atm0=( "1.1.1.254 0.8.35" "1.1.1.253 1.8.35" ) - -# By default, the PVC will use the LLC/SNAP encapsulation. If you rather need a -# null encapsulation (aka "VC mode"), please add the keyword "null" to opts. - - -#----------------------------------------------------------------------------- -# PPP -# For PPP support, emerge net-dialup/ppp -# PPP is used for most dialup connections, including ADSL. -# The older ADSL module is documented below, but you are encouraged to try -# this module first. -# -# You need to create the PPP net script yourself. Make it like so -#ln -s net.lo /etc/init.d/net.ppp0 -# -# We have to instruct ppp0 to actually use ppp -#config_ppp0=( "ppp" ) -# -# Each PPP interface requires an interface to use as a "Link" -#link_ppp0="/dev/ttyS0" # Most PPP links will use a serial port -#link_ppp0="eth0" # PPPoE requires an ethernet interface -#link_ppp0="[itf.]vpi.vci" # PPPoA requires the ATM VC's address -#link_ppp0="/dev/null" # ISDN links should have this -#link_ppp0="pty 'your_link_command'" # PPP links over ssh, rsh, etc -# -# Here you should specify what pppd plugins you want to use -# Available plugins are: pppoe, pppoa, capi, dhcpc, minconn, radius, -# radattr, radrealms and winbind -#plugins_ppp0=( -# "pppoe" # Required plugin for PPPoE -# "pppoa vc-encaps" # Required plugin for PPPoA with an option -# "capi" # Required plugin for ISDN -#) -# -# PPP requires at least a username. You can optionally set a password here too -# If you don't, then it will use the password specified in /etc/ppp/*-secrets -# against the specified username -#username_ppp0='user' -#password_ppp0='password' -# NOTE: You can set a blank password like so -#password_ppp0= -# -# The PPP daemon has many options you can specify - although there are many -# and may seem daunting, it is recommended that you read the pppd man page -# before enabling any of them -#pppd_ppp0=( -# "maxfail 0" # WARNING: It's not recommended you use this -# # if you don't specify maxfail then we assume 0 -# "updetach" # If not set, "/etc/init.d/net.ppp0 start" will return -# # immediately, without waiting the link to come up -# # for the first time. -# # Do not use it for dial-on-demand links! -# "debug" # Enables syslog debugging -# "noauth" # Do not require the peer to authenticate itself -# "defaultroute" # Make this PPP interface the default route -# "usepeerdns" # Use the DNS settings provided by PPP -# -# On demand options -# "demand" # Enable dial on demand -# "idle 30" # Link goes down after 30 seconds of inactivity -# "10.112.112.112:10.112.112.113" # Phony IP addresses -# "ipcp-accept-remote" # Accept the peers idea of remote address -# "ipcp-accept-local" # Accept the peers idea of local address -# "holdoff 3" # Wait 3 seconds after link dies before re-starting -# -# Dead peer detection -# "lcp-echo-interval 15" # Send a LCP echo every 15 seconds -# "lcp-echo-failure 3" # Make peer dead after 3 consective -# # echo-requests -# -# Compression options - use these to completely disable compression -# noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp -# -# Dial-up settings -# "lock" # Lock serial port -# "115200" # Set the serial port baud rate -# "modem crtscts" # Enable hardware flow control -# "192.168.0.1:192.168.0.2" # Local and remote IP addresses -#) -# -# Dial-up PPP users need to specify at least one telephone number -#phone_number_ppp0=( "12345689" ) # Maximum 2 phone numbers are supported -# They will also need a chat script - here's a good one -#chat_ppp0=( -# 'ABORT' 'BUSY' -# 'ABORT' 'ERROR' -# 'ABORT' 'NO ANSWER' -# 'ABORT' 'NO CARRIER' -# 'ABORT' 'NO DIALTONE' -# 'ABORT' 'Invalid Login' -# 'ABORT' 'Login incorrect' -# 'TIMEOUT' '5' -# '' 'ATZ' -# 'OK' 'AT' # Put your modem initialization string here -# 'OK' 'ATDT\T' -# 'TIMEOUT' '60' -# 'CONNECT' '' -# 'TIMEOUT' '5' -# '~--' '' -#) - -# If the link require extra configuration - for example wireless or -# RFC 268 bridge - we need to depend on the bridge so they get -# configured correctly. -#RC_NEED_ppp0="net.nas0" - -#WARNING: if MTU of the PPP interface is less than 1500 and you use this -#machine as a router, you should add the following rule to your firewall -# -#iptables -I FORWARD 1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu - -#----------------------------------------------------------------------------- -# ADSL -# For ADSL support, emerge net-dialup/rp-pppoe -# WARNING: This ADSL module is being deprecated in favour of the PPP module -# above. -# You should make the following settings and also put your -# username/password information in /etc/ppp/pap-secrets - -# Configure the interface to use ADSL -#config_eth0=( "adsl" ) - -# You probably won't need to edit /etc/ppp/pppoe.conf if you set this -#adsl_user_eth0="my-adsl-username" - -#----------------------------------------------------------------------------- -# ISDN -# For ISDN support, emerge net-dialup/isdn4k-utils -# You should make the following settings and also put your -# username/password information in /etc/ppp/pap-secrets - -# Configure the interface to use ISDN -#config_ippp0=( "dhcp" ) -# It's important to specify dhcp if you need it! -#config_ippp0=( "192.168.0.1/24" ) -# Otherwise, you can use a static IP - -# NOTE: The interface name must be either ippp or isdn followed by a number - -# You may need this option to set the default route -#ipppd_eth0="defaultroute" - -#----------------------------------------------------------------------------- -# MAC changer -# To set a specific MAC address -#mac_eth0="00:11:22:33:44:55" - -# For changing MAC addresses using the below, emerge net-analyzer/macchanger -# - to randomize the last 3 bytes only -#mac_eth0="random-ending" -# - to randomize between the same physical type of connection (e.g. fibre, -# copper, wireless) , all vendors -#mac_eth0="random-samekind" -# - to randomize between any physical type of connection (e.g. fibre, copper, -# wireless) , all vendors -#mac_eth0="random-anykind" -# - full randomization - WARNING: some MAC addresses generated by this may NOT -# act as expected -#mac_eth0="random-full" -# custom - passes all parameters directly to net-analyzer/macchanger -#mac_eth0="some custom set of parameters" - -# You can also set other options based on the MAC address of your network card -# Handy if you use different docking stations with laptops -#config_001122334455=( "dhcp" ) - -#----------------------------------------------------------------------------- -# TUN/TAP -# For TUN/TAP support emerge net-misc/openvpn or sys-apps/usermode-utilities -# -# You must specify if we're a tun or tap device. Then you can give it any -# name you like - such as vpn -#tuntap_vpn="tun" -#config_vpn=( "192.168.0.1/24") - -# Or stick wit the generic names - like tap0 -#tuntap_tap0="tap" -#config_tap0=( "192.168.0.1/24") - -# For passing custom options to tunctl use something like the following. This -# example sets the owner to adm -#tunctl_tun1="-u adm" -# When using openvpn, there are no options - -#----------------------------------------------------------------------------- -# Bridging (802.1d) -# For bridging support emerge net-misc/bridge-utils - -# To add ports to bridge br0 -#bridge_br0="eth0 eth1" -# or dynamically add them when the interface comes up -#bridge_add_eth0="br0" -#bridge_add_eth1="br0" - -# You need to configure the ports to null values so dhcp does not get started -#config_eth0=( "null" ) -#config_eth1=( "null" ) - -# Finally give the bridge an address - dhcp or a static IP -#config_br0=( "dhcp" ) # may not work when adding ports dynamically -#config_br0=( "192.168.0.1/24" ) - -# If any of the ports require extra configuration - for example wireless or -# ppp devices - we need to depend on them like so. -#RC_NEED_br0="net.eth0 net.eth1" - -# Below is an example of configuring the bridge -# Consult "man brctl" for more details -#brctl_br0=( "setfd 0" "sethello 0" "stp off" ) - -#----------------------------------------------------------------------------- -# RFC 2684 Bridge Support -# For RFC 2684 bridge support emerge net-misc/br2684ctl - -# Interface names have to be of the form nas0, nas1, nas2, etc. -# You have to specify a VPI and VCI for the interface like so -#br2684ctl_nas0="-a 0.38" # UK VPI and VCI - -# You may want to configure the encapsulation method as well by adding the -e -# option to the command above (may need to be before the -a command) -# -e 0 # LLC (default) -# -e 1 # VC mux - -# Then you can configure the interface as normal -#config_nas0=( "192.168.0.1/24" ) - -#----------------------------------------------------------------------------- -# Tunnelling -# WARNING: For tunnelling it is highly recommended that you -# emerge sys-apps/iproute2 -# -# For GRE tunnels -#iptunnel_vpn0="mode gre remote 207.170.82.1 key 0xffffffff ttl 255" - -# For IPIP tunnels -#iptunnel_vpn0="mode ipip remote 207.170.82.2 ttl 255" - -# To configure the interface -#config_vpn0=( "192.168.0.2 pointopoint 192.168.1.2" ) # ifconfig style -#config_vpn0=( "192.168.0.2 peer 192.168.1.1" ) # iproute2 style - -# 6to4 Tunnels allow IPv6 to work over IPv4 addresses, provided you -# have a non-private address configured on an interface. -# link_6to4="eth0" # Interface to base it's addresses on -# config_6to4=( "ip6to4" ) -# You may want to depend on eth0 like so -#RC_NEED_6to4="net.eth0" -# To ensure that eth0 is configured before 6to4. Of course, the tunnel could be -# any name and this also works for any configured interface. -# NOTE: If you're not using iproute2 then your 6to4 tunnel has to be called -# sit0 - otherwise use a different name like 6to4 in the example above. - - -#----------------------------------------------------------------------------- -# System -# For configuring system specifics such as domain, dns, ntp and nis servers -# It's rare that you would need todo this, but you can anyway. -# This is most benefit to wireless users who don't use DHCP so they can change -# their configs based on ESSID. See wireless.example for more details - -# To use dns settings such as these, dns_servers_eth0 must be set! -# If you omit the _eth0 suffix, then it applies to all interfaces unless -# overridden by the interface suffix. -#dns_domain_eth0="your.domain" -#dns_servers_eth0="192.168.0.2 192.168.0.3" -#dns_search_eth0="this.domain that.domain" -#dns_options_eth0=( "timeout 1" "rotate" ) -#dns_sortlist_eth0="130.155.160.0/255.255.240.0 130.155.0.0" -# See the man page for resolv.conf for details about the options and sortlist -# directives - -#ntp_servers_eth0="192.168.0.2 192.168.0.3" - -#nis_domain_eth0="domain" -#nis_servers_eth0="192.168.0.2 192.168.0.3" - -# NOTE: Setting any of these will stamp on the files in question. So if you -# don't specify dns_servers but you do specify dns_domain then no nameservers -# will be listed in /etc/resolv.conf even if there were any there to start -# with. -# If this is an issue for you then maybe you should look into a resolv.conf -# manager like resolvconf-gentoo to manage this file for you. All packages -# that baselayout supports use resolvconf-gentoo if installed. - -#----------------------------------------------------------------------------- -# Cable in/out detection -# Sometimes the cable is in, others it's out. Obviously you don't want to -# restart net.eth0 every time when you plug it in either. -# -# netplug is a package that detects this and requires no extra configuration -# on your part. -# emerge sys-apps/netplug -# or -# emerge sys-apps/ifplugd -# and you're done :) - -# By default we don't wait for netplug/ifplugd to configure the interface. -# If you would like it to wait so that other services now that network is up -# then you can specify a timeout here. -#plug_timeout="10" -# A value of 0 means wait forever. - -# If you don't want to use netplug on a specific interface but you have it -# installed, you can disable it for that interface via the modules statement -#modules_eth0=( "!netplug" ) -# You can do the same for ifplugd -# -# You can disable them both with the generic plug -#modules_eth0=( "!plug" ) - -# To use specific ifplugd options, fex specifying wireless mode -#ifplugd_eth0="--api-mode=wlan" -# man ifplugd for more options - -############################################################################## -# ADVANCED CONFIGURATION -# -# Four functions can be defined which will be called surrounding the -# start/stop operations. The functions are called with the interface -# name first so that one function can control multiple adapters. An extra two -# functions can be defined when an interface fails to start or stop. -# -# The return values for the preup and predown functions should be 0 -# (success) to indicate that configuration or deconfiguration of the -# interface can continue. If preup returns a non-zero value, then -# interface configuration will be aborted. If predown returns a -# non-zero value, then the interface will not be allowed to continue -# deconfiguration. -# -# The return values for the postup, postdown, failup and faildown functions are -# ignored since there's nothing to do if they indicate failure. -# -# ${IFACE} is set to the interface being brought up/down -# ${IFVAR} is ${IFACE} converted to variable name bash allows - -#preup() { -# # Test for link on the interface prior to bringing it up. This -# # only works on some network adapters and requires the mii-diag -# # package to be installed. -# if mii-tool "${IFACE}" 2> /dev/null | grep -q 'no link'; then -# ewarn "No link on ${IFACE}, aborting configuration" -# return 1 -# fi -# -# # Test for link on the interface prior to bringing it up. This -# # only works on some network adapters and requires the ethtool -# # package to be installed. -# if ethtool "${IFACE}" | grep -q 'Link detected: no'; then -# ewarn "No link on ${IFACE}, aborting configuration" -# return 1 -# fi -# -# -# # Remember to return 0 on success -# return 0 -#} - -#predown() { -# # The default in the script is to test for NFS root and disallow -# # downing interfaces in that case. Note that if you specify a -# # predown() function you will override that logic. Here it is, in -# # case you still want it... -# if is_net_fs /; then -# eerror "root filesystem is network mounted -- can't stop ${IFACE}" -# return 1 -# fi -# -# # Remember to return 0 on success -# return 0 -#} - -#postup() { -# # This function could be used, for example, to register with a -# # dynamic DNS service. Another possibility would be to -# # send/receive mail once the interface is brought up. - -# # Here is an example that allows the use of iproute rules -# # which have been configured using the rules_eth0 variable. -# #rules_eth0=( -# # "from 24.80.102.112/32 to 192.168.1.0/24 table localnet priority 100" -# # "from 216.113.223.51/32 to 192.168.1.0/24 table localnet priority 100" -# #) -# local x="rules_${IFVAR}[@@]" -# local -a rules=( "${!x}" ) -# if [[ -n ${rules} ]] ; then -# einfo "Adding IP policy routing rules" -# eindent -# # Ensure that the kernel supports policy routing -# if ! ip rule list | grep -q "^" ; then -# eerror "You need to enable IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES)" -# eerror "in your kernel to use ip rules" -# else -# for x in "${rules[@@]}" ; do -# ebegin "${x}" -# ip rule add ${x} -# eend $? -# done -# fi -# eoutdent -# # Flush the cache -# ip route flush cache dev "${IFACE}" -# fi - -#} - -#postdown() { -# # Enable Wake-On-LAN for every interface except for lo -# # Probably a good idea to set RC_DOWN_INTERFACE="no" in /etc/conf.d/rc -# # as well ;) -# [[ ${IFACE} != "lo" ]] && ethtool -s "${IFACE}" wol g - -# Automatically erase any ip rules created in the example postup above -# if interface_exists "${IFACE}" ; then -# # Remove any rules for this interface -# local rule -# ip rule list | grep " iif ${IFACE}[ ]*" | { -# while read rule ; do -# rule="${rule#*:}" -# ip rule del ${rule} -# done -# } -# # Flush the route cache -# ip route flush cache dev "${IFACE}" -# fi - -# # Return 0 always -# return 0 -#} - -#failup() { -# # This function is mostly here for completeness... I haven't -# # thought of anything nifty to do with it yet ;-) -#} - -#faildown() { -# # This function is mostly here for completeness... I haven't -# # thought of anything nifty to do with it yet ;-) -#} - -############################################################################## -# FORCING MODULES -# The Big Fat Warning :- If you use module forcing do not complain to us or -# file bugs about it not working! -# -# Loading modules is a slow affair - we have to check each one for the following -# 1) Code sanity -# 2) Has the required package been emerged? -# 3) Has it modified anything? -# 4) Have all the dependant modules been loaded? - -# Then we have to strip out the conflicting modules based on user preference -# and default configuration and sort them into the correct order. -# Finally we check the end result for dependencies. - -# This, of course, takes valuable CPU time so we provide module forcing as a -# means to speed things up. We still do *some* checking but not much. - -# It is essential that you force modules in the correct order and supply all -# the modules you need. You must always supply an interface module - we -# supply ifconfig or iproute2. - -# The Big Fat Warning :- If you use module forcing do not complain to us or -# file bugs about it not working! - -# Now that we've warned you twice, here's how to do it -#modules_force=( "ifconfig" ) -#modules_force=( "iproute2" "dhcpcd" ) - -# We can also apply this to a specific interface -#modules_force_eth1=( "iproute2" ) - -# The below will not work -#modules_force=( "dhcpcd" ) -# No interface (ifconfig/iproute2) -#modules_force=( "ifconfig" "essidnet" "iwconfig" ) -# Although it will not crash, essidnet will not work as it has to come after -# iwconfig -#modules_force=( "iproute2" "ifconfig" ) -# The interface will be setup twice which will cause problems -@ diff --git a/conf.d/.rcs/ntp-client,v b/conf.d/.rcs/ntp-client,v deleted file mode 100644 index b814641..0000000 --- a/conf.d/.rcs/ntp-client,v +++ /dev/null @@ -1,40 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.17.14.52; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/ntp-client - -# Command to run to set the clock initially -# Most people should just leave this line alone ... -# however, if you know what you're doing, and you -# want to use ntpd to set the clock, change this to 'ntpd' -NTPCLIENT_CMD="ntpdate" - -# Options to pass to the above command -# This default setting should work fine but you should -# change the default 'pool.ntp.org' to something closer -# to your machine. See http://www.pool.ntp.org/ or -# try running `netselect -s 3 pool.ntp.org`. -NTPCLIENT_OPTS="-s -b -u \ - 0.gentoo.pool.ntp.org 1.gentoo.pool.ntp.org \ - 2.gentoo.pool.ntp.org 3.gentoo.pool.ntp.org" -@ diff --git a/conf.d/.rcs/ntpd,v b/conf.d/.rcs/ntpd,v deleted file mode 100644 index 1e51824..0000000 --- a/conf.d/.rcs/ntpd,v +++ /dev/null @@ -1,30 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.22.12.19; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/ntpd - -# Options to pass to the ntpd process -# Most people should leave this line alone ... -# however, if you know what you're doing, feel free to tweak -NTPD_OPTS="" -@ diff --git a/conf.d/.rcs/pciparm,v b/conf.d/.rcs/pciparm,v deleted file mode 100644 index ebe1197..0000000 --- a/conf.d/.rcs/pciparm,v +++ /dev/null @@ -1,52 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.17.59.02; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# PCI tweaking article: -# http://www.gentoo.org/doc/en/articles/hardware-stability-p2.xml -# -# Apply to all devices: -# PCIPARM_ALL="...." -# Cards also can be addressed by vid:pid or by bus:slot.func -# (see setpci man page relative to -d and -s options) -# PCIPARM_(BUS|VENDOR)_#="...." -# Where # is sequentially numbered from zero. - -# Examples: -# "open up" the PCI bus by allowing fairly long bursts -# for all devices, increasing performance -# (equivalent to: setpci -v -d *:* latency_timer=b0) -#PCIPARM_ALL="latency_timer=b0" - -# maximize latency timers for network and audio, -# allowing them to transmit more data per burst, -# preventing buffer over/under-run conditions -#PCIPARM_BUS_0="00:04.0 latency_timer=ff" -#PCIPARM_BUS_1="01:04.0 latency_timer=ff" -#PCIPARM_VENDOR_0="1057:3410 latency_timer=ff" - -# -v : whether to be verbose about changes -# -D : dry-run, no commit -# -f : do not warn if the change is already set -# (see the setpci manpage for more advanced options) -SETPCI_OPT="-f" -@ diff --git a/conf.d/.rcs/portmap,v b/conf.d/.rcs/portmap,v deleted file mode 100644 index 4ee36bc..0000000 --- a/conf.d/.rcs/portmap,v +++ /dev/null @@ -1,29 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.17.58.35; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/portmap: config file for /etc/init.d/portmap - -# Options for `portmap`. -# For a full list, just run `portmap -h`. -#PORTMAP_OPTS="-l" -@ diff --git a/conf.d/.rcs/postgrey,v b/conf.d/.rcs/postgrey,v deleted file mode 100644 index ba629d2..0000000 --- a/conf.d/.rcs/postgrey,v +++ /dev/null @@ -1,95 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.01.23.36.28; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.15.25.02; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@# Config file for /etc/init.d/postgrey - -# LISTEN TYPE -# Set to 'inet' if you want to use a TCP socket. -# Set to 'unix' if you want to use an UNIX socket. -POSTGREY_TYPE="unix" - -# HOST -# What IP should postgrey bind to? -# Leave unchanged unless you know what you are doing. -# (ignored if POSTGREY_TYPE is set to 'unix') -POSTGREY_HOST="127.0.0.1" - -# PORT -# What TCP port should postgrey listen on? -# (ignored if POSTGREY_TYPE is set to 'unix') -POSTGREY_PORT="10030" - -# SOCKET -# Unix socket to listen on, if POSTGREY_TYPE is set to 'unix'. -# Leave unchanged unless you know what you are doing. -# (ignored if POSTGREY_TYPE is set to 'inet') -POSTGREY_SOCKET="/var/spool/postfix/private/postgrey" - -# PID -# Postgrey pid file. -# Do not change, if you don't know what this is! -POSTGREY_PID="/var/run/postgrey.pid" - -# DELAY -# How long to delay mail that is greylisted in seconds. -POSTGREY_DELAY=300 - -# TEXT -# The response we'll send back with delayed mail. -POSTGREY_TEXT="Greylisted for %s seconds" - -# Additional Postgrey options -# -# -v, --verbose increase verbosity level -# --max-age=N delete entries older than N days since the last time -# that they have been seen (default: 30) -# --retry-window=N allow only N days for the first retrial (default: 2) -# append 'h' if you want to specify it in hours -# --greylist-action=A if greylisted, return A to Postfix (default: DEFER_IF_PERMIT) -# --lookup-by-subnet strip the last 8 bits from IP addresses (default) -# --lookup-by-host do not strip the last 8 bits from IP addresses -# --whitelist-clients=FILE default: /etc/postfix/postgrey_whitelist_clients -# --whitelist-recipients=FILE default: /etc/postfix/postgrey_whitelist_recipients -# -# Note that the --whitelist-x options can be specified multiple times, and that -# per default /etc/postfix/postgrey_whitelist_clients.local is also read, so -# that you can put there local entries. -# -POSTGREY_OPTS="" -@ - - -1.1 -log -@Initial revision -@ -text -@d6 1 -a6 1 -POSTGREY_TYPE="inet" -@ diff --git a/conf.d/.rcs/pydoc-2.6,v b/conf.d/.rcs/pydoc-2.6,v deleted file mode 100644 index d8b7fec..0000000 --- a/conf.d/.rcs/pydoc-2.6,v +++ /dev/null @@ -1,32 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.20.43.53; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/init.d/pydoc.conf -# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.2 2008/06/30 15:10:28 hawking Exp $ - -# This file contains the configuration information for pydoc's internal -# webserver. The variables should be rather self explanatory :-) - -# Default port for Python's pydoc server -PYDOC_PORT=7464 -@ diff --git a/conf.d/.rcs/pydoc-3.1,v b/conf.d/.rcs/pydoc-3.1,v deleted file mode 100644 index d8e7f5d..0000000 --- a/conf.d/.rcs/pydoc-3.1,v +++ /dev/null @@ -1,32 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.20.41.39; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/init.d/pydoc.conf -# $Header: /var/cvsroot/gentoo-x86/dev-lang/python/files/pydoc.conf,v 1.2 2008/06/30 15:10:28 hawking Exp $ - -# This file contains the configuration information for pydoc's internal -# webserver. The variables should be rather self explanatory :-) - -# Default port for Python's pydoc server -PYDOC_PORT=7464 -@ diff --git a/conf.d/.rcs/quota,v b/conf.d/.rcs/quota,v deleted file mode 100644 index bdb1662..0000000 --- a/conf.d/.rcs/quota,v +++ /dev/null @@ -1,44 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.22.01.53; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/quota: config file for /etc/init.d/quota - -# Note: if your console is hooked up to a serial terminal, -# you prob want to drop the '-v' from the OPTS vars below. - - -# Run quotacheck ? -RUN_QUOTACHECK="yes" - - -# Options for quotacheck -QUOTACHECK_OPTS="-avug" - - -# Options for quotaon -QUOTAON_OPTS="-avug" - - -# Options for quotaoff -QUOTAOFF_OPTS="-avug" -@ diff --git a/conf.d/.rcs/rc,v b/conf.d/.rcs/rc,v deleted file mode 100644 index 7bf5be2..0000000 --- a/conf.d/.rcs/rc,v +++ /dev/null @@ -1,265 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.19.09.20.12; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/rc: Global config file for the Gentoo RC System - -# This is the number of tty's used in most of the rc-scripts (like -# consolefont, numlock, etc ...) - -RC_TTY_NUMBER=12 - -# Set to "yes" if you want the rc system to try and start services -# in parallel for a slight speed improvement. NOTE: When RC_PARALLEL_STARTUP -# is enabled, init script output is replaced with simple "service foo -# starting/stopping" messages so that output is not mixed up. -# You can stop this from happening on the command line by passing --verbose -# to the init script or by setting RC_VERBOSE="yes" below. - -RC_PARALLEL_STARTUP="no" - -# Set RC_INTERACTIVE to "yes" and you'll be able to press the I key during -# boot so you can choose to start specific services. Set to "no" to disable -# this feature. - -RC_INTERACTIVE="yes" - -# Do we allow services to be hotplugged? If not, set to RC_HOTPLUG="no" -# NOTE: This does not affect anything hotplug/udev related, just the -# starting/stopping of the init.d service triggered by hotplug. - -RC_HOTPLUG="yes" - -# Dynamic /dev managers can trigger coldplug events which cause services to -# start before we are ready for them. If this happens, we can defer these -# services to start in the boot runlevel. Set RC_COLDPLUG="no" if you don't -# want this. -# NOTE: This also affects module coldplugging in udev-096 and higher -# If you want module coldplugging but not coldplugging of services then you -# can set RC_COLDPLUG="yes" and RC_PLUG_SERVICES="!*" - -RC_COLDPLUG="yes" - -# Some people want a finer grain over hotplug/coldplug. RC_PLUG_SERVICES is a -# list of services that are matched in order, either allowing or not. By -# default we allow services through as RC_COLDPLUG/RC_HOTPLUG has to be yes -# anyway. -# Example - RC_PLUG_SERVICES="net.wlan !net.*" -# This allows net.wlan and any service not matching net.* to be plugged. - -RC_PLUG_SERVICES="" - -# RC_NET_STRICT_CHECKING allows some flexibility with the 'net' service. -# The following values are allowed: -# none - The 'net' service is always considered up. -# no - This basically means that at least one net.* service besides net.lo -# must be up. This can be used by notebook users that have a wifi and -# a static nic, and only wants one up at any given time to have the -# 'net' service seen as up. -# lo - This is the same as the 'no' option, but net.lo is also counted. -# This should be useful to people that do not care about any specific -# interface being up at boot. -# yes - For this ALL network interfaces MUST be up for the 'net' service to -# be considered up. - -RC_NET_STRICT_CHECKING="no" - -# RC_DOWN_INTERFACE allows you to specify if RC will bring the interface -# completely down when it stops. The default is yes, but there are some -# instances where you may not want this to happen such as using Wake On LAN. - -RC_DOWN_INTERFACE="yes" - -# RC_VOLUME_ORDER allows you to specify, or even remove the volume setup -# for various volume managers (MD, EVMS2, LVM, DM, etc). Note that they are -# stopped in reverse order. - -RC_VOLUME_ORDER="raid evms lvm dm" - -# RC_VERBOSE will make init scripts more verbose. Only networking scripts -# really use this at this time, and this is useful for trouble shooting -# any issues you may have. -# This is also used to re-enable init script output for init scripts -# started or stopped from the command line. - -RC_VERBOSE="no" - -# RC_BOOTLOG will generate a log of the boot messages shown on the console. -# Useful for headless machines or debugging. You need to emerge the -# app-admin/showconsole package for this to work. Note that this probably -# won't work correctly with boot splash. - -RC_BOOTLOG="no" - -# Set to "yes" if you want to benchmark system boot with bootchart. -# You'll need to emerge the app-benchmarks/bootchart package for this to work. - -RC_BOOTCHART="no" - -# RC_USE_FSTAB allows you to override the default mount options for the -# standard /proc, /sys, /dev, and /dev/pts mount points. Note that this -# is the new way for selecting ramfs/tmpfs/etc... for udev mounting. - -RC_USE_FSTAB="no" - -# RC_USE_CONFIG_PROFILE allows you to have different /etc/conf.d files -# based on your runlevel - if a conf.d file for your profile does not exist -# then we try and use the default one. -# To enable runlevel selection at boot, append "softlevel=foobar" to your -# kernel line to change to the foobar runlevel. Here we would search for -# /etc/conf.d/.foobar config files before trying to use the default -# /etc/conf.d/. -# Note that it is only active if 'softlevel' was specified via the kernel line, -# and it is intended to use for different grub/lilo entries to specify config -# changes for say laptops between home and work, where you would have setup -# 'work' and 'home' runlevels, with /etc/conf.d/*. as needed. - -RC_USE_CONFIG_PROFILE="yes" - -# RC_FORCE_AUTO tries its best to prevent user interaction during the boot and -# shutdown process. For example, fsck will automatically be run or volumes -# remounted to create proper directory trees. This feature can be dangerous -# and is meant ONLY for headless machines where getting a physical console -# hooked up is a huge pita. - -RC_FORCE_AUTO="no" - -# Use this variable to control the /dev management behavior. -# auto - let the scripts figure out what's best at boot -# devfs - use devfs (requires sys-fs/devfsd) -# udev - use udev (requires sys-fs/udev) -# static - let the user manage /dev (YOU need to create ALL device nodes) - -RC_DEVICES="auto" - -# UDEV OPTION: -# Set to "yes" if you want to save /dev to a tarball on shutdown -# and restore it on startup. This is useful if you have a lot of -# custom device nodes that udev does not handle/know about. - -RC_DEVICE_TARBALL="no" - -# RC_DMESG_LEVEL sets the level at which logging of messages is done to the -# console. See dmesg(8) for more info. - -RC_DMESG_LEVEL="1" - - - - - -# -# Controlling start-stop-daemon behavior - -# Set to "yes" if start-stop-daemon should always retry killing the -# service with sig KILL if it fails the first time. - -RC_RETRY_KILL="yes" - - -# Set the amount of seconds start-stop-daemon should wait between -# retries. - -RC_RETRY_TIMEOUT=1 - - -# Set the amount of times start-stop-daemon should try to kill -# a service before giving up. - -RC_RETRY_COUNT=5 - - -# Set to "yes" if start-stop-daemon should fail if the service -# is marked as started, but not actually running on stop. - -RC_FAIL_ON_ZOMBIE="no" - - -# Set to "yes" if start-stop-daemon should attempt to kill -# any children left in the system. -# Be careful with this as it really does what it was on the tin. -# fex, if you're in an ssh process and you restart a service on which ssh -# depends then your terminal will be killed also. - -RC_KILL_CHILDREN="no" - - -# Set the amount of seconds start-stop-daemon waits after starting -# the daemon to check it is still running. If it's not then we -# try and stop any children if possible. -RC_WAIT_ON_START="0.1" - - -############################################################################## -# SERVICE CONFIGURATION VARIABLES -# These variables are documented here, but should be configured in -# /etc/conf.d/foo for service foo and NOT enabled here unless you -# really want them to work on a global basis. - -# Some daemons are started and stopped via start-stop-daemon. -# We can launch them through other daemons here, for example valgrind. -# This is only useful for serious debugging of the daemon -# WARNING: If the script's "stop" function does not supply a PID file then -# all processes using the same daemon will be killed. -#RC_DAEMON="/usr/bin/valgrind --tool=memcheck --log-file=/tmp/valgrind.syslog-ng" - -# strace needs to be prefixed with --background as it does not detach when -# it's following -#RC_DAEMON="--background /usr/sbin/strace -f -o /tmp/strace.syslog-ng" - -# Pass ulimit parameters -#RC_ULIMIT="-u 30" - -############################################################################## - - -# -# Internal configuration variables -# -# NB: These are for advanced users, and you should really -# know what you are doing before changing them! -# - -# rc-scripts dep-cache directory -# -# NOTE: Do not remove the next line, as its needed by the baselayout ebuild! -# -# svcdir="/var/lib/init.d" - -svcdir="/var/lib/init.d" - -# Should we mount $svcdir in a ram disk for some speed increase -# for slower machines, or for the more extreme setups ? - -svcmount="no" - -# FS type that should be used for $svcdir. Note that you need -# $svcmount above set to "yes" for this to work ... Currently -# tmpfs, ramfs, and ramdisk are supported (tmpfs is the default). - -svcfstype="tmpfs" - -# Size of $svcdir in KB. Note that ramfs doesn't support this -# due to kernel limitations. - -svcsize=2048 -@ diff --git a/conf.d/.rcs/rsyncd,v b/conf.d/.rcs/rsyncd,v deleted file mode 100644 index 0e707a2..0000000 --- a/conf.d/.rcs/rsyncd,v +++ /dev/null @@ -1,29 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.16.27.03; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/rsyncd: config file for /etc/init.d/rsyncd - -# see man pages for rsync or run `rsync --help` -# for valid cmdline options -#RSYNC_OPTS="" -@ diff --git a/conf.d/.rcs/samba,v b/conf.d/.rcs/samba,v deleted file mode 100644 index f5d2625..0000000 --- a/conf.d/.rcs/samba,v +++ /dev/null @@ -1,52 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.07.52.12; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@#add "winbind" to the daemon_list if you also want winbind to start -daemon_list="smbd nmbd" - -#---------------------------------------------------------------------------- -# Daemons calls: _ -#---------------------------------------------------------------------------- -my_service_name="samba" -my_service_PRE="unset TMP TMPDIR" -my_service_POST="" - -#---------------------------------------------------------------------------- -# Daemons calls: _ -#---------------------------------------------------------------------------- -smbd_start_options="-D" -smbd_start="start-stop-daemon --start --exec /usr/sbin/smbd -- ${smbd_start_options}" -smbd_stop="start-stop-daemon --stop --exec /usr/sbin/smbd" -smbd_reload="killall -HUP smbd" - -nmbd_start_options="-D" -nmbd_start="start-stop-daemon --start --exec /usr/sbin/nmbd -- ${nmbd_start_options}" -nmbd_stop="start-stop-daemon --stop --exec /usr/sbin/nmbd" -nmbd_reload="killall -HUP nmbd" - -winbind_start_options="" -winbind_start="start-stop-daemon --start --exec /usr/sbin/winbindd -- ${winbind_start_options}" -winbind_stop="start-stop-daemon --stop --oknodo --exec /usr/sbin/winbindd" -winbind_reload="killall -HUP winbindd" - -@ diff --git a/conf.d/.rcs/saslauthd,v b/conf.d/.rcs/saslauthd,v deleted file mode 100644 index 3410d3c..0000000 --- a/conf.d/.rcs/saslauthd,v +++ /dev/null @@ -1,49 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.06.52.36; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/files/saslauthd-2.1.21.conf,v 1.2 2007/04/07 13:03:55 chtekk Exp $ - -# Config file for /etc/init.d/saslauthd - -# Initial (empty) options. -SASLAUTHD_OPTS="" - -# Specify the authentications mechanism. -# **NOTE** For a list see: saslauthd -v -# Since 2.1.19, add "-r" to options for old behavior, -# ie. reassemble user and realm to user@@realm form. -#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam -r" -SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -a pam" - -# Specify the hostname for remote IMAP server. -# **NOTE** Only needed if rimap auth mechanism is used. -#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -O localhost" - -# Specify the number of worker processes to create. -#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -n 5" - -# Enable credential cache, set cache size and timeout. -# **NOTE** Size is measured in kilobytes. -# Timeout is measured in seconds. -#SASLAUTHD_OPTS="${SASLAUTHD_OPTS} -c -s 128 -t 30" -@ diff --git a/conf.d/.rcs/slapd,v b/conf.d/.rcs/slapd,v deleted file mode 100644 index e8d143c..0000000 --- a/conf.d/.rcs/slapd,v +++ /dev/null @@ -1,34 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.16.08.52; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# conf.d file for openldap -# -# To enable both the standard unciphered server and the ssl encrypted -# one uncomment this line or set any other server starting options -# you may desire. -# -# OPTS="-h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" -OPTS="-h 'ldaps:/// ldap:/// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" -# Uncomment the below to use the new slapd configuration for openldap 2.3 -#OPTS="-F /etc/openldap/slapd.d -h 'ldaps:// ldap:// ldapi://%2fvar%2frun%2fopenldap%2fslapd.sock'" -@ diff --git a/conf.d/.rcs/smartd,v b/conf.d/.rcs/smartd,v deleted file mode 100644 index 204034f..0000000 --- a/conf.d/.rcs/smartd,v +++ /dev/null @@ -1,28 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.29.22.15.07; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/smartd: config file for /etc/init.d/smartd - -# Insert any other options needed -SMARTD_OPTS="" -@ diff --git a/conf.d/.rcs/snmpd,v b/conf.d/.rcs/snmpd,v deleted file mode 100644 index 61f861e..0000000 --- a/conf.d/.rcs/snmpd,v +++ /dev/null @@ -1,41 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.06.42.43; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmpd.conf,v 1.8 2006/11/26 21:37:22 cedk Exp $ - -# Initial (empty) options. -SNMPD_FLAGS="" - -# Enable connection logging. -#SNMPD_FLAGS="${SNMPD_FLAGS} -a" - -# Enable syslog and disable file log. -#SNMPD_FLAGS="${SNMPD_FLAGS} -Lsd -Lf /dev/null" - -# Enable agentx socket as /var/agentx/master -# *NOTE* Before uncommenting this, make sure -# the /var/agentx directory exists. -#SNMPD_FLAGS="${SNMPD_FLAGS} -x /var/agentx/master" -@ diff --git a/conf.d/.rcs/snmptrapd,v b/conf.d/.rcs/snmptrapd,v deleted file mode 100644 index 6f2c22e..0000000 --- a/conf.d/.rcs/snmptrapd,v +++ /dev/null @@ -1,40 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.06.42.43; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmptrapd.conf,v 1.1 2005/01/28 11:19:25 ka0ttic Exp $ - -# extra flags to pass to snmptrapd -SNMPTRAPD_FLAGS="" - -# ignore authentication failure traps -#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -a" - -# log messages to specified file -#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Lf /var/log/snmptrapd.log" - -# log messages to syslog with the specified facility -# where facility is: 'd' = LOG_DAEMON, 'u' = LOG_USER, [0-7] = LOG_LOCAL[0-7] -#SNMPTRAPD_FLAGS="${SNMPTRAPD_FLAGS} -Ls d" -@ diff --git a/conf.d/.rcs/spamd,v b/conf.d/.rcs/spamd,v deleted file mode 100644 index 5fd446f..0000000 --- a/conf.d/.rcs/spamd,v +++ /dev/null @@ -1,70 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.15.48.42; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Config file for /etc/init.d/spamd - - -# ***WARNING*** -# spamd was not designed to listed to an untrusted network. spamd -# is vulnerable to DoS attacks (and eternal doom) if used to listen -# to an untrusted network. -# - - -# Some options: -# -# -c to create a per user configuration file -# -H [dir] to switch home dirs for helper apps, dir optional -# -i [ip] to listen on the specified IP, -# 127.0.0.1 if omitted, -# 0.0.0.0 (ie. all) if given without value; -# must be used in combination with -A to actually allow -# connections from anybody but localhost -# -m limit to set the number of children, default 5 -# -u user the user to run spamd as -# -L if you want to run no net tests -# -# for more help look in man spamd -# -# Note: if you plan on using the -u flag to spamd you will need to -# make sure the location of the PID file is writable by that user. -# This can be done by making the directory /var/run/spamd and -# changing the owner to the UID that runs spamd. You will then -# need to edit $pidfile in /etc/init.d/spamd. This should fix the -# problem with stop/restart in the init scripts. -# -# See http://bugs.gentoo.org/show_bug.cgi?id=70124 for a full -# explanation. - -SPAMD_OPTS="-m 5 -c -H" - -# spamd stores its pid in this file. If you use the -u option to -# run spamd under another user, you might need to adjust it. - -PIDFILE="/var/run/spamd.pid" - -# SPAMD_NICELEVEL lets you set the 'nice'ness of the running -# spamd process - -# SPAMD_NICELEVEL=5 -@ diff --git a/conf.d/.rcs/sshd,v b/conf.d/.rcs/sshd,v deleted file mode 100644 index 54d8043..0000000 --- a/conf.d/.rcs/sshd,v +++ /dev/null @@ -1,45 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.06.55.35; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/sshd: config file for /etc/init.d/sshd - -# Where is your sshd_config file stored? - -SSHD_CONFDIR="/etc/ssh" - - -# Any random options you want to pass to sshd. -# See the sshd(8) manpage for more info. - -SSHD_OPTS="" - - -# Pid file to use (needs to be absolute path). - -#SSHD_PIDFILE="/var/run/sshd.pid" - - -# Path to the sshd binary (needs to be absolute path). - -#SSHD_BINARY="/usr/sbin/sshd" -@ diff --git a/conf.d/.rcs/svnserve,v b/conf.d/.rcs/svnserve,v deleted file mode 100644 index 6cef241..0000000 --- a/conf.d/.rcs/svnserve,v +++ /dev/null @@ -1,34 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.07.02.11; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# The commented variables in this file are the defaults that are used -# in the init-script. You don't need to uncomment them except to -# customize them to different values. - -# Options for svnserve -#SVNSERVE_OPTS="--root=/var/svn" - -# User and group as which to run svnserve -#SVNSERVE_USER="svn" -#SVNSERVE_GROUP="svnusers" -@ diff --git a/conf.d/.rcs/syslog-ng,v b/conf.d/.rcs/syslog-ng,v deleted file mode 100644 index a48bfd5..0000000 --- a/conf.d/.rcs/syslog-ng,v +++ /dev/null @@ -1,30 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.21.54.44; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# Config file for /etc/init.d/syslog-ng - -# Put any additional options for syslog-ng here. -# See syslog-ng(8) for more information. - -SYSLOG_NG_OPTS="" -@ diff --git a/conf.d/.rcs/teamspeak3-server,v b/conf.d/.rcs/teamspeak3-server,v deleted file mode 100644 index 2846630..0000000 --- a/conf.d/.rcs/teamspeak3-server,v +++ /dev/null @@ -1,25 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.27.20.49.16; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@export LD_LIBRARY_PATH=".:$LD_LIBRARY_PATH" -@ diff --git a/conf.d/.rcs/twistd,v b/conf.d/.rcs/twistd,v deleted file mode 100644 index 5527bdb..0000000 --- a/conf.d/.rcs/twistd,v +++ /dev/null @@ -1,31 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.01.06.44.59; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@ -# These are passed to twistd. -# TWISTD_OPTS="--no_save --logfile=/var/log/twistd -y /etc/twistd.tac" -# TWISTD_OPTS="--no_save --logfile=/var/log/twistd -f /etc/twistd.tap" - -# Make any additions to PYTHONPATH the twistd needs here. -# PYTHONPATH="/path/to/extra/python/modules" -@ diff --git a/conf.d/.rcs/udev,v b/conf.d/.rcs/udev,v deleted file mode 100644 index 3b929d5..0000000 --- a/conf.d/.rcs/udev,v +++ /dev/null @@ -1,87 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.20.36.32; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/udev: config file for udev - -# We discourage to disable persistent-net!! -# this may lead to random interface naming - -# Disable adding new rules for persistent-net -persistent_net_disable="no" - -# Disable adding new rules for persistent-cd -# Disabling this will stop new cdrom devices to appear -# as /dev/{cdrom,cdrw,dvd,dvdrw} -persistent_cd_disable="no" - -# Set to "yes" if you want to save /dev to a tarball on shutdown -# and restore it on startup. This is useful if you have a lot of -# custom device nodes that udev does not handle/know about. -# -# As this option is fragile, we recommend you -# to create your devices in /lib64/udev/devices. -# These will be copied to /dev on boot. -#rc_device_tarball="NO" - -# udev can trigger coldplug events which cause services to start and -# kernel modules to be loaded. -# Services are deferred to start in the boot runlevel. -# Set rc_coldplug="NO" if you don't want this. -# If you want module coldplugging but not coldplugging of services then you -# can disable service coldplugging in baselayout/openrc config files. -# The setting is named different in different versions. -# in /etc/rc.conf: rc_hotplug="!*" or -# in /etc/conf.d/rc: rc_plug_services="!*" -#rc_coldplug="YES" - - - - -# Expert options: - -# Disable warning about unreliable kernel/udev combination -#unreliable_kernel_warning="no" - -# Timeout in seconds to wait for processing of uevents at boot. -# There should be no need to change this. -#udev_settle_timeout="60" - -# Run udevd so that all events are serialized, read more in man udevd at --debug-trace -#udev_trace="YES" - -# Run udevd --debug and write output to /dev/.udev/udev.log -# Should not be kept on as it fills diskspace slowly -#udev_debug="YES" - -# Run udevadmin monitor to get a log of all events -# in /dev/.udev/udevmonitor.log -#udev_monitor="YES" - -# Keep udevmonitor running after populating /dev. -#udev_monitor_keep_running="no" - -# Set cmdline options for udevmonitor. -# could be some of --env --kernel --udev -#udev_monitor_opts="--env" - -@ diff --git a/conf.d/.rcs/urandom,v b/conf.d/.rcs/urandom,v deleted file mode 100644 index a0400ce..0000000 --- a/conf.d/.rcs/urandom,v +++ /dev/null @@ -1,32 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.18.08.57.19; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/urandom - -# Sometimes you want to have urandom start before "localmount" -# (say for crypt swap), so you will need to customize this -# behavior. If you have /var on a separate partition, then -# make sure this path lives on your root device somewhere. - -URANDOM_SEED="/var/run/random-seed" -@ diff --git a/conf.d/.rcs/wireless.example,v b/conf.d/.rcs/wireless.example,v deleted file mode 100644 index 246e158..0000000 --- a/conf.d/.rcs/wireless.example,v +++ /dev/null @@ -1,322 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.18.08.57.19; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/conf.d/wireless: -# Global wireless config file for net.* rc-scripts - -# -# Usage of /etc/conf.d/wireless is deprecated ... make sure you -# put all settings in /etc/conf.d/net -# - - -############################################################################## -# IMPORTANT -# linux-wlan-ng is not supported as they have their own configuration program -# ensure that /etc/conf.d/net has the entry "!iwconfig" in it's modules line -# Try and use an alternative driver if you need to use this - hostap-driver -# supports non-usb linux-wlan-ng driven devices -############################################################################## - -############################################################################## -# HINTS -############################################################################## -# Remember to change eth0 to your wireless interface which may be -# eth0, eth1, wlan0, ath0 - you get the idea. If you're not sure -# you can type "iwconfig" at the command prompt and it will tell you which -# interfaces are wireless. -# Say that your wireless interface is ath0 - the line -# #essid_eth0="any" -# becomes -# #essid_ath0="any" -# -# Remember to change ESSID to your ESSID. -# Say that your ESSID is My NET - the line -# #key_ESSID="s:passkey" -# becomes -# #key_My_NET="s:passkey" -# Notice that the space has changed to an underscore - do the same with all -# characters not in a-z A-Z (english alphabet) 0-9. This only applies to -# variables and not values. -# -# Any ESSID's in values like essid_eth0="My NET" may need to be escaped -# This means placing the character \ before the character -# \" need to be escaped for example -# So if your ESSID is -# My "\ NET -# it becomes -# My \"\\ NET -# for example -# #essid_eth0="My\"\\NET" -# -# So using the above we can use -# #dns_domain_My____NET="My\"\\NET" -# which is an invalid dns domain, but shows the how to use the variable -# structure -# -# As a final note, most users will just need to set the following options -# key_ESSID1="s:yourkeyhere enc open" # s: means a text key -# key_ESSID2="aaaa-bbbb-cccc-dd" # no s: means a hex key -# preferred_aps=( "ESSID1" "ESSID2" ) -# -# Clear? Good. Now configure your wireless network below -######################################################### - -############################################################################## -# SETTINGS -############################################################################## -# Hard code an ESSID to an interface - leave this unset if you wish the driver -# to scan for available Access Points -# Set to "any" to connect to any ESSID - the driver picks an Access Point -# This needs to be done when the driver doesn't support scanning -# This may work for drivers that don't support scanning but you need automatic -# AP association -# I would only set this as a last resort really - use the preferred_aps -# setting at the bottom of this file - -# However, using ad-hoc (without scanning for APs) and master mode -# do require the ESSID to be set - do this here -#essid_eth0="any" - -# Set the mode of the interface (managed, ad-hoc, master or auto) -# The default is auto -# If it's ad-hoc or master you also may need to specify the channel below -#mode_eth0="auto" - -# If managed mode fails, drop to ad-hoc mode with the below ESSID? -#adhoc_essid_eth0="WLAN" - -#Channel can be set (1-14), but defaults to 3 if not set. -# -# The below is taken verbatim from the BSD wavelan documentation found at -# http://www.netbsd.org/Documentation/network/wavelan.html -# There are 14 channels possible; We are told that channels 1-11 are legal for -# North America, channels 1-13 for most of Europe, channels 10-13 for France, -# and only channel 14 for Japan. If in doubt, please refer to the documentation -# that came with your card or access point. Make sure that the channel you -# select is the same channel your access point (or the other card in an ad-hoc -# network) is on. The default for cards sold in North America and most of Europe -# is 3; the default for cards sold in France is 11, and the default for cards -# sold in Japan is 14. -#channel_eth0="3" - -# Setup any other config commands. This is basically the iwconfig argument -# without the iwconfig $iface. -#iwconfig_eth0="" - -# Set private driver ioctls. This is basically the iwpriv argument without -# the iwpriv $iface. If you use the rt2500 driver (not the rt2x00 one) then -# you can set WPA here, below is an example. -#iwpriv_eth0="" -#iwpriv_ESSID=( -# "set AuthMode=WPAPSK" -# "set EncrypType=TKIP" -# "set WPAPSK=yourpasskey" -#) -#NOTE: Even though you can use WPA like so, you may have to set a WEP key -#if your driver claims the AP is encrypted. The WEP key itself will not be -#used though. - -# Seconds to wait before scanning -# Some drivers need to wait until they have finished "loading" -# before they can scan - otherwise they error and claim that they cannot scan -# or resource is unavailable. The default is to wait zero seconds -#sleep_scan_eth0="1" - -# Seconds to wait until associated. The default is to wait 10 seconds. -# 0 means wait indefinitely. WARNING: this can cause an infinite delay when -# booting. -#associate_timeout_eth0="5" - -# By default a successful association in Managed mode sets the MAC -# address of the AP connected to. However, some drivers (namely -# the ipw2100) don't set an invalid MAC address when association -# fails - so we need to check on link quality which some drivers -# don't report properly either. -# So if you have connection problems try flipping this setting -# Valid options are MAC, quality and all - defaults to MAC -#associate_test_eth0="MAC" - -# Some driver/card combinations need to scan in Ad-Hoc mode -# After scanning, the mode is reset to the one defined above -#scan_mode_eth0="Ad-Hoc" - -# Below you can define private ioctls to run before and after scanning -# Format is the same as the iwpriv_eth0 above -# This is needed for the HostAP drivers -#iwpriv_scan_pre_eth0="host_roaming 2" -#iwpriv_scan_post_eth0="host_roaming 0" - -# Define a WEP key per ESSID or MAC address (of the AP, not your card) -# The encryption type (open or restricted) must match the -# encryption type on the Access Point -# You can't use "any" for an ESSID here -#key_ESSID="1234-1234-1234-1234-1234-1234-56" -# or you can use strings. Passphrase IS NOT supported -# To use a string, prefix it with s: -# Note - this example also sets the encryption method to open -# which is regarded as more secure than restricted -#key_ESSID="s:foobar enc open" -#key_ESSID="s:foobar enc restricted" - -# If you have whitespace in your key, here's how to set it and use other -# commands like using open encryption. -#key_ESSID="s:'foo bar' enc open" - -# WEP key for the AP with MAC address 001122334455 -#mac_key_001122334455="s:foobar" - -# Here are some more examples of keys as some users find others work -# and some don't where they should all do the same thing -#key_ESSID="open s:foobar" -#key_ESSID="open 1234-5678-9012" -#key_ESSID="s:foobar enc open" -#key_ESSID="1234-5678-9012 enc open" - -# You may want to set multiple keys - here's an example -# It sets 4 keys on the card and instructs to use key 2 by default -#key_ESSID="[1] s:passkey1 key [2] s:passkey2 key [3] s:passkey3 key [4] s:passkey4 key [2]" - -# You can also override the interface settings found in /etc/conf.d/net -# per ESSID - which is very handy if you use different networks a lot -#config_ESSID=( "dhcp" ) -#dhcpcd_ESSID="-t 5" -#routes_ESSID=() -#fallback_ESSID=() - -# Setting name/domain server causes /etc/resolv.conf to be overwritten -# Note that if DHCP is used, and you want this to take precedence then -# please put -R in your dhcpcd options -#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) -#dns_domain_ESSID="some.domain" -#dns_search_path_ESSID="search.this.domain search.that.domain" -# Please check the man page for resolv.conf for more information -# as domain and search (searchdomains) are mutually exclusive and -# searchdomains takes precedence - -# You can also set any of the /etc/conf.d/net variables per MAC address -# in case you use Access Points with the same ESSID but need different -# networking configs. Below is an example - of course you use the same -# method with other variables -#config_001122334455=( "dhcp" ) -#dhcpcd_001122334455="-t 10" -#dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) - -# Map a MAC address to an ESSID -# This is used when the Access Point is not broadcasting it's ESSID -# WARNING: This will override the ESSID being broadcast due to some -# Access Points sending an ESSID even when they have been configured -# not to! -# Change 001122334455 to the MAC address and ESSID to the ESSID -# it should map to -#mac_essid_001122334455="ESSID" - -# This lists the preferred ESSIDs to connect to in order -# ESSID's can contain any characters here as they must match the broadcast -# ESSID exactly. -# Surround each ESSID with the " character and separate them with a space -# If the first ESSID isn't found then it moves onto the next -# If this isn't defined then it connects to the first one found -#preferred_aps=( "ESSID 1" "ESSID 2" ) - -# You can also define a preferred_aps list per interface -#preferred_aps_eth0=( "ESSID 3" "ESSID 4" ) - -# You can also say whether we only connect to preferred APs or not -# Values are "any", "preferredonly", "forcepreferred", "forcepreferredonly" and "forceany" -# "any" means it will connect to visible APs in the preferred list and then any -# other available AP -# "preferredonly" means it will only connect to visible APs in the preferred list -# "forcepreferred" means it will forcibly connect to APs in order if it does not find -# them in a scan -# "forcepreferredonly" means it forcibly connects to the APs in order and does not bother -# to scan -# "forceany" does the same as forcepreferred + connects to any other available AP -# Default is "any" -#associate_order="any" -#associate_order_eth0="any" - -# You can define blacklisted Access Points in the same way -#blacklist_aps=( "ESSID 1" "ESSID 2" ) -#blacklist_aps_eth0=( "ESSID 3" ESSID 4" ) - -# If you have more than one wireless card, you can say if you want -# to allow each card to associate with the same Access Point or not -# Values are "yes" and "no" -# Default is "yes" -#unique_ap="yes" -#unique_ap_eth0="yes" - -# IMPORTANT: preferred_only, blacklisted_aps and unique_ap only work when -# essid_eth0 is not set and your card is capable of scanning - -# NOTE: preferred_aps list ignores blacklisted_aps - so if you have -# the same ESSID in both, well, you're a bit silly :p - - -############################################################################## -# ADVANCED CONFIGURATION -# -# Two functions can be defined which will be called surrounding the -# associate function. The functions are called with the interface -# name first so that one function can control multiple adapters. -# -# The return values for the preassociate function should be 0 -# (success) to indicate that configuration or deconfiguration of the -# interface can continue. If preassociate returns a non-zero value, then -# interface configuration will be aborted. -# -# The return value for the postassociate function is ignored -# since there's nothing to do if it indicates failure. - -#preassociate() { -# # The below adds two configuration variables leap_user_ESSID -# # and leap_pass_ESSID. When they are both configured for the ESSID -# # being connected to then we run the CISCO LEAP script -# -# local user pass -# eval user=\"\$\{leap_user_${ESSIDVAR}\}\" -# eval pass=\"\$\{leap_pass_${ESSIDVAR}\}\" -# -# if [[ -n ${user} && -n ${pass} ]]; then -# if [[ ! -x /opt/cisco/bin/leapscript ]]; then -# eend "For LEAP support, please emerge net-misc/cisco-aironet-client-utils" -# return 1 -# fi -# einfo "Waiting for LEAP Authentication on \"${ESSID//\\\\//}\"" -# if /opt/cisco/bin/leapscript ${user} ${pass} | grep -q 'Login incorrect'; then -# ewarn "Login Failed for ${user}" -# return 1 -# fi -# fi -# -# return 0 -#} - -#postassociate() { -# # This function is mostly here for completeness... I haven't -# # thought of anything nifty to do with it yet ;-) -# # Return 0 always -# return 0 -#} -@ diff --git a/conf.d/auditd b/conf.d/auditd index 6156c45..b5f389e 100644 --- a/conf.d/auditd +++ b/conf.d/auditd @@ -1,6 +1,6 @@ -# Copyright 1999-2005 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /etc/conf.d/.rcs/auditd,v 1.1 2010/11/30 21:59:04 root Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-conf.d-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $ # Configuration options for auditd # -f for foreground mode @@ -14,3 +14,10 @@ RULEFILE_STARTUP=/etc/audit/audit.rules # Audit rules file to run before and after stopping auditd RULEFILE_STOP_PRE=/etc/audit/audit.rules.stop.pre RULEFILE_STOP_POST=/etc/audit/audit.rules.stop.post + +# If you want to enforce a certain locale for auditd, +# uncomment one of the next lines: +#AUDITD_LANG=none +AUDITD_LANG=C +#AUDITD_LANG=en_US +#AUDITD_LANG=en_US.UTF-8 diff --git a/conf.d/autofs b/conf.d/autofs index 6c8d9c7..491b3b0 100644 --- a/conf.d/autofs +++ b/conf.d/autofs @@ -117,7 +117,7 @@ BROWSE_MODE="no" # AUTH_CONF_FILE - set the default location for the SASL # authentication configuration file. # -#AUTH_CONF_FILE="/etc/autofs/autofs_ldap_auth.conf" +#AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf" # # MAP_HASH_TABLE_SIZE - set the map cache hash table size. # Should be a power of 2 with a ratio roughly diff --git a/conf.d/env_whitelist b/conf.d/env_whitelist deleted file mode 100644 index 30a3695..0000000 --- a/conf.d/env_whitelist +++ /dev/null @@ -1,6 +0,0 @@ -# /etc/conf.d/env_whitelist: Environment whitelist for rc-system - -# Specify which variables are allowed to be passed from the environment to the -# rc-system. If it is not set by the environment, then the variable will be -# taken from /etc/profile.env - meaning, if you need to set LANG or such, -# do it in a /etc/env.d/99myownstuff file for example, and run env-update. diff --git a/conf.d/git-daemon b/conf.d/git-daemon index 83867a2..97ca122 100644 --- a/conf.d/git-daemon +++ b/conf.d/git-daemon @@ -10,7 +10,7 @@ # --export-all --- Exports all repositories # --port=XXXX --- Starts in port XXXX instead of 9418 # -#GITDAEMON_OPTS="--syslog --export-all --verbose /var/lib/git" +#GITDAEMON_OPTS="--syslog /var/git" GITDAEMON_OPTS="--syslog --verbose --base-path=/var/lib/git /var/lib/git" # To run an anonymous git safely, the following user should be able to only diff --git a/conf.d/keymaps b/conf.d/keymaps index a55f29a..52bd111 100644 --- a/conf.d/keymaps +++ b/conf.d/keymaps @@ -1,6 +1,5 @@ # Use keymap to specify the default console keymap. There is a complete tree # of keymaps in /usr/share/keymaps to choose from. - #keymap="us" keymap="de-latin1-nodeadkeys" @@ -23,3 +22,4 @@ dumpkeys_charset="" # Some fonts map AltGr-E to the currency symbol ¤ instead of the Euro € # To fix this, set to "yes" fix_euro="NO" + diff --git a/conf.d/lm_sensors b/conf.d/lm_sensors index 0815378..5d1353c 100644 --- a/conf.d/lm_sensors +++ b/conf.d/lm_sensors @@ -1,4 +1,4 @@ -# Generated by sensors-detect on Wed Dec 1 23:57:50 2010 +# Generated by sensors-detect on Tue Jul 24 10:07:08 2012 # This file is sourced by /etc/init.d/lm_sensors and defines the modules to # be loaded/unloaded. # diff --git a/conf.d/mysql b/conf.d/mysql index 15ff170..df4c3a4 100644 --- a/conf.d/mysql +++ b/conf.d/mysql @@ -1,80 +1,79 @@ -# Here is where we define which server(s) to start. -# Additional parameters to be passed to mysqld at startup may be added here, -# which will override the ones in "my.cnf". -# -# Below are described some suggested parameters to use. -# The parameters not recognized will be passed through to the mysqld daemon -# directly! -# To avoid starting a server just comment it's definition. -# -# Last but not least, SPACES are NOT allowed inside the parameters! -# -# Parameter : description -# ----------------+----------------------------------------------------------- -# nice : integer [-20 .. 19 ] default 0 -# : change the priority of the server -20 (high) to 19 (low) -# : see "man nice 1" for description -# ----------------+----------------------------------------------------------- -# mycnf : string [full path to my.cnf] -# : specify the path to my.cnf file to be used -# ----------------+----------------------------------------------------------- -# startup_timeout : integer [seconds] default 15 -# : time to wait for mysqld up and running, after this it's -# : marked as failed -# ----------------+----------------------------------------------------------- -# -# Additional parameters -# Parameter : description -# ----------------+----------------------------------------------------------- -# server-id : integer [1 .. 255] -# : Uniquely identifies the server instance in the community -# : of replication partners. -# ----------------+----------------------------------------------------------- -# port : integer [1025 .. 65535] default 3306 -# : Port number to use for connection. -# : Looses any meaning if skip-networking is set. -# ----------------+----------------------------------------------------------- -# skip-networking : NULL -# : Don't allow connection through TCP/IP. -# ----------------+----------------------------------------------------------- -# log-bin : string [name of the binlog files] -# : Log update queries in binary format. Optional (but -# : strongly recommended to avoid replication problems if -# : server's hostname changes) argument should be the chosen -# : location for the binary log files. -# ----------------+----------------------------------------------------------- -# Additionally the following variables are recognized: -# -# Be more verbose, accepts values from 1 to 4 -#DEBUG=4 -# -# The default location for the "master" pid file -#MYSQL_GLOB_PID_FILE="/var/run/svc-started-mysqld" -# -# The timeout for a failed attempt to stop a server -#STOPTIMEOUT=120 -# +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql-init-scripts/files/mysql-5.1.53-conf.d,v 1.2 2011/01/15 17:54:31 robbat2 Exp $ -# The parameters are passed in a bash array variable, -# the variable name is mysql_slot_0_[server-num] -# "server-num" is an optional number used to start multiple servers -# -# Examples: -# -# start a default server with default options: -#mysql_slot_0=() -# -# start MySQL reniced, overriding some start parameters -#mysql_slot_0=( -# "nice=-5" -# "server-id=123" -# "log-bin="myhost" -# "port=3307" -#) -# -# start another server, different my.cnf -#mysql_slot_0_1=( -# "mycnf=/home/test/my.cnf" -# "server-id=124" -#) -# +# If you want a non-stock location for the config file, uncomment or update +# either of these as needed. If you do use it, you must make sure that none of +# your socket, pidfile, datadir, logfiles, binary logs, relay logs or InnoDB +# files collide with each other. +MY_CNF="/etc/mysql/my.cnf" +#MY_CNF="${MY_CNF:-/etc/${SVCNAME}/my.cnf}" +#MY_CNF="${MY_CNF:-/etc/mysql/my-${SVCNAME/mysql.}.cnf}" + +# Place any additional arguments here that you might need +# Common/useful options: +# --skip-slave-start=1 - For bringing up replication initially +# --server-id=NNN - Server ID for replication +# --skip-networking - lock it down to UNIX sockets only +MY_ARGS="" + +# This setting (in seconds) should be high enough to allow InnoDB to do a full +# checkpoint recovery. 900 is the default used in the upstream RPM startup +# scripts. 30 seconds should be sufficent if you just have a tiny <1GiB +# database. After the core startup is done, we wait this long for the UNIX +# socket to appear. +STARTUP_TIMEOUT="900" + +# This is how long, in milliseconds, we wait for pidfile to be created, early +# in the startup. +STARTUP_EARLY_TIMEOUT="1000" + +# How long (in seconds) should we wait for shutdown? +STOP_TIMEOUT=120 + +# integer [-20 .. 19 ] default 0 +# change the priority of the server -20 (high) to 19 (low) +# see nice(1) for description +#NICE=0 + +# See start-stop-daemon(8) for possible settings +#IONICE=2 + +# If defined, --verbose gets passed to S-S-D +#DEBUG=1 + +# Depending on your usage of MySQL, you may also wish to start it after some +# other services are up. Uncomment the lines below as needed. If these aren't +# enough for you, we encourage you to file a bug, and help us understand how +# you are using MySQL. + +# Do your MySQL ACLs refer to hostnames not in your /etc/hosts? +# If so, you need DNS before you can accept connections. +# Avoid dependency circular loops if you use MySQL to power a local DNS server. +#rc_use="dns" +#rc_after="dns" + +# Does your MySQL bind to an IP on an interface other than net.lo? +# Alternatively you might wish to specify the exact interface here. +#rc_use="net" +#rc_after="net" + +# Do you store your MySQL files on a SAN or other network filesystem, that is +# provided by the netmount init script? +#rc_need="netmount" + +# Or from NFS? P.S. This is not a good idea in most cases, but does have some +# valid usage cases, so we provide the option. +#rc_need="nfsmount" + +# Should any one of the instances satisfy the requirement for MySQL coming up? +# By default, we say no. +[ "${SVCNAME}" != mysql ] && rc_provide="!mysql" +# But uncomment this next instead if you think it should. +#rc_provide="mysql" + +# The conditional above has a false-positive "failure" return value as a +# side-effect, and since it's the last statement, without the next line, this +# script returns failure. +return 0 +# vim: ft=gentoo-conf-d et ts=4 sw=4: diff --git a/conf.d/mysql.default b/conf.d/mysql.default deleted file mode 100644 index df4c3a4..0000000 --- a/conf.d/mysql.default +++ /dev/null @@ -1,79 +0,0 @@ -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql-init-scripts/files/mysql-5.1.53-conf.d,v 1.2 2011/01/15 17:54:31 robbat2 Exp $ - -# If you want a non-stock location for the config file, uncomment or update -# either of these as needed. If you do use it, you must make sure that none of -# your socket, pidfile, datadir, logfiles, binary logs, relay logs or InnoDB -# files collide with each other. -MY_CNF="/etc/mysql/my.cnf" -#MY_CNF="${MY_CNF:-/etc/${SVCNAME}/my.cnf}" -#MY_CNF="${MY_CNF:-/etc/mysql/my-${SVCNAME/mysql.}.cnf}" - -# Place any additional arguments here that you might need -# Common/useful options: -# --skip-slave-start=1 - For bringing up replication initially -# --server-id=NNN - Server ID for replication -# --skip-networking - lock it down to UNIX sockets only -MY_ARGS="" - -# This setting (in seconds) should be high enough to allow InnoDB to do a full -# checkpoint recovery. 900 is the default used in the upstream RPM startup -# scripts. 30 seconds should be sufficent if you just have a tiny <1GiB -# database. After the core startup is done, we wait this long for the UNIX -# socket to appear. -STARTUP_TIMEOUT="900" - -# This is how long, in milliseconds, we wait for pidfile to be created, early -# in the startup. -STARTUP_EARLY_TIMEOUT="1000" - -# How long (in seconds) should we wait for shutdown? -STOP_TIMEOUT=120 - -# integer [-20 .. 19 ] default 0 -# change the priority of the server -20 (high) to 19 (low) -# see nice(1) for description -#NICE=0 - -# See start-stop-daemon(8) for possible settings -#IONICE=2 - -# If defined, --verbose gets passed to S-S-D -#DEBUG=1 - -# Depending on your usage of MySQL, you may also wish to start it after some -# other services are up. Uncomment the lines below as needed. If these aren't -# enough for you, we encourage you to file a bug, and help us understand how -# you are using MySQL. - -# Do your MySQL ACLs refer to hostnames not in your /etc/hosts? -# If so, you need DNS before you can accept connections. -# Avoid dependency circular loops if you use MySQL to power a local DNS server. -#rc_use="dns" -#rc_after="dns" - -# Does your MySQL bind to an IP on an interface other than net.lo? -# Alternatively you might wish to specify the exact interface here. -#rc_use="net" -#rc_after="net" - -# Do you store your MySQL files on a SAN or other network filesystem, that is -# provided by the netmount init script? -#rc_need="netmount" - -# Or from NFS? P.S. This is not a good idea in most cases, but does have some -# valid usage cases, so we provide the option. -#rc_need="nfsmount" - -# Should any one of the instances satisfy the requirement for MySQL coming up? -# By default, we say no. -[ "${SVCNAME}" != mysql ] && rc_provide="!mysql" -# But uncomment this next instead if you think it should. -#rc_provide="mysql" - -# The conditional above has a false-positive "failure" return value as a -# side-effect, and since it's the last statement, without the next line, this -# script returns failure. -return 0 -# vim: ft=gentoo-conf-d et ts=4 sw=4: diff --git a/conf.d/mysqlmanager b/conf.d/mysqlmanager deleted file mode 100644 index 8666f71..0000000 --- a/conf.d/mysqlmanager +++ /dev/null @@ -1,28 +0,0 @@ -# Here is where we define which server(s) to start. -# Additional parameters to be passed to mysqlmanager at startup may be added here, -# which will override the ones in "my.cnf". -# -# To avoid starting a server just comment it's definition -# here or it will rant (no default start). -# Last but not least, spaces are NOT allowed inside the parameters! -# -# Below are described some suggested parameters to use. -# The parameters not recognized will be passed through to the mysqlmanager directly. -# -# Parameter : description - -# ----------------+----------------------------------------------------------- -# mycnf : string [full path to my.cnf] -# : specify the path to my.cnf file to be used -# : may contain a [manager] section -# ----------------+----------------------------------------------------------- -# -# Basic default -# -#mysqlmanager_slot_0=() -# -# Start MySQL 5.0.X overriding the my.cnf path -#mysqlmanager_slot_500=( -# "mycnf=/home/test/my.cnf" -#) -# diff --git a/conf.d/net b/conf.d/net index 4e6947b..eb0d80c 100644 --- a/conf.d/net +++ b/conf.d/net @@ -1,40 +1,40 @@ # This blank configuration will automatically use DHCP for any net.* # scripts in /etc/init.d. To create a more complete configuration, -# please review /etc/conf.d/net.example and save your configuration +# please review /usr/share/doc/openrc*/net.example* and save your configuration # in /etc/conf.d/net (this file :]!). dns_domain_lo="brehm-online.com" dns_servers_lo="127.0.0.1 81.169.163.106 85.214.7.22" dns_search_lo="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" -#config_eth0=( -# "85.214.134.152/32 brd 85.214.134.152" -# "85.214.109.1/32 brd 85.214.109.1" -# "2a01:238:4225:6e00:8f8c:808a:7fb8:88df/128" -#) -config_eth0="85.214.134.152/32 85.214.109.1/32 2a01:238:4225:6e00:8f8c:808a:7fb8:88df/128" +dns_domain_eth0="brehm-online.com" +dns_servers_eth0="127.0.0.1 81.169.163.106 85.214.7.22" +dns_search_eth0="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" -#routes_eth0=( -# "default via 192.168.0.1" # IPv4 default route -# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route -# "::/0" # IPv6 unicast -#) - -# 85.214.128.1 dev eth0 scope link -# 169.254.0.0/16 dev eth0 scope link -# default via 85.214.128.1 dev eth0 - -#routes_eth0=( -# "85.214.128.1 dev eth0 scope link" -# "169.254.0.0/16 dev eth0 scope link" -# "default via 85.214.128.1" -#) -# "-family inet6 default via fe80::1 dev eth0" routes_eth0="85.214.128.1 dev eth0 scope link 169.254.0.0/16 dev eth0 scope link default via 85.214.128.1 " -dns_domain_eth0="brehm-online.com" -dns_servers_eth0="127.0.0.1 81.169.163.106 85.214.7.22" -dns_search_eth0="brehm-online.com brehm-online.eu brehm-berlin.de serverkompetenz.net" +config_eth0="85.214.134.152/32 85.214.109.1/32 2a01:238:4225:6e00:8f8c:808a:7fb8:88df/128" + +postup() { + case "${IFVAR}" in + eth0) + /sbin/ip -6 route add default via fe80::1 dev eth0 + ;; + esac + return 0 +} + +predown() { + case "${IFVAR}" in + eth0) + /sbin/ip -6 route del default via fe80::1 dev eth0 + ;; + esac + return 0 +} + + +# vim: ts=4 expandtab diff --git a/conf.d/net.example b/conf.d/net.example deleted file mode 100644 index 736497f..0000000 --- a/conf.d/net.example +++ /dev/null @@ -1,875 +0,0 @@ -# This file is obsolete. - -# This file is obsolete. - -# This file is obsolete. - -# This file is obsolete. - -# This file is obsolete. - -############################################################################## -# QUICK-START -# -# The quickest start is if you want to use DHCP. -# In that case, everything should work out of the box, no configuration -# necessary, though the startup script will warn you that you haven't -# specified anything. - -# WARNING :- some examples have a mixture of IPv4 (ie 192.168.0.1) and IPv6 -# (ie 4321:0:1:2:3:4:567:89ab) internet addresses. They only work if you have -# the relevant kernel option enabled. So if you don't have an IPv6 enabled -# kernel then remove the IPv6 address from your config. - -# If you want to use a static address or use DHCP explicitly, jump -# down to the section labelled INTERFACE HANDLERS. -# -# If you want to do anything more fancy, you should take the time to -# read through the rest of this file. - -############################################################################## -# MODULES -# -# We now support modular networking scripts which means we can easily -# add support for new interface types and modules while keeping -# compatability with existing ones. -# -# Modules load by default if the package they need is installed. If -# you specify a module here that doesn't have it's package installed -# then you get an error stating which package you need to install. -# Ideally, you only use the modules setting when you have two or more -# packages installed that supply the same service. -# -# In other words, you probably should DO NOTHING HERE... - -# Prefer ifconfig over iproute2 -#modules=( "ifconfig" ) - -# You can also specify other modules for an interface -# In this case we prefer udhcpc over dhcpcd -#modules_eth0=( "udhcpc" ) - -# You can also specify which modules not to use - for example you may be -# using a supplicant or linux-wlan-ng to control wireless configuration but -# you still want to configure network settings per ESSID associated with. -#modules=( "!iwconfig" "!wpa_supplicant" ) -# IMPORTANT: If you need the above, please disable modules in that order - - -############################################################################## -# INTERFACE HANDLERS -# -# We provide two interface handlers presently: ifconfig and iproute2. -# You need one of these to do any kind of network configuration. -# For ifconfig support, emerge sys-apps/net-tools -# For iproute2 support, emerge sys-apps/iproute2 - -# If you don't specify an interface then we prefer iproute2 if it's installed -# To prefer ifconfig over iproute2 -#modules=( "ifconfig" ) - -# For a static configuration, use something like this -# (They all do exactly the same thing btw) -#config_eth0=( "192.168.0.2/24" ) -#config_eth0=( "192.168.0.2 netmask 255.255.255.0" ) - -# We can also specify a broadcast -#config_eth0=( "192.168.0.2/24 brd 192.168.0.255" ) -#config_eth0=( "192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255" ) - -# If you need more than one address, you can use something like this -# NOTE: ifconfig creates an aliased device for each extra IPv4 address -# (eth0:1, eth0:2, etc) -# iproute2 does not do this as there is no need to -#config_eth0=( -# "192.168.0.2/24" -# "192.168.0.3/24" -# "192.168.0.4/24" -#) -# Or you can use sequence expressions -#config_eth0=( "192.168.0.{2..4}/24" ) -# which does the same as above. Be careful though as if you use this and -# fallbacks, you have to ensure that both end up with the same number of -# values otherwise your fallback won't work correctly. - -# You can also use IPv6 addresses -# (you should always specify a prefix length with IPv6 here) -#config_eth0=( -# "192.168.0.2/24" -# "4321:0:1:2:3:4:567:89ab/64" -# "4321:0:1:2:3:4:567:89ac/64" -#) - -# If you wish to keep existing addresses + routing and the interface is up, -# you can specify a noop (no operation). If the interface is down or there -# are no addresses assigned, then we move onto the next step (default dhcp) -# This is useful when configuring your interface with a kernel command line -# or similar -#config_eth0=( "noop" "192.168.0.2/24" ) - -# If you don't want ANY address (only useful when calling for advanced stuff) -#config_eth0=( "null" ) - -# Here's how to do routing if you need it -#routes_eth0=( -# "default via 192.168.0.1" # IPv4 default route -# "10.0.0.0/8 via 192.168.0.1" # IPv4 subnet route -# "::/0" # IPv6 unicast -#) - -# If a specified module fails (like dhcp - see below), you can specify a -# fallback like so -#fallback_eth0=( "192.168.0.2 netmask 255.255.255.0" ) -#fallback_route_eth0=( "default via 192.168.0.1" ) - -# NOTE: fallback entry must match the entry location in config_eth0 -# As such you can only have one fallback route. - -# Some users may need to alter the MTU - here's how -#mtu_eth0="1500" - -# Each module described below can set a default base metric, lower is -# preferred over higher. This is so we can prefer a wired route over a -# wireless route automaticaly. You can override this by setting -#metric_eth0="100" -# or on a global basis -#metric="100" -# The only downside of the global setting is that you have to ensure that -# there are no conflicting routes yourself. For users with large routing -# tables you may have to set a global metric as the due to a simple read of -# the routing table taking over a minute at a time. - -############################################################################## -# OPTIONAL MODULES - -# INTERFACE RENAMING -# There is no consistent device renaming scheme for Linux. -# The preferred way of naming devices is via the kernel module directly or -# by using udev (http://www.reactivated.net/udevrules.php) - -# If you are unable to write udev rules, then we do provide a way of renaming -# the interface based on it's MAC address, but it is not optimal. -# Here is how to rename an interface whose MAC address is 00:11:22:33:44:55 -# to foo1 -#rename_001122334455="foo1" - -# You can also do this based on current device name - although this is not -# recommended. Here we rename eth1 to foo2. -#rename_eth1="foo2" - -#----------------------------------------------------------------------------- -# WIRELESS (802.11 support) -# Wireless can be provided by iwconfig or wpa_supplicant - -# iwconfig -# emerge net-wireless/wireless-tools -# Wireless options are held in /etc/conf.d/wireless - but could be here too -# Consult the sample file /etc/conf.d/wireless.example for instructions -# iwconfig is the default - -# wpa_supplicant -# emerge net-wireless/wpa_supplicant -# Wireless options are held in /etc/wpa_supplicant/wpa_supplicant.conf -# Consult the wpa_supplicant.conf.example that is installed in -# /usr/share/doc/wpa_supplicant -# To choose wpa_supplicant over iwconfig -#modules=( "wpa_supplicant" ) -# To configure wpa_supplicant -#wpa_supplicant_eth0="-Dwext" # For generic wireless -#wpa_supplicant_ath0="-Dmadwifi" # For Atheros based cards -# Consult wpa_supplicant for more drivers -# By default don't wait for wpa_suppliant to associate and authenticate. -# If you would like to, so can specify how long in seconds -#associate_timeout_eth0=60 -# A value of 0 means wait forever. - -# GENERIC WIRELESS OPTIONS -# PLEASE READ THE INSTRUCTIONS IN /etc/conf.d/wireless.example FOR -# HOW TO USE THIS ESSID VARIABLE -# You can also override any settings found here per ESSID - which is very -# handy if you use different networks a lot -#config_ESSID=( "dhcp" ) -#dhcpcd_ESSID="-t 5" - -# Setting name/domain server causes /etc/resolv.conf to be overwritten -# Note that if DHCP is used, and you want this to take precedence then -# set dhcp_ESSID="nodns" -#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) -#dns_domain_ESSID="some.domain" -#dns_search_ESSID="search.this.domain search.that.domain" -# Please check the man page for resolv.conf for more information -# as domain and search are mutually exclusive. - -# You can also override any settings found here per MAC address of the AP -# in case you use Access Points with the same ESSID but need different -# networking configs. Below is an example - of course you use the same -# method with other variables -#mac_config_001122334455=( "dhcp" ) -#mac_dhcpcd_001122334455="-t 10" -#mac_dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) - -# When an interface has been associated with an Access Point, a global -# variable called ESSID is set to the Access Point's ESSID for use in the -# pre/post user functions below (although it's not available in preup as you -# won't have associated then) - -# If you're using anything else to configure wireless on your interface AND -# you have installed any of the above packages, you need to disable them -#modules=( "!iwconfig" "!wpa_supplicant" ) - -#----------------------------------------------------------------------------- -# DHCP -# DHCP can be provided by dhclient, dhcpcd, pump or udhcpc. -# -# dhclient: emerge net-misc/dhcp -# dhcpcd: emerge net-misc/dhcpcd -# pump: emerge net-misc/pump -# udhcpc: emerge net-misc/udhcp - -# If you have more than one DHCP client installed, you need to specify which -# one to use - otherwise we default to dhcpcd if available. -#modules=( "dhclient" ) # to select dhclient over dhcpcd -# -# Notes: -# - All clients send the current hostname to the DHCP server by default -# - dhcpcd does not daemonize when the lease time is infinite -# - udhcp-0.9.3-r3 and earlier do not support getting NTP servers -# - pump does not support getting NIS servers -# - DHCP tends to erase any existing device information - so add -# static addresses after dhcp if you need them -# - dhclient and udhcpc can set other resolv.conf options such as "option" -# and "sortlist"- see the System module for more details - -# Regardless of which DHCP client you prefer, you configure them the -# same way using one of following depending on which interface modules -# you're using. -#config_eth0=( "dhcp" ) - -# For passing custom options to dhcpcd use something like the following. This -# example reduces the timeout for retrieving an address from 60 seconds (the -# default) to 10 seconds. -#dhcpcd_eth0="-t 10" - -# dhclient, udhcpc and pump don't have many runtime options -# You can pass options to them in a similar manner to dhcpcd though -#dhclient_eth0="..." -#udhcpc_eth0="..." -#pump_eth0="..." - -# GENERIC DHCP OPTIONS -# Set generic DHCP options like so -#dhcp_eth0="release nodns nontp nonis nogateway nosendhost" - -# This tells the dhcp client to release it's lease when it stops, not to -# overwrite dns, ntp and nis settings, not to set a default route and not to -# send the current hostname to the dhcp server and when it starts. -# You can use any combination of the above options - the default is not to -# use any of them. - -#----------------------------------------------------------------------------- -# For APIPA support, emerge net-misc/iputils or net-analyzer/arping - -# APIPA is a module that tries to find a free address in the range -# 169.254.0.0-169.254.255.255 by arping a random address in that range on the -# interface. If no reply is found then we assign that address to the interface - -# This is only useful for LANs where there is no DHCP server and you don't -# connect directly to the internet. -#config_eth0=( "dhcp" ) -#fallback_eth0=( "apipa" ) - -#----------------------------------------------------------------------------- -# ARPING Gateway configuration -# and -# Automatic Private IP Addressing (APIPA) -# For arpingnet / apipa support, emerge net-misc/iputils or net-analyzer/arping -# -# This is a module that tries to find a gateway IP. If it exists then we use -# that gateways configuration for our own. For the configuration variables -# simply ensure that each octet is zero padded and the dots are removed. -# Below is an example. -# -#gateways_eth0="192.168.0.1 10.0.0.1" -#config_192168000001=( "192.168.0.2/24" ) -#routes_192168000001=( "default via 192.168.0.1" ) -#dns_servers_192168000001=( "192.168.0.1" ) -#config_010000000001=( "10.0.0.254/8" ) -#routes_010000000001=( "default via 10.0.0.1" ) -#dns_servers_010000000001=( "10.0.0.1" ) - -# We can also specify a specific MAC address for each gateway if different -# networks have the same gateway. -#gateways_eth0="192.168.0.1,00:11:22:AA:BB:CC 10.0.0.1,33:44:55:DD:EE:FF" -#config_192168000001_001122AABBCC=( "192.168.0.2/24" ) -#routes_192168000001_001122AABBCC=( "default via 192.168.0.1" ) -#dns_servers_192168000001_001122AABBCC=( "192.168.0.1" ) -#config_010000000001_334455DDEEFF=( "10.0.0.254/8" ) -#routes_010000000001_334455DDEEFF=( "default via 10.0.0.1" ) -#dns_servers_010000000001_334455DDEEFF=( "10.0.0.1" ) - -# If we don't find any gateways (or there are none configured) then we try and -# use APIPA to find a free address in the range 169.254.0.0-169.254.255.255 -# by arping a random address in that range on the interface. If no reply is -# found then we assign that address to the interface. - -# This is only useful for LANs where there is no DHCP server. -#config_eth0=( "arping" ) - -# or if no DHCP server can be found -#config_eth0=( "dhcp" ) -#fallback_eth0=( "arping" ) - -# NOTE: We default to sleeping for 1 second the first time we attempt an -# arping to give the interface time to settle on the LAN. This appears to -# be a good default for most instances, but if not you can alter it here. -#arping_sleep=5 -#arping_sleep_lan=7 - -# NOTE: We default to waiting 3 seconds to get an arping response. You can -# change the default wait like so. -#arping_wait=3 -#arping_wait_lan=2 - -#----------------------------------------------------------------------------- -# VLAN (802.1q support) -# For VLAN support, emerge net-misc/vconfig - -# Specify the VLAN numbers for the interface like so -# Please ensure your VLAN IDs are NOT zero-padded -#vlans_eth0="1 2" - -# You may not want to assign an IP the the physical interface, but we still -# need it up. -#config_eth0=( "null" ) - -# You can also configure the VLAN - see for vconfig man page for more details -#vconfig_eth0=( "set_name_type VLAN_PLUS_VID_NO_PAD" ) -#vconfig_vlan1=( "set_flag 1" "set_egress_map 2 6" ) -#config_vlan1=( "172.16.3.1 netmask 255.255.254.0" ) -#config_vlan2=( "172.16.2.1 netmask 255.255.254.0" ) - -# NOTE: Vlans can be configured with a . in their interface names -# When configuring vlans with this name type, you need to replace . with a _ -#config_eth0.1=( "dhcp" ) - does not work -#config_eth0_1=( "dhcp" ) - does work - -# NOTE: Vlans are controlled by their physical interface and not per vlan -# This means you do not need to create init scripts in /etc/init.d for each -# vlan, you must need to create one for the physical interface. -# If you wish to control the configuration of each vlan through a separate -# script, or wish to rename the vlan interface to something that vconfig -# cannot then you need to do this. -#vlan_start_eth0="no" - -# If you do the above then you may want to depend on eth0 like so -# RC_NEED_vlan1="net.eth0" -# NOTE: depend functions only work in /etc/conf.d/net -# and not in profile configs such as /etc/conf.d/net.foo - -#----------------------------------------------------------------------------- -# Bonding -# For link bonding/trunking emerge net-misc/ifenslave - -# To bond interfaces together -#slaves_bond0="eth0 eth1 eth2" -#config_bond0=( "null" ) # You may not want to assign an IP the the bond - -# If any of the slaves require extra configuration - for example wireless or -# ppp devices - we need to depend function on the bonded interfaces -#RC_NEED_bond0="net.eth0 net.eth1" - - -#----------------------------------------------------------------------------- -# Classical IP over ATM -# For CLIP support emerge net-dialup/linux-atm - -# Ensure that you have /etc/atmsigd.conf setup correctly -# Now setup each clip interface like so -#clip_atm0=( "peer_ip [if.]vpi.vci [opts]" ... ) -# where "peer_ip" is the IP address of a PVC peer (in case of an ATM connection -# with your ISP, your only peer is usually the ISP gateway closest to you), -# "if" is the number of the ATM interface which will carry the PVC, "vpi.vci" -# is the ATM VC address, and "opts" may optionally specify VC parameters like -# qos, pcr, and the like (see "atmarp -s" for further reference). Please also -# note quoting: it is meant to distinguish the VCs you want to create. You may, -# in example, create an atm0 interface to more peers, like this: -#clip_atm0=( "1.1.1.254 0.8.35" "1.1.1.253 1.8.35" ) - -# By default, the PVC will use the LLC/SNAP encapsulation. If you rather need a -# null encapsulation (aka "VC mode"), please add the keyword "null" to opts. - - -#----------------------------------------------------------------------------- -# PPP -# For PPP support, emerge net-dialup/ppp -# PPP is used for most dialup connections, including ADSL. -# The older ADSL module is documented below, but you are encouraged to try -# this module first. -# -# You need to create the PPP net script yourself. Make it like so -#ln -s net.lo /etc/init.d/net.ppp0 -# -# We have to instruct ppp0 to actually use ppp -#config_ppp0=( "ppp" ) -# -# Each PPP interface requires an interface to use as a "Link" -#link_ppp0="/dev/ttyS0" # Most PPP links will use a serial port -#link_ppp0="eth0" # PPPoE requires an ethernet interface -#link_ppp0="[itf.]vpi.vci" # PPPoA requires the ATM VC's address -#link_ppp0="/dev/null" # ISDN links should have this -#link_ppp0="pty 'your_link_command'" # PPP links over ssh, rsh, etc -# -# Here you should specify what pppd plugins you want to use -# Available plugins are: pppoe, pppoa, capi, dhcpc, minconn, radius, -# radattr, radrealms and winbind -#plugins_ppp0=( -# "pppoe" # Required plugin for PPPoE -# "pppoa vc-encaps" # Required plugin for PPPoA with an option -# "capi" # Required plugin for ISDN -#) -# -# PPP requires at least a username. You can optionally set a password here too -# If you don't, then it will use the password specified in /etc/ppp/*-secrets -# against the specified username -#username_ppp0='user' -#password_ppp0='password' -# NOTE: You can set a blank password like so -#password_ppp0= -# -# The PPP daemon has many options you can specify - although there are many -# and may seem daunting, it is recommended that you read the pppd man page -# before enabling any of them -#pppd_ppp0=( -# "maxfail 0" # WARNING: It's not recommended you use this -# # if you don't specify maxfail then we assume 0 -# "updetach" # If not set, "/etc/init.d/net.ppp0 start" will return -# # immediately, without waiting the link to come up -# # for the first time. -# # Do not use it for dial-on-demand links! -# "debug" # Enables syslog debugging -# "noauth" # Do not require the peer to authenticate itself -# "defaultroute" # Make this PPP interface the default route -# "usepeerdns" # Use the DNS settings provided by PPP -# -# On demand options -# "demand" # Enable dial on demand -# "idle 30" # Link goes down after 30 seconds of inactivity -# "10.112.112.112:10.112.112.113" # Phony IP addresses -# "ipcp-accept-remote" # Accept the peers idea of remote address -# "ipcp-accept-local" # Accept the peers idea of local address -# "holdoff 3" # Wait 3 seconds after link dies before re-starting -# -# Dead peer detection -# "lcp-echo-interval 15" # Send a LCP echo every 15 seconds -# "lcp-echo-failure 3" # Make peer dead after 3 consective -# # echo-requests -# -# Compression options - use these to completely disable compression -# noaccomp noccp nobsdcomp nodeflate nopcomp novj novjccomp -# -# Dial-up settings -# "lock" # Lock serial port -# "115200" # Set the serial port baud rate -# "modem crtscts" # Enable hardware flow control -# "192.168.0.1:192.168.0.2" # Local and remote IP addresses -#) -# -# Dial-up PPP users need to specify at least one telephone number -#phone_number_ppp0=( "12345689" ) # Maximum 2 phone numbers are supported -# They will also need a chat script - here's a good one -#chat_ppp0=( -# 'ABORT' 'BUSY' -# 'ABORT' 'ERROR' -# 'ABORT' 'NO ANSWER' -# 'ABORT' 'NO CARRIER' -# 'ABORT' 'NO DIALTONE' -# 'ABORT' 'Invalid Login' -# 'ABORT' 'Login incorrect' -# 'TIMEOUT' '5' -# '' 'ATZ' -# 'OK' 'AT' # Put your modem initialization string here -# 'OK' 'ATDT\T' -# 'TIMEOUT' '60' -# 'CONNECT' '' -# 'TIMEOUT' '5' -# '~--' '' -#) - -# If the link require extra configuration - for example wireless or -# RFC 268 bridge - we need to depend on the bridge so they get -# configured correctly. -#RC_NEED_ppp0="net.nas0" - -#WARNING: if MTU of the PPP interface is less than 1500 and you use this -#machine as a router, you should add the following rule to your firewall -# -#iptables -I FORWARD 1 -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu - -#----------------------------------------------------------------------------- -# ADSL -# For ADSL support, emerge net-dialup/rp-pppoe -# WARNING: This ADSL module is being deprecated in favour of the PPP module -# above. -# You should make the following settings and also put your -# username/password information in /etc/ppp/pap-secrets - -# Configure the interface to use ADSL -#config_eth0=( "adsl" ) - -# You probably won't need to edit /etc/ppp/pppoe.conf if you set this -#adsl_user_eth0="my-adsl-username" - -#----------------------------------------------------------------------------- -# ISDN -# For ISDN support, emerge net-dialup/isdn4k-utils -# You should make the following settings and also put your -# username/password information in /etc/ppp/pap-secrets - -# Configure the interface to use ISDN -#config_ippp0=( "dhcp" ) -# It's important to specify dhcp if you need it! -#config_ippp0=( "192.168.0.1/24" ) -# Otherwise, you can use a static IP - -# NOTE: The interface name must be either ippp or isdn followed by a number - -# You may need this option to set the default route -#ipppd_eth0="defaultroute" - -#----------------------------------------------------------------------------- -# MAC changer -# To set a specific MAC address -#mac_eth0="00:11:22:33:44:55" - -# For changing MAC addresses using the below, emerge net-analyzer/macchanger -# - to randomize the last 3 bytes only -#mac_eth0="random-ending" -# - to randomize between the same physical type of connection (e.g. fibre, -# copper, wireless) , all vendors -#mac_eth0="random-samekind" -# - to randomize between any physical type of connection (e.g. fibre, copper, -# wireless) , all vendors -#mac_eth0="random-anykind" -# - full randomization - WARNING: some MAC addresses generated by this may NOT -# act as expected -#mac_eth0="random-full" -# custom - passes all parameters directly to net-analyzer/macchanger -#mac_eth0="some custom set of parameters" - -# You can also set other options based on the MAC address of your network card -# Handy if you use different docking stations with laptops -#config_001122334455=( "dhcp" ) - -#----------------------------------------------------------------------------- -# TUN/TAP -# For TUN/TAP support emerge net-misc/openvpn or sys-apps/usermode-utilities -# -# You must specify if we're a tun or tap device. Then you can give it any -# name you like - such as vpn -#tuntap_vpn="tun" -#config_vpn=( "192.168.0.1/24") - -# Or stick wit the generic names - like tap0 -#tuntap_tap0="tap" -#config_tap0=( "192.168.0.1/24") - -# For passing custom options to tunctl use something like the following. This -# example sets the owner to adm -#tunctl_tun1="-u adm" -# When using openvpn, there are no options - -#----------------------------------------------------------------------------- -# Bridging (802.1d) -# For bridging support emerge net-misc/bridge-utils - -# To add ports to bridge br0 -#bridge_br0="eth0 eth1" -# or dynamically add them when the interface comes up -#bridge_add_eth0="br0" -#bridge_add_eth1="br0" - -# You need to configure the ports to null values so dhcp does not get started -#config_eth0=( "null" ) -#config_eth1=( "null" ) - -# Finally give the bridge an address - dhcp or a static IP -#config_br0=( "dhcp" ) # may not work when adding ports dynamically -#config_br0=( "192.168.0.1/24" ) - -# If any of the ports require extra configuration - for example wireless or -# ppp devices - we need to depend on them like so. -#RC_NEED_br0="net.eth0 net.eth1" - -# Below is an example of configuring the bridge -# Consult "man brctl" for more details -#brctl_br0=( "setfd 0" "sethello 0" "stp off" ) - -#----------------------------------------------------------------------------- -# RFC 2684 Bridge Support -# For RFC 2684 bridge support emerge net-misc/br2684ctl - -# Interface names have to be of the form nas0, nas1, nas2, etc. -# You have to specify a VPI and VCI for the interface like so -#br2684ctl_nas0="-a 0.38" # UK VPI and VCI - -# You may want to configure the encapsulation method as well by adding the -e -# option to the command above (may need to be before the -a command) -# -e 0 # LLC (default) -# -e 1 # VC mux - -# Then you can configure the interface as normal -#config_nas0=( "192.168.0.1/24" ) - -#----------------------------------------------------------------------------- -# Tunnelling -# WARNING: For tunnelling it is highly recommended that you -# emerge sys-apps/iproute2 -# -# For GRE tunnels -#iptunnel_vpn0="mode gre remote 207.170.82.1 key 0xffffffff ttl 255" - -# For IPIP tunnels -#iptunnel_vpn0="mode ipip remote 207.170.82.2 ttl 255" - -# To configure the interface -#config_vpn0=( "192.168.0.2 pointopoint 192.168.1.2" ) # ifconfig style -#config_vpn0=( "192.168.0.2 peer 192.168.1.1" ) # iproute2 style - -# 6to4 Tunnels allow IPv6 to work over IPv4 addresses, provided you -# have a non-private address configured on an interface. -# link_6to4="eth0" # Interface to base it's addresses on -# config_6to4=( "ip6to4" ) -# You may want to depend on eth0 like so -#RC_NEED_6to4="net.eth0" -# To ensure that eth0 is configured before 6to4. Of course, the tunnel could be -# any name and this also works for any configured interface. -# NOTE: If you're not using iproute2 then your 6to4 tunnel has to be called -# sit0 - otherwise use a different name like 6to4 in the example above. - - -#----------------------------------------------------------------------------- -# System -# For configuring system specifics such as domain, dns, ntp and nis servers -# It's rare that you would need todo this, but you can anyway. -# This is most benefit to wireless users who don't use DHCP so they can change -# their configs based on ESSID. See wireless.example for more details - -# To use dns settings such as these, dns_servers_eth0 must be set! -# If you omit the _eth0 suffix, then it applies to all interfaces unless -# overridden by the interface suffix. -#dns_domain_eth0="your.domain" -#dns_servers_eth0="192.168.0.2 192.168.0.3" -#dns_search_eth0="this.domain that.domain" -#dns_options_eth0=( "timeout 1" "rotate" ) -#dns_sortlist_eth0="130.155.160.0/255.255.240.0 130.155.0.0" -# See the man page for resolv.conf for details about the options and sortlist -# directives - -#ntp_servers_eth0="192.168.0.2 192.168.0.3" - -#nis_domain_eth0="domain" -#nis_servers_eth0="192.168.0.2 192.168.0.3" - -# NOTE: Setting any of these will stamp on the files in question. So if you -# don't specify dns_servers but you do specify dns_domain then no nameservers -# will be listed in /etc/resolv.conf even if there were any there to start -# with. -# If this is an issue for you then maybe you should look into a resolv.conf -# manager like resolvconf-gentoo to manage this file for you. All packages -# that baselayout supports use resolvconf-gentoo if installed. - -#----------------------------------------------------------------------------- -# Cable in/out detection -# Sometimes the cable is in, others it's out. Obviously you don't want to -# restart net.eth0 every time when you plug it in either. -# -# netplug is a package that detects this and requires no extra configuration -# on your part. -# emerge sys-apps/netplug -# or -# emerge sys-apps/ifplugd -# and you're done :) - -# By default we don't wait for netplug/ifplugd to configure the interface. -# If you would like it to wait so that other services now that network is up -# then you can specify a timeout here. -#plug_timeout="10" -# A value of 0 means wait forever. - -# If you don't want to use netplug on a specific interface but you have it -# installed, you can disable it for that interface via the modules statement -#modules_eth0=( "!netplug" ) -# You can do the same for ifplugd -# -# You can disable them both with the generic plug -#modules_eth0=( "!plug" ) - -# To use specific ifplugd options, fex specifying wireless mode -#ifplugd_eth0="--api-mode=wlan" -# man ifplugd for more options - -############################################################################## -# ADVANCED CONFIGURATION -# -# Four functions can be defined which will be called surrounding the -# start/stop operations. The functions are called with the interface -# name first so that one function can control multiple adapters. An extra two -# functions can be defined when an interface fails to start or stop. -# -# The return values for the preup and predown functions should be 0 -# (success) to indicate that configuration or deconfiguration of the -# interface can continue. If preup returns a non-zero value, then -# interface configuration will be aborted. If predown returns a -# non-zero value, then the interface will not be allowed to continue -# deconfiguration. -# -# The return values for the postup, postdown, failup and faildown functions are -# ignored since there's nothing to do if they indicate failure. -# -# ${IFACE} is set to the interface being brought up/down -# ${IFVAR} is ${IFACE} converted to variable name bash allows - -#preup() { -# # Test for link on the interface prior to bringing it up. This -# # only works on some network adapters and requires the mii-diag -# # package to be installed. -# if mii-tool "${IFACE}" 2> /dev/null | grep -q 'no link'; then -# ewarn "No link on ${IFACE}, aborting configuration" -# return 1 -# fi -# -# # Test for link on the interface prior to bringing it up. This -# # only works on some network adapters and requires the ethtool -# # package to be installed. -# if ethtool "${IFACE}" | grep -q 'Link detected: no'; then -# ewarn "No link on ${IFACE}, aborting configuration" -# return 1 -# fi -# -# -# # Remember to return 0 on success -# return 0 -#} - -#predown() { -# # The default in the script is to test for NFS root and disallow -# # downing interfaces in that case. Note that if you specify a -# # predown() function you will override that logic. Here it is, in -# # case you still want it... -# if is_net_fs /; then -# eerror "root filesystem is network mounted -- can't stop ${IFACE}" -# return 1 -# fi -# -# # Remember to return 0 on success -# return 0 -#} - -#postup() { -# # This function could be used, for example, to register with a -# # dynamic DNS service. Another possibility would be to -# # send/receive mail once the interface is brought up. - -# # Here is an example that allows the use of iproute rules -# # which have been configured using the rules_eth0 variable. -# #rules_eth0=( -# # "from 24.80.102.112/32 to 192.168.1.0/24 table localnet priority 100" -# # "from 216.113.223.51/32 to 192.168.1.0/24 table localnet priority 100" -# #) -# local x="rules_${IFVAR}[@]" -# local -a rules=( "${!x}" ) -# if [[ -n ${rules} ]] ; then -# einfo "Adding IP policy routing rules" -# eindent -# # Ensure that the kernel supports policy routing -# if ! ip rule list | grep -q "^" ; then -# eerror "You need to enable IP Policy Routing (CONFIG_IP_MULTIPLE_TABLES)" -# eerror "in your kernel to use ip rules" -# else -# for x in "${rules[@]}" ; do -# ebegin "${x}" -# ip rule add ${x} -# eend $? -# done -# fi -# eoutdent -# # Flush the cache -# ip route flush cache dev "${IFACE}" -# fi - -#} - -#postdown() { -# # Enable Wake-On-LAN for every interface except for lo -# # Probably a good idea to set RC_DOWN_INTERFACE="no" in /etc/conf.d/rc -# # as well ;) -# [[ ${IFACE} != "lo" ]] && ethtool -s "${IFACE}" wol g - -# Automatically erase any ip rules created in the example postup above -# if interface_exists "${IFACE}" ; then -# # Remove any rules for this interface -# local rule -# ip rule list | grep " iif ${IFACE}[ ]*" | { -# while read rule ; do -# rule="${rule#*:}" -# ip rule del ${rule} -# done -# } -# # Flush the route cache -# ip route flush cache dev "${IFACE}" -# fi - -# # Return 0 always -# return 0 -#} - -#failup() { -# # This function is mostly here for completeness... I haven't -# # thought of anything nifty to do with it yet ;-) -#} - -#faildown() { -# # This function is mostly here for completeness... I haven't -# # thought of anything nifty to do with it yet ;-) -#} - -############################################################################## -# FORCING MODULES -# The Big Fat Warning :- If you use module forcing do not complain to us or -# file bugs about it not working! -# -# Loading modules is a slow affair - we have to check each one for the following -# 1) Code sanity -# 2) Has the required package been emerged? -# 3) Has it modified anything? -# 4) Have all the dependant modules been loaded? - -# Then we have to strip out the conflicting modules based on user preference -# and default configuration and sort them into the correct order. -# Finally we check the end result for dependencies. - -# This, of course, takes valuable CPU time so we provide module forcing as a -# means to speed things up. We still do *some* checking but not much. - -# It is essential that you force modules in the correct order and supply all -# the modules you need. You must always supply an interface module - we -# supply ifconfig or iproute2. - -# The Big Fat Warning :- If you use module forcing do not complain to us or -# file bugs about it not working! - -# Now that we've warned you twice, here's how to do it -#modules_force=( "ifconfig" ) -#modules_force=( "iproute2" "dhcpcd" ) - -# We can also apply this to a specific interface -#modules_force_eth1=( "iproute2" ) - -# The below will not work -#modules_force=( "dhcpcd" ) -# No interface (ifconfig/iproute2) -#modules_force=( "ifconfig" "essidnet" "iwconfig" ) -# Although it will not crash, essidnet will not work as it has to come after -# iwconfig -#modules_force=( "iproute2" "ifconfig" ) -# The interface will be setup twice which will cause problems diff --git a/conf.d/ntpd b/conf.d/ntpd index 6b86e9f..c651e80 100644 --- a/conf.d/ntpd +++ b/conf.d/ntpd @@ -3,4 +3,4 @@ # Options to pass to the ntpd process # Most people should leave this line alone ... # however, if you know what you're doing, feel free to tweak -NTPD_OPTS="" +NTPD_OPTS="-u ntp:ntp" diff --git a/conf.d/portmap b/conf.d/portmap deleted file mode 100644 index c2756c9..0000000 --- a/conf.d/portmap +++ /dev/null @@ -1,5 +0,0 @@ -# /etc/conf.d/portmap: config file for /etc/init.d/portmap - -# Options for `portmap`. -# For a full list, just run `portmap -h`. -#PORTMAP_OPTS="-l" diff --git a/conf.d/pydoc-2.6 b/conf.d/pydoc-2.6 deleted file mode 100644 index c0917ea..0000000 --- a/conf.d/pydoc-2.6 +++ /dev/null @@ -1,8 +0,0 @@ -# /etc/init.d/pydoc.conf -# $Header: /etc/conf.d/.rcs/pydoc-2.6,v 1.1 2010/11/30 20:43:53 root Exp $ - -# This file contains the configuration information for pydoc's internal -# webserver. The variables should be rather self explanatory :-) - -# Default port for Python's pydoc server -PYDOC_PORT=7464 diff --git a/conf.d/quota b/conf.d/quota deleted file mode 100644 index 6e66c88..0000000 --- a/conf.d/quota +++ /dev/null @@ -1,20 +0,0 @@ -# /etc/conf.d/quota: config file for /etc/init.d/quota - -# Note: if your console is hooked up to a serial terminal, -# you prob want to drop the '-v' from the OPTS vars below. - - -# Run quotacheck ? -RUN_QUOTACHECK="yes" - - -# Options for quotacheck -QUOTACHECK_OPTS="-avug" - - -# Options for quotaon -QUOTAON_OPTS="-avug" - - -# Options for quotaoff -QUOTAOFF_OPTS="-avug" diff --git a/conf.d/rc b/conf.d/rc deleted file mode 100644 index d4382c6..0000000 --- a/conf.d/rc +++ /dev/null @@ -1,241 +0,0 @@ -# /etc/conf.d/rc: Global config file for the Gentoo RC System - -# This is the number of tty's used in most of the rc-scripts (like -# consolefont, numlock, etc ...) - -RC_TTY_NUMBER=12 - -# Set to "yes" if you want the rc system to try and start services -# in parallel for a slight speed improvement. NOTE: When RC_PARALLEL_STARTUP -# is enabled, init script output is replaced with simple "service foo -# starting/stopping" messages so that output is not mixed up. -# You can stop this from happening on the command line by passing --verbose -# to the init script or by setting RC_VERBOSE="yes" below. - -RC_PARALLEL_STARTUP="no" - -# Set RC_INTERACTIVE to "yes" and you'll be able to press the I key during -# boot so you can choose to start specific services. Set to "no" to disable -# this feature. - -RC_INTERACTIVE="yes" - -# Do we allow services to be hotplugged? If not, set to RC_HOTPLUG="no" -# NOTE: This does not affect anything hotplug/udev related, just the -# starting/stopping of the init.d service triggered by hotplug. - -RC_HOTPLUG="yes" - -# Dynamic /dev managers can trigger coldplug events which cause services to -# start before we are ready for them. If this happens, we can defer these -# services to start in the boot runlevel. Set RC_COLDPLUG="no" if you don't -# want this. -# NOTE: This also affects module coldplugging in udev-096 and higher -# If you want module coldplugging but not coldplugging of services then you -# can set RC_COLDPLUG="yes" and RC_PLUG_SERVICES="!*" - -RC_COLDPLUG="yes" - -# Some people want a finer grain over hotplug/coldplug. RC_PLUG_SERVICES is a -# list of services that are matched in order, either allowing or not. By -# default we allow services through as RC_COLDPLUG/RC_HOTPLUG has to be yes -# anyway. -# Example - RC_PLUG_SERVICES="net.wlan !net.*" -# This allows net.wlan and any service not matching net.* to be plugged. - -RC_PLUG_SERVICES="" - -# RC_NET_STRICT_CHECKING allows some flexibility with the 'net' service. -# The following values are allowed: -# none - The 'net' service is always considered up. -# no - This basically means that at least one net.* service besides net.lo -# must be up. This can be used by notebook users that have a wifi and -# a static nic, and only wants one up at any given time to have the -# 'net' service seen as up. -# lo - This is the same as the 'no' option, but net.lo is also counted. -# This should be useful to people that do not care about any specific -# interface being up at boot. -# yes - For this ALL network interfaces MUST be up for the 'net' service to -# be considered up. - -RC_NET_STRICT_CHECKING="no" - -# RC_DOWN_INTERFACE allows you to specify if RC will bring the interface -# completely down when it stops. The default is yes, but there are some -# instances where you may not want this to happen such as using Wake On LAN. - -RC_DOWN_INTERFACE="yes" - -# RC_VOLUME_ORDER allows you to specify, or even remove the volume setup -# for various volume managers (MD, EVMS2, LVM, DM, etc). Note that they are -# stopped in reverse order. - -RC_VOLUME_ORDER="raid evms lvm dm" - -# RC_VERBOSE will make init scripts more verbose. Only networking scripts -# really use this at this time, and this is useful for trouble shooting -# any issues you may have. -# This is also used to re-enable init script output for init scripts -# started or stopped from the command line. - -RC_VERBOSE="no" - -# RC_BOOTLOG will generate a log of the boot messages shown on the console. -# Useful for headless machines or debugging. You need to emerge the -# app-admin/showconsole package for this to work. Note that this probably -# won't work correctly with boot splash. - -RC_BOOTLOG="no" - -# Set to "yes" if you want to benchmark system boot with bootchart. -# You'll need to emerge the app-benchmarks/bootchart package for this to work. - -RC_BOOTCHART="no" - -# RC_USE_FSTAB allows you to override the default mount options for the -# standard /proc, /sys, /dev, and /dev/pts mount points. Note that this -# is the new way for selecting ramfs/tmpfs/etc... for udev mounting. - -RC_USE_FSTAB="no" - -# RC_USE_CONFIG_PROFILE allows you to have different /etc/conf.d files -# based on your runlevel - if a conf.d file for your profile does not exist -# then we try and use the default one. -# To enable runlevel selection at boot, append "softlevel=foobar" to your -# kernel line to change to the foobar runlevel. Here we would search for -# /etc/conf.d/.foobar config files before trying to use the default -# /etc/conf.d/. -# Note that it is only active if 'softlevel' was specified via the kernel line, -# and it is intended to use for different grub/lilo entries to specify config -# changes for say laptops between home and work, where you would have setup -# 'work' and 'home' runlevels, with /etc/conf.d/*. as needed. - -RC_USE_CONFIG_PROFILE="yes" - -# RC_FORCE_AUTO tries its best to prevent user interaction during the boot and -# shutdown process. For example, fsck will automatically be run or volumes -# remounted to create proper directory trees. This feature can be dangerous -# and is meant ONLY for headless machines where getting a physical console -# hooked up is a huge pita. - -RC_FORCE_AUTO="no" - -# Use this variable to control the /dev management behavior. -# auto - let the scripts figure out what's best at boot -# devfs - use devfs (requires sys-fs/devfsd) -# udev - use udev (requires sys-fs/udev) -# static - let the user manage /dev (YOU need to create ALL device nodes) - -RC_DEVICES="auto" - -# UDEV OPTION: -# Set to "yes" if you want to save /dev to a tarball on shutdown -# and restore it on startup. This is useful if you have a lot of -# custom device nodes that udev does not handle/know about. - -RC_DEVICE_TARBALL="no" - -# RC_DMESG_LEVEL sets the level at which logging of messages is done to the -# console. See dmesg(8) for more info. - -RC_DMESG_LEVEL="1" - - - - - -# -# Controlling start-stop-daemon behavior - -# Set to "yes" if start-stop-daemon should always retry killing the -# service with sig KILL if it fails the first time. - -RC_RETRY_KILL="yes" - - -# Set the amount of seconds start-stop-daemon should wait between -# retries. - -RC_RETRY_TIMEOUT=1 - - -# Set the amount of times start-stop-daemon should try to kill -# a service before giving up. - -RC_RETRY_COUNT=5 - - -# Set to "yes" if start-stop-daemon should fail if the service -# is marked as started, but not actually running on stop. - -RC_FAIL_ON_ZOMBIE="no" - - -# Set to "yes" if start-stop-daemon should attempt to kill -# any children left in the system. -# Be careful with this as it really does what it was on the tin. -# fex, if you're in an ssh process and you restart a service on which ssh -# depends then your terminal will be killed also. - -RC_KILL_CHILDREN="no" - - -# Set the amount of seconds start-stop-daemon waits after starting -# the daemon to check it is still running. If it's not then we -# try and stop any children if possible. -RC_WAIT_ON_START="0.1" - - -############################################################################## -# SERVICE CONFIGURATION VARIABLES -# These variables are documented here, but should be configured in -# /etc/conf.d/foo for service foo and NOT enabled here unless you -# really want them to work on a global basis. - -# Some daemons are started and stopped via start-stop-daemon. -# We can launch them through other daemons here, for example valgrind. -# This is only useful for serious debugging of the daemon -# WARNING: If the script's "stop" function does not supply a PID file then -# all processes using the same daemon will be killed. -#RC_DAEMON="/usr/bin/valgrind --tool=memcheck --log-file=/tmp/valgrind.syslog-ng" - -# strace needs to be prefixed with --background as it does not detach when -# it's following -#RC_DAEMON="--background /usr/sbin/strace -f -o /tmp/strace.syslog-ng" - -# Pass ulimit parameters -#RC_ULIMIT="-u 30" - -############################################################################## - - -# -# Internal configuration variables -# -# NB: These are for advanced users, and you should really -# know what you are doing before changing them! -# - -# rc-scripts dep-cache directory -# -# NOTE: Do not remove the next line, as its needed by the baselayout ebuild! -# -# svcdir="/var/lib/init.d" - -svcdir="/var/lib/init.d" - -# Should we mount $svcdir in a ram disk for some speed increase -# for slower machines, or for the more extreme setups ? - -svcmount="no" - -# FS type that should be used for $svcdir. Note that you need -# $svcmount above set to "yes" for this to work ... Currently -# tmpfs, ramfs, and ramdisk are supported (tmpfs is the default). - -svcfstype="tmpfs" - -# Size of $svcdir in KB. Note that ramfs doesn't support this -# due to kernel limitations. - -svcsize=2048 diff --git a/conf.d/saslauthd b/conf.d/saslauthd index e9554b1..3f2653c 100644 --- a/conf.d/saslauthd +++ b/conf.d/saslauthd @@ -1,4 +1,4 @@ -# $Header: /etc/conf.d/.rcs/saslauthd,v 1.1 2010/12/01 06:52:36 root Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/cyrus-sasl/files/saslauthd-2.1.21.conf,v 1.2 2007/04/07 13:03:55 chtekk Exp $ # Config file for /etc/init.d/saslauthd diff --git a/conf.d/wireless.example b/conf.d/wireless.example deleted file mode 100644 index 167dcf5..0000000 --- a/conf.d/wireless.example +++ /dev/null @@ -1,308 +0,0 @@ -# This file is obsolete. - -# This file is obsolete. - -# This file is obsolete. - -# This file is obsolete. - -# This file is obsolete. - -# /etc/conf.d/wireless: -# Global wireless config file for net.* rc-scripts - -# -# Usage of /etc/conf.d/wireless is deprecated ... make sure you -# put all settings in /etc/conf.d/net -# - - -############################################################################## -# IMPORTANT -# linux-wlan-ng is not supported as they have their own configuration program -# ensure that /etc/conf.d/net has the entry "!iwconfig" in it's modules line -# Try and use an alternative driver if you need to use this - hostap-driver -# supports non-usb linux-wlan-ng driven devices -############################################################################## - -############################################################################## -# HINTS -############################################################################## -# Remember to change eth0 to your wireless interface which may be -# eth0, eth1, wlan0, ath0 - you get the idea. If you're not sure -# you can type "iwconfig" at the command prompt and it will tell you which -# interfaces are wireless. -# Say that your wireless interface is ath0 - the line -# #essid_eth0="any" -# becomes -# #essid_ath0="any" -# -# Remember to change ESSID to your ESSID. -# Say that your ESSID is My NET - the line -# #key_ESSID="s:passkey" -# becomes -# #key_My_NET="s:passkey" -# Notice that the space has changed to an underscore - do the same with all -# characters not in a-z A-Z (english alphabet) 0-9. This only applies to -# variables and not values. -# -# Any ESSID's in values like essid_eth0="My NET" may need to be escaped -# This means placing the character \ before the character -# \" need to be escaped for example -# So if your ESSID is -# My "\ NET -# it becomes -# My \"\\ NET -# for example -# #essid_eth0="My\"\\NET" -# -# So using the above we can use -# #dns_domain_My____NET="My\"\\NET" -# which is an invalid dns domain, but shows the how to use the variable -# structure -# -# As a final note, most users will just need to set the following options -# key_ESSID1="s:yourkeyhere enc open" # s: means a text key -# key_ESSID2="aaaa-bbbb-cccc-dd" # no s: means a hex key -# preferred_aps=( "ESSID1" "ESSID2" ) -# -# Clear? Good. Now configure your wireless network below -######################################################### - -############################################################################## -# SETTINGS -############################################################################## -# Hard code an ESSID to an interface - leave this unset if you wish the driver -# to scan for available Access Points -# Set to "any" to connect to any ESSID - the driver picks an Access Point -# This needs to be done when the driver doesn't support scanning -# This may work for drivers that don't support scanning but you need automatic -# AP association -# I would only set this as a last resort really - use the preferred_aps -# setting at the bottom of this file - -# However, using ad-hoc (without scanning for APs) and master mode -# do require the ESSID to be set - do this here -#essid_eth0="any" - -# Set the mode of the interface (managed, ad-hoc, master or auto) -# The default is auto -# If it's ad-hoc or master you also may need to specify the channel below -#mode_eth0="auto" - -# If managed mode fails, drop to ad-hoc mode with the below ESSID? -#adhoc_essid_eth0="WLAN" - -#Channel can be set (1-14), but defaults to 3 if not set. -# -# The below is taken verbatim from the BSD wavelan documentation found at -# http://www.netbsd.org/Documentation/network/wavelan.html -# There are 14 channels possible; We are told that channels 1-11 are legal for -# North America, channels 1-13 for most of Europe, channels 10-13 for France, -# and only channel 14 for Japan. If in doubt, please refer to the documentation -# that came with your card or access point. Make sure that the channel you -# select is the same channel your access point (or the other card in an ad-hoc -# network) is on. The default for cards sold in North America and most of Europe -# is 3; the default for cards sold in France is 11, and the default for cards -# sold in Japan is 14. -#channel_eth0="3" - -# Setup any other config commands. This is basically the iwconfig argument -# without the iwconfig $iface. -#iwconfig_eth0="" - -# Set private driver ioctls. This is basically the iwpriv argument without -# the iwpriv $iface. If you use the rt2500 driver (not the rt2x00 one) then -# you can set WPA here, below is an example. -#iwpriv_eth0="" -#iwpriv_ESSID=( -# "set AuthMode=WPAPSK" -# "set EncrypType=TKIP" -# "set WPAPSK=yourpasskey" -#) -#NOTE: Even though you can use WPA like so, you may have to set a WEP key -#if your driver claims the AP is encrypted. The WEP key itself will not be -#used though. - -# Seconds to wait before scanning -# Some drivers need to wait until they have finished "loading" -# before they can scan - otherwise they error and claim that they cannot scan -# or resource is unavailable. The default is to wait zero seconds -#sleep_scan_eth0="1" - -# Seconds to wait until associated. The default is to wait 10 seconds. -# 0 means wait indefinitely. WARNING: this can cause an infinite delay when -# booting. -#associate_timeout_eth0="5" - -# By default a successful association in Managed mode sets the MAC -# address of the AP connected to. However, some drivers (namely -# the ipw2100) don't set an invalid MAC address when association -# fails - so we need to check on link quality which some drivers -# don't report properly either. -# So if you have connection problems try flipping this setting -# Valid options are MAC, quality and all - defaults to MAC -#associate_test_eth0="MAC" - -# Some driver/card combinations need to scan in Ad-Hoc mode -# After scanning, the mode is reset to the one defined above -#scan_mode_eth0="Ad-Hoc" - -# Below you can define private ioctls to run before and after scanning -# Format is the same as the iwpriv_eth0 above -# This is needed for the HostAP drivers -#iwpriv_scan_pre_eth0="host_roaming 2" -#iwpriv_scan_post_eth0="host_roaming 0" - -# Define a WEP key per ESSID or MAC address (of the AP, not your card) -# The encryption type (open or restricted) must match the -# encryption type on the Access Point -# You can't use "any" for an ESSID here -#key_ESSID="1234-1234-1234-1234-1234-1234-56" -# or you can use strings. Passphrase IS NOT supported -# To use a string, prefix it with s: -# Note - this example also sets the encryption method to open -# which is regarded as more secure than restricted -#key_ESSID="s:foobar enc open" -#key_ESSID="s:foobar enc restricted" - -# If you have whitespace in your key, here's how to set it and use other -# commands like using open encryption. -#key_ESSID="s:'foo bar' enc open" - -# WEP key for the AP with MAC address 001122334455 -#mac_key_001122334455="s:foobar" - -# Here are some more examples of keys as some users find others work -# and some don't where they should all do the same thing -#key_ESSID="open s:foobar" -#key_ESSID="open 1234-5678-9012" -#key_ESSID="s:foobar enc open" -#key_ESSID="1234-5678-9012 enc open" - -# You may want to set multiple keys - here's an example -# It sets 4 keys on the card and instructs to use key 2 by default -#key_ESSID="[1] s:passkey1 key [2] s:passkey2 key [3] s:passkey3 key [4] s:passkey4 key [2]" - -# You can also override the interface settings found in /etc/conf.d/net -# per ESSID - which is very handy if you use different networks a lot -#config_ESSID=( "dhcp" ) -#dhcpcd_ESSID="-t 5" -#routes_ESSID=() -#fallback_ESSID=() - -# Setting name/domain server causes /etc/resolv.conf to be overwritten -# Note that if DHCP is used, and you want this to take precedence then -# please put -R in your dhcpcd options -#dns_servers_ESSID=( "192.168.0.1" "192.168.0.2" ) -#dns_domain_ESSID="some.domain" -#dns_search_path_ESSID="search.this.domain search.that.domain" -# Please check the man page for resolv.conf for more information -# as domain and search (searchdomains) are mutually exclusive and -# searchdomains takes precedence - -# You can also set any of the /etc/conf.d/net variables per MAC address -# in case you use Access Points with the same ESSID but need different -# networking configs. Below is an example - of course you use the same -# method with other variables -#config_001122334455=( "dhcp" ) -#dhcpcd_001122334455="-t 10" -#dns_servers_001122334455=( "192.168.0.1" "192.168.0.2" ) - -# Map a MAC address to an ESSID -# This is used when the Access Point is not broadcasting it's ESSID -# WARNING: This will override the ESSID being broadcast due to some -# Access Points sending an ESSID even when they have been configured -# not to! -# Change 001122334455 to the MAC address and ESSID to the ESSID -# it should map to -#mac_essid_001122334455="ESSID" - -# This lists the preferred ESSIDs to connect to in order -# ESSID's can contain any characters here as they must match the broadcast -# ESSID exactly. -# Surround each ESSID with the " character and separate them with a space -# If the first ESSID isn't found then it moves onto the next -# If this isn't defined then it connects to the first one found -#preferred_aps=( "ESSID 1" "ESSID 2" ) - -# You can also define a preferred_aps list per interface -#preferred_aps_eth0=( "ESSID 3" "ESSID 4" ) - -# You can also say whether we only connect to preferred APs or not -# Values are "any", "preferredonly", "forcepreferred", "forcepreferredonly" and "forceany" -# "any" means it will connect to visible APs in the preferred list and then any -# other available AP -# "preferredonly" means it will only connect to visible APs in the preferred list -# "forcepreferred" means it will forcibly connect to APs in order if it does not find -# them in a scan -# "forcepreferredonly" means it forcibly connects to the APs in order and does not bother -# to scan -# "forceany" does the same as forcepreferred + connects to any other available AP -# Default is "any" -#associate_order="any" -#associate_order_eth0="any" - -# You can define blacklisted Access Points in the same way -#blacklist_aps=( "ESSID 1" "ESSID 2" ) -#blacklist_aps_eth0=( "ESSID 3" ESSID 4" ) - -# If you have more than one wireless card, you can say if you want -# to allow each card to associate with the same Access Point or not -# Values are "yes" and "no" -# Default is "yes" -#unique_ap="yes" -#unique_ap_eth0="yes" - -# IMPORTANT: preferred_only, blacklisted_aps and unique_ap only work when -# essid_eth0 is not set and your card is capable of scanning - -# NOTE: preferred_aps list ignores blacklisted_aps - so if you have -# the same ESSID in both, well, you're a bit silly :p - - -############################################################################## -# ADVANCED CONFIGURATION -# -# Two functions can be defined which will be called surrounding the -# associate function. The functions are called with the interface -# name first so that one function can control multiple adapters. -# -# The return values for the preassociate function should be 0 -# (success) to indicate that configuration or deconfiguration of the -# interface can continue. If preassociate returns a non-zero value, then -# interface configuration will be aborted. -# -# The return value for the postassociate function is ignored -# since there's nothing to do if it indicates failure. - -#preassociate() { -# # The below adds two configuration variables leap_user_ESSID -# # and leap_pass_ESSID. When they are both configured for the ESSID -# # being connected to then we run the CISCO LEAP script -# -# local user pass -# eval user=\"\$\{leap_user_${ESSIDVAR}\}\" -# eval pass=\"\$\{leap_pass_${ESSIDVAR}\}\" -# -# if [[ -n ${user} && -n ${pass} ]]; then -# if [[ ! -x /opt/cisco/bin/leapscript ]]; then -# eend "For LEAP support, please emerge net-misc/cisco-aironet-client-utils" -# return 1 -# fi -# einfo "Waiting for LEAP Authentication on \"${ESSID//\\\\//}\"" -# if /opt/cisco/bin/leapscript ${user} ${pass} | grep -q 'Login incorrect'; then -# ewarn "Login Failed for ${user}" -# return 1 -# fi -# fi -# -# return 0 -#} - -#postassociate() { -# # This function is mostly here for completeness... I haven't -# # thought of anything nifty to do with it yet ;-) -# # Return 0 always -# return 0 -#} diff --git a/config-archive/etc/bash/bashrc b/config-archive/etc/bash/bashrc new file mode 100644 index 0000000..6262977 --- /dev/null +++ b/config-archive/etc/bash/bashrc @@ -0,0 +1,157 @@ +# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +if [ -d /usr/scripts ] ; then + PATH=/usr/scripts:$PATH + export PATH +fi + +if [ -d $HOME/bin ] ; then + PATH=$PATH:$HOME/bin + export PATH +fi + +if [ -d $HOME/lib ] ; then + PERL5LIB=$HOME/lib + export PERL5LIB +fi + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + #PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + PS1='$? \[\033[01;31m\]\h\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + #PS1='$? \[\033[01;31m\]Gentoo (chroot)\[\033[01;30m\]:\[\033[01;34m\]\w \$ \[\033[00m\]' + else + #PS1='\[\033[01;32m\]\u@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + PS1='$? \[\033[01;32m\]\u@\h\[\033[01;30m\]:\[\033[01;34m\]\w > \[\033[00m\]' + fi + + alias ls='ls --color=auto' + alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@ when we don't have colors + PS1='\u@\h \W \$ ' + else + PS1='\u@\h \w \$ ' + fi +fi + +if [[ ${EUID} == 0 ]] ; then + alias ll="ls -lA" +else + alias ll="ls -l" +fi +alias la="ls -la" +alias md=mkdir +alias rd=rmdir +alias ..='cd ..' +alias ...='cd ../..' +alias cd..='cd ..' +alias cd...='cd ../..' +alias pl="ps -fu $USER" +grep='grep --colour=auto' +alias cpwd='cd `realpath .`' + +lcd() { + cd $( perl -e ' +use strict; +use Cwd; +my $new = shift; +my $cwd = Cwd::abs_path(getcwd()); +my $newa = $cwd; +if ($new){ + $newa = Cwd::abs_path($new); + $newa = $cwd unless $newa; +}; +printf("%s\n", $newa); +' $1 ) +} + + +HISTCONTROL=ignoreboth +HISTSIZE=5000 +HISTFILESIZE=5000 +HISTTIMEFORMAT='%Y-%m-%d %H:%M:%S ' + +export LESSCOLOR=yes + +# Change the window title of X terminals +case $TERM in + xterm*|rxvt|Eterm|eterm) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/$HOME/~}\033\\"' + ;; +esac + +if [ -f /usr/share/mc/mc.gentoo ]; then + . /usr/share/mc/mc.gentoo +fi + +if [ -f /etc/profile.d/bash-completion ]; then + . /etc/profile.d/bash-completion +fi + + + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs diff --git a/config-archive/etc/bash/bashrc.dist.new b/config-archive/etc/bash/bashrc.dist.new new file mode 100644 index 0000000..d46cd1e --- /dev/null +++ b/config-archive/etc/bash/bashrc.dist.new @@ -0,0 +1,80 @@ +# /etc/bash/bashrc +# +# This file is sourced by all *interactive* bash shells on startup, +# including some apparently interactive shells such as scp and rcp +# that can't tolerate any output. So make sure this doesn't display +# anything or bad things will happen ! + + +# Test for an interactive shell. There is no need to set anything +# past this point for scp and rcp, and it's important to refrain from +# outputting anything in those cases. +if [[ $- != *i* ]] ; then + # Shell is non-interactive. Be done now! + return +fi + +# Bash won't get SIGWINCH if another process is in the foreground. +# Enable checkwinsize so that bash will check the terminal size when +# it regains control. #65623 +# http://cnswww.cns.cwru.edu/~chet/bash/FAQ (E11) +shopt -s checkwinsize + +# Enable history appending instead of overwriting. #139609 +shopt -s histappend + +# Change the window title of X terminals +case ${TERM} in + xterm*|rxvt*|Eterm|aterm|kterm|gnome*|interix) + PROMPT_COMMAND='echo -ne "\033]0;${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\007"' + ;; + screen) + PROMPT_COMMAND='echo -ne "\033_${USER}@${HOSTNAME%%.*}:${PWD/#$HOME/~}\033\\"' + ;; +esac + +use_color=false + +# Set colorful PS1 only on colorful terminals. +# dircolors --print-database uses its own built-in database +# instead of using /etc/DIR_COLORS. Try to use the external file +# first to take advantage of user additions. Use internal bash +# globbing instead of external grep binary. +safe_term=${TERM//[^[:alnum:]]/?} # sanitize TERM +match_lhs="" +[[ -f ~/.dir_colors ]] && match_lhs="${match_lhs}$(<~/.dir_colors)" +[[ -f /etc/DIR_COLORS ]] && match_lhs="${match_lhs}$(/dev/null \ + && match_lhs=$(dircolors --print-database) +[[ $'\n'${match_lhs} == *$'\n'"TERM "${safe_term}* ]] && use_color=true + +if ${use_color} ; then + # Enable colors for ls, etc. Prefer ~/.dir_colors #64489 + if type -P dircolors >/dev/null ; then + if [[ -f ~/.dir_colors ]] ; then + eval $(dircolors -b ~/.dir_colors) + elif [[ -f /etc/DIR_COLORS ]] ; then + eval $(dircolors -b /etc/DIR_COLORS) + fi + fi + + if [[ ${EUID} == 0 ]] ; then + PS1='\[\033[01;31m\]\h\[\033[01;34m\] \W \$\[\033[00m\] ' + else + PS1='\[\033[01;32m\]\u@\h\[\033[01;34m\] \w \$\[\033[00m\] ' + fi + + alias ls='ls --color=auto' + alias grep='grep --colour=auto' +else + if [[ ${EUID} == 0 ]] ; then + # show root@ when we don't have colors + PS1='\u@\h \W \$ ' + else + PS1='\u@\h \w \$ ' + fi +fi + +# Try to keep environment pollution down, EPA loves us. +unset use_color safe_term match_lhs diff --git a/config-archive/etc/bind/bind.keys b/config-archive/etc/bind/bind.keys new file mode 100644 index 0000000..f6d79dc --- /dev/null +++ b/config-archive/etc/bind/bind.keys @@ -0,0 +1,47 @@ +/* $Id: bind.keys,v 1.7 2011-01-03 23:45:07 each Exp $ */ +# The bind.keys file is used to override the built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release, the only +# trust anchors it contains are those for the DNS root zone ("."), and for +# the ISC DNSSEC Lookaside Validation zone ("dlv.isc.org"). Trust anchors +# for any other zones MUST be configured elsewhere; if they are configured +# here, they will not be recognized or used by named. +# +# The built-in trust anchors are provided for convenience of configuration. +# They are not activated within named.conf unless specifically switched on. +# To use the built-in root key, set "dnssec-validation auto;" in +# named.conf options. To use the built-in DLV key, set +# "dnssec-lookaside auto;". Without these options being set, +# the keys in this file are ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of January 2011. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + +managed-keys { + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # NOTE: This key is activated by setting "dnssec-lookaside auto;" + # in named.conf. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # NOTE: This key is activated by setting "dnssec-validation auto;" + # in named.conf. + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; +}; +# vim: ts=4 filetype=named noai diff --git a/config-archive/etc/bind/bind.keys.dist b/config-archive/etc/bind/bind.keys.dist new file mode 100644 index 0000000..068a8ce --- /dev/null +++ b/config-archive/etc/bind/bind.keys.dist @@ -0,0 +1,46 @@ +/* $Id: bind.keys,v 1.7 2011/01/03 23:45:07 each Exp $ */ +# The bind.keys file is used to override the built-in DNSSEC trust anchors +# which are included as part of BIND 9. As of the current release, the only +# trust anchors it contains are those for the DNS root zone ("."), and for +# the ISC DNSSEC Lookaside Validation zone ("dlv.isc.org"). Trust anchors +# for any other zones MUST be configured elsewhere; if they are configured +# here, they will not be recognized or used by named. +# +# The built-in trust anchors are provided for convenience of configuration. +# They are not activated within named.conf unless specifically switched on. +# To use the built-in root key, set "dnssec-validation auto;" in +# named.conf options. To use the built-in DLV key, set +# "dnssec-lookaside auto;". Without these options being set, +# the keys in this file are ignored. +# +# This file is NOT expected to be user-configured. +# +# These keys are current as of January 2011. If any key fails to +# initialize correctly, it may have expired. In that event you should +# replace this file with a current version. The latest version of +# bind.keys can always be obtained from ISC at https://www.isc.org/bind-keys. + +managed-keys { + # ISC DLV: See https://www.isc.org/solutions/dlv for details. + # NOTE: This key is activated by setting "dnssec-lookaside auto;" + # in named.conf. + dlv.isc.org. initial-key 257 3 5 "BEAAAAPHMu/5onzrEE7z1egmhg/WPO0+juoZrW3euWEn4MxDCE1+lLy2 + brhQv5rN32RKtMzX6Mj70jdzeND4XknW58dnJNPCxn8+jAGl2FZLK8t+ + 1uq4W+nnA3qO2+DL+k6BD4mewMLbIYFwe0PG73Te9fZ2kJb56dhgMde5 + ymX4BI/oQ+cAK50/xvJv00Frf8kw6ucMTwFlgPe+jnGxPPEmHAte/URk + Y62ZfkLoBAADLHQ9IrS2tryAe7mbBZVcOwIeU/Rw/mRx/vwwMCTgNboM + QKtUdvNXDrYJDSHZws3xiRXF1Rf+al9UmZfSav/4NWLKjHzpT59k/VSt + TDN0YUuWrBNh"; + + # ROOT KEY: See https://data.iana.org/root-anchors/root-anchors.xml + # for current trust anchor information. + # NOTE: This key is activated by setting "dnssec-validation auto;" + # in named.conf. + . initial-key 257 3 8 "AwEAAagAIKlVZrpC6Ia7gEzahOR+9W29euxhJhVVLOyQbSEW0O8gcCjF + FVQUTf6v58fLjwBd0YI0EzrAcQqBGCzh/RStIoO8g0NfnfL2MTJRkxoX + bfDaUeVPQuYEhg37NZWAJQ9VnMVDxP/VHL496M/QZxkjf5/Efucp2gaD + X6RS6CXpoY68LsvPVjR0ZSwzz1apAzvN9dlzEheX7ICJBBtuA6G3LQpz + W5hOA2hzCTMjJPJ8LbqF6dsV6DoBQzgul0sGIcGOYl7OyQdXfZ57relS + Qageu+ipAdTTJ25AsRTAoub8ONGcLmqrAmRLKBP1dfwhYB4N7knNnulq + QxA+Uk1ihz0="; +}; diff --git a/config-archive/etc/bind/named.conf b/config-archive/etc/bind/named.conf new file mode 100644 index 0000000..a545669 --- /dev/null +++ b/config-archive/etc/bind/named.conf @@ -0,0 +1,139 @@ +//############################################################### +//# Bind9-Konfigurationsdatei +//# /etc/bind/named.conf +//# +//# Host Helga +//# +//# Generiert am: 26.05.2010 +//# von: frank@brehm-online.com +//# +//############################################################### + + + +//############################################################### +//# Allgemeine Optionen + +options { + directory "/var/bind"; + + // uncomment the following lines to turn on DNS forwarding, + // and change the forwarding ip address(es) : + //forward first; + //forwarders { + // 123.123.123.123; + // 123.123.123.123; + //}; + + # Auf allen Ports lauschen ... + listen-on-v6 { + any; + }; + listen-on { + any; + }; + + // to allow only specific hosts to use the DNS server: + //allow-query { + // 127.0.0.1; + //}; + + allow-notify { + 85.214.147.150; + 85.214.134.152; + 46.16.73.175; + 127.0.0.1/8; + ::1; + 2a01:238:4225:6e00:8f8c:808a:7fb8:88df; + 2a01:238:4239:8a00:d4da:215d:3d01:f9b9; + }; + + // if you have problems and are behind a firewall: + //query-source address * port 53; + pid-file "/var/run/named/named.pid"; + + version "none"; + +}; + +// Logging +include "/etc/bind/named-log.conf"; + +// Managed Keys +include "/etc/bind/bind.keys"; + +//############################################################### +//# Kontrollkanäle für RNDC + +controls { + inet 127.0.0.1 port 953 allow { + 127.0.0.1; + } keys { + "rndc-key"; + }; +}; + +//############################################################### +//# Id-Schlüssel + +key rndc-key { + algorithm hmac-md5; + secret "qVWegky7GAFenNmgrZgf6A=="; +}; + +key DYN_DNS_UPDATER { + algorithm hmac-md5; + secret "gi69Yjzo1OSPVQ/oTTgw+Q=="; +}; + +// Access-Control-Listen +include "/etc/bind/named-acl.conf"; + +// Briefly, a zone which has been declared delegation-only will be effectively +// limited to containing NS RRs for subdomains, but no actual data beyond its +// own apex (for example, its SOA RR and apex NS RRset). This can be used to +// filter out "wildcard" or "synthesized" data from NAT boxes or from +// authoritative name servers whose undelegated (in-zone) data is of no +// interest. +// See http://www.isc.org/products/BIND/delegation-only.html for more info + +//zone "COM" { type delegation-only; }; +//zone "NET" { type delegation-only; }; + +//############################################################### +//# Hint-Zonen (zum Finden der Root-Server) + +zone "." IN { + type hint; + file "named.cache"; +}; + +zone "localhost" IN { + type master; + file "pri/localhost.zone"; + allow-update { none; }; + notify no; +}; + +zone "127.in-addr.arpa" IN { + type master; + file "pri/127.zone"; + allow-update { none; }; + notify no; +}; + +//############################################################### +// Include der Zonendefinitionen + +// Master-Zonen +include "/etc/bind/named-pri.conf"; + +// Dynamische Zonen +include "/etc/bind/named-dyn.conf"; + +// Slave-Zonen +include "/etc/bind/named-sec.conf"; + + + +# vim: ts=4 filetype=named noai diff --git a/config-archive/etc/conf.d/git-daemon b/config-archive/etc/conf.d/git-daemon new file mode 100644 index 0000000..97ca122 --- /dev/null +++ b/config-archive/etc/conf.d/git-daemon @@ -0,0 +1,20 @@ +# conf.d file for git-daemon +# +# Please check man 1 git-daemon for more information about the options +# git-daemon accepts. You MUST edit this to include your repositories you wish +# to serve. +# +# Some of the meaningful options are: +# --syslog --- Enables syslog logging +# --verbose --- Enables verbose logging +# --export-all --- Exports all repositories +# --port=XXXX --- Starts in port XXXX instead of 9418 +# +#GITDAEMON_OPTS="--syslog /var/git" +GITDAEMON_OPTS="--syslog --verbose --base-path=/var/lib/git /var/lib/git" + +# To run an anonymous git safely, the following user should be able to only +# read your Git repositories. It should not able able to write to anywhere on +# your system, esp. not the repositories. +GIT_USER="nobody" +GIT_GROUP="nobody" diff --git a/config-archive/etc/conf.d/git-daemon.dist.new b/config-archive/etc/conf.d/git-daemon.dist.new new file mode 100644 index 0000000..75b4216 --- /dev/null +++ b/config-archive/etc/conf.d/git-daemon.dist.new @@ -0,0 +1,19 @@ +# conf.d file for git-daemon +# +# Please check man 1 git-daemon for more information about the options +# git-daemon accepts. You MUST edit this to include your repositories you wish +# to serve. +# +# Some of the meaningful options are: +# --syslog --- Enables syslog logging +# --verbose --- Enables verbose logging +# --export-all --- Exports all repositories +# --port=XXXX --- Starts in port XXXX instead of 9418 +# +GITDAEMON_OPTS="--syslog /var/git" + +# To run an anonymous git safely, the following user should be able to only +# read your Git repositories. It should not able able to write to anywhere on +# your system, esp. not the repositories. +GIT_USER="nobody" +GIT_GROUP="nobody" diff --git a/config-archive/etc/hosts b/config-archive/etc/hosts new file mode 100644 index 0000000..43d0c67 --- /dev/null +++ b/config-archive/etc/hosts @@ -0,0 +1,36 @@ +# /etc/hosts: Local Host Database +# +# This file describes a number of aliases-to-address mappings for the for +# local hosts that share this file. +# +# In the presence of the domain name service or NIS, this file may not be +# consulted at all; see /etc/host.conf for the resolution order. +# + +# IPv4 and IPv6 localhost aliases +127.0.0.1 localhost +::1 localhost + +85.214.134.152 helga.brehm-online.com helga h1763652.stratoserver.net h1763652 +2a01:238:4225:6e00:8f8c:808a:7fb8:88df helga.brehm-online.com helga h1763652.stratoserver.net h1763652 + +2001:6f8:1c00:365::2 home.brehm-online.com + +# +# Imaginary network. +#10.0.0.2 myname +#10.0.0.3 myfriend +# +# According to RFC 1918, you can use the following IP networks for private +# nets which will never be connected to the Internet: +# +# 10.0.0.0 - 10.255.255.255 +# 172.16.0.0 - 172.31.255.255 +# 192.168.0.0 - 192.168.255.255 +# +# In case you want to be able to connect directly to the Internet (i.e. not +# behind a NAT, ADSL router, etc...), you need real official assigned +# numbers. Do not try to invent your own network numbers but instead get one +# from your network provider (if any) or from your regional registry (ARIN, +# APNIC, LACNIC, RIPE NCC, or AfriNIC.) +# diff --git a/config-archive/etc/logrotate.d/apache2 b/config-archive/etc/logrotate.d/apache2 new file mode 100644 index 0000000..461976e --- /dev/null +++ b/config-archive/etc/logrotate.d/apache2 @@ -0,0 +1,26 @@ +# Apache2 logrotate snipet for Gentoo Linux +# Contributes by Chuck Short +# +#/var/log/apache2/*log { +# missingok +# notifempty +# sharedscripts +# postrotate +# /etc/init.d/apache2 reload > /dev/null 2>&1 || true +# endscript +#} + +script apache2-reload + /etc/init.d/apache2 reload >/dev/null || true +endscript + +#rotate 10 +daily + +/var/log/apache2/*log { + size 4m + olddir /var/log/apache2/%Y-%m + postrotate apache2-reload +} + +# vim: ts=4 filetype=conf diff --git a/config-archive/etc/postfix/main.cf b/config-archive/etc/postfix/main.cf new file mode 100644 index 0000000..01dffb3 --- /dev/null +++ b/config-archive/etc/postfix/main.cf @@ -0,0 +1,736 @@ +# vim: noai: filetype=pfmain ts=4 sw=4 + +# Global Postfix configuration file. This file lists only a subset +# of all parameters. For the syntax, and for a complete parameter +# list, see the postconf(5) manual page (command: "man 5 postconf"). +# +# For common configuration examples, see BASIC_CONFIGURATION_README +# and STANDARD_CONFIGURATION_README. To find these documents, use +# the command "postconf html_directory readme_directory", or go to +# http://www.postfix.org/. +# +# For best results, change no more than 2-3 parameters at a time, +# and test if Postfix still works after every change. + +# SOFT BOUNCE +# +# The soft_bounce parameter provides a limited safety net for +# testing. When soft_bounce is enabled, mail will remain queued that +# would otherwise bounce. This parameter disables locally-generated +# bounces, and prevents the SMTP server from rejecting mail permanently +# (by changing 5xx replies into 4xx replies). However, soft_bounce +# is no cure for address rewriting mistakes or mail routing mistakes. +# +#soft_bounce = no + +# LOCAL PATHNAME INFORMATION +# +# The queue_directory specifies the location of the Postfix queue. +# This is also the root directory of Postfix daemons that run chrooted. +# See the files in examples/chroot-setup for setting up Postfix chroot +# environments on different UNIX systems. +# +queue_directory = /var/spool/postfix + +# The command_directory parameter specifies the location of all +# postXXX commands. +# +command_directory = /usr/sbin + +# The daemon_directory parameter specifies the location of all Postfix +# daemon programs (i.e. programs listed in the master.cf file). This +# directory must be owned by root. +# +daemon_directory = //usr/lib64/postfix + +# The data_directory parameter specifies the location of Postfix-writable +# data files (caches, random numbers). This directory must be owned +# by the mail_owner account (see below). +# +data_directory = /var/lib/postfix + +# QUEUE AND PROCESS OWNERSHIP +# +# The mail_owner parameter specifies the owner of the Postfix queue +# and of most Postfix daemon processes. Specify the name of a user +# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS +# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In +# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED +# USER. +# +mail_owner = postfix + +# The default_privs parameter specifies the default rights used by +# the local delivery agent for delivery to external file or command. +# These rights are used in the absence of a recipient user context. +# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. +# +#default_privs = nobody + +# INTERNET HOST AND DOMAIN NAMES +# +# The myhostname parameter specifies the internet hostname of this +# mail system. The default is to use the fully-qualified domain name +# from gethostname(). $myhostname is used as a default value for many +# other configuration parameters. +# +#myhostname = host.domain.tld +#myhostname = virtual.domain.tld + +# The mydomain parameter specifies the local internet domain name. +# The default is to use $myhostname minus the first component. +# $mydomain is used as a default value for many other configuration +# parameters. +# +#mydomain = domain.tld + +# SENDING MAIL +# +# The myorigin parameter specifies the domain that locally-posted +# mail appears to come from. The default is to append $myhostname, +# which is fine for small sites. If you run a domain with multiple +# machines, you should (1) change this to $mydomain and (2) set up +# a domain-wide alias database that aliases each user to +# user@that.users.mailhost. +# +# For the sake of consistency between sender and recipient addresses, +# myorigin also specifies the default domain name that is appended +# to recipient addresses that have no @domain part. +# +#myorigin = $myhostname +#myorigin = $mydomain + +# RECEIVING MAIL + +# The inet_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on. By default, +# the software claims all active interfaces on the machine. The +# parameter also controls delivery of mail to user@[ip.address]. +# +# See also the proxy_interfaces parameter, for network addresses that +# are forwarded to us via a proxy or network address translator. +# +# Note: you need to stop/start Postfix when this parameter changes. +# +#inet_interfaces = all +#inet_interfaces = $myhostname +#inet_interfaces = $myhostname, localhost + +# The proxy_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on by way of a +# proxy or network address translation unit. This setting extends +# the address list specified with the inet_interfaces parameter. +# +# You must specify your proxy/NAT addresses when your system is a +# backup MX host for other domains, otherwise mail delivery loops +# will happen when the primary MX host is down. +# +#proxy_interfaces = +#proxy_interfaces = 1.2.3.4 + +# The mydestination parameter specifies the list of domains that this +# machine considers itself the final destination for. +# +# These domains are routed to the delivery agent specified with the +# local_transport parameter setting. By default, that is the UNIX +# compatible delivery agent that lookups all recipients in /etc/passwd +# and /etc/aliases or their equivalent. +# +# The default is $myhostname + localhost.$mydomain. On a mail domain +# gateway, you should also include $mydomain. +# +# Do not specify the names of virtual domains - those domains are +# specified elsewhere (see VIRTUAL_README). +# +# Do not specify the names of domains that this machine is backup MX +# host for. Specify those names via the relay_domains settings for +# the SMTP server, or use permit_mx_backup if you are lazy (see +# STANDARD_CONFIGURATION_README). +# +# The local machine is always the final destination for mail addressed +# to user@[the.net.work.address] of an interface that the mail system +# receives mail on (see the inet_interfaces parameter). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". +# +#mydestination = $myhostname, localhost.$mydomain, localhost +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, +# mail.$mydomain, www.$mydomain, ftp.$mydomain + +# REJECTING MAIL FOR UNKNOWN LOCAL USERS +# +# The local_recipient_maps parameter specifies optional lookup tables +# with all names or addresses of users that are local with respect +# to $mydestination, $inet_interfaces or $proxy_interfaces. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown local users. This parameter is defined by default. +# +# To turn off local recipient checking in the SMTP server, specify +# local_recipient_maps = (i.e. empty). +# +# The default setting assumes that you use the default Postfix local +# delivery agent for local delivery. You need to update the +# local_recipient_maps setting if: +# +# - You define $mydestination domain recipients in files other than +# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# For example, you define $mydestination domain recipients in +# the $virtual_mailbox_maps files. +# +# - You redefine the local delivery agent in master.cf. +# +# - You redefine the "local_transport" setting in main.cf. +# +# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" +# feature of the Postfix local delivery agent (see local(8)). +# +# Details are described in the LOCAL_RECIPIENT_README file. +# +# Beware: if the Postfix SMTP server runs chrooted, you probably have +# to access the passwd file via the proxymap service, in order to +# overcome chroot restrictions. The alternative, having a copy of +# the system passwd file in the chroot jail is just not practical. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify a bare username, an @domain.tld +# wild-card, or specify a user@domain.tld address. +# +#local_recipient_maps = unix:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps +#local_recipient_maps = + +# The unknown_local_recipient_reject_code specifies the SMTP server +# response code when a recipient domain matches $mydestination or +# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty +# and the recipient address or address local-part is not found. +# +# The default setting is 550 (reject mail) but it is safer to start +# with 450 (try again later) until you are certain that your +# local_recipient_maps settings are OK. +# +unknown_local_recipient_reject_code = 550 + +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in postconf(5). +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +#mynetworks_style = class +#mynetworks_style = subnet +#mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. Specify type:table for table-based lookups +# (the value on the table right-hand side is not used). +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks +#mynetworks = hash:/etc/postfix/network_table + +# The relay_domains parameter restricts what destinations this system will +# relay mail to. See the smtpd_recipient_restrictions description in +# postconf(5) for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients (IP address matches $mynetworks) to any destination, +# - from "untrusted" clients to destinations that match $relay_domains or +# subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces or $proxy_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction description in postconf(5). +# +#relay_domains = $mydestination + +# INTERNET OR INTRANET + +# The relayhost parameter specifies the default host to send mail to +# when no entry is matched in the optional transport(5) table. When +# no relayhost is given, mail is routed directly to the destination. +# +# On an intranet, specify the organizational domain name. If your +# internal DNS uses no MX records, specify the name of the intranet +# gateway host instead. +# +# In the case of SMTP, specify a domain, host, host:port, [host]:port, +# [address] or [address]:port; the form [host] turns off MX lookups. +# +# If you're connected via UUCP, see also the default_transport parameter. +# +#relayhost = $mydomain +#relayhost = [gateway.my.domain] +#relayhost = [mailserver.isp.tld] +#relayhost = uucphost +#relayhost = [an.ip.add.ress] + +# REJECTING UNKNOWN RELAY USERS +# +# The relay_recipient_maps parameter specifies optional lookup tables +# with all addresses in the domains that match $relay_domains. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown relay users. This feature is off by default. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify an @domain.tld wild-card, or specify +# a user@domain.tld address. +# +#relay_recipient_maps = hash:/etc/postfix/relay_recipients + +# INPUT RATE CONTROL +# +# The in_flow_delay configuration parameter implements mail input +# flow control. This feature is turned on by default, although it +# still needs further development (it's disabled on SCO UNIX due +# to an SCO bug). +# +# A Postfix process will pause for $in_flow_delay seconds before +# accepting a new message, when the message arrival rate exceeds the +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more +# than the number of messages delivered per second. +# +# Specify 0 to disable the feature. Valid delays are 0..10. +# +#in_flow_delay = 1s + +# ADDRESS REWRITING +# +# The ADDRESS_REWRITING_README document gives information about +# address masquerading or other forms of address rewriting including +# username->Firstname.Lastname mapping. + +# ADDRESS REDIRECTION (VIRTUAL DOMAIN) +# +# The VIRTUAL_README document gives information about the many forms +# of domain hosting that Postfix supports. + +# "USER HAS MOVED" BOUNCE MESSAGES +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# TRANSPORT MAP +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# ALIAS DATABASE +# +# The alias_maps parameter specifies the list of alias databases used +# by the local delivery agent. The default list is system dependent. +# +# On systems with NIS, the default is to search the local alias +# database, then the NIS alias database. See aliases(5) for syntax +# details. +# +# If you change the alias database, run "postalias /etc/aliases" (or +# wherever your system stores the mail alias file), or simply run +# "newaliases" to build the necessary DBM or DB file. +# +# It will take a minute or so before changes become visible. Use +# "postfix reload" to eliminate the delay. +# +#alias_maps = dbm:/etc/aliases +#alias_maps = hash:/etc/aliases +#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = netinfo:/aliases + +# The alias_database parameter specifies the alias database(s) that +# are built with "newaliases" or "sendmail -bi". This is a separate +# configuration parameter, because alias_maps (see above) may specify +# tables that are not necessarily all under control by Postfix. +# +#alias_database = dbm:/etc/aliases +#alias_database = dbm:/etc/mail/aliases +#alias_database = hash:/etc/aliases +#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases + +# ADDRESS EXTENSIONS (e.g., user+foo) +# +# The recipient_delimiter parameter specifies the separator between +# user names and address extensions (user+foo). See canonical(5), +# local(8), relocated(5) and virtual(5) for the effects this has on +# aliases, canonical, virtual, relocated and .forward file lookups. +# Basically, the software tries user+foo and .forward+foo before +# trying user and .forward. +# +#recipient_delimiter = + + +# DELIVERY TO MAILBOX +# +# The home_mailbox parameter specifies the optional pathname of a +# mailbox file relative to a user's home directory. The default +# mailbox file is /var/spool/mail/user or /var/mail/user. Specify +# "Maildir/" for qmail-style delivery (the / is required). +# +#home_mailbox = Mailbox +#home_mailbox = Maildir/ + +# The mail_spool_directory parameter specifies the directory where +# UNIX-style mailboxes are kept. The default setting depends on the +# system type. +# +#mail_spool_directory = /var/mail +#mail_spool_directory = /var/spool/mail + +# The mailbox_command parameter specifies the optional external +# command to use instead of mailbox delivery. The command is run as +# the recipient with proper HOME, SHELL and LOGNAME environment settings. +# Exception: delivery for root is done as $default_user. +# +# Other environment variables of interest: USER (recipient username), +# EXTENSION (address extension), DOMAIN (domain part of address), +# and LOCAL (the address localpart). +# +# Unlike other Postfix configuration parameters, the mailbox_command +# parameter is not subjected to $parameter substitutions. This is to +# make it easier to specify shell syntax (see example below). +# +# Avoid shell meta characters because they will force Postfix to run +# an expensive shell process. Procmail alone is expensive enough. +# +# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN +# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. +# +#mailbox_command = /some/where/procmail +#mailbox_command = /some/where/procmail -a "$EXTENSION" + +# The mailbox_transport specifies the optional transport in master.cf +# to use after processing aliases and .forward files. This parameter +# has precedence over the mailbox_command, fallback_transport and +# luser_relay parameters. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#mailbox_transport = lmtp:unix:/file/name +#mailbox_transport = cyrus + +# The fallback_transport specifies the optional transport in master.cf +# to use for recipients that are not found in the UNIX passwd database. +# This parameter has precedence over the luser_relay parameter. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#fallback_transport = lmtp:unix:/file/name +#fallback_transport = cyrus +#fallback_transport = + +# The luser_relay parameter specifies an optional destination address +# for unknown recipients. By default, mail for unknown@$mydestination, +# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned +# as undeliverable. +# +# The following expansions are done on luser_relay: $user (recipient +# username), $shell (recipient shell), $home (recipient home directory), +# $recipient (full recipient address), $extension (recipient address +# extension), $domain (recipient domain), $local (entire recipient +# localpart), $recipient_delimiter. Specify ${name?value} or +# ${name:value} to expand value only when $name does (does not) exist. +# +# luser_relay works only for the default Postfix local delivery agent. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must specify "local_recipient_maps =" (i.e. empty) in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#luser_relay = $user@other.host +#luser_relay = $local@other.host +#luser_relay = admin+$local + +# JUNK MAIL CONTROLS +# +# The controls listed here are only a very small subset. The file +# SMTPD_ACCESS_README provides an overview. + +# The header_checks parameter specifies an optional table with patterns +# that each logical message header is matched against, including +# headers that span multiple physical lines. +# +# By default, these patterns also apply to MIME headers and to the +# headers of attached messages. With older Postfix versions, MIME and +# attached message headers were treated as body text. +# +# For details, see "man header_checks". +# +#header_checks = regexp:/etc/postfix/header_checks + +# FAST ETRN SERVICE +# +# Postfix maintains per-destination logfiles with information about +# deferred mail, so that mail can be flushed quickly with the SMTP +# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". +# See the ETRN_README document for a detailed description. +# +# The fast_flush_domains parameter controls what destinations are +# eligible for this service. By default, they are all domains that +# this server is willing to relay mail to. +# +#fast_flush_domains = $relay_domains + +# SHOW SOFTWARE VERSION OR NOT +# +# The smtpd_banner parameter specifies the text that follows the 220 +# code in the SMTP server's greeting banner. Some people like to see +# the mail version advertised. By default, Postfix shows no version. +# +# You MUST specify $myhostname at the start of the text. That is an +# RFC requirement. Postfix itself does not care. +# +#smtpd_banner = $myhostname ESMTP $mail_name +#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) + +# PARALLEL DELIVERY TO THE SAME DESTINATION +# +# How many parallel deliveries to the same user or domain? With local +# delivery, it does not make sense to do massively parallel delivery +# to the same user, because mailbox updates must happen sequentially, +# and expensive pipelines in .forward files can cause disasters when +# too many are run at the same time. With SMTP deliveries, 10 +# simultaneous connections to the same domain could be sufficient to +# raise eyebrows. +# +# Each message delivery transport has its XXX_destination_concurrency_limit +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. + +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 20 + +# DEBUGGING CONTROL +# +# The debug_peer_level parameter specifies the increment in verbose +# logging level when an SMTP client or server host name or address +# matches a pattern in the debug_peer_list parameter. +# +debug_peer_level = 2 + +# The debug_peer_list parameter specifies an optional list of domain +# or network patterns, /file/name patterns or type:name tables. When +# an SMTP client or server host name or address matches a pattern, +# increase the verbose logging level by the amount specified in the +# debug_peer_level parameter. +# +#debug_peer_list = 127.0.0.1 +#debug_peer_list = some.domain + +# The debugger_command specifies the external command that is executed +# when a Postfix daemon program is run with the -D option. +# +# Use "command .. & sleep 5" so that the debugger can attach before +# the process marches on. If you use an X-based debugger, be sure to +# set up your XAUTHORITY environment variable before starting Postfix. +# +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + +# If you can't use X, use this to capture the call stack when a +# daemon crashes. The result is in a file in the configuration +# directory, and is named after the process name and the process ID. +# +# debugger_command = +# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; +# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 +# >$config_directory/$process_name.$process_id.log & sleep 5 +# +# Another possibility is to run gdb under a detached screen session. +# To attach to the screen sesssion, su root and run "screen -r +# " where uniquely matches one of the detached +# sessions (from "screen -list"). +# +# debugger_command = +# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen +# -dmS $process_name gdb $daemon_directory/$process_name +# $process_id & sleep 1 + +# INSTALL-TIME CONFIGURATION INFORMATION +# +# The following parameters are used when installing a new Postfix version. +# +# sendmail_path: The full pathname of the Postfix sendmail command. +# This is the Sendmail-compatible mail posting interface. +# +sendmail_path = /usr/sbin/sendmail + +# newaliases_path: The full pathname of the Postfix newaliases command. +# This is the Sendmail-compatible command to build alias databases. +# +newaliases_path = /usr/bin/newaliases + +# mailq_path: The full pathname of the Postfix mailq command. This +# is the Sendmail-compatible mail queue listing command. +# +mailq_path = /usr/bin/mailq + +# setgid_group: The group for mail submission and queue management +# commands. This must be a group name with a numerical group ID that +# is not shared with other accounts, not even with the Postfix account. +# +setgid_group = postdrop + +# html_directory: The location of the Postfix HTML documentation. +# +html_directory = /usr/share/doc/postfix-2.8.9/html + +# manpage_directory: The location of the Postfix on-line manual pages. +# +manpage_directory = /usr/share/man + +# sample_directory: The location of the Postfix sample configuration files. +# This parameter is obsolete as of Postfix 2.1. +# +sample_directory = /etc/postfix + +# readme_directory: The location of the Postfix README files. +# +readme_directory = /usr/share/doc/postfix-2.8.9/readme +home_mailbox = .maildir/ +#alias_maps = mysql:/etc/postfix/mysql-aliases.cf +alias_maps = hash:/etc/postfix/maps/aliases +anvil_status_update_time = 3600s +body_checks = pcre:/etc/postfix/maps/body_checks +bounce_template_file = /etc/postfix/bounce-templates/bounce.de-DE.cf +broken_sasl_auth_clients = yes +#canonical_maps = mysql:/etc/postfix/mysql-canonical.cf +canonical_maps = hash:/etc/postfix/maps/canonical +cyrus_sasl_config_path = /etc/sasl2 +default_destination_concurrency_limit = 5 +header_checks = pcre:/etc/postfix/maps/header_checks +inet_protocols = all +local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname +mail_spool_directory = /var/spool/mail +mailbox_size_limit = 512000000 +message_size_limit = 51200000 +#mydestination = $myhostname, $mydomain, mysql:/etc/postfix/mysql-mydomains.cf +mydestination = $myhostname, $mydomain, hash:/etc/postfix/maps/mydomains +mydomain = brehm-online.com +myhostname = helga.brehm-online.com +mynetworks = 127.0.0.0/8 85.214.134.152/32 85.214.109.1/32 [::1]/128 [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]/128 +mynetworks_style = host +myorigin = $mydomain +#recipient_bcc_maps = mysql:/etc/postfix/mysql-recipient_bcc.cf +recipient_bcc_maps = hash:/etc/postfix/maps/recipient_bcc +#relay_clientcerts = hash:/etc/postfix/relay_clientcerts +relay_clientcerts = hash:/etc/postfix/maps/relay_clientcerts +#relay_domains = mysql:/etc/postfix/mysql-relay-domains.cf +relay_domains = hash:/etc/postfix/maps/relay_domains +#relocated_maps = mysql:/etc/postfix/mysql-relocated.cf +relocated_maps = hash:/etc/postfix/maps/relocated +#sender_bcc_maps = mysql:/etc/postfix/mysql-sender_bcc.cf +sender_bcc_maps = hash:/etc/postfix/maps/sender_bcc +smtp_generic_maps = hash:/etc/postfix/maps/generic +smtp_tls_CAfile = /etc/ssl/CA-Brehm/cacert.pem +smtp_tls_cert_file = /etc/postfix/postfix.pem +smtp_tls_enforce_peername = no +smtp_use_tls = yes +smtpd_banner = $myhostname ESMTP Frank Brehms Mail Service $mail_name ($mail_version) + +smtpd_recipient_restrictions = + check_client_access cidr:/etc/postfix/maps/access_client, + check_recipient_access hash:/etc/postfix/maps/access_recipient, + check_helo_access hash:/etc/postfix/maps/access_helo, + check_sender_access hash:/etc/postfix/maps/access_sender, + reject_non_fqdn_recipient, + reject_unknown_recipient_domain, + reject_non_fqdn_sender, + reject_unknown_sender_domain, + reject_invalid_helo_hostname, + permit_mynetworks, + permit_sasl_authenticated, + permit_tls_clientcerts, + reject_rbl_client zen.spamhaus.org, + reject_rbl_client ix.dnsbl.manitu.net, + check_policy_service unix:private/postgrey, + check_policy_service inet:127.0.0.1:12525, + reject_unverified_recipient, + permit_mx_backup, + reject_unauth_destination, + permit + +smtpd_sasl_auth_enable = yes +smtpd_tls_CAfile = $smtp_tls_CAfile +smtpd_tls_cert_file = $smtp_tls_cert_file +smtpd_tls_key_file = $smtp_tls_cert_file +smtpd_tls_loglevel = 1 +smtpd_tls_received_header = yes +smtpd_use_tls = yes +transport_maps = hash:/etc/postfix/maps/transport +#virtual_alias_domains = mysql:/etc/postfix/mysql-virtual-alias-domains.cf +virtual_alias_domains = hash:/etc/postfix/maps/virtual_alias_domains +#virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf +virtual_alias_maps = hash:/etc/postfix/maps/virtual_alias_maps +virtual_gid_maps = static:1023 +virtual_mailbox_base = / +#virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf +virtual_mailbox_domains = hash:/etc/postfix/maps/virtual_mailbox_domains +virtual_mailbox_limit = 512000000 +#virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf +virtual_mailbox_maps = hash:/etc/postfix/maps/virtual_mailbox_maps +virtual_uid_maps = static:1023 diff --git a/config-archive/etc/postfix/main.cf.dist b/config-archive/etc/postfix/main.cf.dist new file mode 100644 index 0000000..8526cf2 --- /dev/null +++ b/config-archive/etc/postfix/main.cf.dist @@ -0,0 +1,652 @@ +# Global Postfix configuration file. This file lists only a subset +# of all parameters. For the syntax, and for a complete parameter +# list, see the postconf(5) manual page (command: "man 5 postconf"). +# +# For common configuration examples, see BASIC_CONFIGURATION_README +# and STANDARD_CONFIGURATION_README. To find these documents, use +# the command "postconf html_directory readme_directory", or go to +# http://www.postfix.org/. +# +# For best results, change no more than 2-3 parameters at a time, +# and test if Postfix still works after every change. + +# SOFT BOUNCE +# +# The soft_bounce parameter provides a limited safety net for +# testing. When soft_bounce is enabled, mail will remain queued that +# would otherwise bounce. This parameter disables locally-generated +# bounces, and prevents the SMTP server from rejecting mail permanently +# (by changing 5xx replies into 4xx replies). However, soft_bounce +# is no cure for address rewriting mistakes or mail routing mistakes. +# +#soft_bounce = no + +# LOCAL PATHNAME INFORMATION +# +# The queue_directory specifies the location of the Postfix queue. +# This is also the root directory of Postfix daemons that run chrooted. +# See the files in examples/chroot-setup for setting up Postfix chroot +# environments on different UNIX systems. +# +queue_directory = /var/spool/postfix + +# The command_directory parameter specifies the location of all +# postXXX commands. +# +command_directory = /usr/sbin + +# The daemon_directory parameter specifies the location of all Postfix +# daemon programs (i.e. programs listed in the master.cf file). This +# directory must be owned by root. +# +daemon_directory = /usr/lib64/postfix + +# The data_directory parameter specifies the location of Postfix-writable +# data files (caches, random numbers). This directory must be owned +# by the mail_owner account (see below). +# +data_directory = /var/lib/postfix + +# QUEUE AND PROCESS OWNERSHIP +# +# The mail_owner parameter specifies the owner of the Postfix queue +# and of most Postfix daemon processes. Specify the name of a user +# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS +# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In +# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED +# USER. +# +mail_owner = postfix + +# The default_privs parameter specifies the default rights used by +# the local delivery agent for delivery to external file or command. +# These rights are used in the absence of a recipient user context. +# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. +# +#default_privs = nobody + +# INTERNET HOST AND DOMAIN NAMES +# +# The myhostname parameter specifies the internet hostname of this +# mail system. The default is to use the fully-qualified domain name +# from gethostname(). $myhostname is used as a default value for many +# other configuration parameters. +# +#myhostname = host.domain.tld +#myhostname = virtual.domain.tld + +# The mydomain parameter specifies the local internet domain name. +# The default is to use $myhostname minus the first component. +# $mydomain is used as a default value for many other configuration +# parameters. +# +#mydomain = domain.tld + +# SENDING MAIL +# +# The myorigin parameter specifies the domain that locally-posted +# mail appears to come from. The default is to append $myhostname, +# which is fine for small sites. If you run a domain with multiple +# machines, you should (1) change this to $mydomain and (2) set up +# a domain-wide alias database that aliases each user to +# user@that.users.mailhost. +# +# For the sake of consistency between sender and recipient addresses, +# myorigin also specifies the default domain name that is appended +# to recipient addresses that have no @domain part. +# +#myorigin = $myhostname +#myorigin = $mydomain + +# RECEIVING MAIL + +# The inet_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on. By default, +# the software claims all active interfaces on the machine. The +# parameter also controls delivery of mail to user@[ip.address]. +# +# See also the proxy_interfaces parameter, for network addresses that +# are forwarded to us via a proxy or network address translator. +# +# Note: you need to stop/start Postfix when this parameter changes. +# +#inet_interfaces = all +#inet_interfaces = $myhostname +#inet_interfaces = $myhostname, localhost + +# The proxy_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on by way of a +# proxy or network address translation unit. This setting extends +# the address list specified with the inet_interfaces parameter. +# +# You must specify your proxy/NAT addresses when your system is a +# backup MX host for other domains, otherwise mail delivery loops +# will happen when the primary MX host is down. +# +#proxy_interfaces = +#proxy_interfaces = 1.2.3.4 + +# The mydestination parameter specifies the list of domains that this +# machine considers itself the final destination for. +# +# These domains are routed to the delivery agent specified with the +# local_transport parameter setting. By default, that is the UNIX +# compatible delivery agent that lookups all recipients in /etc/passwd +# and /etc/aliases or their equivalent. +# +# The default is $myhostname + localhost.$mydomain. On a mail domain +# gateway, you should also include $mydomain. +# +# Do not specify the names of virtual domains - those domains are +# specified elsewhere (see VIRTUAL_README). +# +# Do not specify the names of domains that this machine is backup MX +# host for. Specify those names via the relay_domains settings for +# the SMTP server, or use permit_mx_backup if you are lazy (see +# STANDARD_CONFIGURATION_README). +# +# The local machine is always the final destination for mail addressed +# to user@[the.net.work.address] of an interface that the mail system +# receives mail on (see the inet_interfaces parameter). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". +# +#mydestination = $myhostname, localhost.$mydomain, localhost +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, +# mail.$mydomain, www.$mydomain, ftp.$mydomain + +# REJECTING MAIL FOR UNKNOWN LOCAL USERS +# +# The local_recipient_maps parameter specifies optional lookup tables +# with all names or addresses of users that are local with respect +# to $mydestination, $inet_interfaces or $proxy_interfaces. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown local users. This parameter is defined by default. +# +# To turn off local recipient checking in the SMTP server, specify +# local_recipient_maps = (i.e. empty). +# +# The default setting assumes that you use the default Postfix local +# delivery agent for local delivery. You need to update the +# local_recipient_maps setting if: +# +# - You define $mydestination domain recipients in files other than +# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# For example, you define $mydestination domain recipients in +# the $virtual_mailbox_maps files. +# +# - You redefine the local delivery agent in master.cf. +# +# - You redefine the "local_transport" setting in main.cf. +# +# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" +# feature of the Postfix local delivery agent (see local(8)). +# +# Details are described in the LOCAL_RECIPIENT_README file. +# +# Beware: if the Postfix SMTP server runs chrooted, you probably have +# to access the passwd file via the proxymap service, in order to +# overcome chroot restrictions. The alternative, having a copy of +# the system passwd file in the chroot jail is just not practical. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify a bare username, an @domain.tld +# wild-card, or specify a user@domain.tld address. +# +#local_recipient_maps = unix:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps +#local_recipient_maps = + +# The unknown_local_recipient_reject_code specifies the SMTP server +# response code when a recipient domain matches $mydestination or +# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty +# and the recipient address or address local-part is not found. +# +# The default setting is 550 (reject mail) but it is safer to start +# with 450 (try again later) until you are certain that your +# local_recipient_maps settings are OK. +# +unknown_local_recipient_reject_code = 550 + +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in postconf(5). +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +#mynetworks_style = class +#mynetworks_style = subnet +#mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. Specify type:table for table-based lookups +# (the value on the table right-hand side is not used). +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks +#mynetworks = hash:/etc/postfix/network_table + +# The relay_domains parameter restricts what destinations this system will +# relay mail to. See the smtpd_recipient_restrictions description in +# postconf(5) for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients (IP address matches $mynetworks) to any destination, +# - from "untrusted" clients to destinations that match $relay_domains or +# subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces or $proxy_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction description in postconf(5). +# +#relay_domains = $mydestination + +# INTERNET OR INTRANET + +# The relayhost parameter specifies the default host to send mail to +# when no entry is matched in the optional transport(5) table. When +# no relayhost is given, mail is routed directly to the destination. +# +# On an intranet, specify the organizational domain name. If your +# internal DNS uses no MX records, specify the name of the intranet +# gateway host instead. +# +# In the case of SMTP, specify a domain, host, host:port, [host]:port, +# [address] or [address]:port; the form [host] turns off MX lookups. +# +# If you're connected via UUCP, see also the default_transport parameter. +# +#relayhost = $mydomain +#relayhost = [gateway.my.domain] +#relayhost = [mailserver.isp.tld] +#relayhost = uucphost +#relayhost = [an.ip.add.ress] + +# REJECTING UNKNOWN RELAY USERS +# +# The relay_recipient_maps parameter specifies optional lookup tables +# with all addresses in the domains that match $relay_domains. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown relay users. This feature is off by default. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify an @domain.tld wild-card, or specify +# a user@domain.tld address. +# +#relay_recipient_maps = hash:/etc/postfix/relay_recipients + +# INPUT RATE CONTROL +# +# The in_flow_delay configuration parameter implements mail input +# flow control. This feature is turned on by default, although it +# still needs further development (it's disabled on SCO UNIX due +# to an SCO bug). +# +# A Postfix process will pause for $in_flow_delay seconds before +# accepting a new message, when the message arrival rate exceeds the +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more +# than the number of messages delivered per second. +# +# Specify 0 to disable the feature. Valid delays are 0..10. +# +#in_flow_delay = 1s + +# ADDRESS REWRITING +# +# The ADDRESS_REWRITING_README document gives information about +# address masquerading or other forms of address rewriting including +# username->Firstname.Lastname mapping. + +# ADDRESS REDIRECTION (VIRTUAL DOMAIN) +# +# The VIRTUAL_README document gives information about the many forms +# of domain hosting that Postfix supports. + +# "USER HAS MOVED" BOUNCE MESSAGES +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# TRANSPORT MAP +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# ALIAS DATABASE +# +# The alias_maps parameter specifies the list of alias databases used +# by the local delivery agent. The default list is system dependent. +# +# On systems with NIS, the default is to search the local alias +# database, then the NIS alias database. See aliases(5) for syntax +# details. +# +# If you change the alias database, run "postalias /etc/aliases" (or +# wherever your system stores the mail alias file), or simply run +# "newaliases" to build the necessary DBM or DB file. +# +# It will take a minute or so before changes become visible. Use +# "postfix reload" to eliminate the delay. +# +#alias_maps = dbm:/etc/aliases +#alias_maps = hash:/etc/aliases +#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = netinfo:/aliases + +# The alias_database parameter specifies the alias database(s) that +# are built with "newaliases" or "sendmail -bi". This is a separate +# configuration parameter, because alias_maps (see above) may specify +# tables that are not necessarily all under control by Postfix. +# +#alias_database = dbm:/etc/aliases +#alias_database = dbm:/etc/mail/aliases +#alias_database = hash:/etc/aliases +#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases + +# ADDRESS EXTENSIONS (e.g., user+foo) +# +# The recipient_delimiter parameter specifies the separator between +# user names and address extensions (user+foo). See canonical(5), +# local(8), relocated(5) and virtual(5) for the effects this has on +# aliases, canonical, virtual, relocated and .forward file lookups. +# Basically, the software tries user+foo and .forward+foo before +# trying user and .forward. +# +#recipient_delimiter = + + +# DELIVERY TO MAILBOX +# +# The home_mailbox parameter specifies the optional pathname of a +# mailbox file relative to a user's home directory. The default +# mailbox file is /var/spool/mail/user or /var/mail/user. Specify +# "Maildir/" for qmail-style delivery (the / is required). +# +#home_mailbox = Mailbox +#home_mailbox = Maildir/ + +# The mail_spool_directory parameter specifies the directory where +# UNIX-style mailboxes are kept. The default setting depends on the +# system type. +# +#mail_spool_directory = /var/mail +#mail_spool_directory = /var/spool/mail + +# The mailbox_command parameter specifies the optional external +# command to use instead of mailbox delivery. The command is run as +# the recipient with proper HOME, SHELL and LOGNAME environment settings. +# Exception: delivery for root is done as $default_user. +# +# Other environment variables of interest: USER (recipient username), +# EXTENSION (address extension), DOMAIN (domain part of address), +# and LOCAL (the address localpart). +# +# Unlike other Postfix configuration parameters, the mailbox_command +# parameter is not subjected to $parameter substitutions. This is to +# make it easier to specify shell syntax (see example below). +# +# Avoid shell meta characters because they will force Postfix to run +# an expensive shell process. Procmail alone is expensive enough. +# +# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN +# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. +# +#mailbox_command = /some/where/procmail +#mailbox_command = /some/where/procmail -a "$EXTENSION" + +# The mailbox_transport specifies the optional transport in master.cf +# to use after processing aliases and .forward files. This parameter +# has precedence over the mailbox_command, fallback_transport and +# luser_relay parameters. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#mailbox_transport = lmtp:unix:/file/name +#mailbox_transport = cyrus + +# The fallback_transport specifies the optional transport in master.cf +# to use for recipients that are not found in the UNIX passwd database. +# This parameter has precedence over the luser_relay parameter. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#fallback_transport = lmtp:unix:/file/name +#fallback_transport = cyrus +#fallback_transport = + +# The luser_relay parameter specifies an optional destination address +# for unknown recipients. By default, mail for unknown@$mydestination, +# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned +# as undeliverable. +# +# The following expansions are done on luser_relay: $user (recipient +# username), $shell (recipient shell), $home (recipient home directory), +# $recipient (full recipient address), $extension (recipient address +# extension), $domain (recipient domain), $local (entire recipient +# localpart), $recipient_delimiter. Specify ${name?value} or +# ${name:value} to expand value only when $name does (does not) exist. +# +# luser_relay works only for the default Postfix local delivery agent. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must specify "local_recipient_maps =" (i.e. empty) in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#luser_relay = $user@other.host +#luser_relay = $local@other.host +#luser_relay = admin+$local + +# JUNK MAIL CONTROLS +# +# The controls listed here are only a very small subset. The file +# SMTPD_ACCESS_README provides an overview. + +# The header_checks parameter specifies an optional table with patterns +# that each logical message header is matched against, including +# headers that span multiple physical lines. +# +# By default, these patterns also apply to MIME headers and to the +# headers of attached messages. With older Postfix versions, MIME and +# attached message headers were treated as body text. +# +# For details, see "man header_checks". +# +#header_checks = regexp:/etc/postfix/header_checks + +# FAST ETRN SERVICE +# +# Postfix maintains per-destination logfiles with information about +# deferred mail, so that mail can be flushed quickly with the SMTP +# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". +# See the ETRN_README document for a detailed description. +# +# The fast_flush_domains parameter controls what destinations are +# eligible for this service. By default, they are all domains that +# this server is willing to relay mail to. +# +#fast_flush_domains = $relay_domains + +# SHOW SOFTWARE VERSION OR NOT +# +# The smtpd_banner parameter specifies the text that follows the 220 +# code in the SMTP server's greeting banner. Some people like to see +# the mail version advertised. By default, Postfix shows no version. +# +# You MUST specify $myhostname at the start of the text. That is an +# RFC requirement. Postfix itself does not care. +# +#smtpd_banner = $myhostname ESMTP $mail_name +#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) + +# PARALLEL DELIVERY TO THE SAME DESTINATION +# +# How many parallel deliveries to the same user or domain? With local +# delivery, it does not make sense to do massively parallel delivery +# to the same user, because mailbox updates must happen sequentially, +# and expensive pipelines in .forward files can cause disasters when +# too many are run at the same time. With SMTP deliveries, 10 +# simultaneous connections to the same domain could be sufficient to +# raise eyebrows. +# +# Each message delivery transport has its XXX_destination_concurrency_limit +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. + +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 20 + +# DEBUGGING CONTROL +# +# The debug_peer_level parameter specifies the increment in verbose +# logging level when an SMTP client or server host name or address +# matches a pattern in the debug_peer_list parameter. +# +debug_peer_level = 2 + +# The debug_peer_list parameter specifies an optional list of domain +# or network patterns, /file/name patterns or type:name tables. When +# an SMTP client or server host name or address matches a pattern, +# increase the verbose logging level by the amount specified in the +# debug_peer_level parameter. +# +#debug_peer_list = 127.0.0.1 +#debug_peer_list = some.domain + +# The debugger_command specifies the external command that is executed +# when a Postfix daemon program is run with the -D option. +# +# Use "command .. & sleep 5" so that the debugger can attach before +# the process marches on. If you use an X-based debugger, be sure to +# set up your XAUTHORITY environment variable before starting Postfix. +# +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + +# If you can't use X, use this to capture the call stack when a +# daemon crashes. The result is in a file in the configuration +# directory, and is named after the process name and the process ID. +# +# debugger_command = +# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; +# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 +# >$config_directory/$process_name.$process_id.log & sleep 5 +# +# Another possibility is to run gdb under a detached screen session. +# To attach to the screen sesssion, su root and run "screen -r +# " where uniquely matches one of the detached +# sessions (from "screen -list"). +# +# debugger_command = +# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen +# -dmS $process_name gdb $daemon_directory/$process_name +# $process_id & sleep 1 + +# INSTALL-TIME CONFIGURATION INFORMATION +# +# The following parameters are used when installing a new Postfix version. +# +# sendmail_path: The full pathname of the Postfix sendmail command. +# This is the Sendmail-compatible mail posting interface. +# +sendmail_path = /usr/sbin/sendmail + +# newaliases_path: The full pathname of the Postfix newaliases command. +# This is the Sendmail-compatible command to build alias databases. +# +newaliases_path = /usr/bin/newaliases + +# mailq_path: The full pathname of the Postfix mailq command. This +# is the Sendmail-compatible mail queue listing command. +# +mailq_path = /usr/bin/mailq + +# setgid_group: The group for mail submission and queue management +# commands. This must be a group name with a numerical group ID that +# is not shared with other accounts, not even with the Postfix account. +# +setgid_group = postdrop + +# html_directory: The location of the Postfix HTML documentation. +# +html_directory = /usr/share/doc/postfix-2.8.9/html + +# manpage_directory: The location of the Postfix on-line manual pages. +# +manpage_directory = /usr/share/man + +# sample_directory: The location of the Postfix sample configuration files. +# This parameter is obsolete as of Postfix 2.1. +# +sample_directory = /etc/postfix + +# readme_directory: The location of the Postfix README files. +# +readme_directory = /usr/share/doc/postfix-2.8.9/readme +home_mailbox = .maildir/ diff --git a/config-archive/etc/postfix/master.cf b/config-archive/etc/postfix/master.cf new file mode 100644 index 0000000..eecc1c2 --- /dev/null +++ b/config-archive/etc/postfix/master.cf @@ -0,0 +1,143 @@ +# +# Postfix master process configuration file. For details on the format +# of the file, see the master(5) manual page (command: "man 5 master"). +# +# Do not forget to execute "postfix reload" after editing this file. +# +# ========================================================================== +# service type private unpriv chroot wakeup maxproc command + args +# (yes) (yes) (yes) (never) (100) +# ========================================================================== +smtp inet n - n - - smtpd + -o content_filter= + -o smtpd_proxy_filter=localhost:10024 +#smtp inet n - n - 1 postscreen +#smtpd pass - - n - - smtpd +#dnsblog unix - - n - 0 dnsblog +#tlsproxy unix - - n - 0 tlsproxy +#submission inet n - n - - smtpd +# -o smtpd_tls_security_level=encrypt +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#smtps inet n - n - - smtpd +# -o smtpd_tls_wrappermode=yes +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +smtps inet n - n - - smtpd + -o smtpd_tls_wrappermode=yes + -o smtpd_sasl_auth_enable=yes + -o content_filter= + -o smtpd_proxy_filter=localhost:10024 +localhost:10025 inet n - n - - smtpd + -o content_filter= + -o smtpd_proxy_filter= + -o smtpd_authorized_xforward_hosts=127.0.0.0/8 + -o smtpd_client_restictions= + -o smtpd_helo_restictions= + -o smtpd_sender_restrictions= + -o smtpd_recipient_restrictions=permit_mynetworks,reject + -o smtpd_data_restrictions= + -o mynetworks=127.0.0.0/8 + -o receive_override_options=no_unknown_recipient_checks +#628 inet n - n - - qmqpd +pickup fifo n - n 60 1 pickup +# -o content_filter=smtp:[localhost]:10024 +cleanup unix n - n - 0 cleanup +qmgr fifo n - n 300 1 qmgr +#qmgr fifo n - n 300 1 oqmgr +tlsmgr unix - - n 1000? 1 tlsmgr +rewrite unix - - n - - trivial-rewrite +bounce unix - - n - 0 bounce +defer unix - - n - 0 bounce +trace unix - - n - 0 bounce +verify unix - - n - 1 verify +flush unix n - n 1000? 0 flush +proxymap unix - - n - - proxymap +proxywrite unix - - n - 1 proxymap +smtp unix - - n - - smtp +# When relaying mail as backup MX, disable fallback_relay to avoid MX loops +relay unix - - n - - smtp + -o smtp_fallback_relay= +# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 +showq unix n - n - - showq +error unix - - n - - error +retry unix - - n - - error +discard unix - - n - - discard +local unix - n n - - local +virtual unix - n n - - virtual +lmtp unix - - n - - lmtp +anvil unix - - n - 1 anvil +scache unix - - n - 1 scache +# +# ==================================================================== +# Interfaces to non-Postfix software. Be sure to examine the manual +# pages of the non-Postfix software to find out what options it wants. +# +# Many of the following services use the Postfix pipe(8) delivery +# agent. See the pipe(8) man page for information about ${recipient} +# and other message envelope options. +# ==================================================================== +# +# maildrop. See the Postfix MAILDROP_README file for details. +# Also specify in main.cf: maildrop_destination_recipient_limit=1 +# +#maildrop unix - n n - - pipe +# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} +# +# ==================================================================== +# +# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +# +# Specify in cyrus.conf: +# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +# +# Specify in main.cf one or more of the following: +# mailbox_transport = lmtp:inet:localhost +# virtual_transport = lmtp:inet:localhost +# +# ==================================================================== +# +# Cyrus 2.1.5 (Amos Gouaux) +# Also specify in main.cf: cyrus_destination_recipient_limit=1 +# +#cyrus unix - n n - - pipe +# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +# +# ==================================================================== +# +# Old example of delivery via Cyrus. +# +#old-cyrus unix - n n - - pipe +# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +# +# ==================================================================== +# +# See the Postfix UUCP_README file for configuration details. +# +#uucp unix - n n - - pipe +# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +# +# ==================================================================== +# +# Other external delivery methods. +# +#ifmail unix - n n - - pipe +# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +# +#bsmtp unix - n n - - pipe +# flags=Fq. user=bsmtp argv=/usr/sbin/bsmtp -f $sender $nexthop $recipient +# +#scalemail-backend unix - n n - 2 pipe +# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store +# ${nexthop} ${user} ${extension} +# +#mailman unix - n n - - pipe +# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py +# ${nexthop} ${user} +# +# Greylisting +# ==================================================================== +policy unix - n n - - spawn + user=nobody argv=/usr/bin/perl -T /etc/postfix/greylist/greylist.pl diff --git a/config-archive/etc/postfix/master.cf.dist.new b/config-archive/etc/postfix/master.cf.dist.new new file mode 100644 index 0000000..be33f75 --- /dev/null +++ b/config-archive/etc/postfix/master.cf.dist.new @@ -0,0 +1,119 @@ +# +# Postfix master process configuration file. For details on the format +# of the file, see the master(5) manual page (command: "man 5 master"). +# +# Do not forget to execute "postfix reload" after editing this file. +# +# ========================================================================== +# service type private unpriv chroot wakeup maxproc command + args +# (yes) (yes) (yes) (never) (100) +# ========================================================================== +smtp inet n - n - - smtpd +#smtp inet n - n - 1 postscreen +#smtpd pass - - n - - smtpd +#dnsblog unix - - n - 0 dnsblog +#tlsproxy unix - - n - 0 tlsproxy +#submission inet n - n - - smtpd +# -o smtpd_tls_security_level=encrypt +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#smtps inet n - n - - smtpd +# -o smtpd_tls_wrappermode=yes +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#628 inet n - n - - qmqpd +pickup fifo n - n 60 1 pickup +cleanup unix n - n - 0 cleanup +qmgr fifo n - n 300 1 qmgr +#qmgr fifo n - n 300 1 oqmgr +tlsmgr unix - - n 1000? 1 tlsmgr +rewrite unix - - n - - trivial-rewrite +bounce unix - - n - 0 bounce +defer unix - - n - 0 bounce +trace unix - - n - 0 bounce +verify unix - - n - 1 verify +flush unix n - n 1000? 0 flush +proxymap unix - - n - - proxymap +proxywrite unix - - n - 1 proxymap +smtp unix - - n - - smtp +# When relaying mail as backup MX, disable fallback_relay to avoid MX loops +relay unix - - n - - smtp + -o smtp_fallback_relay= +# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 +showq unix n - n - - showq +error unix - - n - - error +retry unix - - n - - error +discard unix - - n - - discard +local unix - n n - - local +virtual unix - n n - - virtual +lmtp unix - - n - - lmtp +anvil unix - - n - 1 anvil +scache unix - - n - 1 scache +# +# ==================================================================== +# Interfaces to non-Postfix software. Be sure to examine the manual +# pages of the non-Postfix software to find out what options it wants. +# +# Many of the following services use the Postfix pipe(8) delivery +# agent. See the pipe(8) man page for information about ${recipient} +# and other message envelope options. +# ==================================================================== +# +# maildrop. See the Postfix MAILDROP_README file for details. +# Also specify in main.cf: maildrop_destination_recipient_limit=1 +# +#maildrop unix - n n - - pipe +# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} +# +# ==================================================================== +# +# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +# +# Specify in cyrus.conf: +# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +# +# Specify in main.cf one or more of the following: +# mailbox_transport = lmtp:inet:localhost +# virtual_transport = lmtp:inet:localhost +# +# ==================================================================== +# +# Cyrus 2.1.5 (Amos Gouaux) +# Also specify in main.cf: cyrus_destination_recipient_limit=1 +# +#cyrus unix - n n - - pipe +# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +# +# ==================================================================== +# +# Old example of delivery via Cyrus. +# +#old-cyrus unix - n n - - pipe +# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +# +# ==================================================================== +# +# See the Postfix UUCP_README file for configuration details. +# +#uucp unix - n n - - pipe +# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +# +# ==================================================================== +# +# Other external delivery methods. +# +#ifmail unix - n n - - pipe +# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +# +#bsmtp unix - n n - - pipe +# flags=Fq. user=bsmtp argv=/usr/sbin/bsmtp -f $sender $nexthop $recipient +# +#scalemail-backend unix - n n - 2 pipe +# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store +# ${nexthop} ${user} ${extension} +# +#mailman unix - n n - - pipe +# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py +# ${nexthop} ${user} diff --git a/config-archive/etc/sasl2/smtpd.conf b/config-archive/etc/sasl2/smtpd.conf new file mode 100644 index 0000000..e9499e4 --- /dev/null +++ b/config-archive/etc/sasl2/smtpd.conf @@ -0,0 +1,4 @@ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.3 2011/05/09 12:36:20 eras Exp $ +pwcheck_method:saslauthd +mech_list: PLAIN LOGIN +log_level: 3 diff --git a/config-archive/etc/sasl2/smtpd.conf.dist.new b/config-archive/etc/sasl2/smtpd.conf.dist.new new file mode 100644 index 0000000..c5320e7 --- /dev/null +++ b/config-archive/etc/sasl2/smtpd.conf.dist.new @@ -0,0 +1,3 @@ +# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.3 2011/05/09 12:36:20 eras Exp $ +pwcheck_method:saslauthd +mech_list: PLAIN diff --git a/courier-imap/orig/imapd b/courier-imap/orig/imapd new file mode 100644 index 0000000..8f8a010 --- /dev/null +++ b/courier-imap/orig/imapd @@ -0,0 +1,429 @@ +##VERSION: $Id: imapd.dist.in,v 1.41 2008/06/21 16:01:23 mrsam Exp $ +# +# imapd created from imapd.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used with the couriertcpd server. +# A lot of the stuff here is documented in the manual page for couriertcpd. +# +# NOTE - do not use \ to split long variable contents on multiple lines. +# This will break the default imapd.rc script, which parses this file. +# +##NAME: ADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# ADDRESS=127.0.0.1 + +ADDRESS=0 + +##NAME: PORT:1 +# +# Port numbers that connections are accepted on. The default is 143, +# the standard IMAP port. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possible to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The previous ADDRESS setting is a default for ports that do not have +# a specified IP address. + +PORT=143 + +##NAME: AUTHSERVICE:0 +# +# It's possible to authenticate using a different 'service' parameter +# depending on the connection's port. This only works with authentication +# modules that use the 'service' parameter, such as PAM. Example: +# +# AUTHSERVICE143=imap +# AUTHSERVICE993=imaps + +##NAME: MAXDAEMONS:0 +# +# Maximum number of IMAP servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:0 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=4 + +##NAME: PIDFILE:0 +# +# File where couriertcpd will save its process ID +# + +PIDFILE=/var/run/imapd.pid + +##NAME: TCPDOPTS:0 +# +# Miscellaneous couriertcpd options that shouldn't be changed. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=imapd" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@example.com" + +##NAME: IMAP_CAPABILITY:1 +# +# IMAP_CAPABILITY specifies what most of the response should be to the +# CAPABILITY command. +# +# If you have properly configured Courier to use CRAM-MD5, CRAM-SHA1, or +# CRAM-SHA256 authentication (see INSTALL), set IMAP_CAPABILITY as follows: +# +# IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" +# + +IMAP_CAPABILITY="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE" + +##NAME: KEYWORDS_CAPABILITY:0 +# +# IMAP_KEYWORDS=1 enables custom IMAP keywords. Set this option to 0 to +# disable custom keywords. +# +# IMAP_KEYWORDS=2 also enables custom IMAP keywords, but uses a slower +# algorithm. Use this setting if keyword-related problems occur when +# multiple IMAP clients are updating keywords on the same message. + +IMAP_KEYWORDS=1 + +##NAME: ACL_CAPABILITY:0 +# +# IMAP_ACL=1 enables IMAP ACL extension. Set this option to 0 to +# disable ACL capabilities announce. + +IMAP_ACL=1 + +##NAME: SMAP1_CAPABILITY:0 +# +# EXPERIMENTAL +# +# To enable the experimental "Simple Mail Access Protocol" extensions, +# uncomment the following setting. +# +# SMAP_CAPABILITY=SMAP1 + +##NAME: IMAP_CAPABILITY_ORIG:2 +# +# For use by webadmin + +IMAP_CAPABILITY_ORIG="IMAP4rev1 UIDPLUS CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA AUTH=CRAM-MD5 AUTH=CRAM-SHA1 AUTH=CRAM-SHA256 IDLE" + +##NAME: IMAP_PROXY:0 +# +# Enable proxying. See README.proxy + +IMAP_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. +# +# PROXY_HOSTNAME= + +##NAME: IMAP_PROXY_FOREIGN:0 +# +# Proxying to non-Courier servers. Re-sends the CAPABILITY command after +# logging in to the remote server. May not work with all IMAP clients. + +IMAP_PROXY_FOREIGN=0 + +##NAME: IMAP_IDLE_TIMEOUT:0 +# +# This setting controls how often +# the server polls for changes to the folder, in IDLE mode (in seconds). + +IMAP_IDLE_TIMEOUT=60 + +##NAME: IMAP_MAILBOX_SANITY_CHECK:0 +# +# Sanity check -- make sure home directory and maildir's ownership matches +# the IMAP server's effective uid and gid + +IMAP_MAILBOX_SANITY_CHECK=1 + +##NAME: IMAP_CAPABILITY_TLS:0 +# +# The following setting will advertise SASL PLAIN authentication after +# STARTTLS is established. If you want to allow SASL PLAIN authentication +# with or without TLS then just comment this out, and add AUTH=PLAIN to +# IMAP_CAPABILITY + +IMAP_CAPABILITY_TLS="$IMAP_CAPABILITY AUTH=PLAIN" + +##NAME: IMAP_TLS_ORIG:0 +# +# For use by webadmin + +IMAP_CAPABILITY_TLS_ORIG="$IMAP_CAPABILITY_ORIG AUTH=PLAIN" + +##NAME: IMAP_DISABLETHREADSORT:0 +# +# Set IMAP_DISABLETHREADSORT to disable the THREAD and SORT commands - +# server side sorting and threading. +# +# Those capabilities will still be advertised, but the server will reject +# them. Set this option if you want to disable all the extra load from +# server-side threading and sorting. Not advertising those capabilities +# will simply result in the clients reading the entire folder, and sorting +# it on the client side. That will still put some load on the server. +# advertising these capabilities, but rejecting the commands, will stop this +# silliness. +# + +IMAP_DISABLETHREADSORT=0 + +##NAME: IMAP_CHECK_ALL_FOLDERS:0 +# +# Set IMAP_CHECK_ALL_FOLDERS to 1 if you want the server to check for new +# mail in every folder. Not all IMAP clients use the IMAP's new mail +# indicator, but some do. Normally new mail is checked only in INBOX, +# because it is a comparatively time consuming operation, and it would be +# a complete waste of time unless mail filters are used to deliver +# mail directly to folders. +# +# When IMAP clients are used which support new mail indication, and when +# mail filters are used to sort incoming mail into folders, setting +# IMAP_CHECK_ALL_FOLDERS to 1 will allow IMAP clients to announce new +# mail in folders. Note that this will result in slightly more load on the +# server. +# + +IMAP_CHECK_ALL_FOLDERS=0 + +##NAME: IMAP_OBSOLETE_CLIENT:0 +# +# Set IMAP_OBSOLETE_CLIENT if your IMAP client expects \\NoInferiors to mean +# what \\HasNoChildren really means. + +IMAP_OBSOLETE_CLIENT=0 + +##NAME: IMAP_UMASK:0 +# +# IMAP_UMASK sets the umask of the server process. The value of IMAP_UMASK is +# simply passed to the "umask" command. The default value is 022. +# +# This feature is mostly useful for shared folders, where the file permissions +# of the messages may be important. + +IMAP_UMASK=022 + +##NAME: IMAP_ULIMITD:0 +# +# IMAP_ULIMITD sets the maximum size of the data segment of the server +# process. The value of IMAP_ULIMITD is simply passed to the "ulimit -d" +# command (or ulimit -v). The argument to ulimi sets the upper limit on the +# size of the data segment of the server process, in kilobytes. The default +# value of 65536 sets a very generous limit of 64 megabytes, which should +# be more than plenty for anyone. +# +# This feature is used as an additional safety check that should stop +# any potential denial-of-service attacks that exploit any kind of +# a memory leak to exhaust all the available memory on the server. +# It is theoretically possible that obscenely huge folders will also +# result in the server running out of memory when doing server-side +# sorting (by my calculations you have to have at least 100,000 messages +# in a single folder, for that to happen). + +IMAP_ULIMITD=65536 + +##NAME: IMAP_USELOCKS:0 +# +# Setting IMAP_USELOCKS to 1 will use dot-locking to support concurrent +# multiple access to the same folder. This incurs slight additional +# overhead. Concurrent multiple access will still work without this setting, +# however occasionally a minor race condition may result in an IMAP client +# downloading the same message twice, or a keyword update will fail. +# +# IMAP_USELOCKS=1 is strongly recommended when shared folders are used. + +IMAP_USELOCKS=1 + +##NAME: IMAP_SHAREDINDEXFILE:0 +# +# The index of all accessible folders. Do not change this setting unless +# you know what you're doing. See README.sharedfolders for additional +# information. + +IMAP_SHAREDINDEXFILE=/etc/courier-imap/shared/index + +##NAME: IMAP_ENHANCEDIDLE:0 +# +# If Courier was compiled with the File Alteration Monitor, setting +# IMAP_ENHANCEDIDLE to 1 enables enhanced IDLE mode, where multiple +# clients may open the same folder concurrently, and receive updates to +# folder contents in realtime. See the imapd(8) man page for additional +# information. +# +# IMPORTANT: IMAP_USELOCKS *MUST* also be set to 1, and IDLE must be included +# in the IMAP_CAPABILITY list. +# + +IMAP_ENHANCEDIDLE=0 + +##NAME: IMAP_TRASHFOLDERNAME:0 +# +# The name of the magic trash Folder. For MSOE compatibility, +# you can set IMAP_TRASHFOLDERNAME="Deleted Items". +# +# IMPORTANT: If you change this, you must also change IMAP_EMPTYTRASH + +IMAP_TRASHFOLDERNAME=Trash + +##NAME: IMAP_EMPTYTRASH:0 +# +# The following setting is optional, and causes messages from the given +# folder to be automatically deleted after the given number of days. +# IMAP_EMPTYTRASH is a comma-separated list of folder:days. The default +# setting, below, purges 7 day old messages from the Trash folder. +# Another useful setting would be: +# +# IMAP_EMPTYTRASH=Trash:7,Sent:30 +# +# This would also delete messages from the Sent folder (presumably copies +# of sent mail) after 30 days. This is a global setting that is applied to +# every mail account, and is probably useful in a controlled, corporate +# environment. +# +# Important: the purging is controlled by CTIME, not MTIME (the file time +# as shown by ls). It is perfectly ordinary to see stuff in Trash that's +# a year old. That's the file modification time, MTIME, that's displayed. +# This is generally when the message was originally delivered to this +# mailbox. Purging is controlled by a different timestamp, CTIME, which is +# changed when the file is moved to the Trash folder (and at other times too). +# +# You might want to disable this setting in certain situations - it results +# in a stat() of every file in each folder, at login and logout. +# + +IMAP_EMPTYTRASH=Trash:7 + +##NAME: IMAP_MOVE_EXPUNGE_TO_TRASH:0 +# +# Set IMAP_MOVE_EXPUNGE_TO_TRASH to move expunged messages to Trash. This +# effectively allows an undo of message deletion by fishing the deleted +# mail from trash. Trash can be manually expunged as usually, and mail +# will get automatically expunged from Trash according to IMAP_EMPTYTRASH. +# +# NOTE: shared folders are still expunged as usual. Shared folders are +# not affected. +# + +IMAP_MOVE_EXPUNGE_TO_TRASH=0 + + +##NAME: OUTBOX:0 +# +# The next set of options deal with the "Outbox" enhancement. +# Uncomment the following setting to create a special folder, named +# INBOX.Outbox +# +# OUTBOX=.Outbox + +##NAME: SENDMAIL:0 +# +# If OUTBOX is defined, mail can be sent via the IMAP connection by copying +# a message to the INBOX.Outbox folder. For all practical matters, +# INBOX.Outbox looks and behaves just like any other IMAP folder. If this +# folder doesn't exist it must be created by the IMAP mail client, just +# like any other IMAP folder. The kicker: any message copied or moved to +# this folder is will be E-mailed by the Courier-IMAP server, by running +# the SENDMAIL program. Therefore, messages copied or moved to this +# folder must be well-formed RFC-2822 messages, with the recipient list +# specified in the To:, Cc:, and Bcc: headers. Courier-IMAP relies on +# SENDMAIL to read the recipient list from these headers (and delete the Bcc: +# header) by running the command "$SENDMAIL -oi -t -f $SENDER", with the +# message piped on standard input. $SENDER will be the return address +# of the message, which is set by the authentication module. +# +# DO NOT MODIFY SENDMAIL, below, unless you know what you're doing. +# + +SENDMAIL=/usr/sbin/sendmail + +##NAME: HEADERFROM:0 +# +# For administrative and oversight purposes, the return address, $SENDER +# will also be saved in the X-IMAP-Sender mail header. This header gets +# added to the sent E-mail (but it doesn't get saved in the copy of the +# message that's saved in the folder) +# +# WARNING - By enabling OUTBOX above, *every* IMAP mail client will receive +# the magic OUTBOX treatment. Therefore advance LARTing is in order for +# _all_ of your lusers, until every one of them is aware of this. Otherwise if +# OUTBOX is left at its default setting - a folder name that might be used +# accidentally - some people may be in for a rude surprise. You can redefine +# the name of the magic folder by changing OUTBOX, above. You should do that +# and pick a less-obvious name. Perhaps brand it with your organizational +# name ( OUTBOX=.WidgetsAndSonsOutbox ) + +HEADERFROM=X-IMAP-Sender + +##NAME: OUTBOX_MULTIPLE_SEND:0 +# +# Remove the following comment to allow a COPY of more than one message to +# the Outbox, at a time. +# +# OUTBOX_MULTIPLE_SEND=1 + +##NAME: IMAPDSTART:0 +# +# IMAPDSTART is not used directly. Rather, this is a convenient flag to +# be read by your system startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/imapd +# +# case x$IMAPDSTART in +# x[yY]*) +# /usr/lib64/courier-imap/imapd.rc start +# ;; +# esac +# +# The default setting is going to be NO, so you'll have to manually flip +# it to yes. + +IMAPDSTART=NO + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= diff --git a/courier-imap/orig/imapd-ssl b/courier-imap/orig/imapd-ssl new file mode 100644 index 0000000..ee723ac --- /dev/null +++ b/courier-imap/orig/imapd-ssl @@ -0,0 +1,336 @@ +##VERSION: $Id: imapd-ssl.dist.in,v 1.21 2008/07/12 20:17:24 mrsam Exp $ +# +# imapd-ssl created from imapd-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000 - 2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL IMAP connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL IMAP +# connections, you will start two instances of couriertcpd, one on the +# IMAP port 143, and another one on the IMAP-SSL port 993. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:1 +# +# Options in the imapd-ssl configuration file AUGMENT the options in the +# imapd configuration file. First the imapd configuration file is read, +# then the imapd-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 993. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=993 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# +# That's the SSL IMAP port we'll listen on. +# Feel free to redefine MAXDAEMONS, TCPDOPTS, and MAXPERIP. + +SSLPIDFILE=/var/run/imapd-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=imapd-ssl" + +##NAME: IMAPDSSLSTART:0 +# +# Different pid files, so that both instances of couriertcpd can coexist +# happily. +# +# You can also redefine IMAP_CAPABILITY, although I can't +# think of why you'd want to do that. +# +# +# Ok, the following settings are new to imapd-ssl: +# +# Whether or not to start IMAP over SSL on simap port: + +IMAPDSSLSTART=NO + +##NAME: IMAPDSTARTTLS:0 +# +# Whether or not to implement IMAP STARTTLS extension instead: + +IMAPDSTARTTLS=YES + +##NAME: IMAP_TLS_REQUIRED:1 +# +# Set IMAP_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED IMAP capability, until STARTTLS +# is issued). + +IMAP_TLS_REQUIRED=0 + + +######################################################################### +# +# The following variables configure IMAP over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. +# +##NAME: COURIERTLS:0 +# + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the IMAP STARTTLS +# extension, as opposed to IMAP over SSL on port 993. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/imapd.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for IMAP clients +# that open multiple SSL sessions to the server. TLS_CACHEFILE will be +# automatically created, TLS_CACHESIZE bytes long, and used as a cache +# buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir diff --git a/courier-imap/orig/imapd.cnf b/courier-imap/orig/imapd.cnf new file mode 100644 index 0000000..c7c1f61 --- /dev/null +++ b/courier-imap/orig/imapd.cnf @@ -0,0 +1,22 @@ + +RANDFILE = /usr/share/imapd.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated IMAP SSL key +CN=localhost +emailAddress=postmaster@example.com + + +[ cert_type ] +nsCertType = server diff --git a/courier-imap/orig/pop3d b/courier-imap/orig/pop3d new file mode 100644 index 0000000..8dd8bd1 --- /dev/null +++ b/courier-imap/orig/pop3d @@ -0,0 +1,155 @@ +##VERSION: $Id: pop3d.dist.in,v 1.16 2005/07/05 12:42:51 mrsam Exp $ +# +# pop3d created from pop3d.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 1998 - 2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Courier POP3 daemon configuration +# +##NAME: PIDFILE:0 +# + +PIDFILE=/var/run/pop3d.pid + +##NAME: MAXDAEMONS:0 +# +# Maximum number of POP3 servers started +# + +MAXDAEMONS=40 + +##NAME: MAXPERIP:4 +# +# Maximum number of connections to accept from the same IP address + +MAXPERIP=4 + +##NAME: POP3AUTH:1 +# +# To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH +# variable: +# +# POP3AUTH="LOGIN" +# +# If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH +# to something like this: +# +# POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" + +POP3AUTH="" + +##NAME: POP3AUTH_ORIG:1 +# +# For use by webadmin + +POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" + +##NAME: POP3AUTH_TLS:1 +# +# To also advertise SASL PLAIN if SSL is enabled, uncomment the +# POP3AUTH_TLS environment variable: +# +# POP3AUTH_TLS="LOGIN PLAIN" + +POP3AUTH_TLS="" + +##NAME: POP3AUTH_TLS_ORIG:0 +# +# For use by webadmin + +POP3AUTH_TLS_ORIG="LOGIN PLAIN" + +##NAME: POP3_PROXY:0 +# +# Enable proxying. See README.proxy + +POP3_PROXY=0 + +##NAME: PROXY_HOSTNAME:0 +# +# Override value from gethostname() when checking if a proxy connection is +# required. + +# PROXY_HOSTNAME= + +##NAME: PORT:1 +# +# Port to listen on for connections. The default is port 110. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 +# The ADDRESS setting is a default for ports that do not have a specified +# IP address. + +PORT=110 + +##NAME: ADDRESS:0 +# +# IP address to listen on. 0 means all IP addresses. + +ADDRESS=0 + +##NAME: TCPDOPTS:0 +# +# Other couriertcpd(1) options. The following defaults should be fine. +# + +TCPDOPTS="-nodnslookup -noidentlookup" + +##NAME: LOGGEROPTS:0 +# +# courierlogger(1) options. +# + +LOGGEROPTS="-name=pop3d" + +##NAME: DEFDOMAIN:0 +# +# Optional default domain. If the username does not contain the +# first character of DEFDOMAIN, then it is appended to the username. +# If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended +# only if the username does not contain any character from DOMAINSEP. +# You can set different default domains based on the the interface IP +# address using the -access and -accesslocal options of couriertcpd(1). + +#DEFDOMAIN="@example.com" + +##NAME: POP3DSTART:0 +# +# POP3DSTART is not referenced anywhere in the standard Courier programs +# or scripts. Rather, this is a convenient flag to be read by your system +# startup script in /etc/rc.d, like this: +# +# . /etc/courier-imap/pop3d +# case x$POP3DSTART in +# x[yY]*) +# /usr/lib64/courier-imap/pop3d.rc start +# ;; +# esac +# +# The default setting is going to be NO, until Courier is shipped by default +# with enough platforms so that people get annoyed with having to flip it to +# YES every time. + +POP3DSTART=NO + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir +# Put any program for ${PRERUN} here +PRERUN= +# Put any program for ${LOGINRUN} here +# this is for relay-ctrl-allow in 4* +LOGINRUN= diff --git a/courier-imap/orig/pop3d-ssl b/courier-imap/orig/pop3d-ssl new file mode 100644 index 0000000..56f55d2 --- /dev/null +++ b/courier-imap/orig/pop3d-ssl @@ -0,0 +1,322 @@ +##VERSION: $Id: pop3d-ssl.dist.in,v 1.22 2008/07/12 20:17:25 mrsam Exp $ +# +# pop3d-ssl created from pop3d-ssl.dist by sysconftool +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# Copyright 2000-2008 Double Precision, Inc. See COPYING for +# distribution information. +# +# This configuration file sets various options for the Courier-IMAP server +# when used to handle SSL POP3 connections. +# +# SSL and non-SSL connections are handled by a dedicated instance of the +# couriertcpd daemon. If you are accepting both SSL and non-SSL POP3 +# connections, you will start two instances of couriertcpd, one on the +# POP3 port 110, and another one on the POP3-SSL port 995. +# +# Download OpenSSL from http://www.openssl.org/ +# +##NAME: SSLPORT:0 +# +# Options in the pop3d-ssl configuration file AUGMENT the options in the +# pop3d configuration file. First the pop3d configuration file is read, +# then the pop3d-ssl configuration file, so we do not have to redefine +# anything. +# +# However, some things do have to be redefined. The port number is +# specified by SSLPORT, instead of PORT. The default port is port 995. +# +# Multiple port numbers can be separated by commas. When multiple port +# numbers are used it is possibly to select a specific IP address for a +# given port as "ip.port". For example, "127.0.0.1.900,192.168.0.1.900" +# accepts connections on port 900 on IP addresses 127.0.0.1 and 192.168.0.1 +# The SSLADDRESS setting is a default for ports that do not have +# a specified IP address. + +SSLPORT=995 + +##NAME: SSLADDRESS:0 +# +# Address to listen on, can be set to a single IP address. +# +# SSLADDRESS=127.0.0.1 + +SSLADDRESS=0 + +##NAME: SSLPIDFILE:0 +# + +SSLPIDFILE=/var/run/pop3d-ssl.pid + +##NAME: SSLLOGGEROPTS:0 +# +# courierlogger(1) options. +# + +SSLLOGGEROPTS="-name=pop3d-ssl" + +##NAME: POP3DSSLSTART:0 +# +# Whether or not to start POP3 over SSL on spop3 port: + +POP3DSSLSTART=NO + +##NAME: POP3_STARTTLS:0 +# +# Whether or not to implement the POP3 STLS extension: + +POP3_STARTTLS=YES + +##NAME: POP3_TLS_REQUIRED:1 +# +# Set POP3_TLS_REQUIRED to 1 if you REQUIRE STARTTLS for everyone. +# (this option advertises the LOGINDISABLED POP3 capability, until STARTTLS +# is issued). + +POP3_TLS_REQUIRED=0 + +##NAME: COURIERTLS:0 +# +# The following variables configure POP3 over SSL. If OpenSSL or GnuTLS +# is available during configuration, the couriertls helper gets compiled, and +# upon installation a dummy TLS_CERTFILE gets generated. +# +# WARNING: Peer certificate verification has NOT yet been tested. Proceed +# at your own risk. Only the basic SSL/TLS functionality is known to be +# working. Keep this in mind as you play with the following variables. + +COURIERTLS=/usr/sbin/couriertls + +##NAME: TLS_PROTOCOL:0 +# +# TLS_PROTOCOL sets the protocol version. The possible versions are: +# +# OpenSSL: +# +# SSL2 - SSLv2 +# SSL3 - SSLv3 +# SSL23 - either SSLv2 or SSLv3 (also TLS1, it seems) +# TLS1 - TLS1 +# +# Note that this setting, with OpenSSL, is modified by the TLS_CIPHER_LIST +# setting, below. +# +# GnuTLS: +# +# SSL3 - SSLv3 +# TLS1 - TLS 1.0 +# TLS1_1 - TLS 1.1 +# +# When compiled against GnuTLS, multiple protocols can be selected as follows: +# +# TLS_PROTOCOL="TLS1_1:TLS1:SSL3" +# +# DEFAULT VALUES: +# +# SSL23 (OpenSSL), or "TLS_1:TLS1:SSL3" (GnuTLS) + +##NAME: TLS_STARTTLS_PROTOCOL:0 +# +# TLS_STARTTLS_PROTOCOL is used instead of TLS_PROTOCOL for the POP3 STARTTLS +# extension, as opposed to POP3 over SSL on port 995. +# +# It takes the same values for OpenSSL/GnuTLS as TLS_PROTOCOL + +TLS_STARTTLS_PROTOCOL=TLS1 + +##NAME: TLS_CIPHER_LIST:0 +# +# TLS_CIPHER_LIST optionally sets the list of ciphers to be used by the +# OpenSSL library. In most situations you can leave TLS_CIPHER_LIST +# undefined +# +# OpenSSL: +# +# TLS_CIPHER_LIST="SSLv3:TLSv1:!SSLv2:HIGH:!LOW:!MEDIUM:!EXP:!NULL@STRENGTH" +# +# To enable SSL2, remove the obvious "!SSLv2" part from the above list. +# +# +# GnuTLS: +# +# TLS_CIPHER_LIST="HIGH:MEDIUM" +# +# The actual list of available ciphers depend on the options GnuTLS was +# compiled against. The possible ciphers are: +# +# AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL +# +# Also, the following aliases: +# +# HIGH -- all ciphers that use more than a 128 bit key size +# MEDIUM -- all ciphers that use a 128 bit key size +# LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher +# is not included +# ALL -- all ciphers except the NULL cipher + + +##NAME: TLS_MIN_DH_BITS:0 +# +# TLS_MIN_DH_BITS=n +# +# GnuTLS only: +# +# Set the minimum number of acceptable bits for a DH key exchange. +# +# GnuTLS's compiled-in default is 727 bits (as of GnuTLS 1.6.3). Some server +# have been encountered that offer 512 bit keys. You may have to set +# TLS_MIN_DH_BITS=512 here, if necessary. + +##NAME: TLS_KX_LIST:0 +# +# GnuTLS only: +# +# Allowed key exchange protocols. The default of "ALL" should be sufficient. +# The list of supported key exchange protocols depends on the options GnuTLS +# was compiled against, but may include the following: +# +# DHERSA, DHEDSS, RSA, SRP, SRPRSA, SRPDSS, PSK, DHEPSK, ANONDH, RSAEXPORT + +TLS_KX_LIST=ALL + +##NAME: TLS_COMPRESSION:0 +# +# GnuTLS only: +# +# Optional compression. "ALL" selects all available compression methods. +# +# Available compression methods: DEFLATE, LZO, NULL + +TLS_COMPRESSION=ALL + +##NAME: TLS_CERTS:0 +# +# GnuTLS only: +# +# Supported certificate types are X509 and OPENPGP. +# +# OPENPGP has not been tested + +TLS_CERTS=X509 + +##NAME: TLS_TIMEOUT:0 +# TLS_TIMEOUT is currently not implemented, and reserved for future use. +# This is supposed to be an inactivity timeout, but its not yet implemented. +# + +##NAME: TLS_DHCERTFILE:0 +# +# TLS_DHCERTFILE - PEM file that stores a Diffie-Hellman -based certificate. +# When OpenSSL is compiled to use Diffie-Hellman ciphers instead of RSA +# you must generate a DH pair that will be used. In most situations the +# DH pair is to be treated as confidential, and the file specified by +# TLS_DHCERTFILE must not be world-readable. +# +# TLS_DHCERTFILE= + +##NAME: TLS_CERTFILE:0 +# +# TLS_CERTFILE - certificate to use. TLS_CERTFILE is required for SSL/TLS +# servers, and is optional for SSL/TLS clients. TLS_CERTFILE is usually +# treated as confidential, and must not be world-readable. Set TLS_CERTFILE +# instead of TLS_DHCERTFILE if this is a garden-variety certificate +# +# VIRTUAL HOSTS (servers only): +# +# Due to technical limitations in the original SSL/TLS protocol, a dedicated +# IP address is required for each virtual host certificate. If you have +# multiple certificates, install each certificate file as +# $TLS_CERTFILE.aaa.bbb.ccc.ddd, where "aaa.bbb.ccc.ddd" is the IP address +# for the certificate's domain name. So, if TLS_CERTFILE is set to +# /etc/certificate.pem, then you'll need to install the actual certificate +# files as /etc/certificate.pem.192.168.0.2, /etc/certificate.pem.192.168.0.3 +# and so on, for each IP address. +# +# GnuTLS only (servers only): +# +# GnuTLS implements a new TLS extension that eliminates the need to have a +# dedicated IP address for each SSL/TLS domain name. Install each certificate +# as $TLS_CERTFILE.domain, so if TLS_CERTFILE is set to /etc/certificate.pem, +# then you'll need to install the actual certificate files as +# /etc/certificate.pem.host1.example.com, /etc/certificate.pem.host2.example.com +# and so on. +# +# Note that this TLS extension also requires a corresponding support in the +# client. Older SSL/TLS clients may not support this feature. +# +# This is an experimental feature. + +TLS_CERTFILE=/etc/courier-imap/pop3d.pem + +##NAME: TLS_TRUSTCERTS:0 +# +# TLS_TRUSTCERTS=pathname - load trusted certificates from pathname. +# pathname can be a file or a directory. If a file, the file should +# contain a list of trusted certificates, in PEM format. If a +# directory, the directory should contain the trusted certificates, +# in PEM format, one per file and hashed using OpenSSL's c_rehash +# script. TLS_TRUSTCERTS is used by SSL/TLS clients (by specifying +# the -domain option) and by SSL/TLS servers (TLS_VERIFYPEER is set +# to PEER or REQUIREPEER). +# + +TLS_TRUSTCERTS=/etc/ssl/certs + +##NAME: TLS_VERIFYPEER:0 +# +# TLS_VERIFYPEER - how to verify client certificates. The possible values of +# this setting are: +# +# NONE - do not verify anything +# +# PEER - verify the client certificate, if one's presented +# +# REQUIREPEER - require a client certificate, fail if one's not presented +# +# +TLS_VERIFYPEER=NONE + +##NAME: TLS_EXTERNAL:0 +# +# To enable SSL certificate-based authentication: +# +# 1) TLS_TRUSTCERTS must be set to a pathname that holds your certificate +# authority's SSL certificate +# +# 2) TLS_VERIFYPEER=PEER or TLS_VERIFYPEER=REQUIREPEER (the later settings +# requires all SSL clients to present a certificate, and rejects +# SSL/TLS connections without a valid cert). +# +# 3) Set TLS_EXTERNAL, below, to the subject field that holds the login ID. +# Example: +# +# TLS_EXTERNAL=emailaddress +# +# The above example retrieves the login ID from the "emailaddress" subject +# field. The certificate's emailaddress subject must match exactly the login +# ID in the courier-authlib database. + +##NAME: TLS_CACHE:0 +# +# A TLS/SSL session cache may slightly improve response for long-running +# POP3 clients. TLS_CACHEFILE will be automatically created, TLS_CACHESIZE +# bytes long, and used as a cache buffer. +# +# This is an experimental feature and should be disabled if it causes +# problems with SSL clients. Disable SSL caching by commenting out the +# following settings: + +TLS_CACHEFILE=/var/lib/courier-imap/couriersslcache +TLS_CACHESIZE=524288 + +##NAME: MAILDIRPATH:0 +# +# MAILDIRPATH - directory name of the maildir directory. +# +MAILDIRPATH=Maildir + +# Hardwire a value for ${MAILDIR} +MAILDIR=.maildir +MAILDIRPATH=.maildir diff --git a/courier-imap/orig/pop3d.cnf b/courier-imap/orig/pop3d.cnf new file mode 100644 index 0000000..f5ee623 --- /dev/null +++ b/courier-imap/orig/pop3d.cnf @@ -0,0 +1,22 @@ + +RANDFILE = /usr/share/pop3d.rand + +[ req ] +default_bits = 1024 +encrypt_key = yes +distinguished_name = req_dn +x509_extensions = cert_type +prompt = no + +[ req_dn ] +C=US +ST=NY +L=New York +O=Courier Mail Server +OU=Automatically-generated POP3 SSL key +CN=localhost +emailAddress=postmaster@example.com + + +[ cert_type ] +nsCertType = server diff --git a/courier/authlib/.rcs/authdaemonrc,v b/courier/authlib/.rcs/authdaemonrc,v deleted file mode 100644 index ae2b7c5..0000000 --- a/courier/authlib/.rcs/authdaemonrc,v +++ /dev/null @@ -1,127 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.22.01.39; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $ -# -# Copyright 2000-2005 Double Precision, Inc. See COPYING for -# distribution information. -# -# authdaemonrc created from authdaemonrc.dist by sysconftool -# -# Do not alter lines that begin with ##, they are used when upgrading -# this configuration. -# -# This file configures authdaemond, the resident authentication daemon. -# -# Comments in this file are ignored. Although this file is intended to -# be sourced as a shell script, authdaemond parses it manually, so -# the acceptable syntax is a bit limited. Multiline variable contents, -# with the \ continuation character, are not allowed. Everything must -# fit on one line. Do not use any additional whitespace for indentation, -# or anything else. - -##NAME: authmodulelist:2 -# -# The authentication modules that are linked into authdaemond. The -# default list is installed. You may selectively disable modules simply -# by removing them from the following list. The available modules you -# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe - -authmodulelist="authmysql " - -##NAME: authmodulelistorig:3 -# -# This setting is used by Courier's webadmin module, and should be left -# alone - -authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" - -##NAME: daemons:0 -# -# The number of daemon processes that are started. authdaemon is typically -# installed where authentication modules are relatively expensive: such -# as authldap, or authmysql, so it's better to have a number of them running. -# PLEASE NOTE: Some platforms may experience a problem if there's more than -# one daemon. Specifically, SystemV derived platforms that use TLI with -# socket emulation. I'm suspicious of TLI's ability to handle multiple -# processes accepting connections on the same filesystem domain socket. -# -# You may need to increase daemons if as your system load increases. Symptoms -# include sporadic authentication failures. If you start getting -# authentication failures, increase daemons. However, the default of 5 -# SHOULD be sufficient. Bumping up daemon count is only a short-term -# solution. The permanent solution is to add more resources: RAM, faster -# disks, faster CPUs... - -daemons=5 - -##NAME: authdaemonvar:2 -# -# authdaemonvar is here, but is not used directly by authdaemond. It's -# used by various configuration and build scripts, so don't touch it! - -authdaemonvar=/var/lib/courier/authdaemon - -##NAME: DEBUG_LOGIN:0 -# -# Dump additional diagnostics to syslog -# -# DEBUG_LOGIN=0 - turn off debugging -# DEBUG_LOGIN=1 - turn on debugging -# DEBUG_LOGIN=2 - turn on debugging + log passwords too -# -# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog. -# -# Note that most information is sent to syslog at level 'debug', so -# you may need to modify your /etc/syslog.conf to be able to see it. - -DEBUG_LOGIN=0 - -##NAME: DEFAULTOPTIONS:0 -# -# A comma-separated list of option=value pairs. Each option is applied -# to an account if the account does not have its own specific value for -# that option. So for example, you can set -# DEFAULTOPTIONS="disablewebmail=1,disableimap=1" -# and then enable webmail and/or imap on individual accounts by setting -# disablewebmail=0 and/or disableimap=0 on the account. - -DEFAULTOPTIONS="" - -##NAME: LOGGEROPTS:0 -# -# courierlogger(1) options, e.g. to set syslog facility -# - -LOGGEROPTS="" - -##NAME: LDAP_TLS_OPTIONS:0 -# -# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'. -# Examples: -# -#LDAPTLS_CACERT=/path/to/cacert.pem -#LDAPTLS_REQCERT=demand -#LDAPTLS_CERT=/path/to/clientcert.pem -#LDAPTLS_KEY=/path/to/clientkey.pem -@ diff --git a/courier/authlib/.rcs/authldaprc,v b/courier/authlib/.rcs/authldaprc,v deleted file mode 100644 index 52cae5d..0000000 --- a/courier/authlib/.rcs/authldaprc,v +++ /dev/null @@ -1,297 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.22.01.39; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@##VERSION: $Id: authldaprc,v 1.25 2005/10/05 00:07:32 mrsam Exp $ -# -# Copyright 2000-2004 Double Precision, Inc. See COPYING for -# distribution information. -# -# Do not alter lines that begin with ##, they are used when upgrading -# this configuration. -# -# authldaprc created from authldaprc.dist by sysconftool -# -# DO NOT INSTALL THIS FILE with world read permissions. This file -# might contain the LDAP admin password! -# -# This configuration file specifies LDAP authentication parameters -# -# The format of this file must be as follows: -# -# field[spaces|tabs]value -# -# That is, the name of the field, followed by spaces or tabs, followed by -# field value. No trailing spaces. -# -# Here are the fields: - -##NAME: LOCATION:1 -# -# Location of your LDAP server(s). If you have multiple LDAP servers, -# you can list them separated by commas and spaces, and they will be tried in -# turn. - -LDAP_URI ldaps://ldap.example.com, ldaps://backup.example.com - -##NAME: LDAP_PROTOCOL_VERSION:0 -# -# Which version of LDAP protocol to use - -LDAP_PROTOCOL_VERSION 3 - -##NAME: LDAP_BASEDN:0 -# -# Look for authentication here: - -LDAP_BASEDN o=example, c=com - -##NAME: LDAP_BINDDN:0 -# -# You may or may not need to specify the following. Because you've got -# a password here, authldaprc should not be world-readable!!! - -LDAP_BINDDN cn=administrator, o=example, c=com -LDAP_BINDPW toto - -##NAME: LDAP_TIMEOUT:0 -# -# Timeout for LDAP search and connection - -LDAP_TIMEOUT 5 - -##NAME: LDAP_AUTHBIND:0 -# -# Define this to have the ldap server authenticate passwords. If LDAP_AUTHBIND -# the password is validated by rebinding with the supplied userid and password. -# If rebind succeeds, this is considered to be an authenticated request. This -# does not support CRAM-MD5 authentication, which requires clearPassword. -# Additionally, if LDAP_AUTHBIND is 1 then password changes are done under -# the credentials of the user themselves, not LDAP_BINDDN/BINDPW -# -# LDAP_AUTHBIND 1 - -##NAME: LDAP_MAIL:0 -# -# Here's the field on which we query - -LDAP_MAIL mail - -##NAME: LDAP_FILTER:0 -# -# This LDAP filter will be ANDed with the query for the field defined above -# in LDAP_MAIL. So if you are querying for mail, and you have LDAP_FILTER -# defined to be "(objectClass=CourierMailAccount)" the query that is performed -# will be "(&(objectClass=CourierMailAccount)(mail=))" -# -# LDAP_FILTER (objectClass=CourierMailAccount) - -##NAME: LDAP_DOMAIN:0 -# -# The following default domain will be appended, if not explicitly specified. -# -# LDAP_DOMAIN example.com - -##NAME: LDAP_GLOB_IDS:0 -# -# The following two variables can be used to set everybody's uid and gid. -# This is convenient if your LDAP specifies a bunch of virtual mail accounts -# The values can be usernames or userids: -# -# LDAP_GLOB_UID vmail -# LDAP_GLOB_GID vmail - -##NAME: LDAP_HOMEDIR:0 -# -# We will retrieve the following attributes -# -# The HOMEDIR attribute MUST exist, and we MUST be able to chdir to it - -LDAP_HOMEDIR homeDirectory - -##NAME: LDAP_MAILROOT:0 -# -# If homeDirectory is not an absolute path, define the root of the -# relative paths in LDAP_MAILROOT -# -# LDAP_MAILROOT /var/mail - - -##NAME: LDAP_MAILDIR:0 -# -# The MAILDIR attribute is OPTIONAL, and specifies the location of the -# mail directory. If not specified, ./Maildir will be used - -LDAP_MAILDIR mailbox - -##NAME: LDAP_DEFAULTDELIVERY:0 -# -# Courier mail server only: optional attribute specifies custom mail delivery -# instructions for this account (if defined) -- essentially overrides -# DEFAULTDELIVERY from ${sysconfdir}/courierd - -LDAP_DEFAULTDELIVERY defaultDelivery - -##NAME: LDAP_MAILDIRQUOTA:0 -# -# The following variable, if defined, specifies the field containing the -# maildir quota, see README.maildirquota for more information -# -# LDAP_MAILDIRQUOTA quota - - -##NAME: LDAP_FULLNAME:0 -# -# FULLNAME is optional, specifies the user's full name - -LDAP_FULLNAME cn - -##NAME: LDAP_PW:0 -# -# CLEARPW is the clear text password. CRYPT is the crypted password. -# ONE OF THESE TWO ATTRIBUTES IS REQUIRED. If CLEARPW is provided, and -# libhmac.a is available, CRAM authentication will be possible! - -LDAP_CLEARPW clearPassword -LDAP_CRYPTPW userPassword - -##NAME: LDAP_IDS:0 -# -# Uncomment the following, and modify as appropriate, if your LDAP database -# stores individual userids and groupids. Otherwise, you must uncomment -# LDAP_GLOB_UID and LDAP_GLOB_GID above. LDAP_GLOB_UID and LDAP_GLOB_GID -# specify a uid/gid for everyone. Otherwise, LDAP_UID and LDAP_GID must -# be defined as attributes for everyone. -# -# LDAP_UID uidNumber -# LDAP_GID gidNumber - - -##NAME: LDAP_AUXOPTIONS:0 -# -# Auxiliary options. The LDAP_AUXOPTIONS setting should contain a list of -# comma-separated "ATTRIBUTE=NAME" pairs. These names are additional -# attributes that define various per-account "options", as given in -# INSTALL's description of the OPTIONS setting. -# -# Each ATTRIBUTE specifies an LDAP attribute name. If it is present, -# the attribute value gets placed in the OPTIONS variable, with the name -# NAME. For example: -# -# LDAP_AUXOPTIONS shared=sharedgroup,disableimap=disableimap -# -# Then, if an LDAP record contains the following attributes: -# -# shared: domain1 -# disableimap: 0 -# -# Then authldap will initialize OPTIONS to "sharedgroup=domain1,disableimap=0" -# -# NOTE: ** no spaces in this setting **, the above example has exactly -# one tab character after LDAP_AUXOPTIONS - - -##NAME: LDAP_ENUMERATE_FILTER:0 -# -# {EXPERIMENTAL} -# Optional custom filter used when enumerating accounts for authenumerate, -# in order to compile a list of accounts for shared folders. If present, -# this filter will be used instead of LDAP_FILTER. -# -# LDAP_ENUMERATE_FILTER (&(objectClass=CourierMailAccount)(!(disableshared=1))) - - -##NAME: LDAP_DEREF:0 -# -# Determines how aliases are handled during a search. This option is available -# only with OpenLDAP 2.0 -# -# LDAP_DEREF can be one of the following values: -# never, searching, finding, always. If not specified, aliases are -# never dereferenced. - -LDAP_DEREF never - -##NAME: LDAP_TLS:0 -# -# Set LDAP_TLS to 1 to use the Start TLS extension (RFC 2830). This is -# when the server accepts a normal LDAP connection on port 389 which -# the client then requests 'upgrading' to TLS, and is equivalent to the -# -ZZ flag to ldapsearch. If you are using an ldaps:// URI then do not -# set this option. -# -# For additional LDAP-related options, see the authdaemonrc config file. - -LDAP_TLS 0 - -##NAME: LDAP_EMAILMAP:0 -# -# The following optional settings, if enabled, result in an extra LDAP -# lookup to first locate a handle for an E-mail address, then a second lookup -# on that handle to get the actual authentication record. You'll need -# to uncomment these settings to enable an email handle lookup. -# -# The E-mail address must be of the form user@@realm, and this is plugged -# into the following search string. "@@user@@" and "@@realm@@" are placeholders -# for the user and the realm portions of the login ID. -# -# LDAP_EMAILMAP (&(userid=@@user@@)(realm=@@realm@@)) - -##NAME: LDAP_EMAILMAP_BASEDN:0 -# -# Specify the basedn for the email lookup. The default is LDAP_BASEDN. -# -# LDAP_EMAILMAP_BASEDN o=emailmap, c=com - - -##NAME: LDAP_EMAILMAP_ATTRIBUTE:0 -# -# The attribute which holds the handle. The contents of this attribute -# are then plugged into the regular authentication lookup, and you must set -# LDAP_EMAILMAP_MAIL to the name of this attribute in the authentication -# records (which may be the same as LDAP_MAIL). -# You MUST also leave LDAP_DOMAIN undefined. This enables authenticating -# by handles only. -# -# Here's an example: -# -# dn: userid=john, realm=example.com, o=emailmap, c=com # LDAP_EMAILMAP_BASEDN -# userid: john # LDAP_EMAILMAP search -# realm: example.com # LDAP_EMAILMAP search -# handle: cc223344 # LDAP_EMAILMAP_ATTRIBUTE -# -# -# dn: controlHandle=cc223344, o=example, c=com # LDAP_BASEDN -# controlHandle: cc223344 # LDAP_EMAILMAP_MAIL set to "controlHandle" -# uid: ... -# gid: ... -# [ etc... ] -# -# LDAP_EMAILMAP_ATTRIBUTE handle - -##NAME: LDAP_EMAILMAP_MAIL:0 -# -# After reading LDAP_EMAIL_ATTRIBUTE, the second query will go against -# LDAP_BASEDN, but will key against LDAP_EMAILMAP_MAIL instead of LDAP_MAIL. -# -# LDAP_EMAILMAP_MAIL mail -@ diff --git a/courier/authlib/.rcs/authmysqlrc,v b/courier/authlib/.rcs/authmysqlrc,v deleted file mode 100644 index f6c6979..0000000 --- a/courier/authlib/.rcs/authmysqlrc,v +++ /dev/null @@ -1,312 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.22.01.39; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@##VERSION: $Id: authmysqlrc,v 1.20 2007/10/07 02:50:45 mrsam Exp $ -# -# Copyright 2000-2007 Double Precision, Inc. See COPYING for -# distribution information. -# -# Do not alter lines that begin with ##, they are used when upgrading -# this configuration. -# -# authmysqlrc created from authmysqlrc.dist by sysconftool -# -# DO NOT INSTALL THIS FILE with world read permissions. This file -# might contain the MySQL admin password! -# -# Each line in this file must follow the following format: -# -# field[spaces|tabs]value -# -# That is, the name of the field, followed by spaces or tabs, followed by -# field value. Trailing spaces are prohibited. - - -##NAME: LOCATION:0 -# -# The server name, userid, and password used to log in. - -MYSQL_SERVER mysql.example.com -MYSQL_USERNAME admin -MYSQL_PASSWORD admin - -##NAME: SSLINFO:0 -# -# The SSL information. -# -# To use SSL-encrypted connections, define the following variables (available -# in MySQL 4.0, or higher): -# -# -# MYSQL_SSL_KEY /path/to/file -# MYSQL_SSL_CERT /path/to/file -# MYSQL_SSL_CACERT /path/to/file -# MYSQL_SSL_CAPATH /path/to/file -# MYSQL_SSL_CIPHERS ALL:!DES - -##NAME: MYSQL_SOCKET:0 -# -# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the -# filesystem pipe used for the connection -# -# MYSQL_SOCKET /var/mysql/mysql.sock - -##NAME: MYSQL_PORT:0 -# -# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to -# connect to. - -MYSQL_PORT 0 - -##NAME: MYSQL_OPT:0 -# -# Leave MYSQL_OPT as 0, unless you know what you're doing. - -MYSQL_OPT 0 - -##NAME: MYSQL_DATABASE:0 -# -# The name of the MySQL database we will open: - -MYSQL_DATABASE mysql - -#NAME: MYSQL_CHARACTER_SET:0 -# -# This is optional. MYSQL_CHARACTER_SET installs a character set. This option -# can be used with MySQL version 4.1 or later. MySQL supports 70+ collations -# for 30+ character sets. See MySQL documentations for more detalis. -# -# MYSQL_CHARACTER_SET latin1 - -##NAME: MYSQL_USER_TABLE:0 -# -# The name of the table containing your user data. See README.authmysqlrc -# for the required fields in this table. - -MYSQL_USER_TABLE passwd - -##NAME: MYSQL_CRYPT_PWFIELD:0 -# -# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both -# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext -# passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow -# CRAM-MD5 authentication to be implemented. - -MYSQL_CRYPT_PWFIELD crypt - -##NAME: MYSQL_CLEAR_PWFIELD:0 -# -# -# MYSQL_CLEAR_PWFIELD clear - -##NAME: MYSQL_DEFAULT_DOMAIN:0 -# -# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', -# we will look up 'user@@DEFAULT_DOMAIN' instead. -# -# -# DEFAULT_DOMAIN example.com - -##NAME: MYSQL_UID_FIELD:0 -# -# Other fields in the mysql table: -# -# MYSQL_UID_FIELD - contains the numerical userid of the account -# -MYSQL_UID_FIELD uid - -##NAME: MYSQL_GID_FIELD:0 -# -# Numerical groupid of the account - -MYSQL_GID_FIELD gid - -##NAME: MYSQL_LOGIN_FIELD:0 -# -# The login id, default is id. Basically the query is: -# -# SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid' -# - -MYSQL_LOGIN_FIELD id - -##NAME: MYSQL_HOME_FIELD:0 -# - -MYSQL_HOME_FIELD home - -##NAME: MYSQL_NAME_FIELD:0 -# -# The user's name (optional) - -MYSQL_NAME_FIELD name - -##NAME: MYSQL_MAILDIR_FIELD:0 -# -# This is an optional field, and can be used to specify an arbitrary -# location of the maildir for the account, which normally defaults to -# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD). -# -# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this -# out. -# -# MYSQL_MAILDIR_FIELD maildir - -##NAME: MYSQL_DEFAULTDELIVERY:0 -# -# Courier mail server only: optional field specifies custom mail delivery -# instructions for this account (if defined) -- essentially overrides -# DEFAULTDELIVERY from ${sysconfdir}/courierd -# -# MYSQL_DEFAULTDELIVERY defaultdelivery - -##NAME: MYSQL_QUOTA_FIELD:0 -# -# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally -# specify a maildir quota. See README.maildirquota for more information -# -# MYSQL_QUOTA_FIELD quota - -##NAME: MYSQL_AUXOPTIONS:0 -# -# Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that -# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" -# pairs. These names are additional attributes that define various per-account -# "options", as given in INSTALL's description of the "Account OPTIONS" -# setting. -# -# MYSQL_AUXOPTIONS_FIELD auxoptions -# -# You might want to try something like this, if you'd like to use a bunch -# of individual fields, instead of a single text blob: -# -# MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) -# -# This will let you define fields called "disableimap", etc, with the end result -# being something that the OPTIONS parser understands. - - -##NAME: MYSQL_WHERE_CLAUSE:0 -# -# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary -# fixed string that is appended to the WHERE clause of our query -# -# MYSQL_WHERE_CLAUSE server='mailhost.example.com' - -##NAME: MYSQL_SELECT_CLAUSE:0 -# -# (EXPERIMENTAL) -# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database, -# which is structuraly different from proposed. The fixed string will -# be used to do a SELECT operation on database, which should return fields -# in order specified bellow: -# -# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options -# -# The username field should include the domain (see example below). -# -# Enabling this option causes ignorance of any other field-related -# options, excluding default domain. -# -# There are two variables, which you can use. Substitution will be made -# for them, so you can put entered username (local part) and domain name -# in the right place of your query. These variables are: -# $(local_part), $(domain), $(service) -# -# If a $(domain) is empty (not given by the remote user) the default domain -# name is used in its place. -# -# $(service) will expand out to the service being authenticated: imap, imaps, -# pop3 or pop3s. Courier mail server only: service will also expand out to -# "courier", when searching for local mail account's location. In this case, -# if the "maildir" field is not empty it will be used in place of -# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing -# authenticated ESMTP. -# -# This example is a little bit modified adaptation of vmail-sql -# database scheme: -# -# MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@@', popbox.domain_name), \ -# CONCAT('{MD5}', popbox.password_hash), \ -# popbox.clearpw, \ -# domain.uid, \ -# domain.gid, \ -# CONCAT(domain.path, '/', popbox.mbox_name), \ -# '', \ -# domain.quota, \ -# '', \ -# CONCAT("disableimap=",disableimap,",disablepop3=", \ -# disablepop3,",disablewebmail=",disablewebmail, \ -# ",sharedgroup=",sharedgroup) \ -# FROM popbox, domain \ -# WHERE popbox.local_part = '$(local_part)' \ -# AND popbox.domain_name = '$(domain)' \ -# AND popbox.domain_name = domain.domain_name - - -##NAME: MYSQL_ENUMERATE_CLAUSE:1 -# -# {EXPERIMENTAL} -# Optional custom SQL query used to enumerate accounts for authenumerate, -# in order to compile a list of accounts for shared folders. The query -# should return the following fields: name, uid, gid, homedir, maildir, options -# -# Example: -# MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@@', popbox.domain_name), \ -# domain.uid, \ -# domain.gid, \ -# CONCAT(domain.path, '/', popbox.mbox_name), \ -# '', \ -# CONCAT('sharedgroup=', sharedgroup) \ -# FROM popbox, domain \ -# WHERE popbox.local_part = '$(local_part)' \ -# AND popbox.domain_name = '$(domain)' \ -# AND popbox.domain_name = domain.domain_name - - - -##NAME: MYSQL_CHPASS_CLAUSE:0 -# -# (EXPERIMENTAL) -# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database, -# which is structuraly different from proposed. The fixed string will -# be used to do an UPDATE operation on database. In other words, it is -# used, when changing password. -# -# There are four variables, which you can use. Substitution will be made -# for them, so you can put entered username (local part) and domain name -# in the right place of your query. There variables are: -# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) -# -# If a $(domain) is empty (not given by the remote user) the default domain -# name is used in its place. -# $(newpass) contains plain password -# $(newpass_crypt) contains its crypted form -# -# MYSQL_CHPASS_CLAUSE UPDATE popbox \ -# SET clearpw='$(newpass)', \ -# password_hash='$(newpass_crypt)' \ -# WHERE local_part='$(local_part)' \ -# AND domain_name='$(domain)' -# -@ diff --git a/courier/authlib/authdaemonrc b/courier/authlib/authdaemonrc index ec9be6b..f11ec92 100644 --- a/courier/authlib/authdaemonrc +++ b/courier/authlib/authdaemonrc @@ -22,10 +22,8 @@ # The authentication modules that are linked into authdaemond. The # default list is installed. You may selectively disable modules simply # by removing them from the following list. The available modules you -# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe +# can use are: authuserdb authpam authshadow authpgsql authldap authmysql authcustom authpipe -#authmodulelist="authmysql authldap authpam authuserdb authshadow authcustom authpipe" -#authmodulelist="authpam authuserdb authshadow authcustom authpipe" authmodulelist="authmysql authpam" ##NAME: authmodulelistorig:3 @@ -33,7 +31,7 @@ authmodulelist="authmysql authpam" # This setting is used by Courier's webadmin module, and should be left # alone -authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" +authmodulelistorig="authuserdb authpam authshadow authpgsql authldap authmysql authcustom authpipe" ##NAME: daemons:0 # diff --git a/courier/authlib/authdaemonrc.dist b/courier/authlib/authdaemonrc.dist index 63cc6b1..b1b2670 100644 --- a/courier/authlib/authdaemonrc.dist +++ b/courier/authlib/authdaemonrc.dist @@ -22,16 +22,16 @@ # The authentication modules that are linked into authdaemond. The # default list is installed. You may selectively disable modules simply # by removing them from the following list. The available modules you -# can use are: authuserdb authpam authshadow authldap authmysql authcustom authpipe +# can use are: authuserdb authpam authshadow authpgsql authldap authmysql authcustom authpipe -authmodulelist="authuserdb authpam authshadow authldap authmysql authcustom authpipe" +authmodulelist="authuserdb authpam authshadow authpgsql authldap authmysql authcustom authpipe" ##NAME: authmodulelistorig:3 # # This setting is used by Courier's webadmin module, and should be left # alone -authmodulelistorig="authuserdb authpam authshadow authldap authmysql authcustom authpipe" +authmodulelistorig="authuserdb authpam authshadow authpgsql authldap authmysql authcustom authpipe" ##NAME: daemons:0 # diff --git a/courier/authlib/authpgsqlrc b/courier/authlib/authpgsqlrc new file mode 100644 index 0000000..2e44999 --- /dev/null +++ b/courier/authlib/authpgsqlrc @@ -0,0 +1,260 @@ +##VERSION: $Id: authpgsqlrc,v 1.13 2008/12/18 12:08:25 mrsam Exp $ +# +# Copyright 2000-2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authpgsqlrc created from authpgsqlrc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the PostgreSQL admin password! +# +# Each line in this file must follow the following format: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. Trailing spaces are prohibited. + + +##NAME: LOCATION:0 +# +# The server hostname, port, userid, and password used to log in. +# +# To connect to a filesystem socket, delete PGSQL_HOST, and set PGSQL_PORT to +# the socket's last component. So, if your pg socket is /tmp/.s.PGSQL.5400 +# set PGSQL_PORT to 5400. + +PGSQL_HOST pgsql.example.com +PGSQL_PORT 5400 +PGSQL_USERNAME admin +PGSQL_PASSWORD admin + + +##NAME: PGSQL_OPT:0 +# +# PGSQL_OPT specifies the connection debug options to PQsetdbLogin(). +# Don't bother with this setting unless you know what you're doing +# +# PGSQL_OPT + +##NAME: PGSQL_DATABASE:0 +# +# The name of the PostgreSQL database we will open: + +PGSQL_DATABASE template1 + +##NAME: PGSQL_CHARACTER_SET:0 +# +# Optionally install a character set mapping. Restart authdaemond, send a test +# query using authtest and check for error messages in syslog/maillog. +# +# PGSQL_CHARACTER_SET UTF8 + +##NAME: PGSQL_USER_TABLE:0 +# +# The name of the table containing your user data. See README.authmysqlrc +# for the required fields in this table (both MySQL and Postgress use the +# same suggested layout. + +PGSQL_USER_TABLE passwd + +##NAME: PGSQL_CRYPT_PWFIELD:0 +# +# Either PGSQL_CRYPT_PWFIELD or PGSQL_CLEAR_PWFIELD must be defined. Both +# are OK too. crypted passwords go into PGSQL_CRYPT_PWFIELD, cleartext +# passwords go into PGSQL_CLEAR_PWFIELD. Cleartext passwords allow +# CRAM-MD5 authentication to be implemented. + +PGSQL_CRYPT_PWFIELD crypt + +##NAME: PGSQL_CLEAR_PWFIELD:0 +# +# +# PGSQL_CLEAR_PWFIELD clear + +##NAME: PGSQL_DEFAULT_DOMAIN:0 +# +# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', +# we will look up 'user@DEFAULT_DOMAIN' instead. +# +# +# DEFAULT_DOMAIN example.com + +##NAME: PGSQL_UID_FIELD:0 +# +# Other fields in the mysql table: +# +# PGSQL_UID_FIELD - contains the numerical userid of the account +# +PGSQL_UID_FIELD uid + +##NAME: PGSQL_GID_FIELD:0 +# +# Numerical groupid of the account + +PGSQL_GID_FIELD gid + +##NAME: PGSQL_LOGIN_FIELD:0 +# +# The login id, default is id. Basically the query is: +# +# SELECT PGSQL_UID_FIELD, PGSQL_GID_FIELD, ... WHERE id='loginid' +# + +PGSQL_LOGIN_FIELD id + +##NAME: PGSQL_HOME_FIELD:0 +# + +PGSQL_HOME_FIELD home + +##NAME: PGSQL_NAME_FIELD:0 +# +# The user's name (optional) + +PGSQL_NAME_FIELD name + +##NAME: PGSQL_MAILDIR_FIELD:0 +# +# This is an optional field, and can be used to specify an arbitrary +# location of the maildir for the account, which normally defaults to +# $HOME/Maildir (where $HOME is read from PGSQL_HOME_FIELD). +# +# You still need to provide a PGSQL_HOME_FIELD, even if you uncomment this +# out. +# +# PGSQL_MAILDIR_FIELD maildir + +##NAME: PGSQL_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional field specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd +# +# PGSQL_DEFAULTDELIVERY defaultDelivery + +##NAME: PGSQL_QUOTA_FIELD:0 +# +# Define PGSQL_QUOTA_FIELD to be the name of the field that can optionally +# specify a maildir quota. See README.maildirquota for more information +# +# PGSQL_QUOTA_FIELD quota + +##NAME: PGSQL_AUXOPTIONS:0 +# +# Auxiliary options. The PGSQL_AUXOPTIONS field should be a char field that +# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" +# pairs. These names are additional attributes that define various per-account +# "options", as given in INSTALL's description of the "Account OPTIONS" +# setting. +# +# PGSQL_AUXOPTIONS_FIELD auxoptions +# +# You might want to try something like this, if you'd like to use a bunch +# of individual fields, instead of a single text blob: +# +# PGSQL_AUXOPTIONS_FIELD 'disableimap=' || disableimap || ',disablepop3=' || disablepop3 || ',disablewebmail=' || disablewebmail || ',sharedgroup=' || sharedgroup +# +# This will let you define fields called "disableimap", etc, with the end result +# being something that the OPTIONS parser understands. + +##NAME: PGSQL_WHERE_CLAUSE:0 +# +# This is optional, PGSQL_WHERE_CLAUSE can be basically set to an arbitrary +# fixed string that is appended to the WHERE clause of our query +# +# PGSQL_WHERE_CLAUSE server='mailhost.example.com' + +##NAME: PGSQL_SELECT_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, PGSQL_SELECT_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do a SELECT operation on database, which should return fields +# in order specified bellow: +# +# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options +# +# Enabling this option causes ignorance of any other field-related +# options, excluding default domain. +# +# There are two variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. These variables are: +# $(local_part), $(domain), and $(service) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# +# $(service) will expand out to the service being authenticated: imap, imaps, +# pop3 or pop3s. Courier mail server only: service will also expand out to +# "courier", when searching for local mail account's location. In this case, +# if the "maildir" field is not empty it will be used in place of +# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing +# authenticated ESMTP. +# +# This example is a little bit modified adaptation of vmail-sql +# database scheme: +# +# PGSQL_SELECT_CLAUSE SELECT popbox.local_part, \ +# '{MD5}' || popbox.password_hash, \ +# popbox.clearpw, \ +# domain.uid, \ +# domain.gid, \ +# domain.path || '/' || popbox.mbox_name), \ +# '', \ +# domain.quota, \ +# '', \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: PGSQL_ENUMERATE_CLAUSE:1 +# +# {EXPERIMENTAL} +# Optional custom SQL query used to enumerate accounts for authenumerate, +# in order to compile a list of accounts for shared folders. The query +# should return the following fields: name, uid, gid, homedir, maildir, options +# +# Example: +# PGSQL_ENUMERATE_CLAUSE SELECT popbox.local_part || '@' || popbox.domain_name, \ +# domain.uid, \ +# domain.gid, \ +# domain.path || '/' || popbox.mbox_name, \ +# '', \ +# 'sharedgroup=' || sharedgroup \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: PGSQL_CHPASS_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, PGSQL_CHPASS_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do an UPDATE operation on database. In other words, it is +# used, when changing password. +# +# There are four variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. There variables are: +# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# $(newpass) contains plain password +# $(newpass_crypt) contains its crypted form +# +# PGSQL_CHPASS_CLAUSE UPDATE popbox \ +# SET clearpw='$(newpass)', \ +# password_hash='$(newpass_crypt)' \ +# WHERE local_part='$(local_part)' \ +# AND domain_name='$(domain)' +# diff --git a/courier/authlib/authpgsqlrc.dist b/courier/authlib/authpgsqlrc.dist new file mode 100644 index 0000000..2e44999 --- /dev/null +++ b/courier/authlib/authpgsqlrc.dist @@ -0,0 +1,260 @@ +##VERSION: $Id: authpgsqlrc,v 1.13 2008/12/18 12:08:25 mrsam Exp $ +# +# Copyright 2000-2004 Double Precision, Inc. See COPYING for +# distribution information. +# +# Do not alter lines that begin with ##, they are used when upgrading +# this configuration. +# +# authpgsqlrc created from authpgsqlrc.dist by sysconftool +# +# DO NOT INSTALL THIS FILE with world read permissions. This file +# might contain the PostgreSQL admin password! +# +# Each line in this file must follow the following format: +# +# field[spaces|tabs]value +# +# That is, the name of the field, followed by spaces or tabs, followed by +# field value. Trailing spaces are prohibited. + + +##NAME: LOCATION:0 +# +# The server hostname, port, userid, and password used to log in. +# +# To connect to a filesystem socket, delete PGSQL_HOST, and set PGSQL_PORT to +# the socket's last component. So, if your pg socket is /tmp/.s.PGSQL.5400 +# set PGSQL_PORT to 5400. + +PGSQL_HOST pgsql.example.com +PGSQL_PORT 5400 +PGSQL_USERNAME admin +PGSQL_PASSWORD admin + + +##NAME: PGSQL_OPT:0 +# +# PGSQL_OPT specifies the connection debug options to PQsetdbLogin(). +# Don't bother with this setting unless you know what you're doing +# +# PGSQL_OPT + +##NAME: PGSQL_DATABASE:0 +# +# The name of the PostgreSQL database we will open: + +PGSQL_DATABASE template1 + +##NAME: PGSQL_CHARACTER_SET:0 +# +# Optionally install a character set mapping. Restart authdaemond, send a test +# query using authtest and check for error messages in syslog/maillog. +# +# PGSQL_CHARACTER_SET UTF8 + +##NAME: PGSQL_USER_TABLE:0 +# +# The name of the table containing your user data. See README.authmysqlrc +# for the required fields in this table (both MySQL and Postgress use the +# same suggested layout. + +PGSQL_USER_TABLE passwd + +##NAME: PGSQL_CRYPT_PWFIELD:0 +# +# Either PGSQL_CRYPT_PWFIELD or PGSQL_CLEAR_PWFIELD must be defined. Both +# are OK too. crypted passwords go into PGSQL_CRYPT_PWFIELD, cleartext +# passwords go into PGSQL_CLEAR_PWFIELD. Cleartext passwords allow +# CRAM-MD5 authentication to be implemented. + +PGSQL_CRYPT_PWFIELD crypt + +##NAME: PGSQL_CLEAR_PWFIELD:0 +# +# +# PGSQL_CLEAR_PWFIELD clear + +##NAME: PGSQL_DEFAULT_DOMAIN:0 +# +# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', +# we will look up 'user@DEFAULT_DOMAIN' instead. +# +# +# DEFAULT_DOMAIN example.com + +##NAME: PGSQL_UID_FIELD:0 +# +# Other fields in the mysql table: +# +# PGSQL_UID_FIELD - contains the numerical userid of the account +# +PGSQL_UID_FIELD uid + +##NAME: PGSQL_GID_FIELD:0 +# +# Numerical groupid of the account + +PGSQL_GID_FIELD gid + +##NAME: PGSQL_LOGIN_FIELD:0 +# +# The login id, default is id. Basically the query is: +# +# SELECT PGSQL_UID_FIELD, PGSQL_GID_FIELD, ... WHERE id='loginid' +# + +PGSQL_LOGIN_FIELD id + +##NAME: PGSQL_HOME_FIELD:0 +# + +PGSQL_HOME_FIELD home + +##NAME: PGSQL_NAME_FIELD:0 +# +# The user's name (optional) + +PGSQL_NAME_FIELD name + +##NAME: PGSQL_MAILDIR_FIELD:0 +# +# This is an optional field, and can be used to specify an arbitrary +# location of the maildir for the account, which normally defaults to +# $HOME/Maildir (where $HOME is read from PGSQL_HOME_FIELD). +# +# You still need to provide a PGSQL_HOME_FIELD, even if you uncomment this +# out. +# +# PGSQL_MAILDIR_FIELD maildir + +##NAME: PGSQL_DEFAULTDELIVERY:0 +# +# Courier mail server only: optional field specifies custom mail delivery +# instructions for this account (if defined) -- essentially overrides +# DEFAULTDELIVERY from ${sysconfdir}/courierd +# +# PGSQL_DEFAULTDELIVERY defaultDelivery + +##NAME: PGSQL_QUOTA_FIELD:0 +# +# Define PGSQL_QUOTA_FIELD to be the name of the field that can optionally +# specify a maildir quota. See README.maildirquota for more information +# +# PGSQL_QUOTA_FIELD quota + +##NAME: PGSQL_AUXOPTIONS:0 +# +# Auxiliary options. The PGSQL_AUXOPTIONS field should be a char field that +# contains a single string consisting of comma-separated "ATTRIBUTE=NAME" +# pairs. These names are additional attributes that define various per-account +# "options", as given in INSTALL's description of the "Account OPTIONS" +# setting. +# +# PGSQL_AUXOPTIONS_FIELD auxoptions +# +# You might want to try something like this, if you'd like to use a bunch +# of individual fields, instead of a single text blob: +# +# PGSQL_AUXOPTIONS_FIELD 'disableimap=' || disableimap || ',disablepop3=' || disablepop3 || ',disablewebmail=' || disablewebmail || ',sharedgroup=' || sharedgroup +# +# This will let you define fields called "disableimap", etc, with the end result +# being something that the OPTIONS parser understands. + +##NAME: PGSQL_WHERE_CLAUSE:0 +# +# This is optional, PGSQL_WHERE_CLAUSE can be basically set to an arbitrary +# fixed string that is appended to the WHERE clause of our query +# +# PGSQL_WHERE_CLAUSE server='mailhost.example.com' + +##NAME: PGSQL_SELECT_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, PGSQL_SELECT_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do a SELECT operation on database, which should return fields +# in order specified bellow: +# +# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options +# +# Enabling this option causes ignorance of any other field-related +# options, excluding default domain. +# +# There are two variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. These variables are: +# $(local_part), $(domain), and $(service) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# +# $(service) will expand out to the service being authenticated: imap, imaps, +# pop3 or pop3s. Courier mail server only: service will also expand out to +# "courier", when searching for local mail account's location. In this case, +# if the "maildir" field is not empty it will be used in place of +# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing +# authenticated ESMTP. +# +# This example is a little bit modified adaptation of vmail-sql +# database scheme: +# +# PGSQL_SELECT_CLAUSE SELECT popbox.local_part, \ +# '{MD5}' || popbox.password_hash, \ +# popbox.clearpw, \ +# domain.uid, \ +# domain.gid, \ +# domain.path || '/' || popbox.mbox_name), \ +# '', \ +# domain.quota, \ +# '', \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: PGSQL_ENUMERATE_CLAUSE:1 +# +# {EXPERIMENTAL} +# Optional custom SQL query used to enumerate accounts for authenumerate, +# in order to compile a list of accounts for shared folders. The query +# should return the following fields: name, uid, gid, homedir, maildir, options +# +# Example: +# PGSQL_ENUMERATE_CLAUSE SELECT popbox.local_part || '@' || popbox.domain_name, \ +# domain.uid, \ +# domain.gid, \ +# domain.path || '/' || popbox.mbox_name, \ +# '', \ +# 'sharedgroup=' || sharedgroup \ +# FROM popbox, domain \ +# WHERE popbox.local_part = '$(local_part)' \ +# AND popbox.domain_name = '$(domain)' \ +# AND popbox.domain_name = domain.domain_name + + +##NAME: PGSQL_CHPASS_CLAUSE:0 +# +# (EXPERIMENTAL) +# This is optional, PGSQL_CHPASS_CLAUSE can be set when you have a database, +# which is structuraly different from proposed. The fixed string will +# be used to do an UPDATE operation on database. In other words, it is +# used, when changing password. +# +# There are four variables, which you can use. Substitution will be made +# for them, so you can put entered username (local part) and domain name +# in the right place of your query. There variables are: +# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) +# +# If a $(domain) is empty (not given by the remote user) the default domain +# name is used in its place. +# $(newpass) contains plain password +# $(newpass_crypt) contains its crypted form +# +# PGSQL_CHPASS_CLAUSE UPDATE popbox \ +# SET clearpw='$(newpass)', \ +# password_hash='$(newpass_crypt)' \ +# WHERE local_part='$(local_part)' \ +# AND domain_name='$(domain)' +# diff --git a/cron.daily/.rcs/logrotate,v b/cron.daily/.rcs/logrotate,v deleted file mode 100755 index 3aa4d30..0000000 --- a/cron.daily/.rcs/logrotate,v +++ /dev/null @@ -1,33 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.12.02.12.05.17; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@#!/bin/sh - -#test -x /usr/sbin/logrotate || exit 0 -#/usr/sbin/logrotate /etc/logrotate.conf - -if [ -x /usr/scripts/logrotate.pl ] ; then - /usr/scripts/logrotate.pl >> /var/log/logrotate.log -fi - -@ diff --git a/cron.daily/logrotate b/cron.daily/logrotate old mode 100755 new mode 100644 index f8f2da5..12820bb --- a/cron.daily/logrotate +++ b/cron.daily/logrotate @@ -1,9 +1,9 @@ -#!/bin/sh +#!/bin/bash #test -x /usr/sbin/logrotate || exit 0 #/usr/sbin/logrotate /etc/logrotate.conf if [ -x /usr/scripts/logrotate.pl ] ; then - /usr/scripts/logrotate.pl >> /var/log/logrotate.log + /usr/scripts/logrotate.pl >> /var/log/logrotate.log fi diff --git a/cron.daily/run_reoback.sh b/cron.daily/run_reoback.sh old mode 100755 new mode 100644 diff --git a/csh.env b/csh.env index 6c0e16d..69ce3fc 100644 --- a/csh.env +++ b/csh.env @@ -10,15 +10,14 @@ setenv GDK_USE_XFT '1' setenv GSETTINGS_BACKEND 'gconf' setenv GUILE_LOAD_PATH '/usr/share/guile/1.8' setenv HG '/usr/bin/hg' -setenv INFOPATH '/usr/share/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/info:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info' +setenv INFOPATH '/usr/share/info:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/info' setenv LESS '-R -M --shift 5' setenv LESSOPEN '|lesspipe %s' -setenv MANPATH '/usr/local/share/man:/usr/share/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/man:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man:/etc/java-config/system-vm/man/:/usr/lib64/php5.3/man/:/opt/cuda/man' +setenv MANPATH '/usr/local/share/man:/usr/share/man:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/man:/etc/java-config/system-vm/man/:/usr/lib64/php5.3/man/:/usr/share/postgresql/man/:/usr/share/postgresql-9.1/man/' setenv PAGER '/usr/bin/less' -setenv PATH '/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin:/opt/cuda/bin' -setenv PYTHONDOCS '/usr/share/doc/python-docs-2.7.1/html/library' +setenv PATH '/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin' setenv PYTHONDOCS_2_7 '/usr/share/doc/python-docs-2.7.2/html/library' setenv PYTHONDOCS_3_2 '/usr/share/doc/python-docs-3.2.2/html/library' -setenv ROOTPATH '/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin:/opt/cuda/bin' +setenv ROOTPATH '/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin' setenv XDG_CONFIG_DIRS '/etc/xdg' setenv XDG_DATA_DIRS '/usr/local/share:/usr/share' diff --git a/cups/cupsd.conf b/cups/cupsd.conf index 4b078f5..59d0a80 100644 --- a/cups/cupsd.conf +++ b/cups/cupsd.conf @@ -1,5 +1,5 @@ # -# "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $" +# "$Id: cupsd.conf.in 9407 2010-12-09 21:24:51Z mike $" # # Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a # complete description of this file. @@ -18,7 +18,8 @@ Listen localhost:631 Listen /var/run/cups/cups.sock # Show shared printers on the local network. -Browsing On +# We switch this off by default in Gentoo, to avoid an unnecessary open port. +Browsing Off BrowseOrder allow,deny BrowseAllow all BrowseLocalProtocols CUPS @@ -26,6 +27,9 @@ BrowseLocalProtocols CUPS # Default authentication type, when authentication is required... DefaultAuthType Basic +# Web interface setting... +WebInterface Yes + # Restrict access to the server... Order allow,deny @@ -45,12 +49,18 @@ DefaultAuthType Basic # Set the default printer/job policies... + # Job/subscription privacy... + JobPrivateAccess default + JobPrivateValues default + SubscriptionPrivateAccess default + SubscriptionPrivateValues default + # Job-related operations must be done by the owner or an administrator... Order deny,allow - + Require user @OWNER @SYSTEM Order deny,allow @@ -63,7 +73,7 @@ DefaultAuthType Basic # All printer operations require a printer operator to authenticate... - + AuthType Default Require user @SYSTEM Order deny,allow @@ -82,13 +92,19 @@ DefaultAuthType Basic # Set the authenticated printer/job policies... + # Job/subscription privacy... + JobPrivateAccess default + JobPrivateValues default + SubscriptionPrivateAccess default + SubscriptionPrivateValues default + # Job-related operations must be done by the owner or an administrator... AuthType Default Order deny,allow - + AuthType Default Require user @OWNER @SYSTEM Order deny,allow @@ -102,7 +118,7 @@ DefaultAuthType Basic # All printer operations require a printer operator to authenticate... - + AuthType Default Require user @SYSTEM Order deny,allow @@ -121,5 +137,5 @@ DefaultAuthType Basic # -# End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". +# End of "$Id: cupsd.conf.in 9407 2010-12-09 21:24:51Z mike $". # diff --git a/cups/cupsd.conf.default b/cups/cupsd.conf.default index 4b078f5..59d0a80 100644 --- a/cups/cupsd.conf.default +++ b/cups/cupsd.conf.default @@ -1,5 +1,5 @@ # -# "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $" +# "$Id: cupsd.conf.in 9407 2010-12-09 21:24:51Z mike $" # # Sample configuration file for the CUPS scheduler. See "man cupsd.conf" for a # complete description of this file. @@ -18,7 +18,8 @@ Listen localhost:631 Listen /var/run/cups/cups.sock # Show shared printers on the local network. -Browsing On +# We switch this off by default in Gentoo, to avoid an unnecessary open port. +Browsing Off BrowseOrder allow,deny BrowseAllow all BrowseLocalProtocols CUPS @@ -26,6 +27,9 @@ BrowseLocalProtocols CUPS # Default authentication type, when authentication is required... DefaultAuthType Basic +# Web interface setting... +WebInterface Yes + # Restrict access to the server... Order allow,deny @@ -45,12 +49,18 @@ DefaultAuthType Basic # Set the default printer/job policies... + # Job/subscription privacy... + JobPrivateAccess default + JobPrivateValues default + SubscriptionPrivateAccess default + SubscriptionPrivateValues default + # Job-related operations must be done by the owner or an administrator... Order deny,allow - + Require user @OWNER @SYSTEM Order deny,allow @@ -63,7 +73,7 @@ DefaultAuthType Basic # All printer operations require a printer operator to authenticate... - + AuthType Default Require user @SYSTEM Order deny,allow @@ -82,13 +92,19 @@ DefaultAuthType Basic # Set the authenticated printer/job policies... + # Job/subscription privacy... + JobPrivateAccess default + JobPrivateValues default + SubscriptionPrivateAccess default + SubscriptionPrivateValues default + # Job-related operations must be done by the owner or an administrator... AuthType Default Order deny,allow - + AuthType Default Require user @OWNER @SYSTEM Order deny,allow @@ -102,7 +118,7 @@ DefaultAuthType Basic # All printer operations require a printer operator to authenticate... - + AuthType Default Require user @SYSTEM Order deny,allow @@ -121,5 +137,5 @@ DefaultAuthType Basic # -# End of "$Id: cupsd.conf.in 9310 2010-09-21 22:34:57Z mike $". +# End of "$Id: cupsd.conf.in 9407 2010-12-09 21:24:51Z mike $". # diff --git a/cups/snmp.conf b/cups/snmp.conf index cf954df..5539d50 100644 --- a/cups/snmp.conf +++ b/cups/snmp.conf @@ -1,5 +1,5 @@ # -# "$Id$" +# "$Id: snmp.conf.in 9045 2010-03-24 07:48:42Z mike $" # # Sample SNMP configuration file for CUPS. See "man cups-snmp.conf" for a # complete description of this file. @@ -9,5 +9,5 @@ Address @LOCAL Community public # -# End of "$Id$". +# End of "$Id: snmp.conf.in 9045 2010-03-24 07:48:42Z mike $". # diff --git a/dispatch-conf.conf b/dispatch-conf.conf index 097b1fd..86b2b7c 100644 --- a/dispatch-conf.conf +++ b/dispatch-conf.conf @@ -15,16 +15,13 @@ archive-dir=${EPREFIX}/etc/config-archive # the permissions of the directory containing the files (see # archive-dir above). # (yes or no) -use-rcs=yes +use-rcs=no # Diff for display # %s old file # %s new file # If using colordiff instead of diff, the less -R option may be required # for correct display. -#diff="diff -Nu '%s' '%s' | less --no-init --QUIT-AT-EOF" -#diff="diff -Nu '%s' '%s' | colordiff | less -r --no-init --QUIT-AT-EOF" -#diff="diff -Nu '%s' '%s'" diff="diff -Nu '%s' '%s' | colordiff" # Set the pager for use with diff commands (this will diff --git a/env.d/00basic b/env.d/00basic index 8e2d1bd..64e3882 100644 --- a/env.d/00basic +++ b/env.d/00basic @@ -3,7 +3,7 @@ PATH="/opt/bin" ROOTPATH="/opt/bin" -LDPATH="/usr/local/lib" MANPATH="/usr/local/share/man:/usr/share/man" INFOPATH="/usr/share/info" CONFIG_PROTECT_MASK="/etc/gentoo-release" +LDPATH='/lib64:/usr/lib64:/usr/local/lib64:/lib32:/usr/lib32:/usr/local/lib32:/lib:/usr/lib:/usr/local/lib' diff --git a/env.d/04gcc-x86_64-pc-linux-gnu b/env.d/04gcc-x86_64-pc-linux-gnu new file mode 100644 index 0000000..a74e5f7 --- /dev/null +++ b/env.d/04gcc-x86_64-pc-linux-gnu @@ -0,0 +1,5 @@ +PATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3" +ROOTPATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3" +GCC_SPECS="" +MANPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man" +INFOPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info" diff --git a/env.d/04multilib b/env.d/04multilib deleted file mode 100644 index 169df42..0000000 --- a/env.d/04multilib +++ /dev/null @@ -1 +0,0 @@ -LDPATH="/lib64:/usr/lib64:/usr/local/lib64:/lib32:/usr/lib32:/usr/local/lib32:/lib:/usr/lib:/usr/local/lib" diff --git a/env.d/05gcc-x86_64-pc-linux-gnu b/env.d/05gcc-x86_64-pc-linux-gnu deleted file mode 100644 index a74e5f7..0000000 --- a/env.d/05gcc-x86_64-pc-linux-gnu +++ /dev/null @@ -1,5 +0,0 @@ -PATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3" -ROOTPATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3" -GCC_SPECS="" -MANPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man" -INFOPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info" diff --git a/env.d/50postgresql b/env.d/50postgresql new file mode 100644 index 0000000..259200c --- /dev/null +++ b/env.d/50postgresql @@ -0,0 +1,4 @@ +# Configuration file for eselect +# This file has been automatically generated. +LDPATH="/usr/lib/postgresql:/usr/lib64/postgresql:/usr/lib64/postgresql-9.1/lib64/" +MANPATH="/usr/share/postgresql/man/:/usr/share/postgresql-9.1/man/" diff --git a/env.d/65python-docs b/env.d/65python-docs deleted file mode 100644 index 86a7a54..0000000 --- a/env.d/65python-docs +++ /dev/null @@ -1 +0,0 @@ -PYTHONDOCS="/usr/share/doc/python-docs-2.7.1/html/library" diff --git a/env.d/99cuda b/env.d/99cuda deleted file mode 100644 index 6118d4a..0000000 --- a/env.d/99cuda +++ /dev/null @@ -1,4 +0,0 @@ -PATH=/opt/cuda/bin -ROOTPATH=/opt/cuda/bin -LDPATH=/opt/cuda/lib64 -MANPATH=/opt/cuda/man diff --git a/env.d/gcc/x86_64-pc-linux-gnu-4.4.6 b/env.d/gcc/x86_64-pc-linux-gnu-4.4.6 deleted file mode 100644 index bb55497..0000000 --- a/env.d/gcc/x86_64-pc-linux-gnu-4.4.6 +++ /dev/null @@ -1,7 +0,0 @@ -PATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.4.6" -ROOTPATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.4.6" -GCC_PATH="/usr/x86_64-pc-linux-gnu/gcc-bin/4.4.6" -LDPATH="/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.6:/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.6/32" -MANPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.4.6/man" -INFOPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/4.4.6/info" -STDCXX_INCDIR="g++-v4" diff --git a/eselect/boost/active b/eselect/boost/active index 12dff27..313b2f3 120000 --- a/eselect/boost/active +++ b/eselect/boost/active @@ -1 +1 @@ -//usr/share/boost-eselect/profiles/1.46/default \ No newline at end of file +//usr/share/boost-eselect/profiles/1.48/default \ No newline at end of file diff --git a/eselect/postgresql/active b/eselect/postgresql/active new file mode 100644 index 0000000..28a2186 --- /dev/null +++ b/eselect/postgresql/active @@ -0,0 +1 @@ +9.1 diff --git a/eselect/postgresql/active.links b/eselect/postgresql/active.links new file mode 100644 index 0000000..69b254b --- /dev/null +++ b/eselect/postgresql/active.links @@ -0,0 +1,42 @@ +/usr/include/postgresql +/usr/include/libpq-fe.h +/usr/include/pg_config_manual.h +/usr/include/libpq +/usr/include/postgres_ext.h +/usr/lib64/postgresql +/usr/lib64/libpq.a +/usr/lib64/libpq.so.5 +/usr/lib64/libpgtypes.so.3 +/usr/lib64/libecpg.a +/usr/lib64/libpgport.a +/usr/lib64/libecpg_compat.so.3.3 +/usr/lib64/libpgtypes.so +/usr/lib64/libecpg.so +/usr/lib64/libecpg_compat.so +/usr/lib64/libecpg.so.6.3 +/usr/lib64/libpgtypes.a +/usr/lib64/libpq.so +/usr/lib64/libecpg_compat.a +/usr/lib64/libpgtypes.so.3.2 +/usr/lib64/libecpg.so.6 +/usr/lib64/libpq.so.5.4 +/usr/lib64/libecpg_compat.so.3 +/usr/bin/dropdb +/usr/bin/pg_restore +/usr/bin/pg_config +/usr/bin/pg_dump +/usr/bin/psql +/usr/bin/dropuser +/usr/bin/pg_dumpall +/usr/bin/ecpg +/usr/bin/droplang +/usr/bin/oid2name +/usr/bin/vacuumlo +/usr/bin/reindexdb +/usr/bin/createuser +/usr/bin/createlang +/usr/bin/clusterdb +/usr/bin/vacuumdb +/usr/bin/createdb +/usr/bin/pgbench +/usr/share/postgresql diff --git a/eselect/postgresql/active.links91 b/eselect/postgresql/active.links91 new file mode 100644 index 0000000..5428d3f --- /dev/null +++ b/eselect/postgresql/active.links91 @@ -0,0 +1,18 @@ +/usr/bin/dropdb91 +/usr/bin/pg_restore91 +/usr/bin/pg_config91 +/usr/bin/pg_dump91 +/usr/bin/psql91 +/usr/bin/dropuser91 +/usr/bin/pg_dumpall91 +/usr/bin/ecpg91 +/usr/bin/droplang91 +/usr/bin/oid2name91 +/usr/bin/vacuumlo91 +/usr/bin/reindexdb91 +/usr/bin/createuser91 +/usr/bin/createlang91 +/usr/bin/clusterdb91 +/usr/bin/vacuumdb91 +/usr/bin/createdb91 +/usr/bin/pgbench91 diff --git a/eselect/postgresql/slots/9.1/base b/eselect/postgresql/slots/9.1/base new file mode 100644 index 0000000..bb3cb40 --- /dev/null +++ b/eselect/postgresql/slots/9.1/base @@ -0,0 +1 @@ +postgres_ebuilds="${postgres_ebuilds} postgresql-base-9.1.4" diff --git a/eselect/postgresql/slots/9.1/docs b/eselect/postgresql/slots/9.1/docs new file mode 100644 index 0000000..348f602 --- /dev/null +++ b/eselect/postgresql/slots/9.1/docs @@ -0,0 +1 @@ +postgres_ebuilds="${postgres_ebuilds} postgresql-docs-9.1.4" diff --git a/fstab b/fstab index ee8d4e0..7e6f235 100644 --- a/fstab +++ b/fstab @@ -1,7 +1,7 @@ # /etc/fstab: static file system information. # # noatime turns off atimes for increased performance (atimes normally aren't -# needed; notail increases performance of ReiserFS (at the expense of storage +# needed); notail increases performance of ReiserFS (at the expense of storage # efficiency). It's safe to drop the noatime options if you want and to # switch between notail / tail freely. # @@ -11,22 +11,17 @@ # See the manpage fstab(5) for more information. # -# +# # NOTE: If your BOOT partition is ReiserFS, add the notail option to opts. -/dev/md2 /boot ext3 noauto,noatime 0 0 -/dev/md3 / ext3 noatime,acl,user_xattr 0 1 +/dev/md0 /boot ext3 noauto,noatime 0 0 +/dev/md2 / ext3 noatime,acl,user_xattr 0 1 -/dev/md4 none swap sw 0 0 +/dev/sda2 none swap defaults 0 0 +/dev/sdb2 none swap defaults 0 0 /dev/vg0/tmp /tmp ext4 noatime 0 0 -/dev/vg0/usr /usr ext4 acl,user_xattr 0 0 -/dev/vg0/var /var ext4 acl,user_xattr 0 0 -/dev/vg0/opt /opt ext4 acl,user_xattr 0 0 - -#/dev/vg0/home /home ext4 quota,grpquota,acl,user_xattr 0 0 -#/dev/vg0/home /home ext4 acl,user_xattr 0 0 -/dev/vg0/home /home ext4 acl,user_xattr,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 0 0 +/dev/vg0/home /home ext4 acl,user_xattr 0 0 /dev/vg0/var_tmp /var/tmp ext4 noatime 0 0 /dev/vg0/www /var/www ext4 acl,user_xattr 0 0 @@ -35,8 +30,7 @@ /dev/vg0/portage /usr/portage ext4 noatime 0 0 /dev/vg0/distfiles /usr/portage/distfiles ext4 noatime 0 0 -#/dev/vg0/sarah /var/sarah reiserfs ro,acl,user_xattr 0 0 - +/dev/md1 /ubuntu ext3 ro,noatime,acl,user_xattr 0 0 /dev/cdrom /mnt/cdrom auto noauto,ro 0 0 #/dev/fd0 /mnt/floppy auto noauto 0 0 @@ -46,3 +40,4 @@ # (tmpfs is a dynamically expandable/shrinkable ramdisk, and will # use almost no memory if not populated with files) shm /dev/shm tmpfs nodev,nosuid,noexec 0 0 + diff --git a/genkernel.conf b/genkernel.conf new file mode 100644 index 0000000..0d2f364 --- /dev/null +++ b/genkernel.conf @@ -0,0 +1,327 @@ +# Configuration file for genkernel +# $Id: b39a952ab3df9371a15786986e417f187396a39c $ + +# This file is sourced by genkernel at startup and determines which options +# we will be using to compile our kernel. The order of precidence is simple, +# with the internal settings being least important, configuration file +# settings next, and command line options being most important. + +# =========Common Command Line Option Defaults========= + +# Should we install to $BOOTDIR? Default is "no" because genkernel is used in +# catalyst and stage building. +#INSTALL="yes" + +# Run 'make oldconfig' before compiling this kernel? +OLDCONFIG="yes" + +# Run 'make menuconfig' before compiling this kernel? +MENUCONFIG="no" + +# Run 'make clean' before compilation? +# If set to NO, implies MRPROPER WILL NOT be run +# Also, if clean is NO, it won't copy over any configuration +# file, it will use what's there. +CLEAN="yes" + +# Run 'make mrproper' before configuration/compilation? +MRPROPER="yes" + +# Override the arch detection? +#ARCH_OVERRIDE="x86" + +# Mount BOOTDIR automatically if it isn't mounted? +MOUNTBOOT="yes" + +# Make symlinks in BOOTDIR automatically? +#SYMLINK="no" + +# Save the new configuration in /etc/kernels upon +# successfull compilation +SAVE_CONFIG="yes" + +# Use Color output in Genkernel? +USECOLOR="yes" + +# Clear build cache dir +#CLEAR_CACHE_DIR="yes" + +# Clear all tmp files and caches after genkernel has run +#POSTCLEAR="1" + +# Genkernel uses an independent configuration for MAKEOPTS, and does not source +# /etc/make.conf . You can override the default setting by uncommenting and +# tweaking the following line. Default setting is set up by +# ${GK_SHARE}/${ARCH_OVERRIDE}/config.sh . The recommended value for -j +# argument is: *+1 +#MAKEOPTS="-j2" + +# Add in LVM support from static binaries if they exist on the system, or +# compile static LVM binaries if static ones do not exist. +#LVM="no" + +# Add in Luks support. Needs sys-fs/cryptsetup with -dynamic installed. +#LUKS="no" + +# Add in GnuPG support +#GPG="no" + +# Add DMRAID support. +#DMRAID="no" + +# Include (or suppresses the inclusion of) busybox in the initrd or initramfs. +# If included, busybox is rebuilt if the cached copy is out of date. +#BUSYBOX="yes" + +# Includes mdadm/mdmon binaries in initramfs. +# Without sys-fs/mdadm[static] installed, this will build a static mdadm. +#MDADM="no" + +# Specify a custom mdadm.conf. +# By default the ramdisk will be built *without* an mdadm.conf and will auto-detect +# arrays during bootup. Usually, this should not be needed. +#MDADM_CONFIG="/etc/mdadm.conf" + +# Add Multipath support. +#MULTIPATH="no" + +# Add iSCSI support. +#ISCSI="no" + +# Include support for unionfs +#UNIONFS="1" + +# Enable copying of firmware into initramfs +#FIRMWARE="no" +# Specify directory to pull from +#FIRMWARE_DIR="/lib/firmware" +# Specify specific firmware files to include. This overrides FIRMWARE_DIR +#FIRMWARE_FILES="" + +# Enable disklabel support (copies blkid to initrd) +DISKLABEL="yes" + +# Add new kernel to grub? +#BOOTLOADER="grub" + +# Enable splashutils in early space (initrd). Default is "no". +#SPLASH="yes" + +# Use this splash theme. If commented out - the "default" name theme is used. +# Also, SPLASH="yes" needs to be enabled for this one to one work. +# This supersedes the "SPLASH_THEME" option of /etc/conf.d/splash (in early space). +#SPLASH_THEME="gentoo" + + +# =========Keymap Settings========= +# +# Force keymap selection at boot +#DOKEYMAPAUTO="yes" + + +# Disables keymap selection support +#KEYMAP="0" + + +# =========Low Level Compile Settings========= +# +# GNU Make to use for kernel. See also the --kernel-make command line option. +#KERNEL_MAKE="make" + +# Compiler to use for the kernel (e.g. distcc). See also the --kernel-cc +# command line option. +#KERNEL_CC="gcc" + +# Assembler to use for the kernel. See also the --kernel-as command line +# option. +#KERNEL_AS="as" + +# Linker to use for the kernel. See also the --kernel-ld command line option. +#KERNEL_LD="ld" + +# GNU Make to use for the utilities. See also the --utils-make command line +# option. +#UTILS_MAKE="make" + +# Compiler to use for the utilities (e.g. distcc). See also the --utils-cc +# command line option. +#UTILS_CC="gcc" + +# Assembler to use for the utilities. See also the --utils-as command line +# option. +#UTILS_AS="as" + +# Linker to use for the utilities. See also the --utils-ld command line +# option. +#UTILS_LD="ld" + + +# Common prefix of cros compile commands +#UTILS_CROSS_COMPILE="x86_64-pc-linux-gnu" + + +# Value of CROSS_COMPILE utils variable +# during kernel compilation +#KERNEL_CROSS_COMPILE="x86_64-pc-linux-gnu" + + +# =========GENKERNEL LOCATION CONFIGURATION============ +# Variables: +# %%ARCH%% - Final determined architecture +# %%CACHE%% - Final determined cache location + +# Set genkernel's temporary work directory. Default is /var/tmp/genkernel +#TMPDIR="/var/tmp/genkernel" + +# Set the boot directory, default is /boot +#BOOTDIR="/boot" + +# Default share directory location +GK_SHARE="${GK_SHARE:-/usr/share/genkernel}" + +# Location of the default cache +CACHE_DIR="/var/cache/genkernel" +# Location of DISTDIR, where our source tarballs are stored +DISTDIR="${CACHE_DIR}/src" +# Log output file +LOGFILE="/var/log/genkernel.log" +# Debug Level +LOGLEVEL=1 + +# =========COMPILED UTILS CONFIGURATION============ +# +# Default location of kernel source +DEFAULT_KERNEL_SOURCE="/usr/src/linux" +# Default kernel config (only use to override using +# arch/%%ARCH%%/kernel-config-${VER}.${PAT} !) +#DEFAULT_KERNEL_CONFIG="${GK_SHARE}/arch/%%ARCH%%/kernel-config" + +# Specifies a user created busybox config +#BUSYBOX_CONFIG="/path/to/file" + +BUSYBOX_VER="1.20.1" +BUSYBOX_SRCTAR="${DISTDIR}/busybox-${BUSYBOX_VER}.tar.bz2" +BUSYBOX_DIR="busybox-${BUSYBOX_VER}" +BUSYBOX_BINCACHE="%%CACHE%%/busybox-${BUSYBOX_VER}-%%ARCH%%.tar.bz2" +#BUSYBOX_APPLETS="[ ash sh mount uname echo cut cat" + +DEVICE_MAPPER_VER="1.02.22" +DEVICE_MAPPER_DIR="device-mapper.${DEVICE_MAPPER_VER}" +DEVICE_MAPPER_SRCTAR="${DISTDIR}/device-mapper.${DEVICE_MAPPER_VER}.tgz" +DEVICE_MAPPER_BINCACHE="%%CACHE%%/device-mapper-${DEVICE_MAPPER_VER}-%%ARCH%%.tar.bz2" + +LVM_VER="2.02.88" +LVM_DIR="LVM2.${LVM_VER}" +LVM_SRCTAR="${DISTDIR}/LVM2.${LVM_VER}.tgz" +LVM_BINCACHE="%%CACHE%%/LVM2.${LVM_VER}-%%ARCH%%.tar.bz2" + +MDADM_VER="3.1.5" +MDADM_DIR="mdadm-${MDADM_VER}" +MDADM_SRCTAR="${DISTDIR}/mdadm-${MDADM_VER}.tar.bz2" +MDADM_BINCACHE="%%CACHE%%/mdadm-${MDADM_VER}-%%ARCH%%.tar.bz2" + +DMRAID_VER="1.0.0.rc14" +DMRAID_DIR="dmraid/${DMRAID_VER}" +DMRAID_SRCTAR="${DISTDIR}/dmraid-${DMRAID_VER}.tar.bz2" +DMRAID_BINCACHE="%%CACHE%%/dmraid-${DMRAID_VER}-%%ARCH%%.tar.bz2" + +ISCSI_VER="2.0-872" +ISCSI_DIR="open-iscsi-${ISCSI_VER}" +ISCSI_SRCTAR="${DISTDIR}/open-iscsi-${ISCSI_VER}.tar.gz" +ISCSI_BINCACHE="%%CACHE%%/iscsi-${ISCSI_VER}-%%ARCH%%.bz2" + +E2FSPROGS_VER="1.42" +E2FSPROGS_DIR="e2fsprogs-${E2FSPROGS_VER}" +E2FSPROGS_SRCTAR="${DISTDIR}/e2fsprogs-${E2FSPROGS_VER}.tar.gz" +BLKID_BINCACHE="%%CACHE%%/blkid-${E2FSPROGS_VER}-%%ARCH%%.bz2" + +FUSE_VER="2.8.6" +FUSE_DIR="fuse-${FUSE_VER}" +FUSE_SRCTAR="${DISTDIR}/fuse-${FUSE_VER}.tar.gz" +FUSE_BINCACHE="%%CACHE%%/fuse-${FUSE_VER}-%%ARCH%%.tar.bz2" + +UNIONFS_FUSE_VER="0.24" +UNIONFS_FUSE_DIR="unionfs-fuse-${UNIONFS_FUSE_VER}" +UNIONFS_FUSE_SRCTAR="${DISTDIR}/unionfs-fuse-${UNIONFS_FUSE_VER}.tar.bz2" +UNIONFS_FUSE_BINCACHE="%%CACHE%%/unionfs-fuse-${UNIONFS_FUSE_VER}-%%ARCH%%.bz2" + +GPG_VER="1.4.11" +GPG_DIR="gnupg-${GPG_VER}" +GPG_SRCTAR="${DISTDIR}/gnupg-${GPG_VER}.tar.bz2" +GPG_BINCACHE="%%CACHE%%/gnupg-${GPG_VER}-%%ARCH%%.bz2" + + +# =========MISC KERNEL CONFIGURATION============ +# +# Tag the kernel and ramdisk with a name: +# If not defined the option defaults to +# 'genkernel' +#KNAME="genkernel" + + +# This option is only valid if kerncache is +# defined. If there is a valid kerncache no checks +# will be made against a kernel source tree +#KERNEL_SOURCES="0" + + +# Build a static (monolithic kernel) +#BUILD_STATIC="1" + + +# Make and install kernelz image (PowerPC) +#GENZIMAGE="1" + + +# File to output a .tar.bz2'd kernel contents +# of /lib/modules/ and the kernel config +# NOTE: This is created before the callbacks +# are run! +#KERNCACHE="/path/to/file" + + +# Prefix to kernel module destination, modules +# will be installed in /lib/modules +# (.conf equivalent of --module-prefix=) +#INSTALL_MOD_PATH="" + + +# =========MISC INITRD CONFIGURATION============ +# +# Copy all kernel modules to the ramdisk +#ALLRAMDISKMODULES="1" + + +# Don't copy any modules to the ramdisk +#RAMDISKMODULES="0" + + +# File to output a .tar.bz2'd kernel and ramdisk: +# No modules outside of the ramdisk will be +# included... +#MINKERNPACKAGE="/path/to/file.bz2" + + +# File to output a .tar.bz2'd modules after the +# callbacks have run +#MODULESPACKAGE="/path/to/file.bz2" + + +# Directory structure to include in the initramfs, +# only available on >=2.6 kernels +#INITRAMFS_OVERLAY="" + + +# Build the generated initramfs into the kernel instead of +# keeping it as a separate file +#INTEGRATED_INITRAMFS="1" + + +# Create a self-contained env in the initramfs +#NETBOOT="1" + + +# =========MISC BOOT CONFIGURATION============ +# +# Specify a default for real_root= +#REAL_ROOT="/dev/one/two/gentoo" diff --git a/gentoo-release b/gentoo-release index 12f72c1..0c77c69 100644 --- a/gentoo-release +++ b/gentoo-release @@ -1 +1 @@ -Gentoo Base System release 2.0.3 +Gentoo Base System release 2.1 diff --git a/group b/group index 3c794b2..25e19ab 100644 --- a/group +++ b/group @@ -35,30 +35,30 @@ postgrey:x:101: polw:x:102: teamspeak3:x:103: nagios:x:104:frank -wireshark:x:105: +crontab:x:105: lpadmin:x:106: -messagebus:x:110: rpc:x:111: locate:x:122:frank,taurec,morph,patrick,vivi ntp:x:123: tcpdump:x:196: ulogd:x:197: -crontab:x:198: -ssmtp:x:199: nofiles:x:200: postfix:x:207: postdrop:x:208: smmsp:x:209:smmsp +git-commiters:x:222:frank,taurec,morph,portage +messagebus:x:247: +ssmtp:x:248: +postmaster:x:249: portage:x:250:portage,frank,taurec utmp:x:406: ldap:x:439: +git:x:996: +openvpn:x:997: clamav:x:998: -amavis:x:999: +amavis:x:999:clamav +minecraft:x:1002: proftpd:x:1008: vmail:x:1023: nogroup:x:65533: nobody:x:65534: -minecraft:x:1002: -git-commiters:x:222:frank,taurec,morph,portage -openvpn:x:997: -git:x:996: diff --git a/gshadow b/gshadow index b4cb9fd..671e019 100644 --- a/gshadow +++ b/gshadow @@ -1,64 +1,43 @@ -root:::root,frank +root:::root bin:::root,bin,daemon daemon:::root,bin,daemon sys:::root,bin,adm adm:::root,adm,daemon -tty:::frank,taurec +tty::: disk:::root,adm -lp:::lp,frank,taurec +lp:::lp mem::: kmem::: -wheel:::root,frank,taurec,morph +wheel:::root floppy:::root -mail:::mail,postfix news:::news uucp:::uucp -man:::man -cron:x::frank,taurec,morph,patrick,vivi,minecraft -console:::frank,taurec -audio:::frank,taurec +console::: +audio::: cdrom::: -dialout:::root -ftp:x:: -sshd:x:: -at:x:: tape:::root -video:::root,frank,taurec -games:x:: -named:x:: -mysql:x:: +video:::root cdrw::: -apache:x:: usb::: -users:::games,taurec -postgrey:x:: -polw:x:: -teamspeak3:x:: -nagios:x::frank -wireshark:x:: -lpadmin:x:: -messagebus:x:: -rpc:x:: -locate:x::frank,taurec,morph,patrick,vivi -ntp:x:: -tcpdump:x:: -ulogd:x:: -crontab:x:: -ssmtp:x:: -nofiles:x:: -postfix:x:: -postdrop:x:: -smmsp:x::smmsp -portage:::portage,frank,taurec +users::: +portage:::portage utmp:x:: -ldap:x:: -clamav:x:: -amavis:x:: -proftpd:x:: -vmail:x:: nogroup::: nobody::: -minecraft:!:: -git-commiters:!:: -openvpn:!:: -git:!:: +man:x:: +sshd:!:: +mail:!::postfix +postmaster:!:: +ssmtp:!:: +messagebus:!:: +lpadmin:!:: +mysql:!:: +ldap:!:: +apache:!:: +postfix:!:: +postdrop:!:: +cron:!:: +crontab:!:: +ntp:!:: +named:!:: +at:!:: diff --git a/gssapi_mech.conf b/gssapi_mech.conf new file mode 100644 index 0000000..1437edb --- /dev/null +++ b/gssapi_mech.conf @@ -0,0 +1,21 @@ +# Example /etc/gssapi_mech.conf file +# +# GSSAPI Mechanism Definitions +# +# This configuration file determines which GSS-API mechanisms +# the gssd code should use +# +# NOTE: +# The initiaiization function "mechglue_internal_krb5_init" +# is used for the MIT krb5 gssapi mechanism. This special +# function name indicates that an internal function should +# be used to determine the entry points for the MIT gssapi +# mechanism funtions. +# +# library initialization function +# ================================ ========================== +# The MIT K5 gssapi library, use special function for initialization. +/usr/lib/libgssapi_krb5.so mechglue_internal_krb5_init +# +# The SPKM3 gssapi library function. Use the function spkm3_gss_initialize. +# /usr/local/gss_mechs/spkm/spkm3/libgssapi_spkm3.so spkm3_gss_initialize diff --git a/gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules b/gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules index 2f39c23..fd93295 100644 --- a/gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules +++ b/gtk-2.0/x86_64-pc-linux-gnu/gtk.immodules @@ -1,6 +1,6 @@ # GTK+ Input Method Modules file # Automatically generated file, do not edit -# Created by gtk-query-immodules-2.0 from gtk+-2.24.8 +# Created by gtk-query-immodules-2.0 from gtk+-2.24.10 # # ModulesPath = /root/.gtk-2.0/2.10.0/x86_64-pc-linux-gnu/immodules:/root/.gtk-2.0/2.10.0/immodules:/root/.gtk-2.0/x86_64-pc-linux-gnu/immodules:/root/.gtk-2.0/immodules:/usr/lib64/gtk-2.0/2.10.0/x86_64-pc-linux-gnu/immodules:/usr/lib64/gtk-2.0/2.10.0/immodules:/usr/lib64/gtk-2.0/x86_64-pc-linux-gnu/immodules:/usr/lib64/gtk-2.0/immodules # @@ -10,30 +10,30 @@ "/usr/lib64/gtk-2.0/2.10.0/immodules/im-inuktitut.so" "inuktitut" "Inuktitut (Transliterated)" "gtk20" "/usr/share/locale" "iu" -"/usr/lib64/gtk-2.0/2.10.0/immodules/im-cyrillic-translit.so" -"cyrillic_translit" "Cyrillic (Transliterated)" "gtk20" "/usr/share/locale" "" +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-thai.so" +"thai" "Thai-Lao" "gtk20" "/usr/share/locale" "lo:th" -"/usr/lib64/gtk-2.0/2.10.0/immodules/im-am-et.so" -"am_et" "Amharic (EZ+)" "gtk20" "/usr/share/locale" "am" +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-cedilla.so" +"cedilla" "Cedilla" "gtk20" "/usr/share/locale" "az:ca:co:fr:gv:oc:pt:sq:tr:wa" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-ti-er.so" +"ti_er" "Tigrigna-Eritrean (EZ+)" "gtk20" "/usr/share/locale" "ti" + +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-ti-et.so" +"ti_et" "Tigrigna-Ethiopian (EZ+)" "gtk20" "/usr/share/locale" "ti" "/usr/lib64/gtk-2.0/2.10.0/immodules/im-viqr.so" "viqr" "Vietnamese (VIQR)" "gtk20" "/usr/share/locale" "vi" -"/usr/lib64/gtk-2.0/2.10.0/immodules/im-xim.so" -"xim" "X Input Method" "gtk20" "/usr/share/locale" "ko:ja:th:zh" - "/usr/lib64/gtk-2.0/2.10.0/immodules/im-multipress.so" "multipress" "Multipress" "gtk20" "" "" -"/usr/lib64/gtk-2.0/2.10.0/immodules/im-cedilla.so" -"cedilla" "Cedilla" "gtk20" "/usr/share/locale" "az:ca:co:fr:gv:oc:pt:sq:tr:wa" - -"/usr/lib64/gtk-2.0/2.10.0/immodules/im-thai.so" -"thai" "Thai-Lao" "gtk20" "/usr/share/locale" "lo:th" +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-cyrillic-translit.so" +"cyrillic_translit" "Cyrillic (Transliterated)" "gtk20" "/usr/share/locale" "" -"/usr/lib64/gtk-2.0/2.10.0/immodules/im-ti-et.so" -"ti_et" "Tigrigna-Ethiopian (EZ+)" "gtk20" "/usr/share/locale" "ti" +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-xim.so" +"xim" "X Input Method" "gtk20" "/usr/share/locale" "ko:ja:th:zh" -"/usr/lib64/gtk-2.0/2.10.0/immodules/im-ti-er.so" -"ti_er" "Tigrigna-Eritrean (EZ+)" "gtk20" "/usr/share/locale" "ti" +"/usr/lib64/gtk-2.0/2.10.0/immodules/im-am-et.so" +"am_et" "Amharic (EZ+)" "gtk20" "/usr/share/locale" "am" diff --git a/hosts b/hosts index 8d00ba7..43d0c67 100644 --- a/hosts +++ b/hosts @@ -9,24 +9,12 @@ # IPv4 and IPv6 localhost aliases 127.0.0.1 localhost +::1 localhost -::1 localhost ip6-localhost ip6-loopback +85.214.134.152 helga.brehm-online.com helga h1763652.stratoserver.net h1763652 +2a01:238:4225:6e00:8f8c:808a:7fb8:88df helga.brehm-online.com helga h1763652.stratoserver.net h1763652 -85.214.134.152 helga.brehm-online.com helga h1763652.stratoserver.net h1763652 -fe00::0 ip6-localnet -ff00::0 ip6-mcastprefix -ff02::1 ip6-allnodes -ff02::2 ip6-allrouters -ff02::3 ip6-allhosts - -192.166.201.59 gw.berlin.strato.de -192.166.192.168 gw-rz.berlin.strato.de -192.166.201.222 sarkomand-201-222-strato-full.cronon.net - -2001:6f8:1c00:365::2 home.brehm-online.com - -10.20.0.6 debian-1 debian-1.acwain.com -10.20.0.10 debian-2 debian-2.acwain.com +2001:6f8:1c00:365::2 home.brehm-online.com # # Imaginary network. diff --git a/init.d/.rcs/books-prod-fcgi,v b/init.d/.rcs/books-prod-fcgi,v deleted file mode 100755 index 90cf0f6..0000000 --- a/init.d/.rcs/books-prod-fcgi,v +++ /dev/null @@ -1,78 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.06.07.20.20.05; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@#!/sbin/runscript -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6,v 1.27 2009/08/12 08:09:52 idl0r Exp $ - -depend() { - use logger dns - need net -} - -DAEMON_USER="frank" -DAEMON_GROUP="users" -PID_DIR="/var/run/frank" - -# Pid file to use (needs to be absolute path). -DAEMON_PIDFILE="${PID_DIR}/books-prod.pid" - -# Working directory (needs to be absolute path). -DAEMON_DIR="/var/www/books" - -# Path to the binary (needs to be absolute path). -DAEMON_BINARY="${DAEMON_DIR}/script/frbr_books_fastcgi.pl" - -# Path to the socket for Apache mod_fastcgi -DAEMON_SOCKET="/tmp/frbr_books_app.sock" - -# Count of daemon processes -DAEMON_COUNT=2 - -start() { - - if [ ! -d "${PID_DIR}" ] ; then - mkdir -p "${PID_DIR}" - fi - chown "${DAEMON_USER}":"${DAEMON_GROUP}" "${PID_DIR}" - - local myopts="-l ${DAEMON_SOCKET} -n ${DAEMON_COUNT} -d -p ${DAEMON_PIDFILE}" - - ebegin "Starting ${SVCNAME}" -# start-stop-daemon --start --exec "${DAEMON_BINARY}" \ -# --chuid "${DAEMON_USER}":${DAEMON_GROUP} \ -# --pidfile "${DAEMON_PIDFILE}" \ -# -- ${myopts} - su - "${DAEMON_USER}" -c "cd ${DAEMON_DIR} && ${DAEMON_BINARY} ${myopts}" - eend $? -} - -stop() { - ebegin "Stopping ${SVCNAME}" - start-stop-daemon --stop --exec "${DAEMON_BINARY}" \ - --pidfile "${DAEMON_PIDFILE}" --quiet - eend $? -} - -@ diff --git a/init.d/amavisd b/init.d/amavisd index f1ced77..ce3a447 100755 --- a/init.d/amavisd +++ b/init.d/amavisd @@ -1,13 +1,13 @@ #!/sbin/runscript -# Copyright 1999-2010 Gentoo Foundation +# Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-filter/amavisd-new/files/amavisd.initd,v 1.2 2010/12/07 10:34:32 eras Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-filter/amavisd-new/files/amavisd.initd,v 1.4 2012/01/10 13:46:47 eras Exp $ -opts="${opts} reload debug debug_sa" +extra_started_commands="reload" +extra_commands="debug debug_sa" prog="/usr/sbin/amavisd" progname="amavisd-new" -conffile="/etc/amavisd.conf" depend() { need net @@ -15,23 +15,8 @@ depend() { before mta } -checkconfig() { - local piddir pidfile - if [ -r "${conffile}" ] ; then - pidfile=$(grep -m1 ^[^#].*pid_file "${conffile}"|sed -e 's/.*"\(.*\)".*/\1/') - piddir=${pidfile%/*} - if [ ! -d "${piddir:-/var/amavis}" ] ; then - checkpath -q -d -o root:amavis -m 0770 "${piddir}" || return 1 - fi - else - eerror "Missing conf file." - return 1 - fi -} - start() { ebegin "Starting ${progname}" - checkconfig || return 1 "${prog}" start eend $? } @@ -58,14 +43,12 @@ restart() { debug() { ebegin "Starting ${progname} in debug mode" - checkconfig || return 1 "${prog}" debug eend $? } debug_sa() { ebegin "Starting ${progname} in debug-sa mode" - checkconfig || return 1 "${prog}" debug-sa eend $? } diff --git a/init.d/auditd b/init.d/auditd index 862a6be..6ac218d 100755 --- a/init.d/auditd +++ b/init.d/auditd @@ -1,22 +1,46 @@ #!/sbin/runscript -# Copyright 1999-2005 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-init.d-1.2.3,v 1.1 2006/06/22 07:41:46 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-process/audit/files/auditd-init.d-2.1.3,v 1.1 2011/09/11 02:58:55 robbat2 Exp $ + +extra_started_commands='reload reload_auditd reload_rules' +description='Linux Auditing System' +description_reload='Reload daemon configuration and rules' +description_reload_rules='Reload daemon rules' +description_reload_auditd='Reload daemon configuration' + +name='auditd' +pidfile='/var/run/auditd.pid' +command='/sbin/auditd' start_auditd() { - ebegin "Starting auditd" + # Env handling taken from the upstream init script + if [ -z "$AUDITD_LANG" -o "$AUDITD_LANG" = "none" -o "$AUDITD_LANG" = "NONE" ]; then + unset LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE + else + LANG="$AUDITD_LANG" + LC_TIME="$AUDITD_LANG" + LC_ALL="$AUDITD_LANG" + LC_MESSAGES="$AUDITD_LANG" + LC_NUMERIC="$AUDITD_LANG" + LC_MONETARY="$AUDITD_LANG" + LC_COLLATE="$AUDITD_LANG" + export LANG LC_TIME LC_ALL LC_MESSAGES LC_NUMERIC LC_MONETARY LC_COLLATE + fi + unset HOME MAIL USER USERNAME + + ebegin "Starting ${name}" start-stop-daemon \ - --start --quiet --pidfile /var/run/auditd.pid \ - --exec /sbin/auditd -- ${EXTRAOPTIONS} + --start --quiet --pidfile ${pidfile} \ + --exec ${command} -- ${EXTRAOPTIONS} local ret=$? eend $ret return $ret } stop_auditd() { - ebegin "Stopping auditd" - start-stop-daemon \ - --stop --quiet --pidfile /var/run/auditd.pid + ebegin "Stopping ${name}" + start-stop-daemon --stop --quiet --pidfile ${pidfile} local ret=$? eend $ret return $ret @@ -37,17 +61,32 @@ loadfile() { start() { start_auditd local ret=$? - if [ $ret -eq 0 ]; then + if [ $ret -eq 0 -a "${RC_CMD}" != "restart" ]; then + touch /var/lock/subsys/${name} loadfile "${RULEFILE_STARTUP}" fi return $ret } +reload_rules() { + loadfile "${RULEFILE_STARTUP}" +} + +reload_auditd() { + [ -f ${pidfile} ] && kill -HUP `cat ${pidfile}` +} + +reload() { + reload_auditd + reload_rules +} + stop() { - loadfile "${RULEFILE_STOP_PRE}" + [ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_PRE}" stop_auditd + rm -f /var/lock/subsys/${name} local ret=$? - loadfile "${RULEFILE_STOP_POST}" + [ "${RC_CMD}" != "restart" ] && loadfile "${RULEFILE_STOP_POST}" return $ret } diff --git a/init.d/clamd b/init.d/clamd index 62fd053..a1a55c2 100755 --- a/init.d/clamd +++ b/init.d/clamd @@ -1,9 +1,9 @@ #!/sbin/runscript -# Copyright 1999-2005 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-antivirus/clamav/files/clamd.rc,v 1.17 2009/06/21 09:46:12 dertobi123 Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-antivirus/clamav/files/clamd.rc,v 1.18 2011/12/04 11:51:46 swegener Exp $ -opts="logfix" +extra_commands="logfix" depend() { use net diff --git a/init.d/ip6tables b/init.d/ip6tables index 16b53ef..5c9cbb7 100755 --- a/init.d/ip6tables +++ b/init.d/ip6tables @@ -1,9 +1,10 @@ #!/sbin/runscript # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.4.11.init,v 1.1 2011/06/16 12:53:26 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.4.11.init,v 1.2 2011/12/04 10:15:59 swegener Exp $ -opts="save reload panic" +extra_commands="save panic" +extra_started_commands="reload" iptables_name=${SVCNAME} if [ "${iptables_name}" != "iptables" -a "${iptables_name}" != "ip6tables" ] ; then diff --git a/init.d/iptables b/init.d/iptables index 16b53ef..5c9cbb7 100755 --- a/init.d/iptables +++ b/init.d/iptables @@ -1,9 +1,10 @@ #!/sbin/runscript # Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.4.11.init,v 1.1 2011/06/16 12:53:26 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/files/iptables-1.4.11.init,v 1.2 2011/12/04 10:15:59 swegener Exp $ -opts="save reload panic" +extra_commands="save panic" +extra_started_commands="reload" iptables_name=${SVCNAME} if [ "${iptables_name}" != "iptables" -a "${iptables_name}" != "ip6tables" ] ; then diff --git a/init.d/nagios b/init.d/nagios index 83b9332..955cb87 100755 --- a/init.d/nagios +++ b/init.d/nagios @@ -1,9 +1,18 @@ #!/sbin/runscript -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-core/files/nagios3,v 1.1 2008/04/27 18:41:25 dertobi123 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-core/files/nagios3,v 1.2 2011/12/30 15:34:02 polynomial-c Exp $ -opts="${opts} reload checkconfig" +extra_commands="checkconfig" +extra_started_commands="reload" + +nagios_config="/etc/nagios/nagios.cfg" +nagios_cmdfile="/var/nagios/rw/nagios.cmd" + +command="/usr/sbin/nagios" +command_args="-d ${nagios_config}" +pidfile="/var/nagios/nagios.lock" +start_stop_daemon_args="-e HOME=/var/nagios/home" depend() { need net @@ -15,43 +24,30 @@ reload() { checkconfig || return 1 ebegin "Reloading configuration" - killall -HUP nagios &>/dev/null + start-stop-daemon --signal HUP --pidfile ${pidfile} eend $? } checkconfig() { + ebegin "Verifiyng config files" + # Silent Check - /usr/sbin/nagios -v /etc/nagios/nagios.cfg &>/dev/null && return 0 + /usr/sbin/nagios -v ${nagios_config} &>/dev/null && return 0 # Now we know there's problem - run again and display errors - /usr/sbin/nagios -v /etc/nagios/nagios.cfg + /usr/sbin/nagios -v ${nagios_config} eend $? "Configuration Error. Please fix your configfile" } -start() { +start_pre() { checkconfig || return 1 - ebegin "Starting nagios" + touch /var/nagios/nagios.log /var/nagios/status.sav chown nagios:nagios /var/nagios/nagios.log /var/nagios/status.sav - rm -f /var/nagios/rw/nagios.cmd - start-stop-daemon --quiet --start --startas /usr/sbin/nagios \ - -e HOME="/var/nagios/home" --pidfile /var/nagios/nagios.lock \ - -- -d /etc/nagios/nagios.cfg - eend $? + rm -f ${nagios_cmdfile} } -stop() { - ebegin "Stopping nagios" - start-stop-daemon --quiet --stop --pidfile /var/nagios/nagios.lock - rm -f /var/nagios/status.log /var/nagios/nagios.tmp /var/nagios/nagios.lock /var/nagios/rw/nagios.cmd - eend $? +stop_post() { + rm -f /var/nagios/status.log /var/nagios/nagios.tmp ${pidfile} \ + ${nagios_cmdfile} } - -svc_restart() { - checkconfig || return 1 - ebegin "Restarting nagios" - svc_stop - svc_start - eend $? -} - diff --git a/init.d/ndo2db b/init.d/ndo2db index 3dea06b..ad5ae36 100755 --- a/init.d/ndo2db +++ b/init.d/ndo2db @@ -1,9 +1,7 @@ #!/sbin/runscript -# Copyright 1999-2007 Gentoo Foundation +# Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ndoutils/files/ndo2db.init,v 1.1 2007/07/01 08:29:56 dertobi123 Exp $ - -MY_NAGIOS_MAIN_VERSION=3 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ndoutils/files/ndo2db.init-nagios3,v 1.3 2010/10/30 14:15:50 dertobi123 Exp $ depends() { before nagios @@ -12,14 +10,16 @@ depends() { start() { ebegin "Starting ndo2db" - start-stop-daemon --start --quiet --exec /usr/sbin/ndo2db-${MY_NAGIOS_MAIN_VERSION}x \ + if [ -S /var/nagios/ndo.sock ] ; then + rm -f /var/nagios/ndo.sock + fi + start-stop-daemon --start --quiet --exec /usr/bin/ndo2db \ -- -c /etc/nagios/ndo2db.cfg eend $? } stop() { ebegin "Stopping ndo2db" - start-stop-daemon --stop --quiet --exec /usr/sbin/ndo2db-${MY_NAGIOS_MAIN_VERSION}x + start-stop-daemon --stop --quiet --exec /usr/bin/ndo2db eend $? } - diff --git a/init.d/nrpe b/init.d/nrpe index d83171e..8032a30 100755 --- a/init.d/nrpe +++ b/init.d/nrpe @@ -1,36 +1,22 @@ #!/sbin/runscript -opts="${opts} reload" +extra_started_commands="reload" + +command="/usr/bin/nrpe" +command_args="-c /etc/nagios/nrpe.cfg --daemon" +pidfile="${pidfile:-/var/run/nrpe/nrpe.pid}" +start_stop_daemon_args="--user nagios --group nagios" depend() { need net } -start() { - ebegin "Starting nrpe" - start-stop-daemon --start --quiet --name nrpe \ - --startas /usr/bin/nrpe \ - -c nagios:nagios \ - -- -c /etc/nagios/nrpe.cfg \ - --daemon - eend $? "Failed to Start nrpe" -} - -stop() { - ebegin "Stopping nrpe" - start-stop-daemon --stop --quiet -n nrpe - eend $? "Failed to Stop nrpe" +start_pre() { + checkpath -d -m 0750 -o nagios:nagios /var/run/nrpe } reload() { ebegin "Reloading nrpe" - kill -HUP `pgrep nrpe | head -1` + kill -HUP $(head -n1 ${pidfile}) eend $? "Failed to reload nrpe" } - -restart() { - ebegin "Restarting nrpe" - svc_stop - svc_start - eend $? "Failed to Restart nrpe" -} diff --git a/init.d/nscd b/init.d/nscd index 70fb3ea..e613715 100755 --- a/init.d/nscd +++ b/init.d/nscd @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo/src/patchsets/glibc/extra/etc/nscd,v 1.3 2009/09/18 12:29:46 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo/src/patchsets/glibc/extra/etc/nscd,v 1.5 2011/08/29 05:21:40 vapier Exp $ depend() { use dns ldap net slapd @@ -9,17 +9,17 @@ depend() { checkconfig() { if [ ! -d /var/run/nscd ] ; then - mkdir -p /var/run/nscd - chmod 755 /var/run/nscd + checkpath -d -m 755 /var/run/nscd fi if [ -z "${NSCD_PERMS_OK}" ] && [ "$(stat -c %a /var/run/nscd)" != "755" ] ; then - echo "" ewarn "nscd run dir is not world readable, you should reset the perms:" ewarn "chmod 755 /var/run/nscd" ewarn "chmod a+rw /var/run/nscd/socket" - echo "" ewarn "To disable this warning, set 'NSCD_PERMS_OK' in /etc/conf.d/nscd" - echo "" + fi + + if grep -qs '^[[:space:]]*persistent\>' /etc/nscd.conf ; then + checkpath -d -m 700 /var/db/nscd fi } @@ -27,6 +27,7 @@ start() { checkconfig ebegin "Starting Name Service Cache Daemon" + local secure=`while read curline ; do table=${curline%:*} entries=${curline##$table:} @@ -44,8 +45,10 @@ start() { ;; esac done < /etc/nsswitch.conf` - local pidfile=/var/run/nscd/nscd.pid - mkdir -p "$(dirname ${pidfile})" + + local pidfile="/var/run/nscd/nscd.pid" + mkdir -p "${pidfile%/*}" + start-stop-daemon --start --quiet \ --exec /usr/sbin/nscd --pidfile ${pidfile} \ -- $secure @@ -53,7 +56,7 @@ start() { } stop() { - local pidfile=/var/run/nscd/nscd.pid + local pidfile="/var/run/nscd/nscd.pid" ebegin "Shutting down Name Service Cache Daemon" start-stop-daemon --stop --quiet \ --exec /usr/sbin/nscd --pidfile ${pidfile} diff --git a/init.d/portmap b/init.d/portmap deleted file mode 100755 index bbffd6c..0000000 --- a/init.d/portmap +++ /dev/null @@ -1,59 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-nds/portmap/files/portmap.rc6,v 1.13 2009/05/30 20:50:39 vapier Exp $ - -depend() { - use net - before inetd - before xinetd -} - -checkconfig() { - if [ -e /proc/config.gz ] ; then - if zcat /proc/config.gz | grep -s SUNRPC_REGISTER_V4=y ; then - eerror "portmap does not work with SUNRPC_REGISTER_V4=y;" - eerror "disable it or use the net-nds/rpcbind package." - return 1 - fi - fi - return 0 -} - -start() { - checkconfig || return 1 - - ebegin "Starting portmap" - start-stop-daemon --start --quiet --exec /sbin/portmap -- ${PORTMAP_OPTS} - local ret=$? - eend ${ret} - # without, if a service depending on portmap is started too fast, - # connecting to portmap will fail -- azarah - sleep 1 - return ${ret} -} - -stop() { - ebegin "Stopping portmap" - start-stop-daemon --stop --quiet --exec /sbin/portmap - eend $? -} - -restart() { - # Dump the portmapper's table before stopping - ebegin "Saving portmap table" - local pmap=$(pmap_dump) - eend $? - - # Stop and restart portmapper - svc_stop - sleep 1 - svc_start - - # Reload the portmapper's table - if [ -n "${pmap}" ] ; then - ebegin "Reloading portmap table" - echo "${pmap}" | pmap_set - eend $? - fi -} diff --git a/init.d/postfix b/init.d/postfix index 8fad5d9..b62bb7f 100755 --- a/init.d/postfix +++ b/init.d/postfix @@ -19,7 +19,7 @@ fi extra_started_commands="reload" depend() { - use logger dns ypbind amavisd mysql antivirus postfix_greylist net saslauthd + use logger dns ypbind amavisd mysql postgresql antivirus postfix_greylist net saslauthd if [ "${SVCNAME}" = "postfix" ]; then provide mta fi diff --git a/init.d/quota b/init.d/quota deleted file mode 100755 index 9fd2d90..0000000 --- a/init.d/quota +++ /dev/null @@ -1,38 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2011 Gentoo Foundation -# Distributed under the terms of the GNU General Public License, v2 -# $Header: /var/cvsroot/gentoo-x86/sys-fs/quota/files/quota.rc7,v 1.1 2011/03/03 07:26:27 jlec Exp $ - -extra_started_commands="check" -description_check="Running quotacheck with quota being offline" - -depend() { - need localmount - use portmap -} - -start() { - if [[ ${RUN_QUOTACHECK} == "yes" ]] ; then - ebegin "Checking quotas (may take a while)" - quotacheck ${QUOTACHECK_OPTS} - eend $? - fi - - ebegin "Starting quota" - quotaon ${QUOTAON_OPTS} - eend $? -} - -stop() { - ebegin "Stopping quota" - quotaoff ${QUOTAOFF_OPTS} - eend $? -} - -check() { - ebegin "Checking quota" - quotaoff ${QUOTAOFF_OPTS} && \ - quotacheck ${QUOTACHECK_OPTS} && \ - quotaon ${QUOTAON_OPTS} - eend $? -} diff --git a/init.d/rpc.rquotad b/init.d/rpc.rquotad deleted file mode 100755 index f657fc4..0000000 --- a/init.d/rpc.rquotad +++ /dev/null @@ -1,26 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-fs/quota/files/rpc.rquotad.initd,v 1.1 2007/03/25 12:09:39 vapier Exp $ - -[ -e /etc/conf.d/nfs ] && source /etc/conf.d/nfs - -rpc_bin=/usr/sbin/rpc.rquotad - -depend() { - use ypbind net - need portmap - after quota -} - -start() { - ebegin "Starting rpc.rquotad" - ${rpc_bin} ${OPTS_RPC_RQUOTAD} - eend $? -} - -stop() { - ebegin "Stopping rpc.rquotad" - start-stop-daemon --stop --quiet --exec ${rpc_bin} - eend $? -} diff --git a/init.d/samba b/init.d/samba index a1a2fae..7e6d2a8 100755 --- a/init.d/samba +++ b/init.d/samba @@ -1,9 +1,9 @@ #!/sbin/runscript -# Copyright 1999-2010 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License, v2 or later -# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/samba.initd,v 1.2 2010/12/20 20:35:07 vostorga Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-fs/samba/files/3.5/samba.initd,v 1.4 2011/09/14 22:52:33 polynomial-c Exp $ -opts="reload" +extra_started_commands="reload" depend() { after slapd diff --git a/init.d/slapd b/init.d/slapd index 592e228..78a32b7 100755 --- a/init.d/slapd +++ b/init.d/slapd @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/files/slapd-initd-2.4.28-r1,v 1.2 2012/02/12 21:35:04 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-nds/openldap/files/slapd-initd-2.4.28-r1,v 1.4 2012/05/27 07:22:43 robbat2 Exp $ extra_commands="checkconfig" @@ -14,6 +14,7 @@ depend() { } start() { + checkpath -q -d /var/run/openldap/ -o ldap:ldap if ! checkconfig -Q ; then eerror "There is a problem with your slapd.conf!" return 1 diff --git a/init.d/snmpd b/init.d/snmpd index d8419ea..110c24a 100755 --- a/init.d/snmpd +++ b/init.d/snmpd @@ -1,9 +1,9 @@ #!/sbin/runscript -# Copyright 1999-2009 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmpd.init,v 1.1 2009/10/16 08:51:05 gengor Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/files/snmpd.init,v 1.2 2011/12/04 10:17:16 swegener Exp $ -opts="${opts} reload" +extra_started_commands="reload" depend() { use logger diff --git a/init.d/spamd b/init.d/spamd index caea84f..d0708a4 100755 --- a/init.d/spamd +++ b/init.d/spamd @@ -1,19 +1,20 @@ #!/sbin/runscript -# Copyright 1999-2008 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamassassin/files/3.3.1-spamd.init,v 1.2 2010/04/07 04:13:24 darkside Exp $ +# $Header: /var/cvsroot/gentoo-x86/mail-filter/spamassassin/files/3.3.1-spamd.init,v 1.4 2011/09/14 23:00:38 polynomial-c Exp $ # NB: Config is in /etc/conf.d/spamd # Provide a default location if they haven't in /etc/conf.d/spamd PIDFILE=${PIDFILE:-/var/run/spamd.pid} -opts="reload" +extra_started_commands="reload" depend() { need net before mta use logger + use postgresql use mysql } diff --git a/init.d/sysstat b/init.d/sysstat index 885782a..7875fcd 100755 --- a/init.d/sysstat +++ b/init.d/sysstat @@ -1,7 +1,7 @@ #!/sbin/runscript -# Copyright 1999-2011 Gentoo Foundation +# Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/sysstat/files/sysstat.init.d,v 1.3 2011/05/18 02:21:33 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/sysstat/files/sysstat.init.d,v 1.4 2012/05/14 20:01:19 jer Exp $ depend() { use hostname @@ -9,7 +9,7 @@ depend() { start() { ebegin "Writing a dummy startup record using sadc (see sadc(8))..." - /usr/lib/sa/sadc -F -L - + /usr/lib/sa/sa1 --boot eend $? } diff --git a/init.d/teamspeak3-server b/init.d/teamspeak3-server index 4f83085..6708494 100755 --- a/init.d/teamspeak3-server +++ b/init.d/teamspeak3-server @@ -1,7 +1,7 @@ #!/sbin/runscript -# Copyright 1999-2010 Gentoo Foundation +# Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/media-sound/teamspeak-server-bin/files/teamspeak3-server.rc,v 1.4 2010/09/11 16:01:50 trapni Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-sound/teamspeak-server-bin/files/teamspeak3-server.rc,v 1.5 2012/05/10 20:14:34 trapni Exp $ depend() { need net @@ -19,7 +19,7 @@ start() { start-stop-daemon --start --quiet --background \ --pidfile "/var/run/teamspeak3-server/server.pid" --make-pidfile \ - --chuid "teamspeak3" --chdir "/opt/teamspeak3-server" \ + --user "teamspeak3" --chdir "/opt/teamspeak3-server" \ --exec "/usr/sbin/ts3server" -- \ inifile="/etc/teamspeak3-server/server.conf" diff --git a/inittab b/inittab index c5c8398..3d50dac 100644 --- a/inittab +++ b/inittab @@ -36,7 +36,7 @@ su0:S:wait:/sbin/rc single su1:S:wait:/sbin/sulogin # TERMINALS -c1:12345:respawn:/sbin/agetty 38400 tty1 linux +c1:12345:respawn:/sbin/agetty --noclear 38400 tty1 linux c2:2345:respawn:/sbin/agetty 38400 tty2 linux c3:2345:respawn:/sbin/agetty 38400 tty3 linux c4:2345:respawn:/sbin/agetty 38400 tty4 linux @@ -44,8 +44,8 @@ c5:2345:respawn:/sbin/agetty 38400 tty5 linux c6:2345:respawn:/sbin/agetty 38400 tty6 linux # SERIAL CONSOLES -#s0:12345:respawn:/sbin/agetty 9600 ttyS0 vt100 -#s1:12345:respawn:/sbin/agetty 9600 ttyS1 vt100 +#s0:12345:respawn:/sbin/agetty 115200 ttyS0 vt100 +#s1:12345:respawn:/sbin/agetty 115200 ttyS1 vt100 s0:12345:respawn:/sbin/agetty -L ttyS0 57600 vt100 # What to do at the "Three Finger Salute". diff --git a/iproute2/group b/iproute2/group new file mode 100644 index 0000000..6f000b2 --- /dev/null +++ b/iproute2/group @@ -0,0 +1,2 @@ +# device group names +0 default diff --git a/kernel-config/config-3.3.8-gentoo-00 b/kernel-config/config-3.3.8-gentoo-00 new file mode 100644 index 0000000..2f4f313 --- /dev/null +++ b/kernel-config/config-3.3.8-gentoo-00 @@ -0,0 +1,2952 @@ +# +# Automatically generated file; DO NOT EDIT. +# Linux/x86_64 3.3.8-gentoo Kernel Configuration +# +CONFIG_64BIT=y +# CONFIG_X86_32 is not set +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_GENERIC_CMOS_UPDATE=y +CONFIG_CLOCKSOURCE_WATCHDOG=y +CONFIG_GENERIC_CLOCKEVENTS=y +CONFIG_ARCH_CLOCKSOURCE_DATA=y +CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y +CONFIG_MMU=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +# CONFIG_RWSEM_GENERIC_SPINLOCK is not set +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_ARCH_HAS_CPU_IDLE_WAIT=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_GENERIC_TIME_VSYSCALL=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_DEFAULT_IDLE=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ZONE_DMA32=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y +CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" +# CONFIG_KTIME_SCALAR is not set +CONFIG_ARCH_CPU_PROBE_RELEASE=y +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" +CONFIG_HAVE_IRQ_WORK=y +CONFIG_IRQ_WORK=y + +# +# General setup +# +CONFIG_EXPERIMENTAL=y +CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" +CONFIG_LOCALVERSION="" +# CONFIG_LOCALVERSION_AUTO is not set +CONFIG_HAVE_KERNEL_GZIP=y +CONFIG_HAVE_KERNEL_BZIP2=y +CONFIG_HAVE_KERNEL_LZMA=y +CONFIG_HAVE_KERNEL_XZ=y +CONFIG_HAVE_KERNEL_LZO=y +CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_BZIP2 is not set +# CONFIG_KERNEL_LZMA is not set +# CONFIG_KERNEL_XZ is not set +# CONFIG_KERNEL_LZO is not set +CONFIG_DEFAULT_HOSTNAME="helga" +CONFIG_SWAP=y +CONFIG_SYSVIPC=y +CONFIG_SYSVIPC_SYSCTL=y +CONFIG_POSIX_MQUEUE=y +CONFIG_POSIX_MQUEUE_SYSCTL=y +CONFIG_BSD_PROCESS_ACCT=y +CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_FHANDLE=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_TASK_IO_ACCOUNTING=y +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y +# CONFIG_AUDIT_LOGINUID_IMMUTABLE is not set +CONFIG_HAVE_GENERIC_HARDIRQS=y + +# +# IRQ subsystem +# +CONFIG_GENERIC_HARDIRQS=y +CONFIG_HAVE_SPARSE_IRQ=y +CONFIG_GENERIC_IRQ_PROBE=y +CONFIG_GENERIC_IRQ_SHOW=y +CONFIG_GENERIC_PENDING_IRQ=y +CONFIG_IRQ_FORCED_THREADING=y +CONFIG_SPARSE_IRQ=y + +# +# RCU Subsystem +# +CONFIG_TREE_RCU=y +# CONFIG_PREEMPT_RCU is not set +# CONFIG_RCU_TRACE is not set +CONFIG_RCU_FANOUT=64 +# CONFIG_RCU_FANOUT_EXACT is not set +# CONFIG_RCU_FAST_NO_HZ is not set +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_IKCONFIG=m +CONFIG_IKCONFIG_PROC=y +CONFIG_LOG_BUF_SHIFT=21 +CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y +CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_FREEZER=y +# CONFIG_CGROUP_DEVICE is not set +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_RESOURCE_COUNTERS=y +# CONFIG_CGROUP_MEM_RES_CTLR is not set +# CONFIG_CGROUP_PERF is not set +CONFIG_CGROUP_SCHED=y +CONFIG_FAIR_GROUP_SCHED=y +CONFIG_CFS_BANDWIDTH=y +# CONFIG_RT_GROUP_SCHED is not set +CONFIG_BLK_CGROUP=m +# CONFIG_DEBUG_BLK_CGROUP is not set +# CONFIG_CHECKPOINT_RESTORE is not set +CONFIG_NAMESPACES=y +CONFIG_UTS_NS=y +CONFIG_IPC_NS=y +CONFIG_USER_NS=y +CONFIG_PID_NS=y +CONFIG_NET_NS=y +# CONFIG_SCHED_AUTOGROUP is not set +# CONFIG_SYSFS_DEPRECATED is not set +CONFIG_RELAY=y +CONFIG_BLK_DEV_INITRD=y +CONFIG_INITRAMFS_SOURCE="" +CONFIG_RD_GZIP=y +CONFIG_RD_BZIP2=y +CONFIG_RD_LZMA=y +CONFIG_RD_XZ=y +CONFIG_RD_LZO=y +# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set +CONFIG_SYSCTL=y +CONFIG_ANON_INODES=y +# CONFIG_EXPERT is not set +CONFIG_UID16=y +# CONFIG_SYSCTL_SYSCALL is not set +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_HOTPLUG=y +CONFIG_PRINTK=y +CONFIG_BUG=y +CONFIG_ELF_CORE=y +CONFIG_PCSPKR_PLATFORM=y +CONFIG_HAVE_PCSPKR_PLATFORM=y +CONFIG_BASE_FULL=y +CONFIG_FUTEX=y +CONFIG_EPOLL=y +CONFIG_SIGNALFD=y +CONFIG_TIMERFD=y +CONFIG_EVENTFD=y +CONFIG_SHMEM=y +CONFIG_AIO=y +# CONFIG_EMBEDDED is not set +CONFIG_HAVE_PERF_EVENTS=y + +# +# Kernel Performance Events And Counters +# +CONFIG_PERF_EVENTS=y +# CONFIG_PERF_COUNTERS is not set +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set +CONFIG_VM_EVENT_COUNTERS=y +CONFIG_PCI_QUIRKS=y +CONFIG_SLUB_DEBUG=y +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB is not set +CONFIG_SLUB=y +CONFIG_PROFILING=y +CONFIG_TRACEPOINTS=y +# CONFIG_OPROFILE is not set +CONFIG_HAVE_OPROFILE=y +CONFIG_OPROFILE_NMI_TIMER=y +CONFIG_KPROBES=y +# CONFIG_JUMP_LABEL is not set +CONFIG_OPTPROBES=y +CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y +CONFIG_KRETPROBES=y +CONFIG_HAVE_IOREMAP_PROT=y +CONFIG_HAVE_KPROBES=y +CONFIG_HAVE_KRETPROBES=y +CONFIG_HAVE_OPTPROBES=y +CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y +CONFIG_USE_GENERIC_SMP_HELPERS=y +CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_DMA_API_DEBUG=y +CONFIG_HAVE_HW_BREAKPOINT=y +CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y +CONFIG_HAVE_USER_RETURN_NOTIFIER=y +CONFIG_HAVE_PERF_EVENTS_NMI=y +CONFIG_HAVE_ARCH_JUMP_LABEL=y +CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y +CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y +CONFIG_HAVE_CMPXCHG_LOCAL=y +CONFIG_HAVE_CMPXCHG_DOUBLE=y + +# +# GCOV-based kernel profiling +# +# CONFIG_GCOV_KERNEL is not set +# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set +CONFIG_SLABINFO=y +CONFIG_RT_MUTEXES=y +CONFIG_BASE_SMALL=0 +CONFIG_MODULES=y +CONFIG_MODULE_FORCE_LOAD=y +CONFIG_MODULE_UNLOAD=y +CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODVERSIONS is not set +# CONFIG_MODULE_SRCVERSION_ALL is not set +CONFIG_STOP_MACHINE=y +CONFIG_BLOCK=y +CONFIG_BLK_DEV_BSG=y +CONFIG_BLK_DEV_BSGLIB=y +# CONFIG_BLK_DEV_INTEGRITY is not set + +# +# Partition Types +# +CONFIG_PARTITION_ADVANCED=y +# CONFIG_ACORN_PARTITION is not set +CONFIG_OSF_PARTITION=y +CONFIG_AMIGA_PARTITION=y +# CONFIG_ATARI_PARTITION is not set +CONFIG_MAC_PARTITION=y +CONFIG_MSDOS_PARTITION=y +CONFIG_BSD_DISKLABEL=y +CONFIG_MINIX_SUBPARTITION=y +CONFIG_SOLARIS_X86_PARTITION=y +CONFIG_UNIXWARE_DISKLABEL=y +# CONFIG_LDM_PARTITION is not set +CONFIG_SGI_PARTITION=y +# CONFIG_ULTRIX_PARTITION is not set +CONFIG_SUN_PARTITION=y +CONFIG_KARMA_PARTITION=y +CONFIG_EFI_PARTITION=y +# CONFIG_SYSV68_PARTITION is not set +CONFIG_BLOCK_COMPAT=y + +# +# IO Schedulers +# +CONFIG_IOSCHED_NOOP=y +CONFIG_IOSCHED_DEADLINE=y +CONFIG_IOSCHED_CFQ=m +# CONFIG_CFQ_GROUP_IOSCHED is not set +CONFIG_DEFAULT_DEADLINE=y +# CONFIG_DEFAULT_NOOP is not set +CONFIG_DEFAULT_IOSCHED="deadline" +# CONFIG_INLINE_SPIN_TRYLOCK is not set +# CONFIG_INLINE_SPIN_TRYLOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK is not set +# CONFIG_INLINE_SPIN_LOCK_BH is not set +# CONFIG_INLINE_SPIN_LOCK_IRQ is not set +# CONFIG_INLINE_SPIN_LOCK_IRQSAVE is not set +CONFIG_INLINE_SPIN_UNLOCK=y +# CONFIG_INLINE_SPIN_UNLOCK_BH is not set +CONFIG_INLINE_SPIN_UNLOCK_IRQ=y +# CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_READ_TRYLOCK is not set +# CONFIG_INLINE_READ_LOCK is not set +# CONFIG_INLINE_READ_LOCK_BH is not set +# CONFIG_INLINE_READ_LOCK_IRQ is not set +# CONFIG_INLINE_READ_LOCK_IRQSAVE is not set +CONFIG_INLINE_READ_UNLOCK=y +# CONFIG_INLINE_READ_UNLOCK_BH is not set +CONFIG_INLINE_READ_UNLOCK_IRQ=y +# CONFIG_INLINE_READ_UNLOCK_IRQRESTORE is not set +# CONFIG_INLINE_WRITE_TRYLOCK is not set +# CONFIG_INLINE_WRITE_LOCK is not set +# CONFIG_INLINE_WRITE_LOCK_BH is not set +# CONFIG_INLINE_WRITE_LOCK_IRQ is not set +# CONFIG_INLINE_WRITE_LOCK_IRQSAVE is not set +CONFIG_INLINE_WRITE_UNLOCK=y +# CONFIG_INLINE_WRITE_UNLOCK_BH is not set +CONFIG_INLINE_WRITE_UNLOCK_IRQ=y +# CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE is not set +CONFIG_MUTEX_SPIN_ON_OWNER=y +CONFIG_FREEZER=y + +# +# Processor type and features +# +CONFIG_ZONE_DMA=y +CONFIG_TICK_ONESHOT=y +CONFIG_NO_HZ=y +CONFIG_HIGH_RES_TIMERS=y +CONFIG_GENERIC_CLOCKEVENTS_BUILD=y +CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y +CONFIG_SMP=y +# CONFIG_X86_X2APIC is not set +CONFIG_X86_MPPARSE=y +CONFIG_X86_EXTENDED_PLATFORM=y +# CONFIG_X86_VSMP is not set +CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y +CONFIG_SCHED_OMIT_FRAME_POINTER=y +# CONFIG_PARAVIRT_GUEST is not set +CONFIG_NO_BOOTMEM=y +# CONFIG_MEMTEST is not set +CONFIG_MK8=y +# CONFIG_MPSC is not set +# CONFIG_MCORE2 is not set +# CONFIG_MATOM is not set +# CONFIG_GENERIC_CPU is not set +CONFIG_X86_INTERNODE_CACHE_SHIFT=7 +CONFIG_X86_CMPXCHG=y +CONFIG_X86_L1_CACHE_SHIFT=6 +CONFIG_X86_XADD=y +CONFIG_X86_WP_WORKS_OK=y +CONFIG_X86_INTEL_USERCOPY=y +CONFIG_X86_USE_PPRO_CHECKSUM=y +CONFIG_X86_TSC=y +CONFIG_X86_CMPXCHG64=y +CONFIG_X86_CMOV=y +CONFIG_X86_MINIMUM_CPU_FAMILY=64 +CONFIG_X86_DEBUGCTLMSR=y +CONFIG_CPU_SUP_INTEL=y +CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_CENTAUR=y +CONFIG_HPET_TIMER=y +CONFIG_HPET_EMULATE_RTC=y +CONFIG_DMI=y +CONFIG_GART_IOMMU=y +CONFIG_CALGARY_IOMMU=y +CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y +CONFIG_SWIOTLB=y +CONFIG_IOMMU_HELPER=y +# CONFIG_MAXSMP is not set +CONFIG_NR_CPUS=64 +CONFIG_SCHED_SMT=y +CONFIG_SCHED_MC=y +CONFIG_IRQ_TIME_ACCOUNTING=y +CONFIG_PREEMPT_NONE=y +# CONFIG_PREEMPT_VOLUNTARY is not set +# CONFIG_PREEMPT is not set +CONFIG_X86_LOCAL_APIC=y +CONFIG_X86_IO_APIC=y +CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y +CONFIG_X86_MCE=y +CONFIG_X86_MCE_INTEL=y +CONFIG_X86_MCE_AMD=y +CONFIG_X86_MCE_THRESHOLD=y +# CONFIG_X86_MCE_INJECT is not set +CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_I8K is not set +CONFIG_MICROCODE=y +CONFIG_MICROCODE_INTEL=y +CONFIG_MICROCODE_AMD=y +CONFIG_MICROCODE_OLD_INTERFACE=y +CONFIG_X86_MSR=y +CONFIG_X86_CPUID=y +CONFIG_ARCH_PHYS_ADDR_T_64BIT=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DIRECT_GBPAGES=y +CONFIG_NUMA=y +CONFIG_AMD_NUMA=y +CONFIG_X86_64_ACPI_NUMA=y +CONFIG_NODES_SPAN_OTHER_NODES=y +# CONFIG_NUMA_EMU is not set +CONFIG_NODES_SHIFT=6 +CONFIG_ARCH_SPARSEMEM_ENABLE=y +CONFIG_ARCH_SPARSEMEM_DEFAULT=y +CONFIG_ARCH_SELECT_MEMORY_MODEL=y +CONFIG_ARCH_PROC_KCORE_TEXT=y +CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 +CONFIG_SELECT_MEMORY_MODEL=y +CONFIG_SPARSEMEM_MANUAL=y +CONFIG_SPARSEMEM=y +CONFIG_NEED_MULTIPLE_NODES=y +CONFIG_HAVE_MEMORY_PRESENT=y +CONFIG_SPARSEMEM_EXTREME=y +CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y +CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y +CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_HAVE_MEMBLOCK=y +CONFIG_HAVE_MEMBLOCK_NODE_MAP=y +CONFIG_ARCH_DISCARD_MEMBLOCK=y +# CONFIG_MEMORY_HOTPLUG is not set +CONFIG_PAGEFLAGS_EXTENDED=y +CONFIG_SPLIT_PTLOCK_CPUS=4 +CONFIG_COMPACTION=y +CONFIG_MIGRATION=y +CONFIG_PHYS_ADDR_T_64BIT=y +CONFIG_ZONE_DMA_FLAG=1 +CONFIG_BOUNCE=y +CONFIG_VIRT_TO_BUS=y +CONFIG_MMU_NOTIFIER=y +# CONFIG_KSM is not set +CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 +CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y +# CONFIG_MEMORY_FAILURE is not set +CONFIG_TRANSPARENT_HUGEPAGE=y +CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS=y +# CONFIG_TRANSPARENT_HUGEPAGE_MADVISE is not set +CONFIG_CLEANCACHE=y +CONFIG_X86_CHECK_BIOS_CORRUPTION=y +CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +CONFIG_X86_RESERVE_LOW=64 +CONFIG_MTRR=y +# CONFIG_MTRR_SANITIZER is not set +CONFIG_X86_PAT=y +CONFIG_ARCH_USES_PG_UNCACHED=y +CONFIG_ARCH_RANDOM=y +CONFIG_EFI=y +# CONFIG_EFI_STUB is not set +CONFIG_SECCOMP=y +# CONFIG_CC_STACKPROTECTOR is not set +# CONFIG_HZ_100 is not set +# CONFIG_HZ_250 is not set +# CONFIG_HZ_300 is not set +CONFIG_HZ_1000=y +CONFIG_HZ=1000 +CONFIG_SCHED_HRTICK=y +CONFIG_KEXEC=y +CONFIG_CRASH_DUMP=y +CONFIG_PHYSICAL_START=0x1000000 +CONFIG_RELOCATABLE=y +CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_HOTPLUG_CPU=y +# CONFIG_COMPAT_VDSO is not set +# CONFIG_CMDLINE_BOOL is not set +CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y +CONFIG_USE_PERCPU_NUMA_NODE_ID=y + +# +# Power management and ACPI options +# +CONFIG_SUSPEND=y +CONFIG_SUSPEND_FREEZER=y +# CONFIG_HIBERNATION is not set +CONFIG_PM_SLEEP=y +CONFIG_PM_SLEEP_SMP=y +# CONFIG_PM_RUNTIME is not set +CONFIG_PM=y +CONFIG_PM_DEBUG=y +CONFIG_PM_ADVANCED_DEBUG=y +# CONFIG_PM_TEST_SUSPEND is not set +CONFIG_CAN_PM_TRACE=y +CONFIG_PM_TRACE=y +CONFIG_PM_TRACE_RTC=y +CONFIG_ACPI=y +CONFIG_ACPI_SLEEP=y +CONFIG_ACPI_PROCFS=y +CONFIG_ACPI_PROCFS_POWER=y +CONFIG_ACPI_EC_DEBUGFS=m +CONFIG_ACPI_PROC_EVENT=y +CONFIG_ACPI_AC=m +CONFIG_ACPI_BATTERY=m +CONFIG_ACPI_BUTTON=m +CONFIG_ACPI_VIDEO=m +CONFIG_ACPI_FAN=m +CONFIG_ACPI_DOCK=y +CONFIG_ACPI_PROCESSOR=m +CONFIG_ACPI_IPMI=m +CONFIG_ACPI_HOTPLUG_CPU=y +CONFIG_ACPI_PROCESSOR_AGGREGATOR=m +CONFIG_ACPI_THERMAL=m +CONFIG_ACPI_NUMA=y +# CONFIG_ACPI_CUSTOM_DSDT is not set +CONFIG_ACPI_BLACKLIST_YEAR=0 +# CONFIG_ACPI_DEBUG is not set +CONFIG_ACPI_PCI_SLOT=m +CONFIG_X86_PM_TIMER=y +CONFIG_ACPI_CONTAINER=y +# CONFIG_ACPI_SBS is not set +CONFIG_ACPI_HED=m +CONFIG_ACPI_CUSTOM_METHOD=m +CONFIG_ACPI_APEI=y +# CONFIG_ACPI_APEI_GHES is not set +# CONFIG_ACPI_APEI_PCIEAER is not set +CONFIG_ACPI_APEI_EINJ=m +CONFIG_ACPI_APEI_ERST_DEBUG=m +# CONFIG_SFI is not set + +# +# CPU Frequency scaling +# +CONFIG_CPU_FREQ=y +CONFIG_CPU_FREQ_TABLE=m +CONFIG_CPU_FREQ_STAT=m +CONFIG_CPU_FREQ_STAT_DETAILS=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE is not set +CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE=y +# CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set +# CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set +CONFIG_CPU_FREQ_GOV_PERFORMANCE=m +CONFIG_CPU_FREQ_GOV_POWERSAVE=m +CONFIG_CPU_FREQ_GOV_USERSPACE=y +CONFIG_CPU_FREQ_GOV_ONDEMAND=m +CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m + +# +# x86 CPU frequency scaling drivers +# +CONFIG_X86_PCC_CPUFREQ=m +CONFIG_X86_ACPI_CPUFREQ=m +CONFIG_X86_POWERNOW_K8=m +# CONFIG_X86_SPEEDSTEP_CENTRINO is not set +# CONFIG_X86_P4_CLOCKMOD is not set + +# +# shared options +# +# CONFIG_X86_SPEEDSTEP_LIB is not set +CONFIG_CPU_IDLE=y +CONFIG_CPU_IDLE_GOV_LADDER=y +CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_INTEL_IDLE is not set + +# +# Memory power savings +# +# CONFIG_I7300_IDLE is not set + +# +# Bus options (PCI etc.) +# +CONFIG_PCI=y +CONFIG_PCI_DIRECT=y +CONFIG_PCI_MMCONFIG=y +CONFIG_PCI_DOMAINS=y +# CONFIG_PCI_CNB20LE_QUIRK is not set +CONFIG_PCIEPORTBUS=y +CONFIG_PCIEAER=y +# CONFIG_PCIE_ECRC is not set +# CONFIG_PCIEAER_INJECT is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_ARCH_SUPPORTS_MSI=y +CONFIG_PCI_MSI=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_STUB is not set +CONFIG_HT_IRQ=y +CONFIG_PCI_ATS=y +CONFIG_PCI_IOV=y +CONFIG_PCI_PRI=y +CONFIG_PCI_PASID=y +CONFIG_PCI_IOAPIC=y +CONFIG_PCI_LABEL=y +CONFIG_ISA_DMA_API=y +CONFIG_AMD_NB=y +# CONFIG_PCCARD is not set +# CONFIG_HOTPLUG_PCI is not set +# CONFIG_RAPIDIO is not set + +# +# Executable file formats / Emulations +# +CONFIG_BINFMT_ELF=y +CONFIG_COMPAT_BINFMT_ELF=y +CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y +CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y +# CONFIG_HAVE_AOUT is not set +CONFIG_BINFMT_MISC=y +CONFIG_IA32_EMULATION=y +CONFIG_IA32_AOUT=m +CONFIG_COMPAT=y +CONFIG_COMPAT_FOR_U64_ALIGNMENT=y +CONFIG_SYSVIPC_COMPAT=y +CONFIG_KEYS_COMPAT=y +CONFIG_HAVE_TEXT_POKE_SMP=y +CONFIG_NET=y + +# +# Networking options +# +CONFIG_PACKET=y +CONFIG_UNIX=y +CONFIG_UNIX_DIAG=m +CONFIG_XFRM=y +CONFIG_XFRM_USER=y +# CONFIG_XFRM_SUB_POLICY is not set +CONFIG_XFRM_MIGRATE=y +# CONFIG_XFRM_STATISTICS is not set +CONFIG_XFRM_IPCOMP=m +CONFIG_NET_KEY=m +CONFIG_NET_KEY_MIGRATE=y +CONFIG_INET=y +CONFIG_IP_MULTICAST=y +CONFIG_IP_ADVANCED_ROUTER=y +CONFIG_IP_FIB_TRIE_STATS=y +CONFIG_IP_MULTIPLE_TABLES=y +CONFIG_IP_ROUTE_MULTIPATH=y +CONFIG_IP_ROUTE_VERBOSE=y +CONFIG_IP_ROUTE_CLASSID=y +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +CONFIG_IP_PNP_BOOTP=y +CONFIG_IP_PNP_RARP=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m +CONFIG_NET_IPGRE=m +CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE=y +CONFIG_IP_MROUTE_MULTIPLE_TABLES=y +CONFIG_IP_PIMSM_V1=y +CONFIG_IP_PIMSM_V2=y +CONFIG_ARPD=y +CONFIG_SYN_COOKIES=y +CONFIG_INET_AH=m +CONFIG_INET_ESP=m +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m +CONFIG_INET_TUNNEL=m +CONFIG_INET_XFRM_MODE_TRANSPORT=m +CONFIG_INET_XFRM_MODE_TUNNEL=m +CONFIG_INET_XFRM_MODE_BEET=m +CONFIG_INET_LRO=y +CONFIG_INET_DIAG=m +CONFIG_INET_TCP_DIAG=m +CONFIG_INET_UDP_DIAG=m +CONFIG_TCP_CONG_ADVANCED=y +CONFIG_TCP_CONG_BIC=m +CONFIG_TCP_CONG_CUBIC=m +CONFIG_TCP_CONG_WESTWOOD=m +CONFIG_TCP_CONG_HTCP=m +CONFIG_TCP_CONG_HSTCP=m +CONFIG_TCP_CONG_HYBLA=m +CONFIG_TCP_CONG_VEGAS=m +CONFIG_TCP_CONG_SCALABLE=m +CONFIG_TCP_CONG_LP=m +CONFIG_TCP_CONG_VENO=m +CONFIG_TCP_CONG_YEAH=m +CONFIG_TCP_CONG_ILLINOIS=m +CONFIG_DEFAULT_RENO=y +CONFIG_DEFAULT_TCP_CONG="reno" +CONFIG_TCP_MD5SIG=y +CONFIG_IPV6=y +CONFIG_IPV6_PRIVACY=y +CONFIG_IPV6_ROUTER_PREF=y +CONFIG_IPV6_ROUTE_INFO=y +# CONFIG_IPV6_OPTIMISTIC_DAD is not set +CONFIG_INET6_AH=m +CONFIG_INET6_ESP=m +CONFIG_INET6_IPCOMP=m +CONFIG_IPV6_MIP6=m +CONFIG_INET6_XFRM_TUNNEL=m +CONFIG_INET6_TUNNEL=m +CONFIG_INET6_XFRM_MODE_TRANSPORT=m +CONFIG_INET6_XFRM_MODE_TUNNEL=m +CONFIG_INET6_XFRM_MODE_BEET=m +CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION=m +CONFIG_IPV6_SIT=m +# CONFIG_IPV6_SIT_6RD is not set +CONFIG_IPV6_NDISC_NODETYPE=y +CONFIG_IPV6_TUNNEL=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETLABEL=y +CONFIG_NETWORK_SECMARK=y +# CONFIG_NETWORK_PHY_TIMESTAMPING is not set +CONFIG_NETFILTER=y +# CONFIG_NETFILTER_DEBUG is not set +CONFIG_NETFILTER_ADVANCED=y +CONFIG_BRIDGE_NETFILTER=y + +# +# Core Netfilter Configuration +# +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_ACCT=m +CONFIG_NETFILTER_NETLINK_QUEUE=m +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=m +CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_SECMARK=y +# CONFIG_NF_CONNTRACK_ZONES is not set +CONFIG_NF_CONNTRACK_PROCFS=y +CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CONNTRACK_TIMESTAMP=y +CONFIG_NF_CT_PROTO_DCCP=m +CONFIG_NF_CT_PROTO_GRE=m +CONFIG_NF_CT_PROTO_SCTP=m +CONFIG_NF_CT_PROTO_UDPLITE=m +CONFIG_NF_CONNTRACK_AMANDA=m +CONFIG_NF_CONNTRACK_FTP=m +CONFIG_NF_CONNTRACK_H323=m +CONFIG_NF_CONNTRACK_IRC=m +CONFIG_NF_CONNTRACK_BROADCAST=m +CONFIG_NF_CONNTRACK_NETBIOS_NS=m +CONFIG_NF_CONNTRACK_SNMP=m +CONFIG_NF_CONNTRACK_PPTP=m +CONFIG_NF_CONNTRACK_SANE=m +CONFIG_NF_CONNTRACK_SIP=m +CONFIG_NF_CONNTRACK_TFTP=m +CONFIG_NF_CT_NETLINK=m +CONFIG_NETFILTER_TPROXY=m +CONFIG_NETFILTER_XTABLES=y + +# +# Xtables combined modules +# +CONFIG_NETFILTER_XT_MARK=m +CONFIG_NETFILTER_XT_CONNMARK=m +CONFIG_NETFILTER_XT_SET=m + +# +# Xtables targets +# +CONFIG_NETFILTER_XT_TARGET_AUDIT=m +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m +CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m +CONFIG_NETFILTER_XT_TARGET_CONNMARK=m +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m +CONFIG_NETFILTER_XT_TARGET_LED=m +CONFIG_NETFILTER_XT_TARGET_MARK=m +CONFIG_NETFILTER_XT_TARGET_NFLOG=m +CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m +CONFIG_NETFILTER_XT_TARGET_TEE=m +CONFIG_NETFILTER_XT_TARGET_TPROXY=m +CONFIG_NETFILTER_XT_TARGET_TRACE=m +CONFIG_NETFILTER_XT_TARGET_SECMARK=m +CONFIG_NETFILTER_XT_TARGET_TCPMSS=m +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m + +# +# Xtables matches +# +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m +CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DEVGROUP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_ECN=m +CONFIG_NETFILTER_XT_MATCH_ESP=m +CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_HL=m +CONFIG_NETFILTER_XT_MATCH_IPRANGE=m +CONFIG_NETFILTER_XT_MATCH_LENGTH=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_NFACCT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m +CONFIG_NETFILTER_XT_MATCH_OWNER=m +CONFIG_NETFILTER_XT_MATCH_POLICY=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m +CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m +CONFIG_NETFILTER_XT_MATCH_QUOTA=m +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m +CONFIG_NETFILTER_XT_MATCH_RECENT=m +CONFIG_NETFILTER_XT_MATCH_SCTP=m +CONFIG_NETFILTER_XT_MATCH_SOCKET=m +CONFIG_NETFILTER_XT_MATCH_STATE=m +CONFIG_NETFILTER_XT_MATCH_STATISTIC=m +CONFIG_NETFILTER_XT_MATCH_STRING=m +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m +CONFIG_NETFILTER_XT_MATCH_TIME=m +CONFIG_NETFILTER_XT_MATCH_U32=m +CONFIG_IP_SET=m +CONFIG_IP_SET_MAX=256 +CONFIG_IP_SET_BITMAP_IP=m +CONFIG_IP_SET_BITMAP_IPMAC=m +CONFIG_IP_SET_BITMAP_PORT=m +CONFIG_IP_SET_HASH_IP=m +CONFIG_IP_SET_HASH_IPPORT=m +CONFIG_IP_SET_HASH_IPPORTIP=m +CONFIG_IP_SET_HASH_IPPORTNET=m +CONFIG_IP_SET_HASH_NET=m +CONFIG_IP_SET_HASH_NETPORT=m +CONFIG_IP_SET_HASH_NETIFACE=m +CONFIG_IP_SET_LIST_SET=m +# CONFIG_IP_VS is not set + +# +# IP: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV4=m +CONFIG_NF_CONNTRACK_IPV4=m +CONFIG_NF_CONNTRACK_PROC_COMPAT=y +CONFIG_IP_NF_QUEUE=m +CONFIG_IP_NF_IPTABLES=m +CONFIG_IP_NF_MATCH_AH=m +CONFIG_IP_NF_MATCH_ECN=m +CONFIG_IP_NF_MATCH_RPFILTER=m +CONFIG_IP_NF_MATCH_TTL=m +CONFIG_IP_NF_FILTER=m +CONFIG_IP_NF_TARGET_REJECT=m +CONFIG_IP_NF_TARGET_LOG=m +CONFIG_IP_NF_TARGET_ULOG=m +CONFIG_NF_NAT=m +CONFIG_NF_NAT_NEEDED=y +CONFIG_IP_NF_TARGET_MASQUERADE=m +CONFIG_IP_NF_TARGET_NETMAP=m +CONFIG_IP_NF_TARGET_REDIRECT=m +CONFIG_NF_NAT_SNMP_BASIC=m +CONFIG_NF_NAT_PROTO_DCCP=m +CONFIG_NF_NAT_PROTO_GRE=m +CONFIG_NF_NAT_PROTO_UDPLITE=m +CONFIG_NF_NAT_PROTO_SCTP=m +CONFIG_NF_NAT_FTP=m +CONFIG_NF_NAT_IRC=m +CONFIG_NF_NAT_TFTP=m +CONFIG_NF_NAT_AMANDA=m +CONFIG_NF_NAT_PPTP=m +CONFIG_NF_NAT_H323=m +CONFIG_NF_NAT_SIP=m +CONFIG_IP_NF_MANGLE=m +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m +CONFIG_IP_NF_RAW=m +CONFIG_IP_NF_SECURITY=m +CONFIG_IP_NF_ARPTABLES=m +CONFIG_IP_NF_ARPFILTER=m +CONFIG_IP_NF_ARP_MANGLE=m + +# +# IPv6: Netfilter Configuration +# +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_IPV6=m +CONFIG_IP6_NF_QUEUE=m +CONFIG_IP6_NF_IPTABLES=m +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_FRAG=m +CONFIG_IP6_NF_MATCH_OPTS=m +CONFIG_IP6_NF_MATCH_HL=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m +CONFIG_IP6_NF_MATCH_MH=m +CONFIG_IP6_NF_MATCH_RPFILTER=m +CONFIG_IP6_NF_MATCH_RT=m +CONFIG_IP6_NF_TARGET_HL=m +CONFIG_IP6_NF_TARGET_LOG=m +CONFIG_IP6_NF_FILTER=m +CONFIG_IP6_NF_TARGET_REJECT=m +CONFIG_IP6_NF_MANGLE=m +CONFIG_IP6_NF_RAW=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_ULOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m + +# +# DCCP CCIDs Configuration (EXPERIMENTAL) +# +# CONFIG_IP_DCCP_CCID2_DEBUG is not set +CONFIG_IP_DCCP_CCID3=y +# CONFIG_IP_DCCP_CCID3_DEBUG is not set +CONFIG_IP_DCCP_TFRC_LIB=y + +# +# DCCP Kernel Hacking +# +# CONFIG_IP_DCCP_DEBUG is not set +# CONFIG_NET_DCCPPROBE is not set +CONFIG_IP_SCTP=m +CONFIG_NET_SCTPPROBE=m +# CONFIG_SCTP_DBG_MSG is not set +# CONFIG_SCTP_DBG_OBJCNT is not set +# CONFIG_SCTP_HMAC_NONE is not set +# CONFIG_SCTP_HMAC_SHA1 is not set +CONFIG_SCTP_HMAC_MD5=y +CONFIG_RDS=m +CONFIG_RDS_TCP=m +# CONFIG_RDS_DEBUG is not set +CONFIG_TIPC=m +CONFIG_TIPC_ADVANCED=y +CONFIG_TIPC_PORTS=8191 +CONFIG_TIPC_LOG=0 +# CONFIG_TIPC_DEBUG is not set +# CONFIG_ATM is not set +CONFIG_L2TP=m +CONFIG_L2TP_DEBUGFS=m +# CONFIG_L2TP_V3 is not set +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_BRIDGE_IGMP_SNOOPING=y +# CONFIG_NET_DSA is not set +CONFIG_VLAN_8021Q=m +# CONFIG_VLAN_8021Q_GVRP is not set +# CONFIG_DECNET is not set +CONFIG_LLC=m +# CONFIG_LLC2 is not set +CONFIG_IPX=m +# CONFIG_IPX_INTERN is not set +CONFIG_ATALK=m +# CONFIG_DEV_APPLETALK is not set +# CONFIG_X25 is not set +# CONFIG_LAPB is not set +# CONFIG_ECONET is not set +# CONFIG_WAN_ROUTER is not set +# CONFIG_PHONET is not set +# CONFIG_IEEE802154 is not set +CONFIG_NET_SCHED=y + +# +# Queueing/Scheduling +# +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFB=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_MQPRIO=m +CONFIG_NET_SCH_CHOKE=m +CONFIG_NET_SCH_QFQ=m +CONFIG_NET_SCH_INGRESS=m + +# +# Classification +# +CONFIG_NET_CLS=y +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_RSVP=m +CONFIG_NET_CLS_RSVP6=m +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_EMATCH=y +CONFIG_NET_EMATCH_STACK=32 +CONFIG_NET_EMATCH_CMP=m +CONFIG_NET_EMATCH_NBYTE=m +CONFIG_NET_EMATCH_U32=m +CONFIG_NET_EMATCH_META=m +CONFIG_NET_EMATCH_TEXT=m +CONFIG_NET_CLS_ACT=y +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +# CONFIG_GACT_PROB is not set +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +# CONFIG_NET_CLS_IND is not set +CONFIG_NET_SCH_FIFO=y +# CONFIG_DCB is not set +CONFIG_DNS_RESOLVER=y +# CONFIG_BATMAN_ADV is not set +CONFIG_OPENVSWITCH=m +CONFIG_RPS=y +CONFIG_RFS_ACCEL=y +CONFIG_XPS=y +CONFIG_NETPRIO_CGROUP=m +CONFIG_BQL=y +CONFIG_HAVE_BPF_JIT=y +# CONFIG_BPF_JIT is not set + +# +# Network testing +# +CONFIG_NET_PKTGEN=m +CONFIG_NET_TCPPROBE=m +# CONFIG_NET_DROP_MONITOR is not set +# CONFIG_HAMRADIO is not set +# CONFIG_CAN is not set +# CONFIG_IRDA is not set +# CONFIG_BT is not set +CONFIG_AF_RXRPC=m +# CONFIG_AF_RXRPC_DEBUG is not set +# CONFIG_RXKAD is not set +CONFIG_FIB_RULES=y +# CONFIG_WIRELESS is not set +# CONFIG_WIMAX is not set +CONFIG_RFKILL=m +CONFIG_RFKILL_LEDS=y +CONFIG_RFKILL_INPUT=y +# CONFIG_NET_9P is not set +# CONFIG_CAIF is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set +# CONFIG_CEPH_LIB_USE_DNS_RESOLVER is not set +# CONFIG_NFC is not set + +# +# Device Drivers +# + +# +# Generic Driver Options +# +CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" +# CONFIG_DEVTMPFS is not set +CONFIG_STANDALONE=y +CONFIG_PREVENT_FIRMWARE_BUILD=y +CONFIG_FW_LOADER=y +CONFIG_FIRMWARE_IN_KERNEL=y +CONFIG_EXTRA_FIRMWARE="" +# CONFIG_DEBUG_DRIVER is not set +CONFIG_DEBUG_DEVRES=y +# CONFIG_SYS_HYPERVISOR is not set +# CONFIG_GENERIC_CPU_DEVICES is not set +# CONFIG_DMA_SHARED_BUFFER is not set +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y +# CONFIG_MTD is not set +# CONFIG_PARPORT is not set +CONFIG_PNP=y +CONFIG_PNP_DEBUG_MESSAGES=y + +# +# Protocols +# +CONFIG_PNPACPI=y +CONFIG_BLK_DEV=y +# CONFIG_BLK_DEV_FD is not set +# CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set +# CONFIG_BLK_CPQ_DA is not set +# CONFIG_BLK_CPQ_CISS_DA is not set +# CONFIG_BLK_DEV_DAC960 is not set +# CONFIG_BLK_DEV_UMEM is not set +# CONFIG_BLK_DEV_COW_COMMON is not set +CONFIG_BLK_DEV_LOOP=y +CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 +# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_DRBD=m +# CONFIG_DRBD_FAULT_INJECTION is not set +CONFIG_BLK_DEV_NBD=m +# CONFIG_BLK_DEV_NVME is not set +# CONFIG_BLK_DEV_OSD is not set +# CONFIG_BLK_DEV_SX8 is not set +CONFIG_BLK_DEV_RAM=y +CONFIG_BLK_DEV_RAM_COUNT=16 +CONFIG_BLK_DEV_RAM_SIZE=16384 +# CONFIG_BLK_DEV_XIP is not set +# CONFIG_CDROM_PKTCDVD is not set +# CONFIG_ATA_OVER_ETH is not set +CONFIG_VIRTIO_BLK=m +# CONFIG_BLK_DEV_HD is not set +CONFIG_BLK_DEV_RBD=m + +# +# Misc devices +# +CONFIG_SENSORS_LIS3LV02D=m +# CONFIG_AD525X_DPOT is not set +# CONFIG_IBM_ASM is not set +# CONFIG_PHANTOM is not set +# CONFIG_INTEL_MID_PTI is not set +# CONFIG_SGI_IOC4 is not set +# CONFIG_TIFM_CORE is not set +# CONFIG_ICS932S401 is not set +# CONFIG_ENCLOSURE_SERVICES is not set +# CONFIG_HP_ILO is not set +# CONFIG_APDS9802ALS is not set +# CONFIG_ISL29003 is not set +# CONFIG_ISL29020 is not set +# CONFIG_SENSORS_TSL2550 is not set +# CONFIG_SENSORS_BH1780 is not set +# CONFIG_SENSORS_BH1770 is not set +# CONFIG_SENSORS_APDS990X is not set +# CONFIG_HMC6352 is not set +# CONFIG_DS1682 is not set +# CONFIG_VMWARE_BALLOON is not set +# CONFIG_BMP085 is not set +# CONFIG_PCH_PHUB is not set +# CONFIG_USB_SWITCH_FSA9480 is not set +# CONFIG_C2PORT is not set + +# +# EEPROM support +# +# CONFIG_EEPROM_AT24 is not set +# CONFIG_EEPROM_LEGACY is not set +# CONFIG_EEPROM_MAX6875 is not set +# CONFIG_EEPROM_93CX6 is not set +# CONFIG_CB710_CORE is not set + +# +# Texas Instruments shared transport line discipline +# +CONFIG_SENSORS_LIS3_I2C=m + +# +# Altera FPGA firmware download module +# +CONFIG_ALTERA_STAPL=m +CONFIG_HAVE_IDE=y +# CONFIG_IDE is not set + +# +# SCSI device support +# +CONFIG_SCSI_MOD=y +CONFIG_RAID_ATTRS=m +CONFIG_SCSI=y +CONFIG_SCSI_DMA=y +# CONFIG_SCSI_TGT is not set +CONFIG_SCSI_NETLINK=y +CONFIG_SCSI_PROC_FS=y + +# +# SCSI support type (disk, tape, CD-ROM) +# +CONFIG_BLK_DEV_SD=y +# CONFIG_CHR_DEV_ST is not set +# CONFIG_CHR_DEV_OSST is not set +CONFIG_BLK_DEV_SR=m +CONFIG_BLK_DEV_SR_VENDOR=y +CONFIG_CHR_DEV_SG=y +# CONFIG_CHR_DEV_SCH is not set +# CONFIG_SCSI_MULTI_LUN is not set +CONFIG_SCSI_CONSTANTS=y +# CONFIG_SCSI_LOGGING is not set +# CONFIG_SCSI_SCAN_ASYNC is not set +CONFIG_SCSI_WAIT_SCAN=m + +# +# SCSI Transports +# +CONFIG_SCSI_SPI_ATTRS=y +CONFIG_SCSI_FC_ATTRS=m +CONFIG_SCSI_ISCSI_ATTRS=m +CONFIG_SCSI_SAS_ATTRS=m +CONFIG_SCSI_SAS_LIBSAS=m +# CONFIG_SCSI_SAS_ATA is not set +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_SRP_ATTRS=m +# CONFIG_SCSI_LOWLEVEL is not set +CONFIG_SCSI_DH=m +# CONFIG_SCSI_DH_RDAC is not set +# CONFIG_SCSI_DH_HP_SW is not set +# CONFIG_SCSI_DH_EMC is not set +# CONFIG_SCSI_DH_ALUA is not set +CONFIG_SCSI_OSD_INITIATOR=m +CONFIG_SCSI_OSD_ULD=m +CONFIG_SCSI_OSD_DPRINT_SENSE=1 +# CONFIG_SCSI_OSD_DEBUG is not set +CONFIG_ATA=y +# CONFIG_ATA_NONSTANDARD is not set +CONFIG_ATA_VERBOSE_ERROR=y +CONFIG_ATA_ACPI=y +CONFIG_SATA_PMP=y + +# +# Controllers with non-SFF native interface +# +CONFIG_SATA_AHCI=y +# CONFIG_SATA_AHCI_PLATFORM is not set +# CONFIG_SATA_INIC162X is not set +# CONFIG_SATA_ACARD_AHCI is not set +# CONFIG_SATA_SIL24 is not set +CONFIG_ATA_SFF=y + +# +# SFF controllers with custom DMA interface +# +# CONFIG_PDC_ADMA is not set +# CONFIG_SATA_QSTOR is not set +# CONFIG_SATA_SX4 is not set +CONFIG_ATA_BMDMA=y + +# +# SATA SFF controllers with BMDMA +# +CONFIG_ATA_PIIX=y +# CONFIG_SATA_MV is not set +# CONFIG_SATA_NV is not set +# CONFIG_SATA_PROMISE is not set +# CONFIG_SATA_SIL is not set +# CONFIG_SATA_SIS is not set +# CONFIG_SATA_SVW is not set +# CONFIG_SATA_ULI is not set +# CONFIG_SATA_VIA is not set +# CONFIG_SATA_VITESSE is not set + +# +# PATA SFF controllers with BMDMA +# +# CONFIG_PATA_ALI is not set +CONFIG_PATA_AMD=y +# CONFIG_PATA_ARASAN_CF is not set +# CONFIG_PATA_ARTOP is not set +# CONFIG_PATA_ATIIXP is not set +# CONFIG_PATA_ATP867X is not set +# CONFIG_PATA_CMD64X is not set +# CONFIG_PATA_CS5520 is not set +# CONFIG_PATA_CS5530 is not set +# CONFIG_PATA_CS5536 is not set +# CONFIG_PATA_CYPRESS is not set +# CONFIG_PATA_EFAR is not set +# CONFIG_PATA_HPT366 is not set +# CONFIG_PATA_HPT37X is not set +# CONFIG_PATA_HPT3X2N is not set +# CONFIG_PATA_HPT3X3 is not set +# CONFIG_PATA_IT8213 is not set +# CONFIG_PATA_IT821X is not set +# CONFIG_PATA_JMICRON is not set +# CONFIG_PATA_MARVELL is not set +# CONFIG_PATA_NETCELL is not set +# CONFIG_PATA_NINJA32 is not set +# CONFIG_PATA_NS87415 is not set +CONFIG_PATA_OLDPIIX=y +# CONFIG_PATA_OPTIDMA is not set +# CONFIG_PATA_PDC2027X is not set +# CONFIG_PATA_PDC_OLD is not set +# CONFIG_PATA_RADISYS is not set +# CONFIG_PATA_RDC is not set +# CONFIG_PATA_SC1200 is not set +CONFIG_PATA_SCH=y +# CONFIG_PATA_SERVERWORKS is not set +# CONFIG_PATA_SIL680 is not set +# CONFIG_PATA_SIS is not set +# CONFIG_PATA_TOSHIBA is not set +# CONFIG_PATA_TRIFLEX is not set +# CONFIG_PATA_VIA is not set +# CONFIG_PATA_WINBOND is not set + +# +# PIO-only SFF controllers +# +# CONFIG_PATA_CMD640_PCI is not set +# CONFIG_PATA_MPIIX is not set +# CONFIG_PATA_NS87410 is not set +# CONFIG_PATA_OPTI is not set +# CONFIG_PATA_RZ1000 is not set + +# +# Generic fallback / legacy drivers +# +# CONFIG_PATA_ACPI is not set +# CONFIG_ATA_GENERIC is not set +# CONFIG_PATA_LEGACY is not set +CONFIG_MD=y +CONFIG_BLK_DEV_MD=y +CONFIG_MD_AUTODETECT=y +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=y +CONFIG_MD_RAID10=y +CONFIG_MD_RAID456=m +CONFIG_MULTICORE_RAID456=y +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BLK_DEV_DM=y +# CONFIG_DM_DEBUG is not set +CONFIG_DM_BUFIO=m +CONFIG_DM_PERSISTENT_DATA=m +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_THIN_PROVISIONING=m +# CONFIG_DM_DEBUG_BLOCK_STACK_TRACING is not set +CONFIG_DM_DEBUG_SPACE_MAPS=y +CONFIG_DM_MIRROR=y +CONFIG_DM_RAID=m +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_ZERO=y +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m +# CONFIG_DM_UEVENT is not set +CONFIG_DM_FLAKEY=m +CONFIG_TARGET_CORE=m +CONFIG_TCM_IBLOCK=m +CONFIG_TCM_FILEIO=m +CONFIG_TCM_PSCSI=m +CONFIG_LOOPBACK_TARGET=m +CONFIG_ISCSI_TARGET=m +# CONFIG_FUSION is not set + +# +# IEEE 1394 (FireWire) support +# +# CONFIG_FIREWIRE is not set +CONFIG_FIREWIRE_NOSY=m +CONFIG_I2O=m +CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y +CONFIG_I2O_EXT_ADAPTEC=y +CONFIG_I2O_EXT_ADAPTEC_DMA64=y +CONFIG_I2O_CONFIG=m +CONFIG_I2O_CONFIG_OLD_IOCTL=y +CONFIG_I2O_BUS=m +CONFIG_I2O_BLOCK=m +# CONFIG_I2O_SCSI is not set +CONFIG_I2O_PROC=m +# CONFIG_MACINTOSH_DRIVERS is not set +CONFIG_NETDEVICES=y +CONFIG_NET_CORE=y +CONFIG_BONDING=m +CONFIG_DUMMY=m +# CONFIG_EQUALIZER is not set +# CONFIG_NET_FC is not set +CONFIG_MII=y +CONFIG_IFB=m +# CONFIG_NET_TEAM is not set +CONFIG_MACVLAN=m +CONFIG_MACVTAP=m +CONFIG_NETCONSOLE=y +CONFIG_NETPOLL=y +# CONFIG_NETPOLL_TRAP is not set +CONFIG_NET_POLL_CONTROLLER=y +CONFIG_TUN=m +CONFIG_VETH=m +CONFIG_VIRTIO_NET=m +CONFIG_SUNGEM_PHY=m +# CONFIG_ARCNET is not set + +# +# CAIF transport drivers +# +CONFIG_ETHERNET=y +CONFIG_MDIO=m +CONFIG_NET_VENDOR_3COM=y +CONFIG_VORTEX=m +CONFIG_TYPHOON=m +CONFIG_NET_VENDOR_ADAPTEC=y +CONFIG_ADAPTEC_STARFIRE=m +CONFIG_NET_VENDOR_ALTEON=y +CONFIG_ACENIC=m +# CONFIG_ACENIC_OMIT_TIGON_I is not set +CONFIG_NET_VENDOR_AMD=y +CONFIG_AMD8111_ETH=m +CONFIG_PCNET32=m +CONFIG_NET_VENDOR_ATHEROS=y +CONFIG_ATL2=m +CONFIG_ATL1=m +CONFIG_ATL1E=m +CONFIG_ATL1C=m +CONFIG_NET_VENDOR_BROADCOM=y +CONFIG_B44=m +CONFIG_B44_PCI_AUTOSELECT=y +CONFIG_B44_PCICORE_AUTOSELECT=y +CONFIG_B44_PCI=y +CONFIG_BNX2=m +CONFIG_CNIC=m +CONFIG_TIGON3=m +CONFIG_BNX2X=m +CONFIG_NET_VENDOR_BROCADE=y +CONFIG_BNA=m +# CONFIG_NET_CALXEDA_XGMAC is not set +CONFIG_NET_VENDOR_CHELSIO=y +CONFIG_CHELSIO_T1=m +CONFIG_CHELSIO_T1_1G=y +CONFIG_CHELSIO_T3=m +CONFIG_CHELSIO_T4=m +CONFIG_CHELSIO_T4VF=m +CONFIG_NET_VENDOR_CISCO=y +CONFIG_ENIC=m +CONFIG_DNET=m +CONFIG_NET_VENDOR_DEC=y +CONFIG_NET_TULIP=y +CONFIG_DE2104X=m +CONFIG_DE2104X_DSL=0 +CONFIG_TULIP=m +# CONFIG_TULIP_MWI is not set +# CONFIG_TULIP_MMIO is not set +# CONFIG_TULIP_NAPI is not set +CONFIG_DE4X5=m +CONFIG_WINBOND_840=m +CONFIG_DM9102=m +CONFIG_ULI526X=m +CONFIG_NET_VENDOR_DLINK=y +CONFIG_DL2K=m +CONFIG_SUNDANCE=m +# CONFIG_SUNDANCE_MMIO is not set +CONFIG_NET_VENDOR_EMULEX=y +CONFIG_BE2NET=m +CONFIG_NET_VENDOR_EXAR=y +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set +CONFIG_NET_VENDOR_HP=y +# CONFIG_HP100 is not set +CONFIG_NET_VENDOR_INTEL=y +CONFIG_E100=m +CONFIG_E1000=m +CONFIG_E1000E=m +CONFIG_IGB=m +CONFIG_IGBVF=m +CONFIG_IXGB=m +CONFIG_IXGBE=m +CONFIG_IXGBEVF=m +CONFIG_NET_VENDOR_I825XX=y +CONFIG_ZNET=m +CONFIG_IP1000=m +CONFIG_JME=m +CONFIG_NET_VENDOR_MARVELL=y +CONFIG_SKGE=m +# CONFIG_SKGE_DEBUG is not set +# CONFIG_SKGE_GENESIS is not set +CONFIG_SKY2=m +# CONFIG_SKY2_DEBUG is not set +CONFIG_NET_VENDOR_MELLANOX=y +CONFIG_MLX4_EN=m +CONFIG_MLX4_CORE=m +CONFIG_MLX4_DEBUG=y +CONFIG_NET_VENDOR_MICREL=y +CONFIG_KS8842=m +CONFIG_KS8851_MLL=m +CONFIG_KSZ884X_PCI=m +CONFIG_NET_VENDOR_MYRI=y +CONFIG_MYRI10GE=m +CONFIG_FEALNX=m +CONFIG_NET_VENDOR_NATSEMI=y +CONFIG_NATSEMI=m +CONFIG_NS83820=m +CONFIG_NET_VENDOR_8390=y +CONFIG_NE2K_PCI=m +CONFIG_NET_VENDOR_NVIDIA=y +CONFIG_FORCEDETH=m +CONFIG_NET_VENDOR_OKI=y +CONFIG_PCH_GBE=m +CONFIG_ETHOC=m +CONFIG_NET_PACKET_ENGINE=y +CONFIG_HAMACHI=m +CONFIG_YELLOWFIN=m +CONFIG_NET_VENDOR_QLOGIC=y +CONFIG_QLA3XXX=m +CONFIG_QLCNIC=m +CONFIG_QLGE=m +CONFIG_NETXEN_NIC=m +CONFIG_NET_VENDOR_REALTEK=y +CONFIG_8139CP=m +CONFIG_8139TOO=m +CONFIG_8139TOO_PIO=y +CONFIG_8139TOO_TUNE_TWISTER=y +CONFIG_8139TOO_8129=y +# CONFIG_8139_OLD_RX_RESET is not set +CONFIG_R8169=m +CONFIG_NET_VENDOR_RDC=y +CONFIG_R6040=m +CONFIG_NET_VENDOR_SEEQ=y +CONFIG_SEEQ8005=m +CONFIG_NET_VENDOR_SILAN=y +CONFIG_SC92031=m +CONFIG_NET_VENDOR_SIS=y +CONFIG_SIS900=m +CONFIG_SIS190=m +CONFIG_SFC=m +CONFIG_NET_VENDOR_SMSC=y +CONFIG_EPIC100=m +CONFIG_SMSC9420=m +CONFIG_NET_VENDOR_STMICRO=y +CONFIG_STMMAC_ETH=m +CONFIG_STMMAC_PLATFORM=m +# CONFIG_STMMAC_PCI is not set +CONFIG_STMMAC_DEBUG_FS=y +CONFIG_STMMAC_DA=y +CONFIG_STMMAC_RING=y +# CONFIG_STMMAC_CHAINED is not set +CONFIG_NET_VENDOR_SUN=y +CONFIG_HAPPYMEAL=m +CONFIG_SUNGEM=m +CONFIG_CASSINI=m +CONFIG_NIU=m +CONFIG_NET_VENDOR_TEHUTI=y +CONFIG_TEHUTI=m +CONFIG_NET_VENDOR_TI=y +CONFIG_TLAN=m +CONFIG_NET_VENDOR_VIA=y +CONFIG_VIA_RHINE=m +# CONFIG_VIA_RHINE_MMIO is not set +CONFIG_VIA_VELOCITY=m +# CONFIG_FDDI is not set +# CONFIG_HIPPI is not set +# CONFIG_NET_SB1000 is not set +CONFIG_PHYLIB=y + +# +# MII PHY device drivers +# +# CONFIG_MARVELL_PHY is not set +# CONFIG_DAVICOM_PHY is not set +# CONFIG_QSEMI_PHY is not set +# CONFIG_LXT_PHY is not set +# CONFIG_CICADA_PHY is not set +# CONFIG_VITESSE_PHY is not set +CONFIG_SMSC_PHY=m +# CONFIG_BROADCOM_PHY is not set +# CONFIG_ICPLUS_PHY is not set +# CONFIG_REALTEK_PHY is not set +# CONFIG_NATIONAL_PHY is not set +# CONFIG_STE10XP is not set +# CONFIG_LSI_ET1011C_PHY is not set +# CONFIG_MICREL_PHY is not set +# CONFIG_FIXED_PHY is not set +# CONFIG_MDIO_BITBANG is not set +# CONFIG_PPP is not set +# CONFIG_SLIP is not set +# CONFIG_TR is not set +# CONFIG_WLAN is not set + +# +# Enable WiMAX (Networking options) to see the WiMAX drivers +# +# CONFIG_WAN is not set +# CONFIG_VMXNET3 is not set +# CONFIG_ISDN is not set +# CONFIG_PHONE is not set + +# +# Input device support +# +CONFIG_INPUT=y +CONFIG_INPUT_FF_MEMLESS=y +CONFIG_INPUT_POLLDEV=y +# CONFIG_INPUT_SPARSEKMAP is not set + +# +# Userland interfaces +# +CONFIG_INPUT_MOUSEDEV=y +# CONFIG_INPUT_MOUSEDEV_PSAUX is not set +CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 +CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 +# CONFIG_INPUT_JOYDEV is not set +CONFIG_INPUT_EVDEV=y +# CONFIG_INPUT_EVBUG is not set + +# +# Input Device Drivers +# +CONFIG_INPUT_KEYBOARD=y +# CONFIG_KEYBOARD_ADP5588 is not set +# CONFIG_KEYBOARD_ADP5589 is not set +CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT1070 is not set +# CONFIG_KEYBOARD_QT2160 is not set +# CONFIG_KEYBOARD_LKKBD is not set +# CONFIG_KEYBOARD_TCA6416 is not set +# CONFIG_KEYBOARD_TCA8418 is not set +# CONFIG_KEYBOARD_LM8323 is not set +# CONFIG_KEYBOARD_MAX7359 is not set +# CONFIG_KEYBOARD_MCS is not set +# CONFIG_KEYBOARD_MPR121 is not set +# CONFIG_KEYBOARD_NEWTON is not set +# CONFIG_KEYBOARD_OPENCORES is not set +# CONFIG_KEYBOARD_STOWAWAY is not set +# CONFIG_KEYBOARD_SUNKBD is not set +# CONFIG_KEYBOARD_XTKBD is not set +# CONFIG_INPUT_MOUSE is not set +# CONFIG_INPUT_JOYSTICK is not set +# CONFIG_INPUT_TABLET is not set +# CONFIG_INPUT_TOUCHSCREEN is not set +# CONFIG_INPUT_MISC is not set + +# +# Hardware I/O ports +# +CONFIG_SERIO=y +CONFIG_SERIO_I8042=y +CONFIG_SERIO_SERPORT=y +# CONFIG_SERIO_CT82C710 is not set +# CONFIG_SERIO_PCIPS2 is not set +CONFIG_SERIO_LIBPS2=y +# CONFIG_SERIO_RAW is not set +# CONFIG_SERIO_ALTERA_PS2 is not set +# CONFIG_SERIO_PS2MULT is not set +# CONFIG_GAMEPORT is not set + +# +# Character devices +# +CONFIG_VT=y +CONFIG_CONSOLE_TRANSLATIONS=y +CONFIG_VT_CONSOLE=y +CONFIG_VT_CONSOLE_SLEEP=y +CONFIG_HW_CONSOLE=y +CONFIG_VT_HW_CONSOLE_BINDING=y +CONFIG_UNIX98_PTYS=y +# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set +# CONFIG_LEGACY_PTYS is not set +CONFIG_SERIAL_NONSTANDARD=y +# CONFIG_ROCKETPORT is not set +# CONFIG_CYCLADES is not set +# CONFIG_MOXA_INTELLIO is not set +# CONFIG_MOXA_SMARTIO is not set +# CONFIG_SYNCLINK is not set +# CONFIG_SYNCLINKMP is not set +# CONFIG_SYNCLINK_GT is not set +# CONFIG_NOZOMI is not set +# CONFIG_ISI is not set +# CONFIG_N_HDLC is not set +# CONFIG_N_GSM is not set +# CONFIG_TRACE_SINK is not set + +# +# KCopy +# +CONFIG_KCOPY=m +CONFIG_DEVKMEM=y +# CONFIG_STALDRV is not set + +# +# Serial drivers +# +CONFIG_SERIAL_8250=y +CONFIG_SERIAL_8250_CONSOLE=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_SERIAL_8250_PCI=y +CONFIG_SERIAL_8250_PNP=y +CONFIG_SERIAL_8250_NR_UARTS=32 +CONFIG_SERIAL_8250_RUNTIME_UARTS=4 +CONFIG_SERIAL_8250_EXTENDED=y +CONFIG_SERIAL_8250_MANY_PORTS=y +CONFIG_SERIAL_8250_SHARE_IRQ=y +CONFIG_SERIAL_8250_DETECT_IRQ=y +CONFIG_SERIAL_8250_RSA=y + +# +# Non-8250 serial port support +# +# CONFIG_SERIAL_MFD_HSU is not set +CONFIG_SERIAL_CORE=y +CONFIG_SERIAL_CORE_CONSOLE=y +# CONFIG_SERIAL_JSM is not set +# CONFIG_SERIAL_TIMBERDALE is not set +# CONFIG_SERIAL_ALTERA_JTAGUART is not set +# CONFIG_SERIAL_ALTERA_UART is not set +# CONFIG_SERIAL_PCH_UART is not set +# CONFIG_SERIAL_XILINX_PS_UART is not set +CONFIG_HVC_DRIVER=y +CONFIG_VIRTIO_CONSOLE=m +CONFIG_IPMI_HANDLER=m +# CONFIG_IPMI_PANIC_EVENT is not set +CONFIG_IPMI_DEVICE_INTERFACE=m +CONFIG_IPMI_SI=m +CONFIG_IPMI_WATCHDOG=m +CONFIG_IPMI_POWEROFF=m +CONFIG_HW_RANDOM=m +CONFIG_HW_RANDOM_TIMERIOMEM=m +CONFIG_HW_RANDOM_INTEL=m +CONFIG_HW_RANDOM_AMD=m +CONFIG_HW_RANDOM_VIA=m +CONFIG_HW_RANDOM_VIRTIO=m +CONFIG_NVRAM=y +# CONFIG_R3964 is not set +# CONFIG_APPLICOM is not set +# CONFIG_MWAVE is not set +# CONFIG_RAW_DRIVER is not set +CONFIG_HPET=y +# CONFIG_HPET_MMAP is not set +# CONFIG_HANGCHECK_TIMER is not set +# CONFIG_TCG_TPM is not set +# CONFIG_TELCLOCK is not set +CONFIG_DEVPORT=y +# CONFIG_RAMOOPS is not set +CONFIG_I2C=y +CONFIG_I2C_BOARDINFO=y +CONFIG_I2C_COMPAT=y +CONFIG_I2C_CHARDEV=m +CONFIG_I2C_MUX=m + +# +# Multiplexer I2C Chip support +# +# CONFIG_I2C_MUX_PCA9541 is not set +CONFIG_I2C_MUX_PCA954x=m +CONFIG_I2C_HELPER_AUTO=y +CONFIG_I2C_SMBUS=m +CONFIG_I2C_ALGOBIT=m +CONFIG_I2C_ALGOPCA=m + +# +# I2C Hardware Bus support +# + +# +# PC SMBus host controller drivers +# +CONFIG_I2C_ALI1535=m +CONFIG_I2C_ALI1563=m +CONFIG_I2C_ALI15X3=m +CONFIG_I2C_AMD756=m +CONFIG_I2C_AMD756_S4882=m +CONFIG_I2C_AMD8111=m +CONFIG_I2C_I801=m +CONFIG_I2C_ISCH=m +CONFIG_I2C_PIIX4=m +CONFIG_I2C_NFORCE2=m +CONFIG_I2C_NFORCE2_S4985=m +CONFIG_I2C_SIS5595=m +CONFIG_I2C_SIS630=m +CONFIG_I2C_SIS96X=m +CONFIG_I2C_VIA=m +CONFIG_I2C_VIAPRO=m + +# +# ACPI drivers +# +CONFIG_I2C_SCMI=m + +# +# I2C system bus drivers (mostly embedded / system-on-chip) +# +CONFIG_I2C_DESIGNWARE_PCI=m +CONFIG_I2C_INTEL_MID=m +CONFIG_I2C_OCORES=m +CONFIG_I2C_PCA_PLATFORM=m +# CONFIG_I2C_PXA_PCI is not set +CONFIG_I2C_SIMTEC=m +# CONFIG_I2C_XILINX is not set +CONFIG_I2C_EG20T=m + +# +# External I2C/SMBus adapter drivers +# +CONFIG_I2C_PARPORT_LIGHT=m +CONFIG_I2C_TAOS_EVM=m + +# +# Other I2C/SMBus bus drivers +# +CONFIG_I2C_STUB=m +# CONFIG_I2C_DEBUG_CORE is not set +# CONFIG_I2C_DEBUG_ALGO is not set +# CONFIG_I2C_DEBUG_BUS is not set +# CONFIG_SPI is not set + +# +# PPS support +# +# CONFIG_PPS is not set + +# +# PPS generators support +# + +# +# PTP clock support +# + +# +# Enable Device Drivers -> PPS to see the PTP clock options. +# +CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y +# CONFIG_GPIOLIB is not set +# CONFIG_W1 is not set +CONFIG_POWER_SUPPLY=y +# CONFIG_POWER_SUPPLY_DEBUG is not set +# CONFIG_PDA_POWER is not set +CONFIG_TEST_POWER=m +# CONFIG_BATTERY_DS2780 is not set +# CONFIG_BATTERY_DS2782 is not set +# CONFIG_BATTERY_SBS is not set +# CONFIG_BATTERY_BQ27x00 is not set +# CONFIG_BATTERY_MAX17040 is not set +# CONFIG_BATTERY_MAX17042 is not set +# CONFIG_CHARGER_MAX8903 is not set +# CONFIG_CHARGER_LP8727 is not set +CONFIG_HWMON=y +CONFIG_HWMON_VID=m +# CONFIG_HWMON_DEBUG_CHIP is not set + +# +# Native drivers +# +CONFIG_SENSORS_ABITUGURU=m +CONFIG_SENSORS_ABITUGURU3=m +CONFIG_SENSORS_AD7414=m +CONFIG_SENSORS_AD7418=m +CONFIG_SENSORS_ADM1021=m +CONFIG_SENSORS_ADM1025=m +CONFIG_SENSORS_ADM1026=m +CONFIG_SENSORS_ADM1029=m +CONFIG_SENSORS_ADM1031=m +CONFIG_SENSORS_ADM9240=m +CONFIG_SENSORS_ADT7411=m +CONFIG_SENSORS_ADT7462=m +CONFIG_SENSORS_ADT7470=m +CONFIG_SENSORS_ADT7475=m +CONFIG_SENSORS_ASC7621=m +CONFIG_SENSORS_K8TEMP=m +CONFIG_SENSORS_K10TEMP=m +CONFIG_SENSORS_FAM15H_POWER=m +CONFIG_SENSORS_ASB100=m +CONFIG_SENSORS_ATXP1=m +CONFIG_SENSORS_DS620=m +CONFIG_SENSORS_DS1621=m +CONFIG_SENSORS_I5K_AMB=m +CONFIG_SENSORS_F71805F=m +CONFIG_SENSORS_F71882FG=m +CONFIG_SENSORS_F75375S=m +CONFIG_SENSORS_FSCHMD=m +CONFIG_SENSORS_G760A=m +CONFIG_SENSORS_GL518SM=m +CONFIG_SENSORS_GL520SM=m +CONFIG_SENSORS_CORETEMP=m +CONFIG_SENSORS_IBMAEM=m +CONFIG_SENSORS_IBMPEX=m +CONFIG_SENSORS_IT87=m +CONFIG_SENSORS_JC42=m +CONFIG_SENSORS_LINEAGE=m +CONFIG_SENSORS_LM63=m +CONFIG_SENSORS_LM73=m +CONFIG_SENSORS_LM75=m +CONFIG_SENSORS_LM77=m +CONFIG_SENSORS_LM78=m +CONFIG_SENSORS_LM80=m +CONFIG_SENSORS_LM83=m +CONFIG_SENSORS_LM85=m +CONFIG_SENSORS_LM87=m +CONFIG_SENSORS_LM90=m +CONFIG_SENSORS_LM92=m +CONFIG_SENSORS_LM93=m +CONFIG_SENSORS_LTC4151=m +CONFIG_SENSORS_LTC4215=m +CONFIG_SENSORS_LTC4245=m +CONFIG_SENSORS_LTC4261=m +CONFIG_SENSORS_LM95241=m +CONFIG_SENSORS_LM95245=m +CONFIG_SENSORS_MAX16065=m +CONFIG_SENSORS_MAX1619=m +CONFIG_SENSORS_MAX1668=m +CONFIG_SENSORS_MAX6639=m +CONFIG_SENSORS_MAX6642=m +CONFIG_SENSORS_MAX6650=m +CONFIG_SENSORS_NTC_THERMISTOR=m +CONFIG_SENSORS_PC87360=m +CONFIG_SENSORS_PC87427=m +CONFIG_SENSORS_PCF8591=m +CONFIG_PMBUS=m +CONFIG_SENSORS_PMBUS=m +CONFIG_SENSORS_ADM1275=m +CONFIG_SENSORS_LM25066=m +CONFIG_SENSORS_LTC2978=m +CONFIG_SENSORS_MAX16064=m +CONFIG_SENSORS_MAX34440=m +CONFIG_SENSORS_MAX8688=m +CONFIG_SENSORS_UCD9000=m +CONFIG_SENSORS_UCD9200=m +CONFIG_SENSORS_ZL6100=m +CONFIG_SENSORS_SHT21=m +CONFIG_SENSORS_SIS5595=m +CONFIG_SENSORS_SMM665=m +CONFIG_SENSORS_DME1737=m +CONFIG_SENSORS_EMC1403=m +CONFIG_SENSORS_EMC2103=m +CONFIG_SENSORS_EMC6W201=m +CONFIG_SENSORS_SMSC47M1=m +CONFIG_SENSORS_SMSC47M192=m +CONFIG_SENSORS_SMSC47B397=m +CONFIG_SENSORS_SCH56XX_COMMON=m +CONFIG_SENSORS_SCH5627=m +CONFIG_SENSORS_SCH5636=m +CONFIG_SENSORS_ADS1015=m +CONFIG_SENSORS_ADS7828=m +CONFIG_SENSORS_AMC6821=m +CONFIG_SENSORS_THMC50=m +CONFIG_SENSORS_TMP102=m +CONFIG_SENSORS_TMP401=m +CONFIG_SENSORS_TMP421=m +CONFIG_SENSORS_VIA_CPUTEMP=m +CONFIG_SENSORS_VIA686A=m +CONFIG_SENSORS_VT1211=m +CONFIG_SENSORS_VT8231=m +CONFIG_SENSORS_W83781D=m +CONFIG_SENSORS_W83791D=m +CONFIG_SENSORS_W83792D=m +CONFIG_SENSORS_W83793=m +CONFIG_SENSORS_W83795=m +CONFIG_SENSORS_W83795_FANCTRL=y +CONFIG_SENSORS_W83L785TS=m +CONFIG_SENSORS_W83L786NG=m +CONFIG_SENSORS_W83627HF=m +CONFIG_SENSORS_W83627EHF=m +CONFIG_SENSORS_APPLESMC=m + +# +# ACPI drivers +# +CONFIG_SENSORS_ACPI_POWER=m +CONFIG_SENSORS_ATK0110=m +CONFIG_THERMAL=y +CONFIG_THERMAL_HWMON=y +CONFIG_WATCHDOG=y +CONFIG_WATCHDOG_CORE=y +# CONFIG_WATCHDOG_NOWAYOUT is not set + +# +# Watchdog Device Drivers +# +CONFIG_SOFT_WATCHDOG=m +CONFIG_ACQUIRE_WDT=m +CONFIG_ADVANTECH_WDT=m +CONFIG_ALIM1535_WDT=m +CONFIG_ALIM7101_WDT=m +CONFIG_F71808E_WDT=m +CONFIG_SP5100_TCO=m +CONFIG_SC520_WDT=m +CONFIG_SBC_FITPC2_WATCHDOG=m +CONFIG_EUROTECH_WDT=m +CONFIG_IB700_WDT=m +CONFIG_IBMASR=m +CONFIG_WAFER_WDT=m +CONFIG_I6300ESB_WDT=m +CONFIG_ITCO_WDT=m +# CONFIG_ITCO_VENDOR_SUPPORT is not set +CONFIG_IT8712F_WDT=m +CONFIG_IT87_WDT=m +CONFIG_HP_WATCHDOG=m +# CONFIG_HPWDT_NMI_DECODING is not set +CONFIG_SC1200_WDT=m +CONFIG_PC87413_WDT=m +CONFIG_NV_TCO=m +CONFIG_60XX_WDT=m +CONFIG_SBC8360_WDT=m +CONFIG_CPU5_WDT=m +CONFIG_SMSC_SCH311X_WDT=m +CONFIG_SMSC37B787_WDT=m +CONFIG_VIA_WDT=m +CONFIG_W83627HF_WDT=m +CONFIG_W83697HF_WDT=m +CONFIG_W83697UG_WDT=m +CONFIG_W83877F_WDT=m +CONFIG_W83977F_WDT=m +CONFIG_MACHZ_WDT=m +CONFIG_SBC_EPX_C3_WATCHDOG=m + +# +# PCI-based Watchdog Cards +# +CONFIG_PCIPCWATCHDOG=m +CONFIG_WDTPCI=m +CONFIG_SSB_POSSIBLE=y + +# +# Sonics Silicon Backplane +# +CONFIG_SSB=m +CONFIG_SSB_SPROM=y +CONFIG_SSB_PCIHOST_POSSIBLE=y +CONFIG_SSB_PCIHOST=y +# CONFIG_SSB_B43_PCI_BRIDGE is not set +# CONFIG_SSB_DEBUG is not set +CONFIG_SSB_DRIVER_PCICORE_POSSIBLE=y +CONFIG_SSB_DRIVER_PCICORE=y +CONFIG_BCMA_POSSIBLE=y + +# +# Broadcom specific AMBA +# +CONFIG_BCMA=m +CONFIG_BCMA_HOST_PCI_POSSIBLE=y +CONFIG_BCMA_HOST_PCI=y +# CONFIG_BCMA_DEBUG is not set + +# +# Multifunction device drivers +# +CONFIG_MFD_CORE=m +# CONFIG_MFD_88PM860X is not set +# CONFIG_MFD_SM501 is not set +# CONFIG_HTC_PASIC3 is not set +# CONFIG_TPS6105X is not set +# CONFIG_TPS6507X is not set +# CONFIG_TWL4030_CORE is not set +# CONFIG_MFD_STMPE is not set +# CONFIG_MFD_TC3589X is not set +# CONFIG_MFD_TMIO is not set +# CONFIG_PMIC_DA903X is not set +# CONFIG_MFD_DA9052_I2C is not set +# CONFIG_PMIC_ADP5520 is not set +# CONFIG_MFD_MAX8925 is not set +# CONFIG_MFD_MAX8997 is not set +# CONFIG_MFD_MAX8998 is not set +# CONFIG_MFD_S5M_CORE is not set +# CONFIG_MFD_WM8400 is not set +# CONFIG_MFD_WM831X_I2C is not set +# CONFIG_MFD_WM8350_I2C is not set +# CONFIG_MFD_WM8994 is not set +# CONFIG_MFD_PCF50633 is not set +# CONFIG_ABX500_CORE is not set +# CONFIG_MFD_CS5535 is not set +CONFIG_LPC_SCH=m +CONFIG_MFD_RDC321X=m +CONFIG_MFD_JANZ_CMODIO=m +CONFIG_MFD_VX855=m +# CONFIG_MFD_WL1273_CORE is not set +# CONFIG_REGULATOR is not set +# CONFIG_MEDIA_SUPPORT is not set + +# +# Graphics support +# +# CONFIG_AGP is not set +CONFIG_VGA_ARB=y +CONFIG_VGA_ARB_MAX_GPUS=16 +# CONFIG_VGA_SWITCHEROO is not set +# CONFIG_DRM is not set +CONFIG_STUB_POULSBO=m +# CONFIG_VGASTATE is not set +CONFIG_VIDEO_OUTPUT_CONTROL=m +CONFIG_FB=m +# CONFIG_FIRMWARE_EDID is not set +# CONFIG_FB_DDC is not set +# CONFIG_FB_BOOT_VESA_SUPPORT is not set +# CONFIG_FB_CFB_FILLRECT is not set +# CONFIG_FB_CFB_COPYAREA is not set +# CONFIG_FB_CFB_IMAGEBLIT is not set +# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set +# CONFIG_FB_SYS_FILLRECT is not set +# CONFIG_FB_SYS_COPYAREA is not set +# CONFIG_FB_SYS_IMAGEBLIT is not set +# CONFIG_FB_FOREIGN_ENDIAN is not set +# CONFIG_FB_SYS_FOPS is not set +# CONFIG_FB_WMT_GE_ROPS is not set +# CONFIG_FB_SVGALIB is not set +# CONFIG_FB_MACMODES is not set +# CONFIG_FB_BACKLIGHT is not set +CONFIG_FB_MODE_HELPERS=y +CONFIG_FB_TILEBLITTING=y + +# +# Frame buffer hardware drivers +# +# CONFIG_FB_CIRRUS is not set +# CONFIG_FB_PM2 is not set +# CONFIG_FB_CYBER2000 is not set +# CONFIG_FB_ARC is not set +# CONFIG_FB_VGA16 is not set +# CONFIG_FB_UVESA is not set +# CONFIG_FB_N411 is not set +# CONFIG_FB_HGA is not set +# CONFIG_FB_S1D13XXX is not set +# CONFIG_FB_NVIDIA is not set +# CONFIG_FB_RIVA is not set +# CONFIG_FB_LE80578 is not set +# CONFIG_FB_MATROX is not set +# CONFIG_FB_RADEON is not set +# CONFIG_FB_ATY128 is not set +# CONFIG_FB_ATY is not set +# CONFIG_FB_S3 is not set +# CONFIG_FB_SAVAGE is not set +# CONFIG_FB_SIS is not set +# CONFIG_FB_VIA is not set +# CONFIG_FB_NEOMAGIC is not set +# CONFIG_FB_KYRO is not set +# CONFIG_FB_3DFX is not set +# CONFIG_FB_VOODOO1 is not set +# CONFIG_FB_VT8623 is not set +# CONFIG_FB_TRIDENT is not set +# CONFIG_FB_ARK is not set +# CONFIG_FB_PM3 is not set +# CONFIG_FB_CARMINE is not set +# CONFIG_FB_GEODE is not set +# CONFIG_FB_TMIO is not set +# CONFIG_FB_VIRTUAL is not set +# CONFIG_FB_METRONOME is not set +# CONFIG_FB_MB862XX is not set +# CONFIG_FB_BROADSHEET is not set +# CONFIG_BACKLIGHT_LCD_SUPPORT is not set +CONFIG_BACKLIGHT_CLASS_DEVICE=m + +# +# Console display driver support +# +CONFIG_VGA_CONSOLE=y +CONFIG_VGACON_SOFT_SCROLLBACK=y +CONFIG_VGACON_SOFT_SCROLLBACK_SIZE=64 +CONFIG_DUMMY_CONSOLE=y +# CONFIG_FRAMEBUFFER_CONSOLE is not set +# CONFIG_LOGO is not set +# CONFIG_SOUND is not set +# CONFIG_HID_SUPPORT is not set +# CONFIG_USB_SUPPORT is not set +# CONFIG_UWB is not set +# CONFIG_MMC is not set +# CONFIG_MEMSTICK is not set +CONFIG_NEW_LEDS=y +CONFIG_LEDS_CLASS=y + +# +# LED drivers +# +# CONFIG_LEDS_LM3530 is not set +# CONFIG_LEDS_PCA9532 is not set +# CONFIG_LEDS_LP3944 is not set +# CONFIG_LEDS_LP5521 is not set +# CONFIG_LEDS_LP5523 is not set +# CONFIG_LEDS_CLEVO_MAIL is not set +# CONFIG_LEDS_PCA955X is not set +# CONFIG_LEDS_BD2802 is not set +# CONFIG_LEDS_INTEL_SS4200 is not set +# CONFIG_LEDS_TCA6507 is not set +# CONFIG_LEDS_OT200 is not set +CONFIG_LEDS_TRIGGERS=y + +# +# LED Triggers +# +# CONFIG_LEDS_TRIGGER_TIMER is not set +# CONFIG_LEDS_TRIGGER_HEARTBEAT is not set +# CONFIG_LEDS_TRIGGER_BACKLIGHT is not set +# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set + +# +# iptables trigger is under Netfilter config (LED target) +# +# CONFIG_ACCESSIBILITY is not set +# CONFIG_INFINIBAND is not set +CONFIG_EDAC=y + +# +# Reporting subsystems +# +# CONFIG_EDAC_DEBUG is not set +CONFIG_EDAC_DECODE_MCE=y +CONFIG_EDAC_MCE_INJ=m +# CONFIG_EDAC_MM_EDAC is not set +CONFIG_RTC_LIB=y +CONFIG_RTC_CLASS=y +CONFIG_RTC_HCTOSYS=y +CONFIG_RTC_HCTOSYS_DEVICE="rtc0" +# CONFIG_RTC_DEBUG is not set + +# +# RTC interfaces +# +CONFIG_RTC_INTF_SYSFS=y +CONFIG_RTC_INTF_PROC=y +CONFIG_RTC_INTF_DEV=y +# CONFIG_RTC_INTF_DEV_UIE_EMUL is not set +CONFIG_RTC_DRV_TEST=m + +# +# I2C RTC drivers +# +CONFIG_RTC_DRV_DS1307=m +CONFIG_RTC_DRV_DS1374=m +CONFIG_RTC_DRV_DS1672=m +CONFIG_RTC_DRV_DS3232=m +CONFIG_RTC_DRV_MAX6900=m +CONFIG_RTC_DRV_RS5C372=m +CONFIG_RTC_DRV_ISL1208=m +CONFIG_RTC_DRV_ISL12022=m +CONFIG_RTC_DRV_X1205=m +CONFIG_RTC_DRV_PCF8563=m +CONFIG_RTC_DRV_PCF8583=m +CONFIG_RTC_DRV_M41T80=m +# CONFIG_RTC_DRV_M41T80_WDT is not set +CONFIG_RTC_DRV_BQ32K=m +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_FM3130=m +CONFIG_RTC_DRV_RX8581=m +CONFIG_RTC_DRV_RX8025=m +CONFIG_RTC_DRV_EM3027=m +CONFIG_RTC_DRV_RV3029C2=m + +# +# SPI RTC drivers +# + +# +# Platform RTC drivers +# +CONFIG_RTC_DRV_CMOS=m +CONFIG_RTC_DRV_DS1286=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_RTC_DRV_DS1553=m +CONFIG_RTC_DRV_DS1742=m +CONFIG_RTC_DRV_STK17TA8=m +CONFIG_RTC_DRV_M48T86=m +CONFIG_RTC_DRV_M48T35=m +CONFIG_RTC_DRV_M48T59=m +CONFIG_RTC_DRV_MSM6242=m +CONFIG_RTC_DRV_BQ4802=m +CONFIG_RTC_DRV_RP5C01=m +CONFIG_RTC_DRV_V3020=m + +# +# on-CPU RTC drivers +# +CONFIG_DMADEVICES=y +# CONFIG_DMADEVICES_DEBUG is not set + +# +# DMA Devices +# +CONFIG_INTEL_MID_DMAC=m +# CONFIG_INTEL_IOATDMA is not set +CONFIG_TIMB_DMA=m +CONFIG_PCH_DMA=m +CONFIG_DMA_ENGINE=y + +# +# DMA Clients +# +# CONFIG_NET_DMA is not set +# CONFIG_ASYNC_TX_DMA is not set +CONFIG_DMATEST=m +# CONFIG_AUXDISPLAY is not set +CONFIG_UIO=m +CONFIG_UIO_CIF=m +CONFIG_UIO_PDRV=m +CONFIG_UIO_PDRV_GENIRQ=m +CONFIG_UIO_AEC=m +CONFIG_UIO_SERCOS3=m +CONFIG_UIO_PCI_GENERIC=m +CONFIG_UIO_NETX=m +CONFIG_VIRTIO=m +CONFIG_VIRTIO_RING=m + +# +# Virtio drivers +# +CONFIG_VIRTIO_PCI=m +CONFIG_VIRTIO_BALLOON=m +CONFIG_VIRTIO_MMIO=m + +# +# Microsoft Hyper-V guest support +# +# CONFIG_HYPERV is not set +CONFIG_STAGING=y +# CONFIG_ET131X is not set +# CONFIG_SLICOSS is not set +# CONFIG_ECHO is not set +# CONFIG_COMEDI is not set +# CONFIG_RTS_PSTOR is not set +# CONFIG_IDE_PHISON is not set +# CONFIG_VME_BUS is not set +# CONFIG_DX_SEP is not set +# CONFIG_IIO is not set +CONFIG_XVMALLOC=y +CONFIG_ZRAM=m +# CONFIG_ZRAM_DEBUG is not set +CONFIG_ZCACHE=m +# CONFIG_FB_SM7XX is not set +# CONFIG_CRYSTALHD is not set +# CONFIG_FB_XGI is not set +# CONFIG_ACPI_QUICKSTART is not set +# CONFIG_FT1000 is not set + +# +# Speakup console speech +# +# CONFIG_SPEAKUP is not set +# CONFIG_TOUCHSCREEN_SYNAPTICS_I2C_RMI4 is not set +CONFIG_INTEL_MEI=m +# CONFIG_STAGING_MEDIA is not set + +# +# Android +# +# CONFIG_ANDROID is not set +CONFIG_X86_PLATFORM_DEVICES=y +# CONFIG_ACERHDF is not set +# CONFIG_ASUS_LAPTOP is not set +# CONFIG_FUJITSU_LAPTOP is not set +# CONFIG_FUJITSU_TABLET is not set +# CONFIG_AMILO_RFKILL is not set +# CONFIG_HP_ACCEL is not set +# CONFIG_MSI_LAPTOP is not set +# CONFIG_PANASONIC_LAPTOP is not set +# CONFIG_COMPAL_LAPTOP is not set +# CONFIG_SONY_LAPTOP is not set +# CONFIG_IDEAPAD_LAPTOP is not set +# CONFIG_THINKPAD_ACPI is not set +CONFIG_SENSORS_HDAPS=m +# CONFIG_INTEL_MENLOW is not set +# CONFIG_ACPI_WMI is not set +# CONFIG_ACPI_ASUS is not set +# CONFIG_TOPSTAR_LAPTOP is not set +# CONFIG_ACPI_TOSHIBA is not set +# CONFIG_TOSHIBA_BT_RFKILL is not set +# CONFIG_ACPI_CMPC is not set +# CONFIG_INTEL_IPS is not set +# CONFIG_IBM_RTL is not set +# CONFIG_XO15_EBOOK is not set +# CONFIG_SAMSUNG_LAPTOP is not set +# CONFIG_INTEL_OAKTRAIL is not set +# CONFIG_SAMSUNG_Q10 is not set + +# +# Hardware Spinlock drivers +# +CONFIG_CLKEVT_I8253=y +CONFIG_I8253_LOCK=y +CONFIG_CLKBLD_I8253=y +CONFIG_IOMMU_API=y +CONFIG_IOMMU_SUPPORT=y +CONFIG_AMD_IOMMU=y +CONFIG_AMD_IOMMU_STATS=y +CONFIG_AMD_IOMMU_V2=m +CONFIG_DMAR_TABLE=y +CONFIG_INTEL_IOMMU=y +CONFIG_INTEL_IOMMU_DEFAULT_ON=y +CONFIG_INTEL_IOMMU_FLOPPY_WA=y +CONFIG_IRQ_REMAP=y +# CONFIG_VIRT_DRIVERS is not set +# CONFIG_PM_DEVFREQ is not set + +# +# Firmware Drivers +# +# CONFIG_EDD is not set +CONFIG_FIRMWARE_MEMMAP=y +CONFIG_EFI_VARS=y +# CONFIG_DELL_RBU is not set +# CONFIG_DCDBAS is not set +CONFIG_DMIID=y +CONFIG_DMI_SYSFS=m +# CONFIG_ISCSI_IBFT_FIND is not set +# CONFIG_GOOGLE_FIRMWARE is not set + +# +# File systems +# +CONFIG_EXT2_FS=m +CONFIG_EXT2_FS_XATTR=y +CONFIG_EXT2_FS_POSIX_ACL=y +CONFIG_EXT2_FS_SECURITY=y +# CONFIG_EXT2_FS_XIP is not set +CONFIG_EXT3_FS=y +# CONFIG_EXT3_DEFAULTS_TO_ORDERED is not set +CONFIG_EXT3_FS_XATTR=y +CONFIG_EXT3_FS_POSIX_ACL=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS=y +CONFIG_EXT4_FS_XATTR=y +CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_EXT4_FS_SECURITY=y +# CONFIG_EXT4_DEBUG is not set +CONFIG_JBD=y +CONFIG_JBD_DEBUG=y +CONFIG_JBD2=y +CONFIG_JBD2_DEBUG=y +CONFIG_FS_MBCACHE=y +CONFIG_REISERFS_FS=m +# CONFIG_REISERFS_CHECK is not set +CONFIG_REISERFS_PROC_INFO=y +CONFIG_REISERFS_FS_XATTR=y +CONFIG_REISERFS_FS_POSIX_ACL=y +CONFIG_REISERFS_FS_SECURITY=y +CONFIG_JFS_FS=m +CONFIG_JFS_POSIX_ACL=y +CONFIG_JFS_SECURITY=y +# CONFIG_JFS_DEBUG is not set +CONFIG_JFS_STATISTICS=y +CONFIG_XFS_FS=m +CONFIG_XFS_QUOTA=y +CONFIG_XFS_POSIX_ACL=y +CONFIG_XFS_RT=y +# CONFIG_XFS_DEBUG is not set +CONFIG_GFS2_FS=m +CONFIG_GFS2_FS_LOCKING_DLM=y +CONFIG_OCFS2_FS=m +CONFIG_OCFS2_FS_O2CB=m +CONFIG_OCFS2_FS_USERSPACE_CLUSTER=m +CONFIG_OCFS2_FS_STATS=y +CONFIG_OCFS2_DEBUG_MASKLOG=y +# CONFIG_OCFS2_DEBUG_FS is not set +CONFIG_BTRFS_FS=m +CONFIG_BTRFS_FS_POSIX_ACL=y +# CONFIG_BTRFS_FS_CHECK_INTEGRITY is not set +CONFIG_NILFS2_FS=m +CONFIG_FS_POSIX_ACL=y +CONFIG_EXPORTFS=y +CONFIG_FILE_LOCKING=y +CONFIG_FSNOTIFY=y +CONFIG_DNOTIFY=y +CONFIG_INOTIFY_USER=y +CONFIG_FANOTIFY=y +CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y +CONFIG_QUOTA=y +CONFIG_QUOTA_NETLINK_INTERFACE=y +# CONFIG_PRINT_QUOTA_WARNING is not set +CONFIG_QUOTA_DEBUG=y +CONFIG_QUOTA_TREE=m +# CONFIG_QFMT_V1 is not set +CONFIG_QFMT_V2=m +CONFIG_QUOTACTL=y +CONFIG_QUOTACTL_COMPAT=y +CONFIG_AUTOFS4_FS=m +CONFIG_FUSE_FS=m +CONFIG_CUSE=m +CONFIG_GENERIC_ACL=y + +# +# Caches +# +CONFIG_FSCACHE=m +CONFIG_FSCACHE_STATS=y +CONFIG_FSCACHE_HISTOGRAM=y +# CONFIG_FSCACHE_DEBUG is not set +CONFIG_FSCACHE_OBJECT_LIST=y +CONFIG_CACHEFILES=m +# CONFIG_CACHEFILES_DEBUG is not set +# CONFIG_CACHEFILES_HISTOGRAM is not set + +# +# CD-ROM/DVD Filesystems +# +CONFIG_ISO9660_FS=m +CONFIG_JOLIET=y +CONFIG_ZISOFS=y +CONFIG_UDF_FS=m +CONFIG_UDF_NLS=y + +# +# DOS/FAT/NT Filesystems +# +CONFIG_FAT_FS=m +CONFIG_MSDOS_FS=m +CONFIG_VFAT_FS=m +CONFIG_FAT_DEFAULT_CODEPAGE=437 +CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" +CONFIG_NTFS_FS=m +# CONFIG_NTFS_DEBUG is not set +CONFIG_NTFS_RW=y + +# +# Pseudo filesystems +# +CONFIG_PROC_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_VMCORE=y +CONFIG_PROC_SYSCTL=y +CONFIG_PROC_PAGE_MONITOR=y +CONFIG_SYSFS=y +CONFIG_TMPFS=y +CONFIG_TMPFS_POSIX_ACL=y +CONFIG_TMPFS_XATTR=y +CONFIG_HUGETLBFS=y +CONFIG_HUGETLB_PAGE=y +CONFIG_CONFIGFS_FS=m +CONFIG_MISC_FILESYSTEMS=y +CONFIG_ADFS_FS=m +# CONFIG_ADFS_FS_RW is not set +# CONFIG_AFFS_FS is not set +CONFIG_ECRYPT_FS=m +# CONFIG_HFS_FS is not set +# CONFIG_HFSPLUS_FS is not set +# CONFIG_BEFS_FS is not set +# CONFIG_BFS_FS is not set +# CONFIG_EFS_FS is not set +# CONFIG_LOGFS is not set +CONFIG_CRAMFS=m +CONFIG_SQUASHFS=m +CONFIG_SQUASHFS_XATTR=y +CONFIG_SQUASHFS_ZLIB=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_XZ=y +CONFIG_SQUASHFS_4K_DEVBLK_SIZE=y +CONFIG_SQUASHFS_EMBEDDED=y +CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 +# CONFIG_VXFS_FS is not set +# CONFIG_MINIX_FS is not set +# CONFIG_OMFS_FS is not set +# CONFIG_HPFS_FS is not set +# CONFIG_QNX4FS_FS is not set +CONFIG_ROMFS_FS=m +CONFIG_ROMFS_BACKED_BY_BLOCK=y +CONFIG_ROMFS_ON_BLOCK=y +CONFIG_PSTORE=y +# CONFIG_SYSV_FS is not set +# CONFIG_UFS_FS is not set +# CONFIG_EXOFS_FS is not set +CONFIG_ORE=m +CONFIG_NETWORK_FILESYSTEMS=y +CONFIG_NFS_FS=m +CONFIG_NFS_V3=y +CONFIG_NFS_V3_ACL=y +CONFIG_NFS_V4=y +CONFIG_NFS_V4_1=y +CONFIG_PNFS_FILE_LAYOUT=m +CONFIG_PNFS_BLOCK=m +CONFIG_PNFS_OBJLAYOUT=m +# CONFIG_NFS_FSCACHE is not set +# CONFIG_NFS_USE_LEGACY_DNS is not set +CONFIG_NFS_USE_KERNEL_DNS=y +# CONFIG_NFS_USE_NEW_IDMAPPER is not set +CONFIG_NFSD=m +CONFIG_NFSD_V2_ACL=y +CONFIG_NFSD_V3=y +CONFIG_NFSD_V3_ACL=y +CONFIG_NFSD_V4=y +# CONFIG_NFSD_FAULT_INJECTION is not set +CONFIG_LOCKD=m +CONFIG_LOCKD_V4=y +CONFIG_NFS_ACL_SUPPORT=m +CONFIG_NFS_COMMON=y +CONFIG_SUNRPC=m +CONFIG_SUNRPC_GSS=m +CONFIG_SUNRPC_BACKCHANNEL=y +CONFIG_RPCSEC_GSS_KRB5=m +CONFIG_CEPH_FS=m +CONFIG_CIFS=m +CONFIG_CIFS_STATS=y +CONFIG_CIFS_STATS2=y +# CONFIG_CIFS_WEAK_PW_HASH is not set +# CONFIG_CIFS_UPCALL is not set +CONFIG_CIFS_XATTR=y +CONFIG_CIFS_POSIX=y +# CONFIG_CIFS_DEBUG2 is not set +CONFIG_CIFS_DFS_UPCALL=y +# CONFIG_CIFS_FSCACHE is not set +CONFIG_CIFS_ACL=y +# CONFIG_NCP_FS is not set +# CONFIG_CODA_FS is not set +CONFIG_AFS_FS=m +# CONFIG_AFS_DEBUG is not set +# CONFIG_AFS_FSCACHE is not set +CONFIG_NLS=y +CONFIG_NLS_DEFAULT="utf8" +CONFIG_NLS_CODEPAGE_437=m +CONFIG_NLS_CODEPAGE_737=m +CONFIG_NLS_CODEPAGE_775=m +CONFIG_NLS_CODEPAGE_850=m +CONFIG_NLS_CODEPAGE_852=m +CONFIG_NLS_CODEPAGE_855=m +CONFIG_NLS_CODEPAGE_857=m +CONFIG_NLS_CODEPAGE_860=m +CONFIG_NLS_CODEPAGE_861=m +CONFIG_NLS_CODEPAGE_862=m +CONFIG_NLS_CODEPAGE_863=m +CONFIG_NLS_CODEPAGE_864=m +CONFIG_NLS_CODEPAGE_865=m +CONFIG_NLS_CODEPAGE_866=m +CONFIG_NLS_CODEPAGE_869=m +CONFIG_NLS_CODEPAGE_936=m +CONFIG_NLS_CODEPAGE_950=m +CONFIG_NLS_CODEPAGE_932=m +CONFIG_NLS_CODEPAGE_949=m +CONFIG_NLS_CODEPAGE_874=m +CONFIG_NLS_ISO8859_8=m +CONFIG_NLS_CODEPAGE_1250=m +CONFIG_NLS_CODEPAGE_1251=m +CONFIG_NLS_ASCII=y +CONFIG_NLS_ISO8859_1=m +CONFIG_NLS_ISO8859_2=m +CONFIG_NLS_ISO8859_3=m +CONFIG_NLS_ISO8859_4=m +CONFIG_NLS_ISO8859_5=m +CONFIG_NLS_ISO8859_6=m +CONFIG_NLS_ISO8859_7=m +CONFIG_NLS_ISO8859_9=m +CONFIG_NLS_ISO8859_13=m +CONFIG_NLS_ISO8859_14=m +CONFIG_NLS_ISO8859_15=m +CONFIG_NLS_KOI8_R=m +CONFIG_NLS_KOI8_U=m +CONFIG_NLS_UTF8=y +CONFIG_DLM=m +# CONFIG_DLM_DEBUG is not set + +# +# Kernel hacking +# +CONFIG_TRACE_IRQFLAGS_SUPPORT=y +CONFIG_PRINTK_TIME=y +CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4 +# CONFIG_ENABLE_WARN_DEPRECATED is not set +CONFIG_ENABLE_MUST_CHECK=y +CONFIG_FRAME_WARN=2048 +CONFIG_MAGIC_SYSRQ=y +# CONFIG_STRIP_ASM_SYMS is not set +# CONFIG_UNUSED_SYMBOLS is not set +CONFIG_DEBUG_FS=y +# CONFIG_HEADERS_CHECK is not set +# CONFIG_DEBUG_SECTION_MISMATCH is not set +CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_SHIRQ is not set +# CONFIG_LOCKUP_DETECTOR is not set +# CONFIG_HARDLOCKUP_DETECTOR is not set +# CONFIG_DETECT_HUNG_TASK is not set +# CONFIG_SCHED_DEBUG is not set +CONFIG_SCHEDSTATS=y +CONFIG_TIMER_STATS=y +# CONFIG_DEBUG_OBJECTS is not set +# CONFIG_SLUB_DEBUG_ON is not set +# CONFIG_SLUB_STATS is not set +# CONFIG_DEBUG_KMEMLEAK is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_RT_MUTEX_TESTER is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_SPARSE_RCU_POINTER is not set +# CONFIG_LOCK_STAT is not set +# CONFIG_DEBUG_ATOMIC_SLEEP is not set +# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set +CONFIG_STACKTRACE=y +CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_KOBJECT is not set +CONFIG_DEBUG_BUGVERBOSE=y +# CONFIG_DEBUG_INFO is not set +# CONFIG_DEBUG_VM is not set +# CONFIG_DEBUG_VIRTUAL is not set +# CONFIG_DEBUG_WRITECOUNT is not set +CONFIG_DEBUG_MEMORY_INIT=y +# CONFIG_DEBUG_LIST is not set +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_NOTIFIERS is not set +# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_ARCH_WANT_FRAME_POINTERS=y +CONFIG_FRAME_POINTER=y +# CONFIG_BOOT_PRINTK_DELAY is not set +# CONFIG_RCU_TORTURE_TEST is not set +CONFIG_RCU_CPU_STALL_TIMEOUT=60 +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# CONFIG_DEBUG_PER_CPU_MAPS is not set +# CONFIG_LKDTM is not set +CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_FAULT_INJECTION is not set +# CONFIG_LATENCYTOP is not set +CONFIG_SYSCTL_SYSCALL_CHECK=y +# CONFIG_DEBUG_PAGEALLOC is not set +CONFIG_USER_STACKTRACE_SUPPORT=y +CONFIG_NOP_TRACER=y +CONFIG_HAVE_FUNCTION_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y +CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y +CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y +CONFIG_HAVE_DYNAMIC_FTRACE=y +CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y +CONFIG_HAVE_SYSCALL_TRACEPOINTS=y +CONFIG_HAVE_C_RECORDMCOUNT=y +CONFIG_RING_BUFFER=y +CONFIG_EVENT_TRACING=y +CONFIG_EVENT_POWER_TRACING_DEPRECATED=y +CONFIG_CONTEXT_SWITCH_TRACER=y +CONFIG_TRACING=y +CONFIG_GENERIC_TRACER=y +CONFIG_TRACING_SUPPORT=y +CONFIG_FTRACE=y +# CONFIG_FUNCTION_TRACER is not set +# CONFIG_IRQSOFF_TRACER is not set +# CONFIG_SCHED_TRACER is not set +# CONFIG_FTRACE_SYSCALLS is not set +CONFIG_BRANCH_PROFILE_NONE=y +# CONFIG_PROFILE_ANNOTATED_BRANCHES is not set +# CONFIG_PROFILE_ALL_BRANCHES is not set +# CONFIG_STACK_TRACER is not set +CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENT=y +# CONFIG_FTRACE_STARTUP_TEST is not set +# CONFIG_MMIOTRACE is not set +# CONFIG_RING_BUFFER_BENCHMARK is not set +CONFIG_PROVIDE_OHCI1394_DMA_INIT=y +# CONFIG_DYNAMIC_DEBUG is not set +# CONFIG_DMA_API_DEBUG is not set +# CONFIG_ATOMIC64_SELFTEST is not set +CONFIG_ASYNC_RAID6_TEST=m +# CONFIG_SAMPLES is not set +CONFIG_HAVE_ARCH_KGDB=y +# CONFIG_KGDB is not set +CONFIG_HAVE_ARCH_KMEMCHECK=y +# CONFIG_KMEMCHECK is not set +# CONFIG_TEST_KSTRTOX is not set +# CONFIG_STRICT_DEVMEM is not set +CONFIG_X86_VERBOSE_BOOTUP=y +CONFIG_EARLY_PRINTK=y +CONFIG_EARLY_PRINTK_DBGP=y +CONFIG_DEBUG_STACKOVERFLOW=y +# CONFIG_X86_PTDUMP is not set +CONFIG_DEBUG_RODATA=y +# CONFIG_DEBUG_RODATA_TEST is not set +# CONFIG_DEBUG_SET_MODULE_RONX is not set +CONFIG_DEBUG_NX_TEST=m +# CONFIG_IOMMU_DEBUG is not set +# CONFIG_IOMMU_STRESS is not set +CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set +CONFIG_IO_DELAY_TYPE_0X80=0 +CONFIG_IO_DELAY_TYPE_0XED=1 +CONFIG_IO_DELAY_TYPE_UDELAY=2 +CONFIG_IO_DELAY_TYPE_NONE=3 +CONFIG_IO_DELAY_0X80=y +# CONFIG_IO_DELAY_0XED is not set +# CONFIG_IO_DELAY_UDELAY is not set +# CONFIG_IO_DELAY_NONE is not set +CONFIG_DEFAULT_IO_DELAY_TYPE=0 +CONFIG_DEBUG_BOOT_PARAMS=y +# CONFIG_CPA_DEBUG is not set +CONFIG_OPTIMIZE_INLINING=y +# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set +# CONFIG_DEBUG_NMI_SELFTEST is not set + +# +# Security options +# +CONFIG_KEYS=y +CONFIG_ENCRYPTED_KEYS=y +CONFIG_KEYS_DEBUG_PROC_KEYS=y +# CONFIG_SECURITY_DMESG_RESTRICT is not set +CONFIG_SECURITY=y +# CONFIG_SECURITYFS is not set +CONFIG_SECURITY_NETWORK=y +CONFIG_SECURITY_NETWORK_XFRM=y +# CONFIG_SECURITY_PATH is not set +# CONFIG_INTEL_TXT is not set +CONFIG_LSM_MMAP_MIN_ADDR=65536 +CONFIG_SECURITY_SELINUX=y +CONFIG_SECURITY_SELINUX_BOOTPARAM=y +CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_SELINUX_DISABLE=y +CONFIG_SECURITY_SELINUX_DEVELOP=y +CONFIG_SECURITY_SELINUX_AVC_STATS=y +CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1 +# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +CONFIG_INTEGRITY=y +# CONFIG_INTEGRITY_SIGNATURE is not set +# CONFIG_IMA is not set +CONFIG_EVM=y +CONFIG_DEFAULT_SECURITY_SELINUX=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="selinux" +CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m +CONFIG_CRYPTO=y + +# +# Crypto core or helper +# +CONFIG_CRYPTO_ALGAPI=y +CONFIG_CRYPTO_ALGAPI2=y +CONFIG_CRYPTO_AEAD=y +CONFIG_CRYPTO_AEAD2=y +CONFIG_CRYPTO_BLKCIPHER=y +CONFIG_CRYPTO_BLKCIPHER2=y +CONFIG_CRYPTO_HASH=y +CONFIG_CRYPTO_HASH2=y +CONFIG_CRYPTO_RNG=y +CONFIG_CRYPTO_RNG2=y +CONFIG_CRYPTO_PCOMP=m +CONFIG_CRYPTO_PCOMP2=y +CONFIG_CRYPTO_MANAGER=y +CONFIG_CRYPTO_MANAGER2=y +CONFIG_CRYPTO_USER=m +CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y +CONFIG_CRYPTO_GF128MUL=m +CONFIG_CRYPTO_NULL=m +# CONFIG_CRYPTO_PCRYPT is not set +CONFIG_CRYPTO_WORKQUEUE=y +CONFIG_CRYPTO_CRYPTD=m +CONFIG_CRYPTO_AUTHENC=y +CONFIG_CRYPTO_TEST=m + +# +# Authenticated Encryption with Associated Data +# +CONFIG_CRYPTO_CCM=m +CONFIG_CRYPTO_GCM=m +CONFIG_CRYPTO_SEQIV=m + +# +# Block modes +# +CONFIG_CRYPTO_CBC=y +CONFIG_CRYPTO_CTR=m +CONFIG_CRYPTO_CTS=m +CONFIG_CRYPTO_ECB=y +CONFIG_CRYPTO_LRW=m +CONFIG_CRYPTO_PCBC=m +CONFIG_CRYPTO_XTS=m + +# +# Hash modes +# +CONFIG_CRYPTO_HMAC=y +CONFIG_CRYPTO_XCBC=m +CONFIG_CRYPTO_VMAC=m + +# +# Digest +# +CONFIG_CRYPTO_CRC32C=m +CONFIG_CRYPTO_CRC32C_INTEL=m +CONFIG_CRYPTO_GHASH=m +CONFIG_CRYPTO_MD4=m +CONFIG_CRYPTO_MD5=y +CONFIG_CRYPTO_MICHAEL_MIC=m +CONFIG_CRYPTO_RMD128=m +CONFIG_CRYPTO_RMD160=m +CONFIG_CRYPTO_RMD256=m +CONFIG_CRYPTO_RMD320=m +CONFIG_CRYPTO_SHA1=y +CONFIG_CRYPTO_SHA1_SSSE3=m +CONFIG_CRYPTO_SHA256=y +CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_TGR192=m +CONFIG_CRYPTO_WP512=m +CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL=m + +# +# Ciphers +# +CONFIG_CRYPTO_AES=y +CONFIG_CRYPTO_AES_X86_64=m +CONFIG_CRYPTO_AES_NI_INTEL=m +CONFIG_CRYPTO_ANUBIS=m +CONFIG_CRYPTO_ARC4=y +CONFIG_CRYPTO_BLOWFISH=m +CONFIG_CRYPTO_BLOWFISH_COMMON=m +CONFIG_CRYPTO_BLOWFISH_X86_64=m +CONFIG_CRYPTO_CAMELLIA=m +CONFIG_CRYPTO_CAST5=m +CONFIG_CRYPTO_CAST6=m +CONFIG_CRYPTO_DES=y +CONFIG_CRYPTO_FCRYPT=m +CONFIG_CRYPTO_KHAZAD=m +CONFIG_CRYPTO_SALSA20=m +CONFIG_CRYPTO_SALSA20_X86_64=m +CONFIG_CRYPTO_SEED=m +CONFIG_CRYPTO_SERPENT=m +CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m +CONFIG_CRYPTO_TEA=m +CONFIG_CRYPTO_TWOFISH=m +CONFIG_CRYPTO_TWOFISH_COMMON=m +CONFIG_CRYPTO_TWOFISH_X86_64=m +CONFIG_CRYPTO_TWOFISH_X86_64_3WAY=m + +# +# Compression +# +CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_ZLIB=m +CONFIG_CRYPTO_LZO=m + +# +# Random Number Generation +# +CONFIG_CRYPTO_ANSI_CPRNG=m +CONFIG_CRYPTO_USER_API=m +CONFIG_CRYPTO_USER_API_HASH=m +CONFIG_CRYPTO_USER_API_SKCIPHER=m +CONFIG_CRYPTO_HW=y +# CONFIG_CRYPTO_DEV_PADLOCK is not set +CONFIG_HAVE_KVM=y +# CONFIG_VIRTUALIZATION is not set +CONFIG_BINARY_PRINTF=y + +# +# Library routines +# +CONFIG_RAID6_PQ=m +CONFIG_BITREVERSE=y +CONFIG_GENERIC_FIND_FIRST_BIT=y +CONFIG_GENERIC_PCI_IOMAP=y +CONFIG_GENERIC_IOMAP=y +CONFIG_CRC_CCITT=m +CONFIG_CRC16=y +CONFIG_CRC_T10DIF=y +CONFIG_CRC_ITU_T=m +CONFIG_CRC32=y +CONFIG_CRC7=m +CONFIG_LIBCRC32C=m +CONFIG_CRC8=m +CONFIG_ZLIB_INFLATE=y +CONFIG_ZLIB_DEFLATE=m +CONFIG_LZO_COMPRESS=m +CONFIG_LZO_DECOMPRESS=y +CONFIG_XZ_DEC=y +CONFIG_XZ_DEC_X86=y +CONFIG_XZ_DEC_POWERPC=y +CONFIG_XZ_DEC_IA64=y +CONFIG_XZ_DEC_ARM=y +CONFIG_XZ_DEC_ARMTHUMB=y +CONFIG_XZ_DEC_SPARC=y +CONFIG_XZ_DEC_BCJ=y +CONFIG_XZ_DEC_TEST=m +CONFIG_DECOMPRESS_GZIP=y +CONFIG_DECOMPRESS_BZIP2=y +CONFIG_DECOMPRESS_LZMA=y +CONFIG_DECOMPRESS_XZ=y +CONFIG_DECOMPRESS_LZO=y +CONFIG_TEXTSEARCH=y +CONFIG_TEXTSEARCH_KMP=m +CONFIG_TEXTSEARCH_BM=m +CONFIG_TEXTSEARCH_FSM=m +CONFIG_HAS_IOMEM=y +CONFIG_HAS_IOPORT=y +CONFIG_HAS_DMA=y +CONFIG_CHECK_SIGNATURE=y +CONFIG_CPU_RMAP=y +CONFIG_DQL=y +CONFIG_NLATTR=y +CONFIG_LRU_CACHE=m +CONFIG_AVERAGE=y +CONFIG_CORDIC=m diff --git a/layman/layman.cfg b/layman/layman.cfg index b45c6f0..ea68e66 100644 --- a/layman/layman.cfg +++ b/layman/layman.cfg @@ -42,9 +42,17 @@ overlays : http://www.gentoo.org/proj/en/overlays/repositories.xml #----------------------------------------------------------- # Strict checking of overlay definitions # -# Set either to "yes" or "no". If "no" layman will issue -# warnings if an overlay definition is missing either -# description or contact information. +# The nocheck option is a bit confusing, for historical reasons. +# Hopefully this description eases the double negation trouble: +# +# nocheck : yes +# - Accepts completene overlay entries without warnings +# - Lists overlays of type foo (say Git) even with no foo installed +# +# nocheck : no +# - Checks overlay entries for missing description or contact +# information and issue warnings as needed +# - Hides overlays of type foo (say Git) if foo not not installed # nocheck : yes diff --git a/ld.so.conf b/ld.so.conf index ffd4708..1577bce 100644 --- a/ld.so.conf +++ b/ld.so.conf @@ -1,7 +1,5 @@ # ld.so.conf autogenerated by env-update; make all changes to # contents of /etc/env.d directory -/usr/local/lib -include ld.so.conf.d/*.conf /lib64 /usr/lib64 /usr/local/lib64 @@ -10,4 +8,8 @@ include ld.so.conf.d/*.conf /usr/local/lib32 /lib /usr/lib -/opt/cuda/lib64 +/usr/local/lib +include ld.so.conf.d/*.conf +/usr/lib/postgresql +/usr/lib64/postgresql +/usr/lib64/postgresql-9.1/lib64/ diff --git a/ld.so.conf.d/05gcc-x86_64-pc-linux-gnu.conf b/ld.so.conf.d/05gcc-x86_64-pc-linux-gnu.conf index 5721722..65c2b1f 100644 --- a/ld.so.conf.d/05gcc-x86_64-pc-linux-gnu.conf +++ b/ld.so.conf.d/05gcc-x86_64-pc-linux-gnu.conf @@ -1,6 +1,2 @@ /usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3/32 /usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3 -/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3/32 -/usr/lib/gcc/x86_64-pc-linux-gnu/4.5.3 -/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.6/32 -/usr/lib/gcc/x86_64-pc-linux-gnu/4.4.6 diff --git a/local.d/baselayout1.start b/local.d/baselayout1.start index 85ea2e2..f779a80 100755 --- a/local.d/baselayout1.start +++ b/local.d/baselayout1.start @@ -3,8 +3,8 @@ # This is a good place to load any misc programs # on startup (use &>/dev/null to hide output) -echo "Setze Standard-Route IPv6 via fe80::1 dev eth0" -/sbin/ip -6 route add default via fe80::1 dev eth0 +#echo "Setze Standard-Route IPv6 via fe80::1 dev eth0" +#/sbin/ip -6 route add default via fe80::1 dev eth0 #/sbin/ip -6 route add "2a01:238:4225:6e00::/56" dev lo diff --git a/logrotate.d/.rcs/apache2,v b/logrotate.d/.rcs/apache2,v deleted file mode 100644 index ffe49c7..0000000 --- a/logrotate.d/.rcs/apache2,v +++ /dev/null @@ -1,73 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.03.24; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.06.54.26; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@# Apache2 logrotate snipet for Gentoo Linux -# Contributes by Chuck Short -# -#/var/log/apache2/*log { -# missingok -# notifempty -# sharedscripts -# postrotate -# /etc/init.d/apache2 reload > /dev/null 2>&1 || true -# endscript -#} - -script apache2-reload - /etc/init.d/apache2 reload >/dev/null || true -endscript - -#rotate 10 -daily - -/var/log/apache2/*log { - size 4m - olddir /var/log/apache2/%Y-%m - postrotate apache2-reload -} - -# vim: ts=4 filetype=conf -@ - - -1.1 -log -@Initial revision -@ -text -@d4 16 -d21 3 -a23 6 - missingok - notifempty - sharedscripts - postrotate - /etc/init.d/apache2 reload > /dev/null 2>&1 || true - endscript -d25 2 -@ diff --git a/logrotate.d/.rcs/clamav,v b/logrotate.d/.rcs/clamav,v deleted file mode 100644 index 2266e61..0000000 --- a/logrotate.d/.rcs/clamav,v +++ /dev/null @@ -1,61 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.03.24; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.19.01.48; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@/var/log/clamav/clamd.log { - missingok - weekly - size 1m - postrotate - /etc/init.d/clamd logfix - /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true - endscript -} - -/var/log/clamav/freshclam.log { - missingok - weekly - size 1m - postrotate - /etc/init.d/clamd logfix - /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true - endscript -} - -# vim: ts=4 filetype=conf -@ - - -1.1 -log -@Initial revision -@ -text -@d3 2 -d13 2 -d20 2 -@ diff --git a/logrotate.d/.rcs/elog-save-summary,v b/logrotate.d/.rcs/elog-save-summary,v deleted file mode 100644 index ba0950c..0000000 --- a/logrotate.d/.rcs/elog-save-summary,v +++ /dev/null @@ -1,51 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.03.24; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.11.30.21.18.51; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@# Copyright 1999-2007 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Id: elog-save-summary 7609 2007-08-15 04:37:36Z zmedico $ -# Rotate the log created by the save_summary elog module. - -/var/log/portage/elog/summary.log { - missingok - nocreate - delaycompress -} - -# vim: ts=4 filetype=conf -@ - - -1.1 -log -@Initial revision -@ -text -@d3 1 -d11 2 -@ diff --git a/logrotate.d/.rcs/mysql,v b/logrotate.d/.rcs/mysql,v deleted file mode 100644 index fdd85d8..0000000 --- a/logrotate.d/.rcs/mysql,v +++ /dev/null @@ -1,55 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.03.24; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.11.30.06.29.11; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql-init-scripts/files/logrotate.mysql,v 1.1 2007/01/12 16:54:20 chtekk Exp $ - -/var/log/mysql/mysql.err /var/log/mysql/mysql.log /var/log/mysql/mysqld.err { -monthly -create 660 mysql mysql -notifempty -size 5M -sharedscripts -missingok -postrotate -/bin/kill -HUP `cat /var/run/mysqld/mysqld.pid` -endscript -} - -# vim: ts=4 filetype=conf -@ - - -1.1 -log -@Initial revision -@ -text -@d16 2 -@ diff --git a/logrotate.d/.rcs/named,v b/logrotate.d/.rcs/named,v deleted file mode 100644 index 38d65fe..0000000 --- a/logrotate.d/.rcs/named,v +++ /dev/null @@ -1,51 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.05.27.10.53.14; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@ -script named-reload - /usr/sbin/rndc reload >/dev/null || true -endscript - -/var/log/named/complete-debug.log /var/log/named/debug.log /var/log/named/query.log { - daily - olddir /var/log/named/%Y-%m - size 4M - maxage 6m - notifempty - missingok - postrotate named-reload -} - -/var/log/named/named.log { - weekly - olddir /var/log/named/%Y-%m - size 1M - maxage 2y - notifempty - missingok - postrotate named-reload -} - - -# vim: ts=4 filetype=conf -@ diff --git a/logrotate.d/.rcs/rsyncd,v b/logrotate.d/.rcs/rsyncd,v deleted file mode 100644 index 74264c8..0000000 --- a/logrotate.d/.rcs/rsyncd,v +++ /dev/null @@ -1,49 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.03.24; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.11.30.16.27.03; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@/var/log/rsync.log { - compress - maxage 365 - rotate 7 - size=+1024k - notifempty - missingok - copytruncate -} - -# vim: ts=4 filetype=conf -@ - - -1.1 -log -@Initial revision -@ -text -@d10 2 -@ diff --git a/logrotate.d/.rcs/syslog-ng,v b/logrotate.d/.rcs/syslog-ng,v deleted file mode 100644 index 9500953..0000000 --- a/logrotate.d/.rcs/syslog-ng,v +++ /dev/null @@ -1,105 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.03.24; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.11.30.21.54.44; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.logrotate,v 1.3 2008/10/15 20:46:12 mr_bones_ Exp $ -# -# Syslog-ng logrotate snippet for Gentoo Linux -# contributed by Michael Sterrett -# - -#/var/log/messages { -# missingok -# sharedscripts -# postrotate -# /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true -# endscript -#} - -script syslog-reload - /etc/init.d/syslog-ng reload >/dev/null || true -endscript - -/var/log/messages { - daily - olddir /var/log/.old/%Y-%m - size 1024K - postrotate syslog-reload -} - -/var/log/syslog.d/* { - daily - olddir /var/log/syslog.d/.old/%Y-%m - size 1024K - postrotate syslog-reload - maxage 1y -} - -/var/log/debug.log { - daily - olddir /var/log/.old/%Y-%m - size 4M - postrotate syslog-reload - maxage 6m -} - -/var/log/mail/authdaemond /var/log/mail/amavis* /var/log/mail/imapd* /var/log/mail/pop3d* /var/log/mail/postgrey /var/log/mail/spam* { - daily - olddir /var/log/mail/.old/%Y-%m - size 1024K - postrotate syslog-reload - maxage 1y -} - -/var/log/mail/postfix/* { - daily - olddir /var/log/mail/.old/postfix/%Y-%m - size 1024K - postrotate syslog-reload - maxage 1y -} - - -# vim: ts=4 filetype=conf -@ - - -1.1 -log -@Initial revision -@ -text -@d7 12 -d20 4 -a23 5 - missingok - sharedscripts - postrotate - /etc/init.d/syslog-ng reload > /dev/null 2>&1 || true - endscript -d25 35 -@ diff --git a/logrotate.d/.rcs/ulogd,v b/logrotate.d/.rcs/ulogd,v deleted file mode 100644 index 7ee287b..0000000 --- a/logrotate.d/.rcs/ulogd,v +++ /dev/null @@ -1,67 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.03.24; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.11.30.16.29.33; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@#/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap { -# missingok -# sharedscripts -# postrotate -# /bin/killall -HUP ulogd 2> /dev/null || true -# endscript -#} - -/var/log/ulogd/*.log { - daily - maxage 2y - rotate 999 - olddir /var/log/ulogd/%Y-%m - size 4M - sharedscripts - postrotate - #/etc/init.d/ulogd restart - /bin/killall -HUP ulogd 2> /dev/null || true - endscript -} - -# vim: ts=4 filetype=conf -@ - - -1.1 -log -@Initial revision -@ -text -@d1 14 -a14 2 -/var/log/ulogd.log /var/log/ulogd.syslogemu /var/log/ulogd.pktlog /var/log/ulogd.pcap { - missingok -d17 2 -a18 1 - /bin/killall -HUP ulogd 2> /dev/null || true -d21 2 -@ diff --git a/lvm/archive/vg0_00000.vg b/lvm/archive/vg0_00000.vg deleted file mode 100644 index 2310709..0000000 --- a/lvm/archive/vg0_00000.vg +++ /dev/null @@ -1,208 +0,0 @@ -# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 00:58:00 2010 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing '/sbin/vgscan --mknodes --config 'global { locking_dir = \"/dev/.lvm\" }''" - -creation_host = "(none)" # Linux (none) 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 -creation_time = 1291075080 # Tue Nov 30 00:58:00 2010 - -vg0 { - id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" - seqno = 10 - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 8192 # 4 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" - device = "/dev/md5" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 957313152 # 456.482 Gigabytes - pe_start = 384 - pe_count = 116859 # 456.48 Gigabytes - } - } - - logical_volumes { - - tmp { - id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 512 # 2 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - usr { - id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3072 # 12 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 512 - ] - } - } - - var { - id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3840 # 15 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 3584 - ] - } - } - - opt { - id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3840 # 15 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 7424 - ] - } - } - - home { - id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 25600 # 100 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 11264 - ] - } - } - - var_tmp { - id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 2560 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 36864 - ] - } - } - - backup { - id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 15360 # 60 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 39424 - ] - } - } - - portage { - id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 1280 # 5 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 54784 - ] - } - } - - distfiles { - id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 2560 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 56064 - ] - } - } - } -} diff --git a/lvm/archive/vg0_00001.vg b/lvm/archive/vg0_00001.vg deleted file mode 100644 index ff3e3a8..0000000 --- a/lvm/archive/vg0_00001.vg +++ /dev/null @@ -1,208 +0,0 @@ -# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 09:12:50 2010 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing 'lvcreate -L 50G -n www vg0'" - -creation_host = "helga" # Linux helga 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 -creation_time = 1291104770 # Tue Nov 30 09:12:50 2010 - -vg0 { - id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" - seqno = 10 - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 8192 # 4 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" - device = "/dev/md5" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 957313152 # 456.482 Gigabytes - pe_start = 384 - pe_count = 116859 # 456.48 Gigabytes - } - } - - logical_volumes { - - tmp { - id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 512 # 2 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - usr { - id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3072 # 12 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 512 - ] - } - } - - var { - id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3840 # 15 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 3584 - ] - } - } - - opt { - id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3840 # 15 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 7424 - ] - } - } - - home { - id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 25600 # 100 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 11264 - ] - } - } - - var_tmp { - id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 2560 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 36864 - ] - } - } - - backup { - id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 15360 # 60 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 39424 - ] - } - } - - portage { - id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 1280 # 5 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 54784 - ] - } - } - - distfiles { - id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 2560 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 56064 - ] - } - } - } -} diff --git a/lvm/archive/vg0_00002.vg b/lvm/archive/vg0_00002.vg deleted file mode 100644 index d643ae5..0000000 --- a/lvm/archive/vg0_00002.vg +++ /dev/null @@ -1,227 +0,0 @@ -# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 09:13:04 2010 - -contents = "Text Format Volume Group" -version = 1 - -description = "Created *before* executing 'lvcreate -L 10G -n var_lib vg0'" - -creation_host = "helga" # Linux helga 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 -creation_time = 1291104784 # Tue Nov 30 09:13:04 2010 - -vg0 { - id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" - seqno = 11 - status = ["RESIZEABLE", "READ", "WRITE"] - flags = [] - extent_size = 8192 # 4 Megabytes - max_lv = 0 - max_pv = 0 - metadata_copies = 0 - - physical_volumes { - - pv0 { - id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" - device = "/dev/md5" # Hint only - - status = ["ALLOCATABLE"] - flags = [] - dev_size = 957313152 # 456.482 Gigabytes - pe_start = 384 - pe_count = 116859 # 456.48 Gigabytes - } - } - - logical_volumes { - - tmp { - id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 512 # 2 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 0 - ] - } - } - - usr { - id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3072 # 12 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 512 - ] - } - } - - var { - id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3840 # 15 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 3584 - ] - } - } - - opt { - id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3840 # 15 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 7424 - ] - } - } - - home { - id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 25600 # 100 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 11264 - ] - } - } - - var_tmp { - id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 2560 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 36864 - ] - } - } - - backup { - id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 15360 # 60 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 39424 - ] - } - } - - portage { - id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 1280 # 5 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 54784 - ] - } - } - - distfiles { - id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 2560 # 10 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 56064 - ] - } - } - - www { - id = "G2ctQb-TMPR-o3Iw-CtCz-A8io-Tpqq-krXN6O" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 12800 # 50 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 58624 - ] - } - } - } -} diff --git a/lvm/backup/vg0 b/lvm/backup/vg0 index 9f7424f..78042b3 100644 --- a/lvm/backup/vg0 +++ b/lvm/backup/vg0 @@ -1,16 +1,16 @@ -# Generated by LVM2 version 2.02.73(2) (2010-09-18): Tue Nov 30 09:13:04 2010 +# Generated by LVM2 version 2.02.88(2) (2011-08-19): Mon Jul 23 22:40:34 2012 contents = "Text Format Volume Group" version = 1 -description = "Created *after* executing 'lvcreate -L 10G -n var_lib vg0'" +description = "Created *after* executing '/sbin/vgs --config 'global { locking_dir = \"/dev/.lvm\" }' -o vg_name --noheadings --nosuffix'" -creation_host = "helga" # Linux helga 2.6.34-gentoo-r12 #1 SMP Mon Nov 29 18:31:06 CET 2010 x86_64 -creation_time = 1291104784 # Tue Nov 30 09:13:04 2010 +creation_host = "helga" # Linux helga 3.3.8-gentoo #1 SMP Mon Jul 23 18:48:18 CEST 2012 x86_64 +creation_time = 1343076034 # Mon Jul 23 22:40:34 2012 vg0 { - id = "UflbwM-FGlw-qFqq-1b6T-Uw2G-AAdY-M94ilh" - seqno = 12 + id = "uSk9A3-x56m-iVOs-L8vy-MMPB-dyB8-P2B3wj" + seqno = 9 status = ["RESIZEABLE", "READ", "WRITE"] flags = [] extent_size = 8192 # 4 Megabytes @@ -21,28 +21,28 @@ vg0 { physical_volumes { pv0 { - id = "k3351o-llEC-DnzL-mbrw-m3kb-mvv0-5mIRfc" - device = "/dev/md5" # Hint only + id = "5Dj2to-z8Ns-6WMX-6jnk-bc9V-Rb24-X2pWS6" + device = "/dev/md127" # Hint only status = ["ALLOCATABLE"] flags = [] - dev_size = 957313152 # 456.482 Gigabytes + dev_size = 851153446 # 405.862 Gigabytes pe_start = 384 - pe_count = 116859 # 456.48 Gigabytes + pe_count = 103900 # 405.859 Gigabytes } } logical_volumes { tmp { - id = "1bbUbK-jKNY-dbqm-U0T0-OKff-h5Ed-NtK8fh" + id = "NvADy6-FMsi-1BjG-tCuj-XFCy-yoJ3-uAsXE9" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 segment1 { start_extent = 0 - extent_count = 512 # 2 Gigabytes + extent_count = 1024 # 4 Gigabytes type = "striped" stripe_count = 1 # linear @@ -53,84 +53,65 @@ vg0 { } } - usr { - id = "QdCiqc-WAxV-qFyC-808H-tdyt-xdEf-Qbfzv2" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 3072 # 12 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 512 - ] - } - } - - var { - id = "nz4D5c-TcAH-O0iD-RSs7-0Cjg-rDSA-399f3S" + home { + id = "k3xQ3K-GiiJ-0jPx-SiVq-JcYX-N0Lt-d99eZp" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 segment1 { start_extent = 0 - extent_count = 3840 # 15 Gigabytes + extent_count = 12800 # 50 Gigabytes type = "striped" stripe_count = 1 # linear stripes = [ - "pv0", 3584 + "pv0", 1024 ] } } - opt { - id = "vNtxlo-1SGL-LRmW-6Rcj-K2lv-SsWW-Mj76sq" + portage { + id = "hhJum2-rfn8-Rhzw-skcg-33qV-JvrV-3peqTx" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 segment1 { start_extent = 0 - extent_count = 3840 # 15 Gigabytes + extent_count = 1024 # 4 Gigabytes type = "striped" stripe_count = 1 # linear stripes = [ - "pv0", 7424 + "pv0", 13824 ] } } - home { - id = "jQqaJP-Su48-lBZz-oVdu-HNru-6m3L-zXLgiz" + distfiles { + id = "mbepTK-f1Yy-viQH-QCCL-Wb0G-Z3hR-1jYAlf" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 segment1 { start_extent = 0 - extent_count = 25600 # 100 Gigabytes + extent_count = 2560 # 10 Gigabytes type = "striped" stripe_count = 1 # linear stripes = [ - "pv0", 11264 + "pv0", 14848 ] } } var_tmp { - id = "MvBpIS-WHWz-HpzV-gTfI-yexq-Odbk-9gLkL8" + id = "Kr2rqO-qi0q-A8Wr-8kEp-bl3V-14Hy-f9VZep" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 @@ -143,102 +124,64 @@ vg0 { stripe_count = 1 # linear stripes = [ - "pv0", 36864 - ] - } - } - - backup { - id = "oU4b0r-e0Qh-RsUg-n0m0-JAx2-T3is-UOXV7W" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 15360 # 60 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 39424 - ] - } - } - - portage { - id = "7RV5kq-43Ep-eJil-3RSc-IQj5-Rjzp-CtLxfY" - status = ["READ", "WRITE", "VISIBLE"] - flags = [] - segment_count = 1 - - segment1 { - start_extent = 0 - extent_count = 1280 # 5 Gigabytes - - type = "striped" - stripe_count = 1 # linear - - stripes = [ - "pv0", 54784 + "pv0", 17408 ] } } - distfiles { - id = "RTdfBJ-rROm-3zao-FAjG-5iQT-kBPE-dJ43zh" + var_lib { + id = "xgCSsf-SEpC-iRjx-9wIF-GjDS-pXwi-U59YcI" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 segment1 { start_extent = 0 - extent_count = 2560 # 10 Gigabytes + extent_count = 12800 # 50 Gigabytes type = "striped" stripe_count = 1 # linear stripes = [ - "pv0", 56064 + "pv0", 19968 ] } } www { - id = "G2ctQb-TMPR-o3Iw-CtCz-A8io-Tpqq-krXN6O" + id = "lVYuc0-043K-ET9u-H6X8-31jj-1xMG-hcGxpq" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 segment1 { start_extent = 0 - extent_count = 12800 # 50 Gigabytes + extent_count = 25600 # 100 Gigabytes type = "striped" stripe_count = 1 # linear stripes = [ - "pv0", 58624 + "pv0", 32768 ] } } - var_lib { - id = "Uvg5NV-3h9X-YZpv-ouET-IGsD-SA4t-WQInlY" + backup { + id = "lQ6rLf-HUxx-f3oc-eTpG-9xeD-JrbI-aVU7tv" status = ["READ", "WRITE", "VISIBLE"] flags = [] segment_count = 1 segment1 { start_extent = 0 - extent_count = 2560 # 10 Gigabytes + extent_count = 12800 # 50 Gigabytes type = "striped" stripe_count = 1 # linear stripes = [ - "pv0", 71424 + "pv0", 58368 ] } } diff --git a/machine-id b/machine-id index 775709a..17f82c8 100644 --- a/machine-id +++ b/machine-id @@ -1 +1 @@ -a80ef8537b9f69ff3c2d935f0034bdcf +67d7ee0747a3d3b3fc6a1095500ca754 diff --git a/mail/aliases.orig b/mail/aliases.orig new file mode 100644 index 0000000..ea83505 --- /dev/null +++ b/mail/aliases.orig @@ -0,0 +1,33 @@ +# Basic system aliases -- these MUST be present. +MAILER-DAEMON: postmaster +postmaster: root + +# General redirections for pseudo accounts. +adm: root +bin: root +daemon: root +exim: root +lp: root +mail: root +named: root +nobody: root +postfix: root + +# Well-known aliases -- these should be filled in! +# root: +# operator: + +# Standard RFC2142 aliases +abuse: postmaster +ftp: root +hostmaster: root +news: usenet +noc: root +security: root +usenet: root +uucp: root +webmaster: root +www: webmaster + +# trap decode to catch security attacks +# decode: /dev/null diff --git a/mail/spamassassin/sa-update-keys/trustdb.gpg b/mail/spamassassin/sa-update-keys/trustdb.gpg index 3034a28..60d9446 100644 Binary files a/mail/spamassassin/sa-update-keys/trustdb.gpg and b/mail/spamassassin/sa-update-keys/trustdb.gpg differ diff --git a/make.conf b/make.conf index abce23c..a77d66e 100644 --- a/make.conf +++ b/make.conf @@ -2,7 +2,6 @@ # built this stage. # Please consult /usr/share/portage/config/make.conf.example for a more # detailed example. - CFLAGS="-O2 -pipe -march=opteron" CXXFLAGS="${CFLAGS}" @@ -12,15 +11,27 @@ CHOST="x86_64-pc-linux-gnu" # These are the USE flags that were used in addition to what is provided by the # profile used for building. -USE="3dnow X acl apache2 audit bash-completion bazaar bzip2 caps cgi cvs curl \ - darcs djvu doc examples expat fam fastcgi fontconfig ftp gd gif git gmp gnome-keyring \ - gnutls gpg graphviz gs gsl gtk guile hscolour html icu idn imagemagick imap ipv6 ithreads \ - jadetex java javascript jbig jpeg jpeg2k kerberos lasi ldap libwww lua \ - lzma lzo maildir mailwrapper mercurial mmx mmxext modperl modplug motif mp3 mysql \ - nis odbc ogg openexr openldap pam pch pcre pdf perl pic png php python rar samba sasl \ - session smtp snmp soap spamassassin spell sqlite sqlite3 sse sse2 ssh \ - subversion svg syslog theora tiff tk truetype unicode vhosts vim-syntax \ - vorbis wmf x264 xattr xml xmlrpc xpm xsl xvid zlib" +USE="3dnow X acl apache2 audit bash-completion bazaar bzip2 caps cgi curl cvs \ + darcs djvu doc examples expat fam fastcgi fontconfig ftp gd gif git gmp \ + gnome-keyring gnutls gpg graphviz gs gsl gtk guile hscolour html i18n \ + icu idn imagemagick imap ipv6 ithreads jadetex java javascript jbig jpeg \ + jpeg2k kerberos lasi ldap libwww lua lzma lzo maildir mailwrapper \ + mercurial mmx mmxext mod modperl modplug motif mp3 mysql \ + nis odbc ogg openexr openldap pam pch pcre pdf perl php pic png postgres \ + postscript python rar samba sasl session smtp snmp soap spamassassin \ + spell sqlite sqlite3 sse sse2 ssh subversion svg syslog theora tiff tk \ + truetype unicode vhosts vim-syntax vorbis wmf x264 xattr xml xmlrpc xpm \ + xsl xvid zlib" +#USE="3dnow X acl apache2 audit bash-completion bazaar bzip2 caps cgi cvs curl \ +# darcs djvu doc examples expat fam fastcgi fontconfig ftp gd gif git gmp gnome-keyring \ +# gnutls gpg graphviz gs gsl gtk guile hscolour html icu idn imagemagick imap ipv6 ithreads \ +# jadetex java javascript jbig jpeg jpeg2k kerberos lasi ldap libwww lua \ +# lzma lzo maildir mailwrapper mercurial mmx mmxext modperl modplug motif mp3 mysql \ +# nis odbc ogg openexr openldap pam pch pcre pdf perl pic png php python rar samba sasl \ +# session smtp snmp soap spamassassin spell sqlite sqlite3 sse sse2 ssh \ +# subversion svg syslog theora tiff tk truetype unicode vhosts vim-syntax \ +# vorbis wmf x264 xattr xml xmlrpc xpm xsl xvid zlib" + I_KNOW_WHAT_I_AM_DOING=yes diff --git a/man.conf b/man.conf index a4e02fa..9b3150f 100644 --- a/man.conf +++ b/man.conf @@ -117,8 +117,8 @@ CMP /usr/bin/cmp -s # # Compress cat pages # -COMPRESS /bin/bzip2 -COMPRESS_EXT .bz2 +COMPRESS /usr/bin/xz +COMPRESS_EXT .xz # # Default manual sections (and order) to search if -S is not specified # and the MANSECT environment variable is not set. @@ -139,6 +139,6 @@ MANSECT 1:1p:8:2:3:3p:4:5:6:7:9:0p:tcl:n:l:p:o .lzma /usr/bin/unlzma -c -d .z .Z /bin/zcat -.F /usr/bin/fcat +.F .Y .xz /usr/bin/unxz -c diff --git a/mdadm.conf b/mdadm.conf index 7bdff67..3ec36db 100644 --- a/mdadm.conf +++ b/mdadm.conf @@ -61,5 +61,11 @@ # and "program" lines to that monitoring can be started using # mdadm --follow --scan & echo $! > /var/run/mdadm # If the lines are not found, mdadm will exit quietly -#MAILADDR root@mydomain.tld +MAILADDR frank@brehm-online.com #PROGRAM /usr/sbin/handle-mdadm-events + +ARRAY /dev/md0 UUID=b7a8f9c1:8286d56c:3d186b3c:53958f34 +ARRAY /dev/md1 UUID=b0ec76b7:d7abfcad:8b23e4b1:c398e955 +ARRAY /dev/md2 metadata=1.2 UUID=f4df350f:db2bcbff:6c11726f:a221fad0 name=helga.brehm-online.com:2 +ARRAY /dev/md3 metadata=1.2 UUID=845bd74a:ad0cbe0e:033b20d0:a9bd0ff5 name=helga.brehm-online.com:3 + diff --git a/mtab b/mtab index 6af4511..5d33820 100644 --- a/mtab +++ b/mtab @@ -1,27 +1,25 @@ rootfs / rootfs rw 0 0 -/dev/root / ext3 rw,noatime,errors=continue,user_xattr,acl,barrier=1,data=writeback 0 0 proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0 -rc-svcdir /lib64/rc/init.d tmpfs rw,nosuid,nodev,noexec,relatime,size=1024k,mode=755 0 0 sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0 +udev /dev tmpfs rw,nosuid,relatime,size=10240k,mode=755 0 0 +devpts /dev/pts devpts rw,relatime,gid=5,mode=620 0 0 +/dev/md2 / ext3 rw,noatime,errors=continue,user_xattr,acl,barrier=1,data=writeback 0 0 +tmpfs /run tmpfs rw,nosuid,nodev,relatime,mode=755 0 0 +rc-svcdir /lib64/rc/init.d tmpfs rw,nosuid,nodev,noexec,relatime,size=1024k,mode=755 0 0 debugfs /sys/kernel/debug debugfs rw,nosuid,nodev,noexec,relatime 0 0 cgroup_root /sys/fs/cgroup tmpfs rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755 0 0 cpuset /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 0 0 cpu /sys/fs/cgroup/cpu cgroup rw,nosuid,nodev,noexec,relatime,cpu 0 0 cpuacct /sys/fs/cgroup/cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpuacct 0 0 freezer /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 0 0 -udev /dev tmpfs rw,nosuid,relatime,size=10240k,mode=755 0 0 -devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620 0 0 shm /dev/shm tmpfs rw,nosuid,nodev,noexec,relatime 0 0 /dev/mapper/vg0-tmp /tmp ext4 rw,noatime 0 0 -/dev/mapper/vg0-usr /usr ext4 rw,acl,user_xattr 0 0 -/dev/mapper/vg0-var /var ext4 rw,acl,user_xattr 0 0 -/dev/mapper/vg0-opt /opt ext4 rw,acl,user_xattr 0 0 -/dev/mapper/vg0-home /home ext4 rw,acl,user_xattr,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 0 0 +/dev/mapper/vg0-home /home ext4 rw,acl,user_xattr 0 0 /dev/mapper/vg0-var_tmp /var/tmp ext4 rw,noatime 0 0 /dev/mapper/vg0-www /var/www ext4 rw,acl,user_xattr 0 0 /dev/mapper/vg0-var_lib /var/lib ext4 rw,noatime,acl,user_xattr 0 0 /dev/mapper/vg0-backup /var/backup ext4 rw,noatime,acl,user_xattr 0 0 /dev/mapper/vg0-portage /usr/portage ext4 rw,noatime 0 0 /dev/mapper/vg0-distfiles /usr/portage/distfiles ext4 rw,noatime 0 0 +/dev/md1 /ubuntu ext3 ro,noatime,acl,user_xattr 0 0 binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,noexec,nosuid,nodev 0 0 -/dev/md2 /boot ext3 rw,noatime 0 0 diff --git a/mysql/.rcs/my.cnf,v b/mysql/.rcs/my.cnf,v deleted file mode 100644 index 9fadb5a..0000000 --- a/mysql/.rcs/my.cnf,v +++ /dev/null @@ -1,391 +0,0 @@ -head 1.5; -access; -symbols; -locks; strict; -comment @# @; - - -1.5 -date 2010.11.30.08.33.13; author root; state Exp; -branches; -next 1.4; - -1.4 -date 2010.11.30.08.26.18; author root; state Exp; -branches; -next 1.3; - -1.3 -date 2010.11.30.06.46.14; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.05.27.20.00.10; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.26.01.55.34; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.5 -log -@Checked in. -@ -text -@# /etc/mysql/my.cnf: The global mysql configuration file. -# $Header: /etc/mysql/my.cnf,v 1.4 2010/11/30 08:26:18 root Exp $ - -# The following options will be passed to all MySQL clients -[client] -#password = your_password -port = 3306 -socket = /var/run/mysqld/mysqld.sock - -[mysql] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 -prompt=MySQL \u@@\h:\d >\_ - -[mysqladmin] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqlcheck] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqldump] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqlimport] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqlshow] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[myisamchk] -character-sets-dir=/usr/share/mysql/charsets - -[myisampack] -character-sets-dir=/usr/share/mysql/charsets - -# use [safe_mysqld] with mysql-3 -[mysqld_safe] -err-log = /var/log/mysql/mysql.err - -# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations -[mysqld] -character-set-server = utf8 -#default-character-set = utf8 -user = mysql -port = 3306 -socket = /var/run/mysqld/mysqld.sock -pid-file = /var/run/mysqld/mysqld.pid -log-error = /var/log/mysql/mysqld.err -basedir = /usr -datadir = /var/lib/mysql -skip-external-locking -key_buffer = 32M -max_allowed_packet = 4M -table_cache = 64 -sort_buffer_size = 2M -net_buffer_length = 8K -read_buffer_size = 2M -read_rnd_buffer_size = 4M -myisam_sort_buffer_size = 32M -#language = /usr/share/mysql/english -language = /usr/share/mysql/german - -# security: -# using "localhost" in connects uses sockets by default -# skip-networking -#bind-address = 127.0.0.1 - -#log-bin = helga-mysql-bin -server-id = 2 - -#auto_increment_increment = 2 -#auto_increment_offset = 2 - -#master-host = sarah.brehm-online.com -#master-port = 3306 -#master-user = replication -#master-password = uhu -#master-connect-retry = 60 -#report-host = helga.brehm-online.com - -# point the following paths to different dedicated disks -tmpdir = /tmp/ -#log-update = /path-to-dedicated-directory/hostname - -# you need the debug USE flag enabled to use the following directives, -# if needed, uncomment them, start the server and issue -# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace -# this will show you *exactly* what's happening in your server ;) - -#log = /tmp/mysqld.sql -#gdb -#debug = d:t:i:o,/tmp/mysqld.trace -#one-thread - -# uncomment the following directives if you are using BDB tables -#bdb_cache_size = 4M -#bdb_max_lock = 10000 - -# the following is the InnoDB configuration -# if you wish to disable innodb instead -# uncomment just the next line -#skip-innodb -# -# the rest of the innodb config follows: -# don't eat too much memory, we're trying to be safe on 64Mb boxes -# you might want to bump this up a bit on boxes with more RAM -innodb_buffer_pool_size = 64M -# this is the default, increase it if you have lots of tables -innodb_additional_mem_pool_size = 4M -# -# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( -# and upstream wants things to be under /var/lib/mysql/, so that's the route -# we have to take for the moment -#innodb_data_home_dir = /var/lib/mysql/ -#innodb_log_arch_dir = /var/lib/mysql/ -#innodb_log_group_home_dir = /var/lib/mysql/ -# you may wish to change this size to be more suitable for your system -# the max is there to avoid run-away growth on your machine -innodb_data_file_path = ibdata1:10M:autoextend:max:128M -# we keep this at around 25% of of innodb_buffer_pool_size -# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) -innodb_log_file_size = 5M -# this is the default, increase it if you have very large transactions going on -innodb_log_buffer_size = 8M -# this is the default and won't hurt you -# you shouldn't need to tweak it -innodb_log_files_in_group=2 -# see the innodb config docs, the other options are not always safe -innodb_flush_log_at_trx_commit = 1 -innodb_lock_wait_timeout = 50 -innodb_file_per_table -sync_binlog = 1 - -[mysqldump] -quick -max_allowed_packet = 64M - -[mysql] -# uncomment the next directive if you are not familiar with SQL -#safe-updates - -[isamchk] -key_buffer = 20M -sort_buffer_size = 20M -read_buffer = 2M -write_buffer = 2M - -[myisamchk] -key_buffer = 40M -sort_buffer_size = 40M -read_buffer = 4M -write_buffer = 4M - -[mysqlhotcopy] -interactive-timeout -@ - - -1.4 -log -@Checked in. -@ -text -@d2 1 -a2 1 -# $Header: /etc/mysql/my.cnf,v 1.2 2010/05/27 20:00:10 root Exp $ -d48 1 -a48 1 -default-character-set = utf8 -d112 1 -a112 1 -innodb_buffer_pool_size = 64 -@ - - -1.3 -log -@Checked in. -@ -text -@d2 1 -a2 1 -# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.1,v 1.2 2010/03/24 18:26:09 robbat2 Exp $ -d13 1 -d48 1 -d57 2 -a58 2 -key_buffer = 16M -max_allowed_packet = 1M -d60 1 -a60 1 -sort_buffer_size = 512K -d62 5 -a66 4 -read_buffer_size = 256K -read_rnd_buffer_size = 512K -myisam_sort_buffer_size = 8M -language = /usr/share/mysql/english -d71 1 -a71 1 -bind-address = 127.0.0.1 -d73 12 -a84 2 -log-bin -server-id = 1 -d112 1 -a112 1 -innodb_buffer_pool_size = 16M -d114 1 -a114 1 -innodb_additional_mem_pool_size = 2M -d137 1 -d141 1 -a141 1 -max_allowed_packet = 16M -d148 1 -a148 1 -key_buffer = 20M -d154 4 -a157 4 -key_buffer = 20M -sort_buffer_size = 20M -read_buffer = 2M -write_buffer = 2M -@ - - -1.2 -log -@Checked in. -@ -text -@d2 1 -a2 1 -# $Header: /etc/mysql/my.cnf,v 1.1 2010/05/26 01:55:34 root Exp $ -a12 1 -prompt=MySQL \u@@\h:\d >\_ -a46 1 -default-character-set = utf8 -d55 2 -a56 2 -key_buffer = 32M -max_allowed_packet = 4M -d58 1 -a58 1 -sort_buffer_size = 2M -d60 4 -a63 5 -read_buffer_size = 2M -read_rnd_buffer_size = 4M -myisam_sort_buffer_size = 32M -#language = /usr/share/mysql/english -language = /usr/share/mysql/german -d68 1 -a68 1 -#bind-address = 127.0.0.1 -d70 2 -a71 12 -log-bin = helga-mysql-bin -server-id = 2 - -auto_increment_increment = 2 -auto_increment_offset = 2 - -master-host = sarah.brehm-online.com -master-port = 3306 -master-user = replication -master-password = uhu -master-connect-retry = 60 -report-host = helga.brehm-online.com -d99 1 -a99 1 -innodb_buffer_pool_size = 64 -d101 1 -a101 1 -innodb_additional_mem_pool_size = 4M -a123 1 -sync_binlog = 1 -d127 1 -a127 1 -max_allowed_packet = 64M -d134 1 -a134 1 -key_buffer = 20M -d140 4 -a143 4 -key_buffer = 40M -sort_buffer_size = 40M -read_buffer = 4M -write_buffer = 4M -@ - - -1.1 -log -@Initial revision -@ -text -@d2 1 -a2 1 -# $Header: /var/cvsroot/gentoo-x86/dev-db/mysql/files/my.cnf-5.1,v 1.2 2010/03/24 18:26:09 robbat2 Exp $ -d13 1 -d48 1 -d57 2 -a58 2 -key_buffer = 16M -max_allowed_packet = 1M -d60 1 -a60 1 -sort_buffer_size = 512K -d62 5 -a66 4 -read_buffer_size = 256K -read_rnd_buffer_size = 512K -myisam_sort_buffer_size = 8M -language = /usr/share/mysql/english -d71 1 -a71 1 -bind-address = 127.0.0.1 -d73 12 -a84 2 -log-bin -server-id = 1 -d112 1 -a112 1 -innodb_buffer_pool_size = 16M -d114 1 -a114 1 -innodb_additional_mem_pool_size = 2M -d137 1 -d141 1 -a141 1 -max_allowed_packet = 16M -d148 1 -a148 1 -key_buffer = 20M -d154 4 -a157 4 -key_buffer = 20M -sort_buffer_size = 20M -read_buffer = 2M -write_buffer = 2M -@ diff --git a/mysql/.rcs/my.cnf.orig,v b/mysql/.rcs/my.cnf.orig,v deleted file mode 100644 index d24b0b3..0000000 --- a/mysql/.rcs/my.cnf.orig,v +++ /dev/null @@ -1,170 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.11.30.08.22.44; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.1 -log -@Initial revision -@ -text -@# /etc/mysql/my.cnf: The global mysql configuration file. -# $Header: /etc/mysql/my.cnf,v 1.3 2010/11/30 06:46:14 root Exp $ - -# The following options will be passed to all MySQL clients -[client] -#password = your_password -port = 3306 -socket = /var/run/mysqld/mysqld.sock - -[mysql] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqladmin] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqlcheck] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqldump] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqlimport] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[mysqlshow] -character-sets-dir=/usr/share/mysql/charsets -default-character-set=utf8 - -[myisamchk] -character-sets-dir=/usr/share/mysql/charsets - -[myisampack] -character-sets-dir=/usr/share/mysql/charsets - -# use [safe_mysqld] with mysql-3 -[mysqld_safe] -err-log = /var/log/mysql/mysql.err - -# add a section [mysqld-4.1] or [mysqld-5.0] for specific configurations -[mysqld] -character-set-server = utf8 -user = mysql -port = 3306 -socket = /var/run/mysqld/mysqld.sock -pid-file = /var/run/mysqld/mysqld.pid -log-error = /var/log/mysql/mysqld.err -basedir = /usr -datadir = /var/lib/mysql -skip-external-locking -key_buffer = 16M -max_allowed_packet = 1M -table_cache = 64 -sort_buffer_size = 512K -net_buffer_length = 8K -read_buffer_size = 256K -read_rnd_buffer_size = 512K -myisam_sort_buffer_size = 8M -language = /usr/share/mysql/english - -# security: -# using "localhost" in connects uses sockets by default -# skip-networking -bind-address = 127.0.0.1 - -log-bin -server-id = 1 - -# point the following paths to different dedicated disks -tmpdir = /tmp/ -#log-update = /path-to-dedicated-directory/hostname - -# you need the debug USE flag enabled to use the following directives, -# if needed, uncomment them, start the server and issue -# #tail -f /tmp/mysqld.sql /tmp/mysqld.trace -# this will show you *exactly* what's happening in your server ;) - -#log = /tmp/mysqld.sql -#gdb -#debug = d:t:i:o,/tmp/mysqld.trace -#one-thread - -# uncomment the following directives if you are using BDB tables -#bdb_cache_size = 4M -#bdb_max_lock = 10000 - -# the following is the InnoDB configuration -# if you wish to disable innodb instead -# uncomment just the next line -#skip-innodb -# -# the rest of the innodb config follows: -# don't eat too much memory, we're trying to be safe on 64Mb boxes -# you might want to bump this up a bit on boxes with more RAM -innodb_buffer_pool_size = 16M -# this is the default, increase it if you have lots of tables -innodb_additional_mem_pool_size = 2M -# -# i'd like to use /var/lib/mysql/innodb, but that is seen as a database :-( -# and upstream wants things to be under /var/lib/mysql/, so that's the route -# we have to take for the moment -#innodb_data_home_dir = /var/lib/mysql/ -#innodb_log_arch_dir = /var/lib/mysql/ -#innodb_log_group_home_dir = /var/lib/mysql/ -# you may wish to change this size to be more suitable for your system -# the max is there to avoid run-away growth on your machine -innodb_data_file_path = ibdata1:10M:autoextend:max:128M -# we keep this at around 25% of of innodb_buffer_pool_size -# sensible values range from 1MB to (1/innodb_log_files_in_group*innodb_buffer_pool_size) -innodb_log_file_size = 5M -# this is the default, increase it if you have very large transactions going on -innodb_log_buffer_size = 8M -# this is the default and won't hurt you -# you shouldn't need to tweak it -innodb_log_files_in_group=2 -# see the innodb config docs, the other options are not always safe -innodb_flush_log_at_trx_commit = 1 -innodb_lock_wait_timeout = 50 -innodb_file_per_table - -[mysqldump] -quick -max_allowed_packet = 16M - -[mysql] -# uncomment the next directive if you are not familiar with SQL -#safe-updates - -[isamchk] -key_buffer = 20M -sort_buffer_size = 20M -read_buffer = 2M -write_buffer = 2M - -[myisamchk] -key_buffer = 20M -sort_buffer_size = 20M -read_buffer = 2M -write_buffer = 2M - -[mysqlhotcopy] -interactive-timeout -@ diff --git a/nagios/ndo2db.cfg-sample b/nagios/ndo2db.cfg-sample new file mode 100644 index 0000000..ab073c4 --- /dev/null +++ b/nagios/ndo2db.cfg-sample @@ -0,0 +1,192 @@ +##################################################################### +# NDO2DB DAEMON CONFIG FILE +# +# Last Modified: 01-02-2009 +##################################################################### + + + +# LOCK FILE +# This is the lockfile that NDO2DB will use to store its PID number +# in when it is running in daemon mode. + +lock_file=/var/lib/ndo2db.lock + + + +# USER/GROUP PRIVILIGES +# These options determine the user/group that the daemon should run as. +# You can specify a number (uid/gid) or a name for either option. + +ndo2db_user=nagios +ndo2db_group=nagios + + + +# SOCKET TYPE +# This option determines what type of socket the daemon will create +# an accept connections from. +# Value: +# unix = Unix domain socket (default) +# tcp = TCP socket + +socket_type=unix +#socket_type=tcp + + + +# SOCKET NAME +# This option determines the name and path of the UNIX domain +# socket that the daemon will create and accept connections from. +# This option is only valid if the socket type specified above +# is "unix". + +socket_name=/var/lib/ndo.sock + + + +# TCP PORT +# This option determines what port the daemon will listen for +# connections on. This option is only vlaid if the socket type +# specified above is "tcp". + +tcp_port=5668 + + + +# ENCRYPTION +# This option determines if the ndo2db daemon will accept SSL to encrypt the +# network traffic between module and ndo2db daemon. +# Both sides have to enable this feature which depends on SSL Libraries +# like openssl or kerberos +# This option is only valid if the output type +# option specified above is "tcpsocket". +# +# A value of '1' will enable this feature + +use_ssl=0 + + + +# DATABASE SERVER TYPE +# This option determines what type of DB server the daemon should +# connect to. +# Values: +# mysql = MySQL +# pgsql = PostgreSQL + +db_servertype=mysql + + + +# DATABASE HOST +# This option specifies what host the DB server is running on. + +db_host=localhost + + + +# DATABASE PORT +# This option specifies the port that the DB server is running on. +# Values: +# 3306 = Default MySQL port +# 5432 = Default PostgreSQL port + +db_port=3306 + + + +# DATABASE NAME +# This option specifies the name of the database that should be used. + +db_name=nagios + + + +# DATABASE TABLE PREFIX +# Determines the prefix (if any) that should be prepended to table names. +# If you modify the table prefix, you'll need to modify the SQL script for +# creating the database! + +db_prefix=nagios_ + + + +# DATABASE USERNAME/PASSWORD +# This is the username/password that will be used to authenticate to the DB. +# The user needs at least SELECT, INSERT, UPDATE, and DELETE privileges on +# the database. + +db_user=ndouser +db_pass=ndopassword + + + +## TABLE TRIMMING OPTIONS +# Several database tables containing Nagios event data can become quite large +# over time. Most admins will want to trim these tables and keep only a +# certain amount of data in them. The options below are used to specify the +# age (in MINUTES) that data should be allowd to remain in various tables +# before it is deleted. Using a value of zero (0) for any value means that +# that particular table should NOT be automatically trimmed. + +# Keep timed events for 24 hours +max_timedevents_age=1440 + +# Keep system commands for 1 week +max_systemcommands_age=10080 + +# Keep service checks for 1 week +max_servicechecks_age=10080 + +# Keep host checks for 1 week +max_hostchecks_age=10080 + +# Keep event handlers for 31 days +max_eventhandlers_age=44640 + +# Keep external commands for 31 days +max_externalcommands_age=44640 + + + + +# DEBUG LEVEL +# This option determines how much (if any) debugging information will +# be written to the debug file. OR values together to log multiple +# types of information. +# Values: -1 = Everything +# 0 = Nothing +# 1 = Process info +# 2 = SQL queries + +debug_level=0 + + + +# DEBUG VERBOSITY +# This option determines how verbose the debug log out will be. +# Values: 0 = Brief output +# 1 = More detailed +# 2 = Very detailed + +debug_verbosity=1 + + + +# DEBUG FILE +# This option determines where the daemon should write debugging information. + +debug_file=/var/lib/ndo2db.debug + + + +# MAX DEBUG FILE SIZE +# This option determines the maximum size (in bytes) of the debug file. If +# the file grows larger than this size, it will be renamed with a .old +# extension. If a file already exists with a .old extension it will +# automatically be deleted. This helps ensure your disk space usage doesn't +# get out of control when debugging. + +max_debug_file_size=1000000 + diff --git a/nagios/ndomod.cfg-sample b/nagios/ndomod.cfg-sample new file mode 100644 index 0000000..e192ff7 --- /dev/null +++ b/nagios/ndomod.cfg-sample @@ -0,0 +1,165 @@ +##################################################################### +# NDOMOD CONFIG FILE +# +# Last Modified: 09-05-2007 +##################################################################### + + +# INSTANCE NAME +# This option identifies the "name" associated with this particular +# instance of Nagios and is used to seperate data coming from multiple +# instances. Defaults to 'default' (without quotes). + +instance_name=default + + + +# OUTPUT TYPE +# This option determines what type of output sink the NDO NEB module +# should use for data output. Valid options include: +# file = standard text file +# tcpsocket = TCP socket +# unixsocket = UNIX domain socket (default) + +#output_type=file +#output_type=tcpsocket +output_type=unixsocket + + + +# OUTPUT +# This option determines the name and path of the file or UNIX domain +# socket to which output will be sent if the output type option specified +# above is "file" or "unixsocket", respectively. If the output type +# option is "tcpsocket", this option is used to specify the IP address +# of fully qualified domain name of the host that the module should +# connect to for sending output. + +#output=/var/lib/ndo.dat +#output=127.0.0.1 +output=/var/lib/ndo.sock + + + +# TCP PORT +# This option determines what port the module will connect to in +# order to send output. This option is only valid if the output type +# option specified above is "tcpsocket". + +tcp_port=5668 + + + +# ENCRYPTION +# This option determines if the module will use SSL to encrypt the +# network traffic between module and ndo2db daemon. +# Both sides have to enable this feature which depends on SSL Libraries +# like openssl or kerberos +# This option is only valid if the output type +# option specified above is "tcpsocket". +# +# A value of '1' will enable this feature + +use_ssl=0 + + + +# OUTPUT BUFFER +# This option determines the size of the output buffer, which will help +# prevent data from getting lost if there is a temporary disconnect from +# the data sink. The number of items specified here is the number of +# lines (each of variable size) of output that will be buffered. + +output_buffer_items=5000 + + + +# BUFFER FILE +# This option is used to specify a file which will be used to store the +# contents of buffered data which could not be sent to the NDO2DB daemon +# before Nagios shuts down. Prior to shutting down, the NDO NEB module +# will write all buffered data to this file for later processing. When +# Nagios (re)starts, the NDO NEB module will read the contents of this +# file and send it to the NDO2DB daemon for processing. + +buffer_file=/var/lib/ndomod.tmp + + + +# FILE ROTATION INTERVAL +# This option determines how often (in seconds) the output file is +# rotated by Nagios. File rotation is handled by Nagios by executing +# the command defined by the file_rotation_command option. This +# option has no effect if the output_type option is a socket. + +file_rotation_interval=14400 + + + +# FILE ROTATION COMMAND +# This option specified the command (as defined in Nagios) that is +# used to rotate the output file at the interval specified by the +# file_rotation_interval option. This option has no effect if the +# output_type option is a socket. +# +# See the file 'misccommands.cfg' for an example command definition +# that you can use to rotate the log file. + +#file_rotation_command=rotate_ndo_log + + + +# FILE ROTATION TIMEOUT +# This option specified the maximum number of seconds that the file +# rotation command should be allowed to run before being prematurely +# terminated. + +file_rotation_timeout=60 + + + +# RECONNECT INTERVAL +# This option determines how often (in seconds) that the NDO NEB +# module will attempt to re-connect to the output file or socket if +# a connection to it is lost. + +reconnect_interval=15 + + + +# RECONNECT WARNING INTERVAL +# This option determines how often (in seconds) a warning message will +# be logged to the Nagios log file if a connection to the output file +# or socket cannot be re-established. + +reconnect_warning_interval=15 +#reconnect_warning_interval=900 + + + +# DATA PROCESSING OPTION +# This option determines what data the NDO NEB module will process. +# Do not mess with this option unless you know what you're doing!!!! +# Read the source code (include/ndbxtmod.h) to determine what values +# to use here. Values from source code should be OR'ed to get the +# value to use here. A value of -1 will cause all data to be processed. +# Read the source code (include/ndomod.h) and look for "NDOMOD_PROCESS_" +# to determine what values to use here. Values from source code should +# be OR'ed to get the value to use here. A value of -1 will cause all +# data to be processed. + +data_processing_options=-1 + + + +# CONFIG OUTPUT OPTION +# This option determines what types of configuration data the NDO +# NEB module will dump from Nagios. Values can be OR'ed together. +# Values: +# 0 = Don't dump any configuration information +# 1 = Dump only original config (from config files) +# 2 = Dump config only after retained information has been restored +# 3 = Dump both original and retained configuration + +config_output_options=2 + diff --git a/nagios/nrpe.cfg.orig b/nagios/nrpe.cfg.orig new file mode 100644 index 0000000..d33b46b --- /dev/null +++ b/nagios/nrpe.cfg.orig @@ -0,0 +1,217 @@ +############################################################################# +# Sample NRPE Config File +# Written by: Ethan Galstad (nagios@nagios.org) +# +# Last Modified: 11-23-2007 +# +# NOTES: +# This is a sample configuration file for the NRPE daemon. It needs to be +# located on the remote host that is running the NRPE daemon, not the host +# from which the check_nrpe client is being executed. +############################################################################# + + +# LOG FACILITY +# The syslog facility that should be used for logging purposes. + +log_facility=daemon + + + +# PID FILE +# The name of the file in which the NRPE daemon should write it's process ID +# number. The file is only written if the NRPE daemon is started by the root +# user and is running in standalone mode. + +pid_file=/var/run/nrpe/nrpe.pid + + + +# PORT NUMBER +# Port number we should wait for connections on. +# NOTE: This must be a non-priviledged port (i.e. > 1024). +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +server_port=5666 + + + +# SERVER ADDRESS +# Address that nrpe should bind to in case there are more than one interface +# and you do not want nrpe to bind on all interfaces. +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +#server_address=127.0.0.1 + + + +# NRPE USER +# This determines the effective user that the NRPE daemon should run as. +# You can either supply a username or a UID. +# +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +nrpe_user=nagios + + + +# NRPE GROUP +# This determines the effective group that the NRPE daemon should run as. +# You can either supply a group name or a GID. +# +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +nrpe_group=nagios + + + +# ALLOWED HOST ADDRESSES +# This is an optional comma-delimited list of IP address or hostnames +# that are allowed to talk to the NRPE daemon. Network addresses with a bit mask +# (i.e. 192.168.1.0/24) are also supported. Hostname wildcards are not currently +# supported. +# +# Note: The daemon only does rudimentary checking of the client's IP +# address. I would highly recommend adding entries in your /etc/hosts.allow +# file to allow only the specified host to connect to the port +# you are running this daemon on. +# +# NOTE: This option is ignored if NRPE is running under either inetd or xinetd + +allowed_hosts=127.0.0.1 + + + +# COMMAND ARGUMENT PROCESSING +# This option determines whether or not the NRPE daemon will allow clients +# to specify arguments to commands that are executed. This option only works +# if the daemon was configured with the --enable-command-args configure script +# option. +# +# *** ENABLING THIS OPTION IS A SECURITY RISK! *** +# Read the SECURITY file for information on some of the security implications +# of enabling this variable. +# +# Values: 0=do not allow arguments, 1=allow command arguments + +dont_blame_nrpe=0 + + + +# COMMAND PREFIX +# This option allows you to prefix all commands with a user-defined string. +# A space is automatically added between the specified prefix string and the +# command line from the command definition. +# +# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! *** +# Usage scenario: +# Execute restricted commmands using sudo. For this to work, you need to add +# the nagios user to your /etc/sudoers. An example entry for alllowing +# execution of the plugins from might be: +# +# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/ +# +# This lets the nagios user run all commands in that directory (and only them) +# without asking for a password. If you do this, make sure you don't give +# random users write access to that directory or its contents! + +# command_prefix=/usr/bin/sudo + + + +# DEBUGGING OPTION +# This option determines whether or not debugging messages are logged to the +# syslog facility. +# Values: 0=debugging off, 1=debugging on + +debug=0 + + + +# COMMAND TIMEOUT +# This specifies the maximum number of seconds that the NRPE daemon will +# allow plugins to finish executing before killing them off. + +command_timeout=60 + + + +# CONNECTION TIMEOUT +# This specifies the maximum number of seconds that the NRPE daemon will +# wait for a connection to be established before exiting. This is sometimes +# seen where a network problem stops the SSL being established even though +# all network sessions are connected. This causes the nrpe daemons to +# accumulate, eating system resources. Do not set this too low. + +connection_timeout=300 + + + +# WEEK RANDOM SEED OPTION +# This directive allows you to use SSL even if your system does not have +# a /dev/random or /dev/urandom (on purpose or because the necessary patches +# were not applied). The random number generator will be seeded from a file +# which is either a file pointed to by the environment valiable $RANDFILE +# or $HOME/.rnd. If neither exists, the pseudo random number generator will +# be initialized and a warning will be issued. +# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness + +#allow_weak_random_seed=1 + + + +# INCLUDE CONFIG FILE +# This directive allows you to include definitions from an external config file. + +#include= + + + +# INCLUDE CONFIG DIRECTORY +# This directive allows you to include definitions from config files (with a +# .cfg extension) in one or more directories (with recursion). + +#include_dir= +#include_dir= + + + +# COMMAND DEFINITIONS +# Command definitions that this daemon will run. Definitions +# are in the following format: +# +# command[]= +# +# When the daemon receives a request to return the results of +# it will execute the command specified by the argument. +# +# Unlike Nagios, the command line cannot contain macros - it must be +# typed exactly as it should be executed. +# +# Note: Any plugins that are used in the command lines must reside +# on the machine that this daemon is running on! The examples below +# assume that you have plugins installed in a /usr/local/nagios/libexec +# directory. Also note that you will have to modify the definitions below +# to match the argument format the plugins expect. Remember, these are +# examples only! + + +# The following examples use hardcoded command arguments... + +command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10 +command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20 +command[check_hda1]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1 +command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z +command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200 + + +# The following examples allow user-supplied arguments and can +# only be used if the NRPE daemon was compiled with support for +# command arguments *AND* the dont_blame_nrpe directive in this +# config file is set to '1'. This poses a potential security risk, so +# make sure you read the SECURITY file before doing this. + +#command[check_users]=/usr/lib64/nagios/plugins/check_users -w $ARG1$ -c $ARG2$ +#command[check_load]=/usr/lib64/nagios/plugins/check_load -w $ARG1$ -c $ARG2$ +#command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ +#command[check_procs]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ diff --git a/nagios/objects/timeperiods.cfg.orig b/nagios/objects/timeperiods.cfg.orig new file mode 100644 index 0000000..7f1802e --- /dev/null +++ b/nagios/objects/timeperiods.cfg.orig @@ -0,0 +1,94 @@ +############################################################################### +# TIMEPERIODS.CFG - SAMPLE TIMEPERIOD DEFINITIONS +# +# Last Modified: 05-31-2007 +# +# NOTES: This config file provides you with some example timeperiod definitions +# that you can reference in host, service, contact, and dependency +# definitions. +# +# You don't need to keep timeperiods in a separate file from your other +# object definitions. This has been done just to make things easier to +# understand. +# +############################################################################### + + + +############################################################################### +############################################################################### +# +# TIME PERIODS +# +############################################################################### +############################################################################### + +# This defines a timeperiod where all times are valid for checks, +# notifications, etc. The classic "24x7" support nightmare. :-) +define timeperiod{ + timeperiod_name 24x7 + alias 24 Hours A Day, 7 Days A Week + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 + } + + +# 'workhours' timeperiod definition +define timeperiod{ + timeperiod_name workhours + alias Normal Work Hours + monday 09:00-17:00 + tuesday 09:00-17:00 + wednesday 09:00-17:00 + thursday 09:00-17:00 + friday 09:00-17:00 + } + + +# 'none' timeperiod definition +define timeperiod{ + timeperiod_name none + alias No Time Is A Good Time + } + + +# Some U.S. holidays +# Note: The timeranges for each holiday are meant to *exclude* the holidays from being +# treated as a valid time for notifications, etc. You probably don't want your pager +# going off on New Year's. Although you're employer might... :-) +define timeperiod{ + name us-holidays + timeperiod_name us-holidays + alias U.S. Holidays + + january 1 00:00-00:00 ; New Years + monday -1 may 00:00-00:00 ; Memorial Day (last Monday in May) + july 4 00:00-00:00 ; Independence Day + monday 1 september 00:00-00:00 ; Labor Day (first Monday in September) + thursday 4 november 00:00-00:00 ; Thanksgiving (4th Thursday in November) + december 25 00:00-00:00 ; Christmas + } + + +# This defines a modified "24x7" timeperiod that covers every day of the +# year, except for U.S. holidays (defined in the timeperiod above). +define timeperiod{ + timeperiod_name 24x7_sans_holidays + alias 24x7 Sans Holidays + + use us-holidays ; Get holiday exceptions from other timeperiod + + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 + } + diff --git a/netconfig b/netconfig new file mode 100644 index 0000000..effc67e --- /dev/null +++ b/netconfig @@ -0,0 +1,19 @@ +# +# The network configuration file. This file is currently only used in +# conjunction with the TI-RPC code in the libtirpc library. +# +# Entries consist of: +# +# \ +# +# +# The and fields are always empty in this +# implementation. +# +udp tpi_clts v inet udp - - +tcp tpi_cots_ord v inet tcp - - +udp6 tpi_clts v inet6 udp - - +tcp6 tpi_cots_ord v inet6 tcp - - +rawip tpi_raw - inet - - - +local tpi_cots_ord - loopback - - - +unix tpi_cots_ord - loopback - - - diff --git a/openldap/ssl.orig/ldap.crt b/openldap/ssl.orig/ldap.crt index fa06ff8..9940377 100644 --- a/openldap/ssl.orig/ldap.crt +++ b/openldap/ssl.orig/ldap.crt @@ -3,15 +3,15 @@ MIICxTCCAi6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UEBhMCVVMx EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExEzAR BgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2Vz IE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3DQEJARYOcm9v -dEBsb2NhbGhvc3QwHhcNMTAxMTMwMDYxOTIxWhcNMTIxMTI5MDYxOTIxWjCBpjEL +dEBsb2NhbGhvc3QwHhcNMTIwNzIzMDkwNDA0WhcNMTQwNzIzMDkwNDA0WjCBpjEL MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRh IEJhcmJhcmExEzARBgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0 aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3 DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB -AMkIfppB2/lqViayi38AY7fPF3aGucpFDxrcVy2lhj4ulFY9anldtE1yji5EnrQo -utB4/3EPNta6TARazZwPJc68pEXCSKJNOwxr8BayD/C8s4+7Dbp6jPd478QF11Ct -67Z1Ir/dV6sxE7ygAJBs9bGYpAWrVQvcEkfMJtpzvHKdAgMBAAEwDQYJKoZIhvcN -AQEFBQADgYEAWXBBlzPp0DFDIoK/VwNBEYwD2qWuBCidH5DXsLB0Oje3W8ZGxd8K -4dJQlQ/Hz/FQwV6Olior0dVCNf1atI1R/zgLXWXwr2rNqD6an9Io54SktnJo0180 -UOezPxxK+lIwydrlpHKtQucO0wIf9gpFCJTofXpek8Xl1GmQtsl4SYA= +ALrIlOCYalKcIONkooeO0R2V0WI5KyTIeOqfEPs83FFtAAdRtNUe1g86ijWEbq5R +1/M0U0J473akf+4lsM37GTa06zZmKY7pJfyrwqQ3grPhu3ZKu0lWd9zUuOTwXBKx +MpXakuh6cqM0B3OZtSTPBNP60GTPAOnThQ5dQvzBImbXAgMBAAEwDQYJKoZIhvcN +AQEFBQADgYEAjm9qlg3OidAANgGRx9ZFHj7yTCdld+UQKfOGR4y39BnNv2BZCr3A +bQnYylXGRkRf1sDDg++KsfYjB/fs9RvPJVpN2ef2oqOiBi5PHlaGNje4X/x8UFQW +ecNuSC6uDPNzQCzHZETKSuC6mM5dmwP/zunPqZKSE3XTh8f9Gj7Gb/U= -----END CERTIFICATE----- diff --git a/openldap/ssl.orig/ldap.csr b/openldap/ssl.orig/ldap.csr index 1e7c8b4..567b132 100644 --- a/openldap/ssl.orig/ldap.csr +++ b/openldap/ssl.orig/ldap.csr @@ -3,11 +3,11 @@ MIIB5zCCAVACAQAwgaYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHEw1TYW50YSBCYXJiYXJhMRMwEQYDVQQKEwpTU0wgU2VydmVyMSIw IAYDVQQLExlGb3IgVGVzdGluZyBQdXJwb3NlcyBPbmx5MRIwEAYDVQQDEwlsb2Nh bGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MIGfMA0GCSqGSIb3 -DQEBAQUAA4GNADCBiQKBgQDJCH6aQdv5alYmsot/AGO3zxd2hrnKRQ8a3FctpYY+ -LpRWPWp5XbRNco4uRJ60KLrQeP9xDzbWukwEWs2cDyXOvKRFwkiiTTsMa/AWsg/w -vLOPuw26eoz3eO/EBddQreu2dSK/3VerMRO8oACQbPWxmKQFq1UL3BJHzCbac7xy -nQIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEApDvEKMknyUCSYspWyLEEAi2VDRMD -o8W8nIrBzmKr3gr1AyS217YTe6om5qGrg4rN6+EOH6aK9PpKEwDNNN8iPD5v37Ec -eo6KB3TRGbbu8GoNbyhOzkJpbnVBdqA4nq8YQXy3+tYnWJ0GkiPYjs+HymkUSGxl -S2Aj0iy0jSm5crM= +DQEBAQUAA4GNADCBiQKBgQC6yJTgmGpSnCDjZKKHjtEdldFiOSskyHjqnxD7PNxR +bQAHUbTVHtYPOoo1hG6uUdfzNFNCeO92pH/uJbDN+xk2tOs2ZimO6SX8q8KkN4Kz +4bt2SrtJVnfc1Ljk8FwSsTKV2pLoenKjNAdzmbUkzwTT+tBkzwDp04UOXUL8wSJm +1wIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEAfcQhC8awtpcS+QLgQEs6rNCczKv9 +ShUfIPbwWkf3yiEai1lA0ggqCGYjdNQFeJ8eRiYUtRTOYt3KOS+vPzmFcpXR1hm9 +uCHotTfMPLiAtC3oTKgBwdBAI4qwUmTOsGkw0BCMke1BkR9B/vD76blOlZEOqJqY +6pnqQuUdGmqDGl0= -----END CERTIFICATE REQUEST----- diff --git a/openldap/ssl.orig/ldap.key b/openldap/ssl.orig/ldap.key index 0efab40..29fea52 100644 --- a/openldap/ssl.orig/ldap.key +++ b/openldap/ssl.orig/ldap.key @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDJCH6aQdv5alYmsot/AGO3zxd2hrnKRQ8a3FctpYY+LpRWPWp5 -XbRNco4uRJ60KLrQeP9xDzbWukwEWs2cDyXOvKRFwkiiTTsMa/AWsg/wvLOPuw26 -eoz3eO/EBddQreu2dSK/3VerMRO8oACQbPWxmKQFq1UL3BJHzCbac7xynQIDAQAB -AoGBALJnh3L932mIpMvSx1j9z4Dfl8Ln7RlEEBOWVwd7TZcBX0LpXgQ21Dum3ebR -nsXjH2bC+m4rQk9tJOj4bF+CUdmA5SFLWfM31HlqVDwEl8paZ4LTei6mcbMqbOte -x9e/EEcQAPa1+OM6a6DNmB3tfvyCuINjz0jDH1vDjCoi6loBAkEA/l2+gOxiZlxC -/A1Xf06YIe2I/grOintx2DH0nHt9oZJnfirU5B91C45tlQ/8BMtazwkurvzKkTS/ -ivnvN3rDeQJBAMpTDfqaTTRgOaGwAwzrZTOFLQB+Opnvdrbs5mO13v2GJKMgLBZg -vJN2HiBPZLQZQHRv7FdS6vBm8GcHrGtIG0UCQQCHoHRzSZct/QO6YWLF/qIfdQgW -bKy0Kh4JqJlE1pOmEuob27qn6B4Ai3DiiiNWaxeATOUXaLKZugZnk9x5OHwBAkEA -lrgaYMZTnyHTrOxGyXgOErwx0v01wHjP8eM2ma7hZ/FnF5Ie5ai4sg060gzy0utA -xbyezkp5tA6rJcVknyK/FQJAec5lFqa4HRXwEYTgJH9z1jjqFyIJCLiyuWkONPqL -ADr7+AWgSSlojIDOW1UG12wAYBjuXYeSENfYWUtmY0JhhQ== +MIICXAIBAAKBgQC6yJTgmGpSnCDjZKKHjtEdldFiOSskyHjqnxD7PNxRbQAHUbTV +HtYPOoo1hG6uUdfzNFNCeO92pH/uJbDN+xk2tOs2ZimO6SX8q8KkN4Kz4bt2SrtJ +Vnfc1Ljk8FwSsTKV2pLoenKjNAdzmbUkzwTT+tBkzwDp04UOXUL8wSJm1wIDAQAB +AoGBAK4TPdzLb1uqMmR6Z5banT1rYQafrPvM8hQHRvY+1D32ze4EUfnFkU4ECsax +s802bYI1o9rxhosV6Dx0WADAIc/oSFHB9se54hqEd7zIEeIk1RPnl1uRLjbpu5a2 +w7hftE7AunegD4MK3C+ay6sl7yY1xXq1zEUJsgEzm/EjGPjhAkEA5oRjHv11b1cW +9M5VQ9tZJx+E43Ootf2IEHcnJaC79ytLRrszJ3Yx01kc7OG8gnTQK6D9b7Ru145F +meVMKpzTmQJBAM9uiYi0xdJjnzasJQn5YOMibqwL3tuiuiF4eGXz7yTOBMUtnxDZ +m6iXXA19c4IpEw2636AeRXXvx+jkAMf4k+8CQFOIo/bF+HlpgNsjrkhRw4Pm6xwV +fIy+nEEDPL9o+NR/7t5p1ga10SZ6g33f65UGya0VwOFq7EPWvaggLLLAc/kCQCUG +hAIk0lK1eYvWul3HZ6XjVYHcNJFbwIGM8WCxY/Rb2bogZI4raX90VPgLdny7PC1t +N9Fq1dcxT6ugVwtasX0CQA5hOPTukZUuw9l5TjmQFvGW3zNcRnnEunvehC9+GTA+ +Dn1De1J+COhRUqoRq9LXbKpo6JxX9cpU6Hiu2XkGDn8= -----END RSA PRIVATE KEY----- diff --git a/openldap/ssl.orig/ldap.pem b/openldap/ssl.orig/ldap.pem index e07bc46..fcbd318 100644 --- a/openldap/ssl.orig/ldap.pem +++ b/openldap/ssl.orig/ldap.pem @@ -1,17 +1,17 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDJCH6aQdv5alYmsot/AGO3zxd2hrnKRQ8a3FctpYY+LpRWPWp5 -XbRNco4uRJ60KLrQeP9xDzbWukwEWs2cDyXOvKRFwkiiTTsMa/AWsg/wvLOPuw26 -eoz3eO/EBddQreu2dSK/3VerMRO8oACQbPWxmKQFq1UL3BJHzCbac7xynQIDAQAB -AoGBALJnh3L932mIpMvSx1j9z4Dfl8Ln7RlEEBOWVwd7TZcBX0LpXgQ21Dum3ebR -nsXjH2bC+m4rQk9tJOj4bF+CUdmA5SFLWfM31HlqVDwEl8paZ4LTei6mcbMqbOte -x9e/EEcQAPa1+OM6a6DNmB3tfvyCuINjz0jDH1vDjCoi6loBAkEA/l2+gOxiZlxC -/A1Xf06YIe2I/grOintx2DH0nHt9oZJnfirU5B91C45tlQ/8BMtazwkurvzKkTS/ -ivnvN3rDeQJBAMpTDfqaTTRgOaGwAwzrZTOFLQB+Opnvdrbs5mO13v2GJKMgLBZg -vJN2HiBPZLQZQHRv7FdS6vBm8GcHrGtIG0UCQQCHoHRzSZct/QO6YWLF/qIfdQgW -bKy0Kh4JqJlE1pOmEuob27qn6B4Ai3DiiiNWaxeATOUXaLKZugZnk9x5OHwBAkEA -lrgaYMZTnyHTrOxGyXgOErwx0v01wHjP8eM2ma7hZ/FnF5Ie5ai4sg060gzy0utA -xbyezkp5tA6rJcVknyK/FQJAec5lFqa4HRXwEYTgJH9z1jjqFyIJCLiyuWkONPqL -ADr7+AWgSSlojIDOW1UG12wAYBjuXYeSENfYWUtmY0JhhQ== +MIICXAIBAAKBgQC6yJTgmGpSnCDjZKKHjtEdldFiOSskyHjqnxD7PNxRbQAHUbTV +HtYPOoo1hG6uUdfzNFNCeO92pH/uJbDN+xk2tOs2ZimO6SX8q8KkN4Kz4bt2SrtJ +Vnfc1Ljk8FwSsTKV2pLoenKjNAdzmbUkzwTT+tBkzwDp04UOXUL8wSJm1wIDAQAB +AoGBAK4TPdzLb1uqMmR6Z5banT1rYQafrPvM8hQHRvY+1D32ze4EUfnFkU4ECsax +s802bYI1o9rxhosV6Dx0WADAIc/oSFHB9se54hqEd7zIEeIk1RPnl1uRLjbpu5a2 +w7hftE7AunegD4MK3C+ay6sl7yY1xXq1zEUJsgEzm/EjGPjhAkEA5oRjHv11b1cW +9M5VQ9tZJx+E43Ootf2IEHcnJaC79ytLRrszJ3Yx01kc7OG8gnTQK6D9b7Ru145F +meVMKpzTmQJBAM9uiYi0xdJjnzasJQn5YOMibqwL3tuiuiF4eGXz7yTOBMUtnxDZ +m6iXXA19c4IpEw2636AeRXXvx+jkAMf4k+8CQFOIo/bF+HlpgNsjrkhRw4Pm6xwV +fIy+nEEDPL9o+NR/7t5p1ga10SZ6g33f65UGya0VwOFq7EPWvaggLLLAc/kCQCUG +hAIk0lK1eYvWul3HZ6XjVYHcNJFbwIGM8WCxY/Rb2bogZI4raX90VPgLdny7PC1t +N9Fq1dcxT6ugVwtasX0CQA5hOPTukZUuw9l5TjmQFvGW3zNcRnnEunvehC9+GTA+ +Dn1De1J+COhRUqoRq9LXbKpo6JxX9cpU6Hiu2XkGDn8= -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- @@ -19,15 +19,15 @@ MIICxTCCAi6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UEBhMCVVMx EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExEzAR BgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2Vz IE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3DQEJARYOcm9v -dEBsb2NhbGhvc3QwHhcNMTAxMTMwMDYxOTIxWhcNMTIxMTI5MDYxOTIxWjCBpjEL +dEBsb2NhbGhvc3QwHhcNMTIwNzIzMDkwNDA0WhcNMTQwNzIzMDkwNDA0WjCBpjEL MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRh IEJhcmJhcmExEzARBgNVBAoTClNTTCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0 aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3 DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB -AMkIfppB2/lqViayi38AY7fPF3aGucpFDxrcVy2lhj4ulFY9anldtE1yji5EnrQo -utB4/3EPNta6TARazZwPJc68pEXCSKJNOwxr8BayD/C8s4+7Dbp6jPd478QF11Ct -67Z1Ir/dV6sxE7ygAJBs9bGYpAWrVQvcEkfMJtpzvHKdAgMBAAEwDQYJKoZIhvcN -AQEFBQADgYEAWXBBlzPp0DFDIoK/VwNBEYwD2qWuBCidH5DXsLB0Oje3W8ZGxd8K -4dJQlQ/Hz/FQwV6Olior0dVCNf1atI1R/zgLXWXwr2rNqD6an9Io54SktnJo0180 -UOezPxxK+lIwydrlpHKtQucO0wIf9gpFCJTofXpek8Xl1GmQtsl4SYA= +ALrIlOCYalKcIONkooeO0R2V0WI5KyTIeOqfEPs83FFtAAdRtNUe1g86ijWEbq5R +1/M0U0J473akf+4lsM37GTa06zZmKY7pJfyrwqQ3grPhu3ZKu0lWd9zUuOTwXBKx +MpXakuh6cqM0B3OZtSTPBNP60GTPAOnThQ5dQvzBImbXAgMBAAEwDQYJKoZIhvcN +AQEFBQADgYEAjm9qlg3OidAANgGRx9ZFHj7yTCdld+UQKfOGR4y39BnNv2BZCr3A +bQnYylXGRkRf1sDDg++KsfYjB/fs9RvPJVpN2ef2oqOiBi5PHlaGNje4X/x8UFQW +ecNuSC6uDPNzQCzHZETKSuC6mM5dmwP/zunPqZKSE3XTh8f9Gj7Gb/U= -----END CERTIFICATE----- diff --git a/passwd b/passwd index 0ea625c..2cbeefa 100644 --- a/passwd +++ b/passwd @@ -1,4 +1,4 @@ -root:x:0:0:root Helga:/root:/bin/bash +root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/bin/false daemon:x:2:2:daemon:/sbin:/bin/false adm:x:3:4:adm:/var/adm:/bin/false @@ -6,12 +6,12 @@ lp:x:4:7:lp:/var/spool/lpd:/bin/false sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt -mail:x:8:12:mail:/var/spool/mail:/bin/false -news:x:9:13:news:/usr/lib/news:/bin/false -uucp:x:10:14:uucp:/var/spool/uucppublic:/bin/false +mail:x:8:12:added by portage for mailbase:/var/spool/mail:/sbin/nologin +news:x:9:13:news:/var/spool/news:/bin/false +uucp:x:10:14:uucp:/var/spool/uucp:/bin/false operator:x:11:0:operator:/root:/bin/bash -man:x:13:15:man:/usr/share/man:/bin/false -postmaster:x:14:12:postmaster:/var/spool/mail:/bin/false +man:x:13:15:added by portage for man:/usr/share/man:/sbin/nologin +postmaster:x:14:249:added by portage for mailbase:/var/spool/mail:/sbin/nologin cron:x:16:16:added by portage for cronbase:/var/spool/cron:/sbin/nologin ftp:x:21:21:added by portage for ftpbase:/home/ftp:/sbin/nologin sshd:x:22:22:added by portage for openssh:/var/empty:/sbin/nologin @@ -20,9 +20,8 @@ games:x:36:35:added by portage for enemy-territory:/usr/games:/bin/bash named:x:40:40:added by portage for bind:/etc/bind:/sbin/nologin mysql:x:60:60:added by portage for mysql:/dev/null:/sbin/nologin apache:x:81:81:added by portage for apache:/var/www:/sbin/nologin -ulogd:x:101:197:added by portage for ulogd:/var/log/ulogd:/sbin/nologin +messagebus:x:101:247:added by portage for dbus:/dev/null:/sbin/nologin tcpdump:x:102:196:added by portage for tcpdump:/dev/null:/sbin/nologin -messagebus:x:103:110:added by portage for dbus:/dev/null:/sbin/nologin nagios:x:104:104:added by portage for nagios-plugins-snmp:/var/nagios/home:/bin/bash teamspeak3:x:105:103:added by portage for teamspeak-server-bin:/dev/null:/sbin/nologin polw:x:106:102:added by portage for policyd-weight:/dev/null:/sbin/nologin @@ -31,14 +30,17 @@ amavis:x:108:999:added by portage for amavisd-new:/var/amavis:/sbin/nologin clamav:x:109:998:added by portage for clamav:/dev/null:/sbin/nologin proftpd:x:110:1008:added by portage for proftpd:/dev/null:/sbin/nologin rpc:x:111:111:added by portage for portmap:/dev/null:/sbin/nologin +openvpn:x:112:997:added by portage for openvpn:/dev/null:/sbin/nologin +git:x:113:996:added by portage for gitolite:/var/lib/gitolite:/bin/bash ntp:x:123:123:added by portage for ntp:/dev/null:/sbin/nologin postfix:x:207:207:added by portage for postfix:/var/spool/postfix:/sbin/nologin smmsp:x:209:209:smmsp:/var/spool/mqueue:/bin/false portage:x:250:250:portage:/var/tmp/portage:/bin/false ldap:x:439:439:added by portage for openldap:/usr/lib64/openldap:/sbin/nologin -nobody:x:65534:65534:nobody:/:/bin/false +nobody:x:65534:65534:nobody:/var/empty:/bin/false taurec:x:1000:100:Jörn Valentin:/home/taurec:/bin/bash morph:x:1001:100:Daniel Wendler:/home/morph:/bin/bash +minecraft:x:1002:1002:minecraft server:/home/minecraft:/bin/bash patrick:x:1004:100:Patrick Hennig:/home/patrick:/bin/bash vivi:x:1006:100:Vivien Winkler:/home/vivi:/bin/bash frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash @@ -49,6 +51,4 @@ vmail:x:1023:1023:Virtual Mailuser:/home/vmail:/bin/false alfred:x:1024:100:Alfred Haberkorn:/home/alfred:/bin/bash steffen:x:1025:100:Steffen Brehm:/home/steffen:/bin/bash heiko:x:1029:100:Heiko Hennig:/home/heiko:/bin/bash -minecraft:x:1002:1002:minecraft server:/home/minecraft:/bin/bash -openvpn:x:112:997:added by portage for openvpn:/dev/null:/sbin/nologin -git:x:113:996:added by portage for gitolite:/var/lib/gitolite:/bin/bash +ulogd:x:103:197:added by portage for ulogd:/var/log/ulogd:/sbin/nologin diff --git a/passwd.old b/passwd.old deleted file mode 100644 index 6386ca0..0000000 --- a/passwd.old +++ /dev/null @@ -1,51 +0,0 @@ -root:x:0:0:root Helga:/root:/bin/bash -bin:x:1:1:bin:/bin:/bin/false -daemon:x:2:2:daemon:/sbin:/bin/false -adm:x:3:4:adm:/var/adm:/bin/false -lp:x:4:7:lp:/var/spool/lpd:/bin/false -sync:x:5:0:sync:/sbin:/bin/sync -shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown -halt:x:7:0:halt:/sbin:/sbin/halt -mail:x:8:12:mail:/var/spool/mail:/bin/false -news:x:9:13:news:/usr/lib/news:/bin/false -uucp:x:10:14:uucp:/var/spool/uucppublic:/bin/false -operator:x:11:0:operator:/root:/bin/bash -man:x:13:15:man:/usr/share/man:/bin/false -postmaster:x:14:12:postmaster:/var/spool/mail:/bin/false -cron:x:16:16:added by portage for cronbase:/var/spool/cron:/sbin/nologin -sshd:x:22:22:added by portage for openssh:/var/empty:/sbin/nologin -at:x:25:25:added by portage for at:/var/spool/at/atjobs:/sbin/nologin -named:x:40:40:added by portage for bind:/etc/bind:/sbin/nologin -mysql:x:60:60:added by portage for mysql:/dev/null:/sbin/nologin -apache:x:81:81:added by portage for apache:/var/www:/sbin/nologin -messagebus:x:101:1002:added by portage for dbus:/dev/null:/sbin/nologin -ulogd:x:102:1003:added by portage for ulogd:/var/log/ulogd:/sbin/nologin -clamav:x:103:1004:added by portage for clamav:/dev/null:/sbin/nologin -polw:x:104:1005:added by portage for policyd-weight:/dev/null:/sbin/nologin -postgrey:x:105:1006:added by portage for postgrey:/dev/null:/sbin/nologin -amavis:x:106:1007:added by portage for amavisd-new:/var/amavis:/sbin/nologin -rpc:x:111:111:added by portage for portmap:/dev/null:/sbin/nologin -postfix:x:207:207:added by portage for postfix:/var/spool/postfix:/sbin/nologin -smmsp:x:209:209:smmsp:/var/spool/mqueue:/bin/false -portage:x:250:250:portage:/var/tmp/portage:/bin/false -ldap:x:439:439:added by portage for openldap:/usr/lib64/openldap:/sbin/nologin -nobody:x:65534:65534:nobody:/:/bin/false -taurec:x:1000:100:Jörn Valentin:/home/taurec:/bin/bash -frank:x:1017:100:Frank Brehm:/home/frank:/bin/bash -ftp:x:21:21:added by portage for ftpbase:/home/ftp:/sbin/nologin -proftpd:x:107:1008:added by portage for proftpd:/dev/null:/sbin/nologin -ntp:x:123:123:added by portage for ntp:/dev/null:/sbin/nologin -nagios:x:108:1009:added by portage for nagios-plugins-snmp:/var/nagios/home:/bin/bash -tcpdump:x:109:1010:added by portage for tcpdump:/dev/null:/sbin/nologin -games:x:36:35:added by portage for enemy-territory:/usr/games:/bin/bash -teamspeak3:x:110:1012:added by portage for teamspeak-server-bin:/dev/null:/sbin/nologin -alfred:x:1024:100:Alfred Haberkorn:/home/alfred:/bin/bash -davis:x:1020:100:Davis Winkler:/home/davis:/bin/bash -doris:x:1019:100:Doris Hennig:/home/doris:/bin/bash -heiko:x:1029:100:Heiko Hennig:/home/heiko:/bin/bash -morph:x:1001:100:Daniel Wendler:/home/morph:/bin/bash -patrick:x:1004:100:Patrick Hennig:/home/patrick:/bin/bash -steffen:x:1025:100:Steffen Brehm:/home/steffen:/bin/bash -thomas:x:1021:100:Thomas Schmidt:/home/thomas:/bin/bash -vivi:x:1006:100:Vivien Winkler:/home/vivi:/bin/bash -vmail:x:1023:1023:Virtual Mailuser:/home/vmail:/bin/false diff --git a/php/apache2-php5.3/.rcs/php.ini,v b/php/apache2-php5.3/.rcs/php.ini,v deleted file mode 100644 index f1c3f0f..0000000 --- a/php/apache2-php5.3/.rcs/php.ini,v +++ /dev/null @@ -1,1950 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2011.01.09.10.39.36; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2011.01.08.23.47.50; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -;output_buffering = 4096 -output_buffering = Off - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL | E_STRICT - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -;display_errors = On -display_errors = stderr - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = On - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = On - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = On - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -;enable_dl = Off -enable_dl = On - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" -from="frank@@brehm-online.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_exif.dll ; Must be after mbstring as it depends on it -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = On - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHP_SESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = On - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = On - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom -session.entropy_file = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ - - -1.1 -log -@Initial revision -@ -text -@d262 2 -a263 1 -output_buffering = 4096 -d532 2 -a533 1 -display_errors = On -d817 2 -a818 1 -enable_dl = Off -d903 1 -d1222 1 -a1222 1 -mysql.default_host = -d1273 1 -a1273 1 -mysqli.default_host = -d1489 1 -a1489 1 -session.name = PHPSESSID -@ diff --git a/php/apache2-php5.3/.rcs/php.ini.orig,v b/php/apache2-php5.3/.rcs/php.ini.orig,v deleted file mode 100644 index 199aa15..0000000 --- a/php/apache2-php5.3/.rcs/php.ini.orig,v +++ /dev/null @@ -1,1914 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2011.01.08.23.47.50; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL | E_STRICT - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = On - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = On - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = On - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = On - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_exif.dll ; Must be after mbstring as it depends on it -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = On - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = On - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = On - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom -session.entropy_file = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ diff --git a/php/apache2-php5.3/php.ini b/php/apache2-php5.3/php.ini index 0c012e1..009636b 100644 --- a/php/apache2-php5.3/php.ini +++ b/php/apache2-php5.3/php.ini @@ -19,7 +19,7 @@ ; See the PHP docs for more specific information. ; http://php.net/configuration.file -; The syntax of the file is extremely simple. Whitespace and Lines +; The syntax of the file is extremely simple. Whitespace and lines ; beginning with a semicolon are silently ignored (as you probably guessed). ; Section headers (e.g. [Foo]) are also silently ignored, even though ; they might mean something in the future. @@ -485,7 +485,7 @@ memory_limit = 128M ; development and early testing. ; ; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) ; E_ERROR - fatal run-time errors ; E_RECOVERABLE_ERROR - almost fatal run-time errors ; E_WARNING - run-time warnings (non-fatal errors) @@ -750,7 +750,7 @@ post_max_size = 8M ; enable the feature. We strongly recommend you use the escaping mechanisms ; designed specifically for the database your using instead of relying on this ; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. +; removed in PHP 5.4. ; Default Value: On ; Development Value: Off ; Production Value: Off @@ -1501,7 +1501,7 @@ session.use_cookies = 1 ;session.cookie_secure = ; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting +; the session id. We encourage this operation as it's very helpful in combating ; session hijacking when not specifying and managing your own session id. It is ; not the end all be all of session hijacking defense, but it's a good start. ; http://php.net/session.use-only-cookies @@ -1632,7 +1632,7 @@ session.cache_expire = 180 ; - User may send URL contains active session ID ; to other person via. email/irc/etc. ; - URL that contains active session ID may be stored -; in publically accessible computer. +; in publicly accessible computer. ; - User may access your site with the same session ID ; always using URL stored in browser's history or bookmarks. ; http://php.net/session.use-trans-sid diff --git a/php/apache2-php5.3/php.ini.orig b/php/apache2-php5.3/php.ini.orig deleted file mode 100644 index 8f4eac8..0000000 --- a/php/apache2-php5.3/php.ini.orig +++ /dev/null @@ -1,1890 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL | E_STRICT - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = On - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = On - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = On - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = On - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_exif.dll ; Must be after mbstring as it depends on it -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = On - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = On - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = On - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom -session.entropy_file = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: diff --git a/php/apache2-php5/.rcs/php.ini,v b/php/apache2-php5/.rcs/php.ini,v deleted file mode 100644 index 81d47ba..0000000 --- a/php/apache2-php5/.rcs/php.ini,v +++ /dev/null @@ -1,2652 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.10.30.19.18.46; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.08.19.20.47.53; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -;output_buffering = 4096 -output_buffering = Off - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = stderr - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = On - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" -from="frank@@brehm-online.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHP_SESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ - - -1.1 -log -@Initial revision -@ -text -@a2 11 -;;;;;;;;;;; -; WARNING ; -;;;;;;;;;;; -; This is the default settings file for new PHP installations. -; By default, PHP installs itself with a configuration suitable for -; development purposes, and *NOT* for production purposes. -; For several security-oriented considerations that should be taken -; before going online with your site, please consult php.ini-recommended -; and http://php.net/manual/en/security.php. - - -d6 16 -a21 8 -; This file controls many aspects of PHP's behavior. In order for PHP to -; read it, it must be named 'php.ini'. PHP looks for it in the current -; working directory, in the path designated by the environment variable -; PHPRC, and in the path that was defined in compile time (in that order). -; Under Windows, the compile-time path is the Windows directory. The -; path in which the php.ini file is looked for can be overridden using -; the -c argument in command line mode. -; -d26 10 -a35 1 -; -d39 4 -a42 1 -; -d45 3 -a47 2 -; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). -; -d49 6 -a54 5 -; | bitwise OR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT -; -d57 1 -a57 1 -; -d60 1 -a60 1 -; -d62 3 -a64 3 -; foo = none ; sets foo to an empty string -; foo = "none" ; sets foo to the string 'none' -; -d68 1 -a68 2 -; -; -d72 13 -a84 3 -; All the values in the php.ini-dist file correspond to the builtin -; defaults (that is, if no php.ini is used, or if you delete these lines, -; the builtin defaults will be identical). -d86 119 -d211 1 -d214 13 -a226 10 -; Enable compatibility mode with Zend Engine 1 (PHP 4.x) -zend.ze1_compatibility_mode = Off - -; Allow the tags are recognized. -; NOTE: Using short tags should be avoided when developing applications or -; libraries that are meant for redistribution, or deployment on PHP -; servers which are not under your control, because short tags may not -; be supported on the target server. For portable, redistributable code, -; be sure not to use short tags. -short_open_tag = On -d229 1 -d233 2 -a234 1 -precision = 12 -d237 1 -d240 23 -a262 7 -; Output buffering allows you to send header lines (including cookies) even -; after you send body content, at the price of slowing PHP's output layer a -; bit. You can enable output buffering during runtime by calling the output -; buffering functions. You can also enable output buffering for all files by -; setting this directive to On. If you wish to limit the size of the buffer -; to a certain size - you can use a maximum number of bytes instead of 'On', as -; a value for this directive (e.g., output_buffering=4096). -d270 3 -a272 3 -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -d274 1 -a274 1 -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -d276 2 -a277 1 -; Instead you must use zlib.output_handler. -d284 3 -a286 3 -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -d288 2 -a289 1 -; output_handler, or otherwise the output will be corrupted. -d291 2 -d298 1 -d306 2 -d312 2 -a313 3 -; which should be instantiated. -; A warning appears if the specified function is not defined, or if the -; function doesn't include/implement the missing class. -d316 1 -a316 1 -unserialize_callback_func= -d323 13 -a335 10 -; Whether to enable the ability to force arguments to be passed by reference -; at function call time. This method is deprecated and is likely to be -; unsupported in future versions of PHP/Zend. The encouraged method of -; specifying which arguments should be passed by reference is in the function -; declaration. You're encouraged to try and turn this option Off and make -; sure your scripts work properly with it in order to ensure they will work -; with future versions of the language (you will receive a warning each time -; you use this feature, and the argument will be passed by value instead of by -; reference). -allow_call_time_pass_reference = On -a336 1 -; -d338 1 -a338 1 -; -d344 1 -d351 1 -d356 1 -a363 1 -; -d365 2 -a366 1 -; environment variable! -d372 1 -d379 1 -d385 1 -d391 1 -d396 1 -d405 5 -a409 3 -; the request. Consider enabling it if executing long request, which may end up -; being interrupted by the user or a browser timing out. -; ignore_user_abort = On -d414 2 -a415 1 -; realpath_cache_size=16k -d420 6 -a425 1 -; realpath_cache_ttl=120 -a426 3 -; -; Misc -; -d431 1 -a433 1 - -d438 22 -a459 5 -max_execution_time = 30 ; Maximum execution time of each script, in seconds -max_input_time = 60 ; Maximum amount of time each script may spend parsing request data -;max_input_nesting_level = 64 ; Maximum input variable nesting level -memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) - -d465 17 -a481 3 -; error_reporting is a bit-field. Or each number up to get desired error -; reporting level -; E_ALL - All errors and warnings (doesn't include E_STRICT) -d502 41 -a542 39 -; -; Examples: -; -; - Show all errors, except for notices and coding standards warnings -; -;error_reporting = E_ALL & ~E_NOTICE -; -; - Show all errors, except for notices -; -;error_reporting = E_ALL & ~E_NOTICE | E_STRICT -; -; - Show only errors -; -;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR -; -; - Show all errors except for notices and coding standards warnings -; -error_reporting = E_ALL & ~E_NOTICE - -; Print out errors (as a part of the output). For production web sites, -; you're strongly encouraged to turn this feature off, and use error logging -; instead (see below). Keeping display_errors enabled on a production web site -; may reveal security information to end users, such as file paths on your Web -; server, your database schema or other information. -; -; possible values for display_errors: -; -; Off - Do not display any errors -; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) -; -;display_errors = "stderr" -; -; stdout (On) - Display errors to STDOUT -; -display_errors = On - -; Even when display_errors is on, errors that occur during PHP's startup -; sequence are not displayed. It's strongly recommended to keep -; display_startup_errors off, except for when debugging. -d545 9 -a553 4 -; Log errors into a log file (server-specific log, stderr, or error_log (below)) -; As stated above, you're strongly advised to use error logging in place of -; error displaying on production web sites. -log_errors = Off -d557 1 -d562 1 -d568 1 -d574 1 -d577 1 -d580 7 -a586 1 -; Store the last error/warning message in $php_errormsg (boolean). -d590 1 -d592 1 -d596 10 -a605 3 -; Disable the inclusion of HTML tags in error messages. -; Note: Never use this feature for production boxes. -;html_errors = Off -d609 1 -a609 1 -; You can download a copy of the PHP manual from http://www.php.net/docs.php -d612 1 -a612 1 -; the dot. -d614 2 -d617 2 -d621 4 -a624 1 -; String to output before an error message. -d627 4 -a630 1 -; String to output after an error message. -d633 5 -a637 3 -; Log errors to specified file. -;error_log = filename - -a640 1 - -a643 2 -; -; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 -d646 3 -a648 1 -; Default is "&". -d652 1 -a652 1 -; Default is "&". -d654 2 -d658 26 -a683 5 -; This directive describes the order in which PHP registers GET, POST, Cookie, -; Environment and Built-in variables (G, P, C, E & S respectively, often -; referred to as EGPCS or GPC). Registration is done from left to right, newer -; values override older values. -variables_order = "EGPCS" -d687 1 -a687 4 -; with user data. This makes most sense when coupled with track_vars - in which -; case you can access all of the GPC variables through the $HTTP_*_VARS[], -; variables. -; -d691 1 -d694 24 -a717 9 -; Whether or not to register the old-style input arrays, HTTP_GET_VARS -; and friends. If you're not using them, it's recommended to turn them off, -; for performance reasons. -register_long_arrays = On - -; This directive tells PHP whether to declare the argv&argc variables (that -; would contain the GET information). If you don't use these variables, you -; should turn it off for increased performance. -register_argc_argv = On -d724 1 -d728 1 -d731 15 -a745 5 -; Magic quotes -; - -; Magic quotes for incoming GET/POST/Cookie data. -magic_quotes_gpc = On -d748 1 -d752 1 -d755 2 -a756 1 -; Automatically add files before or after any PHP document. -d758 3 -d763 1 -a763 1 -; As of 4.0b4, PHP always outputs a character encoding by default in -d768 1 -d770 3 -d775 3 -a777 1 -; Always populate the $HTTP_RAW_POST_DATA variable. -a779 1 - -d789 3 -d798 1 -d803 1 -d807 4 -a810 1 -extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 -d815 1 -d822 2 -a823 1 -; cgi.force_redirect = 1 -d826 2 -a827 2 -; every request. -; cgi.nph = 1 -d833 2 -a834 1 -; cgi.redirect_status_env = ; -d839 1 -a839 1 -; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting -d842 2 -a843 1 -; cgi.fix_pathinfo=0 -d850 2 -a851 1 -; fastcgi.impersonate = 1; -d853 3 -a855 2 -; Disable logging through FastCGI connection -; fastcgi.logging = 0 -d862 1 -a864 1 - -d870 1 -d875 1 -d879 1 -a881 1 - -d890 1 -d894 1 -d897 3 -a899 1 -; Define the anonymous ftp password (your email address) -d901 1 -d903 3 -a905 2 -; Define the User-Agent string -; user_agent="PHP" -d908 1 -d916 2 -a917 2 -; auto_detect_line_endings = Off - -d922 1 -a922 1 -; -d936 7 -a942 5 -; Note that it should be the name of the module only; no directory information -; needs to go here. Specify the location of the extension with the -; extension_dir directive above. - - -d948 1 -a948 1 - -a951 1 -;extension=php_dbase.dll -d953 1 -a953 1 -;extension=php_fdf.dll -d957 1 -a957 1 -;extension=php_ifx.dll -a961 3 -;extension=php_mcrypt.dll -;extension=php_mhash.dll -;extension=php_mime_magic.dll -a962 1 -;extension=php_msql.dll -d966 2 -a967 1 -;extension=php_oci8.dll -a968 1 -;extension=php_pdo.dll -a972 1 -;extension=php_pdo_oci8.dll -d977 1 -d984 1 -d997 1 -d1000 1 -d1002 2 -d1006 1 -d1008 2 -d1013 1 -d1015 2 -d1024 7 -d1032 1 -d1035 3 -d1040 1 -d1043 3 -a1045 3 -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -d1047 1 -d1050 26 -d1080 1 -d1085 1 -d1087 1 -d1091 1 -d1095 1 -d1103 6 -d1110 1 -d1114 1 -d1116 2 -d1119 2 -d1123 4 -d1128 1 -d1132 1 -d1136 1 -d1140 1 -d1145 1 -d1150 2 -a1151 1 -; of uodbc.defaultlrl and uodbc.defaultbinmode -d1154 33 -d1188 4 -d1193 1 -d1196 4 -d1201 1 -d1205 1 -d1212 1 -d1217 1 -d1221 2 -a1222 1 -mysql.default_host = -d1225 1 -d1233 1 -d1237 1 -d1242 1 -d1247 12 -d1260 1 -d1263 4 -d1271 1 -d1276 1 -d1280 2 -a1281 1 -mysqli.default_host = -d1284 1 -d1292 1 -d1298 19 -a1316 3 -[mSQL] -; Allow or prevent persistent links. -msql.allow_persistent = On -d1318 1 -a1318 5 -; Maximum number of persistent links. -1 means no limit. -msql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -msql.max_links = -1 -d1320 3 -a1322 2 -[OCI8] -; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) -d1327 1 -d1333 1 -d1340 1 -d1343 13 -d1358 1 -d1363 2 -a1364 1 -;oci8.default_prefetch = 10 -d1368 1 -d1373 1 -d1378 1 -d1382 1 -d1386 1 -d1391 1 -d1396 1 -a1398 25 -[Sybase] -; Allow or prevent persistent links. -sybase.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -sybase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -sybase.max_links = -1 - -;sybase.interface_file = "/usr/sybase/interfaces" - -; Minimum error severity to display. -sybase.min_error_severity = 10 - -; Minimum message severity to display. -sybase.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -; If on, this will cause PHP to automatically assign types to results according -; to their Sybase type, instead of treating them all as strings. This -; compatibility mode will probably not stay around forever, so try applying -; whatever necessary changes to your code, and turn it off. -sybase.compatability_mode = Off - -d1401 1 -d1405 1 -d1409 1 -d1413 1 -d1417 1 -d1420 18 -d1440 1 -d1444 1 -a1446 37 -[Informix] -; Default host for ifx_connect() (doesn't apply in safe mode). -ifx.default_host = - -; Default user for ifx_connect() (doesn't apply in safe mode). -ifx.default_user = - -; Default password for ifx_connect() (doesn't apply in safe mode). -ifx.default_password = - -; Allow or prevent persistent links. -ifx.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -ifx.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ifx.max_links = -1 - -; If on, select statements return the contents of a text blob instead of its id. -ifx.textasvarchar = 0 - -; If on, select statements return the contents of a byte blob instead of its id. -ifx.byteasvarchar = 0 - -; Trailing blanks are stripped from fixed-length char columns. May help the -; life of Informix SE users. -ifx.charasvarchar = 0 - -; If on, the contents of text and byte blobs are dumped to a file instead of -; keeping them in memory. -ifx.blobinfile = 0 - -; NULL's are returned as empty strings, unless this is set to 1. In that case, -; NULL's are returned as string 'NULL'. -ifx.nullformat = 0 - -d1449 1 -d1456 1 -a1456 1 -; As of PHP 4.0.1, you can define the path as: -d1478 1 -d1482 1 -d1485 2 -a1486 1 -;session.cookie_secure = -d1488 6 -a1493 3 -; This option enables administrators to make their users invulnerable to -; attacks which involve passing session ids in URLs; defaults to 0. -; session.use_only_cookies = 1 -d1496 2 -a1497 1 -session.name = PHPSESSID -d1500 1 -d1504 1 -d1508 1 -d1512 1 -d1516 2 -a1517 1 -session.cookie_httponly = -d1520 1 -d1523 11 -a1533 5 -; Define the probability that the 'garbage collection' process is started -; on every session initialization. -; The probability is calculated by using gc_probability/gc_divisor, -; e.g. 1/100 means there is a 1% chance that the GC process starts -; on each request. -d1535 13 -a1547 2 -session.gc_probability = 1 -session.gc_divisor = 100 -d1551 1 -d1563 1 -a1563 1 -; to initialize a session variable in the global scope, albeit register_globals -d1566 20 -a1585 4 -; the warning is only displayed, if bug_compat_42 is enabled. - -session.bug_compat_42 = 1 -session.bug_compat_warn = 1 -d1590 1 -d1594 1 -d1598 4 -a1601 4 -session.entropy_file = - -;session.entropy_length = 16 - -d1606 1 -d1610 1 -d1622 1 -d1625 8 -a1632 3 -; Select a hash function -; 0: MD5 (128 bits) -; 1: SHA-1 (160 bits) -d1637 9 -a1645 5 -; -; 4 bits: 0-9, a-f -; 5 bits: 0-9, a-v -; 6 bits: 0-9, a-z, A-Z, "-", "," -session.hash_bits_per_character = 4 -d1652 5 -a1656 1 -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" -d1705 1 -a1705 1 -; Specify client character set. -d1712 1 -d1716 1 -d1720 1 -d1724 1 -d1729 1 -d1734 1 -d1736 1 -d1738 1 -d1740 1 -d1742 1 -d1744 1 -d1746 1 -d1748 1 -d1750 1 -d1753 4 -d1759 1 -d1765 1 -d1769 1 -d1774 1 -d1782 1 -d1787 1 -d1792 1 -d1803 1 -d1806 11 -a1816 14 -[FrontBase] -;fbsql.allow_persistent = On -;fbsql.autocommit = On -;fbsql.show_timestamp_decimals = Off -;fbsql.default_database = -;fbsql.default_database_password = -;fbsql.default_host = -;fbsql.default_password = -;fbsql.default_user = "_SYSTEM" -;fbsql.generate_warnings = Off -;fbsql.max_connections = 128 -;fbsql.max_links = 128 -;fbsql.max_persistent = -1 -;fbsql.max_results = 128 -d1819 1 -a1819 1 -; Tell the jpeg decode to libjpeg warnings and try to create -d1822 1 -d1831 1 -d1833 2 -d1836 2 -d1839 2 -d1842 2 -d1845 2 -d1851 1 -d1857 1 -d1862 1 -d1864 1 -d1866 1 -d1868 2 -a1869 1 -; (time to live) Sets the number of second while cached file will be used -d1871 1 -d1874 25 -a1901 5 - -; MySQL extensions default connection charset settings -;mysql.connect_charset = utf8 -;mysqli.connect_charset = utf8 -;pdo_mysql.connect_charset = utf8 -@ diff --git a/php/apache2-php5/.rcs/php.ini.orig,v b/php/apache2-php5/.rcs/php.ini.orig,v deleted file mode 100644 index 54cfe8f..0000000 --- a/php/apache2-php5/.rcs/php.ini.orig,v +++ /dev/null @@ -1,1923 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.10.29.22.18.51; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = Off - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ diff --git a/php/apache2-php5/ext/apc.ini b/php/apache2-php5/ext/apc.ini deleted file mode 100644 index f1fac9c..0000000 --- a/php/apache2-php5/ext/apc.ini +++ /dev/null @@ -1,26 +0,0 @@ -extension=apc.so -apc.enabled="1" -apc.shm_segments="1" -apc.shm_size="30" -apc.num_files_hint="1024" -apc.ttl="7200" -apc.user_ttl="7200" -apc.gc_ttl="3600" -apc.cache_by_default="1" -;apc.filters="" -apc.mmap_file_mask="/tmp/apcphp5.XXXXXX" -apc.slam_defense="0" -apc.file_update_protection="2" -apc.enable_cli="0" -apc.max_file_size="1M" -apc.stat="1" -apc.write_lock="1" -apc.report_autofilter="0" -apc.include_once_override="0" -apc.rfc1867="0" -apc.rfc1867_prefix="upload_" -apc.rfc1867_name="APC_UPLOAD_PROGRESS" -apc.rfc1867_freq="0" -apc.localcache="0" -apc.localcache.size="512" -apc.coredump_unmap="0" diff --git a/php/apache2-php5/php.ini b/php/apache2-php5/php.ini deleted file mode 100644 index c300e19..0000000 --- a/php/apache2-php5/php.ini +++ /dev/null @@ -1,1901 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -;output_buffering = 4096 -output_buffering = Off - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = stderr - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = On - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" -from="frank@brehm-online.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHP_SESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: diff --git a/php/apache2-php5/php.ini.orig b/php/apache2-php5/php.ini.orig deleted file mode 100644 index 7578935..0000000 --- a/php/apache2-php5/php.ini.orig +++ /dev/null @@ -1,1899 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = Off - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: diff --git a/php/cgi-php5.3/php.ini b/php/cgi-php5.3/php.ini index 2725889..69d58d4 100644 --- a/php/cgi-php5.3/php.ini +++ b/php/cgi-php5.3/php.ini @@ -19,7 +19,7 @@ ; See the PHP docs for more specific information. ; http://php.net/configuration.file -; The syntax of the file is extremely simple. Whitespace and Lines +; The syntax of the file is extremely simple. Whitespace and lines ; beginning with a semicolon are silently ignored (as you probably guessed). ; Section headers (e.g. [Foo]) are also silently ignored, even though ; they might mean something in the future. @@ -484,7 +484,7 @@ memory_limit = 128M ; development and early testing. ; ; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) ; E_ERROR - fatal run-time errors ; E_RECOVERABLE_ERROR - almost fatal run-time errors ; E_WARNING - run-time warnings (non-fatal errors) @@ -748,7 +748,7 @@ post_max_size = 8M ; enable the feature. We strongly recommend you use the escaping mechanisms ; designed specifically for the database your using instead of relying on this ; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. +; removed in PHP 5.4. ; Default Value: On ; Development Value: Off ; Production Value: Off @@ -1497,7 +1497,7 @@ session.use_cookies = 1 ;session.cookie_secure = ; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting +; the session id. We encourage this operation as it's very helpful in combating ; session hijacking when not specifying and managing your own session id. It is ; not the end all be all of session hijacking defense, but it's a good start. ; http://php.net/session.use-only-cookies @@ -1627,7 +1627,7 @@ session.cache_expire = 180 ; - User may send URL contains active session ID ; to other person via. email/irc/etc. ; - URL that contains active session ID may be stored -; in publically accessible computer. +; in publicly accessible computer. ; - User may access your site with the same session ID ; always using URL stored in browser's history or bookmarks. ; http://php.net/session.use-trans-sid diff --git a/php/cli-php5.3/.rcs/php.ini,v b/php/cli-php5.3/.rcs/php.ini,v deleted file mode 100644 index 1401b74..0000000 --- a/php/cli-php5.3/.rcs/php.ini,v +++ /dev/null @@ -1,1964 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2011.01.09.11.02.44; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2011.01.08.23.47.46; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = Off - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = On - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -;error_reporting = E_ALL | E_STRICT -error_reporting = E_ALL - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = stderr - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = On - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -;log_errors = On -log_errors = stderr - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = On - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = On - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = On - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = On - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = On - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" -from="frank@@brehm-online.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_exif.dll ; Must be after mbstring as it depends on it -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = On - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHP_SESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = On - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = On - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom -session.entropy_file = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ - - -1.1 -log -@Initial revision -@ -text -@d262 1 -a262 1 -output_buffering = 4096 -d431 1 -a431 1 -expose_php = Off -d514 2 -a515 1 -error_reporting = E_ALL | E_STRICT -d532 1 -a532 1 -display_errors = On -d553 2 -a554 1 -log_errors = On -d703 1 -a703 1 -register_long_arrays = Off -d718 1 -a718 1 -register_argc_argv = Off -d817 1 -a817 1 -enable_dl = Off -d902 1 -d1221 1 -a1221 1 -mysql.default_host = -d1272 1 -a1272 1 -mysqli.default_host = -d1488 1 -a1488 1 -session.name = PHPSESSID -@ diff --git a/php/cli-php5.3/.rcs/php.ini.orig,v b/php/cli-php5.3/.rcs/php.ini.orig,v deleted file mode 100644 index aadbd1e..0000000 --- a/php/cli-php5.3/.rcs/php.ini.orig,v +++ /dev/null @@ -1,1914 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2011.01.08.23.47.46; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL | E_STRICT - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = On - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = On - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = On - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = On - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_exif.dll ; Must be after mbstring as it depends on it -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = On - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = On - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = On - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom -session.entropy_file = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ diff --git a/php/cli-php5.3/php.ini b/php/cli-php5.3/php.ini index 5a51722..3e9b8a9 100644 --- a/php/cli-php5.3/php.ini +++ b/php/cli-php5.3/php.ini @@ -19,7 +19,7 @@ ; See the PHP docs for more specific information. ; http://php.net/configuration.file -; The syntax of the file is extremely simple. Whitespace and Lines +; The syntax of the file is extremely simple. Whitespace and lines ; beginning with a semicolon are silently ignored (as you probably guessed). ; Section headers (e.g. [Foo]) are also silently ignored, even though ; they might mean something in the future. @@ -484,7 +484,7 @@ memory_limit = 128M ; development and early testing. ; ; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) ; E_ERROR - fatal run-time errors ; E_RECOVERABLE_ERROR - almost fatal run-time errors ; E_WARNING - run-time warnings (non-fatal errors) @@ -518,7 +518,6 @@ memory_limit = 128M ; Development Value: E_ALL | E_STRICT ; Production Value: E_ALL & ~E_DEPRECATED ; http://php.net/error-reporting -;error_reporting = E_ALL | E_STRICT error_reporting = E_ALL ; This directive controls whether or not and where PHP will output errors, @@ -557,7 +556,6 @@ display_startup_errors = On ; Development Value: On ; Production Value: On ; http://php.net/log-errors -;log_errors = On log_errors = stderr ; Set maximum length of log_errors. In error_log information about the source is @@ -750,7 +748,7 @@ post_max_size = 8M ; enable the feature. We strongly recommend you use the escaping mechanisms ; designed specifically for the database your using instead of relying on this ; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. +; removed in PHP 5.4. ; Default Value: On ; Development Value: Off ; Production Value: Off @@ -1500,7 +1498,7 @@ session.use_cookies = 1 ;session.cookie_secure = ; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting +; the session id. We encourage this operation as it's very helpful in combating ; session hijacking when not specifying and managing your own session id. It is ; not the end all be all of session hijacking defense, but it's a good start. ; http://php.net/session.use-only-cookies @@ -1631,7 +1629,7 @@ session.cache_expire = 180 ; - User may send URL contains active session ID ; to other person via. email/irc/etc. ; - URL that contains active session ID may be stored -; in publically accessible computer. +; in publicly accessible computer. ; - User may access your site with the same session ID ; always using URL stored in browser's history or bookmarks. ; http://php.net/session.use-trans-sid diff --git a/php/cli-php5.3/php.ini.orig b/php/cli-php5.3/php.ini.orig deleted file mode 100644 index 8f4eac8..0000000 --- a/php/cli-php5.3/php.ini.orig +++ /dev/null @@ -1,1890 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL | E_STRICT - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = On - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = On - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = On - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = On - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_exif.dll ; Must be after mbstring as it depends on it -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = On - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = On - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = On - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom -session.entropy_file = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: diff --git a/php/cli-php5/.rcs/php.ini,v b/php/cli-php5/.rcs/php.ini,v deleted file mode 100644 index 91e1cdf..0000000 --- a/php/cli-php5/.rcs/php.ini,v +++ /dev/null @@ -1,2644 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.10.30.19.29.52; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.08.19.20.48.48; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = off - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = On - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = stderr - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = Off - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = On - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = On - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = On - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" -from="frank@@brehm-online.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = "localhost" - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHP_SESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ - - -1.1 -log -@Initial revision -@ -text -@a2 11 -;;;;;;;;;;; -; WARNING ; -;;;;;;;;;;; -; This is the default settings file for new PHP installations. -; By default, PHP installs itself with a configuration suitable for -; development purposes, and *NOT* for production purposes. -; For several security-oriented considerations that should be taken -; before going online with your site, please consult php.ini-recommended -; and http://php.net/manual/en/security.php. - - -d6 16 -a21 8 -; This file controls many aspects of PHP's behavior. In order for PHP to -; read it, it must be named 'php.ini'. PHP looks for it in the current -; working directory, in the path designated by the environment variable -; PHPRC, and in the path that was defined in compile time (in that order). -; Under Windows, the compile-time path is the Windows directory. The -; path in which the php.ini file is looked for can be overridden using -; the -c argument in command line mode. -; -d26 10 -a35 1 -; -d39 4 -a42 1 -; -d45 3 -a47 2 -; (e.g. E_ALL & ~E_NOTICE), or a quoted string ("foo"). -; -d49 6 -a54 5 -; | bitwise OR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT -; -d57 1 -a57 1 -; -d60 1 -a60 1 -; -d62 3 -a64 3 -; foo = none ; sets foo to an empty string -; foo = "none" ; sets foo to the string 'none' -; -d68 1 -a68 2 -; -; -d72 13 -a84 3 -; All the values in the php.ini-dist file correspond to the builtin -; defaults (that is, if no php.ini is used, or if you delete these lines, -; the builtin defaults will be identical). -d86 119 -d211 1 -d214 13 -a226 10 -; Enable compatibility mode with Zend Engine 1 (PHP 4.x) -zend.ze1_compatibility_mode = Off - -; Allow the tags are recognized. -; NOTE: Using short tags should be avoided when developing applications or -; libraries that are meant for redistribution, or deployment on PHP -; servers which are not under your control, because short tags may not -; be supported on the target server. For portable, redistributable code, -; be sure not to use short tags. -short_open_tag = On -d229 1 -d233 2 -a234 1 -precision = 12 -d237 1 -d240 23 -a262 8 -; Output buffering allows you to send header lines (including cookies) even -; after you send body content, at the price of slowing PHP's output layer a -; bit. You can enable output buffering during runtime by calling the output -; buffering functions. You can also enable output buffering for all files by -; setting this directive to On. If you wish to limit the size of the buffer -; to a certain size - you can use a maximum number of bytes instead of 'On', as -; a value for this directive (e.g., output_buffering=4096). -output_buffering = Off -d269 3 -a271 3 -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -d273 1 -a273 1 -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -d275 2 -a276 1 -; Instead you must use zlib.output_handler. -d283 3 -a285 3 -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -d287 2 -a288 1 -; output_handler, or otherwise the output will be corrupted. -d290 2 -d297 1 -d305 2 -d311 2 -a312 3 -; which should be instantiated. -; A warning appears if the specified function is not defined, or if the -; function doesn't include/implement the missing class. -d315 1 -a315 1 -unserialize_callback_func= -d322 13 -a334 10 -; Whether to enable the ability to force arguments to be passed by reference -; at function call time. This method is deprecated and is likely to be -; unsupported in future versions of PHP/Zend. The encouraged method of -; specifying which arguments should be passed by reference is in the function -; declaration. You're encouraged to try and turn this option Off and make -; sure your scripts work properly with it in order to ensure they will work -; with future versions of the language (you will receive a warning each time -; you use this feature, and the argument will be passed by value instead of by -; reference). -allow_call_time_pass_reference = On -a335 1 -; -d337 1 -a337 1 -; -d343 1 -d350 1 -d355 1 -a362 1 -; -d364 2 -a365 1 -; environment variable! -d371 1 -d378 1 -d384 1 -d390 1 -d395 1 -d404 5 -a408 3 -; the request. Consider enabling it if executing long request, which may end up -; being interrupted by the user or a browser timing out. -; ignore_user_abort = On -d413 2 -a414 1 -; realpath_cache_size=16k -d419 6 -a424 1 -; realpath_cache_ttl=120 -a425 3 -; -; Misc -; -d430 1 -a432 1 - -d437 22 -a458 5 -max_execution_time = 30 ; Maximum execution time of each script, in seconds -max_input_time = 60 ; Maximum amount of time each script may spend parsing request data -;max_input_nesting_level = 64 ; Maximum input variable nesting level -memory_limit = 128M ; Maximum amount of memory a script may consume (128MB) - -d464 17 -a480 3 -; error_reporting is a bit-field. Or each number up to get desired error -; reporting level -; E_ALL - All errors and warnings (doesn't include E_STRICT) -d501 41 -a541 39 -; -; Examples: -; -; - Show all errors, except for notices and coding standards warnings -; -;error_reporting = E_ALL & ~E_NOTICE -; -; - Show all errors, except for notices -; -;error_reporting = E_ALL & ~E_NOTICE | E_STRICT -; -; - Show only errors -; -;error_reporting = E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR -; -; - Show all errors except for notices and coding standards warnings -; -error_reporting = E_ALL & ~E_NOTICE - -; Print out errors (as a part of the output). For production web sites, -; you're strongly encouraged to turn this feature off, and use error logging -; instead (see below). Keeping display_errors enabled on a production web site -; may reveal security information to end users, such as file paths on your Web -; server, your database schema or other information. -; -; possible values for display_errors: -; -; Off - Do not display any errors -; stderr - Display errors to STDERR (affects only CGI/CLI binaries!) -; -;display_errors = "stderr" -; -; stdout (On) - Display errors to STDOUT -; -display_errors = On - -; Even when display_errors is on, errors that occur during PHP's startup -; sequence are not displayed. It's strongly recommended to keep -; display_startup_errors off, except for when debugging. -d544 8 -a551 3 -; Log errors into a log file (server-specific log, stderr, or error_log (below)) -; As stated above, you're strongly advised to use error logging in place of -; error displaying on production web sites. -d556 1 -d561 1 -d567 1 -d573 1 -d576 1 -d579 7 -a585 1 -; Store the last error/warning message in $php_errormsg (boolean). -d589 1 -d591 1 -d595 10 -a604 3 -; Disable the inclusion of HTML tags in error messages. -; Note: Never use this feature for production boxes. -;html_errors = Off -d608 1 -a608 1 -; You can download a copy of the PHP manual from http://www.php.net/docs.php -d611 1 -a611 1 -; the dot. -d613 2 -d616 2 -d620 4 -a623 1 -; String to output before an error message. -d626 4 -a629 1 -; String to output after an error message. -d632 5 -a636 3 -; Log errors to specified file. -;error_log = filename - -a639 1 - -a642 2 -; -; Note - track_vars is ALWAYS enabled as of PHP 4.0.3 -d645 3 -a647 1 -; Default is "&". -d651 1 -a651 1 -; Default is "&". -d653 2 -d657 26 -a682 5 -; This directive describes the order in which PHP registers GET, POST, Cookie, -; Environment and Built-in variables (G, P, C, E & S respectively, often -; referred to as EGPCS or GPC). Registration is done from left to right, newer -; values override older values. -variables_order = "EGPCS" -d686 1 -a686 4 -; with user data. This makes most sense when coupled with track_vars - in which -; case you can access all of the GPC variables through the $HTTP_*_VARS[], -; variables. -; -d690 1 -d693 8 -a700 3 -; Whether or not to register the old-style input arrays, HTTP_GET_VARS -; and friends. If you're not using them, it's recommended to turn them off, -; for performance reasons. -d703 13 -a715 3 -; This directive tells PHP whether to declare the argv&argc variables (that -; would contain the GET information). If you don't use these variables, you -; should turn it off for increased performance. -d723 1 -d727 1 -d730 15 -a744 5 -; Magic quotes -; - -; Magic quotes for incoming GET/POST/Cookie data. -magic_quotes_gpc = On -d747 1 -d751 1 -d754 2 -a755 1 -; Automatically add files before or after any PHP document. -d757 3 -d762 1 -a762 1 -; As of 4.0b4, PHP always outputs a character encoding by default in -d767 1 -d769 3 -d774 3 -a776 1 -; Always populate the $HTTP_RAW_POST_DATA variable. -a778 1 - -d788 3 -d797 1 -d802 1 -d806 4 -a809 1 -extension_dir = /usr/lib64/php5/lib/extensions/no-debug-non-zts-20060613 -d814 1 -d821 2 -a822 1 -; cgi.force_redirect = 1 -d825 2 -a826 2 -; every request. -; cgi.nph = 1 -d832 2 -a833 1 -; cgi.redirect_status_env = ; -d838 1 -a838 1 -; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting -d841 2 -a842 1 -; cgi.fix_pathinfo=0 -d849 2 -a850 1 -; fastcgi.impersonate = 1; -d852 3 -a854 2 -; Disable logging through FastCGI connection -; fastcgi.logging = 0 -d861 1 -a863 1 - -d869 1 -d874 1 -d878 1 -a880 1 - -d889 1 -d893 1 -d896 3 -a898 1 -; Define the anonymous ftp password (your email address) -d900 1 -d902 3 -a904 2 -; Define the User-Agent string -; user_agent="PHP" -d907 1 -d915 2 -a916 2 -; auto_detect_line_endings = Off - -d921 1 -a921 1 -; -d935 7 -a941 5 -; Note that it should be the name of the module only; no directory information -; needs to go here. Specify the location of the extension with the -; extension_dir directive above. - - -d947 1 -a947 1 - -a950 1 -;extension=php_dbase.dll -d952 1 -a952 1 -;extension=php_fdf.dll -d956 1 -a956 1 -;extension=php_ifx.dll -a960 3 -;extension=php_mcrypt.dll -;extension=php_mhash.dll -;extension=php_mime_magic.dll -a961 1 -;extension=php_msql.dll -d965 2 -a966 1 -;extension=php_oci8.dll -a967 1 -;extension=php_pdo.dll -a971 1 -;extension=php_pdo_oci8.dll -d976 1 -d983 1 -d996 1 -d999 1 -d1001 2 -d1005 1 -d1007 2 -d1012 1 -d1014 2 -d1023 7 -d1031 1 -d1034 3 -d1039 1 -d1042 3 -a1044 3 -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -d1046 1 -d1049 26 -d1079 1 -d1084 1 -d1086 1 -d1090 1 -d1094 1 -d1102 6 -d1109 1 -d1113 1 -d1115 2 -d1118 2 -d1122 4 -d1127 1 -d1131 1 -d1135 1 -d1139 1 -d1144 1 -d1149 2 -a1150 1 -; of uodbc.defaultlrl and uodbc.defaultbinmode -d1153 33 -d1187 4 -d1192 1 -d1195 4 -d1200 1 -d1204 1 -d1211 1 -d1216 1 -d1220 2 -a1221 1 -mysql.default_host = -d1224 1 -d1232 1 -d1236 1 -d1241 1 -d1246 12 -d1259 1 -d1262 4 -d1270 1 -d1275 1 -d1279 2 -a1280 1 -mysqli.default_host = -d1283 1 -d1291 1 -d1297 19 -a1315 6 -[mSQL] -; Allow or prevent persistent links. -msql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -msql.max_persistent = -1 -d1317 1 -a1317 2 -; Maximum number of links (persistent+non persistent). -1 means no limit. -msql.max_links = -1 -d1319 3 -a1321 2 -[OCI8] -; enables privileged connections using external credentials (OCI_SYSOPER, OCI_SYSDBA) -d1326 1 -d1332 1 -d1339 1 -d1342 13 -d1357 1 -d1362 2 -a1363 1 -;oci8.default_prefetch = 10 -d1367 1 -d1372 1 -d1377 1 -d1381 1 -d1385 1 -d1390 1 -d1395 1 -a1397 25 -[Sybase] -; Allow or prevent persistent links. -sybase.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -sybase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -sybase.max_links = -1 - -;sybase.interface_file = "/usr/sybase/interfaces" - -; Minimum error severity to display. -sybase.min_error_severity = 10 - -; Minimum message severity to display. -sybase.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -; If on, this will cause PHP to automatically assign types to results according -; to their Sybase type, instead of treating them all as strings. This -; compatibility mode will probably not stay around forever, so try applying -; whatever necessary changes to your code, and turn it off. -sybase.compatability_mode = Off - -d1400 1 -d1404 1 -d1408 1 -d1412 1 -d1416 1 -d1419 18 -d1439 1 -d1443 1 -a1445 37 -[Informix] -; Default host for ifx_connect() (doesn't apply in safe mode). -ifx.default_host = - -; Default user for ifx_connect() (doesn't apply in safe mode). -ifx.default_user = - -; Default password for ifx_connect() (doesn't apply in safe mode). -ifx.default_password = - -; Allow or prevent persistent links. -ifx.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -ifx.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ifx.max_links = -1 - -; If on, select statements return the contents of a text blob instead of its id. -ifx.textasvarchar = 0 - -; If on, select statements return the contents of a byte blob instead of its id. -ifx.byteasvarchar = 0 - -; Trailing blanks are stripped from fixed-length char columns. May help the -; life of Informix SE users. -ifx.charasvarchar = 0 - -; If on, the contents of text and byte blobs are dumped to a file instead of -; keeping them in memory. -ifx.blobinfile = 0 - -; NULL's are returned as empty strings, unless this is set to 1. In that case, -; NULL's are returned as string 'NULL'. -ifx.nullformat = 0 - -d1448 1 -d1455 1 -a1455 1 -; As of PHP 4.0.1, you can define the path as: -d1477 1 -d1481 1 -d1484 2 -a1485 1 -;session.cookie_secure = -d1487 6 -a1492 3 -; This option enables administrators to make their users invulnerable to -; attacks which involve passing session ids in URLs; defaults to 0. -; session.use_only_cookies = 1 -d1495 2 -a1496 1 -session.name = PHPSESSID -d1499 1 -d1503 1 -d1507 1 -d1511 1 -d1515 2 -a1516 1 -session.cookie_httponly = -d1519 1 -d1522 11 -a1532 5 -; Define the probability that the 'garbage collection' process is started -; on every session initialization. -; The probability is calculated by using gc_probability/gc_divisor, -; e.g. 1/100 means there is a 1% chance that the GC process starts -; on each request. -d1534 13 -a1546 2 -session.gc_probability = 1 -session.gc_divisor = 100 -d1550 1 -d1562 1 -a1562 1 -; to initialize a session variable in the global scope, albeit register_globals -d1565 20 -a1584 4 -; the warning is only displayed, if bug_compat_42 is enabled. - -session.bug_compat_42 = 1 -session.bug_compat_warn = 1 -d1589 1 -d1593 1 -d1597 4 -a1600 4 -session.entropy_file = - -;session.entropy_length = 16 - -d1605 1 -d1609 1 -d1621 1 -d1624 8 -a1631 3 -; Select a hash function -; 0: MD5 (128 bits) -; 1: SHA-1 (160 bits) -d1636 9 -a1644 5 -; -; 4 bits: 0-9, a-f -; 5 bits: 0-9, a-v -; 6 bits: 0-9, a-z, A-Z, "-", "," -session.hash_bits_per_character = 4 -d1651 5 -a1655 1 -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=,fieldset=" -d1704 1 -a1704 1 -; Specify client character set. -d1711 1 -d1715 1 -d1719 1 -d1723 1 -d1728 1 -d1733 1 -d1735 1 -d1737 1 -d1739 1 -d1741 1 -d1743 1 -d1745 1 -d1747 1 -d1749 1 -d1752 4 -d1758 1 -d1764 1 -d1768 1 -d1773 1 -d1781 1 -d1786 1 -d1791 1 -d1802 1 -d1805 11 -a1815 14 -[FrontBase] -;fbsql.allow_persistent = On -;fbsql.autocommit = On -;fbsql.show_timestamp_decimals = Off -;fbsql.default_database = -;fbsql.default_database_password = -;fbsql.default_host = -;fbsql.default_password = -;fbsql.default_user = "_SYSTEM" -;fbsql.generate_warnings = Off -;fbsql.max_connections = 128 -;fbsql.max_links = 128 -;fbsql.max_persistent = -1 -;fbsql.max_results = 128 -d1818 1 -a1818 1 -; Tell the jpeg decode to libjpeg warnings and try to create -d1821 1 -d1830 1 -d1832 2 -d1835 2 -d1838 2 -d1841 2 -d1844 2 -d1850 1 -d1856 1 -d1861 1 -d1863 1 -d1865 1 -d1867 2 -a1868 1 -; (time to live) Sets the number of second while cached file will be used -d1870 1 -d1873 25 -@ diff --git a/php/cli-php5/.rcs/php.ini.orig,v b/php/cli-php5/.rcs/php.ini.orig,v deleted file mode 100644 index 1f5b46e..0000000 --- a/php/cli-php5/.rcs/php.ini.orig,v +++ /dev/null @@ -1,1923 +0,0 @@ -head 1.1; -access; -symbols; -locks; strict; -comment @# @; - - -1.1 -date 2010.10.29.22.18.48; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.1 -log -@Initial revision -@ -text -@[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = Off - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: -@ diff --git a/php/cli-php5/php.ini b/php/cli-php5/php.ini deleted file mode 100644 index c83227e..0000000 --- a/php/cli-php5/php.ini +++ /dev/null @@ -1,1900 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = off - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = On - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = stderr - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = Off - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = On - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = On - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = On - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" -from="frank@brehm-online.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = "localhost" - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = localhost - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHP_SESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: diff --git a/php/cli-php5/php.ini.orig b/php/cli-php5/php.ini.orig deleted file mode 100644 index 7578935..0000000 --- a/php/cli-php5/php.ini.orig +++ /dev/null @@ -1,1899 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (C:\windows or C:\winnt) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and Lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it's -; much more verbose when it comes to errors. We recommending using the -; development version only in development environments as errors shown to -; application users can inadvertently leak otherwise secure information. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; allow_call_time_pass_reference -; Default Value: On -; Development Value: Off -; Production Value: Off - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED - -; html_errors -; Default Value: On -; Development Value: On -; Production value: Off - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; magic_quotes_gpc -; Default Value: On -; Development Value: Off -; Production Value: Off - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; register_long_arrays -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.bug_compat_42 -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.bug_compat_warn -; Default Value: On -; Development Value: On -; Production Value: Off - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.hash_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; track_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; url_rewriter.tags -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It's been -; recommended for several years that you not use the short tag "short cut" and -; instead to use the full tag combination. With the wide spread use -; of XML and use of these tags by other languages, the server can become easily -; confused and end up parsing the wrong code in the wrong context. But because -; this short cut has been a feature for such a long time, it's currently still -; supported for backwards compatibility, but we recommend you don't use them. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/short-open-tag -short_open_tag = Off - -; Allow ASP-style <% %> tags. -; http://php.net/asp-tags -asp_tags = Off - -; The number of significant digits displayed in floating point numbers. -; http://php.net/precision -precision = 14 - -; Enforce year 2000 compliance (will cause problems with non-compliant browsers) -; http://php.net/y2k-compliance -y2k_compliance = On - -; Output buffering is a mechanism for controlling how much output data -; (excluding headers and cookies) PHP should keep internally before pushing that -; data to the client. If your application's output exceeds this setting, PHP -; will send that data in chunks of roughly the size you specify. -; Turning on this setting and managing its maximum buffer size can yield some -; interesting side-effects depending on your application and web server. -; You may be able to send headers and cookies after you've already sent output -; through print or echo. You also may see performance benefits if your server is -; emitting less packets due to buffered output versus PHP streaming the output -; as it gets it. On production servers, 4096 bytes is a good setting for performance -; reasons. -; Note: Output buffering can also be controlled via Output Buffering Control -; functions. -; Possible Values: -; On = Enabled and buffer is unlimited. (Use with caution) -; Off = Disabled -; Integer = Enables the buffer and sets its maximum size in bytes. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 -; http://php.net/output-buffering -output_buffering = 4096 - -; You can redirect all of the output of your scripts to a function. For -; example, if you set output_handler to "mb_output_handler", character -; encoding will be transparently converted to the specified encoding. -; Setting any output handler automatically turns on output buffering. -; Note: People who wrote portable scripts should not depend on this ini -; directive. Instead, explicitly set the output handler using ob_start(). -; Using this ini directive may cause problems unless you know what script -; is doing. -; Note: You cannot use both "mb_output_handler" with "ob_iconv_handler" -; and you cannot use both "ob_gzhandler" and "zlib.output_compression". -; Note: output_handler must be empty if this is set 'On' !!!! -; Instead you must use zlib.output_handler. -; http://php.net/output-handler -;output_handler = - -; Transparent output compression using the zlib library -; Valid values for this option are 'off', 'on', or a specific buffer size -; to be used for compression (default is 4KB) -; Note: Resulting chunk size may vary due to nature of compression. PHP -; outputs chunks that are few hundreds bytes each as a result of -; compression. If you prefer a larger chunk size for better -; performance, enable output_buffering in addition. -; Note: You need to use zlib.output_handler instead of the standard -; output_handler, or otherwise the output will be corrupted. -; http://php.net/zlib.output-compression -zlib.output_compression = Off - -; http://php.net/zlib.output-compression-level -;zlib.output_compression_level = -1 - -; You cannot specify additional output handlers if zlib.output_compression -; is activated here. This setting does the same as output_handler but in -; a different order. -; http://php.net/zlib.output-handler -;zlib.output_handler = - -; Implicit flush tells PHP to tell the output layer to flush itself -; automatically after every output block. This is equivalent to calling the -; PHP function flush() after each and every call to print() or echo() and each -; and every HTML block. Turning this option on has serious performance -; implications and is generally recommended for debugging purposes only. -; http://php.net/implicit-flush -; Note: This directive is hardcoded to On for the CLI SAPI -implicit_flush = Off - -; The unserialize callback function will be called (with the undefined class' -; name as parameter), if the unserializer finds an undefined class -; which should be instantiated. A warning appears if the specified function is -; not defined, or if the function doesn't include/implement the missing class. -; So only set this entry, if you really want to implement such a -; callback-function. -unserialize_callback_func = - -; When floats & doubles are serialized store serialize_precision significant -; digits after the floating point. The default value ensures that when floats -; are decoded with unserialize, the data will remain the same. -serialize_precision = 100 - -; This directive allows you to enable and disable warnings which PHP will issue -; if you pass a value by reference at function call time. Passing values by -; reference at function call time is a deprecated feature which will be removed -; from PHP at some point in the near future. The acceptable method for passing a -; value by reference to a function is by declaring the reference in the functions -; definition, not at call time. This directive does not disable this feature, it -; only determines whether PHP will warn you about it or not. These warnings -; should enabled in development environments only. -; Default Value: On (Suppress warnings) -; Development Value: Off (Issue warnings) -; Production Value: Off (Issue warnings) -; http://php.net/allow-call-time-pass-reference -allow_call_time_pass_reference = Off - -; Safe Mode -; http://php.net/safe-mode -safe_mode = Off - -; By default, Safe Mode does a UID compare check when -; opening files. If you want to relax this to a GID compare, -; then turn on safe_mode_gid. -; http://php.net/safe-mode-gid -safe_mode_gid = Off - -; When safe_mode is on, UID/GID checks are bypassed when -; including files from this directory and its subdirectories. -; (directory must also be in include_path or full path must -; be used when including) -; http://php.net/safe-mode-include-dir -safe_mode_include_dir = - -; When safe_mode is on, only executables located in the safe_mode_exec_dir -; will be allowed to be executed via the exec family of functions. -; http://php.net/safe-mode-exec-dir -safe_mode_exec_dir = - -; Setting certain environment variables may be a potential security breach. -; This directive contains a comma-delimited list of prefixes. In Safe Mode, -; the user may only alter environment variables whose names begin with the -; prefixes supplied here. By default, users will only be able to set -; environment variables that begin with PHP_ (e.g. PHP_FOO=BAR). -; Note: If this directive is empty, PHP will let the user modify ANY -; environment variable! -; http://php.net/safe-mode-allowed-env-vars -safe_mode_allowed_env_vars = PHP_ - -; This directive contains a comma-delimited list of environment variables that -; the end user won't be able to change using putenv(). These variables will be -; protected even if safe_mode_allowed_env_vars is set to allow to change them. -; http://php.net/safe-mode-protected-env-vars -safe_mode_protected_env_vars = LD_LIBRARY_PATH - -; open_basedir, if set, limits all file operations to the defined directory -; and below. This directive makes most sense if used in a per-directory -; or per-virtualhost web server configuration file. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/open-basedir -;open_basedir = - -; This directive allows you to disable certain functions for security reasons. -; It receives a comma-delimited list of function names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-functions -disable_functions = - -; This directive allows you to disable certain classes for security reasons. -; It receives a comma-delimited list of class names. This directive is -; *NOT* affected by whether Safe Mode is turned On or Off. -; http://php.net/disable-classes -disable_classes = - -; Colors for Syntax Highlighting mode. Anything that's acceptable in -; would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.bg = #FFFFFF -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; http://php.net/realpath-cache-size -;realpath_cache_size = 16k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL | E_STRICT. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it's automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL & ~E_NOTICE (Show all errors, except for notices and coding standards warnings.) -; E_ALL & ~E_NOTICE | E_STRICT (Show all errors, except for notices) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; E_ALL | E_STRICT (Show all errors, warnings and notices including coding standards.) -; Default Value: E_ALL & ~E_NOTICE -; Development Value: E_ALL | E_STRICT -; Production Value: E_ALL & ~E_DEPRECATED -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; It's recommended that errors be logged on production servers rather than -; having the errors sent to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = Off - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. But, it's strongly recommended that you -; leave this setting off on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/track-errors -track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of inserting html -; links to documentation related to that error. This directive controls whether -; those HTML links appear in error messages or not. For performance and security -; reasons, it's recommended you disable this on production servers. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: Off -; http://php.net/html-errors -html_errors = Off - -; If html_errors is set On PHP produces clickable error messages that direct -; to a page describing the error or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on NT, not valid in Windows 95). -;error_log = syslog - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. If the register_globals directive is enabled, it also determines -; what order variables are populated into the global space. G,P,C,E & S are -; abbreviations for the following respective super globals: GET, POST, COOKIE, -; ENV and SERVER. There is a performance penalty paid for the registration of -; these arrays and because ENV is not as commonly used as the others, ENV is -; is not recommended on productions servers. You can still get access to -; the environment variables through getenv() should you need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P,C,E & S) should -; be registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive are -; specified in the same manner as the variables_order directive, EXCEPT one. -; Leaving this value empty will cause PHP to use the value set in the -; variables_order directive. It does not mean it will leave the super globals -; array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; Whether or not to register the EGPCS variables as global variables. You may -; want to turn this off if you don't want to clutter your scripts' global scope -; with user data. -; You should do your best to write your scripts so that they do not require -; register_globals to be on; Using form variables as globals can easily lead -; to possible security problems, if the code is not very well thought of. -; http://php.net/register-globals -register_globals = Off - -; Determines whether the deprecated long $HTTP_*_VARS type predefined variables -; are registered by PHP or not. As they are deprecated, we obviously don't -; recommend you use them. They are on by default for compatibility reasons but -; they are not recommended on production servers. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-long-arrays -register_long_arrays = Off - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the SERVER and ENV variables are created when they're first -; used (Just In Time) instead of when the script starts. If these variables -; are not used within a script, having this directive on will result in a -; performance gain. The PHP directives register_globals, register_long_arrays, -; and register_argc_argv must be disabled for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Maximum size of POST data that PHP will accept. -; http://php.net/post-max-size -post_max_size = 8M - -; Magic quotes are a preprocessing feature of PHP where PHP will attempt to -; escape any character sequences in GET, POST, COOKIE and ENV data which might -; otherwise corrupt data being placed in resources such as databases before -; making that data available to you. Because of character encoding issues and -; non-standard SQL implementations across many databases, it's not currently -; possible for this feature to be 100% accurate. PHP's default behavior is to -; enable the feature. We strongly recommend you use the escaping mechanisms -; designed specifically for the database your using instead of relying on this -; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/magic-quotes-gpc -magic_quotes_gpc = Off - -; Magic quotes for runtime-generated data, e.g. data from SQL, from exec(), etc. -; http://php.net/magic-quotes-runtime -magic_quotes_runtime = Off - -; Use Sybase-style magic quotes (escape ' with '' instead of \'). -; http://php.net/magic-quotes-sybase -magic_quotes_sybase = Off - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a character encoding using -; the Content-type: header. To disable sending of the charset, simply -; set it to be empty. -; -; PHP's built-in default is text/html -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to empty. -; http://php.net/default-charset -;default_charset = "iso-8859-1" - -; Always populate the $HTTP_RAW_POST_DATA variable. PHP's default behavior is -; to disable this feature. -; http://php.net/always-populate-raw-post-data -;always_populate_raw_post_data = On - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -include_path = ".:/usr/share/php5:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -; extension_dir = "./" -; On windows: -; extension_dir = "ext" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = ; - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; FastCGI under IIS (on WINNT based OS) supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1; - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If it's set 0 PHP sends Status: header that -; is supported by Apache. When this option is set to 1 PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 2M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = Off - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename.extension -; -; For example, on Windows: -; -; extension=msql.dll -; -; ... or under UNIX: -; -; extension=msql.so -; -; ... or with a path: -; -; extension=/path/to/extension/msql.so -; -; If you only provide the name of the extension, PHP will look for it in its -; default extension directory. -; -; Windows Extensions -; Note that ODBC support is built in, so no dll is needed for it. -; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) -; extension folders as well as the separate PECL DLL download (PHP 5). -; Be sure to appropriately set the extension_dir directive. -; -;extension=php_bz2.dll -;extension=php_curl.dll -;extension=php_dba.dll -;extension=php_exif.dll -;extension=php_fileinfo.dll -;extension=php_gd2.dll -;extension=php_gettext.dll -;extension=php_gmp.dll -;extension=php_intl.dll -;extension=php_imap.dll -;extension=php_interbase.dll -;extension=php_ldap.dll -;extension=php_mbstring.dll -;extension=php_ming.dll -;extension=php_mssql.dll -;extension=php_mysql.dll -;extension=php_mysqli.dll -;extension=php_oci8.dll ; Use with Oracle 10gR2 Instant Client -;extension=php_oci8_11g.dll ; Use with Oracle 11g Instant Client -;extension=php_openssl.dll -;extension=php_pdo_firebird.dll -;extension=php_pdo_mssql.dll -;extension=php_pdo_mysql.dll -;extension=php_pdo_oci.dll -;extension=php_pdo_odbc.dll -;extension=php_pdo_pgsql.dll -;extension=php_pdo_sqlite.dll -;extension=php_pgsql.dll -;extension=php_phar.dll -;extension=php_pspell.dll -;extension=php_shmop.dll -;extension=php_snmp.dll -;extension=php_soap.dll -;extension=php_sockets.dll -;extension=php_sqlite.dll -;extension=php_sqlite3.dll -;extension=php_sybase_ct.dll -;extension=php_tidy.dll -;extension=php_xmlrpc.dll -;extension=php_xsl.dll -;extension=php_zip.dll - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -;iconv.input_encoding = ISO-8859-1 -;iconv.internal_encoding = ISO-8859-1 -;iconv.output_encoding = ISO-8859-1 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING - -[sqlite] -; http://php.net/sqlite.assoc-case -;sqlite.assoc_case = 0 - -[sqlite3] -;sqlite3.extension_dir = - -[Pcre] -;PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -;PCRE library recursion limit. -;Please note that if you set this value to a high number you may consume all -;the available process stack and eventually crash PHP (due to reaching the -;stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/pdo_mysql.cache_size -pdo_mysql.cache_size = 2000 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/pdo_mysql.default-socket -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[Syslog] -; Whether or not to define the various syslog variables (e.g. $LOG_PID, -; $LOG_CRON, etc.). Turning it off is a good idea performance-wise. In -; runtime, you can define these variables by calling define_syslog_variables(). -; http://php.net/define-syslog-variables -define_syslog_variables = Off - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(), even in safe mode. -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = On - -; Log all mail() calls including the full path of the script, line #, to address and headers -;mail.log = - -[SQL] -; http://php.net/sql.safe-mode -sql.safe_mode = Off - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -;birdstep.max_links = -1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQL] -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysql.allow_local_infile -mysql.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysql.allow-persistent -mysql.allow_persistent = On - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysql.cache_size -mysql.cache_size = 2000 - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysql.max-persistent -mysql.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/mysql.max-links -mysql.max_links = -1 - -; Default port number for mysql_connect(). If unset, mysql_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysql.default-port -mysql.default_port = - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysql.default-socket -mysql.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-host -mysql.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysql.default-user -mysql.default_user = - -; Default password for mysql_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysql.default_password") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysql.default-password -mysql.default_password = - -; Maximum time (in seconds) for connect timeout. -1 means no limit -; http://php.net/mysql.connect-timeout -mysql.connect_timeout = 60 - -; Trace mode. When trace_mode is active (=On), warnings for table/index scans and -; SQL-Errors will be displayed. -; http://php.net/mysql.trace-mode -mysql.trace_mode = Off - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; If mysqlnd is used: Number of cache slots for the internal result set cache -; http://php.net/mysqli.cache_size -mysqli.cache_size = 2000 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_statistics -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statstics by mysqlnd which can be -; used to tune and monitor MySQL operations. -; http://php.net/mysqlnd.collect_memory_statistics -mysqlnd.collect_memory_statistics = Off - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -; http://php.net/mysqlnd.net_cmd_buffer_size -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -; http://php.net/mysqlnd.net_read_buffer_size -;mysqlnd.net_read_buffer_size = 32768 - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgresSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[Sybase-CT] -; Allow or prevent persistent links. -; http://php.net/sybct.allow-persistent -sybct.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/sybct.max-persistent -sybct.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/sybct.max-links -sybct.max_links = -1 - -; Minimum server message severity to display. -; http://php.net/sybct.min-server-severity -sybct.min_server_severity = 10 - -; Minimum client message severity to display. -; http://php.net/sybct.min-client-severity -sybct.min_client_severity = 10 - -; Set per-context timeout -; http://php.net/sybct.timeout -;sybct.timeout= - -;sybct.packet_size - -; The maximum time in seconds to wait for a connection attempt to succeed before returning failure. -; Default: one minute -;sybct.login_timeout= - -; The name of the host you claim to be connecting from, for display by sp_who. -; Default: none -;sybct.hostname= - -; Allows you to define how often deadlocks are to be retried. -1 means "forever". -; Default: 0 -;sybct.deadlock_retry_count= - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if you -; or your OS have problems with lots of files in one directory, and is -; a more efficient layout for servers that handle lots of sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -session.save_path = "/tmp" - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting -; session hijacking when not specifying and managing your own session id. It is -; not the end all be all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 1 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any give request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any give request. For high volume production servers, -; this is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; cd /path/to/sessions; find -cmin +24 | xargs rm - -; PHP 4.2 and less have an undocumented feature/bug that allows you to -; to initialize a session variable in the global scope, even when register_globals -; is disabled. PHP 4.3 and later will warn you, if this feature is used. -; You can disable the feature and the warning separately. At this time, -; the warning is only displayed, if bug_compat_42 is enabled. This feature -; introduces some serious security problems if not handled correctly. It's -; recommended that you do not use this feature on production servers. But you -; should enable this on development servers and enable the warning as well. If you -; do not enable the feature on development servers, you won't be warned when it's -; used and debugging errors caused by this can be difficult to track down. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-42 -session.bug_compat_42 = Off - -; This setting controls whether or not you are warned by PHP when initializing a -; session value into the global space. session.bug_compat_42 must be enabled before -; these warnings can be issued by PHP. See the directive above for more information. -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/session.bug-compat-warn -session.bug_compat_warn = Off - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; How many bytes to read from the file. -; http://php.net/session.entropy-length -session.entropy_length = 0 - -; Specified here to create the session id. -; http://php.net/session.entropy-file -; On systems that don't have /dev/urandom /dev/arandom can be used -; On windows, setting the entropy_length setting will activate the -; Windows random source (using the CryptoAPI) -;session.entropy_file = /dev/urandom - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publically accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Select a hash function for use in generating session ids. -; Possible Values -; 0 (MD5 128 bits) -; 1 (SHA-1 160 bits) -; This option may also be set to the name of any hash function supported by -; the hash extension. A list of available hashes is returned by the hash_algos() -; function. -; http://php.net/session.hash-function -session.hash_function = 0 - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.hash_bits_per_character = 5 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -; form/fieldset are special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. If you want XHTML conformity, remove the form entry. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=,fieldset=" -; Development Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; Production Value: "a=href,area=href,frame=src,input=src,form=fakeentry" -; http://php.net/url-rewriter.tags -url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry" - -[MSSQL] -; Allow or prevent persistent links. -mssql.allow_persistent = On - -; Maximum number of persistent links. -1 means no limit. -mssql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -mssql.max_links = -1 - -; Minimum error severity to display. -mssql.min_error_severity = 10 - -; Minimum message severity to display. -mssql.min_message_severity = 10 - -; Compatibility mode with old versions of PHP 3.0. -mssql.compatability_mode = Off - -; Connect timeout -;mssql.connect_timeout = 5 - -; Query timeout -;mssql.timeout = 60 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textlimit = 4096 - -; Valid range 0 - 2147483647. Default = 4096. -;mssql.textsize = 4096 - -; Limits the number of records in each batch. 0 = all records in one batch. -;mssql.batchsize = 0 - -; Specify how datetime and datetim4 columns are returned -; On => Returns data converted to SQL server settings -; Off => Returns values as YYYY-MM-DD hh:mm:ss -;mssql.datetimeconvert = On - -; Use NT authentication when connecting to the server -mssql.secure_connection = Off - -; Specify max number of processes. -1 = library default -; msdlib defaults to 25 -; FreeTDS defaults to 4096 -;mssql.max_procs = -1 - -; Specify client character set. -; If empty or not set the client charset from freetds.comf is used -; This is only used when compiled with FreeTDS -;mssql.charset = "ISO-8859-1" - -[Assertion] -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Issue a PHP warning for each failed assertion. -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a components typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; internal/script encoding. -; Some encoding cannot work as internal encoding. -; (e.g. SJIS, BIG5, ISO-2022-*) -; http://php.net/mbstring.internal-encoding -;mbstring.internal_encoding = EUC-JP - -; http input encoding. -; http://php.net/mbstring.http-input -;mbstring.http_input = auto - -; http output encoding. mb_output_handler must be -; registered as output buffer to function -; http://php.net/mbstring.http-output -;mbstring.http_output = SJIS - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; auto means -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none; - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -;mbstring.strict_detection = Off - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; Allows to set script encoding. Only affects if PHP is compiled with --enable-zend-multibyte -; Default: "" -;mbstring.script_encoding= - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 0 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[mcrypt] -; For more information about mcrypt settings see http://php.net/mcrypt-module-open - -; Directory where to load mcrypt algorithms -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.algorithms_dir= - -; Directory where to load mcrypt modes -; Default: Compiled in into libmcrypt (usually /usr/local/lib/libmcrypt) -;mcrypt.modes_dir= - -[dba] -;dba.default_handler= - -; Local Variables: -; tab-width: 4 -; End: diff --git a/php/embed-php5.3/ext-active/apc.ini b/php/embed-php5.3/ext-active/apc.ini new file mode 120000 index 0000000..febbe56 --- /dev/null +++ b/php/embed-php5.3/ext-active/apc.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/apc.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/crack.ini b/php/embed-php5.3/ext-active/crack.ini new file mode 120000 index 0000000..62a4b64 --- /dev/null +++ b/php/embed-php5.3/ext-active/crack.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/crack.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/http.ini b/php/embed-php5.3/ext-active/http.ini new file mode 120000 index 0000000..d81990c --- /dev/null +++ b/php/embed-php5.3/ext-active/http.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/http.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/imagick.ini b/php/embed-php5.3/ext-active/imagick.ini new file mode 120000 index 0000000..70c17ad --- /dev/null +++ b/php/embed-php5.3/ext-active/imagick.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/imagick.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext-active/mailparse.ini b/php/embed-php5.3/ext-active/mailparse.ini new file mode 120000 index 0000000..f9490a5 --- /dev/null +++ b/php/embed-php5.3/ext-active/mailparse.ini @@ -0,0 +1 @@ +/etc/php/embed-php5.3/ext/mailparse.ini \ No newline at end of file diff --git a/php/embed-php5.3/ext/apc.ini b/php/embed-php5.3/ext/apc.ini new file mode 100644 index 0000000..a56eab8 --- /dev/null +++ b/php/embed-php5.3/ext/apc.ini @@ -0,0 +1 @@ +extension=apc.so diff --git a/php/embed-php5.3/ext/crack.ini b/php/embed-php5.3/ext/crack.ini new file mode 100644 index 0000000..25bab90 --- /dev/null +++ b/php/embed-php5.3/ext/crack.ini @@ -0,0 +1 @@ +extension=crack.so diff --git a/php/embed-php5.3/ext/http.ini b/php/embed-php5.3/ext/http.ini new file mode 100644 index 0000000..7c994f1 --- /dev/null +++ b/php/embed-php5.3/ext/http.ini @@ -0,0 +1,22 @@ +extension=http.so +http.etag.mode=MD5 +http.force_exit=1 +http.log.allowed_methods= +http.log.cache= +http.log.composite= +http.log.not_found= +http.log.redirect= +http.only_exceptions=0 +http.persistent.handles.ident=GLOBAL +http.persistent.handles.limit=-1 +http.request.datashare.connect=0 +http.request.datashare.cookie=0 +http.request.datashare.dns=1 +http.request.datashare.ssl=0 +http.request.methods.allowed= +http.request.methods.custom= +http.send.inflate.start_auto=0 +http.send.inflate.start_flags=0 +http.send.deflate.start_auto=0 +http.send.deflate.start_flags=0 +http.send.not_found_404=1 diff --git a/php/embed-php5.3/ext/imagick.ini b/php/embed-php5.3/ext/imagick.ini new file mode 100644 index 0000000..d7513f1 --- /dev/null +++ b/php/embed-php5.3/ext/imagick.ini @@ -0,0 +1 @@ +extension=imagick.so diff --git a/php/embed-php5.3/ext/mailparse.ini b/php/embed-php5.3/ext/mailparse.ini new file mode 100644 index 0000000..cb7ebda --- /dev/null +++ b/php/embed-php5.3/ext/mailparse.ini @@ -0,0 +1 @@ +extension=mailparse.so diff --git a/php/embed-php5.3/php.ini b/php/embed-php5.3/php.ini index 2725889..69d58d4 100644 --- a/php/embed-php5.3/php.ini +++ b/php/embed-php5.3/php.ini @@ -19,7 +19,7 @@ ; See the PHP docs for more specific information. ; http://php.net/configuration.file -; The syntax of the file is extremely simple. Whitespace and Lines +; The syntax of the file is extremely simple. Whitespace and lines ; beginning with a semicolon are silently ignored (as you probably guessed). ; Section headers (e.g. [Foo]) are also silently ignored, even though ; they might mean something in the future. @@ -484,7 +484,7 @@ memory_limit = 128M ; development and early testing. ; ; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) ; E_ERROR - fatal run-time errors ; E_RECOVERABLE_ERROR - almost fatal run-time errors ; E_WARNING - run-time warnings (non-fatal errors) @@ -748,7 +748,7 @@ post_max_size = 8M ; enable the feature. We strongly recommend you use the escaping mechanisms ; designed specifically for the database your using instead of relying on this ; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. +; removed in PHP 5.4. ; Default Value: On ; Development Value: Off ; Production Value: Off @@ -1497,7 +1497,7 @@ session.use_cookies = 1 ;session.cookie_secure = ; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting +; the session id. We encourage this operation as it's very helpful in combating ; session hijacking when not specifying and managing your own session id. It is ; not the end all be all of session hijacking defense, but it's a good start. ; http://php.net/session.use-only-cookies @@ -1627,7 +1627,7 @@ session.cache_expire = 180 ; - User may send URL contains active session ID ; to other person via. email/irc/etc. ; - URL that contains active session ID may be stored -; in publically accessible computer. +; in publicly accessible computer. ; - User may access your site with the same session ID ; always using URL stored in browser's history or bookmarks. ; http://php.net/session.use-trans-sid diff --git a/php/fpm-php5.3/php.ini b/php/fpm-php5.3/php.ini index 2725889..69d58d4 100644 --- a/php/fpm-php5.3/php.ini +++ b/php/fpm-php5.3/php.ini @@ -19,7 +19,7 @@ ; See the PHP docs for more specific information. ; http://php.net/configuration.file -; The syntax of the file is extremely simple. Whitespace and Lines +; The syntax of the file is extremely simple. Whitespace and lines ; beginning with a semicolon are silently ignored (as you probably guessed). ; Section headers (e.g. [Foo]) are also silently ignored, even though ; they might mean something in the future. @@ -484,7 +484,7 @@ memory_limit = 128M ; development and early testing. ; ; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 6.0.0) +; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) ; E_ERROR - fatal run-time errors ; E_RECOVERABLE_ERROR - almost fatal run-time errors ; E_WARNING - run-time warnings (non-fatal errors) @@ -748,7 +748,7 @@ post_max_size = 8M ; enable the feature. We strongly recommend you use the escaping mechanisms ; designed specifically for the database your using instead of relying on this ; feature. Also note, this feature has been deprecated as of PHP 5.3.0 and is -; scheduled for removal in PHP 6. +; removed in PHP 5.4. ; Default Value: On ; Development Value: Off ; Production Value: Off @@ -1497,7 +1497,7 @@ session.use_cookies = 1 ;session.cookie_secure = ; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combatting +; the session id. We encourage this operation as it's very helpful in combating ; session hijacking when not specifying and managing your own session id. It is ; not the end all be all of session hijacking defense, but it's a good start. ; http://php.net/session.use-only-cookies @@ -1627,7 +1627,7 @@ session.cache_expire = 180 ; - User may send URL contains active session ID ; to other person via. email/irc/etc. ; - URL that contains active session ID may be stored -; in publically accessible computer. +; in publicly accessible computer. ; - User may access your site with the same session ID ; always using URL stored in browser's history or bookmarks. ; http://php.net/session.use-trans-sid diff --git a/portage b/portage index bd224ab..61b7f72 160000 --- a/portage +++ b/portage @@ -1 +1 @@ -Subproject commit bd224ab4f0ee7a0eb62c8ccab1b104abccd78480 +Subproject commit 61b7f72a375e4ca93860181342243f4153e63ca5 diff --git a/postfix/.orig/main.cf b/postfix/.orig/main.cf index 2ec6401..8526cf2 100644 --- a/postfix/.orig/main.cf +++ b/postfix/.orig/main.cf @@ -39,7 +39,7 @@ command_directory = /usr/sbin # daemon programs (i.e. programs listed in the master.cf file). This # directory must be owned by root. # -daemon_directory = //usr/lib64/postfix +daemon_directory = /usr/lib64/postfix # The data_directory parameter specifies the location of Postfix-writable # data files (caches, random numbers). This directory must be owned @@ -635,7 +635,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.7.1/html +html_directory = /usr/share/doc/postfix-2.8.9/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -648,5 +648,5 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.7.1/readme +readme_directory = /usr/share/doc/postfix-2.8.9/readme home_mailbox = .maildir/ diff --git a/postfix/.orig/master.cf b/postfix/.orig/master.cf index ec30d4a..be33f75 100644 --- a/postfix/.orig/master.cf +++ b/postfix/.orig/master.cf @@ -9,6 +9,10 @@ # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd +#smtp inet n - n - 1 postscreen +#smtpd pass - - n - - smtpd +#dnsblog unix - - n - 0 dnsblog +#tlsproxy unix - - n - 0 tlsproxy #submission inet n - n - - smtpd # -o smtpd_tls_security_level=encrypt # -o smtpd_sasl_auth_enable=yes diff --git a/postfix/body_checks b/postfix/body_checks index 4c74e70..2d02e4f 100644 --- a/postfix/body_checks +++ b/postfix/body_checks @@ -58,6 +58,22 @@ # [Immer mit aufsteiger Nummer sauber eintragen!] # # +/Sie konnen Ihre Postsendung in unserer Postabteilung personlich kriegen/ REJECT Body-Spamschutzregel 1148 +/Sie sollen dieses Postetikett drucken lassen/ REJECT Body-Spamschutzregel 1147 +/Wenn dies nicht sofort machen Sie Ihre E-Mail-Adresse deaktiviert von unserem Server\./ REJECT Body-Spamschutzregel 1146 +/^Message-ID:*@vps332995.netsons.net/ REJECT Body-Spamschutzregel 1145 +/dildodaddy/ REJECT Body-Spamschutzregel 1144 +/mehreren fehlgeschlagenen TAN-Eingeben/ REJECT Body-Spamschutzregel 1143 +/filename\=\"c.g.euromilion.pdf\"/ REJECT Body-Spamscutzregel 1142 +/^Bei Interesse bitten wir um folgende$/ REJECT Body-Spamscutzregel 1141 +/palmandmore\.de/ REJECT Body-Spamschutzregel 1140 +/kundenverifikationservice\.u2m\.ru\/VERIFY\.PHP REJECT/ Body-Spamschutzregel 1139 +/co.cc\/aff\/item.php\?usn\=(aeb1|dap1|dvg1)\&i\=it\_ep\&e\=admin\@groupon.de/ REJECT Body-Spamschutzregel 1138 +/You Are Guaranteed To Get Paid Instantly For Each Email You Process!/ REJECT Body-Spamschutzregel 1137 +/I (talk|speak) 2 \'languages\'. Now i\'m 24. I/ REJECT Body-Spamschutzregel 1136 +/My nickname \"Kuma\"\! \:\) I/ REJECT Body-Spamschutzregel 1135 +/http:\/\/free.fr\/support\/verification\/compte\// REJECT Body-Spamschutzregel 1134 +/http:\/\/sonofages.free.fr\/images\/LogoCreditMutuel.png/ REJECT Body-Spamschutzregel 1133 /ucc.edu.ni/ REJECT Body-Spamschutzregel 1132 /7figureincome\.php/ REJECT Body-Spamschutzregel 1131 /Cher Client Verified by Visa/ REJECT Body-Spamschutzregel 1130 @@ -208,8 +224,8 @@ /D-INFO.*REVERZ/ REJECT Body-Spamschutzregel 15 /greatmaleenhancement.biz/ REJECT Body-Spamschutzregel 16 / Xanax / REJECT Body-Spamschutzregel 17 -/Vic(o|0)din/ REJECT Body-Spamschutzregel 18 -/Hydr(o|0)c(o|0)d(o|0)ne/ REJECT Body-Spamschutzregel 19 +/ Vic(o|0)din / REJECT Body-Spamschutzregel 18 +/ Hydr(o|0)c(o|0)d(o|0)ne / REJECT Body-Spamschutzregel 19 / V1agra / REJECT Body-Spamschutzregel 20 /warehousefull.com/ REJECT Body-Spamschutzregel 21 /No doctor visit needed/ REJECT Body-Spamschutzregel 22 diff --git a/postfix/body_checks.2012-04-04_10:05:45 b/postfix/body_checks.2012-04-04_10:05:45 new file mode 100644 index 0000000..4c74e70 --- /dev/null +++ b/postfix/body_checks.2012-04-04_10:05:45 @@ -0,0 +1,680 @@ +# Version 3.69 / 8.6.2011 +# +# Das Postfix-Buch - Sichere Mailserver mit Linux +# http://www.postfixbuch.de +# +# Heinlein Professional Linux Support GmbH +# http://www.heinlein-support.de +# +# Downloadquelle dieser Datei: http://www.postfixbuch.de/web/service/checks/ +# +# +# Verwendung der Filtersammlung auf eigene Gefahr. +# +# Es handelt sich dabei um einen tagesaktuellen Auszug der beim +# ISP "JPBerlin.de" genutzten Filterregeln. Bitte pruefen Sie vor einem +# Einsatz bei Ihnen ganz genau, ob diese Regeln noch aktuell und sinnvoll +# sind und ob Sie sie einsetzen moechten! +# +# +# Setzen Sie in /etc/postfix/main.cf einfach +# +# body_checks = pcre:/etc/postfix/body_checks oder +# oder +# body_checks = regexp:/etc/postfix/body_checks +# +# und fuehren Sie "rcpostfix reload" aus. +# +# Tipp: pcre ist ein Drittel schneller als regexp! +# +# + +# +# Die Nummern hinter dem REJECT tauchen spaeter iM SMTP-Error oder im Log +# auf, um die Filter-Regel wiederzufinden, die den Block ausgeloest hat. +# Es kann stattdessen auch einfacher Text benutzt werden. +# + + +/^Received: from mail pickup service by EXDO01.stricker-marsch.de with Microsoft SMTPSVC.*/ REJECT Mailloopbomb bitte anrufen + +# +# +# Tagesaktuelle, nur voruebergehende Regelungen: +# =============================================== +# [Immer mit Timestamp (!) und ggf. Ticket-Nummer eintragen!] +# + +/alexatrej14913.blogspot.com/ REJECT +/m-back22.ocn.ad.jp/ REJECT +/Received: from 83.3.224.146/ REJECT +/Western Union Alerts./ REJECT +/http:\/\/www.rocktonchamber.com/ REJECT + +# +# +# Dauerhaft genutzte Regelungen: +# =============================================== +# [Immer mit aufsteiger Nummer sauber eintragen!] +# +# +/ucc.edu.ni/ REJECT Body-Spamschutzregel 1132 +/7figureincome\.php/ REJECT Body-Spamschutzregel 1131 +/Cher Client Verified by Visa/ REJECT Body-Spamschutzregel 1130 +/^From: "Topillen Apotheke" / REJECT Body-Spamschutzregel 1129 +/^Aufgrund mehrerer Phishing Versuche, unsere Visa und Mastercard/ REJECT Body-Spamschutzregel 1128 +/^ Phishing Departament/ REJECT Body-Spamschutzregel 1127 +/We wish to invest between $5Million-$100Million in any viable projects/ REJECT Body-Spamschutzregel 1126 +/God bless you as you get back to me/ REJECT Body-Spamschutzregel 1125 +/www.(b|B)ien(e|E)tremag.com/ REJECT Body-Spamschutzregel 1124 +/Sehr geehrte Sparkasse Card/ REJECT Body-Spamschutzregel 1123 +/zigaretten-discount.info/ REJECT Body-Spamschutzregel 1122 +/zigaretten-discount\[punkt\]info/ REJECT Body-Spamschutzregel 1121 +/Guten Tag Mitglied [0-9]{5}/ REJECT Body-Spamschutzregel 1120 +/elenx.innovacon.com\/.e\/e.php/ REJECT Body-Spamschutzregel 1119 +/www.sniperrs.de\/modules\/Forums\/admin/ REJECT Body-Spamschutzregel 1118 +/boxneufnet.com\/id\/oragne.fr\/Identifiant/ REJECT Body-Spamschutzregel 1117 +/www.colellsa.com\/img\/quienes\/pabo\/paypal-fr/ REJECT Body-Spamschutzregel 1116 +/dekmor.cmu.ac.th\/sticker\/upload\/Logs\/Login\/webscrcmd/ REJECT Body-Spamschutzregel 1115 +/ektoschronou.com/ REJECT Body-Spamschutzregel 1114 +/ulouwaio.com/ REJECT Body-Spamschutzregel 1113 +/logonature.com.nu/ REJECT Body-Spamschutzregel 1112 +/suinlop.com/ REJECT Body-Spamschutzregel 1111 +/soudoorpo.com/ REJECT Body-Spamschutzregel 1110 +/GOOGLE AUSSTATTUNGSFONDS 20.?.? GEWINNER ANMELDEFORMULAR FUER ZAHLUNG/ REJECT Body-Spamschutzregel 1109 +/Anbieter: Privacy GG Limited, 99 Albert Street, Belize City, CA/ REJECT Body-Spamschutzregel 1108 +/^Die Nachricht wurde durch Interads 24 Ltd/ REJECT Body-Spamschutzregel 1107 +/www.sommer-mit-kollegen.de/ REJECT Body-Spamschutzregel 1006 +# Ein Spammer versenden immer Austragungslinks, die auf "/ausa" enden: +/^www.*\/ausa$/ REJECT Body-Spamschutzregel 1105 +/KlickTel Telefonbuch OEM/ REJECT Body-Spamschutzregel 1104 +/www.klicktel24.org/ REJECT Body-Spamschutzregel 1103 +/Klicken Sie hier, und fühlen Sie sich endlich gut behandelt:/ REJECT Body-Spamschutzregel 1102 +/maryjanemax@yahoo.co.uk/ REJECT Body-Spamschutzregel 1101 +/http.*muqugeh\.cn/ REJECT Body-Spamschutzregel 1100 +/Bei uns bekommen Sie Ihren Kredit schnell, unbürokratisch, diskret und natürlich ohne Bankauskunft./ REJECT Body-Spamschutzregel 1099 +/INTERNATIONAL LOTTERIE PROMOTION SPIELGEMEINSCHAFT/ REJECT Body-Spamschutzregel 1098 +/Leider st=F6ren Sie.=20/ REJECT Body-Spamschutzregel 1097 +/Sie haben dieses Email erhalten, weil Sie im Newsletter von Promohouse Ltd eingetragen sind/ REJECT Body-Spamschutzregel 1096 +/ATTN: Beneficiar/ REJECT Body-Spamschutzregel 1095 +/www.hedonismails.de/ REJECT Body-Spamschutzregel 1094 +/www.globadressen.(com|net|org|info)/ REJECT Body-Spamschutzregel 1093 +/elegalal.nextmail.ru/ REJECT Body-Spamschutzregel 1092 +/http:\/\/www.switzerlandpussy.eu/ REJECT Body-Spamschutzregel 1082 +/Die jungen Girls fliegen nur so auf die langen/ REJECT Body-Spamschutzregel 1081 +/\*\*\*\* Commercial use of this software is prohibited \*\*\*\*/ REJECT Body-Spamschutzregel 1080 +/I finded your email in internet and I decide to ask you for help/ REJECT Body-Spamschutzregel 1079 +/Details und moegliche Schritte zur Entsperrung finden Sie/ REJECT Body-Spamschutzregel 1078 +/^Amount Won:/ REJECT Body-Spamschutzregel 1077 +/AWARD WINNING NOTICE/i REJECT Body-Spamschutzregel 1076 +/mixvarejo.com/ REJECT Body-Spamschutzregel 1075 +/www.global-db.(com|net|org)/ REJECT Body-Spamschutzregel 1074 +/^I am Barrister/ REJECT Body-Spamschutzregel 1073 +/respublica@gaucherepublicaine.org/ REJECT Body-Spamschutzregel 1072 +/NEU - Vi Super Active/ REJECT Body-Spamschutzregel 1071 +/anhaltende Versagensangste und wiederholte peinliche Situationen/ REJECT Body-Spamschutzregel 1070 +/Schulfreunde Vermittlungs Service AG/ REJECT Body-Spamschutzregel 1068 +/Multimedia Telegramm/ REJECT Body-Spamschutzregel 1067 +/http.*\.fdub\.biz/ REJECT Body-Spamschutzregel 1066 +/TanjaGuenther/ REJECT Body-Spamschutzregel 1065 +/www.bestnetz24.de\/letter\/ausgabe.php/ REJECT Body-Spamschutzregel 1064 +/www.db.?adressen.(com|net|org|info)/ REJECT Body-Spamschutzregel 1063 +/thomas@jthomas.es/ REJECT Body-Spamschutzregel 1062 +/Ihre Marketing Agentur Espa/ REJECT Body-Spamschutzregel 1061 +/www.pakandu.com/ REJECT Body-Spamschutzregel 1060 +/Glob.?.?.?(C|K)ontact.?.?.?Team/ REJECT Body-Spamschutzregel 1059 +/www.gc.?datenbaken.(com|net|org|info)/ REJECT Body-Spamschutzregel 1058 +/www.glc-?data.(com|net|org|info)/ REJECT Body-Spamschutzregel 1057 +/Global.?(C|K)ontact/i REJECT Body-Spamschutzregel 1056 +/www.imarketing.com.br.remove/ REJECT Body-Spamschutzregel 1055 +/Bestellen Sie jetzt und vergessen Sie Ihre Enttauschungen/ REJECT Body-Spamschutzregel 1054 +/Online Apotheke - original Qualitaet/ REJECT Body-Spamschutzregel 1053 +/Wir wissen was Frauen wollern/ REJECT Body-Spamschutzregel 1052 +/Viiiiaaaaaagra/ REJECT Body-Spamschutzregel 1051 +/Web: www.eurasianpages. com/ REJECT Body-Spamschutzregel 1050 +/^Firma Global Contact bietet Ihnen/ REJECT Body-Spamschutzregel 1049 +/www.g-adressen.net/ REJECT Body-Spamschutzregel 1048 +/NIEMALS geben Sie Ihre Passw.rter an niemanden NUR und melden Sie sich/ REJECT Body-Spamschutzregel 1047 Haspa-Pishing +/www.loteria.es/ REJECT Body-Spamschutzregel 1046 +/Girls!  Deveelop your sexual reelationship and get even MORE pleasurre!/ REJECT Body-Spamschutzregel 1045 +# Nigeria-Spam / phei 20080209 +/Ich bin bei einer routinen Überprüfung in meiner Bank/ REJECT Body-Spamschutzregel 1044 +/Ich vermute das diese E-Mail eine Überraschung für Sie sein wird/ REJECT Body-Spamschutzregel 1043 +/Ich bin bei einer routinen Überprüfung in meiner Bank / REJECT Body-Spamschutzregel 1042 +# Versendet UBE/UCE unter verbraucher@wichtig.ms +/^Ein Dienst der IT4YOU AG, Friedrichstrasse 171, Berlin - Mitte als/ REJECT Body-Spamschutzregel 1041 +# Versendet KlickTel UBE/UCE: / phei 20080204 +/^www.cdtophit.org/ REJECT Body-Spamschutzregel 1040 +/http:\/\/www\.doenertreff\.de/ REJECT Body-Spamschutzregel 1039 +/Brauchen Sie noch einen Grund um zu Vegas VIP Casino/ REJECT Body-Spamschutzregel 1038 +/glob-contact.net$/ REJECT Body-Spamschutzregel 1037: glob-contact +/^Ihr Glob-Kontakt-Team$/ REJECT Body-Spamschutzregel 1036: glob-contact +/www.feilervision.de/ REJECT Body-Spamschutzregel 1035: feilervision +/DER INVESTORALARM!/i REJECT Body-Spamschutzregel 1034 +/ES IST EIN UNGLAUBLICHES PROFITPOTENTIAL! VERLIERE DIESE CHANCE NICHT!/i REJECT Body-Spamschutzregel 1033 +/LOTTERY AND GAMING INTERNET MESSAGE CENTRE/ REJECT Body-Spamschutzregel 1033 +/I work very hard every day to be able to buy necessities for my mother/ REJECT Body-Spamschutzregel 1032 +/THE FREELOTTO COMPANY/ REJECT Body-Spamschutzregel 1031 +/BreakingMrktNews/ REJECT Body-Spamschutzregel 1030 +/China Media Crop OTC.BB CHMD/ REJECT Body-Spamschutzregel 1029 +/Weltweit gilt das nummerierte TAN-Verfahren als eines der sicherste/ REJECT Body-Spamschutzregel 1028: Postbank-Pishing +/^Marion Beckera/ REJECT Body-Spamschutzregel 1027 +/Zwecks abschließende Zustimmung für deine Verhandlung zur/ REJECT Body-Spamschutzregel 1026 +/annullieren deine on-line Übertragung® Dienstleistungen./ REJECT Body-Spamschutzregel 1025 +/www.internetloginuser.info/ REJECT Body-Spamschutzregel 1024 +/realsevgi.com/ REJECT Body-Spamschutzregel 1023 +/Um mich zu entlasten, schicke ich Ihnen das (...) Foto wieder zurück./ REJECT Body-Spamschutzregel 1022 +/Oder Ihr Provider hat die Mail falsch weiter geleitet!?/ REJECT Body-Spamschutzregel 1021 +/Versatel-Attachment-Warning.txt/ REJECT Body-Spamschutzregel 1020 +/www=2Eanaforturizm=2Ecom/ REJECT Body-Spamschutzregel 1019 +/www.anaforturizm.com/ REJECT Body-Spamschutzregel 1018 +/The Jpberlin Support Team/ REJECT Body-Spamschutzregel 1017: Pishing-Mails +/^jpberlin.de support team\./ REJECT Body-Spamschutzregel 1016: Pishing-Mails +/You have successfully updated the password of your Jpberlin account/ REJECT Body-Spamschutzregel 1015 +/www.ru4mailnow.com/ REJECT Body-Spamschutzregel 1014 +/EXPLOSIVE PICK FOR OUR MEMBERS/ REJECT Body-Spamschutzregel 1013 +/AntiVirus-System: Kein Virus erkannt/ REJECT Body-Spamschutzregel 1012 +/--- FIFA Fussball-Weltmeisterschaft 2006/ REJECT Body-Spamschutzregel 1011 +/ankara@ankararentacar.de/ REJECT Body-Spamschutzregel 1010 +/Replica Watch Models/ REJECT Body-Spamschutzregel 1009 +/Diadem Travel/ REJECT Body-Spamschutzregel 1008 +/Let the search engine experts compete/ REJECT Body-Spamschutzregel 1007 +/Wenn du sonst noch helfen willst, dann verschick diese Nachricht einfach so oft du willst./ REJECT Body-Spamschutzregel 1006 +/http:\/\/www.ehmig.net\/web_mailer/ REJECT Body-Spamschutzregel 1005 +/http:\/\/real.slon.biz/ REJECT Body-Spamschutzregel 1004 +#/im Zusammenhang mit dem Arbeitslosengeld II/ REJECT Body-Spamschutzregel 1003 +/www.inverz.org/ REJECT Body-Spamschutzregel 1002 +/www.inverz.net/ REJECT Body-Spamschutzregel 1001 + + + + + + +/We recommend you to follow the instructions in order to keep your computer safe./ REJECT Body-Spamschutzregel 1 +/Sieh Dir einfach mal ein Video an und mach dann gleich ein Treffen/ REJECT Body-Spamschutzregel 2 +#/money.*back.*guarant/ REJECT Body-Spamschutzregel 3 +/ CIALIS / REJECT Body-Spamschutzregel 4 +/www.galamed.biz/ REJECT Body-Spamschutzregel 5 +/Starts working in less than 15 min./ REJECT Body-Spamschutzregel 6 +/Adipren720/ REJECT Body-Spamschutzregel 7 +/www.lending-home.com/ REJECT Body-Spamschutzregel 8 +/bigbonus-casino.com/ REJECT Body-Spamschutzregel 9 +/Ich hab die ultimative Seite.*dich, klick doch mal an!/ REJECT Body-Spamschutzregel 10 +/www.server42.com/ REJECT Body-Spamschutzregel 11 +/seo-profits.com/ REJECT Body-Spamschutzregel 12 +/Have a great web site, but no one knows it even/ REJECT Body-Spamschutzregel 13 +/REVERZ.*D-INFO/ REJECT Body-Spamschutzregel 14 +/D-INFO.*REVERZ/ REJECT Body-Spamschutzregel 15 +/greatmaleenhancement.biz/ REJECT Body-Spamschutzregel 16 +/ Xanax / REJECT Body-Spamschutzregel 17 +/Vic(o|0)din/ REJECT Body-Spamschutzregel 18 +/Hydr(o|0)c(o|0)d(o|0)ne/ REJECT Body-Spamschutzregel 19 +/ V1agra / REJECT Body-Spamschutzregel 20 +/warehousefull.com/ REJECT Body-Spamschutzregel 21 +/No doctor visit needed/ REJECT Body-Spamschutzregel 22 +/KLICKTEL KENNT SIE!/ REJECT Body-Spamschutzregel 23 +/^www.femo-online.de/ REJECT Body-Spamschutzregel 24 +/www.land-ua.com/ REJECT Body-Spamschutzregel 25 +/Come to Loqozine/ REJECT Body-Spamschutzregel 26 +/^<center><.*a href=.*img src=.*border.*><\/a><\/center>$/ REJECT Body-Spamschutzregel Check 27 +/www.gord.us/ REJECT Body-Spamschutzregel 28 +/www.reverz.org/ REJECT Body-Spamschutzregel 29 +/wonderfulaction.com/ REJECT Body-Spamschutzregel 30 +/At our pharmacy we offer/ REJECT Body-Spamschutzregel 31 +/Was ist besser als eine fette Ladung Sahne/ REJECT Body-Spamschutzregel 32 +/www.surerxmed.com/ REJECT Body-Spamschutzregel 33 +/www.surerxpills.com/ REJECT Body-Spamschutzregel 34 +/www.stifyems.com/ REJECT Body-Spamschutzregel 35 +/www.diatrus.com/ REJECT Body-Spamschutzregel 36 +/CITYNETT-NEWSLETTER/i REJECT Body-Spamschutzregel 37 +/Note: *Use *password/ REJECT Body-Spamschutzregel 38 +/ will be disabled because of improper using/ REJECT Body-Spamschutzregel 39 +/i.*don.*like.*the*.plaintext/ REJECT Body-Spamschutzregel 40 +/archive *password/ REJECT Body-Spamschutzregel 41 +# /The *Attac..* *team/ REJECT Body-Spamschutzregel 42 +/The *Attac.org *team/ REJECT Body-Spamschutzregel 43 +/The *Attac.de *team/ REJECT Body-Spamschutzregel 44 +/The *Attac-netzwerk.de *team/ REJECT Body-Spamschutzregel 45 +/The *Jpberlin.de *team/ REJECT Body-Spamschutzregel 46 +/Our main mailing server/ REJECT Body-Spamschutzregel 47 +/please update your profile at Billing Center/ REJECT Body-Spamschutzregel 48 +/WSEAS will reply to you/ REJECT Body-Spamschutzregel 49 +/de.componentsengine.net/ REJECT Body-Spamschutzregel 50 +/List von Components Engine eingetragen/ REJECT Body-Spamschutzregel 51 +/The Weekend Pill - Xialis is safer, quicker, lasts longers/ REJECT Body-Spamschutzregel +/Muzenda der �teste Sohn von Paul Muzenda bin , einem Farmer in Simba/ REJECT Body-Spamschutzregel 53 +/Alles fr die Autorennbahn/ REJECT Body-Spamschutzregel 54 +/Der Wurm nennt sich selbst "ODIN" und konnte sich bist jetzt/ REJECT Body-Spamschutzregel 55 +/NICHT ABHEBEN, SONDERN SOFORT ABWEISEN/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 56 +/Es ist ein Virus, welcher alle IMEI und IMSI Daten/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 57 +/Der Meister unter den Druckprogrammen: PRINTMASTER 8 GOLD/ REJECT Body-Spamschutzregel 58 +/Stellen Sie sich vor, Sie kaufen ein Produkt oder eine Dienstleistung im/ REJECT Body-Spamschutzregel 59 +/So finden Sie blitzschnell den NAMEN und ADRESS-EINTRAG zu jeder/ REJECT Body-Spamschutzregel 60 +/^TVqQAAMAAAAEAAAA\/\/8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA$/ REJECT Body-Spamschutzregel Due to recent virus attacks, we temporarily block all Win32 executable files. Please re-send your attachment in a compressed (tar, zip, rar, etc.) form. Your message has NOT been delivered. 61 +/eptember 2003, Cumulative Patch/ REJECT Body-Spamschutzregel 62 +/Ich bin gerade vor einem neuen.*sehr gef�rlichen V.rus gewarnt/ REJECT Body-Spamschutzregel 63 +/^RSLxwtYBDB6FCv8ybBcS0zp9VU5of3K4BXuwyehTM0RI9IrSjVuwP94xfn0wgOjouKWzGXHVk3qg$/ REJECT Body-Spamschutzregel This is a Sobig-Worm! 64 +/exklusives virtuelles Gratis-Rubbellos welches Sie gleich jetzt live mit/ REJECT Body-Spamschutzregel 65 +/Willkommen beim Lucky7Casino/ REJECT Body-Spamschutzregel 66 +/heutzutage spielen Kontakte und Adressdaten eine immer wichtigere Rolle./ REJECT Body-Spamschutzregel 67 +/REVERZ anhand des Datenbestands der D-Info den gesuchten/ REJECT Body-Spamschutzregel 68 +/www.privatseitennetz.com/ REJECT Body-Spamschutzregel 69 +/Outlook and Outlook Express as well as five newly/ REJECT Body-Spamschutzregel 70 +/delog@cip.informatik.uni-wuerzburg.de/ REJECT Body-Spamschutzregel 71 +/credit.hostfree2003.com/ REJECT Body-Spamschutzregel 72 +/www.mediabiz.de.ewmail/ REJECT Body-Spamschutzregel 73 +/Want to boost your sales with Internet/ REJECT Body-Spamschutzregel 74 +/talente.tripod.com.br/ REJECT Body-Spamschutzregel 75 +/schlechte Schufa-Auskunft? Bonit�sprobleme? Dann w�len Sie doch/ REJECT Body-Spamschutzregel 76 +/Diese Liste von Banken, Sparkassen Volks- und Raiffeisenbanken OHNE Schufa-Anschluss finden Sie nicht/ REJECT Body-Spamschutzregel 77 +/Gute Nachrichten. Gerade habe ich die geile \"FickShow\" gefunden:/ REJECT Body-Spamschutzregel 78 +/Gute Nachrichten. Gerade habe ich die geile "FickShow" gefunden:/ REJECT Body-Spamschutzregel 79 +/Create Professional 3D Page-Tuning/ REJECT Body-Spamschutzregel 80 +/SEXKONTAKTE ONLINE/ REJECT Body-Spamschutzregel 81 +/FREE Access to.*adult.*sites/i REJECT Body-Spamschutzregel 82 +/web-supermarket.com/i REJECT Body-Spamschutzregel 83 +/Wir haben ihre Adresse durch eines unserer Partnerunternehmen/ REJECT Body-Spamschutzregel 84 +/Wir haben ihre Adresse.*Partnerunternehmen/i REJECT 85 +/herbal-place.com/ REJECT Body-Spamschutzregel 86 +/GIO DIET-CAPS greifen hier ein durch:/ REJECT Body-Spamschutzregel 87 +/These are Free Cash Grants That you NEVER have to repay/ REJECT Body-Spamschutzregel 88 +/Wir haben unseren Zugang neu upgedadet/ REJECT Body-Spamschutzregel 89 +/Jemand der Dich sehr gut kennt wuerde gern ein Treffen mit Dir/i REJECT Body-Spamschutzregel 90 +/Wenn Du wissen willst wer Dich treffen moechte/i REJECT Body-Spamschutzregel 91 +/You Have Won a FREEE/i REJECT Body-Spamschutzregel 93 +/Click Here For All Your Favorite Pornstars/i REJECT Body-Spamschutzregel 94 +/Year the U.S. Government Gives away BILLIONS in cash grants/i REJECT Body-Spamschutzregel 95 +/Banken ohne Schufa-Auskunft/i REJECT Body-Spamschutzregel 96 +/Probleme mit der Schufa/i REJECT Body-Spamschutzregel 97 +/Laden Sie sich jetzt unsere kostenlose Zugangssoftware runter/ REJECT Body-Spamschutzregel 98 +/Genocide Is A Black-And-White Concept/ REJECT Body-Spamschutzregel 99 +/So viele Wuensche auf einmal/ REJECT Body-Spamschutzregel 100 +/diese Mail ist kein SPAM/i REJECT Body-Spamschutzregel 101 +/Sch.*ne Gr.*e von Lucky Casino/ REJECT Body-Spamschutzregel 102 +/Weil Sie oder ein anderer bei Lucky Casino/i REJECT Body-Spamschutzregel 103 +/Endlich habe ich Deine E-Mail Adresse wieder gefunden, das hat aber/i REJECT Body-Spamschutzregel 104 +/galerie kurt im hirsch/ REJECT Body-Spamschutzregel +/X-MS_Scanner: Kein Virus erkannt/ REJECT Body-Spamschutzregel Sober-Wurmsignatur +/Anti_Virus Service/ REJECT Body-Spamschutzregel Sober-Wurmsignatur + +# +# Checks gesammelt aus dem Netz von +# http://www.hispalinux.es/~data/postfix/ +# +/.*www\.removeyou\.com.*/ REJECT Body-Spamschutzregel 110 +/.*waterforge\.com.*/ REJECT Body-Spamschutzregel 111 +/.*capitalwave\.com\?subject=Please*/ REJECT Body-Spamschutzregel 112 +/\.virtmundo\.com/ REJECT Body-Spamschutzregel 113 +#/Accept Credit Cards/ REJECT Body-Spamschutzregel 114 +/Nude Celebrities/ REJECT Body-Spamschutzregel 115 +/PRODUCT or SERVICE/i REJECT Body-Spamschutzregel 116 +# /GUARANTEED!/ REJECT Body-Spamschutzregel 117 +/Amateur Girls/ REJECT Body-Spamschutzregel 118 +#/FREE MEMBERSHIP/ REJECT Body-Spamschutzregel 119 +#/bizinfo/ REJECT Body-Spamschutzregel 120 +# block iframe hack 122 +/<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>/ REJECT Body-Spamschutzregel 123 +# some porn spam phrases 125 +/^Big tit lovers unite\.$|\bcum.?(shoo?ts|slurp)|swallow(ing)? cum\b|\bcum\b.*swallow(ing)?|\b(ass|arse).?fucking|(tight|wet|shaved|young|teen)+ pussy|fuck.?fest|pussy.?juice|\bcum all over|compulsive masturbators agree|explicit hardcore|(nasty|teen).*\bsluts?|You received this mail because our records show that you have asked to receive|(TEEN|ANAL) FUCK SITE|delete this mail( now)? if (you|u) do not want porn|HARDCORE PORN|HORNY FARMGIRLS/ REJECT Body-Spamschutzregel 126 +# some nigerian scam phrases 128 +/^Dear.*(Fellow.*Entrepreneur|Achiever|adult.*webmaster|Internet.*user|Future.*Millionaire)/ REJECT Body-Spamschutzregel 129 +# Wg. Postfiy-Problem auskommentiert?! 130 +#/(Dan Dakova|(TO|Attn *)[;:]? *(The )?President *\/ *C\.?E\.?O\.?|STRICTLY CONFIDENTIAL BUSINESS PROPOSAL|MR(?:\.|=2e)? PATRICE MILLER|President of Crane International Trading Corp(?:\.|=2e)|44-775-281-5820|44-7799289001|44-7092374892|44-7092343325|JOSEPH NWOSU|HARRY KONGOLO|JAMES GIWA|(Umaru|Aminatou) Hamidu|PERSONAL AND STRICTLY CONFIDENTIAL|It is with my profound dignity that I write you this very important|REQUEST FOR URGENT BUSINESS|Marshall Kabba|WITH DUE RESPECT AND HUMIILITY I WRITE YOU|I GOT YOUR CONTACT THROUGH INTERNATIONAL BUSINESS|Your contact address got to me through the Internet|MOHAMMED(?:\.|=2e)?\s?ABACHA|will forward to you a duly signed POWER OF ATTORNEY|Edith M(?:\.|=2e)? Koromah|I must solicit your strictest confidence in this transaction|MRS(?:\.|=2e)? ?M.? ?SESE-SEKO|WIDOW OF LATE PRESIDENT MOBUTU|ATTN:\s*MANAGING DIRECTOR|PERMIT ME TO INFORM YOU OF MY DESIRE OF GOING INTO|MR MOMADOU LEY|I AM BARRISTER ABDULKARIMI A(?:\.|=2e)? BRUME|^\s*ATTN\s*;\s*$|BRAM KHUMALO|(Sandra|Jonas) Savimbi|Million\b.{0,40}\b(?:United States? Dollars?|USD)|BASED ON INFORMATION GATHERED ABOUT YOU|POSITION TO HELP US IN TRANSFER|Government of Nigeria|NIGERIAN? NATIONAL|Nigerian? Government|Bank of Nigeria|Mpeti Kabila|President LAURENT DESIRE KABILA|CLEMENT OSHODI|URGENT & CONFIDENTIAL BUSINESS PROPOSAL|DEPARMENT OF PETROLEUM RESOURCES|Federal Ministry of works and Housing in Nigeria|Director of Contracts and Finance Allocation|CHIENCHEN YU|Dangote Ahmed|CHRIS KAASA|I WAIT YOUR URGENT RESPONSE|PRESIDENT DAWUDU JAWARA|JAMES ADELEKE|I am soliciting your involvement in a business|MIRIAM ABACHA|wife of the (?:late )?Nigeria|Kamuzu Thandiwe)/ REJECT Body-Spamschutzregel 131 +# misc spam phrases 133 +/(Kathmandu Temple Kiff|Do You Have The Yen To Be a A Millionaire\?|This message is brought to you by BerryTrim Affiliate|A \$5,000 Investment in the Euro vs the dollar, "?properly positioned"?|Reply( back)? with "?remove"? in( the)? subject line|To be removed (send e?-?mail|from further mailings)|If you have the staff to field the leads I can generate|Do you need more Traffic to your website\?|herbal viagra)/ REJECT Body-Spamschutzregel 134 +# Covers off most of the double extension virus attachments- more you have 140 +# in one line the more efficient it is 141 +/^Content-Disposition: attachment;filename=".*\.(doc|zip|exe|xls|jpg|gif)\.(pif|bat|com|exe|lnk)"$/ REJECT Body-Spamschutzregel 142 +/^Content-Disposition: attachment;filename=.*\.(doc|zip|exe|xls|jpg|gif)\.(pif|bat|com|exe|lnk)$/ REJECT Body-Spamschutzregel 143 +/(filename|name)="(WTC|wtc|README)\.EXE"/ REJECT Body-Spamschutzregel 145 +/(filename|name)="(Happy99|Navidad|prettypark|pretty park|zipped_files|flcss|Msinit|wininit|msi216|readme|README|Avp_updates|Qi_test|Anti_cih)\.exe"/ REJECT Body-Spamschutzregel 146 +/(filename|name)="(dhcp*|Emanuel|kmbfejkm|NakedWife|Seicho_no_ie|JAMGCJJA|Sulfnbk)\.exe"/ REJECT Body-Spamschutzregel 147 +/(kak|day)\.(reg|hta)/ REJECT Body-Spamschutzregel 148 +/to be removed[,]* please click.*link/ REJECT Body-Spamschutzregel 151 +# /to be removed[,]* from (the|my|our) (mailing|email|e-mail)*[ ]*list/ REJECT Body-Spamschutzregel 152 +/to be removed[,]* from.*(mailings|offers)/ REJECT Body-Spamschutzregel 153 +/to be removed[,]* from the list send a blank email/ REJECT Body-Spamschutzregel 154 +/to be removed[,]* [e]*[-]*mail.*with/ REJECT Body-Spamschutzregel 155 +/to remove[,]* please send a blank email/ REJECT Body-Spamschutzregel 156 +#/remove yourself from this list/ REJECT Body-Spamschutzregel 157 +/removed from our mail agents/ REJECT Body-Spamschutzregel 158 +/to remove yourself immediately/ REJECT Body-Spamschutzregel 159 +/to remove yourself from future/ REJECT Body-Spamschutzregel 160 +/Rem[o]*ve me fro[nm] any (furhter|further) mailings/ REJECT Body-Spamschutzregel 161 +/remove yourself from any future mailings/ REJECT Body-Spamschutzregel 162 +/to no longer receive this message reply/ REJECT Body-Spamschutzregel 163 +/to no longer receive messages click the link/ REJECT Body-Spamschutzregel 164 +/to no longer receive messages please click the link/ REJECT Body-Spamschutzregel 165 +/our broadcast email software/ REJECT Body-Spamschutzregel 166 +/there are no federal regulations or laws on (email|e-mail) advertising/ REJECT Body-Spamschutzregel 167 +/to receive (no|any) (further|future) (offers|mailings)/ REJECT Body-Spamschutzregel 168 +/do not wish to receive future (e-mail|email)/ REJECT Body-Spamschutzregel 169 +# /do not wish to receive (e-mail|email)/ REJECT Body-Spamschutzregel 170 +/unsubscribe from Virtumundo Rewards/ REJECT Body-Spamschutzregel 171 +/if you do not wish to receive email from me/ REJECT Body-Spamschutzregel 172 +/reply with the word remove in the subject line/ REJECT Body-Spamschutzregel 173 +/reply address on this email was active at the time this email was sent/ REJECT Body-Spamschutzregel 174 +/not a registered investment advisor/ REJECT Body-Spamschutzregel 175 +/sent by corporate micro mail manager/ REJECT Body-Spamschutzregel 176 +/to be stop future mailings/ REJECT Body-Spamschutzregel 177 +/to stop future mailings/ REJECT Body-Spamschutzregel 178 +/to be taken off the mailing list please click below/ REJECT Body-Spamschutzregel 179 +/sent to you in compliance (with|of)/ REJECT Body-Spamschutzregel 180 +/sent in compliance (with|of)/ REJECT Body-Spamschutzregel 181 +/compliance with the current federal legislation/ REJECT Body-Spamschutzregel 182 +/comply with proposed federal legislation/ REJECT Body-Spamschutzregel 183 +/permanently (deleted|removed) from our (database|list)/ REJECT Body-Spamschutzregel 184 +/to be removed your email from our mailing list/ REJECT Body-Spamschutzregel 185 +/this mailing is done by an independent marketing/ REJECT Body-Spamschutzregel 186 +/this[ ]*message[ ]*is[ ]*being[ ]*sent[ ]*in[ ]*full[ ]*compliance/ REJECT Body-Spamschutzregel 187 +/this is a one[-\ ]*time (email|e-mail|mailing|offer)/ REJECT Body-Spamschutzregel 188 +/Under Bill s.1618/ REJECT Body-Spamschutzregel 189 +/cannot be considered spam/ REJECT Body-Spamschutzregel 190 +/cannot be considered as spam/ REJECT Body-Spamschutzregel 191 +/(respect|honor|honour) all removal requests/ REJECT Body-Spamschutzregel 192 +/no longer wish to receive these offers/ REJECT Body-Spamschutzregel 193 +/you will not receive this offer again/ REJECT Body-Spamschutzregel 194 +/this is not an unsolicited mail/ REJECT Body-Spamschutzregel 195 +/this email has not been sent to you unsolicited/ REJECT Body-Spamschutzregel 196 +/has not been sent unsolicited/ REJECT Body-Spamschutzregel 197 +#/(wish|would) to be removed from (our|the)/ REJECT Body-Spamschutzregel 199 +/all removes (honored|honoured)/ REJECT Body-Spamschutzregel 200 +/To[ ]+remove[ ]+.*@excite.com/ REJECT Body-Spamschutzregel 201 +/to[ ]+be[ ]+removed[ ]+.*@excite.com/ REJECT Body-Spamschutzregel 202 +/removemenow@excite.com/ REJECT Body-Spamschutzregel 204 +/1800cruisesandtours\.com/ REJECT Body-Spamschutzregel 205 +/freewebdirect\.net/ REJECT Body-Spamschutzregel 206 +/new-herbalway\.com/ REJECT Body-Spamschutzregel 207 +/advantagesweb\.com/ REJECT Body-Spamschutzregel 208 +/phytohealing\.com/ REJECT Body-Spamschutzregel 209 +/tradersprophet\.com/ REJECT Body-Spamschutzregel 210 +/ugot2see\.com/ REJECT Body-Spamschutzregel 211 +/hotlatinparadise\.com/ REJECT Body-Spamschutzregel 212 +/pearlgolf\.com/ REJECT Body-Spamschutzregel 213 +/halloweenomania\.com/ REJECT Body-Spamschutzregel 214 +/gofortuneonline\.com/ REJECT Body-Spamschutzregel 215 +/scantexas\.com/ REJECT Body-Spamschutzregel 216 +/buildreferrals\.com/ REJECT Body-Spamschutzregel 217 +/removeyou\.com/ REJECT Body-Spamschutzregel 218 +/cashbackmall\.com/ REJECT Body-Spamschutzregel 219 +/pageitnow\.net/ REJECT Body-Spamschutzregel 220 +/easycream\.com/ REJECT Body-Spamschutzregel 221 +/optinrealbig\.com/ REJECT Body-Spamschutzregel 222 +/realgreatgifts\.com/ REJECT Body-Spamschutzregel 223 +/realcheapgifts\.com/ REJECT Body-Spamschutzregel 224 +/pillsofpleasure\.com/ REJECT Body-Spamschutzregel 225 +/greathealthpills\.com/ REJECT Body-Spamschutzregel 226 +/saverealbigdeals\.com/ REJECT Body-Spamschutzregel 227 +/saverealbigstore\.com/ REJECT Body-Spamschutzregel 228 +/realbigwinners\.com/ REJECT Body-Spamschutzregel 229 +/saverealbig\.com/ REJECT Body-Spamschutzregel 230 +/extremetraffic_rem@excite\.com/ REJECT Body-Spamschutzregel 232 +/tccoptin@yahoo\.com/ REJECT Body-Spamschutzregel 233 +/tccoptout@yahoo.com/ REJECT Body-Spamschutzregel 234 +/stop026@excite\.com/ REJECT Body-Spamschutzregel 235 +/pleasestopsending@hotmail.com/ REJECT Body-Spamschutzregel 236 +/viperdrawing@winning.com/ REJECT Body-Spamschutzregel 237 +/mailto:.*\@.*\?subject\=(3D)*(remove|removeme|pleasedelete|pleaseremove|deleteme)+/ REJECT Body-Spamschutzregel 238 +/StudioPros/ REJECT Body-Spamschutzregel 240 +/universal advertising systems/ REJECT Body-Spamschutzregel 241 +/androstenone pheromone concentrate/ REJECT Body-Spamschutzregel 242 +/message was sent by a[n]* independent advertising company/ REJECT Body-Spamschutzregel 243 +/amazing cash products/ REJECT Body-Spamschutzregel 244 +/penis.*growth/ REJECT Body-Spamschutzregel 245 +/vortex[ ]+supplies/ REJECT Body-Spamschutzregel 246 +/international trade sources llc/ REJECT Body-Spamschutzregel 247 +/postmasterdirect inc/ REJECT Body-Spamschutzregel 248 +/free no obligation consultation/ REJECT Body-Spamschutzregel 249 +/voted sex[-\ ]server on the web/ REJECT Body-Spamschutzregel 250 +/get back.*years of your income taxes/ REJECT Body-Spamschutzregel 251 +/click here for your free quote/ REJECT Body-Spamschutzregel 252 +/click here to be (permanently)* ?(removed|deleted)/ REJECT Body-Spamschutzregel 253 +/to unsubscribe do nothing/ REJECT Body-Spamschutzregel 254 +/OTCBB Stock Alert/ REJECT Body-Spamschutzregel 255 +/apparently you have filled out an online form/ REJECT Body-Spamschutzregel 257 +/list management software will not know/ REJECT Body-Spamschutzregel 258 +/message will only be sent once/ REJECT Body-Spamschutzregel 259 +/found this company on the internet/ REJECT Body-Spamschutzregel 260 +/you will not receive any future mailings/ REJECT Body-Spamschutzregel 261 +/all removal requests are (honored|honoured)/ REJECT Body-Spamschutzregel 262 +/you will be removed from our mailing[ ]*list and receive no further information from us/ REJECT Body-Spamschutzregel 263 +/we include contact information and a method to be removed from our mailing[ ]*list/ REJECT Body-Spamschutzregel 264 +/there is no need to unsubscribe/ REJECT Body-Spamschutzregel 265 +/I have made every attempt to target this message/ REJECT Body-Spamschutzregel 266 +/If you do not wish to be on our list then click here/ REJECT Body-Spamschutzregel 267 +/If you are not interested in receiving information/ REJECT Body-Spamschutzregel 268 +/your request will be (honored|honoured) with prompt removal/ REJECT Body-Spamschutzregel 269 +/if you feel you got this e[-]*mail by mistake/ REJECT Body-Spamschutzregel 270 +/to have us permanently remove you from our list/ REJECT Body-Spamschutzregel 271 +/we guarantee you will not receive any future e[-]*mails from us/ REJECT Body-Spamschutzregel 272 +/if you would rather not receive future e[-]*mails/ REJECT Body-Spamschutzregel 273 +/we do not intend to send any future e[-]*mails/ REJECT Body-Spamschutzregel 274 +/further emailing to you by the of this email may be stopped/ REJECT Body-Spamschutzregel 275 +/by the of this email may be stopped/ REJECT Body-Spamschutzregel 276 +/receiving this e[-]*mail because you opted[-\ ]in/ REJECT Body-Spamschutzregel 277 +/this email has been sent to you because someone at this e[-]*mail address/ REJECT Body-Spamschutzregel 278 +/to have your name removed from our email database/ REJECT Body-Spamschutzregel 279 +/stopped at no cost to you by sending a reply to this e[-]*mail address/ REJECT Body-Spamschutzregel 280 +/this message is an advertisement/ REJECT Body-Spamschutzregel 281 +/immediately removed from receiving any more information/ REJECT Body-Spamschutzregel 282 +/would not like to receive future messages/ REJECT Body-Spamschutzregel 283 +/tell us you would not like to continue to receive such e[-]*mails/ REJECT Body-Spamschutzregel 284 +/advertise your product or service using bulk email services/ REJECT Body-Spamschutzregel 285 +/You have been specially selected to qualify/ REJECT Body-Spamschutzregel 286 +/while working from the privacy of your own home/ REJECT Body-Spamschutzregel 287 +/e[-]*mail messages may be stopped/ REJECT Body-Spamschutzregel 288 +/list removal\/opt[-\ ]*out/ REJECT Body-Spamschutzregel 289 +/this is a no obligation qualification form/ REJECT Body-Spamschutzregel 290 +/please notify the sender immediately with .*remove/ REJECT Body-Spamschutzregel 291 +/home[-\ ]based income opportunity/ REJECT Body-Spamschutzregel 292 +/(filename|name)="(Happy99|Navidad|prettypark)\.exe"/ REJECT Body-Spamschutzregel 294 +/(filename|name)="(pretty park|zipped_files|flcss)\.exe"/ REJECT Body-Spamschutzregel 295 +/(filename|name)="(Msinit|wininit|msi216|CFGWIZ31)\.exe"/ REJECT Body-Spamschutzregel 296 +/(filename|name)="(Avp_updates|Qi_test|Anti_cih)\.exe"/ REJECT Body-Spamschutzregel 297 +/(filename|name)="(Emanuel|kmbfejkm|NakedWife|Readme|readme)\.exe"/ REJECT Body-Spamschutzregel 298 +/(filename|name)="(Seicho_no_ie|JAMGCJJA|Sulfnbk|QuickLnk)\.exe"/ REJECT Body-Spamschutzregel 299 +/(filename|name)="(Readme|readme)\.eml"/ REJECT Body-Spamschutzregel 300 +/(kak|day)\.(reg|hta)/ REJECT Body-Spamschutzregel 302 +/Rem I am sorry/ REJECT Body-Spamschutzregel 303 +/Te mando este archivo para que me des tu punto de vista/ REJECT Body-Spamschutzregel 304 +/I send you this file in order to have your advice/ REJECT Body-Spamschutzregel 305 +/Espero me puedas ayudar con el archivo que te mando/ REJECT Body-Spamschutzregel 306 +/Espero te guste este archivo que te mando/ REJECT Body-Spamschutzregel 307 +/Este es el archivo con la informaci� que me pediste/ REJECT Body-Spamschutzregel 308 +/I hope you can help me with this file that I send/ REJECT Body-Spamschutzregel 309 +/I hope you like the file that I send you/ REJECT Body-Spamschutzregel 310 +/This is the file with the information that you ask for/ REJECT Body-Spamschutzregel 311 +/0 Business Fax Numbers/ REJECT Body-Spamschutzregel 314 +/1[-\ ]Time Mailling/ REJECT Body-Spamschutzregel 315 +/30 day money back guarantee/ REJECT Body-Spamschutzregel 316 +/A New Loan Makes Sense/ REJECT Body-Spamschutzregel 317 +/Advertise your product or service/ REJECT Body-Spamschutzregel 318 +/Aging While Burning Fat/ REJECT Body-Spamschutzregel 319 +/Amazing cash products/ REJECT Body-Spamschutzregel 320 +/Androstenone/ REJECT Body-Spamschutzregel 321 +/Attract Members of The Opposite/ REJECT Body-Spamschutzregel 322 +/Automatic Stock Picking Software/ REJECT Body-Spamschutzregel 323 +/Bad Credit Is History/ REJECT Body-Spamschutzregel 324 +/Banner Advertising Price/ REJECT Body-Spamschutzregel 325 +/Barnyard Fucking/ REJECT Body-Spamschutzregel 326 +/BEAUTIFUL Women On The Web/ REJECT Body-Spamschutzregel 327 +/Because Our Records Indicate That You Are A/ REJECT Body-Spamschutzregel 328 +# /Because You Agree/ REJECT Body-Spamschutzregel 329 +/Because You Have Subscribed To One Of Our/ REJECT Body-Spamschutzregel 330 +#/Because You Registered/ REJECT Body-Spamschutzregel 331 +/Because You Signed Up At One/ REJECT Body-Spamschutzregel 332 +/Best Porn/ REJECT Body-Spamschutzregel 333 +/Buy Preforeclosure Houses/ REJECT Body-Spamschutzregel 334 +/Cable TV Descrambler/ REJECT Body-Spamschutzregel 335 +/Cannot be Considered Spam/ REJECT Body-Spamschutzregel 336 +/Cannot be Considered As Spam/ REJECT Body-Spamschutzregel 337 +/Caso nao desejar receber este tipo de email novamente/ REJECT Body-Spamschutzregel 338 +/Click Here For Your Free Quote/ REJECT Body-Spamschutzregel 339 +/Click Here To Avoid This In The Future/ REJECT Body-Spamschutzregel 340 +/Compliance with the current federal legislation/ REJECT Body-Spamschutzregel 341 +/Copy DVD Movies/ REJECT Body-Spamschutzregel 343 +/Creating Immediate Wealth/ REJECT Body-Spamschutzregel 344 +/Cum Shots/ REJECT Body-Spamschutzregel 345 +/Dear Future/ REJECT Body-Spamschutzregel 348 +#/Dear Entrepreneur/ REJECT Body-Spamschutzregel 349 +/Debt Consolidation/ REJECT Body-Spamschutzregel 350 +/Do You Want Financial/ REJECT Body-Spamschutzregel 351 +/Don't Need A Prescription/ REJECT Body-Spamschutzregel 352 +/E[-\ ]Mail Bill Section 301/ REJECT Body-Spamschutzregel 353 +/Earn A Full Time Income/ REJECT Body-Spamschutzregel 354 +/Easily Lose Weight/ REJECT Body-Spamschutzregel 355 +/Equalamail/ REJECT Body-Spamschutzregel 356 +/Email Bill Section 301/ REJECT Body-Spamschutzregel 357 +/Erotic Travel Guide/ REJECT Body-Spamschutzregel 358 +/Fat Blocker/ REJECT Body-Spamschutzregel 359 +/Fellow Internet entrepeneur/ REJECT Body-Spamschutzregel 360 +/Figure Income Earners/ REJECT Body-Spamschutzregel 361 +/Find Out Anything About Anyone/ REJECT Body-Spamschutzregel 362 +/Fix Your Credit/ REJECT Body-Spamschutzregel 363 +/Found this company on the internet/ REJECT Body-Spamschutzregel 364 +/Free Bulk Email/ REJECT Body-Spamschutzregel 365 +/Free Direct Email/ REJECT Body-Spamschutzregel 367 +/Free Multiple Moving Cost/ REJECT Body-Spamschutzregel 368 +/Free no obligation/ REJECT Body-Spamschutzregel 369 +/Free Private Webcam/ REJECT Body-Spamschutzregel 370 +/Free S e x/ REJECT Body-Spamschutzregel 371 +/Free Sex/ REJECT Body-Spamschutzregel 372 +/Free Vacation Giveaway/ REJECT Body-Spamschutzregel 373 +/Free XXX/ REJECT Body-Spamschutzregel 374 +/From A Concerned Gas User/ REJECT Body-Spamschutzregel 375 +/Get back.*years of your income taxes/ REJECT Body-Spamschutzregel 376 +/Government Grants E-Book/ REJECT Body-Spamschutzregel 377 +/GROWTH HORMONE RELEASER/ REJECT Body-Spamschutzregel 378 +/Hardcore Animal Action/ REJECT Body-Spamschutzregel 379 +/Hardcore Barnyard/ REJECT Body-Spamschutzregel 380 +/Hardcore Fist/ REJECT Body-Spamschutzregel 381 +/Hardcore Fucking/ REJECT Body-Spamschutzregel 382 +/Home[-\ ]based income opportunity/ REJECT Body-Spamschutzregel 383 +/Has not been sent unsolicited/ REJECT Body-Spamschutzregel 384 +/I Will Personally Show You How/ REJECT Body-Spamschutzregel 385 +/Independent advertising company/ REJECT Body-Spamschutzregel 386 +/Incredible Life Changing/ REJECT Body-Spamschutzregel 387 +/It Has Been Going Since/ REJECT Body-Spamschutzregel 388 +/Hardcore Animal/ REJECT Body-Spamschutzregel 389 +/Hardcore Fucking/ REJECT Body-Spamschutzregel 390 +/Hardcore Teens/ REJECT Body-Spamschutzregel 391 +/Hardcore Unsuspecting/ REJECT Body-Spamschutzregel 392 +/Has not been sent to you unsolicited/ REJECT Body-Spamschutzregel 393 +/Hear About Future Offers From Us/ REJECT Body-Spamschutzregel 394 +/Hear About Offers From Us/ REJECT Body-Spamschutzregel 395 +/Hot Horny Girls/ REJECT Body-Spamschutzregel 396 +/Hot Young Nasty/ REJECT Body-Spamschutzregel 397 +/Huge Wild Animals/ REJECT Body-Spamschutzregel 398 +/Improve Sexual Vigor/ REJECT Body-Spamschutzregel 399 +#/If you no longer wish to receive/ REJECT Body-Spamschutzregel 400 +/If you prefer not to receive future emails/ REJECT Body-Spamschutzregel 401 +/I'm a total exibitionist/ REJECT Body-Spamschutzregel 402 +/Im a total exibitionist/ REJECT Body-Spamschutzregel 403 +/In Compliance With The New E[-\ ]Mail Bill/ REJECT Body-Spamschutzregel 404 +#/Interest rates are rising/ REJECT Body-Spamschutzregel 405 +/Just ONE click away from showing you/ REJECT Body-Spamschutzregel 406 +/Lender referral service/ REJECT Body-Spamschutzregel 407 +/Lenders Compete For Your Business/ REJECT Body-Spamschutzregel 408 +/Life Changing Opportunity/ REJECT Body-Spamschutzregel 409 +/Lips Around Your/ REJECT Body-Spamschutzregel 410 +/Locate Hidden Assets/ REJECT Body-Spamschutzregel 411 +/Lose Pounds And Inches/ REJECT Body-Spamschutzregel 412 +/Lose Some Weight Before/ REJECT Body-Spamschutzregel 413 +/Low[-\ ]Cost Viagra/ REJECT Body-Spamschutzregel 414 +/Lowest Mortgage/ REJECT Body-Spamschutzregel 415 +/Make money online/ REJECT Body-Spamschutzregel 416 +# /Marketing Method/ REJECT Body-Spamschutzregel 417 +/Million E[-\ ]mail Addresses/ REJECT Body-Spamschutzregel 418 +/Million Email Addresses/ REJECT Body-Spamschutzregel 419 +/Minutes To Complete Your Order/ REJECT Body-Spamschutzregel 420 +/Much More Effective For Both Partners/ REJECT Body-Spamschutzregel 421 +/Mortgage Quote/ REJECT Body-Spamschutzregel 422 +/Need Fod Adult Entertainment/ REJECT Body-Spamschutzregel 423 +/Never Sends Unsolicited Email/ REJECT Body-Spamschutzregel 424 +/No[-\ ]Spam Policy/ REJECT Body-Spamschutzregel 425 +/On my personal live Webcam/ REJECT Body-Spamschutzregel 427 +/One[-\ ]Time Mail/ REJECT Body-Spamschutzregel 428 +/One[-\ ]Time Non[-\ ]Commercial/ REJECT Body-Spamschutzregel 429 +/Opt-In To Our/ REJECT Body-Spamschutzregel 430 +/Opt-Out From Our/ REJECT Body-Spamschutzregel 431 +/Our Herbal Supplement/ REJECT Body-Spamschutzregel 432 +/Owning your first home/ REJECT Body-Spamschutzregel 433 +/Partner E[-\ ]mail Offers/ REJECT Body-Spamschutzregel 434 +/Partner Email Offers/ REJECT Body-Spamschutzregel 435 +/Penis.*growth/ REJECT Body-Spamschutzregel 436 +/Permanently (deleted|removed) From Our/ REJECT Body-Spamschutzregel 437 +/Permission Based E[-\ ]mail/ REJECT Body-Spamschutzregel 438 +/Permission Based Email/ REJECT Body-Spamschutzregel 439 +/Pheromone Concentrate/ REJECT Body-Spamschutzregel 440 +/Potent Pheromone/ REJECT Body-Spamschutzregel 441 +/Price Discount for New TLD Extensions/ REJECT Body-Spamschutzregel 442 +/Quality Amateur Action/ REJECT Body-Spamschutzregel 443 +/Ready to refinance/ REJECT Body-Spamschutzregel 444 +/Real Live Cameras And Movies/ REJECT Body-Spamschutzregel 445 +/Real LiveCameras And Movies/ REJECT Body-Spamschutzregel 446 +/Receive Special Offer/ REJECT Body-Spamschutzregel 447 +/Reduce Body Fat/ REJECT Body-Spamschutzregel 448 +/Refinance Your Home/ REJECT Body-Spamschutzregel 449 +/Second Mortgage/ REJECT Body-Spamschutzregel 450 +/Secure A Better Life For/ REJECT Body-Spamschutzregel 451 +/See How Much You Can Save/ REJECT Body-Spamschutzregel 452 +/Sent to you in compliance (with|of)/ REJECT Body-Spamschutzregel 453 +/Sent To You By A Marketing Partner/ REJECT Body-Spamschutzregel 454 +/Sent in compliance (with|of)/ REJECT Body-Spamschutzregel 455 +/Serious Inquiries Only Please/ REJECT Body-Spamschutzregel 456 +/Shop Hundreds Of Lenders/ REJECT Body-Spamschutzregel 457 +/Start Making $1/ REJECT Body-Spamschutzregel 458 +/Step To Financial Freedom/ REJECT Body-Spamschutzregel 459 +/Steps To Financial Freedom/ REJECT Body-Spamschutzregel 460 +/Suck My Cock/ REJECT Body-Spamschutzregel 461 +/Take A FREE Trip/ REJECT Body-Spamschutzregel 462 +/TAKE YOUR FIRST BIG STEP/ REJECT Body-Spamschutzregel 463 +/Targeted E[-\ ]mail List/ REJECT Body-Spamschutzregel 464 +/Targeted Email List/ REJECT Body-Spamschutzregel 465 +/The following gift or special offer was sent to you/ REJECT Body-Spamschutzregel 466 +/This email is not sent unsolicited/ REJECT Body-Spamschutzregel 467 +/This Is A One[-\ ]*Time (email|e-mail|mailing|offer)/ REJECT Body-Spamschutzregel 468 +/This mailing is done by an independent marketing/ REJECT Body-Spamschutzregel 469 +/To Be Removed From This Targeted/ REJECT Body-Spamschutzregel 470 +/To Claim Your Prize Click/ REJECT Body-Spamschutzregel 471 +/To Stop All Future Offers/ REJECT Body-Spamschutzregel 472 +/Under Bill s.1618/ REJECT Body-Spamschutzregel 473 +/Universal Advertising System/ REJECT Body-Spamschutzregel 474 +/Unlimited Phone Conversations/ REJECT Body-Spamschutzregel 475 +/Using Your Identity/ REJECT Body-Spamschutzregel 476 +/Virtumundo/ REJECT Body-Spamschutzregel 477 +/Voted sex[-\ ]server on the web/ REJECT Body-Spamschutzregel 478 +/We can award any degree/ REJECT Body-Spamschutzregel 479 +/We know it sounds impossible/ REJECT Body-Spamschutzregel 480 +# /Weight Loss [Drug\Medication]/ REJECT Body-Spamschutzregel 481 +/While working from the privacy of your own home/ REJECT Body-Spamschutzregel 482 +/Win Big Money Today/ REJECT Body-Spamschutzregel 483 +/Without Pumps Or Weights Or Stretches/ REJECT Body-Spamschutzregel 484 +/Wouldn't You Like Your Husband Or Boyfriend To Have/ REJECT Body-Spamschutzregel 485 +/You Agree To Receive Email Marketing From/ REJECT Body-Spamschutzregel 486 +/You Are Receiving This Exclusive Promotion/ REJECT Body-Spamschutzregel 487 +/You Are Registered At One Of Our/ REJECT Body-Spamschutzregel 488 +/You are receiving this mail because you have/ REJECT Body-Spamschutzregel 489 +/You Have Agreed To Receive/ REJECT Body-Spamschutzregel 490 +/You Can Search For Anyone/ REJECT Body-Spamschutzregel 491 +/You've Agreed To Receive/ REJECT Body-Spamschutzregel 492 +/You Registered At One Of Our/ REJECT Body-Spamschutzregel 493 +/You've Registered At One Of Our/ REJECT Body-Spamschutzregel 494 +/Your E[-\ ]mail Address Was Obtained/ REJECT Body-Spamschutzregel 495 +/Your Email Address Was Obtained/ REJECT Body-Spamschutzregel 496 +/Your Email Address Was Supplied/ REJECT Body-Spamschutzregel 497 +/Your Mail Address Was Supplied/ REJECT Body-Spamschutzregel 498 +/Your Penis Size/ REJECT Body-Spamschutzregel 499 +/Smart Tags, Smart Investments?/ REJECT Body-Spamschutzregel 500 +/faze the Neptune focal point and strive enterprising/ REJECT Body-Spamschutzregel 501 +/full moon insistence gist an packed/ REJECT Body-Spamschutzregel 502 +/a upward prominently field day health care the ridicule offing or Internet seemingly/ REJECT Body-Spamschutzregel 503 +/fanatic but consistency sluice scrape downtrodden five and ten on needless/ REJECT Body-Spamschutzregel 504 +/fuse box sick sister/ REJECT Body-Spamschutzregel 505 +/immediate fulfillment big deal and cashier/ REJECT Body-Spamschutzregel 506 +/in on parakeet quizzical chicken feed leper on square/ REJECT Body-Spamschutzregel 508 +/reference ounce a achiever sunblock syringe roadside longevity/ REJECT Body-Spamschutzregel 509 +/ocean distrust as antiperspirant coax lubricant entry, the northwestern politicize,/ REJECT Body-Spamschutzregel 510 +/By the time Scarlett had undressed and blown out the candle, her/ REJECT Body-Spamschutzregel 511 +/E-MAIL:czq7q67a@yahoo.co.jp/ REJECT Body-Spamschutzregel 512 diff --git a/postfix/body_checks.2012-04-16_11:08:12 b/postfix/body_checks.2012-04-16_11:08:12 new file mode 100644 index 0000000..79a3e0c --- /dev/null +++ b/postfix/body_checks.2012-04-16_11:08:12 @@ -0,0 +1,681 @@ +# Version 3.69 / 8.6.2011 +# +# Das Postfix-Buch - Sichere Mailserver mit Linux +# http://www.postfixbuch.de +# +# Heinlein Professional Linux Support GmbH +# http://www.heinlein-support.de +# +# Downloadquelle dieser Datei: http://www.postfixbuch.de/web/service/checks/ +# +# +# Verwendung der Filtersammlung auf eigene Gefahr. +# +# Es handelt sich dabei um einen tagesaktuellen Auszug der beim +# ISP "JPBerlin.de" genutzten Filterregeln. Bitte pruefen Sie vor einem +# Einsatz bei Ihnen ganz genau, ob diese Regeln noch aktuell und sinnvoll +# sind und ob Sie sie einsetzen moechten! +# +# +# Setzen Sie in /etc/postfix/main.cf einfach +# +# body_checks = pcre:/etc/postfix/body_checks oder +# oder +# body_checks = regexp:/etc/postfix/body_checks +# +# und fuehren Sie "rcpostfix reload" aus. +# +# Tipp: pcre ist ein Drittel schneller als regexp! +# +# + +# +# Die Nummern hinter dem REJECT tauchen spaeter iM SMTP-Error oder im Log +# auf, um die Filter-Regel wiederzufinden, die den Block ausgeloest hat. +# Es kann stattdessen auch einfacher Text benutzt werden. +# + + +/^Received: from mail pickup service by EXDO01.stricker-marsch.de with Microsoft SMTPSVC.*/ REJECT Mailloopbomb bitte anrufen + +# +# +# Tagesaktuelle, nur voruebergehende Regelungen: +# =============================================== +# [Immer mit Timestamp (!) und ggf. Ticket-Nummer eintragen!] +# + +/alexatrej14913.blogspot.com/ REJECT +/m-back22.ocn.ad.jp/ REJECT +/Received: from 83.3.224.146/ REJECT +/<HTML><HEAD><TITLE>Western Union Alerts./ REJECT +/http:\/\/www.rocktonchamber.com/ REJECT + +# +# +# Dauerhaft genutzte Regelungen: +# =============================================== +# [Immer mit aufsteiger Nummer sauber eintragen!] +# +# +/http:\/\/sonofages.free.fr\/images\/LogoCreditMutuel.png/ REJECT Body-Spamschutzregel 1133 +/ucc.edu.ni/ REJECT Body-Spamschutzregel 1132 +/7figureincome\.php/ REJECT Body-Spamschutzregel 1131 +/Cher Client Verified by Visa/ REJECT Body-Spamschutzregel 1130 +/^From: "Topillen Apotheke" / REJECT Body-Spamschutzregel 1129 +/^Aufgrund mehrerer Phishing Versuche, unsere Visa und Mastercard/ REJECT Body-Spamschutzregel 1128 +/^ Phishing Departament/ REJECT Body-Spamschutzregel 1127 +/We wish to invest between $5Million-$100Million in any viable projects/ REJECT Body-Spamschutzregel 1126 +/God bless you as you get back to me/ REJECT Body-Spamschutzregel 1125 +/www.(b|B)ien(e|E)tremag.com/ REJECT Body-Spamschutzregel 1124 +/Sehr geehrte Sparkasse Card/ REJECT Body-Spamschutzregel 1123 +/zigaretten-discount.info/ REJECT Body-Spamschutzregel 1122 +/zigaretten-discount\[punkt\]info/ REJECT Body-Spamschutzregel 1121 +/Guten Tag Mitglied [0-9]{5}/ REJECT Body-Spamschutzregel 1120 +/elenx.innovacon.com\/.e\/e.php/ REJECT Body-Spamschutzregel 1119 +/www.sniperrs.de\/modules\/Forums\/admin/ REJECT Body-Spamschutzregel 1118 +/boxneufnet.com\/id\/oragne.fr\/Identifiant/ REJECT Body-Spamschutzregel 1117 +/www.colellsa.com\/img\/quienes\/pabo\/paypal-fr/ REJECT Body-Spamschutzregel 1116 +/dekmor.cmu.ac.th\/sticker\/upload\/Logs\/Login\/webscrcmd/ REJECT Body-Spamschutzregel 1115 +/ektoschronou.com/ REJECT Body-Spamschutzregel 1114 +/ulouwaio.com/ REJECT Body-Spamschutzregel 1113 +/logonature.com.nu/ REJECT Body-Spamschutzregel 1112 +/suinlop.com/ REJECT Body-Spamschutzregel 1111 +/soudoorpo.com/ REJECT Body-Spamschutzregel 1110 +/GOOGLE AUSSTATTUNGSFONDS 20.?.? GEWINNER ANMELDEFORMULAR FUER ZAHLUNG/ REJECT Body-Spamschutzregel 1109 +/Anbieter: Privacy GG Limited, 99 Albert Street, Belize City, CA/ REJECT Body-Spamschutzregel 1108 +/^Die Nachricht wurde durch Interads 24 Ltd/ REJECT Body-Spamschutzregel 1107 +/www.sommer-mit-kollegen.de/ REJECT Body-Spamschutzregel 1006 +# Ein Spammer versenden immer Austragungslinks, die auf "/ausa" enden: +/^www.*\/ausa$/ REJECT Body-Spamschutzregel 1105 +/KlickTel Telefonbuch OEM/ REJECT Body-Spamschutzregel 1104 +/www.klicktel24.org/ REJECT Body-Spamschutzregel 1103 +/Klicken Sie hier, und fühlen Sie sich endlich gut behandelt:/ REJECT Body-Spamschutzregel 1102 +/maryjanemax@yahoo.co.uk/ REJECT Body-Spamschutzregel 1101 +/http.*muqugeh\.cn/ REJECT Body-Spamschutzregel 1100 +/Bei uns bekommen Sie Ihren Kredit schnell, unbürokratisch, diskret und natürlich ohne Bankauskunft./ REJECT Body-Spamschutzregel 1099 +/INTERNATIONAL LOTTERIE PROMOTION SPIELGEMEINSCHAFT/ REJECT Body-Spamschutzregel 1098 +/Leider st=F6ren Sie.=20/ REJECT Body-Spamschutzregel 1097 +/Sie haben dieses Email erhalten, weil Sie im Newsletter von Promohouse Ltd eingetragen sind/ REJECT Body-Spamschutzregel 1096 +/ATTN: Beneficiar/ REJECT Body-Spamschutzregel 1095 +/www.hedonismails.de/ REJECT Body-Spamschutzregel 1094 +/www.globadressen.(com|net|org|info)/ REJECT Body-Spamschutzregel 1093 +/elegalal.nextmail.ru/ REJECT Body-Spamschutzregel 1092 +/http:\/\/www.switzerlandpussy.eu/ REJECT Body-Spamschutzregel 1082 +/Die jungen Girls fliegen nur so auf die langen/ REJECT Body-Spamschutzregel 1081 +/\*\*\*\* Commercial use of this software is prohibited \*\*\*\*/ REJECT Body-Spamschutzregel 1080 +/I finded your email in internet and I decide to ask you for help/ REJECT Body-Spamschutzregel 1079 +/Details und moegliche Schritte zur Entsperrung finden Sie/ REJECT Body-Spamschutzregel 1078 +/^Amount Won:/ REJECT Body-Spamschutzregel 1077 +/AWARD WINNING NOTICE/i REJECT Body-Spamschutzregel 1076 +/mixvarejo.com/ REJECT Body-Spamschutzregel 1075 +/www.global-db.(com|net|org)/ REJECT Body-Spamschutzregel 1074 +/^I am Barrister/ REJECT Body-Spamschutzregel 1073 +/respublica@gaucherepublicaine.org/ REJECT Body-Spamschutzregel 1072 +/NEU - Vi Super Active/ REJECT Body-Spamschutzregel 1071 +/anhaltende Versagensangste und wiederholte peinliche Situationen/ REJECT Body-Spamschutzregel 1070 +/Schulfreunde Vermittlungs Service AG/ REJECT Body-Spamschutzregel 1068 +/Multimedia Telegramm/ REJECT Body-Spamschutzregel 1067 +/http.*\.fdub\.biz/ REJECT Body-Spamschutzregel 1066 +/TanjaGuenther/ REJECT Body-Spamschutzregel 1065 +/www.bestnetz24.de\/letter\/ausgabe.php/ REJECT Body-Spamschutzregel 1064 +/www.db.?adressen.(com|net|org|info)/ REJECT Body-Spamschutzregel 1063 +/thomas@jthomas.es/ REJECT Body-Spamschutzregel 1062 +/Ihre Marketing Agentur Espa/ REJECT Body-Spamschutzregel 1061 +/www.pakandu.com/ REJECT Body-Spamschutzregel 1060 +/Glob.?.?.?(C|K)ontact.?.?.?Team/ REJECT Body-Spamschutzregel 1059 +/www.gc.?datenbaken.(com|net|org|info)/ REJECT Body-Spamschutzregel 1058 +/www.glc-?data.(com|net|org|info)/ REJECT Body-Spamschutzregel 1057 +/Global.?(C|K)ontact/i REJECT Body-Spamschutzregel 1056 +/www.imarketing.com.br.remove/ REJECT Body-Spamschutzregel 1055 +/Bestellen Sie jetzt und vergessen Sie Ihre Enttauschungen/ REJECT Body-Spamschutzregel 1054 +/Online Apotheke - original Qualitaet/ REJECT Body-Spamschutzregel 1053 +/Wir wissen was Frauen wollern/ REJECT Body-Spamschutzregel 1052 +/Viiiiaaaaaagra/ REJECT Body-Spamschutzregel 1051 +/Web: www.eurasianpages. com/ REJECT Body-Spamschutzregel 1050 +/^Firma Global Contact bietet Ihnen/ REJECT Body-Spamschutzregel 1049 +/www.g-adressen.net/ REJECT Body-Spamschutzregel 1048 +/NIEMALS geben Sie Ihre Passw.rter an niemanden NUR und melden Sie sich/ REJECT Body-Spamschutzregel 1047 Haspa-Pishing +/www.loteria.es/ REJECT Body-Spamschutzregel 1046 +/Girls!  Deveelop your sexual reelationship and get even MORE pleasurre!/ REJECT Body-Spamschutzregel 1045 +# Nigeria-Spam / phei 20080209 +/Ich bin bei einer routinen Überprüfung in meiner Bank/ REJECT Body-Spamschutzregel 1044 +/Ich vermute das diese E-Mail eine Überraschung für Sie sein wird/ REJECT Body-Spamschutzregel 1043 +/Ich bin bei einer routinen Überprüfung in meiner Bank / REJECT Body-Spamschutzregel 1042 +# Versendet UBE/UCE unter verbraucher@wichtig.ms +/^Ein Dienst der IT4YOU AG, Friedrichstrasse 171, Berlin - Mitte als/ REJECT Body-Spamschutzregel 1041 +# Versendet KlickTel UBE/UCE: / phei 20080204 +/^www.cdtophit.org/ REJECT Body-Spamschutzregel 1040 +/http:\/\/www\.doenertreff\.de/ REJECT Body-Spamschutzregel 1039 +/Brauchen Sie noch einen Grund um zu Vegas VIP Casino/ REJECT Body-Spamschutzregel 1038 +/glob-contact.net$/ REJECT Body-Spamschutzregel 1037: glob-contact +/^Ihr Glob-Kontakt-Team$/ REJECT Body-Spamschutzregel 1036: glob-contact +/www.feilervision.de/ REJECT Body-Spamschutzregel 1035: feilervision +/DER INVESTORALARM!/i REJECT Body-Spamschutzregel 1034 +/ES IST EIN UNGLAUBLICHES PROFITPOTENTIAL! VERLIERE DIESE CHANCE NICHT!/i REJECT Body-Spamschutzregel 1033 +/LOTTERY AND GAMING INTERNET MESSAGE CENTRE/ REJECT Body-Spamschutzregel 1033 +/I work very hard every day to be able to buy necessities for my mother/ REJECT Body-Spamschutzregel 1032 +/THE FREELOTTO COMPANY/ REJECT Body-Spamschutzregel 1031 +/BreakingMrktNews/ REJECT Body-Spamschutzregel 1030 +/China Media Crop OTC.BB CHMD/ REJECT Body-Spamschutzregel 1029 +/Weltweit gilt das nummerierte TAN-Verfahren als eines der sicherste/ REJECT Body-Spamschutzregel 1028: Postbank-Pishing +/^Marion Beckera/ REJECT Body-Spamschutzregel 1027 +/Zwecks abschließende Zustimmung für deine Verhandlung zur/ REJECT Body-Spamschutzregel 1026 +/annullieren deine on-line Übertragung® Dienstleistungen./ REJECT Body-Spamschutzregel 1025 +/www.internetloginuser.info/ REJECT Body-Spamschutzregel 1024 +/realsevgi.com/ REJECT Body-Spamschutzregel 1023 +/Um mich zu entlasten, schicke ich Ihnen das (...) Foto wieder zurück./ REJECT Body-Spamschutzregel 1022 +/Oder Ihr Provider hat die Mail falsch weiter geleitet!?/ REJECT Body-Spamschutzregel 1021 +/Versatel-Attachment-Warning.txt/ REJECT Body-Spamschutzregel 1020 +/www=2Eanaforturizm=2Ecom/ REJECT Body-Spamschutzregel 1019 +/www.anaforturizm.com/ REJECT Body-Spamschutzregel 1018 +/The Jpberlin Support Team/ REJECT Body-Spamschutzregel 1017: Pishing-Mails +/^jpberlin.de support team\./ REJECT Body-Spamschutzregel 1016: Pishing-Mails +/You have successfully updated the password of your Jpberlin account/ REJECT Body-Spamschutzregel 1015 +/www.ru4mailnow.com/ REJECT Body-Spamschutzregel 1014 +/EXPLOSIVE PICK FOR OUR MEMBERS/ REJECT Body-Spamschutzregel 1013 +/AntiVirus-System: Kein Virus erkannt/ REJECT Body-Spamschutzregel 1012 +/--- FIFA Fussball-Weltmeisterschaft 2006/ REJECT Body-Spamschutzregel 1011 +/ankara@ankararentacar.de/ REJECT Body-Spamschutzregel 1010 +/Replica Watch Models/ REJECT Body-Spamschutzregel 1009 +/Diadem Travel/ REJECT Body-Spamschutzregel 1008 +/Let the search engine experts compete/ REJECT Body-Spamschutzregel 1007 +/Wenn du sonst noch helfen willst, dann verschick diese Nachricht einfach so oft du willst./ REJECT Body-Spamschutzregel 1006 +/http:\/\/www.ehmig.net\/web_mailer/ REJECT Body-Spamschutzregel 1005 +/http:\/\/real.slon.biz/ REJECT Body-Spamschutzregel 1004 +#/im Zusammenhang mit dem Arbeitslosengeld II/ REJECT Body-Spamschutzregel 1003 +/www.inverz.org/ REJECT Body-Spamschutzregel 1002 +/www.inverz.net/ REJECT Body-Spamschutzregel 1001 + + + + + + +/We recommend you to follow the instructions in order to keep your computer safe./ REJECT Body-Spamschutzregel 1 +/Sieh Dir einfach mal ein Video an und mach dann gleich ein Treffen/ REJECT Body-Spamschutzregel 2 +#/money.*back.*guarant/ REJECT Body-Spamschutzregel 3 +/ CIALIS / REJECT Body-Spamschutzregel 4 +/www.galamed.biz/ REJECT Body-Spamschutzregel 5 +/Starts working in less than 15 min./ REJECT Body-Spamschutzregel 6 +/Adipren720/ REJECT Body-Spamschutzregel 7 +/www.lending-home.com/ REJECT Body-Spamschutzregel 8 +/bigbonus-casino.com/ REJECT Body-Spamschutzregel 9 +/Ich hab die ultimative Seite.*dich, klick doch mal an!/ REJECT Body-Spamschutzregel 10 +/www.server42.com/ REJECT Body-Spamschutzregel 11 +/seo-profits.com/ REJECT Body-Spamschutzregel 12 +/Have a great web site, but no one knows it even/ REJECT Body-Spamschutzregel 13 +/REVERZ.*D-INFO/ REJECT Body-Spamschutzregel 14 +/D-INFO.*REVERZ/ REJECT Body-Spamschutzregel 15 +/greatmaleenhancement.biz/ REJECT Body-Spamschutzregel 16 +/ Xanax / REJECT Body-Spamschutzregel 17 +/Vic(o|0)din/ REJECT Body-Spamschutzregel 18 +/Hydr(o|0)c(o|0)d(o|0)ne/ REJECT Body-Spamschutzregel 19 +/ V1agra / REJECT Body-Spamschutzregel 20 +/warehousefull.com/ REJECT Body-Spamschutzregel 21 +/No doctor visit needed/ REJECT Body-Spamschutzregel 22 +/KLICKTEL KENNT SIE!/ REJECT Body-Spamschutzregel 23 +/^www.femo-online.de/ REJECT Body-Spamschutzregel 24 +/www.land-ua.com/ REJECT Body-Spamschutzregel 25 +/Come to Loqozine/ REJECT Body-Spamschutzregel 26 +/^<center><.*a href=.*img src=.*border.*><\/a><\/center>$/ REJECT Body-Spamschutzregel Check 27 +/www.gord.us/ REJECT Body-Spamschutzregel 28 +/www.reverz.org/ REJECT Body-Spamschutzregel 29 +/wonderfulaction.com/ REJECT Body-Spamschutzregel 30 +/At our pharmacy we offer/ REJECT Body-Spamschutzregel 31 +/Was ist besser als eine fette Ladung Sahne/ REJECT Body-Spamschutzregel 32 +/www.surerxmed.com/ REJECT Body-Spamschutzregel 33 +/www.surerxpills.com/ REJECT Body-Spamschutzregel 34 +/www.stifyems.com/ REJECT Body-Spamschutzregel 35 +/www.diatrus.com/ REJECT Body-Spamschutzregel 36 +/CITYNETT-NEWSLETTER/i REJECT Body-Spamschutzregel 37 +/Note: *Use *password/ REJECT Body-Spamschutzregel 38 +/ will be disabled because of improper using/ REJECT Body-Spamschutzregel 39 +/i.*don.*like.*the*.plaintext/ REJECT Body-Spamschutzregel 40 +/archive *password/ REJECT Body-Spamschutzregel 41 +# /The *Attac..* *team/ REJECT Body-Spamschutzregel 42 +/The *Attac.org *team/ REJECT Body-Spamschutzregel 43 +/The *Attac.de *team/ REJECT Body-Spamschutzregel 44 +/The *Attac-netzwerk.de *team/ REJECT Body-Spamschutzregel 45 +/The *Jpberlin.de *team/ REJECT Body-Spamschutzregel 46 +/Our main mailing server/ REJECT Body-Spamschutzregel 47 +/please update your profile at Billing Center/ REJECT Body-Spamschutzregel 48 +/WSEAS will reply to you/ REJECT Body-Spamschutzregel 49 +/de.componentsengine.net/ REJECT Body-Spamschutzregel 50 +/List von Components Engine eingetragen/ REJECT Body-Spamschutzregel 51 +/The Weekend Pill - Xialis is safer, quicker, lasts longers/ REJECT Body-Spamschutzregel +/Muzenda der �teste Sohn von Paul Muzenda bin , einem Farmer in Simba/ REJECT Body-Spamschutzregel 53 +/Alles fr die Autorennbahn/ REJECT Body-Spamschutzregel 54 +/Der Wurm nennt sich selbst "ODIN" und konnte sich bist jetzt/ REJECT Body-Spamschutzregel 55 +/NICHT ABHEBEN, SONDERN SOFORT ABWEISEN/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 56 +/Es ist ein Virus, welcher alle IMEI und IMSI Daten/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 57 +/Der Meister unter den Druckprogrammen: PRINTMASTER 8 GOLD/ REJECT Body-Spamschutzregel 58 +/Stellen Sie sich vor, Sie kaufen ein Produkt oder eine Dienstleistung im/ REJECT Body-Spamschutzregel 59 +/So finden Sie blitzschnell den NAMEN und ADRESS-EINTRAG zu jeder/ REJECT Body-Spamschutzregel 60 +/^TVqQAAMAAAAEAAAA\/\/8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA$/ REJECT Body-Spamschutzregel Due to recent virus attacks, we temporarily block all Win32 executable files. Please re-send your attachment in a compressed (tar, zip, rar, etc.) form. Your message has NOT been delivered. 61 +/eptember 2003, Cumulative Patch/ REJECT Body-Spamschutzregel 62 +/Ich bin gerade vor einem neuen.*sehr gef�rlichen V.rus gewarnt/ REJECT Body-Spamschutzregel 63 +/^RSLxwtYBDB6FCv8ybBcS0zp9VU5of3K4BXuwyehTM0RI9IrSjVuwP94xfn0wgOjouKWzGXHVk3qg$/ REJECT Body-Spamschutzregel This is a Sobig-Worm! 64 +/exklusives virtuelles Gratis-Rubbellos welches Sie gleich jetzt live mit/ REJECT Body-Spamschutzregel 65 +/Willkommen beim Lucky7Casino/ REJECT Body-Spamschutzregel 66 +/heutzutage spielen Kontakte und Adressdaten eine immer wichtigere Rolle./ REJECT Body-Spamschutzregel 67 +/REVERZ anhand des Datenbestands der D-Info den gesuchten/ REJECT Body-Spamschutzregel 68 +/www.privatseitennetz.com/ REJECT Body-Spamschutzregel 69 +/Outlook and Outlook Express as well as five newly/ REJECT Body-Spamschutzregel 70 +/delog@cip.informatik.uni-wuerzburg.de/ REJECT Body-Spamschutzregel 71 +/credit.hostfree2003.com/ REJECT Body-Spamschutzregel 72 +/www.mediabiz.de.ewmail/ REJECT Body-Spamschutzregel 73 +/Want to boost your sales with Internet/ REJECT Body-Spamschutzregel 74 +/talente.tripod.com.br/ REJECT Body-Spamschutzregel 75 +/schlechte Schufa-Auskunft? Bonit�sprobleme? Dann w�len Sie doch/ REJECT Body-Spamschutzregel 76 +/Diese Liste von Banken, Sparkassen Volks- und Raiffeisenbanken OHNE Schufa-Anschluss finden Sie nicht/ REJECT Body-Spamschutzregel 77 +/Gute Nachrichten. Gerade habe ich die geile \"FickShow\" gefunden:/ REJECT Body-Spamschutzregel 78 +/Gute Nachrichten. Gerade habe ich die geile "FickShow" gefunden:/ REJECT Body-Spamschutzregel 79 +/Create Professional 3D Page-Tuning/ REJECT Body-Spamschutzregel 80 +/SEXKONTAKTE ONLINE/ REJECT Body-Spamschutzregel 81 +/FREE Access to.*adult.*sites/i REJECT Body-Spamschutzregel 82 +/web-supermarket.com/i REJECT Body-Spamschutzregel 83 +/Wir haben ihre Adresse durch eines unserer Partnerunternehmen/ REJECT Body-Spamschutzregel 84 +/Wir haben ihre Adresse.*Partnerunternehmen/i REJECT 85 +/herbal-place.com/ REJECT Body-Spamschutzregel 86 +/GIO DIET-CAPS greifen hier ein durch:/ REJECT Body-Spamschutzregel 87 +/These are Free Cash Grants That you NEVER have to repay/ REJECT Body-Spamschutzregel 88 +/Wir haben unseren Zugang neu upgedadet/ REJECT Body-Spamschutzregel 89 +/Jemand der Dich sehr gut kennt wuerde gern ein Treffen mit Dir/i REJECT Body-Spamschutzregel 90 +/Wenn Du wissen willst wer Dich treffen moechte/i REJECT Body-Spamschutzregel 91 +/You Have Won a FREEE/i REJECT Body-Spamschutzregel 93 +/Click Here For All Your Favorite Pornstars/i REJECT Body-Spamschutzregel 94 +/Year the U.S. Government Gives away BILLIONS in cash grants/i REJECT Body-Spamschutzregel 95 +/Banken ohne Schufa-Auskunft/i REJECT Body-Spamschutzregel 96 +/Probleme mit der Schufa/i REJECT Body-Spamschutzregel 97 +/Laden Sie sich jetzt unsere kostenlose Zugangssoftware runter/ REJECT Body-Spamschutzregel 98 +/Genocide Is A Black-And-White Concept/ REJECT Body-Spamschutzregel 99 +/So viele Wuensche auf einmal/ REJECT Body-Spamschutzregel 100 +/diese Mail ist kein SPAM/i REJECT Body-Spamschutzregel 101 +/Sch.*ne Gr.*e von Lucky Casino/ REJECT Body-Spamschutzregel 102 +/Weil Sie oder ein anderer bei Lucky Casino/i REJECT Body-Spamschutzregel 103 +/Endlich habe ich Deine E-Mail Adresse wieder gefunden, das hat aber/i REJECT Body-Spamschutzregel 104 +/galerie kurt im hirsch/ REJECT Body-Spamschutzregel +/X-MS_Scanner: Kein Virus erkannt/ REJECT Body-Spamschutzregel Sober-Wurmsignatur +/Anti_Virus Service/ REJECT Body-Spamschutzregel Sober-Wurmsignatur + +# +# Checks gesammelt aus dem Netz von +# http://www.hispalinux.es/~data/postfix/ +# +/.*www\.removeyou\.com.*/ REJECT Body-Spamschutzregel 110 +/.*waterforge\.com.*/ REJECT Body-Spamschutzregel 111 +/.*capitalwave\.com\?subject=Please*/ REJECT Body-Spamschutzregel 112 +/\.virtmundo\.com/ REJECT Body-Spamschutzregel 113 +#/Accept Credit Cards/ REJECT Body-Spamschutzregel 114 +/Nude Celebrities/ REJECT Body-Spamschutzregel 115 +/PRODUCT or SERVICE/i REJECT Body-Spamschutzregel 116 +# /GUARANTEED!/ REJECT Body-Spamschutzregel 117 +/Amateur Girls/ REJECT Body-Spamschutzregel 118 +#/FREE MEMBERSHIP/ REJECT Body-Spamschutzregel 119 +#/bizinfo/ REJECT Body-Spamschutzregel 120 +# block iframe hack 122 +/<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>/ REJECT Body-Spamschutzregel 123 +# some porn spam phrases 125 +/^Big tit lovers unite\.$|\bcum.?(shoo?ts|slurp)|swallow(ing)? cum\b|\bcum\b.*swallow(ing)?|\b(ass|arse).?fucking|(tight|wet|shaved|young|teen)+ pussy|fuck.?fest|pussy.?juice|\bcum all over|compulsive masturbators agree|explicit hardcore|(nasty|teen).*\bsluts?|You received this mail because our records show that you have asked to receive|(TEEN|ANAL) FUCK SITE|delete this mail( now)? if (you|u) do not want porn|HARDCORE PORN|HORNY FARMGIRLS/ REJECT Body-Spamschutzregel 126 +# some nigerian scam phrases 128 +/^Dear.*(Fellow.*Entrepreneur|Achiever|adult.*webmaster|Internet.*user|Future.*Millionaire)/ REJECT Body-Spamschutzregel 129 +# Wg. Postfiy-Problem auskommentiert?! 130 +#/(Dan Dakova|(TO|Attn *)[;:]? *(The )?President *\/ *C\.?E\.?O\.?|STRICTLY CONFIDENTIAL BUSINESS PROPOSAL|MR(?:\.|=2e)? PATRICE MILLER|President of Crane International Trading Corp(?:\.|=2e)|44-775-281-5820|44-7799289001|44-7092374892|44-7092343325|JOSEPH NWOSU|HARRY KONGOLO|JAMES GIWA|(Umaru|Aminatou) Hamidu|PERSONAL AND STRICTLY CONFIDENTIAL|It is with my profound dignity that I write you this very important|REQUEST FOR URGENT BUSINESS|Marshall Kabba|WITH DUE RESPECT AND HUMIILITY I WRITE YOU|I GOT YOUR CONTACT THROUGH INTERNATIONAL BUSINESS|Your contact address got to me through the Internet|MOHAMMED(?:\.|=2e)?\s?ABACHA|will forward to you a duly signed POWER OF ATTORNEY|Edith M(?:\.|=2e)? Koromah|I must solicit your strictest confidence in this transaction|MRS(?:\.|=2e)? ?M.? ?SESE-SEKO|WIDOW OF LATE PRESIDENT MOBUTU|ATTN:\s*MANAGING DIRECTOR|PERMIT ME TO INFORM YOU OF MY DESIRE OF GOING INTO|MR MOMADOU LEY|I AM BARRISTER ABDULKARIMI A(?:\.|=2e)? BRUME|^\s*ATTN\s*;\s*$|BRAM KHUMALO|(Sandra|Jonas) Savimbi|Million\b.{0,40}\b(?:United States? Dollars?|USD)|BASED ON INFORMATION GATHERED ABOUT YOU|POSITION TO HELP US IN TRANSFER|Government of Nigeria|NIGERIAN? NATIONAL|Nigerian? Government|Bank of Nigeria|Mpeti Kabila|President LAURENT DESIRE KABILA|CLEMENT OSHODI|URGENT & CONFIDENTIAL BUSINESS PROPOSAL|DEPARMENT OF PETROLEUM RESOURCES|Federal Ministry of works and Housing in Nigeria|Director of Contracts and Finance Allocation|CHIENCHEN YU|Dangote Ahmed|CHRIS KAASA|I WAIT YOUR URGENT RESPONSE|PRESIDENT DAWUDU JAWARA|JAMES ADELEKE|I am soliciting your involvement in a business|MIRIAM ABACHA|wife of the (?:late )?Nigeria|Kamuzu Thandiwe)/ REJECT Body-Spamschutzregel 131 +# misc spam phrases 133 +/(Kathmandu Temple Kiff|Do You Have The Yen To Be a A Millionaire\?|This message is brought to you by BerryTrim Affiliate|A \$5,000 Investment in the Euro vs the dollar, "?properly positioned"?|Reply( back)? with "?remove"? in( the)? subject line|To be removed (send e?-?mail|from further mailings)|If you have the staff to field the leads I can generate|Do you need more Traffic to your website\?|herbal viagra)/ REJECT Body-Spamschutzregel 134 +# Covers off most of the double extension virus attachments- more you have 140 +# in one line the more efficient it is 141 +/^Content-Disposition: attachment;filename=".*\.(doc|zip|exe|xls|jpg|gif)\.(pif|bat|com|exe|lnk)"$/ REJECT Body-Spamschutzregel 142 +/^Content-Disposition: attachment;filename=.*\.(doc|zip|exe|xls|jpg|gif)\.(pif|bat|com|exe|lnk)$/ REJECT Body-Spamschutzregel 143 +/(filename|name)="(WTC|wtc|README)\.EXE"/ REJECT Body-Spamschutzregel 145 +/(filename|name)="(Happy99|Navidad|prettypark|pretty park|zipped_files|flcss|Msinit|wininit|msi216|readme|README|Avp_updates|Qi_test|Anti_cih)\.exe"/ REJECT Body-Spamschutzregel 146 +/(filename|name)="(dhcp*|Emanuel|kmbfejkm|NakedWife|Seicho_no_ie|JAMGCJJA|Sulfnbk)\.exe"/ REJECT Body-Spamschutzregel 147 +/(kak|day)\.(reg|hta)/ REJECT Body-Spamschutzregel 148 +/to be removed[,]* please click.*link/ REJECT Body-Spamschutzregel 151 +# /to be removed[,]* from (the|my|our) (mailing|email|e-mail)*[ ]*list/ REJECT Body-Spamschutzregel 152 +/to be removed[,]* from.*(mailings|offers)/ REJECT Body-Spamschutzregel 153 +/to be removed[,]* from the list send a blank email/ REJECT Body-Spamschutzregel 154 +/to be removed[,]* [e]*[-]*mail.*with/ REJECT Body-Spamschutzregel 155 +/to remove[,]* please send a blank email/ REJECT Body-Spamschutzregel 156 +#/remove yourself from this list/ REJECT Body-Spamschutzregel 157 +/removed from our mail agents/ REJECT Body-Spamschutzregel 158 +/to remove yourself immediately/ REJECT Body-Spamschutzregel 159 +/to remove yourself from future/ REJECT Body-Spamschutzregel 160 +/Rem[o]*ve me fro[nm] any (furhter|further) mailings/ REJECT Body-Spamschutzregel 161 +/remove yourself from any future mailings/ REJECT Body-Spamschutzregel 162 +/to no longer receive this message reply/ REJECT Body-Spamschutzregel 163 +/to no longer receive messages click the link/ REJECT Body-Spamschutzregel 164 +/to no longer receive messages please click the link/ REJECT Body-Spamschutzregel 165 +/our broadcast email software/ REJECT Body-Spamschutzregel 166 +/there are no federal regulations or laws on (email|e-mail) advertising/ REJECT Body-Spamschutzregel 167 +/to receive (no|any) (further|future) (offers|mailings)/ REJECT Body-Spamschutzregel 168 +/do not wish to receive future (e-mail|email)/ REJECT Body-Spamschutzregel 169 +# /do not wish to receive (e-mail|email)/ REJECT Body-Spamschutzregel 170 +/unsubscribe from Virtumundo Rewards/ REJECT Body-Spamschutzregel 171 +/if you do not wish to receive email from me/ REJECT Body-Spamschutzregel 172 +/reply with the word remove in the subject line/ REJECT Body-Spamschutzregel 173 +/reply address on this email was active at the time this email was sent/ REJECT Body-Spamschutzregel 174 +/not a registered investment advisor/ REJECT Body-Spamschutzregel 175 +/sent by corporate micro mail manager/ REJECT Body-Spamschutzregel 176 +/to be stop future mailings/ REJECT Body-Spamschutzregel 177 +/to stop future mailings/ REJECT Body-Spamschutzregel 178 +/to be taken off the mailing list please click below/ REJECT Body-Spamschutzregel 179 +/sent to you in compliance (with|of)/ REJECT Body-Spamschutzregel 180 +/sent in compliance (with|of)/ REJECT Body-Spamschutzregel 181 +/compliance with the current federal legislation/ REJECT Body-Spamschutzregel 182 +/comply with proposed federal legislation/ REJECT Body-Spamschutzregel 183 +/permanently (deleted|removed) from our (database|list)/ REJECT Body-Spamschutzregel 184 +/to be removed your email from our mailing list/ REJECT Body-Spamschutzregel 185 +/this mailing is done by an independent marketing/ REJECT Body-Spamschutzregel 186 +/this[ ]*message[ ]*is[ ]*being[ ]*sent[ ]*in[ ]*full[ ]*compliance/ REJECT Body-Spamschutzregel 187 +/this is a one[-\ ]*time (email|e-mail|mailing|offer)/ REJECT Body-Spamschutzregel 188 +/Under Bill s.1618/ REJECT Body-Spamschutzregel 189 +/cannot be considered spam/ REJECT Body-Spamschutzregel 190 +/cannot be considered as spam/ REJECT Body-Spamschutzregel 191 +/(respect|honor|honour) all removal requests/ REJECT Body-Spamschutzregel 192 +/no longer wish to receive these offers/ REJECT Body-Spamschutzregel 193 +/you will not receive this offer again/ REJECT Body-Spamschutzregel 194 +/this is not an unsolicited mail/ REJECT Body-Spamschutzregel 195 +/this email has not been sent to you unsolicited/ REJECT Body-Spamschutzregel 196 +/has not been sent unsolicited/ REJECT Body-Spamschutzregel 197 +#/(wish|would) to be removed from (our|the)/ REJECT Body-Spamschutzregel 199 +/all removes (honored|honoured)/ REJECT Body-Spamschutzregel 200 +/To[ ]+remove[ ]+.*@excite.com/ REJECT Body-Spamschutzregel 201 +/to[ ]+be[ ]+removed[ ]+.*@excite.com/ REJECT Body-Spamschutzregel 202 +/removemenow@excite.com/ REJECT Body-Spamschutzregel 204 +/1800cruisesandtours\.com/ REJECT Body-Spamschutzregel 205 +/freewebdirect\.net/ REJECT Body-Spamschutzregel 206 +/new-herbalway\.com/ REJECT Body-Spamschutzregel 207 +/advantagesweb\.com/ REJECT Body-Spamschutzregel 208 +/phytohealing\.com/ REJECT Body-Spamschutzregel 209 +/tradersprophet\.com/ REJECT Body-Spamschutzregel 210 +/ugot2see\.com/ REJECT Body-Spamschutzregel 211 +/hotlatinparadise\.com/ REJECT Body-Spamschutzregel 212 +/pearlgolf\.com/ REJECT Body-Spamschutzregel 213 +/halloweenomania\.com/ REJECT Body-Spamschutzregel 214 +/gofortuneonline\.com/ REJECT Body-Spamschutzregel 215 +/scantexas\.com/ REJECT Body-Spamschutzregel 216 +/buildreferrals\.com/ REJECT Body-Spamschutzregel 217 +/removeyou\.com/ REJECT Body-Spamschutzregel 218 +/cashbackmall\.com/ REJECT Body-Spamschutzregel 219 +/pageitnow\.net/ REJECT Body-Spamschutzregel 220 +/easycream\.com/ REJECT Body-Spamschutzregel 221 +/optinrealbig\.com/ REJECT Body-Spamschutzregel 222 +/realgreatgifts\.com/ REJECT Body-Spamschutzregel 223 +/realcheapgifts\.com/ REJECT Body-Spamschutzregel 224 +/pillsofpleasure\.com/ REJECT Body-Spamschutzregel 225 +/greathealthpills\.com/ REJECT Body-Spamschutzregel 226 +/saverealbigdeals\.com/ REJECT Body-Spamschutzregel 227 +/saverealbigstore\.com/ REJECT Body-Spamschutzregel 228 +/realbigwinners\.com/ REJECT Body-Spamschutzregel 229 +/saverealbig\.com/ REJECT Body-Spamschutzregel 230 +/extremetraffic_rem@excite\.com/ REJECT Body-Spamschutzregel 232 +/tccoptin@yahoo\.com/ REJECT Body-Spamschutzregel 233 +/tccoptout@yahoo.com/ REJECT Body-Spamschutzregel 234 +/stop026@excite\.com/ REJECT Body-Spamschutzregel 235 +/pleasestopsending@hotmail.com/ REJECT Body-Spamschutzregel 236 +/viperdrawing@winning.com/ REJECT Body-Spamschutzregel 237 +/mailto:.*\@.*\?subject\=(3D)*(remove|removeme|pleasedelete|pleaseremove|deleteme)+/ REJECT Body-Spamschutzregel 238 +/StudioPros/ REJECT Body-Spamschutzregel 240 +/universal advertising systems/ REJECT Body-Spamschutzregel 241 +/androstenone pheromone concentrate/ REJECT Body-Spamschutzregel 242 +/message was sent by a[n]* independent advertising company/ REJECT Body-Spamschutzregel 243 +/amazing cash products/ REJECT Body-Spamschutzregel 244 +/penis.*growth/ REJECT Body-Spamschutzregel 245 +/vortex[ ]+supplies/ REJECT Body-Spamschutzregel 246 +/international trade sources llc/ REJECT Body-Spamschutzregel 247 +/postmasterdirect inc/ REJECT Body-Spamschutzregel 248 +/free no obligation consultation/ REJECT Body-Spamschutzregel 249 +/voted sex[-\ ]server on the web/ REJECT Body-Spamschutzregel 250 +/get back.*years of your income taxes/ REJECT Body-Spamschutzregel 251 +/click here for your free quote/ REJECT Body-Spamschutzregel 252 +/click here to be (permanently)* ?(removed|deleted)/ REJECT Body-Spamschutzregel 253 +/to unsubscribe do nothing/ REJECT Body-Spamschutzregel 254 +/OTCBB Stock Alert/ REJECT Body-Spamschutzregel 255 +/apparently you have filled out an online form/ REJECT Body-Spamschutzregel 257 +/list management software will not know/ REJECT Body-Spamschutzregel 258 +/message will only be sent once/ REJECT Body-Spamschutzregel 259 +/found this company on the internet/ REJECT Body-Spamschutzregel 260 +/you will not receive any future mailings/ REJECT Body-Spamschutzregel 261 +/all removal requests are (honored|honoured)/ REJECT Body-Spamschutzregel 262 +/you will be removed from our mailing[ ]*list and receive no further information from us/ REJECT Body-Spamschutzregel 263 +/we include contact information and a method to be removed from our mailing[ ]*list/ REJECT Body-Spamschutzregel 264 +/there is no need to unsubscribe/ REJECT Body-Spamschutzregel 265 +/I have made every attempt to target this message/ REJECT Body-Spamschutzregel 266 +/If you do not wish to be on our list then click here/ REJECT Body-Spamschutzregel 267 +/If you are not interested in receiving information/ REJECT Body-Spamschutzregel 268 +/your request will be (honored|honoured) with prompt removal/ REJECT Body-Spamschutzregel 269 +/if you feel you got this e[-]*mail by mistake/ REJECT Body-Spamschutzregel 270 +/to have us permanently remove you from our list/ REJECT Body-Spamschutzregel 271 +/we guarantee you will not receive any future e[-]*mails from us/ REJECT Body-Spamschutzregel 272 +/if you would rather not receive future e[-]*mails/ REJECT Body-Spamschutzregel 273 +/we do not intend to send any future e[-]*mails/ REJECT Body-Spamschutzregel 274 +/further emailing to you by the of this email may be stopped/ REJECT Body-Spamschutzregel 275 +/by the of this email may be stopped/ REJECT Body-Spamschutzregel 276 +/receiving this e[-]*mail because you opted[-\ ]in/ REJECT Body-Spamschutzregel 277 +/this email has been sent to you because someone at this e[-]*mail address/ REJECT Body-Spamschutzregel 278 +/to have your name removed from our email database/ REJECT Body-Spamschutzregel 279 +/stopped at no cost to you by sending a reply to this e[-]*mail address/ REJECT Body-Spamschutzregel 280 +/this message is an advertisement/ REJECT Body-Spamschutzregel 281 +/immediately removed from receiving any more information/ REJECT Body-Spamschutzregel 282 +/would not like to receive future messages/ REJECT Body-Spamschutzregel 283 +/tell us you would not like to continue to receive such e[-]*mails/ REJECT Body-Spamschutzregel 284 +/advertise your product or service using bulk email services/ REJECT Body-Spamschutzregel 285 +/You have been specially selected to qualify/ REJECT Body-Spamschutzregel 286 +/while working from the privacy of your own home/ REJECT Body-Spamschutzregel 287 +/e[-]*mail messages may be stopped/ REJECT Body-Spamschutzregel 288 +/list removal\/opt[-\ ]*out/ REJECT Body-Spamschutzregel 289 +/this is a no obligation qualification form/ REJECT Body-Spamschutzregel 290 +/please notify the sender immediately with .*remove/ REJECT Body-Spamschutzregel 291 +/home[-\ ]based income opportunity/ REJECT Body-Spamschutzregel 292 +/(filename|name)="(Happy99|Navidad|prettypark)\.exe"/ REJECT Body-Spamschutzregel 294 +/(filename|name)="(pretty park|zipped_files|flcss)\.exe"/ REJECT Body-Spamschutzregel 295 +/(filename|name)="(Msinit|wininit|msi216|CFGWIZ31)\.exe"/ REJECT Body-Spamschutzregel 296 +/(filename|name)="(Avp_updates|Qi_test|Anti_cih)\.exe"/ REJECT Body-Spamschutzregel 297 +/(filename|name)="(Emanuel|kmbfejkm|NakedWife|Readme|readme)\.exe"/ REJECT Body-Spamschutzregel 298 +/(filename|name)="(Seicho_no_ie|JAMGCJJA|Sulfnbk|QuickLnk)\.exe"/ REJECT Body-Spamschutzregel 299 +/(filename|name)="(Readme|readme)\.eml"/ REJECT Body-Spamschutzregel 300 +/(kak|day)\.(reg|hta)/ REJECT Body-Spamschutzregel 302 +/Rem I am sorry/ REJECT Body-Spamschutzregel 303 +/Te mando este archivo para que me des tu punto de vista/ REJECT Body-Spamschutzregel 304 +/I send you this file in order to have your advice/ REJECT Body-Spamschutzregel 305 +/Espero me puedas ayudar con el archivo que te mando/ REJECT Body-Spamschutzregel 306 +/Espero te guste este archivo que te mando/ REJECT Body-Spamschutzregel 307 +/Este es el archivo con la informaci� que me pediste/ REJECT Body-Spamschutzregel 308 +/I hope you can help me with this file that I send/ REJECT Body-Spamschutzregel 309 +/I hope you like the file that I send you/ REJECT Body-Spamschutzregel 310 +/This is the file with the information that you ask for/ REJECT Body-Spamschutzregel 311 +/0 Business Fax Numbers/ REJECT Body-Spamschutzregel 314 +/1[-\ ]Time Mailling/ REJECT Body-Spamschutzregel 315 +/30 day money back guarantee/ REJECT Body-Spamschutzregel 316 +/A New Loan Makes Sense/ REJECT Body-Spamschutzregel 317 +/Advertise your product or service/ REJECT Body-Spamschutzregel 318 +/Aging While Burning Fat/ REJECT Body-Spamschutzregel 319 +/Amazing cash products/ REJECT Body-Spamschutzregel 320 +/Androstenone/ REJECT Body-Spamschutzregel 321 +/Attract Members of The Opposite/ REJECT Body-Spamschutzregel 322 +/Automatic Stock Picking Software/ REJECT Body-Spamschutzregel 323 +/Bad Credit Is History/ REJECT Body-Spamschutzregel 324 +/Banner Advertising Price/ REJECT Body-Spamschutzregel 325 +/Barnyard Fucking/ REJECT Body-Spamschutzregel 326 +/BEAUTIFUL Women On The Web/ REJECT Body-Spamschutzregel 327 +/Because Our Records Indicate That You Are A/ REJECT Body-Spamschutzregel 328 +# /Because You Agree/ REJECT Body-Spamschutzregel 329 +/Because You Have Subscribed To One Of Our/ REJECT Body-Spamschutzregel 330 +#/Because You Registered/ REJECT Body-Spamschutzregel 331 +/Because You Signed Up At One/ REJECT Body-Spamschutzregel 332 +/Best Porn/ REJECT Body-Spamschutzregel 333 +/Buy Preforeclosure Houses/ REJECT Body-Spamschutzregel 334 +/Cable TV Descrambler/ REJECT Body-Spamschutzregel 335 +/Cannot be Considered Spam/ REJECT Body-Spamschutzregel 336 +/Cannot be Considered As Spam/ REJECT Body-Spamschutzregel 337 +/Caso nao desejar receber este tipo de email novamente/ REJECT Body-Spamschutzregel 338 +/Click Here For Your Free Quote/ REJECT Body-Spamschutzregel 339 +/Click Here To Avoid This In The Future/ REJECT Body-Spamschutzregel 340 +/Compliance with the current federal legislation/ REJECT Body-Spamschutzregel 341 +/Copy DVD Movies/ REJECT Body-Spamschutzregel 343 +/Creating Immediate Wealth/ REJECT Body-Spamschutzregel 344 +/Cum Shots/ REJECT Body-Spamschutzregel 345 +/Dear Future/ REJECT Body-Spamschutzregel 348 +#/Dear Entrepreneur/ REJECT Body-Spamschutzregel 349 +/Debt Consolidation/ REJECT Body-Spamschutzregel 350 +/Do You Want Financial/ REJECT Body-Spamschutzregel 351 +/Don't Need A Prescription/ REJECT Body-Spamschutzregel 352 +/E[-\ ]Mail Bill Section 301/ REJECT Body-Spamschutzregel 353 +/Earn A Full Time Income/ REJECT Body-Spamschutzregel 354 +/Easily Lose Weight/ REJECT Body-Spamschutzregel 355 +/Equalamail/ REJECT Body-Spamschutzregel 356 +/Email Bill Section 301/ REJECT Body-Spamschutzregel 357 +/Erotic Travel Guide/ REJECT Body-Spamschutzregel 358 +/Fat Blocker/ REJECT Body-Spamschutzregel 359 +/Fellow Internet entrepeneur/ REJECT Body-Spamschutzregel 360 +/Figure Income Earners/ REJECT Body-Spamschutzregel 361 +/Find Out Anything About Anyone/ REJECT Body-Spamschutzregel 362 +/Fix Your Credit/ REJECT Body-Spamschutzregel 363 +/Found this company on the internet/ REJECT Body-Spamschutzregel 364 +/Free Bulk Email/ REJECT Body-Spamschutzregel 365 +/Free Direct Email/ REJECT Body-Spamschutzregel 367 +/Free Multiple Moving Cost/ REJECT Body-Spamschutzregel 368 +/Free no obligation/ REJECT Body-Spamschutzregel 369 +/Free Private Webcam/ REJECT Body-Spamschutzregel 370 +/Free S e x/ REJECT Body-Spamschutzregel 371 +/Free Sex/ REJECT Body-Spamschutzregel 372 +/Free Vacation Giveaway/ REJECT Body-Spamschutzregel 373 +/Free XXX/ REJECT Body-Spamschutzregel 374 +/From A Concerned Gas User/ REJECT Body-Spamschutzregel 375 +/Get back.*years of your income taxes/ REJECT Body-Spamschutzregel 376 +/Government Grants E-Book/ REJECT Body-Spamschutzregel 377 +/GROWTH HORMONE RELEASER/ REJECT Body-Spamschutzregel 378 +/Hardcore Animal Action/ REJECT Body-Spamschutzregel 379 +/Hardcore Barnyard/ REJECT Body-Spamschutzregel 380 +/Hardcore Fist/ REJECT Body-Spamschutzregel 381 +/Hardcore Fucking/ REJECT Body-Spamschutzregel 382 +/Home[-\ ]based income opportunity/ REJECT Body-Spamschutzregel 383 +/Has not been sent unsolicited/ REJECT Body-Spamschutzregel 384 +/I Will Personally Show You How/ REJECT Body-Spamschutzregel 385 +/Independent advertising company/ REJECT Body-Spamschutzregel 386 +/Incredible Life Changing/ REJECT Body-Spamschutzregel 387 +/It Has Been Going Since/ REJECT Body-Spamschutzregel 388 +/Hardcore Animal/ REJECT Body-Spamschutzregel 389 +/Hardcore Fucking/ REJECT Body-Spamschutzregel 390 +/Hardcore Teens/ REJECT Body-Spamschutzregel 391 +/Hardcore Unsuspecting/ REJECT Body-Spamschutzregel 392 +/Has not been sent to you unsolicited/ REJECT Body-Spamschutzregel 393 +/Hear About Future Offers From Us/ REJECT Body-Spamschutzregel 394 +/Hear About Offers From Us/ REJECT Body-Spamschutzregel 395 +/Hot Horny Girls/ REJECT Body-Spamschutzregel 396 +/Hot Young Nasty/ REJECT Body-Spamschutzregel 397 +/Huge Wild Animals/ REJECT Body-Spamschutzregel 398 +/Improve Sexual Vigor/ REJECT Body-Spamschutzregel 399 +#/If you no longer wish to receive/ REJECT Body-Spamschutzregel 400 +/If you prefer not to receive future emails/ REJECT Body-Spamschutzregel 401 +/I'm a total exibitionist/ REJECT Body-Spamschutzregel 402 +/Im a total exibitionist/ REJECT Body-Spamschutzregel 403 +/In Compliance With The New E[-\ ]Mail Bill/ REJECT Body-Spamschutzregel 404 +#/Interest rates are rising/ REJECT Body-Spamschutzregel 405 +/Just ONE click away from showing you/ REJECT Body-Spamschutzregel 406 +/Lender referral service/ REJECT Body-Spamschutzregel 407 +/Lenders Compete For Your Business/ REJECT Body-Spamschutzregel 408 +/Life Changing Opportunity/ REJECT Body-Spamschutzregel 409 +/Lips Around Your/ REJECT Body-Spamschutzregel 410 +/Locate Hidden Assets/ REJECT Body-Spamschutzregel 411 +/Lose Pounds And Inches/ REJECT Body-Spamschutzregel 412 +/Lose Some Weight Before/ REJECT Body-Spamschutzregel 413 +/Low[-\ ]Cost Viagra/ REJECT Body-Spamschutzregel 414 +/Lowest Mortgage/ REJECT Body-Spamschutzregel 415 +/Make money online/ REJECT Body-Spamschutzregel 416 +# /Marketing Method/ REJECT Body-Spamschutzregel 417 +/Million E[-\ ]mail Addresses/ REJECT Body-Spamschutzregel 418 +/Million Email Addresses/ REJECT Body-Spamschutzregel 419 +/Minutes To Complete Your Order/ REJECT Body-Spamschutzregel 420 +/Much More Effective For Both Partners/ REJECT Body-Spamschutzregel 421 +/Mortgage Quote/ REJECT Body-Spamschutzregel 422 +/Need Fod Adult Entertainment/ REJECT Body-Spamschutzregel 423 +/Never Sends Unsolicited Email/ REJECT Body-Spamschutzregel 424 +/No[-\ ]Spam Policy/ REJECT Body-Spamschutzregel 425 +/On my personal live Webcam/ REJECT Body-Spamschutzregel 427 +/One[-\ ]Time Mail/ REJECT Body-Spamschutzregel 428 +/One[-\ ]Time Non[-\ ]Commercial/ REJECT Body-Spamschutzregel 429 +/Opt-In To Our/ REJECT Body-Spamschutzregel 430 +/Opt-Out From Our/ REJECT Body-Spamschutzregel 431 +/Our Herbal Supplement/ REJECT Body-Spamschutzregel 432 +/Owning your first home/ REJECT Body-Spamschutzregel 433 +/Partner E[-\ ]mail Offers/ REJECT Body-Spamschutzregel 434 +/Partner Email Offers/ REJECT Body-Spamschutzregel 435 +/Penis.*growth/ REJECT Body-Spamschutzregel 436 +/Permanently (deleted|removed) From Our/ REJECT Body-Spamschutzregel 437 +/Permission Based E[-\ ]mail/ REJECT Body-Spamschutzregel 438 +/Permission Based Email/ REJECT Body-Spamschutzregel 439 +/Pheromone Concentrate/ REJECT Body-Spamschutzregel 440 +/Potent Pheromone/ REJECT Body-Spamschutzregel 441 +/Price Discount for New TLD Extensions/ REJECT Body-Spamschutzregel 442 +/Quality Amateur Action/ REJECT Body-Spamschutzregel 443 +/Ready to refinance/ REJECT Body-Spamschutzregel 444 +/Real Live Cameras And Movies/ REJECT Body-Spamschutzregel 445 +/Real LiveCameras And Movies/ REJECT Body-Spamschutzregel 446 +/Receive Special Offer/ REJECT Body-Spamschutzregel 447 +/Reduce Body Fat/ REJECT Body-Spamschutzregel 448 +/Refinance Your Home/ REJECT Body-Spamschutzregel 449 +/Second Mortgage/ REJECT Body-Spamschutzregel 450 +/Secure A Better Life For/ REJECT Body-Spamschutzregel 451 +/See How Much You Can Save/ REJECT Body-Spamschutzregel 452 +/Sent to you in compliance (with|of)/ REJECT Body-Spamschutzregel 453 +/Sent To You By A Marketing Partner/ REJECT Body-Spamschutzregel 454 +/Sent in compliance (with|of)/ REJECT Body-Spamschutzregel 455 +/Serious Inquiries Only Please/ REJECT Body-Spamschutzregel 456 +/Shop Hundreds Of Lenders/ REJECT Body-Spamschutzregel 457 +/Start Making $1/ REJECT Body-Spamschutzregel 458 +/Step To Financial Freedom/ REJECT Body-Spamschutzregel 459 +/Steps To Financial Freedom/ REJECT Body-Spamschutzregel 460 +/Suck My Cock/ REJECT Body-Spamschutzregel 461 +/Take A FREE Trip/ REJECT Body-Spamschutzregel 462 +/TAKE YOUR FIRST BIG STEP/ REJECT Body-Spamschutzregel 463 +/Targeted E[-\ ]mail List/ REJECT Body-Spamschutzregel 464 +/Targeted Email List/ REJECT Body-Spamschutzregel 465 +/The following gift or special offer was sent to you/ REJECT Body-Spamschutzregel 466 +/This email is not sent unsolicited/ REJECT Body-Spamschutzregel 467 +/This Is A One[-\ ]*Time (email|e-mail|mailing|offer)/ REJECT Body-Spamschutzregel 468 +/This mailing is done by an independent marketing/ REJECT Body-Spamschutzregel 469 +/To Be Removed From This Targeted/ REJECT Body-Spamschutzregel 470 +/To Claim Your Prize Click/ REJECT Body-Spamschutzregel 471 +/To Stop All Future Offers/ REJECT Body-Spamschutzregel 472 +/Under Bill s.1618/ REJECT Body-Spamschutzregel 473 +/Universal Advertising System/ REJECT Body-Spamschutzregel 474 +/Unlimited Phone Conversations/ REJECT Body-Spamschutzregel 475 +/Using Your Identity/ REJECT Body-Spamschutzregel 476 +/Virtumundo/ REJECT Body-Spamschutzregel 477 +/Voted sex[-\ ]server on the web/ REJECT Body-Spamschutzregel 478 +/We can award any degree/ REJECT Body-Spamschutzregel 479 +/We know it sounds impossible/ REJECT Body-Spamschutzregel 480 +# /Weight Loss [Drug\Medication]/ REJECT Body-Spamschutzregel 481 +/While working from the privacy of your own home/ REJECT Body-Spamschutzregel 482 +/Win Big Money Today/ REJECT Body-Spamschutzregel 483 +/Without Pumps Or Weights Or Stretches/ REJECT Body-Spamschutzregel 484 +/Wouldn't You Like Your Husband Or Boyfriend To Have/ REJECT Body-Spamschutzregel 485 +/You Agree To Receive Email Marketing From/ REJECT Body-Spamschutzregel 486 +/You Are Receiving This Exclusive Promotion/ REJECT Body-Spamschutzregel 487 +/You Are Registered At One Of Our/ REJECT Body-Spamschutzregel 488 +/You are receiving this mail because you have/ REJECT Body-Spamschutzregel 489 +/You Have Agreed To Receive/ REJECT Body-Spamschutzregel 490 +/You Can Search For Anyone/ REJECT Body-Spamschutzregel 491 +/You've Agreed To Receive/ REJECT Body-Spamschutzregel 492 +/You Registered At One Of Our/ REJECT Body-Spamschutzregel 493 +/You've Registered At One Of Our/ REJECT Body-Spamschutzregel 494 +/Your E[-\ ]mail Address Was Obtained/ REJECT Body-Spamschutzregel 495 +/Your Email Address Was Obtained/ REJECT Body-Spamschutzregel 496 +/Your Email Address Was Supplied/ REJECT Body-Spamschutzregel 497 +/Your Mail Address Was Supplied/ REJECT Body-Spamschutzregel 498 +/Your Penis Size/ REJECT Body-Spamschutzregel 499 +/Smart Tags, Smart Investments?/ REJECT Body-Spamschutzregel 500 +/faze the Neptune focal point and strive enterprising/ REJECT Body-Spamschutzregel 501 +/full moon insistence gist an packed/ REJECT Body-Spamschutzregel 502 +/a upward prominently field day health care the ridicule offing or Internet seemingly/ REJECT Body-Spamschutzregel 503 +/fanatic but consistency sluice scrape downtrodden five and ten on needless/ REJECT Body-Spamschutzregel 504 +/fuse box sick sister/ REJECT Body-Spamschutzregel 505 +/immediate fulfillment big deal and cashier/ REJECT Body-Spamschutzregel 506 +/in on parakeet quizzical chicken feed leper on square/ REJECT Body-Spamschutzregel 508 +/reference ounce a achiever sunblock syringe roadside longevity/ REJECT Body-Spamschutzregel 509 +/ocean distrust as antiperspirant coax lubricant entry, the northwestern politicize,/ REJECT Body-Spamschutzregel 510 +/By the time Scarlett had undressed and blown out the candle, her/ REJECT Body-Spamschutzregel 511 +/E-MAIL:czq7q67a@yahoo.co.jp/ REJECT Body-Spamschutzregel 512 diff --git a/postfix/body_checks.2012-04-18_10:03:17 b/postfix/body_checks.2012-04-18_10:03:17 new file mode 100644 index 0000000..ccb717b --- /dev/null +++ b/postfix/body_checks.2012-04-18_10:03:17 @@ -0,0 +1,682 @@ +# Version 3.69 / 8.6.2011 +# +# Das Postfix-Buch - Sichere Mailserver mit Linux +# http://www.postfixbuch.de +# +# Heinlein Professional Linux Support GmbH +# http://www.heinlein-support.de +# +# Downloadquelle dieser Datei: http://www.postfixbuch.de/web/service/checks/ +# +# +# Verwendung der Filtersammlung auf eigene Gefahr. +# +# Es handelt sich dabei um einen tagesaktuellen Auszug der beim +# ISP "JPBerlin.de" genutzten Filterregeln. Bitte pruefen Sie vor einem +# Einsatz bei Ihnen ganz genau, ob diese Regeln noch aktuell und sinnvoll +# sind und ob Sie sie einsetzen moechten! +# +# +# Setzen Sie in /etc/postfix/main.cf einfach +# +# body_checks = pcre:/etc/postfix/body_checks oder +# oder +# body_checks = regexp:/etc/postfix/body_checks +# +# und fuehren Sie "rcpostfix reload" aus. +# +# Tipp: pcre ist ein Drittel schneller als regexp! +# +# + +# +# Die Nummern hinter dem REJECT tauchen spaeter iM SMTP-Error oder im Log +# auf, um die Filter-Regel wiederzufinden, die den Block ausgeloest hat. +# Es kann stattdessen auch einfacher Text benutzt werden. +# + + +/^Received: from mail pickup service by EXDO01.stricker-marsch.de with Microsoft SMTPSVC.*/ REJECT Mailloopbomb bitte anrufen + +# +# +# Tagesaktuelle, nur voruebergehende Regelungen: +# =============================================== +# [Immer mit Timestamp (!) und ggf. Ticket-Nummer eintragen!] +# + +/alexatrej14913.blogspot.com/ REJECT +/m-back22.ocn.ad.jp/ REJECT +/Received: from 83.3.224.146/ REJECT +/<HTML><HEAD><TITLE>Western Union Alerts./ REJECT +/http:\/\/www.rocktonchamber.com/ REJECT + +# +# +# Dauerhaft genutzte Regelungen: +# =============================================== +# [Immer mit aufsteiger Nummer sauber eintragen!] +# +# +/http:\/\/free.fr\/support\/verification\/compte\// REJECT Body-Spamschutzregel 1134 +/http:\/\/sonofages.free.fr\/images\/LogoCreditMutuel.png/ REJECT Body-Spamschutzregel 1133 +/ucc.edu.ni/ REJECT Body-Spamschutzregel 1132 +/7figureincome\.php/ REJECT Body-Spamschutzregel 1131 +/Cher Client Verified by Visa/ REJECT Body-Spamschutzregel 1130 +/^From: "Topillen Apotheke" / REJECT Body-Spamschutzregel 1129 +/^Aufgrund mehrerer Phishing Versuche, unsere Visa und Mastercard/ REJECT Body-Spamschutzregel 1128 +/^ Phishing Departament/ REJECT Body-Spamschutzregel 1127 +/We wish to invest between $5Million-$100Million in any viable projects/ REJECT Body-Spamschutzregel 1126 +/God bless you as you get back to me/ REJECT Body-Spamschutzregel 1125 +/www.(b|B)ien(e|E)tremag.com/ REJECT Body-Spamschutzregel 1124 +/Sehr geehrte Sparkasse Card/ REJECT Body-Spamschutzregel 1123 +/zigaretten-discount.info/ REJECT Body-Spamschutzregel 1122 +/zigaretten-discount\[punkt\]info/ REJECT Body-Spamschutzregel 1121 +/Guten Tag Mitglied [0-9]{5}/ REJECT Body-Spamschutzregel 1120 +/elenx.innovacon.com\/.e\/e.php/ REJECT Body-Spamschutzregel 1119 +/www.sniperrs.de\/modules\/Forums\/admin/ REJECT Body-Spamschutzregel 1118 +/boxneufnet.com\/id\/oragne.fr\/Identifiant/ REJECT Body-Spamschutzregel 1117 +/www.colellsa.com\/img\/quienes\/pabo\/paypal-fr/ REJECT Body-Spamschutzregel 1116 +/dekmor.cmu.ac.th\/sticker\/upload\/Logs\/Login\/webscrcmd/ REJECT Body-Spamschutzregel 1115 +/ektoschronou.com/ REJECT Body-Spamschutzregel 1114 +/ulouwaio.com/ REJECT Body-Spamschutzregel 1113 +/logonature.com.nu/ REJECT Body-Spamschutzregel 1112 +/suinlop.com/ REJECT Body-Spamschutzregel 1111 +/soudoorpo.com/ REJECT Body-Spamschutzregel 1110 +/GOOGLE AUSSTATTUNGSFONDS 20.?.? GEWINNER ANMELDEFORMULAR FUER ZAHLUNG/ REJECT Body-Spamschutzregel 1109 +/Anbieter: Privacy GG Limited, 99 Albert Street, Belize City, CA/ REJECT Body-Spamschutzregel 1108 +/^Die Nachricht wurde durch Interads 24 Ltd/ REJECT Body-Spamschutzregel 1107 +/www.sommer-mit-kollegen.de/ REJECT Body-Spamschutzregel 1006 +# Ein Spammer versenden immer Austragungslinks, die auf "/ausa" enden: +/^www.*\/ausa$/ REJECT Body-Spamschutzregel 1105 +/KlickTel Telefonbuch OEM/ REJECT Body-Spamschutzregel 1104 +/www.klicktel24.org/ REJECT Body-Spamschutzregel 1103 +/Klicken Sie hier, und fühlen Sie sich endlich gut behandelt:/ REJECT Body-Spamschutzregel 1102 +/maryjanemax@yahoo.co.uk/ REJECT Body-Spamschutzregel 1101 +/http.*muqugeh\.cn/ REJECT Body-Spamschutzregel 1100 +/Bei uns bekommen Sie Ihren Kredit schnell, unbürokratisch, diskret und natürlich ohne Bankauskunft./ REJECT Body-Spamschutzregel 1099 +/INTERNATIONAL LOTTERIE PROMOTION SPIELGEMEINSCHAFT/ REJECT Body-Spamschutzregel 1098 +/Leider st=F6ren Sie.=20/ REJECT Body-Spamschutzregel 1097 +/Sie haben dieses Email erhalten, weil Sie im Newsletter von Promohouse Ltd eingetragen sind/ REJECT Body-Spamschutzregel 1096 +/ATTN: Beneficiar/ REJECT Body-Spamschutzregel 1095 +/www.hedonismails.de/ REJECT Body-Spamschutzregel 1094 +/www.globadressen.(com|net|org|info)/ REJECT Body-Spamschutzregel 1093 +/elegalal.nextmail.ru/ REJECT Body-Spamschutzregel 1092 +/http:\/\/www.switzerlandpussy.eu/ REJECT Body-Spamschutzregel 1082 +/Die jungen Girls fliegen nur so auf die langen/ REJECT Body-Spamschutzregel 1081 +/\*\*\*\* Commercial use of this software is prohibited \*\*\*\*/ REJECT Body-Spamschutzregel 1080 +/I finded your email in internet and I decide to ask you for help/ REJECT Body-Spamschutzregel 1079 +/Details und moegliche Schritte zur Entsperrung finden Sie/ REJECT Body-Spamschutzregel 1078 +/^Amount Won:/ REJECT Body-Spamschutzregel 1077 +/AWARD WINNING NOTICE/i REJECT Body-Spamschutzregel 1076 +/mixvarejo.com/ REJECT Body-Spamschutzregel 1075 +/www.global-db.(com|net|org)/ REJECT Body-Spamschutzregel 1074 +/^I am Barrister/ REJECT Body-Spamschutzregel 1073 +/respublica@gaucherepublicaine.org/ REJECT Body-Spamschutzregel 1072 +/NEU - Vi Super Active/ REJECT Body-Spamschutzregel 1071 +/anhaltende Versagensangste und wiederholte peinliche Situationen/ REJECT Body-Spamschutzregel 1070 +/Schulfreunde Vermittlungs Service AG/ REJECT Body-Spamschutzregel 1068 +/Multimedia Telegramm/ REJECT Body-Spamschutzregel 1067 +/http.*\.fdub\.biz/ REJECT Body-Spamschutzregel 1066 +/TanjaGuenther/ REJECT Body-Spamschutzregel 1065 +/www.bestnetz24.de\/letter\/ausgabe.php/ REJECT Body-Spamschutzregel 1064 +/www.db.?adressen.(com|net|org|info)/ REJECT Body-Spamschutzregel 1063 +/thomas@jthomas.es/ REJECT Body-Spamschutzregel 1062 +/Ihre Marketing Agentur Espa/ REJECT Body-Spamschutzregel 1061 +/www.pakandu.com/ REJECT Body-Spamschutzregel 1060 +/Glob.?.?.?(C|K)ontact.?.?.?Team/ REJECT Body-Spamschutzregel 1059 +/www.gc.?datenbaken.(com|net|org|info)/ REJECT Body-Spamschutzregel 1058 +/www.glc-?data.(com|net|org|info)/ REJECT Body-Spamschutzregel 1057 +/Global.?(C|K)ontact/i REJECT Body-Spamschutzregel 1056 +/www.imarketing.com.br.remove/ REJECT Body-Spamschutzregel 1055 +/Bestellen Sie jetzt und vergessen Sie Ihre Enttauschungen/ REJECT Body-Spamschutzregel 1054 +/Online Apotheke - original Qualitaet/ REJECT Body-Spamschutzregel 1053 +/Wir wissen was Frauen wollern/ REJECT Body-Spamschutzregel 1052 +/Viiiiaaaaaagra/ REJECT Body-Spamschutzregel 1051 +/Web: www.eurasianpages. com/ REJECT Body-Spamschutzregel 1050 +/^Firma Global Contact bietet Ihnen/ REJECT Body-Spamschutzregel 1049 +/www.g-adressen.net/ REJECT Body-Spamschutzregel 1048 +/NIEMALS geben Sie Ihre Passw.rter an niemanden NUR und melden Sie sich/ REJECT Body-Spamschutzregel 1047 Haspa-Pishing +/www.loteria.es/ REJECT Body-Spamschutzregel 1046 +/Girls!  Deveelop your sexual reelationship and get even MORE pleasurre!/ REJECT Body-Spamschutzregel 1045 +# Nigeria-Spam / phei 20080209 +/Ich bin bei einer routinen Überprüfung in meiner Bank/ REJECT Body-Spamschutzregel 1044 +/Ich vermute das diese E-Mail eine Überraschung für Sie sein wird/ REJECT Body-Spamschutzregel 1043 +/Ich bin bei einer routinen Überprüfung in meiner Bank / REJECT Body-Spamschutzregel 1042 +# Versendet UBE/UCE unter verbraucher@wichtig.ms +/^Ein Dienst der IT4YOU AG, Friedrichstrasse 171, Berlin - Mitte als/ REJECT Body-Spamschutzregel 1041 +# Versendet KlickTel UBE/UCE: / phei 20080204 +/^www.cdtophit.org/ REJECT Body-Spamschutzregel 1040 +/http:\/\/www\.doenertreff\.de/ REJECT Body-Spamschutzregel 1039 +/Brauchen Sie noch einen Grund um zu Vegas VIP Casino/ REJECT Body-Spamschutzregel 1038 +/glob-contact.net$/ REJECT Body-Spamschutzregel 1037: glob-contact +/^Ihr Glob-Kontakt-Team$/ REJECT Body-Spamschutzregel 1036: glob-contact +/www.feilervision.de/ REJECT Body-Spamschutzregel 1035: feilervision +/DER INVESTORALARM!/i REJECT Body-Spamschutzregel 1034 +/ES IST EIN UNGLAUBLICHES PROFITPOTENTIAL! VERLIERE DIESE CHANCE NICHT!/i REJECT Body-Spamschutzregel 1033 +/LOTTERY AND GAMING INTERNET MESSAGE CENTRE/ REJECT Body-Spamschutzregel 1033 +/I work very hard every day to be able to buy necessities for my mother/ REJECT Body-Spamschutzregel 1032 +/THE FREELOTTO COMPANY/ REJECT Body-Spamschutzregel 1031 +/BreakingMrktNews/ REJECT Body-Spamschutzregel 1030 +/China Media Crop OTC.BB CHMD/ REJECT Body-Spamschutzregel 1029 +/Weltweit gilt das nummerierte TAN-Verfahren als eines der sicherste/ REJECT Body-Spamschutzregel 1028: Postbank-Pishing +/^Marion Beckera/ REJECT Body-Spamschutzregel 1027 +/Zwecks abschließende Zustimmung für deine Verhandlung zur/ REJECT Body-Spamschutzregel 1026 +/annullieren deine on-line Übertragung® Dienstleistungen./ REJECT Body-Spamschutzregel 1025 +/www.internetloginuser.info/ REJECT Body-Spamschutzregel 1024 +/realsevgi.com/ REJECT Body-Spamschutzregel 1023 +/Um mich zu entlasten, schicke ich Ihnen das (...) Foto wieder zurück./ REJECT Body-Spamschutzregel 1022 +/Oder Ihr Provider hat die Mail falsch weiter geleitet!?/ REJECT Body-Spamschutzregel 1021 +/Versatel-Attachment-Warning.txt/ REJECT Body-Spamschutzregel 1020 +/www=2Eanaforturizm=2Ecom/ REJECT Body-Spamschutzregel 1019 +/www.anaforturizm.com/ REJECT Body-Spamschutzregel 1018 +/The Jpberlin Support Team/ REJECT Body-Spamschutzregel 1017: Pishing-Mails +/^jpberlin.de support team\./ REJECT Body-Spamschutzregel 1016: Pishing-Mails +/You have successfully updated the password of your Jpberlin account/ REJECT Body-Spamschutzregel 1015 +/www.ru4mailnow.com/ REJECT Body-Spamschutzregel 1014 +/EXPLOSIVE PICK FOR OUR MEMBERS/ REJECT Body-Spamschutzregel 1013 +/AntiVirus-System: Kein Virus erkannt/ REJECT Body-Spamschutzregel 1012 +/--- FIFA Fussball-Weltmeisterschaft 2006/ REJECT Body-Spamschutzregel 1011 +/ankara@ankararentacar.de/ REJECT Body-Spamschutzregel 1010 +/Replica Watch Models/ REJECT Body-Spamschutzregel 1009 +/Diadem Travel/ REJECT Body-Spamschutzregel 1008 +/Let the search engine experts compete/ REJECT Body-Spamschutzregel 1007 +/Wenn du sonst noch helfen willst, dann verschick diese Nachricht einfach so oft du willst./ REJECT Body-Spamschutzregel 1006 +/http:\/\/www.ehmig.net\/web_mailer/ REJECT Body-Spamschutzregel 1005 +/http:\/\/real.slon.biz/ REJECT Body-Spamschutzregel 1004 +#/im Zusammenhang mit dem Arbeitslosengeld II/ REJECT Body-Spamschutzregel 1003 +/www.inverz.org/ REJECT Body-Spamschutzregel 1002 +/www.inverz.net/ REJECT Body-Spamschutzregel 1001 + + + + + + +/We recommend you to follow the instructions in order to keep your computer safe./ REJECT Body-Spamschutzregel 1 +/Sieh Dir einfach mal ein Video an und mach dann gleich ein Treffen/ REJECT Body-Spamschutzregel 2 +#/money.*back.*guarant/ REJECT Body-Spamschutzregel 3 +/ CIALIS / REJECT Body-Spamschutzregel 4 +/www.galamed.biz/ REJECT Body-Spamschutzregel 5 +/Starts working in less than 15 min./ REJECT Body-Spamschutzregel 6 +/Adipren720/ REJECT Body-Spamschutzregel 7 +/www.lending-home.com/ REJECT Body-Spamschutzregel 8 +/bigbonus-casino.com/ REJECT Body-Spamschutzregel 9 +/Ich hab die ultimative Seite.*dich, klick doch mal an!/ REJECT Body-Spamschutzregel 10 +/www.server42.com/ REJECT Body-Spamschutzregel 11 +/seo-profits.com/ REJECT Body-Spamschutzregel 12 +/Have a great web site, but no one knows it even/ REJECT Body-Spamschutzregel 13 +/REVERZ.*D-INFO/ REJECT Body-Spamschutzregel 14 +/D-INFO.*REVERZ/ REJECT Body-Spamschutzregel 15 +/greatmaleenhancement.biz/ REJECT Body-Spamschutzregel 16 +/ Xanax / REJECT Body-Spamschutzregel 17 +/Vic(o|0)din/ REJECT Body-Spamschutzregel 18 +/Hydr(o|0)c(o|0)d(o|0)ne/ REJECT Body-Spamschutzregel 19 +/ V1agra / REJECT Body-Spamschutzregel 20 +/warehousefull.com/ REJECT Body-Spamschutzregel 21 +/No doctor visit needed/ REJECT Body-Spamschutzregel 22 +/KLICKTEL KENNT SIE!/ REJECT Body-Spamschutzregel 23 +/^www.femo-online.de/ REJECT Body-Spamschutzregel 24 +/www.land-ua.com/ REJECT Body-Spamschutzregel 25 +/Come to Loqozine/ REJECT Body-Spamschutzregel 26 +/^<center><.*a href=.*img src=.*border.*><\/a><\/center>$/ REJECT Body-Spamschutzregel Check 27 +/www.gord.us/ REJECT Body-Spamschutzregel 28 +/www.reverz.org/ REJECT Body-Spamschutzregel 29 +/wonderfulaction.com/ REJECT Body-Spamschutzregel 30 +/At our pharmacy we offer/ REJECT Body-Spamschutzregel 31 +/Was ist besser als eine fette Ladung Sahne/ REJECT Body-Spamschutzregel 32 +/www.surerxmed.com/ REJECT Body-Spamschutzregel 33 +/www.surerxpills.com/ REJECT Body-Spamschutzregel 34 +/www.stifyems.com/ REJECT Body-Spamschutzregel 35 +/www.diatrus.com/ REJECT Body-Spamschutzregel 36 +/CITYNETT-NEWSLETTER/i REJECT Body-Spamschutzregel 37 +/Note: *Use *password/ REJECT Body-Spamschutzregel 38 +/ will be disabled because of improper using/ REJECT Body-Spamschutzregel 39 +/i.*don.*like.*the*.plaintext/ REJECT Body-Spamschutzregel 40 +/archive *password/ REJECT Body-Spamschutzregel 41 +# /The *Attac..* *team/ REJECT Body-Spamschutzregel 42 +/The *Attac.org *team/ REJECT Body-Spamschutzregel 43 +/The *Attac.de *team/ REJECT Body-Spamschutzregel 44 +/The *Attac-netzwerk.de *team/ REJECT Body-Spamschutzregel 45 +/The *Jpberlin.de *team/ REJECT Body-Spamschutzregel 46 +/Our main mailing server/ REJECT Body-Spamschutzregel 47 +/please update your profile at Billing Center/ REJECT Body-Spamschutzregel 48 +/WSEAS will reply to you/ REJECT Body-Spamschutzregel 49 +/de.componentsengine.net/ REJECT Body-Spamschutzregel 50 +/List von Components Engine eingetragen/ REJECT Body-Spamschutzregel 51 +/The Weekend Pill - Xialis is safer, quicker, lasts longers/ REJECT Body-Spamschutzregel +/Muzenda der �teste Sohn von Paul Muzenda bin , einem Farmer in Simba/ REJECT Body-Spamschutzregel 53 +/Alles fr die Autorennbahn/ REJECT Body-Spamschutzregel 54 +/Der Wurm nennt sich selbst "ODIN" und konnte sich bist jetzt/ REJECT Body-Spamschutzregel 55 +/NICHT ABHEBEN, SONDERN SOFORT ABWEISEN/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 56 +/Es ist ein Virus, welcher alle IMEI und IMSI Daten/ REJECT Body-Spamschutzregel Das ist ein HOAX, eine Falschmeldung. http://www.hoax-info.de 57 +/Der Meister unter den Druckprogrammen: PRINTMASTER 8 GOLD/ REJECT Body-Spamschutzregel 58 +/Stellen Sie sich vor, Sie kaufen ein Produkt oder eine Dienstleistung im/ REJECT Body-Spamschutzregel 59 +/So finden Sie blitzschnell den NAMEN und ADRESS-EINTRAG zu jeder/ REJECT Body-Spamschutzregel 60 +/^TVqQAAMAAAAEAAAA\/\/8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA$/ REJECT Body-Spamschutzregel Due to recent virus attacks, we temporarily block all Win32 executable files. Please re-send your attachment in a compressed (tar, zip, rar, etc.) form. Your message has NOT been delivered. 61 +/eptember 2003, Cumulative Patch/ REJECT Body-Spamschutzregel 62 +/Ich bin gerade vor einem neuen.*sehr gef�rlichen V.rus gewarnt/ REJECT Body-Spamschutzregel 63 +/^RSLxwtYBDB6FCv8ybBcS0zp9VU5of3K4BXuwyehTM0RI9IrSjVuwP94xfn0wgOjouKWzGXHVk3qg$/ REJECT Body-Spamschutzregel This is a Sobig-Worm! 64 +/exklusives virtuelles Gratis-Rubbellos welches Sie gleich jetzt live mit/ REJECT Body-Spamschutzregel 65 +/Willkommen beim Lucky7Casino/ REJECT Body-Spamschutzregel 66 +/heutzutage spielen Kontakte und Adressdaten eine immer wichtigere Rolle./ REJECT Body-Spamschutzregel 67 +/REVERZ anhand des Datenbestands der D-Info den gesuchten/ REJECT Body-Spamschutzregel 68 +/www.privatseitennetz.com/ REJECT Body-Spamschutzregel 69 +/Outlook and Outlook Express as well as five newly/ REJECT Body-Spamschutzregel 70 +/delog@cip.informatik.uni-wuerzburg.de/ REJECT Body-Spamschutzregel 71 +/credit.hostfree2003.com/ REJECT Body-Spamschutzregel 72 +/www.mediabiz.de.ewmail/ REJECT Body-Spamschutzregel 73 +/Want to boost your sales with Internet/ REJECT Body-Spamschutzregel 74 +/talente.tripod.com.br/ REJECT Body-Spamschutzregel 75 +/schlechte Schufa-Auskunft? Bonit�sprobleme? Dann w�len Sie doch/ REJECT Body-Spamschutzregel 76 +/Diese Liste von Banken, Sparkassen Volks- und Raiffeisenbanken OHNE Schufa-Anschluss finden Sie nicht/ REJECT Body-Spamschutzregel 77 +/Gute Nachrichten. Gerade habe ich die geile \"FickShow\" gefunden:/ REJECT Body-Spamschutzregel 78 +/Gute Nachrichten. Gerade habe ich die geile "FickShow" gefunden:/ REJECT Body-Spamschutzregel 79 +/Create Professional 3D Page-Tuning/ REJECT Body-Spamschutzregel 80 +/SEXKONTAKTE ONLINE/ REJECT Body-Spamschutzregel 81 +/FREE Access to.*adult.*sites/i REJECT Body-Spamschutzregel 82 +/web-supermarket.com/i REJECT Body-Spamschutzregel 83 +/Wir haben ihre Adresse durch eines unserer Partnerunternehmen/ REJECT Body-Spamschutzregel 84 +/Wir haben ihre Adresse.*Partnerunternehmen/i REJECT 85 +/herbal-place.com/ REJECT Body-Spamschutzregel 86 +/GIO DIET-CAPS greifen hier ein durch:/ REJECT Body-Spamschutzregel 87 +/These are Free Cash Grants That you NEVER have to repay/ REJECT Body-Spamschutzregel 88 +/Wir haben unseren Zugang neu upgedadet/ REJECT Body-Spamschutzregel 89 +/Jemand der Dich sehr gut kennt wuerde gern ein Treffen mit Dir/i REJECT Body-Spamschutzregel 90 +/Wenn Du wissen willst wer Dich treffen moechte/i REJECT Body-Spamschutzregel 91 +/You Have Won a FREEE/i REJECT Body-Spamschutzregel 93 +/Click Here For All Your Favorite Pornstars/i REJECT Body-Spamschutzregel 94 +/Year the U.S. Government Gives away BILLIONS in cash grants/i REJECT Body-Spamschutzregel 95 +/Banken ohne Schufa-Auskunft/i REJECT Body-Spamschutzregel 96 +/Probleme mit der Schufa/i REJECT Body-Spamschutzregel 97 +/Laden Sie sich jetzt unsere kostenlose Zugangssoftware runter/ REJECT Body-Spamschutzregel 98 +/Genocide Is A Black-And-White Concept/ REJECT Body-Spamschutzregel 99 +/So viele Wuensche auf einmal/ REJECT Body-Spamschutzregel 100 +/diese Mail ist kein SPAM/i REJECT Body-Spamschutzregel 101 +/Sch.*ne Gr.*e von Lucky Casino/ REJECT Body-Spamschutzregel 102 +/Weil Sie oder ein anderer bei Lucky Casino/i REJECT Body-Spamschutzregel 103 +/Endlich habe ich Deine E-Mail Adresse wieder gefunden, das hat aber/i REJECT Body-Spamschutzregel 104 +/galerie kurt im hirsch/ REJECT Body-Spamschutzregel +/X-MS_Scanner: Kein Virus erkannt/ REJECT Body-Spamschutzregel Sober-Wurmsignatur +/Anti_Virus Service/ REJECT Body-Spamschutzregel Sober-Wurmsignatur + +# +# Checks gesammelt aus dem Netz von +# http://www.hispalinux.es/~data/postfix/ +# +/.*www\.removeyou\.com.*/ REJECT Body-Spamschutzregel 110 +/.*waterforge\.com.*/ REJECT Body-Spamschutzregel 111 +/.*capitalwave\.com\?subject=Please*/ REJECT Body-Spamschutzregel 112 +/\.virtmundo\.com/ REJECT Body-Spamschutzregel 113 +#/Accept Credit Cards/ REJECT Body-Spamschutzregel 114 +/Nude Celebrities/ REJECT Body-Spamschutzregel 115 +/PRODUCT or SERVICE/i REJECT Body-Spamschutzregel 116 +# /GUARANTEED!/ REJECT Body-Spamschutzregel 117 +/Amateur Girls/ REJECT Body-Spamschutzregel 118 +#/FREE MEMBERSHIP/ REJECT Body-Spamschutzregel 119 +#/bizinfo/ REJECT Body-Spamschutzregel 120 +# block iframe hack 122 +/<iframe src=(3D)?cid:.* height=(3D)?0 width=(3D)?0>/ REJECT Body-Spamschutzregel 123 +# some porn spam phrases 125 +/^Big tit lovers unite\.$|\bcum.?(shoo?ts|slurp)|swallow(ing)? cum\b|\bcum\b.*swallow(ing)?|\b(ass|arse).?fucking|(tight|wet|shaved|young|teen)+ pussy|fuck.?fest|pussy.?juice|\bcum all over|compulsive masturbators agree|explicit hardcore|(nasty|teen).*\bsluts?|You received this mail because our records show that you have asked to receive|(TEEN|ANAL) FUCK SITE|delete this mail( now)? if (you|u) do not want porn|HARDCORE PORN|HORNY FARMGIRLS/ REJECT Body-Spamschutzregel 126 +# some nigerian scam phrases 128 +/^Dear.*(Fellow.*Entrepreneur|Achiever|adult.*webmaster|Internet.*user|Future.*Millionaire)/ REJECT Body-Spamschutzregel 129 +# Wg. Postfiy-Problem auskommentiert?! 130 +#/(Dan Dakova|(TO|Attn *)[;:]? *(The )?President *\/ *C\.?E\.?O\.?|STRICTLY CONFIDENTIAL BUSINESS PROPOSAL|MR(?:\.|=2e)? PATRICE MILLER|President of Crane International Trading Corp(?:\.|=2e)|44-775-281-5820|44-7799289001|44-7092374892|44-7092343325|JOSEPH NWOSU|HARRY KONGOLO|JAMES GIWA|(Umaru|Aminatou) Hamidu|PERSONAL AND STRICTLY CONFIDENTIAL|It is with my profound dignity that I write you this very important|REQUEST FOR URGENT BUSINESS|Marshall Kabba|WITH DUE RESPECT AND HUMIILITY I WRITE YOU|I GOT YOUR CONTACT THROUGH INTERNATIONAL BUSINESS|Your contact address got to me through the Internet|MOHAMMED(?:\.|=2e)?\s?ABACHA|will forward to you a duly signed POWER OF ATTORNEY|Edith M(?:\.|=2e)? Koromah|I must solicit your strictest confidence in this transaction|MRS(?:\.|=2e)? ?M.? ?SESE-SEKO|WIDOW OF LATE PRESIDENT MOBUTU|ATTN:\s*MANAGING DIRECTOR|PERMIT ME TO INFORM YOU OF MY DESIRE OF GOING INTO|MR MOMADOU LEY|I AM BARRISTER ABDULKARIMI A(?:\.|=2e)? BRUME|^\s*ATTN\s*;\s*$|BRAM KHUMALO|(Sandra|Jonas) Savimbi|Million\b.{0,40}\b(?:United States? Dollars?|USD)|BASED ON INFORMATION GATHERED ABOUT YOU|POSITION TO HELP US IN TRANSFER|Government of Nigeria|NIGERIAN? NATIONAL|Nigerian? Government|Bank of Nigeria|Mpeti Kabila|President LAURENT DESIRE KABILA|CLEMENT OSHODI|URGENT & CONFIDENTIAL BUSINESS PROPOSAL|DEPARMENT OF PETROLEUM RESOURCES|Federal Ministry of works and Housing in Nigeria|Director of Contracts and Finance Allocation|CHIENCHEN YU|Dangote Ahmed|CHRIS KAASA|I WAIT YOUR URGENT RESPONSE|PRESIDENT DAWUDU JAWARA|JAMES ADELEKE|I am soliciting your involvement in a business|MIRIAM ABACHA|wife of the (?:late )?Nigeria|Kamuzu Thandiwe)/ REJECT Body-Spamschutzregel 131 +# misc spam phrases 133 +/(Kathmandu Temple Kiff|Do You Have The Yen To Be a A Millionaire\?|This message is brought to you by BerryTrim Affiliate|A \$5,000 Investment in the Euro vs the dollar, "?properly positioned"?|Reply( back)? with "?remove"? in( the)? subject line|To be removed (send e?-?mail|from further mailings)|If you have the staff to field the leads I can generate|Do you need more Traffic to your website\?|herbal viagra)/ REJECT Body-Spamschutzregel 134 +# Covers off most of the double extension virus attachments- more you have 140 +# in one line the more efficient it is 141 +/^Content-Disposition: attachment;filename=".*\.(doc|zip|exe|xls|jpg|gif)\.(pif|bat|com|exe|lnk)"$/ REJECT Body-Spamschutzregel 142 +/^Content-Disposition: attachment;filename=.*\.(doc|zip|exe|xls|jpg|gif)\.(pif|bat|com|exe|lnk)$/ REJECT Body-Spamschutzregel 143 +/(filename|name)="(WTC|wtc|README)\.EXE"/ REJECT Body-Spamschutzregel 145 +/(filename|name)="(Happy99|Navidad|prettypark|pretty park|zipped_files|flcss|Msinit|wininit|msi216|readme|README|Avp_updates|Qi_test|Anti_cih)\.exe"/ REJECT Body-Spamschutzregel 146 +/(filename|name)="(dhcp*|Emanuel|kmbfejkm|NakedWife|Seicho_no_ie|JAMGCJJA|Sulfnbk)\.exe"/ REJECT Body-Spamschutzregel 147 +/(kak|day)\.(reg|hta)/ REJECT Body-Spamschutzregel 148 +/to be removed[,]* please click.*link/ REJECT Body-Spamschutzregel 151 +# /to be removed[,]* from (the|my|our) (mailing|email|e-mail)*[ ]*list/ REJECT Body-Spamschutzregel 152 +/to be removed[,]* from.*(mailings|offers)/ REJECT Body-Spamschutzregel 153 +/to be removed[,]* from the list send a blank email/ REJECT Body-Spamschutzregel 154 +/to be removed[,]* [e]*[-]*mail.*with/ REJECT Body-Spamschutzregel 155 +/to remove[,]* please send a blank email/ REJECT Body-Spamschutzregel 156 +#/remove yourself from this list/ REJECT Body-Spamschutzregel 157 +/removed from our mail agents/ REJECT Body-Spamschutzregel 158 +/to remove yourself immediately/ REJECT Body-Spamschutzregel 159 +/to remove yourself from future/ REJECT Body-Spamschutzregel 160 +/Rem[o]*ve me fro[nm] any (furhter|further) mailings/ REJECT Body-Spamschutzregel 161 +/remove yourself from any future mailings/ REJECT Body-Spamschutzregel 162 +/to no longer receive this message reply/ REJECT Body-Spamschutzregel 163 +/to no longer receive messages click the link/ REJECT Body-Spamschutzregel 164 +/to no longer receive messages please click the link/ REJECT Body-Spamschutzregel 165 +/our broadcast email software/ REJECT Body-Spamschutzregel 166 +/there are no federal regulations or laws on (email|e-mail) advertising/ REJECT Body-Spamschutzregel 167 +/to receive (no|any) (further|future) (offers|mailings)/ REJECT Body-Spamschutzregel 168 +/do not wish to receive future (e-mail|email)/ REJECT Body-Spamschutzregel 169 +# /do not wish to receive (e-mail|email)/ REJECT Body-Spamschutzregel 170 +/unsubscribe from Virtumundo Rewards/ REJECT Body-Spamschutzregel 171 +/if you do not wish to receive email from me/ REJECT Body-Spamschutzregel 172 +/reply with the word remove in the subject line/ REJECT Body-Spamschutzregel 173 +/reply address on this email was active at the time this email was sent/ REJECT Body-Spamschutzregel 174 +/not a registered investment advisor/ REJECT Body-Spamschutzregel 175 +/sent by corporate micro mail manager/ REJECT Body-Spamschutzregel 176 +/to be stop future mailings/ REJECT Body-Spamschutzregel 177 +/to stop future mailings/ REJECT Body-Spamschutzregel 178 +/to be taken off the mailing list please click below/ REJECT Body-Spamschutzregel 179 +/sent to you in compliance (with|of)/ REJECT Body-Spamschutzregel 180 +/sent in compliance (with|of)/ REJECT Body-Spamschutzregel 181 +/compliance with the current federal legislation/ REJECT Body-Spamschutzregel 182 +/comply with proposed federal legislation/ REJECT Body-Spamschutzregel 183 +/permanently (deleted|removed) from our (database|list)/ REJECT Body-Spamschutzregel 184 +/to be removed your email from our mailing list/ REJECT Body-Spamschutzregel 185 +/this mailing is done by an independent marketing/ REJECT Body-Spamschutzregel 186 +/this[ ]*message[ ]*is[ ]*being[ ]*sent[ ]*in[ ]*full[ ]*compliance/ REJECT Body-Spamschutzregel 187 +/this is a one[-\ ]*time (email|e-mail|mailing|offer)/ REJECT Body-Spamschutzregel 188 +/Under Bill s.1618/ REJECT Body-Spamschutzregel 189 +/cannot be considered spam/ REJECT Body-Spamschutzregel 190 +/cannot be considered as spam/ REJECT Body-Spamschutzregel 191 +/(respect|honor|honour) all removal requests/ REJECT Body-Spamschutzregel 192 +/no longer wish to receive these offers/ REJECT Body-Spamschutzregel 193 +/you will not receive this offer again/ REJECT Body-Spamschutzregel 194 +/this is not an unsolicited mail/ REJECT Body-Spamschutzregel 195 +/this email has not been sent to you unsolicited/ REJECT Body-Spamschutzregel 196 +/has not been sent unsolicited/ REJECT Body-Spamschutzregel 197 +#/(wish|would) to be removed from (our|the)/ REJECT Body-Spamschutzregel 199 +/all removes (honored|honoured)/ REJECT Body-Spamschutzregel 200 +/To[ ]+remove[ ]+.*@excite.com/ REJECT Body-Spamschutzregel 201 +/to[ ]+be[ ]+removed[ ]+.*@excite.com/ REJECT Body-Spamschutzregel 202 +/removemenow@excite.com/ REJECT Body-Spamschutzregel 204 +/1800cruisesandtours\.com/ REJECT Body-Spamschutzregel 205 +/freewebdirect\.net/ REJECT Body-Spamschutzregel 206 +/new-herbalway\.com/ REJECT Body-Spamschutzregel 207 +/advantagesweb\.com/ REJECT Body-Spamschutzregel 208 +/phytohealing\.com/ REJECT Body-Spamschutzregel 209 +/tradersprophet\.com/ REJECT Body-Spamschutzregel 210 +/ugot2see\.com/ REJECT Body-Spamschutzregel 211 +/hotlatinparadise\.com/ REJECT Body-Spamschutzregel 212 +/pearlgolf\.com/ REJECT Body-Spamschutzregel 213 +/halloweenomania\.com/ REJECT Body-Spamschutzregel 214 +/gofortuneonline\.com/ REJECT Body-Spamschutzregel 215 +/scantexas\.com/ REJECT Body-Spamschutzregel 216 +/buildreferrals\.com/ REJECT Body-Spamschutzregel 217 +/removeyou\.com/ REJECT Body-Spamschutzregel 218 +/cashbackmall\.com/ REJECT Body-Spamschutzregel 219 +/pageitnow\.net/ REJECT Body-Spamschutzregel 220 +/easycream\.com/ REJECT Body-Spamschutzregel 221 +/optinrealbig\.com/ REJECT Body-Spamschutzregel 222 +/realgreatgifts\.com/ REJECT Body-Spamschutzregel 223 +/realcheapgifts\.com/ REJECT Body-Spamschutzregel 224 +/pillsofpleasure\.com/ REJECT Body-Spamschutzregel 225 +/greathealthpills\.com/ REJECT Body-Spamschutzregel 226 +/saverealbigdeals\.com/ REJECT Body-Spamschutzregel 227 +/saverealbigstore\.com/ REJECT Body-Spamschutzregel 228 +/realbigwinners\.com/ REJECT Body-Spamschutzregel 229 +/saverealbig\.com/ REJECT Body-Spamschutzregel 230 +/extremetraffic_rem@excite\.com/ REJECT Body-Spamschutzregel 232 +/tccoptin@yahoo\.com/ REJECT Body-Spamschutzregel 233 +/tccoptout@yahoo.com/ REJECT Body-Spamschutzregel 234 +/stop026@excite\.com/ REJECT Body-Spamschutzregel 235 +/pleasestopsending@hotmail.com/ REJECT Body-Spamschutzregel 236 +/viperdrawing@winning.com/ REJECT Body-Spamschutzregel 237 +/mailto:.*\@.*\?subject\=(3D)*(remove|removeme|pleasedelete|pleaseremove|deleteme)+/ REJECT Body-Spamschutzregel 238 +/StudioPros/ REJECT Body-Spamschutzregel 240 +/universal advertising systems/ REJECT Body-Spamschutzregel 241 +/androstenone pheromone concentrate/ REJECT Body-Spamschutzregel 242 +/message was sent by a[n]* independent advertising company/ REJECT Body-Spamschutzregel 243 +/amazing cash products/ REJECT Body-Spamschutzregel 244 +/penis.*growth/ REJECT Body-Spamschutzregel 245 +/vortex[ ]+supplies/ REJECT Body-Spamschutzregel 246 +/international trade sources llc/ REJECT Body-Spamschutzregel 247 +/postmasterdirect inc/ REJECT Body-Spamschutzregel 248 +/free no obligation consultation/ REJECT Body-Spamschutzregel 249 +/voted sex[-\ ]server on the web/ REJECT Body-Spamschutzregel 250 +/get back.*years of your income taxes/ REJECT Body-Spamschutzregel 251 +/click here for your free quote/ REJECT Body-Spamschutzregel 252 +/click here to be (permanently)* ?(removed|deleted)/ REJECT Body-Spamschutzregel 253 +/to unsubscribe do nothing/ REJECT Body-Spamschutzregel 254 +/OTCBB Stock Alert/ REJECT Body-Spamschutzregel 255 +/apparently you have filled out an online form/ REJECT Body-Spamschutzregel 257 +/list management software will not know/ REJECT Body-Spamschutzregel 258 +/message will only be sent once/ REJECT Body-Spamschutzregel 259 +/found this company on the internet/ REJECT Body-Spamschutzregel 260 +/you will not receive any future mailings/ REJECT Body-Spamschutzregel 261 +/all removal requests are (honored|honoured)/ REJECT Body-Spamschutzregel 262 +/you will be removed from our mailing[ ]*list and receive no further information from us/ REJECT Body-Spamschutzregel 263 +/we include contact information and a method to be removed from our mailing[ ]*list/ REJECT Body-Spamschutzregel 264 +/there is no need to unsubscribe/ REJECT Body-Spamschutzregel 265 +/I have made every attempt to target this message/ REJECT Body-Spamschutzregel 266 +/If you do not wish to be on our list then click here/ REJECT Body-Spamschutzregel 267 +/If you are not interested in receiving information/ REJECT Body-Spamschutzregel 268 +/your request will be (honored|honoured) with prompt removal/ REJECT Body-Spamschutzregel 269 +/if you feel you got this e[-]*mail by mistake/ REJECT Body-Spamschutzregel 270 +/to have us permanently remove you from our list/ REJECT Body-Spamschutzregel 271 +/we guarantee you will not receive any future e[-]*mails from us/ REJECT Body-Spamschutzregel 272 +/if you would rather not receive future e[-]*mails/ REJECT Body-Spamschutzregel 273 +/we do not intend to send any future e[-]*mails/ REJECT Body-Spamschutzregel 274 +/further emailing to you by the of this email may be stopped/ REJECT Body-Spamschutzregel 275 +/by the of this email may be stopped/ REJECT Body-Spamschutzregel 276 +/receiving this e[-]*mail because you opted[-\ ]in/ REJECT Body-Spamschutzregel 277 +/this email has been sent to you because someone at this e[-]*mail address/ REJECT Body-Spamschutzregel 278 +/to have your name removed from our email database/ REJECT Body-Spamschutzregel 279 +/stopped at no cost to you by sending a reply to this e[-]*mail address/ REJECT Body-Spamschutzregel 280 +/this message is an advertisement/ REJECT Body-Spamschutzregel 281 +/immediately removed from receiving any more information/ REJECT Body-Spamschutzregel 282 +/would not like to receive future messages/ REJECT Body-Spamschutzregel 283 +/tell us you would not like to continue to receive such e[-]*mails/ REJECT Body-Spamschutzregel 284 +/advertise your product or service using bulk email services/ REJECT Body-Spamschutzregel 285 +/You have been specially selected to qualify/ REJECT Body-Spamschutzregel 286 +/while working from the privacy of your own home/ REJECT Body-Spamschutzregel 287 +/e[-]*mail messages may be stopped/ REJECT Body-Spamschutzregel 288 +/list removal\/opt[-\ ]*out/ REJECT Body-Spamschutzregel 289 +/this is a no obligation qualification form/ REJECT Body-Spamschutzregel 290 +/please notify the sender immediately with .*remove/ REJECT Body-Spamschutzregel 291 +/home[-\ ]based income opportunity/ REJECT Body-Spamschutzregel 292 +/(filename|name)="(Happy99|Navidad|prettypark)\.exe"/ REJECT Body-Spamschutzregel 294 +/(filename|name)="(pretty park|zipped_files|flcss)\.exe"/ REJECT Body-Spamschutzregel 295 +/(filename|name)="(Msinit|wininit|msi216|CFGWIZ31)\.exe"/ REJECT Body-Spamschutzregel 296 +/(filename|name)="(Avp_updates|Qi_test|Anti_cih)\.exe"/ REJECT Body-Spamschutzregel 297 +/(filename|name)="(Emanuel|kmbfejkm|NakedWife|Readme|readme)\.exe"/ REJECT Body-Spamschutzregel 298 +/(filename|name)="(Seicho_no_ie|JAMGCJJA|Sulfnbk|QuickLnk)\.exe"/ REJECT Body-Spamschutzregel 299 +/(filename|name)="(Readme|readme)\.eml"/ REJECT Body-Spamschutzregel 300 +/(kak|day)\.(reg|hta)/ REJECT Body-Spamschutzregel 302 +/Rem I am sorry/ REJECT Body-Spamschutzregel 303 +/Te mando este archivo para que me des tu punto de vista/ REJECT Body-Spamschutzregel 304 +/I send you this file in order to have your advice/ REJECT Body-Spamschutzregel 305 +/Espero me puedas ayudar con el archivo que te mando/ REJECT Body-Spamschutzregel 306 +/Espero te guste este archivo que te mando/ REJECT Body-Spamschutzregel 307 +/Este es el archivo con la informaci� que me pediste/ REJECT Body-Spamschutzregel 308 +/I hope you can help me with this file that I send/ REJECT Body-Spamschutzregel 309 +/I hope you like the file that I send you/ REJECT Body-Spamschutzregel 310 +/This is the file with the information that you ask for/ REJECT Body-Spamschutzregel 311 +/0 Business Fax Numbers/ REJECT Body-Spamschutzregel 314 +/1[-\ ]Time Mailling/ REJECT Body-Spamschutzregel 315 +/30 day money back guarantee/ REJECT Body-Spamschutzregel 316 +/A New Loan Makes Sense/ REJECT Body-Spamschutzregel 317 +/Advertise your product or service/ REJECT Body-Spamschutzregel 318 +/Aging While Burning Fat/ REJECT Body-Spamschutzregel 319 +/Amazing cash products/ REJECT Body-Spamschutzregel 320 +/Androstenone/ REJECT Body-Spamschutzregel 321 +/Attract Members of The Opposite/ REJECT Body-Spamschutzregel 322 +/Automatic Stock Picking Software/ REJECT Body-Spamschutzregel 323 +/Bad Credit Is History/ REJECT Body-Spamschutzregel 324 +/Banner Advertising Price/ REJECT Body-Spamschutzregel 325 +/Barnyard Fucking/ REJECT Body-Spamschutzregel 326 +/BEAUTIFUL Women On The Web/ REJECT Body-Spamschutzregel 327 +/Because Our Records Indicate That You Are A/ REJECT Body-Spamschutzregel 328 +# /Because You Agree/ REJECT Body-Spamschutzregel 329 +/Because You Have Subscribed To One Of Our/ REJECT Body-Spamschutzregel 330 +#/Because You Registered/ REJECT Body-Spamschutzregel 331 +/Because You Signed Up At One/ REJECT Body-Spamschutzregel 332 +/Best Porn/ REJECT Body-Spamschutzregel 333 +/Buy Preforeclosure Houses/ REJECT Body-Spamschutzregel 334 +/Cable TV Descrambler/ REJECT Body-Spamschutzregel 335 +/Cannot be Considered Spam/ REJECT Body-Spamschutzregel 336 +/Cannot be Considered As Spam/ REJECT Body-Spamschutzregel 337 +/Caso nao desejar receber este tipo de email novamente/ REJECT Body-Spamschutzregel 338 +/Click Here For Your Free Quote/ REJECT Body-Spamschutzregel 339 +/Click Here To Avoid This In The Future/ REJECT Body-Spamschutzregel 340 +/Compliance with the current federal legislation/ REJECT Body-Spamschutzregel 341 +/Copy DVD Movies/ REJECT Body-Spamschutzregel 343 +/Creating Immediate Wealth/ REJECT Body-Spamschutzregel 344 +/Cum Shots/ REJECT Body-Spamschutzregel 345 +/Dear Future/ REJECT Body-Spamschutzregel 348 +#/Dear Entrepreneur/ REJECT Body-Spamschutzregel 349 +/Debt Consolidation/ REJECT Body-Spamschutzregel 350 +/Do You Want Financial/ REJECT Body-Spamschutzregel 351 +/Don't Need A Prescription/ REJECT Body-Spamschutzregel 352 +/E[-\ ]Mail Bill Section 301/ REJECT Body-Spamschutzregel 353 +/Earn A Full Time Income/ REJECT Body-Spamschutzregel 354 +/Easily Lose Weight/ REJECT Body-Spamschutzregel 355 +/Equalamail/ REJECT Body-Spamschutzregel 356 +/Email Bill Section 301/ REJECT Body-Spamschutzregel 357 +/Erotic Travel Guide/ REJECT Body-Spamschutzregel 358 +/Fat Blocker/ REJECT Body-Spamschutzregel 359 +/Fellow Internet entrepeneur/ REJECT Body-Spamschutzregel 360 +/Figure Income Earners/ REJECT Body-Spamschutzregel 361 +/Find Out Anything About Anyone/ REJECT Body-Spamschutzregel 362 +/Fix Your Credit/ REJECT Body-Spamschutzregel 363 +/Found this company on the internet/ REJECT Body-Spamschutzregel 364 +/Free Bulk Email/ REJECT Body-Spamschutzregel 365 +/Free Direct Email/ REJECT Body-Spamschutzregel 367 +/Free Multiple Moving Cost/ REJECT Body-Spamschutzregel 368 +/Free no obligation/ REJECT Body-Spamschutzregel 369 +/Free Private Webcam/ REJECT Body-Spamschutzregel 370 +/Free S e x/ REJECT Body-Spamschutzregel 371 +/Free Sex/ REJECT Body-Spamschutzregel 372 +/Free Vacation Giveaway/ REJECT Body-Spamschutzregel 373 +/Free XXX/ REJECT Body-Spamschutzregel 374 +/From A Concerned Gas User/ REJECT Body-Spamschutzregel 375 +/Get back.*years of your income taxes/ REJECT Body-Spamschutzregel 376 +/Government Grants E-Book/ REJECT Body-Spamschutzregel 377 +/GROWTH HORMONE RELEASER/ REJECT Body-Spamschutzregel 378 +/Hardcore Animal Action/ REJECT Body-Spamschutzregel 379 +/Hardcore Barnyard/ REJECT Body-Spamschutzregel 380 +/Hardcore Fist/ REJECT Body-Spamschutzregel 381 +/Hardcore Fucking/ REJECT Body-Spamschutzregel 382 +/Home[-\ ]based income opportunity/ REJECT Body-Spamschutzregel 383 +/Has not been sent unsolicited/ REJECT Body-Spamschutzregel 384 +/I Will Personally Show You How/ REJECT Body-Spamschutzregel 385 +/Independent advertising company/ REJECT Body-Spamschutzregel 386 +/Incredible Life Changing/ REJECT Body-Spamschutzregel 387 +/It Has Been Going Since/ REJECT Body-Spamschutzregel 388 +/Hardcore Animal/ REJECT Body-Spamschutzregel 389 +/Hardcore Fucking/ REJECT Body-Spamschutzregel 390 +/Hardcore Teens/ REJECT Body-Spamschutzregel 391 +/Hardcore Unsuspecting/ REJECT Body-Spamschutzregel 392 +/Has not been sent to you unsolicited/ REJECT Body-Spamschutzregel 393 +/Hear About Future Offers From Us/ REJECT Body-Spamschutzregel 394 +/Hear About Offers From Us/ REJECT Body-Spamschutzregel 395 +/Hot Horny Girls/ REJECT Body-Spamschutzregel 396 +/Hot Young Nasty/ REJECT Body-Spamschutzregel 397 +/Huge Wild Animals/ REJECT Body-Spamschutzregel 398 +/Improve Sexual Vigor/ REJECT Body-Spamschutzregel 399 +#/If you no longer wish to receive/ REJECT Body-Spamschutzregel 400 +/If you prefer not to receive future emails/ REJECT Body-Spamschutzregel 401 +/I'm a total exibitionist/ REJECT Body-Spamschutzregel 402 +/Im a total exibitionist/ REJECT Body-Spamschutzregel 403 +/In Compliance With The New E[-\ ]Mail Bill/ REJECT Body-Spamschutzregel 404 +#/Interest rates are rising/ REJECT Body-Spamschutzregel 405 +/Just ONE click away from showing you/ REJECT Body-Spamschutzregel 406 +/Lender referral service/ REJECT Body-Spamschutzregel 407 +/Lenders Compete For Your Business/ REJECT Body-Spamschutzregel 408 +/Life Changing Opportunity/ REJECT Body-Spamschutzregel 409 +/Lips Around Your/ REJECT Body-Spamschutzregel 410 +/Locate Hidden Assets/ REJECT Body-Spamschutzregel 411 +/Lose Pounds And Inches/ REJECT Body-Spamschutzregel 412 +/Lose Some Weight Before/ REJECT Body-Spamschutzregel 413 +/Low[-\ ]Cost Viagra/ REJECT Body-Spamschutzregel 414 +/Lowest Mortgage/ REJECT Body-Spamschutzregel 415 +/Make money online/ REJECT Body-Spamschutzregel 416 +# /Marketing Method/ REJECT Body-Spamschutzregel 417 +/Million E[-\ ]mail Addresses/ REJECT Body-Spamschutzregel 418 +/Million Email Addresses/ REJECT Body-Spamschutzregel 419 +/Minutes To Complete Your Order/ REJECT Body-Spamschutzregel 420 +/Much More Effective For Both Partners/ REJECT Body-Spamschutzregel 421 +/Mortgage Quote/ REJECT Body-Spamschutzregel 422 +/Need Fod Adult Entertainment/ REJECT Body-Spamschutzregel 423 +/Never Sends Unsolicited Email/ REJECT Body-Spamschutzregel 424 +/No[-\ ]Spam Policy/ REJECT Body-Spamschutzregel 425 +/On my personal live Webcam/ REJECT Body-Spamschutzregel 427 +/One[-\ ]Time Mail/ REJECT Body-Spamschutzregel 428 +/One[-\ ]Time Non[-\ ]Commercial/ REJECT Body-Spamschutzregel 429 +/Opt-In To Our/ REJECT Body-Spamschutzregel 430 +/Opt-Out From Our/ REJECT Body-Spamschutzregel 431 +/Our Herbal Supplement/ REJECT Body-Spamschutzregel 432 +/Owning your first home/ REJECT Body-Spamschutzregel 433 +/Partner E[-\ ]mail Offers/ REJECT Body-Spamschutzregel 434 +/Partner Email Offers/ REJECT Body-Spamschutzregel 435 +/Penis.*growth/ REJECT Body-Spamschutzregel 436 +/Permanently (deleted|removed) From Our/ REJECT Body-Spamschutzregel 437 +/Permission Based E[-\ ]mail/ REJECT Body-Spamschutzregel 438 +/Permission Based Email/ REJECT Body-Spamschutzregel 439 +/Pheromone Concentrate/ REJECT Body-Spamschutzregel 440 +/Potent Pheromone/ REJECT Body-Spamschutzregel 441 +/Price Discount for New TLD Extensions/ REJECT Body-Spamschutzregel 442 +/Quality Amateur Action/ REJECT Body-Spamschutzregel 443 +/Ready to refinance/ REJECT Body-Spamschutzregel 444 +/Real Live Cameras And Movies/ REJECT Body-Spamschutzregel 445 +/Real LiveCameras And Movies/ REJECT Body-Spamschutzregel 446 +/Receive Special Offer/ REJECT Body-Spamschutzregel 447 +/Reduce Body Fat/ REJECT Body-Spamschutzregel 448 +/Refinance Your Home/ REJECT Body-Spamschutzregel 449 +/Second Mortgage/ REJECT Body-Spamschutzregel 450 +/Secure A Better Life For/ REJECT Body-Spamschutzregel 451 +/See How Much You Can Save/ REJECT Body-Spamschutzregel 452 +/Sent to you in compliance (with|of)/ REJECT Body-Spamschutzregel 453 +/Sent To You By A Marketing Partner/ REJECT Body-Spamschutzregel 454 +/Sent in compliance (with|of)/ REJECT Body-Spamschutzregel 455 +/Serious Inquiries Only Please/ REJECT Body-Spamschutzregel 456 +/Shop Hundreds Of Lenders/ REJECT Body-Spamschutzregel 457 +/Start Making $1/ REJECT Body-Spamschutzregel 458 +/Step To Financial Freedom/ REJECT Body-Spamschutzregel 459 +/Steps To Financial Freedom/ REJECT Body-Spamschutzregel 460 +/Suck My Cock/ REJECT Body-Spamschutzregel 461 +/Take A FREE Trip/ REJECT Body-Spamschutzregel 462 +/TAKE YOUR FIRST BIG STEP/ REJECT Body-Spamschutzregel 463 +/Targeted E[-\ ]mail List/ REJECT Body-Spamschutzregel 464 +/Targeted Email List/ REJECT Body-Spamschutzregel 465 +/The following gift or special offer was sent to you/ REJECT Body-Spamschutzregel 466 +/This email is not sent unsolicited/ REJECT Body-Spamschutzregel 467 +/This Is A One[-\ ]*Time (email|e-mail|mailing|offer)/ REJECT Body-Spamschutzregel 468 +/This mailing is done by an independent marketing/ REJECT Body-Spamschutzregel 469 +/To Be Removed From This Targeted/ REJECT Body-Spamschutzregel 470 +/To Claim Your Prize Click/ REJECT Body-Spamschutzregel 471 +/To Stop All Future Offers/ REJECT Body-Spamschutzregel 472 +/Under Bill s.1618/ REJECT Body-Spamschutzregel 473 +/Universal Advertising System/ REJECT Body-Spamschutzregel 474 +/Unlimited Phone Conversations/ REJECT Body-Spamschutzregel 475 +/Using Your Identity/ REJECT Body-Spamschutzregel 476 +/Virtumundo/ REJECT Body-Spamschutzregel 477 +/Voted sex[-\ ]server on the web/ REJECT Body-Spamschutzregel 478 +/We can award any degree/ REJECT Body-Spamschutzregel 479 +/We know it sounds impossible/ REJECT Body-Spamschutzregel 480 +# /Weight Loss [Drug\Medication]/ REJECT Body-Spamschutzregel 481 +/While working from the privacy of your own home/ REJECT Body-Spamschutzregel 482 +/Win Big Money Today/ REJECT Body-Spamschutzregel 483 +/Without Pumps Or Weights Or Stretches/ REJECT Body-Spamschutzregel 484 +/Wouldn't You Like Your Husband Or Boyfriend To Have/ REJECT Body-Spamschutzregel 485 +/You Agree To Receive Email Marketing From/ REJECT Body-Spamschutzregel 486 +/You Are Receiving This Exclusive Promotion/ REJECT Body-Spamschutzregel 487 +/You Are Registered At One Of Our/ REJECT Body-Spamschutzregel 488 +/You are receiving this mail because you have/ REJECT Body-Spamschutzregel 489 +/You Have Agreed To Receive/ REJECT Body-Spamschutzregel 490 +/You Can Search For Anyone/ REJECT Body-Spamschutzregel 491 +/You've Agreed To Receive/ REJECT Body-Spamschutzregel 492 +/You Registered At One Of Our/ REJECT Body-Spamschutzregel 493 +/You've Registered At One Of Our/ REJECT Body-Spamschutzregel 494 +/Your E[-\ ]mail Address Was Obtained/ REJECT Body-Spamschutzregel 495 +/Your Email Address Was Obtained/ REJECT Body-Spamschutzregel 496 +/Your Email Address Was Supplied/ REJECT Body-Spamschutzregel 497 +/Your Mail Address Was Supplied/ REJECT Body-Spamschutzregel 498 +/Your Penis Size/ REJECT Body-Spamschutzregel 499 +/Smart Tags, Smart Investments?/ REJECT Body-Spamschutzregel 500 +/faze the Neptune focal point and strive enterprising/ REJECT Body-Spamschutzregel 501 +/full moon insistence gist an packed/ REJECT Body-Spamschutzregel 502 +/a upward prominently field day health care the ridicule offing or Internet seemingly/ REJECT Body-Spamschutzregel 503 +/fanatic but consistency sluice scrape downtrodden five and ten on needless/ REJECT Body-Spamschutzregel 504 +/fuse box sick sister/ REJECT Body-Spamschutzregel 505 +/immediate fulfillment big deal and cashier/ REJECT Body-Spamschutzregel 506 +/in on parakeet quizzical chicken feed leper on square/ REJECT Body-Spamschutzregel 508 +/reference ounce a achiever sunblock syringe roadside longevity/ REJECT Body-Spamschutzregel 509 +/ocean distrust as antiperspirant coax lubricant entry, the northwestern politicize,/ REJECT Body-Spamschutzregel 510 +/By the time Scarlett had undressed and blown out the candle, her/ REJECT Body-Spamschutzregel 511 +/E-MAIL:czq7q67a@yahoo.co.jp/ REJECT Body-Spamschutzregel 512 diff --git a/postfix/header_checks b/postfix/header_checks index 97fb06f..191b238 100644 --- a/postfix/header_checks +++ b/postfix/header_checks @@ -74,7 +74,15 @@ # =============================================== # [Immer mit aufsteiger Nummer sauber eintragen!] # -# + +/^Subject:.*Ihr freundlicher Support$/ REJECT Header-Spamschutzregel 1161 +/^From:.*@deutschseo.com/ REJECT Header-Spamschutzregel 1160 +/^X-RocketYMMF: webluck1847@att.net/ REJECT Header-Spamschutzregel 1159 +/^Subject: offizielle sieger/ REJECT Header-Spamschutzregel 1158 +/^From: *@verifiedbyvisa.fr*/ REJECT Header-Spamschutzregel 1157 +/^Replay-To: *@verifiedbyvisa.fr/ REJECT Header-Spamschutzregel 1156 +/^Replay-To: *girl@mailisfree.com/ REJECT Header-Spamschutzregel 1155 +/^Subject: vous devez reglez votre compte free.fr/ REJECT Header-Spamschutzregel 1154 /^Message-ID: *mscreator[0-9][0-9].fagms.de/ REJECT Header-Spamschutzregel 1153 /^Subject: gelegenheit zur webverbesserung/ REJECT Header-Spamschutzregel 1052 /^Subject: Achtung! Ihr paypal-Konto wurde begrenzt!/ REJECT Header-Spamschutzregel 1051 diff --git a/postfix/header_checks.2012-04-04_15:52:11 b/postfix/header_checks.2012-04-04_15:52:11 new file mode 100644 index 0000000..97fb06f --- /dev/null +++ b/postfix/header_checks.2012-04-04_15:52:11 @@ -0,0 +1,373 @@ +# Version 3.70 / 25.09.2011 +# +# Das Postfix-Buch - Sichere Mailserver mit Linux +# http://www.postfixbuch.de - Peer Heinlein +# +# Heinlein Professional Linux Support GmbH +# http://www.heinlein-support.de +# +# Downloadquelle dieser Datei: http://www.postfixbuch.de/web/service/checks/ +# +# +# Verwendung der Filtersammlung auf eigene Gefahr. +# +# Es handelt sich dabei um einen tagesaktuellen Auszug der beim +# ISP "JPBerlin.de" genutzten Filterregeln. Bitte pruefen Sie vor einem +# Einsatz bei Ihnen ganz genau, ob diese Regeln noch aktuell und sinnvoll +# sind und ob Sie sie einsetzen moechten! +# +# +# Setzen Sie in /etc/postfix/main.cf einfach +# +# header_checks = pcre:/etc/postfix/header_checks oder +# oder +# header_checks = regexp:/etc/postfix/header_checks +# +# und fuehren Sie "rcpostfix reload" aus. +# +# Tipp: pcre ist ein Drittel schneller als regexp! +# +# + +# +# Die Nummern hinter dem REJECT tauchen spaeter iM SMTP-Error oder im Log +# auf, um die Filter-Regel wiederzufinden, die den Block ausgeloest hat. +# Es kann stattdessen auch einfacher Text benutzt werden. +# + + +# +# +# Besondere Regelungen ausserhalb unseres Spamschutzes +# =============================================== +# + +# Filtert Amavis-Einträge +/^Received: from localhost/ IGNORE + +# +# Domeus hat bis heute nicht den Unterschied zwischen Mailheader-To und +# SMTP-Envelope-To verstanden und fabriziert seit nunmehr über sieben Jahren in +# schöner Regelmäßigkeit Mailschleifen im vier/fünfstelligen Bereich. +# +# /^Received:.*domeus\.com/ REJECT Domeus baut Mailschleifen und hat wichtige RFCs nicht verstanden + +/X-policyd-weight:.*to=dresden@listen.attac.de/ IGNORE + +# +# +# Tagesaktuelle, nur voruebergehende Regelungen: +# =============================================== +# [Immer mit Timestamp (!) und ggf. Ticket-Nummer eintragen!] +# +/^Received: from 62.56.132.7.satcom-systems.net/ REJECT Header-Spamschutzregel TMP-1 + +# 20110630 - HPLS-Ticket#: 2011063010000278 +/^Received: from dsl88-247-23947.ttnet.net.tr/ REJECT Header-Spamschutzregel TMP-2 + +# 20110925 - u.A. HPLS-Ticket#: 2011092510000102 +/^Subject: *pdf ist Ihre Gewinnchancen Informationen*/ REJECT Header-Spamschutzregel TMP-3 + +# +# +# Dauerhaft genutzte Regelungen: +# =============================================== +# [Immer mit aufsteiger Nummer sauber eintragen!] +# +# +/^Message-ID: *mscreator[0-9][0-9].fagms.de/ REJECT Header-Spamschutzregel 1153 +/^Subject: gelegenheit zur webverbesserung/ REJECT Header-Spamschutzregel 1052 +/^Subject: Achtung! Ihr paypal-Konto wurde begrenzt!/ REJECT Header-Spamschutzregel 1051 +/^X-PHP-Script: campnetworking.ca\/images\/susscesful_soties\/nfoscomm.php*/ REJECT Header-Spamschutzregel 1050 +/^Subject:.*zusammenarbeit zur webverbesserung/ REJECT Header-Spamschutzregel 1049 +/^X-PHP-Script: biditsaleit.com\/dz\/mailer.php*/ REJECT Header-Spamschutzregel 1048 +/^Subject:.*from GMC manufacturer/ REJECT Header-Spamschutzregel 1047 +/^Return-Path: *ventouxl@ns[0-9]{3}.medialook.net/ REJECT Header-Spamschutzregel 1046 +/^From :.*Topillen Apotheke / REJECT Header-Spamschutzregel 1145 +/^Subject: Top Apotheke/ REJECT Header-Spamschutzregel 1144 +/^message-ID: *phx.gbl/ REJECT Header-Spamschutzregel 1143 +/^List-Unsubscribe: *e-mailing.pymac.fr\/[a-z]\/[a-z]\/[0-9]{4}\/[0-9]{6}/ REJECT Header-Spamschutzregel 1142 +/^Return-Path: *@oanm[0-9]{2}.com/ REJECT Header-Spamschutzregel 1141 +/^Subject: lighting products from GMC manufacturer/ REJECT Header-Spamschutzregel 1140 +/^Subject: OFFIZIELLE GEWINNBENACHRITIGUNG/ REJECT Header-Spamschutzregel 1139 +/^Subject: God bless you as you get back to me/ REJECT Header-Spamschutzregel 1038 +/^List-Unsubribe: *tk3.sbc01.com\/sy\/*/ REJECT Header-Spamschutzregel 1037 +/^List-Unsubscribe: *tk3.sbc01.com\/sy\/*/ REJECT Header-Spamschutzregel 1037 +/^Message-ID: *[0-9]{8}-[0-9]{8}-[0-9a-z]{3}-0@S102*/ REJECT Header-Spamschutzregel 1036 +/^Subject: *YOUR EMAIL HAS WON YOU GBP*/ REJECT Header-Spamschutzregel 1035 +/^From: *ventouxl@ns[0-9]?[0-9].medialook.net/ REJECT Header-Spamschutzregel 1034 +/^From: *gestioncreditexpert_[0-9]{4}@gce-mailer-[0-9]{2}.com/ REJECT Header-Spamschutzregel 1033 +/^From:.*erosvision.com/ REJECT Header-Spamschutzregel 1032 +/^From:*@payapl.fr/ REJECT Header-Spamschutzregel 1031 +# 20110706 - HPLS-Ticket#: 2011070610000053 +/^X-PHP-Script: mars.rapidvps.com\/~emoosite\/tmp\/install_4b10cb87da737\/languages\/site\/husa.php*/ REJECT Header-Spamschutzregel 1030 +/^Thread-Index: *Acvd0cAG8IQaasqAcNaztWODnM30ZA/ REJECT Header-Spamschutzregel 1029 +/^Subject: aktualisieren Sie Ihre Bankdaten/ REJECT Header-Spamschutzregel 1028 +/^Subject: Erfahrungsbericht Bernd Matthes/ REJECT Header-Spamschutzregel 1027 +/^Subject:.*IP PBX/i REJECT Header-Spamschutzregel 1026 +/^From:.*Nicoll Christopher John/ REJECT Header-Spamschutzregel 1025 +/^From:.*SHELL PETROLEUM/ REJECT Header-Spamschutzregel 1024 +/^From:.*Versicherungs Dienst/ REJECT Header-Spamschutzregel 1023 +/^From:.*soft-cd.com/ REJECT Header-Spamschutzregel 1022 +/^From: "Oxford Business News" <info@oxford-bn.org>/ REJECT Header-Spamschutzregel 1021 +/^Subject: =?iso-8859-1?Q?Leider_st=F6?= =?iso-8859-1?Q?ren_Sie.?=/ REJECT Header-Spamschutzregel 1020 +/^From:.*Elena.*@eposta.ru/ REJECT Header-Spamschutzregel 1019 +/^Subject:.*Results 2008 !/ REJECT Header-Spamschutzregel 1018 +/^From: Sponsor Lotto/ REJECT Header-Spamschutzregel 1017 +/^From:.*nodiet@web.de/ REJECT Header-Spamschutzregel 1016 +/^From:.*edirects.com/ REJECT Header-Spamschutzregel 1015 +/^Subject:.*WINNING NOTIFICATION!!!/ REJECT Header-Spamschutzregel 1014 +/^Subject:.*Wir wissen was Frauen wollern/ REJECT Header-Spamschutzregel 1013 +/^From:.*newscd\.org/ REJECT Header-Spamschutzregel 1012 +/^From:.*mms-und-sms-gutschein.com/ REJECT Header-Spamschutzregel 1011 +/^Subject:.*CONFIRM YOUR WINNING/ REJECT Header-Spamschutzregel 1010 +/^Subject:.*Gratisaktion - Du wurdest ausgewaehlt unseren neuen SMS/ REJECT Header-Spamschutzregel 1009 +/^From:.*Seitensprung/ REJECT Header-Spamschutzregel 1008 +/^Received:.*germans-mailc.com/ REJECT Header-Spamschutzregel 1007: Lisa-Schindler-Spam +/^Received:.*stienitzsee.info/ REJECT Header-Spamschutzregel 1006 +/^Subject: Bonus 555eu/ REJECT Header-Spamschutzregel 1005 +/^Subject: *(ATTN|TO) *:.*SALES? *MANAGER/i REJECT Header-Spamschutzregel 1004 +/^Subject:.*Take this postcard now!/ REJECT Header-Spamschutzregel 1003 +/^Subject:.*FUXIN/ REJECT Header-Spamschutzregel 1002 +/^From:.*marion.backera/ REJECT Header-Spamschutzregel 1001 +/^Subject:.*kein spam. aber eine Antwort auf ihre Fragen/ REJECT Header-Spamschutzregel 1000 + + + + +# Nazi-Spam-Welle mit Hetze + +######################################## +if /^Subject:/i + +/^Subject: 4,8 Mill\. Osteuropaeer durch Fischer-Volmer Erlass/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Auf Streife durch den Berliner Wedding/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Auslaender bevorzugt/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Auslaenderpolitik/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Deutsche werden kuenftig beim Arzt abgezockt/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Du wirst zum Sklaven gemacht\!\!\!/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Graeberschaendung auf bundesdeutsche Anordnung/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Hier sind wir Lehrer die einzigen Auslaender/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Paranoider Deutschenmoerder kommt in Psychiatrie/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Tuerkei in die EU/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject: Verbrechen der deutschen Frau/ REJECT Header-Spamschutzregel Nazi Spam +/^Subject:.*Skandal in Berlin/ REJECT Header-Spamschutzregel JPBERLIN-14 +/^Subject:.*Auslaendergewalt: Herr Rau, wo waren Sie?/ REJECT Header-Spamschutzregel JPBERLIN-15 +/^Subject:.*Bankrott des Gesundheitswesens durch Auslaender!/ REJECT Header-Spamschutzregel JPBERLIN-16 +/^Subject:.*Wer an ein Tabu ruehrt, muss und darf vernichtet werden/ REJECT Header-Spamschutzregel JPBERLIN-17 +/^Subject:.*EU Beitritt der Tuerkei/ REJECT Header-Spamschutzregel JPBERLIN-18 +/^Subject:.*Bin ich zu weltfremd.*Ich glaube wohl kaum/ REJECT Header-Spamschutzregel JPBERLIN-19 +/^Subject:.*Die Deform der sozialen Ordnung/ REJECT Header-Spamschutzregel JPBERLIN-20 +/^Subject:.*Moschee-Bau in Deutschland/ REJECT Header-Spamschutzregel JPBERLIN-21 +/^Subject:.*Augen auf.*So sieht es aus/ REJECT Header-Spamschutzregel JPBERLIN-22 +/^Subject:.*Paradies Bundesrepublik - Rente fuer die Welt/ REJECT Header-Spamschutzregel JPBERLIN-23 +/^Subject:.*Libanesen in Berlin/ REJECT Header-Spamschutzregel JPBERLIN-24 +/^Subject:.*Garather klagen ueber eskalierende Gewalt im Stadtteil!/ REJECT Header-Spamschutzregel JPBERLIN-24 +/^Subject:.*Auslaender erschleichen sich zunehmend Sozialleistungen/ REJECT Header-Spamschutzregel JPBERLIN-25 +/^Subject:.*Auslaenderkriminalitaet steigt weiter!/ REJECT Header-Spamschutzregel JPBERLIN-26 +/^Subject:.*Das kann unmoeglich sein -Leserbrief/ REJECT Header-Spamschutzregel JPBERLIN-27 +/^Subject:.*Nein zum Zuwanderungsgesetz !/ REJECT Header-Spamschutzregel JPBERLIN-28 +/^Subject:.*Skandalurteil in Darmstadt/ REJECT Header-Spamschutzregel JPBERLIN-29 +/^Subject:.*Auf Kosten der deutschen Beitragszahler und Rentner!/ REJECT Header-Spamschutzregel JPBERLIN-30 +/^Subject:.*Wir haben die Auslaender doch geholt/ REJECT Header-Spamschutzregel JPBERLIN-31 +/^Subject:.*TUERKEN-TERROR AM HIMMELFAHRTSTAG/ REJECT Header-Spamschutzregel JPBERLIN-32 +/^Subject:.*MULTI-KULTI-BANDE TYRANNISIERTE MITSCHUELER/ REJECT Header-Spamschutzregel JPBERLIN-33 +/^Subject:.*ASYLANTEN BEGRABSCHTEN DEUTSCHES MAEDCHEN/ REJECT Header-Spamschutzregel JPBERLIN-34 +/^Subject:.*Was Deutschland braucht, sind deutsche Kinder!/ REJECT Header-Spamschutzregel JPBERLIN-35 +/^Subject:.*Diplomatische Zensur/ REJECT Header-Spamschutzregel JPBERLIN-36 +/^Subject:.*EU gibt Erwerbslosen volle Freizuegigkeit/ REJECT Header-Spamschutzregel JPBERLIN-37 +/^Subject:.*Richter unterstuetzt kriminelle Auslaenderin/ REJECT Header-Spamschutzregel JPBERLIN-38 +/^Subject:.*Auslaenderanteile in Schweizer Gefaengnissen/ REJECT Header-Spamschutzregel JPBERLIN-39 +/^Subject:.*Augen auf! (So sieht es aus!)/ REJECT Header-Spamschutzregel JPBERLIN-40 +/^Subject:.*Neue Voelkerwanderung droht!/ REJECT Header-Spamschutzregel JPBERLIN-41 +/^Subject:.*Client TOS Notification/ REJECT Header-Spamschutzregel JPBERLIN-50 +/^Subject:.* CIALIS / REJECT Header-Spamschutzregel JPBERLIN-51: Cialis-Keyword +/^Subject:.*Postbank Sicherheitsaktualisierung/ REJECT Header-Spamschutzregel JPBERLIN-52 +/^Subject:.*Sicherheitsaktualisierung/ REJECT Header-Spamschutzregel JPBERLIN-53 +/^Subject:.*Deutsche-bank Sicherheitsaktualisierung/ REJECT Header-Spamschutzregel JPBERLIN-54 +/^Subject:.*internet.*pharmacy/ REJECT Header-Spamschutzregel JPBERLIN-55 +/^Subject:.*Affordable Premade Logos/ REJECT Header-Spamschutzregel JPBERLIN-56 +/^Subject:.*Best prices.*on the net/ REJECT Header-Spamschutzregel JPBERLIN-57 +/^Subject:.*V.?i.?a.?g.?r.?a/ REJECT Header-Spamschutzregel JPBERLIN-58: Viagra-Keyword +/^Subject:.*X.?a.?n.?a.?x/ REJECT Header-Spamschutzregel JPBERLIN-59: Xanax-Keyword +/^Subject:.*Phentermine/ REJECT Header-Spamschutzregel JPBERLIN-60 +/^Subject:.*Die Sahne tropft heraus/ REJECT Header-Spamschutzregel JPBERLIN-61 +/^Subject:.* Rolex / REJECT Header-Spamschutzregel JPBERLIN-62 +/^Subject:.*Rechnung Online Monat November 2004/ REJECT Header-Spamschutzregel JPBERLIN-63 Trojaner-Alarm +/^Subject:.*Replica Watch Models/ REJECT Header-Spamschutzregel JPBERLIN-64 +/^Subject:.*Sehr geehrter Postbankkunde/ REJECT Header-Spamschutzregel JPBERLIN-65 +/^Subject:.*AIR ANTALYA/ REJECT Header-Spamschutzregel JPBERLIN-66 +/^Subject:.*Search engines - submit/ REJECT Header-Spamschutzregel JPBERLIN-12 +/^Subject:.*Search engine traffic/ REJECT Header-Spamschutzregel JPBERLIN-13 +/^Subject: More efficient than via-gra/ REJECT Header-Spamschutzregel 22 +/^Subject: Mailadresse unbekannt/ REJECT Header-Spamschutzregel 27 +/^Subject:.*SARS: Viet Nam removed from list of affected countries.*/ REJECT Header-Spamschutzregel 29 +/^Subject:.*Wichtig !!! Die Telefonnummer die du haben wolltest/ REJECT Header-Spamschutzregel 31 +/^Subject:.*Weihnachtsbaeume ab EURO.*/ REJECT Header-Spamschutzregel 32 +/^Subject:.*Neue Version zum downloaden.*/ REJECT Header-Spamschutzregel 33 +/^Subject:.*Frants for.*/ REJECT Header-Spamschutzregel 34 +/^Subject:.*FREEE.*/ REJECT Header-Spamschutzregel 35 +/^Subject:.*Webdesign leicht gemacht.*/ REJECT Header-Spamschutzregel 36 +/^Subject:.*Check this Message Board Out.*/ REJECT Header-Spamschutzregel 37 +/^Subject: SAVE GERMANY VOTE STOIBER.*/ REJECT Header-Spamschutzregel 38 + +Endif +#################################### + + + +#/^Return-Path: <MAILER-DAEMON>/ REJECT Header-Spamschutzregel 20 +/^Received:.*luftmensch.com/ REJECT Header-Spamschutzregel 28 +/^Delivered-To:.*jo@pcj.mlbc.test/ REJECT Header-Spamschutzregel +/From:.*Mandy Tweed/ REJECT Header-Spamschutzregel 39 +/Received: from privat .*.aol.com/ REJECT Header-Spamschutzregel 40 +/Received:.*tpg_exsrvr.thepowellgroup.com/ REJECT Header-Spamschutzregel 41 +/Received: from mx?.eudoramail.com/ REJECT Header-Spamschutzregel 42 +/Flashmail\.com/ REJECT Header-Spamschutzregel 44 + + + +# +# Checks gesammelt aus dem Netz von +# http://www.hispalinux.es/~data/postfix/ +# + +###################################### +If /^Subject:/i + +/^Subject: FW: Warm this world by truely Love$/ REJECT Header-Spamschutzregel 51 +/^Subject:.*Fwd:Peace BeTweeN AmeriCa and IsLaM!/ REJECT Header-Spamschutzregel 58 +/^Subject: ILOVEYOU/ REJECT Header-Spamschutzregel 60 +# Regel 61 rausgenommen -- zu allgemein. 20080128 / phei +#/^Subject: (Re: )*Important Message From/ REJECT Header-Spamschutzregel 61 +/^Subject: (Re: )*BubbleBoy is back!/ REJECT Header-Spamschutzregel 62 +/^Subject: Accept Credit Cards/ REJECT Header-Spamschutzregel 63 +/^Subject: How Soon Are You Going To Retire\?/ REJECT Header-Spamschutzregel 64 +/^Subject: \[ADV:/ REJECT Header-Spamschutzregel 65 +/^Subject: ADV:/ REJECT Header-Spamschutzregel 66 +/^Subject: Snowhite and the Seven Dwarfs - The REAL story!/ REJECT Header-Spamschutzregel 67 +/^Subject: Are you losing sleep over debt\?/ REJECT Header-Spamschutzregel 68 +/^Subject: a stock that makes money/ REJECT Header-Spamschutzregel 69 +/^Subject: high earnings may soar/ REJECT Header-Spamschutzregel 70 +/^Subject: See the VIDEO Britney/ REJECT Header-Spamschutzregel 71 +/^Subject: FW: VIDEOS OF BRITNEY/ REJECT Header-Spamschutzregel 72 +/^Subject: STOLEN HARDCORE VIDEO/ REJECT Header-Spamschutzregel 73 +/^Subject: NEW CASH PROGRAM/ REJECT Header-Spamschutzregel 74 +/^Subject: Hot Celebs 100% Exposed!/ REJECT Header-Spamschutzregel 75 +/^Subject: Make It Happen/ REJECT Header-Spamschutzregel 76 +/^Subject: If you need extra money...read this!/ REJECT Header-Spamschutzregel 77 +/^Subject: Recieve A Free Quote/ REJECT Header-Spamschutzregel 78 +/^Subject: We Have Low Mortgage Rates!!!/ REJECT Header-Spamschutzregel 79 +/^Subject: Re: travel confirmation/ REJECT Header-Spamschutzregel 80 +/^Subject: Receive a FREE SAMPLE of Viagra for Women/ REJECT Header-Spamschutzregel 81 +/^Subject: DOUBLE YOUR BREAST SIZE! GUARANTEED/ REJECT Header-Spamschutzregel 82 +/^Subject: Ground Breaking Business "Starts Today"/ REJECT Header-Spamschutzregel 83 +/^Subject: AS SEEN ON T\.V/ REJECT Header-Spamschutzregel 84 +/^Subject: 99 Million Email Addresses - \$99/ REJECT Header-Spamschutzregel 85 +/^Subject: 50 Million Fresh Email Addresses/ REJECT Header-Spamschutzregel 87 +/^Subject: 200 Million Email Addresses - \$149/ REJECT Header-Spamschutzregel 88 +/^Subject: Get Viagra Online Now !!!/ REJECT Header-Spamschutzregel 89 +/^Subject: Boost Your Windows Reliability/ REJECT Header-Spamschutzregel 90 +/^Subject: I know what you've been doing/ REJECT Header-Spamschutzregel 91 +/^Subject: Hot Penny Stock Pick/ REJECT Header-Spamschutzregel 92 +/^Subject: Need a great deal on a home loan\?/ REJECT Header-Spamschutzregel 93 +/^Subject: I used to be in debt too!/ REJECT Header-Spamschutzregel 94 +/^Subject: Work less, make more/ REJECT Header-Spamschutzregel 95 +/^Subject: Drive Your Web Counter Ballistic/ REJECT Header-Spamschutzregel 96 +/^Subject: Re: have you considered doing this\?/ REJECT Header-Spamschutzregel 97 +/^Subject: Work from home and get paid!/ REJECT Header-Spamschutzregel 98 +/^Subject: Enter To Win One of 25 Dream Vacations!!/ REJECT Header-Spamschutzregel 99 +/^Subject: Do You Accept Credit Cards/ REJECT Header-Spamschutzregel 100 +/^Subject: Home Owners ONLY/ REJECT Header-Spamschutzregel 101 +/^Subject: Your Credit Info/ REJECT Header-Spamschutzregel 102 +/^Subject: Do you owe money\?/ REJECT Header-Spamschutzregel 103 +/^Subject: Need a Home Loan? We Can Help!!/ REJECT Header-Spamschutzregel 104 +/^Subject: stock alert/ REJECT Header-Spamschutzregel 105 +/^Subject: contact lenses/ REJECT Header-Spamschutzregel 106 +/^Subject: ENLARGE YOUR PACAKGE GUARANTEED/ REJECT Header-Spamschutzregel 107 +/^Subject: ENLARGE YOUR PACKAGE GUARANTEED/ REJECT Header-Spamschutzregel 108 +/^Subject: We purchase uncollected Judicial Judgments/ REJECT Header-Spamschutzregel 109 +/^Subject: Increase Your Gas Mileage by up to 27%!/ REJECT Header-Spamschutzregel 112 +/^Subject: Willow Flower Herb For Prostate Problems\./ REJECT Header-Spamschutzregel 113 +/^Subject: NEW Increase Your Gas Mileage by 27%/ REJECT Header-Spamschutzregel 114 +/^Subject: The easiest way to make money on the internet!/ REJECT Header-Spamschutzregel 115 +/^Subject: Re: think about this\.\.\./ REJECT Header-Spamschutzregel 116 +/^Subject: think about this\.\.\./ REJECT Header-Spamschutzregel 117 +/^Subject: At Last, Herbal V, the All Natural Alternative!/ REJECT Header-Spamschutzregel 119 +/^Subject: Make Money In Your Sleep! / REJECT Header-Spamschutzregel 120 +/^Subject: FREE Satellite TV System/ REJECT Header-Spamschutzregel 122 +/^Subject: About your site/ REJECT Header-Spamschutzregel 124 +/^Subject: No Deposit VISA or Master Card!/ REJECT Header-Spamschutzregel 126 +/^Subject: FREE Auto Insurance Quote!/ REJECT Header-Spamschutzregel 127 +/^Subject: Need money for college\?/ REJECT Header-Spamschutzregel 131 +/^Subject:(\s+\[[^]]*\])?\s+[-\.{<]*ADV(ertisement)?[-:\.>}\s]/ REJECT Header-Spamschutzregel 153 +#/^Subject:.*\s+ADV$/ REJECT Header-Spamschutzregel 154 +/^Subject: I viewed your site-/ REJECT Header-Spamschutzregel 155 +/^Subject:.*Millions?\s*(E?-?MAIL\s*)?ADDRESS/ REJECT Header-Spamschutzregel 156 +/^Subject:.*(are you (being investigated|in need of a lifestyle)|Free 1 Ounce Silver Coin|All foreign residents. Check out this offer|CAN YOU ADVERTISE TO OVER 20 MILLION E-MAIL ADDRESSES\??|DSL - FREE DSL Modem! FREE Install! NO Contract!|We want to give you a Brand New FREE Motorola Pager|FREE Motorola Pager|Cellphone Signal Booster|You('| ha)?ve qualified for)/ REJECT Header-Spamschutzregel 157 +# /^Subject:.*[ ._]{5,}[^0 ._]\d+$/ REJECT Header-Spamschutzregel 160 +# /^Subject:.*[ ._]{5,}\[[^ ]+\]$/ REJECT Header-Spamschutzregel 161 +/^Subject:.*\sTime[: ]+\d+:\d+:\d+ [AP]M\s*$/i REJECT Header-Spamschutzregel 162 +/^Subject: Snowhite and the Seven Dwarfs - The REAL story!/ REJECT Header-Spamschutzregel 177 +/^Subject: new photos from my party!/ REJECT Header-Spamschutzregel 180 +#/^Subject:.*=\?(euc-kr|ks_c_5601-1987)\?/ REJECT Header-Spamschutzregel 200 +/^Subject: Liebe freunde, es tropft wieder/ REJECT Header-Spamschutzregel 201 +/^Subject: The best gift a wife or girlfriend could ever ask for/ REJECT Header-Spamschutzregel 202 +/^Subject: Increase your drive, stamina, size and performance.. reach your potential!/ REJECT Header-Spamschutzregel 203 +/^Subject: Discover your true sexual potential/ REJECT Header-Spamschutzregel 204 +/^Subject: .*you could need it Pharamaceu tical/ REJECT Header-Spamschutzregel 205 +/^Subject: Nearly 65% of women claim they wish their lover was more adept.. let us help/ REJECT Header-Spamschutzregel 206 +/^Subject: Increased spending on homeland security has created incredible opportunity/ REJECT Header-Spamschutzregel 207 +/^Subject: The security explosion/ REJECT Header-Spamschutzregel 208 +/^Subject: Ermittlungsverfahren gegen Sie.*/ REJECT Header-Spamschutzregel 210 +/^Subject: Bekommen Sie Uhren.*/ REJECT Header-Spamschutzregel 211 +Endif +################################################# + + +/^To: <ABALTAS@europarl.eu.int>/ REJECT Header-Spamschutzregel 53 +/^To: ACERCAS@europarl.eu.int/ REJECT Header-Spamschutzregel 54 +/^To: infomail@recurrent.com/ REJECT Header-Spamschutzregel 57 +/^X-Spanska:/ REJECT Header-Spamschutzregel 59 +/^From steve-larson1@execs.com/ REJECT Header-Spamschutzregel 110 +/^From @execs.com*/ REJECT Header-Spamschutzregel 111 +/^From: enews@uscav.com/ REJECT Header-Spamschutzregel 118 +/weatherbug\.com/ REJECT Header-Spamschutzregel 123 +/virtumundo\.com/ REJECT Header-Spamschutzregel 125 +/thesexymessage\.com/ REJECT Header-Spamschutzregel 128 +/insideporn\.net/ REJECT Header-Spamschutzregel 129 +/shoplet\.com/ REJECT Header-Spamschutzregel 132 +/real-net\.net/ REJECT Header-Spamschutzregel 133 +/bizinfo/ REJECT Header-Spamschutzregel 134 +/servicenetbest\.com/ REJECT Header-Spamschutzregel 135 +/petter_zhang/ REJECT Header-Spamschutzregel 137 +/^(To|From|Cc|Reply-To):.*Investor Alert/ REJECT Header-Spamschutzregel 142 +/^(To|From|Cc|Reply-To):.*friend@(public.com|localhost.net)/ REJECT Header-Spamschutzregel 143 +/^(To|From|Cc|Reply-To):.*[ <]\d+@(onramp|prodigy|uu)\.net/ REJECT Header-Spamschutzregel 145 +/^(To|From|Cc|Reply-To):.*@funstuff2000.net/ REJECT Header-Spamschutzregel 146 +/^(To|From|Cc|Reply-To):.*(infowatch\.net|nakedmail\d?\.com)/ REJECT Header-Spamschutzregel 147 +/^(To|From|Cc|Reply-To):.*customer@aol/ REJECT Header-Spamschutzregel 148 +/^To: ListMembers@theneteffect/ REJECT Header-Spamschutzregel 149 +/^Reply-To:.*@(china\.com|rever-dreaming\.com|btamail\.net\.cn|amdpress\.com|nakedmail\d?\.com|big-salesfor\.you-now\.net)/ REJECT Header-Spamschutzregel 150 + +# X-Bulkmail rausgenommen, da dies von UCI-Kinowelt benutzt wird :-( +#/^X-(Advertisement|\d|UltraMail|Bulkmail): / REJECT Header-Spamschutzregel 166 +/^X-(Advertisement|\d|UltraMail): / REJECT Header-Spamschutzregel 166 + +/^(Received|Message-Id|X-(Mailer|Sender)):.*\b(E-Broadcaster|Emailer Platinum|eMarksman|Extractor|e-Merge|from stealth[^.]|Global Messenger|GroupMaster|Mailcast|MailKing|Match10|MassE-Mail|massmail\.pl|News Breaker|Powermailer|Quick Shot|Ready Aim Fire|WindoZ|WorldMerge|Yourdora)\b/ REJECT Header-Spamschutzregel 167 +/^X-Mailer:.*\b(Aristotle|Avalanche|Blaster|Bomber|DejaVu|eMerge|Extractor|UltraMail|Sonic|Floodgate|GeoList|Mach10|MegaPro|Aureate|MultiMailer|Bluecom|Achi-Kochi Mail|Direct Email|Andrew's SuperCool Blastoise|MailerGear|Advanced Mass Sender|SpireMail|MailWorkZ|UltimDBMail|Mabry)\b/ REJECT Header-Spamschutzregel 168 +/^X-EM-(Version|Registration):/ WARN TEST DER X-EM-Header +/^X-AD2000-(Serial|Register):/ REJECT Header-Spamschutzregel 170 +/^X-Server: Advanced Direct Remailer/ REJECT Header-Spamschutzregel 171 +# spamware mistake. real header is "Comments:" +/^Comment: Authenticated sender is/ REJECT Header-Spamschutzregel 174 +# viruses +/^(To|From|Cc|Reply-To):.*@sexyfun.net/ REJECT Header-Spamschutzregel 178 +/^Content-Disposition: Multipart message/i REJECT Header-Spamschutzregel 179 +# sendmail Received: header overflow +/^Received:.*\.{50,}/ REJECT Header-Spamschutzregel 183 +# Date headers do not end in AM or PM. +/^Date:.* [AP]M/i REJECT Header-Spamschutzregel 193 +# invalid timezone in Date header +/^Date:.*[+-](1[4-9]|2\d)\d\d$/ REJECT Header-Spamschutzregel 195 +/^From:.*icyhot.bakas24.de/ REJECT Header-Spamschutzregel 209 diff --git a/postfix/main.cf b/postfix/main.cf index 1c439b9..6bac0c9 100644 --- a/postfix/main.cf +++ b/postfix/main.cf @@ -41,7 +41,7 @@ command_directory = /usr/sbin # daemon programs (i.e. programs listed in the master.cf file). This # directory must be owned by root. # -daemon_directory = //usr/lib64/postfix +daemon_directory = /usr/lib64/postfix # The data_directory parameter specifies the location of Postfix-writable # data files (caches, random numbers). This directory must be owned @@ -637,7 +637,7 @@ setgid_group = postdrop # html_directory: The location of the Postfix HTML documentation. # -html_directory = /usr/share/doc/postfix-2.8.7/html +html_directory = /usr/share/doc/postfix-2.8.9/html # manpage_directory: The location of the Postfix on-line manual pages. # @@ -650,7 +650,7 @@ sample_directory = /etc/postfix # readme_directory: The location of the Postfix README files. # -readme_directory = /usr/share/doc/postfix-2.8.7/readme +readme_directory = /usr/share/doc/postfix-2.8.9/readme home_mailbox = .maildir/ #alias_maps = mysql:/etc/postfix/mysql-aliases.cf alias_maps = hash:/etc/postfix/maps/aliases @@ -672,7 +672,7 @@ message_size_limit = 51200000 mydestination = $myhostname, $mydomain, hash:/etc/postfix/maps/mydomains mydomain = brehm-online.com myhostname = helga.brehm-online.com -mynetworks = 127.0.0.0/8 85.214.134.152/32 [::1]/128 [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]/128 +mynetworks = 127.0.0.0/8 85.214.134.152/32 85.214.109.1/32 [::1]/128 [2a01:238:4225:6e00:8f8c:808a:7fb8:88df]/128 mynetworks_style = host myorigin = $mydomain #recipient_bcc_maps = mysql:/etc/postfix/mysql-recipient_bcc.cf diff --git a/postfix/master.cf.orig b/postfix/master.cf.orig deleted file mode 100644 index ec30d4a..0000000 --- a/postfix/master.cf.orig +++ /dev/null @@ -1,115 +0,0 @@ -# -# Postfix master process configuration file. For details on the format -# of the file, see the master(5) manual page (command: "man 5 master"). -# -# Do not forget to execute "postfix reload" after editing this file. -# -# ========================================================================== -# service type private unpriv chroot wakeup maxproc command + args -# (yes) (yes) (yes) (never) (100) -# ========================================================================== -smtp inet n - n - - smtpd -#submission inet n - n - - smtpd -# -o smtpd_tls_security_level=encrypt -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING -#smtps inet n - n - - smtpd -# -o smtpd_tls_wrappermode=yes -# -o smtpd_sasl_auth_enable=yes -# -o smtpd_client_restrictions=permit_sasl_authenticated,reject -# -o milter_macro_daemon_name=ORIGINATING -#628 inet n - n - - qmqpd -pickup fifo n - n 60 1 pickup -cleanup unix n - n - 0 cleanup -qmgr fifo n - n 300 1 qmgr -#qmgr fifo n - n 300 1 oqmgr -tlsmgr unix - - n 1000? 1 tlsmgr -rewrite unix - - n - - trivial-rewrite -bounce unix - - n - 0 bounce -defer unix - - n - 0 bounce -trace unix - - n - 0 bounce -verify unix - - n - 1 verify -flush unix n - n 1000? 0 flush -proxymap unix - - n - - proxymap -proxywrite unix - - n - 1 proxymap -smtp unix - - n - - smtp -# When relaying mail as backup MX, disable fallback_relay to avoid MX loops -relay unix - - n - - smtp - -o smtp_fallback_relay= -# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 -showq unix n - n - - showq -error unix - - n - - error -retry unix - - n - - error -discard unix - - n - - discard -local unix - n n - - local -virtual unix - n n - - virtual -lmtp unix - - n - - lmtp -anvil unix - - n - 1 anvil -scache unix - - n - 1 scache -# -# ==================================================================== -# Interfaces to non-Postfix software. Be sure to examine the manual -# pages of the non-Postfix software to find out what options it wants. -# -# Many of the following services use the Postfix pipe(8) delivery -# agent. See the pipe(8) man page for information about ${recipient} -# and other message envelope options. -# ==================================================================== -# -# maildrop. See the Postfix MAILDROP_README file for details. -# Also specify in main.cf: maildrop_destination_recipient_limit=1 -# -#maildrop unix - n n - - pipe -# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} -# -# ==================================================================== -# -# Recent Cyrus versions can use the existing "lmtp" master.cf entry. -# -# Specify in cyrus.conf: -# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 -# -# Specify in main.cf one or more of the following: -# mailbox_transport = lmtp:inet:localhost -# virtual_transport = lmtp:inet:localhost -# -# ==================================================================== -# -# Cyrus 2.1.5 (Amos Gouaux) -# Also specify in main.cf: cyrus_destination_recipient_limit=1 -# -#cyrus unix - n n - - pipe -# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} -# -# ==================================================================== -# -# Old example of delivery via Cyrus. -# -#old-cyrus unix - n n - - pipe -# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} -# -# ==================================================================== -# -# See the Postfix UUCP_README file for configuration details. -# -#uucp unix - n n - - pipe -# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) -# -# ==================================================================== -# -# Other external delivery methods. -# -#ifmail unix - n n - - pipe -# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) -# -#bsmtp unix - n n - - pipe -# flags=Fq. user=bsmtp argv=/usr/sbin/bsmtp -f $sender $nexthop $recipient -# -#scalemail-backend unix - n n - 2 pipe -# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store -# ${nexthop} ${user} ${extension} -# -#mailman unix - n n - - pipe -# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py -# ${nexthop} ${user} diff --git a/postfix/orig/main.cf b/postfix/orig/main.cf new file mode 100644 index 0000000..8526cf2 --- /dev/null +++ b/postfix/orig/main.cf @@ -0,0 +1,652 @@ +# Global Postfix configuration file. This file lists only a subset +# of all parameters. For the syntax, and for a complete parameter +# list, see the postconf(5) manual page (command: "man 5 postconf"). +# +# For common configuration examples, see BASIC_CONFIGURATION_README +# and STANDARD_CONFIGURATION_README. To find these documents, use +# the command "postconf html_directory readme_directory", or go to +# http://www.postfix.org/. +# +# For best results, change no more than 2-3 parameters at a time, +# and test if Postfix still works after every change. + +# SOFT BOUNCE +# +# The soft_bounce parameter provides a limited safety net for +# testing. When soft_bounce is enabled, mail will remain queued that +# would otherwise bounce. This parameter disables locally-generated +# bounces, and prevents the SMTP server from rejecting mail permanently +# (by changing 5xx replies into 4xx replies). However, soft_bounce +# is no cure for address rewriting mistakes or mail routing mistakes. +# +#soft_bounce = no + +# LOCAL PATHNAME INFORMATION +# +# The queue_directory specifies the location of the Postfix queue. +# This is also the root directory of Postfix daemons that run chrooted. +# See the files in examples/chroot-setup for setting up Postfix chroot +# environments on different UNIX systems. +# +queue_directory = /var/spool/postfix + +# The command_directory parameter specifies the location of all +# postXXX commands. +# +command_directory = /usr/sbin + +# The daemon_directory parameter specifies the location of all Postfix +# daemon programs (i.e. programs listed in the master.cf file). This +# directory must be owned by root. +# +daemon_directory = /usr/lib64/postfix + +# The data_directory parameter specifies the location of Postfix-writable +# data files (caches, random numbers). This directory must be owned +# by the mail_owner account (see below). +# +data_directory = /var/lib/postfix + +# QUEUE AND PROCESS OWNERSHIP +# +# The mail_owner parameter specifies the owner of the Postfix queue +# and of most Postfix daemon processes. Specify the name of a user +# account THAT DOES NOT SHARE ITS USER OR GROUP ID WITH OTHER ACCOUNTS +# AND THAT OWNS NO OTHER FILES OR PROCESSES ON THE SYSTEM. In +# particular, don't specify nobody or daemon. PLEASE USE A DEDICATED +# USER. +# +mail_owner = postfix + +# The default_privs parameter specifies the default rights used by +# the local delivery agent for delivery to external file or command. +# These rights are used in the absence of a recipient user context. +# DO NOT SPECIFY A PRIVILEGED USER OR THE POSTFIX OWNER. +# +#default_privs = nobody + +# INTERNET HOST AND DOMAIN NAMES +# +# The myhostname parameter specifies the internet hostname of this +# mail system. The default is to use the fully-qualified domain name +# from gethostname(). $myhostname is used as a default value for many +# other configuration parameters. +# +#myhostname = host.domain.tld +#myhostname = virtual.domain.tld + +# The mydomain parameter specifies the local internet domain name. +# The default is to use $myhostname minus the first component. +# $mydomain is used as a default value for many other configuration +# parameters. +# +#mydomain = domain.tld + +# SENDING MAIL +# +# The myorigin parameter specifies the domain that locally-posted +# mail appears to come from. The default is to append $myhostname, +# which is fine for small sites. If you run a domain with multiple +# machines, you should (1) change this to $mydomain and (2) set up +# a domain-wide alias database that aliases each user to +# user@that.users.mailhost. +# +# For the sake of consistency between sender and recipient addresses, +# myorigin also specifies the default domain name that is appended +# to recipient addresses that have no @domain part. +# +#myorigin = $myhostname +#myorigin = $mydomain + +# RECEIVING MAIL + +# The inet_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on. By default, +# the software claims all active interfaces on the machine. The +# parameter also controls delivery of mail to user@[ip.address]. +# +# See also the proxy_interfaces parameter, for network addresses that +# are forwarded to us via a proxy or network address translator. +# +# Note: you need to stop/start Postfix when this parameter changes. +# +#inet_interfaces = all +#inet_interfaces = $myhostname +#inet_interfaces = $myhostname, localhost + +# The proxy_interfaces parameter specifies the network interface +# addresses that this mail system receives mail on by way of a +# proxy or network address translation unit. This setting extends +# the address list specified with the inet_interfaces parameter. +# +# You must specify your proxy/NAT addresses when your system is a +# backup MX host for other domains, otherwise mail delivery loops +# will happen when the primary MX host is down. +# +#proxy_interfaces = +#proxy_interfaces = 1.2.3.4 + +# The mydestination parameter specifies the list of domains that this +# machine considers itself the final destination for. +# +# These domains are routed to the delivery agent specified with the +# local_transport parameter setting. By default, that is the UNIX +# compatible delivery agent that lookups all recipients in /etc/passwd +# and /etc/aliases or their equivalent. +# +# The default is $myhostname + localhost.$mydomain. On a mail domain +# gateway, you should also include $mydomain. +# +# Do not specify the names of virtual domains - those domains are +# specified elsewhere (see VIRTUAL_README). +# +# Do not specify the names of domains that this machine is backup MX +# host for. Specify those names via the relay_domains settings for +# the SMTP server, or use permit_mx_backup if you are lazy (see +# STANDARD_CONFIGURATION_README). +# +# The local machine is always the final destination for mail addressed +# to user@[the.net.work.address] of an interface that the mail system +# receives mail on (see the inet_interfaces parameter). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS". +# +#mydestination = $myhostname, localhost.$mydomain, localhost +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain +#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, +# mail.$mydomain, www.$mydomain, ftp.$mydomain + +# REJECTING MAIL FOR UNKNOWN LOCAL USERS +# +# The local_recipient_maps parameter specifies optional lookup tables +# with all names or addresses of users that are local with respect +# to $mydestination, $inet_interfaces or $proxy_interfaces. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown local users. This parameter is defined by default. +# +# To turn off local recipient checking in the SMTP server, specify +# local_recipient_maps = (i.e. empty). +# +# The default setting assumes that you use the default Postfix local +# delivery agent for local delivery. You need to update the +# local_recipient_maps setting if: +# +# - You define $mydestination domain recipients in files other than +# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files. +# For example, you define $mydestination domain recipients in +# the $virtual_mailbox_maps files. +# +# - You redefine the local delivery agent in master.cf. +# +# - You redefine the "local_transport" setting in main.cf. +# +# - You use the "luser_relay", "mailbox_transport", or "fallback_transport" +# feature of the Postfix local delivery agent (see local(8)). +# +# Details are described in the LOCAL_RECIPIENT_README file. +# +# Beware: if the Postfix SMTP server runs chrooted, you probably have +# to access the passwd file via the proxymap service, in order to +# overcome chroot restrictions. The alternative, having a copy of +# the system passwd file in the chroot jail is just not practical. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify a bare username, an @domain.tld +# wild-card, or specify a user@domain.tld address. +# +#local_recipient_maps = unix:passwd.byname $alias_maps +#local_recipient_maps = proxy:unix:passwd.byname $alias_maps +#local_recipient_maps = + +# The unknown_local_recipient_reject_code specifies the SMTP server +# response code when a recipient domain matches $mydestination or +# ${proxy,inet}_interfaces, while $local_recipient_maps is non-empty +# and the recipient address or address local-part is not found. +# +# The default setting is 550 (reject mail) but it is safer to start +# with 450 (try again later) until you are certain that your +# local_recipient_maps settings are OK. +# +unknown_local_recipient_reject_code = 550 + +# TRUST AND RELAY CONTROL + +# The mynetworks parameter specifies the list of "trusted" SMTP +# clients that have more privileges than "strangers". +# +# In particular, "trusted" SMTP clients are allowed to relay mail +# through Postfix. See the smtpd_recipient_restrictions parameter +# in postconf(5). +# +# You can specify the list of "trusted" network addresses by hand +# or you can let Postfix do it for you (which is the default). +# +# By default (mynetworks_style = subnet), Postfix "trusts" SMTP +# clients in the same IP subnetworks as the local machine. +# On Linux, this does works correctly only with interfaces specified +# with the "ifconfig" command. +# +# Specify "mynetworks_style = class" when Postfix should "trust" SMTP +# clients in the same IP class A/B/C networks as the local machine. +# Don't do this with a dialup site - it would cause Postfix to "trust" +# your entire provider's network. Instead, specify an explicit +# mynetworks list by hand, as described below. +# +# Specify "mynetworks_style = host" when Postfix should "trust" +# only the local machine. +# +#mynetworks_style = class +#mynetworks_style = subnet +#mynetworks_style = host + +# Alternatively, you can specify the mynetworks list by hand, in +# which case Postfix ignores the mynetworks_style setting. +# +# Specify an explicit list of network/netmask patterns, where the +# mask specifies the number of bits in the network part of a host +# address. +# +# You can also specify the absolute pathname of a pattern file instead +# of listing the patterns here. Specify type:table for table-based lookups +# (the value on the table right-hand side is not used). +# +#mynetworks = 168.100.189.0/28, 127.0.0.0/8 +#mynetworks = $config_directory/mynetworks +#mynetworks = hash:/etc/postfix/network_table + +# The relay_domains parameter restricts what destinations this system will +# relay mail to. See the smtpd_recipient_restrictions description in +# postconf(5) for detailed information. +# +# By default, Postfix relays mail +# - from "trusted" clients (IP address matches $mynetworks) to any destination, +# - from "untrusted" clients to destinations that match $relay_domains or +# subdomains thereof, except addresses with sender-specified routing. +# The default relay_domains value is $mydestination. +# +# In addition to the above, the Postfix SMTP server by default accepts mail +# that Postfix is final destination for: +# - destinations that match $inet_interfaces or $proxy_interfaces, +# - destinations that match $mydestination +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. +# These destinations do not need to be listed in $relay_domains. +# +# Specify a list of hosts or domains, /file/name patterns or type:name +# lookup tables, separated by commas and/or whitespace. Continue +# long lines by starting the next line with whitespace. A file name +# is replaced by its contents; a type:name table is matched when a +# (parent) domain appears as lookup key. +# +# NOTE: Postfix will not automatically forward mail for domains that +# list this system as their primary or backup MX host. See the +# permit_mx_backup restriction description in postconf(5). +# +#relay_domains = $mydestination + +# INTERNET OR INTRANET + +# The relayhost parameter specifies the default host to send mail to +# when no entry is matched in the optional transport(5) table. When +# no relayhost is given, mail is routed directly to the destination. +# +# On an intranet, specify the organizational domain name. If your +# internal DNS uses no MX records, specify the name of the intranet +# gateway host instead. +# +# In the case of SMTP, specify a domain, host, host:port, [host]:port, +# [address] or [address]:port; the form [host] turns off MX lookups. +# +# If you're connected via UUCP, see also the default_transport parameter. +# +#relayhost = $mydomain +#relayhost = [gateway.my.domain] +#relayhost = [mailserver.isp.tld] +#relayhost = uucphost +#relayhost = [an.ip.add.ress] + +# REJECTING UNKNOWN RELAY USERS +# +# The relay_recipient_maps parameter specifies optional lookup tables +# with all addresses in the domains that match $relay_domains. +# +# If this parameter is defined, then the SMTP server will reject +# mail for unknown relay users. This feature is off by default. +# +# The right-hand side of the lookup tables is conveniently ignored. +# In the left-hand side, specify an @domain.tld wild-card, or specify +# a user@domain.tld address. +# +#relay_recipient_maps = hash:/etc/postfix/relay_recipients + +# INPUT RATE CONTROL +# +# The in_flow_delay configuration parameter implements mail input +# flow control. This feature is turned on by default, although it +# still needs further development (it's disabled on SCO UNIX due +# to an SCO bug). +# +# A Postfix process will pause for $in_flow_delay seconds before +# accepting a new message, when the message arrival rate exceeds the +# message delivery rate. With the default 100 SMTP server process +# limit, this limits the mail inflow to 100 messages a second more +# than the number of messages delivered per second. +# +# Specify 0 to disable the feature. Valid delays are 0..10. +# +#in_flow_delay = 1s + +# ADDRESS REWRITING +# +# The ADDRESS_REWRITING_README document gives information about +# address masquerading or other forms of address rewriting including +# username->Firstname.Lastname mapping. + +# ADDRESS REDIRECTION (VIRTUAL DOMAIN) +# +# The VIRTUAL_README document gives information about the many forms +# of domain hosting that Postfix supports. + +# "USER HAS MOVED" BOUNCE MESSAGES +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# TRANSPORT MAP +# +# See the discussion in the ADDRESS_REWRITING_README document. + +# ALIAS DATABASE +# +# The alias_maps parameter specifies the list of alias databases used +# by the local delivery agent. The default list is system dependent. +# +# On systems with NIS, the default is to search the local alias +# database, then the NIS alias database. See aliases(5) for syntax +# details. +# +# If you change the alias database, run "postalias /etc/aliases" (or +# wherever your system stores the mail alias file), or simply run +# "newaliases" to build the necessary DBM or DB file. +# +# It will take a minute or so before changes become visible. Use +# "postfix reload" to eliminate the delay. +# +#alias_maps = dbm:/etc/aliases +#alias_maps = hash:/etc/aliases +#alias_maps = hash:/etc/aliases, nis:mail.aliases +#alias_maps = netinfo:/aliases + +# The alias_database parameter specifies the alias database(s) that +# are built with "newaliases" or "sendmail -bi". This is a separate +# configuration parameter, because alias_maps (see above) may specify +# tables that are not necessarily all under control by Postfix. +# +#alias_database = dbm:/etc/aliases +#alias_database = dbm:/etc/mail/aliases +#alias_database = hash:/etc/aliases +#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases + +# ADDRESS EXTENSIONS (e.g., user+foo) +# +# The recipient_delimiter parameter specifies the separator between +# user names and address extensions (user+foo). See canonical(5), +# local(8), relocated(5) and virtual(5) for the effects this has on +# aliases, canonical, virtual, relocated and .forward file lookups. +# Basically, the software tries user+foo and .forward+foo before +# trying user and .forward. +# +#recipient_delimiter = + + +# DELIVERY TO MAILBOX +# +# The home_mailbox parameter specifies the optional pathname of a +# mailbox file relative to a user's home directory. The default +# mailbox file is /var/spool/mail/user or /var/mail/user. Specify +# "Maildir/" for qmail-style delivery (the / is required). +# +#home_mailbox = Mailbox +#home_mailbox = Maildir/ + +# The mail_spool_directory parameter specifies the directory where +# UNIX-style mailboxes are kept. The default setting depends on the +# system type. +# +#mail_spool_directory = /var/mail +#mail_spool_directory = /var/spool/mail + +# The mailbox_command parameter specifies the optional external +# command to use instead of mailbox delivery. The command is run as +# the recipient with proper HOME, SHELL and LOGNAME environment settings. +# Exception: delivery for root is done as $default_user. +# +# Other environment variables of interest: USER (recipient username), +# EXTENSION (address extension), DOMAIN (domain part of address), +# and LOCAL (the address localpart). +# +# Unlike other Postfix configuration parameters, the mailbox_command +# parameter is not subjected to $parameter substitutions. This is to +# make it easier to specify shell syntax (see example below). +# +# Avoid shell meta characters because they will force Postfix to run +# an expensive shell process. Procmail alone is expensive enough. +# +# IF YOU USE THIS TO DELIVER MAIL SYSTEM-WIDE, YOU MUST SET UP AN +# ALIAS THAT FORWARDS MAIL FOR ROOT TO A REAL USER. +# +#mailbox_command = /some/where/procmail +#mailbox_command = /some/where/procmail -a "$EXTENSION" + +# The mailbox_transport specifies the optional transport in master.cf +# to use after processing aliases and .forward files. This parameter +# has precedence over the mailbox_command, fallback_transport and +# luser_relay parameters. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#mailbox_transport = lmtp:unix:/file/name +#mailbox_transport = cyrus + +# The fallback_transport specifies the optional transport in master.cf +# to use for recipients that are not found in the UNIX passwd database. +# This parameter has precedence over the luser_relay parameter. +# +# Specify a string of the form transport:nexthop, where transport is +# the name of a mail delivery transport defined in master.cf. The +# :nexthop part is optional. For more details see the sample transport +# configuration file. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must update the "local_recipient_maps" setting in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#fallback_transport = lmtp:unix:/file/name +#fallback_transport = cyrus +#fallback_transport = + +# The luser_relay parameter specifies an optional destination address +# for unknown recipients. By default, mail for unknown@$mydestination, +# unknown@[$inet_interfaces] or unknown@[$proxy_interfaces] is returned +# as undeliverable. +# +# The following expansions are done on luser_relay: $user (recipient +# username), $shell (recipient shell), $home (recipient home directory), +# $recipient (full recipient address), $extension (recipient address +# extension), $domain (recipient domain), $local (entire recipient +# localpart), $recipient_delimiter. Specify ${name?value} or +# ${name:value} to expand value only when $name does (does not) exist. +# +# luser_relay works only for the default Postfix local delivery agent. +# +# NOTE: if you use this feature for accounts not in the UNIX password +# file, then you must specify "local_recipient_maps =" (i.e. empty) in +# the main.cf file, otherwise the SMTP server will reject mail for +# non-UNIX accounts with "User unknown in local recipient table". +# +#luser_relay = $user@other.host +#luser_relay = $local@other.host +#luser_relay = admin+$local + +# JUNK MAIL CONTROLS +# +# The controls listed here are only a very small subset. The file +# SMTPD_ACCESS_README provides an overview. + +# The header_checks parameter specifies an optional table with patterns +# that each logical message header is matched against, including +# headers that span multiple physical lines. +# +# By default, these patterns also apply to MIME headers and to the +# headers of attached messages. With older Postfix versions, MIME and +# attached message headers were treated as body text. +# +# For details, see "man header_checks". +# +#header_checks = regexp:/etc/postfix/header_checks + +# FAST ETRN SERVICE +# +# Postfix maintains per-destination logfiles with information about +# deferred mail, so that mail can be flushed quickly with the SMTP +# "ETRN domain.tld" command, or by executing "sendmail -qRdomain.tld". +# See the ETRN_README document for a detailed description. +# +# The fast_flush_domains parameter controls what destinations are +# eligible for this service. By default, they are all domains that +# this server is willing to relay mail to. +# +#fast_flush_domains = $relay_domains + +# SHOW SOFTWARE VERSION OR NOT +# +# The smtpd_banner parameter specifies the text that follows the 220 +# code in the SMTP server's greeting banner. Some people like to see +# the mail version advertised. By default, Postfix shows no version. +# +# You MUST specify $myhostname at the start of the text. That is an +# RFC requirement. Postfix itself does not care. +# +#smtpd_banner = $myhostname ESMTP $mail_name +#smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) + +# PARALLEL DELIVERY TO THE SAME DESTINATION +# +# How many parallel deliveries to the same user or domain? With local +# delivery, it does not make sense to do massively parallel delivery +# to the same user, because mailbox updates must happen sequentially, +# and expensive pipelines in .forward files can cause disasters when +# too many are run at the same time. With SMTP deliveries, 10 +# simultaneous connections to the same domain could be sufficient to +# raise eyebrows. +# +# Each message delivery transport has its XXX_destination_concurrency_limit +# parameter. The default is $default_destination_concurrency_limit for +# most delivery transports. For the local delivery agent the default is 2. + +#local_destination_concurrency_limit = 2 +#default_destination_concurrency_limit = 20 + +# DEBUGGING CONTROL +# +# The debug_peer_level parameter specifies the increment in verbose +# logging level when an SMTP client or server host name or address +# matches a pattern in the debug_peer_list parameter. +# +debug_peer_level = 2 + +# The debug_peer_list parameter specifies an optional list of domain +# or network patterns, /file/name patterns or type:name tables. When +# an SMTP client or server host name or address matches a pattern, +# increase the verbose logging level by the amount specified in the +# debug_peer_level parameter. +# +#debug_peer_list = 127.0.0.1 +#debug_peer_list = some.domain + +# The debugger_command specifies the external command that is executed +# when a Postfix daemon program is run with the -D option. +# +# Use "command .. & sleep 5" so that the debugger can attach before +# the process marches on. If you use an X-based debugger, be sure to +# set up your XAUTHORITY environment variable before starting Postfix. +# +debugger_command = + PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin + ddd $daemon_directory/$process_name $process_id & sleep 5 + +# If you can't use X, use this to capture the call stack when a +# daemon crashes. The result is in a file in the configuration +# directory, and is named after the process name and the process ID. +# +# debugger_command = +# PATH=/bin:/usr/bin:/usr/local/bin; export PATH; (echo cont; +# echo where) | gdb $daemon_directory/$process_name $process_id 2>&1 +# >$config_directory/$process_name.$process_id.log & sleep 5 +# +# Another possibility is to run gdb under a detached screen session. +# To attach to the screen sesssion, su root and run "screen -r +# <id_string>" where <id_string> uniquely matches one of the detached +# sessions (from "screen -list"). +# +# debugger_command = +# PATH=/bin:/usr/bin:/sbin:/usr/sbin; export PATH; screen +# -dmS $process_name gdb $daemon_directory/$process_name +# $process_id & sleep 1 + +# INSTALL-TIME CONFIGURATION INFORMATION +# +# The following parameters are used when installing a new Postfix version. +# +# sendmail_path: The full pathname of the Postfix sendmail command. +# This is the Sendmail-compatible mail posting interface. +# +sendmail_path = /usr/sbin/sendmail + +# newaliases_path: The full pathname of the Postfix newaliases command. +# This is the Sendmail-compatible command to build alias databases. +# +newaliases_path = /usr/bin/newaliases + +# mailq_path: The full pathname of the Postfix mailq command. This +# is the Sendmail-compatible mail queue listing command. +# +mailq_path = /usr/bin/mailq + +# setgid_group: The group for mail submission and queue management +# commands. This must be a group name with a numerical group ID that +# is not shared with other accounts, not even with the Postfix account. +# +setgid_group = postdrop + +# html_directory: The location of the Postfix HTML documentation. +# +html_directory = /usr/share/doc/postfix-2.8.9/html + +# manpage_directory: The location of the Postfix on-line manual pages. +# +manpage_directory = /usr/share/man + +# sample_directory: The location of the Postfix sample configuration files. +# This parameter is obsolete as of Postfix 2.1. +# +sample_directory = /etc/postfix + +# readme_directory: The location of the Postfix README files. +# +readme_directory = /usr/share/doc/postfix-2.8.9/readme +home_mailbox = .maildir/ diff --git a/postfix/orig/master.cf b/postfix/orig/master.cf new file mode 100644 index 0000000..be33f75 --- /dev/null +++ b/postfix/orig/master.cf @@ -0,0 +1,119 @@ +# +# Postfix master process configuration file. For details on the format +# of the file, see the master(5) manual page (command: "man 5 master"). +# +# Do not forget to execute "postfix reload" after editing this file. +# +# ========================================================================== +# service type private unpriv chroot wakeup maxproc command + args +# (yes) (yes) (yes) (never) (100) +# ========================================================================== +smtp inet n - n - - smtpd +#smtp inet n - n - 1 postscreen +#smtpd pass - - n - - smtpd +#dnsblog unix - - n - 0 dnsblog +#tlsproxy unix - - n - 0 tlsproxy +#submission inet n - n - - smtpd +# -o smtpd_tls_security_level=encrypt +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#smtps inet n - n - - smtpd +# -o smtpd_tls_wrappermode=yes +# -o smtpd_sasl_auth_enable=yes +# -o smtpd_client_restrictions=permit_sasl_authenticated,reject +# -o milter_macro_daemon_name=ORIGINATING +#628 inet n - n - - qmqpd +pickup fifo n - n 60 1 pickup +cleanup unix n - n - 0 cleanup +qmgr fifo n - n 300 1 qmgr +#qmgr fifo n - n 300 1 oqmgr +tlsmgr unix - - n 1000? 1 tlsmgr +rewrite unix - - n - - trivial-rewrite +bounce unix - - n - 0 bounce +defer unix - - n - 0 bounce +trace unix - - n - 0 bounce +verify unix - - n - 1 verify +flush unix n - n 1000? 0 flush +proxymap unix - - n - - proxymap +proxywrite unix - - n - 1 proxymap +smtp unix - - n - - smtp +# When relaying mail as backup MX, disable fallback_relay to avoid MX loops +relay unix - - n - - smtp + -o smtp_fallback_relay= +# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 +showq unix n - n - - showq +error unix - - n - - error +retry unix - - n - - error +discard unix - - n - - discard +local unix - n n - - local +virtual unix - n n - - virtual +lmtp unix - - n - - lmtp +anvil unix - - n - 1 anvil +scache unix - - n - 1 scache +# +# ==================================================================== +# Interfaces to non-Postfix software. Be sure to examine the manual +# pages of the non-Postfix software to find out what options it wants. +# +# Many of the following services use the Postfix pipe(8) delivery +# agent. See the pipe(8) man page for information about ${recipient} +# and other message envelope options. +# ==================================================================== +# +# maildrop. See the Postfix MAILDROP_README file for details. +# Also specify in main.cf: maildrop_destination_recipient_limit=1 +# +#maildrop unix - n n - - pipe +# flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient} +# +# ==================================================================== +# +# Recent Cyrus versions can use the existing "lmtp" master.cf entry. +# +# Specify in cyrus.conf: +# lmtp cmd="lmtpd -a" listen="localhost:lmtp" proto=tcp4 +# +# Specify in main.cf one or more of the following: +# mailbox_transport = lmtp:inet:localhost +# virtual_transport = lmtp:inet:localhost +# +# ==================================================================== +# +# Cyrus 2.1.5 (Amos Gouaux) +# Also specify in main.cf: cyrus_destination_recipient_limit=1 +# +#cyrus unix - n n - - pipe +# user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} +# +# ==================================================================== +# +# Old example of delivery via Cyrus. +# +#old-cyrus unix - n n - - pipe +# flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user} +# +# ==================================================================== +# +# See the Postfix UUCP_README file for configuration details. +# +#uucp unix - n n - - pipe +# flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) +# +# ==================================================================== +# +# Other external delivery methods. +# +#ifmail unix - n n - - pipe +# flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) +# +#bsmtp unix - n n - - pipe +# flags=Fq. user=bsmtp argv=/usr/sbin/bsmtp -f $sender $nexthop $recipient +# +#scalemail-backend unix - n n - 2 pipe +# flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store +# ${nexthop} ${user} ${extension} +# +#mailman unix - n n - - pipe +# flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py +# ${nexthop} ${user} diff --git a/profile b/profile index 3565bab..1d63095 100644 --- a/profile +++ b/profile @@ -54,10 +54,11 @@ else # Setup a bland default prompt. Since this prompt should be useable # on color and non-color terminals, as well as shells that don't # understand sequences such as \h, don't put anything special in it. - PS1="${USER:-$(type whoami >/dev/null && whoami)}@$(type uname >/dev/null && uname -n) \$ " + PS1="${USER:-$(whoami 2>/dev/null)}@$(uname -n 2>/dev/null) \$ " fi for sh in /etc/profile.d/*.sh ; do + #echo "Sourcing $sh ..." [ -r "$sh" ] && . "$sh" done unset sh diff --git a/profile.env b/profile.env index ec254af..69ab729 100644 --- a/profile.env +++ b/profile.env @@ -10,15 +10,14 @@ export GDK_USE_XFT='1' export GSETTINGS_BACKEND='gconf' export GUILE_LOAD_PATH='/usr/share/guile/1.8' export HG='/usr/bin/hg' -export INFOPATH='/usr/share/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/info:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info' +export INFOPATH='/usr/share/info:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/info' export LESS='-R -M --shift 5' export LESSOPEN='|lesspipe %s' -export MANPATH='/usr/local/share/man:/usr/share/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/man:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man:/etc/java-config/system-vm/man/:/usr/lib64/php5.3/man/:/opt/cuda/man' +export MANPATH='/usr/local/share/man:/usr/share/man:/usr/share/gcc-data/x86_64-pc-linux-gnu/4.5.3/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.21.1/man:/etc/java-config/system-vm/man/:/usr/lib64/php5.3/man/:/usr/share/postgresql/man/:/usr/share/postgresql-9.1/man/' export PAGER='/usr/bin/less' -export PATH='/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin:/opt/cuda/bin' -export PYTHONDOCS='/usr/share/doc/python-docs-2.7.1/html/library' +export PATH='/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin' export PYTHONDOCS_2_7='/usr/share/doc/python-docs-2.7.2/html/library' export PYTHONDOCS_3_2='/usr/share/doc/python-docs-3.2.2/html/library' -export ROOTPATH='/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin:/opt/cuda/bin' +export ROOTPATH='/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.5.3:/usr/lib64/subversion/bin' export XDG_CONFIG_DIRS='/etc/xdg' export XDG_DATA_DIRS='/usr/local/share:/usr/share' diff --git a/quotagrpadmins b/quotagrpadmins deleted file mode 100644 index a1f2f46..0000000 --- a/quotagrpadmins +++ /dev/null @@ -1,8 +0,0 @@ -# -# This is a sample groupadmins file (/etc/quotagrpadmins) -# -# Comments begin with hash in the beginning of the line - -# In this file you specify users responsible for space used by the group -users: root -mygroup: chief diff --git a/quotatab b/quotatab deleted file mode 100644 index 0ba9957..0000000 --- a/quotatab +++ /dev/null @@ -1,9 +0,0 @@ -# -# This is sample quotatab (/etc/quotatab) -# Here you can specify description of each device for user -# -# Comments begin with hash in the beginning of the line - -# Example of description -/dev/loop0: This is loopback device -/dev/hda4: Your home directory diff --git a/reoback/.rcs/files.conf,v b/reoback/.rcs/files.conf,v deleted file mode 100644 index ef4fbf9..0000000 --- a/reoback/.rcs/files.conf,v +++ /dev/null @@ -1,189 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.09.58; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.19.01.53; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@############################################################################ -# REOBack - files.conf -# $Id: files.conf,v 1.2 2010/08/05 10:51:53 root Exp $ -############################################################################ -# -# REOBack Simple Backup Solution -# http://sourceforge.net/projects/reoback/ -# -# Copyright (c) 2001 Randy Oyarzabal (techno91@@users.sourceforge.net) -# -# Other developers and contributors: -# Richard Griswold -# Nate Steffenhagen (frankspikoli@@users.sourceforge.net) -############################################################################ -# -# This is a list of random files or directories that need to be -# archived as one big tar file. These files will also be selectively -# picked depending on a FULL or incremental backup. - -# Comments must start with a "#" as shown -############################################################################ - -# The following is an example with comments, below it is again without - -# 'File:' followed by the name of the tar file that will be created -# Note that we don't include a path as that is added in the settings.conf -#File: TestFile1 - -# Simply list all directories to be recursively backed up (1 per line) -#/home/sforge - -# 'Skip:' followed by any subdirectories you want not to be included -# from the above backup directory -#Skip: /home/sforge/backups -#Skip: /home/sforge/reoback/data - -# Note: You can use Perl regular expressions (wild cards) for Skip: For -# example, to skip all files and directories in your home directory that -# start with a dot, you can use: -# -# Skip: /home/myself/\..* -# -# Wondering what '\..*' does? The leading backslash, '/', tells REOBack -# (actually Perl) to treat the next dot, '.', as a literal dot. The -# third dot tells Perl to match any character, and the asterisk, '*', -# tells Perl to perform the match zero or more times. - -# For files to be completely recursively backed up, don't use the 'Skip' -# option. Simple, huh? -#/etc -#/home/frank - -# Note we are starting a new backup file, but don't need to mark the close -# of the previous one -#File: TestFile2 -#/var/www/html - -# Note we can also include seperate files, not just directories -#/var/www/docs/hugedoc.txt - -# Now, here is the full contents without the comments - -#File: TestFile1 -#/home/sforge -#Skip: /home/sforge/backups -#Skip: /home/sforge/reoback/data -#/etc -#/home/frank - -#File: TestFile2 -#/var/www/html -#/var/www/docs/hugedoc.txt - -# That's it, no need to mark the close of the file either. -# Be sure to remove, or comment out all these sample lines before running - -#---------- -File: Etc -/etc - -#---------- -File: Bind -/var/bind - -#---------- -File: IpTables -/var/lib/ip6tables -/var/lib/iptables - -#---------- -File: OpenLdap -/var/lib/openldap-data -/var/lib/openldap-data-empty.tgz -/var/lib/openldap-data-initial.tgz - -#---------- -File: Portage -/var/lib/portage - -#---------- -File: Root -/root -Skip: /root/tmp - -#---------- -File: SvnPriv -/var/lib/svn-repos-priv - -#---------- -File: SvnPub -/var/lib/svn-repos - -#---------- -File: VarLog -/var/log -@ - - -1.1 -log -@Initial revision -@ -text -@d3 1 -a3 1 -# $Id: files.conf,v 1.9 2002/03/23 15:24:35 techno91 Exp $ -d27 1 -a27 1 -File: TestFile1 -d30 1 -a30 1 -/home/sforge -d34 2 -a35 2 -Skip: /home/sforge/backups -Skip: /home/sforge/reoback/data -d50 2 -a51 2 -/etc -/home/frank -d55 2 -a56 2 -File: TestFile2 -/var/www/html -d59 1 -a59 1 -/var/www/docs/hugedoc.txt -d63 10 -a72 10 -File: TestFile1 -/home/sforge -Skip: /home/sforge/backups -Skip: /home/sforge/reoback/data -/etc -/home/frank - -File: TestFile2 -/var/www/html -/var/www/docs/hugedoc.txt -d76 40 -@ diff --git a/reoback/.rcs/settings.conf,v b/reoback/.rcs/settings.conf,v deleted file mode 100644 index de3ec7c..0000000 --- a/reoback/.rcs/settings.conf,v +++ /dev/null @@ -1,135 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2010.12.02.12.09.58; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.12.01.19.01.53; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@############################################################################ -# REOBack - settings.conf -# $Id: settings.conf,v 1.1 2010/08/05 10:28:25 root Exp $ -############################################################################ -# -# REOBack Simple Backup Solution -# http://sourceforge.net/projects/reoback/ -# -# Copyright (c) 2001 Randy Oyarzabal (techno91@@users.sourceforge.net) -# -# Other developers and contributors: -# Richard Griswold -# Nate Steffenhagen (frankspikoli@@users.sourceforge.net) -# -############################################################################ -# -# This is the configuration file for REOBack. Note that the default -# configuration file is "settings.cfg". However, you can create your own -# configuration file and pass it as a parameter to the backup program. -# i.e. "./reoback.pl <configfile>" - -# Used only as an identifier for this backup. Normally the hostname. -host = Helga - -# This is the number of days you want to keep backups. Note that the -# actual number of archives kept is "backupdays" times 2. That way, when -# it comes time for auto deletion, you always have a history of -# "backupdays" worth of information. -backupdays = 7 - -# Definitions of files/directories to backup. See README for format of -# this file. -files = /etc/reoback/files.conf - -# Directory to store temporary files generated by REOBack. -tmpdir = /var/lib/reoback/tmp/ - -# Directory to store data files generated by REOBack. Files created -# here are files used to keep track of FULL/INCREMENTAL backups. -datadir = /var/lib/reoback/data/ - -# Location of where to keep local backups. Also use as a temporary -# storage of archives for transfer. Keep trailing slash! -#localbackup = /var/lib/reoback/backups/ -localbackup = /var/backup/reoback/ - -# 1 = Keep local backups, 0 = Do not keep local backups -keeplocalcopy = 1 - -# 1 = Transfer to remote location, 0 = Do not transfer -remotebackup = 1 - -# Type of remote backup. FTP or NFS -rbackuptype = FTP - -# Only needed if above is set to NFS. Keep trailing slash! -localmount = /mnt/server/ - -# Required if "remotebackup" is set. -remotehost = backup.serverkompetenz.de - -# Path to keep backups on remote host. Keep trailing slash! -remotepath = /reoback/ - -####################################################### -# REQUIRED IF TYPE OR REMOTE BACKUP IS FTP. -####### - -# Remote user on remote host. -ftpuser = b082473 - -# Password for remote user. -ftppasswd = 53rVer -###################################################### -@ - - -1.1 -log -@Initial revision -@ -text -@d3 1 -a3 1 -# $Id: settings.conf,v 1.8 2002/03/23 21:49:50 techno91 Exp $ -d23 1 -a23 1 -host = UNKNOWN -d44 2 -a45 1 -localbackup = /var/lib/reoback/backups/ -d51 1 -a51 1 -remotebackup = 0 -d60 1 -a60 1 -remotehost = HOSTNAMEHERE -d63 1 -a63 1 -remotepath = /path here/ -d70 1 -a70 1 -ftpuser = userhere -d73 1 -a73 1 -ftppasswd = passwordhere -@ diff --git a/reoback/files.conf.orig b/reoback/files.conf.orig new file mode 100644 index 0000000..584c701 --- /dev/null +++ b/reoback/files.conf.orig @@ -0,0 +1,75 @@ +############################################################################ +# REOBack - files.conf +# $Id: files.conf,v 1.9 2002/03/23 15:24:35 techno91 Exp $ +############################################################################ +# +# REOBack Simple Backup Solution +# http://sourceforge.net/projects/reoback/ +# +# Copyright (c) 2001 Randy Oyarzabal (techno91@users.sourceforge.net) +# +# Other developers and contributors: +# Richard Griswold +# Nate Steffenhagen (frankspikoli@users.sourceforge.net) +############################################################################ +# +# This is a list of random files or directories that need to be +# archived as one big tar file. These files will also be selectively +# picked depending on a FULL or incremental backup. + +# Comments must start with a "#" as shown +############################################################################ + +# The following is an example with comments, below it is again without + +# 'File:' followed by the name of the tar file that will be created +# Note that we don't include a path as that is added in the settings.conf +File: TestFile1 + +# Simply list all directories to be recursively backed up (1 per line) +/home/sforge + +# 'Skip:' followed by any subdirectories you want not to be included +# from the above backup directory +Skip: /home/sforge/backups +Skip: /home/sforge/reoback/data + +# Note: You can use Perl regular expressions (wild cards) for Skip: For +# example, to skip all files and directories in your home directory that +# start with a dot, you can use: +# +# Skip: /home/myself/\..* +# +# Wondering what '\..*' does? The leading backslash, '/', tells REOBack +# (actually Perl) to treat the next dot, '.', as a literal dot. The +# third dot tells Perl to match any character, and the asterisk, '*', +# tells Perl to perform the match zero or more times. + +# For files to be completely recursively backed up, don't use the 'Skip' +# option. Simple, huh? +/etc +/home/frank + +# Note we are starting a new backup file, but don't need to mark the close +# of the previous one +File: TestFile2 +/var/www/html + +# Note we can also include seperate files, not just directories +/var/www/docs/hugedoc.txt + +# Now, here is the full contents without the comments + +File: TestFile1 +/home/sforge +Skip: /home/sforge/backups +Skip: /home/sforge/reoback/data +/etc +/home/frank + +File: TestFile2 +/var/www/html +/var/www/docs/hugedoc.txt + +# That's it, no need to mark the close of the file either. +# Be sure to remove, or comment out all these sample lines before running diff --git a/reoback/settings.conf.orig b/reoback/settings.conf.orig new file mode 100644 index 0000000..20bb246 --- /dev/null +++ b/reoback/settings.conf.orig @@ -0,0 +1,73 @@ +############################################################################ +# REOBack - settings.conf +# $Id: settings.conf,v 1.8 2002/03/23 21:49:50 techno91 Exp $ +############################################################################ +# +# REOBack Simple Backup Solution +# http://sourceforge.net/projects/reoback/ +# +# Copyright (c) 2001 Randy Oyarzabal (techno91@users.sourceforge.net) +# +# Other developers and contributors: +# Richard Griswold +# Nate Steffenhagen (frankspikoli@users.sourceforge.net) +# +############################################################################ +# +# This is the configuration file for REOBack. Note that the default +# configuration file is "settings.cfg". However, you can create your own +# configuration file and pass it as a parameter to the backup program. +# i.e. "./reoback.pl <configfile>" + +# Used only as an identifier for this backup. Normally the hostname. +host = UNKNOWN + +# This is the number of days you want to keep backups. Note that the +# actual number of archives kept is "backupdays" times 2. That way, when +# it comes time for auto deletion, you always have a history of +# "backupdays" worth of information. +backupdays = 7 + +# Definitions of files/directories to backup. See README for format of +# this file. +files = /etc/reoback/files.conf + +# Directory to store temporary files generated by REOBack. +tmpdir = /var/lib/reoback/tmp/ + +# Directory to store data files generated by REOBack. Files created +# here are files used to keep track of FULL/INCREMENTAL backups. +datadir = /var/lib/reoback/data/ + +# Location of where to keep local backups. Also use as a temporary +# storage of archives for transfer. Keep trailing slash! +localbackup = /var/lib/reoback/backups/ + +# 1 = Keep local backups, 0 = Do not keep local backups +keeplocalcopy = 1 + +# 1 = Transfer to remote location, 0 = Do not transfer +remotebackup = 0 + +# Type of remote backup. FTP or NFS +rbackuptype = FTP + +# Only needed if above is set to NFS. Keep trailing slash! +localmount = /mnt/server/ + +# Required if "remotebackup" is set. +remotehost = HOSTNAMEHERE + +# Path to keep backups on remote host. Keep trailing slash! +remotepath = /path here/ + +####################################################### +# REQUIRED IF TYPE OR REMOTE BACKUP IS FTP. +####### + +# Remote user on remote host. +ftpuser = userhere + +# Password for remote user. +ftppasswd = passwordhere +###################################################### diff --git a/request-key.conf b/request-key.conf index e482c96..ff16a95 100644 --- a/request-key.conf +++ b/request-key.conf @@ -31,7 +31,11 @@ #OP TYPE DESCRIPTION CALLOUT INFO PROGRAM ARG1 ARG2 ARG3 ... #====== ======= =============== =============== =============================== +create dns_resolver * * /sbin/key.dns_resolver %k create user debug:* negate /bin/keyctl negate %k 30 %S +create user debug:* rejected /bin/keyctl reject %k 30 %c %S +create user debug:* expired /bin/keyctl reject %k 30 %c %S +create user debug:* revoked /bin/keyctl reject %k 30 %c %S create user debug:loop:* * |/bin/cat create user debug:* * /usr/share/keyutils/request-key-debug.sh %k %d %c %S negate * * * /bin/keyctl negate %k 30 %S diff --git a/revdep-rebuild/61-icedtea-bin-6 b/revdep-rebuild/61-icedtea-bin-6 index fc79d86..586d36f 100644 --- a/revdep-rebuild/61-icedtea-bin-6 +++ b/revdep-rebuild/61-icedtea-bin-6 @@ -1 +1 @@ -SEARCH_DIRS_MASK="/opt/icedtea-bin-6.1.11.1" +SEARCH_DIRS_MASK="/opt/icedtea-bin-6.1.11.3" diff --git a/runlevels/boot/consolefont b/runlevels/boot/consolefont deleted file mode 120000 index c76867b..0000000 --- a/runlevels/boot/consolefont +++ /dev/null @@ -1 +0,0 @@ -/etc/init.d/consolefont \ No newline at end of file diff --git a/runlevels/boot/mdraid b/runlevels/boot/mdraid new file mode 120000 index 0000000..39aac94 --- /dev/null +++ b/runlevels/boot/mdraid @@ -0,0 +1 @@ +/etc/init.d/mdraid \ No newline at end of file diff --git a/runlevels/default/apache2 b/runlevels/default/apache2 deleted file mode 120000 index 0d96476..0000000 --- a/runlevels/default/apache2 +++ /dev/null @@ -1 +0,0 @@ -/etc/init.d/apache2 \ No newline at end of file diff --git a/runlevels/default/openvpn b/runlevels/default/openvpn deleted file mode 120000 index 66b0b1a..0000000 --- a/runlevels/default/openvpn +++ /dev/null @@ -1 +0,0 @@ -/etc/init.d/openvpn \ No newline at end of file diff --git a/runlevels/default/quota b/runlevels/default/quota deleted file mode 120000 index 9fee381..0000000 --- a/runlevels/default/quota +++ /dev/null @@ -1 +0,0 @@ -/etc/init.d/quota \ No newline at end of file diff --git a/runlevels/nonetwork/local b/runlevels/nonetwork/local deleted file mode 120000 index ddda14b..0000000 --- a/runlevels/nonetwork/local +++ /dev/null @@ -1 +0,0 @@ -/etc/init.d/local \ No newline at end of file diff --git a/sasl2/.rcs/smtpd.conf,v b/sasl2/.rcs/smtpd.conf,v deleted file mode 100644 index 8cdef51..0000000 --- a/sasl2/.rcs/smtpd.conf,v +++ /dev/null @@ -1,63 +0,0 @@ -head 1.3; -access; -symbols; -locks; strict; -comment @# @; - - -1.3 -date 2011.01.31.13.00.22; author root; state Exp; -branches; -next 1.2; - -1.2 -date 2010.06.24.08.03.50; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.05.26.13.02.47; author root; state Exp; -branches; -next ; - - -desc -@Initial -@ - - -1.3 -log -@Checked in. -@ -text -@# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $ -#pwcheck_method:pam -pwcheck_method: saslauthd -mech_list: plain login -log_level: 3 -@ - - -1.2 -log -@Checked in. -@ -text -@d1 1 -a1 2 -# $Original-Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $ -# $Header: /etc/sasl2/smtpd.conf,v 1.1 2010/05/26 13:02:47 root Exp $ -@ - - -1.1 -log -@Initial revision -@ -text -@d1 6 -a6 2 -# $Header: /var/cvsroot/gentoo-x86/mail-mta/postfix/files/smtp.sasl,v 1.2 2004/07/18 03:26:56 dragonheart Exp $ -pwcheck_method:pam -@ diff --git a/sasl2/sasldb2 b/sasl2/sasldb2 index 0fcb13e..e2344da 100644 Binary files a/sasl2/sasldb2 and b/sasl2/sasldb2 differ diff --git a/sgml/catalog b/sgml/catalog index 3d89a05..19e15ce 100644 --- a/sgml/catalog +++ b/sgml/catalog @@ -1,11 +1,11 @@ CATALOG "/etc/sgml/sgml-ent.cat" CATALOG "/etc/sgml/sgml-docbook.cat" -CATALOG "/etc/sgml/xml-docbook-4.3.cat" +CATALOG "/etc/sgml/openjade-1.3.2.cat" +CATALOG "/etc/sgml/xml-docbook-4.2.cat" +CATALOG "/etc/sgml/linuxdoc.cat" CATALOG "/etc/sgml/sgml-docbook-3.0.cat" CATALOG "/etc/sgml/dsssl-docbook-stylesheets.cat" CATALOG "/etc/sgml/xml-docbook-4.1.2.cat" -CATALOG "/etc/sgml/xml-docbook-4.2.cat" +CATALOG "/etc/sgml/xml-docbook-4.3.cat" CATALOG "/etc/sgml/xml-docbook-4.4.cat" CATALOG "/etc/sgml/xml-docbook-4.5.cat" -CATALOG "/etc/sgml/openjade-1.3.2.cat" -CATALOG "/etc/sgml/linuxdoc.cat" diff --git a/sgml/sgml-docbook.cat b/sgml/sgml-docbook.cat index aacdc34..6bdf2e8 100644 --- a/sgml/sgml-docbook.cat +++ b/sgml/sgml-docbook.cat @@ -1,3 +1,3 @@ CATALOG "/etc/sgml/sgml-ent.cat" -CATALOG "/etc/sgml/dsssl-docbook-stylesheets.cat" CATALOG "/etc/sgml/openjade-1.3.2.cat" +CATALOG "/etc/sgml/dsssl-docbook-stylesheets.cat" diff --git a/shadow b/shadow index 63d8311..bb4eacc 100644 --- a/shadow +++ b/shadow @@ -1,4 +1,4 @@ -root:$6$0briKxmJ$IhtNDwr2yTK6nImlWue6P.NqFEURw9rOYmTXImRGR6EyBsls.yh.CIay2UU01fJ18NGmnNw7NkccUoVNlSgvL1:14942:0::::: +root:$6$mKNe/pgL$GyQwqpwoFWYyljDdfmmsQKwZv2nut/dPvHj6SexfB1WYQHobBIRUVz2KkgT9JrhbDGAxyPKDyp2wnKZ.hhAq10:15544:0::::: bin:*:9797:0::::: daemon:*:9797:0::::: adm:*:9797:0::::: @@ -6,23 +6,22 @@ lp:*:9797:0::::: sync:*:9797:0::::: shutdown:*:9797:0::::: halt:*:9797:0::::: -mail:*:9797:0::::: +mail:!:15544:::::: news:*:9797:0::::: uucp:*:9797:0::::: operator:*:9797:0::::: -man:*:9797:0::::: -postmaster:*:9797:0::::: -cron:!:14942:::::: +man:!:15512:::::: +postmaster:!:15544:::::: +cron:!:15544:::::: ftp:!:14944:::::: -sshd:!:14931:::::: +sshd:!:15512:::::: at:!:14942:::::: games:!:14755:0:99999:7::: -named:!:14942:::::: -mysql:!:14943:::::: -apache:!:14944:::::: -ulogd:!:14942:::::: +named:!:15544:::::: +mysql:!:15544:::::: +apache:!:15544:::::: +messagebus:!:15544:::::: tcpdump:!:14942:::::: -messagebus:!:14943:::::: nagios:!:14944:::::: teamspeak3:!:14944:::::: polw:!:14944:::::: @@ -31,14 +30,17 @@ amavis:!:14944:::::: clamav:!:14944:::::: proftpd:!:14755:0:99999:7::: rpc:!:14943:::::: -ntp:!:14942:::::: -postfix:!:14944:::::: +openvpn:!:15353:::::: +git:!:15393:::::: +ntp:!:15544:::::: +postfix:!:15544:::::: smmsp:!:14944:::::: portage:!:14944:::::: -ldap:!:14943:::::: +ldap:!:15544:::::: nobody:*:9797:0::::: taurec:$1$aIByn.zw$HuqtNPuXReU4CqFQ21D0m1:14754:0:99999:7::: morph:$1$VXZ6JKs.$5BFb1vxIPcpV8qvfGU9721:14756:0:99999:7::: +minecraft:!:15220:0:99999:7::: patrick:$6$cayHKFTo$y3plIUQem6gONYo/D.VqfmcUJRgJ08lxWKzr.Q2NYw9P6BWOGLFgNi6HyWQ8sCjR9Ky7cWvBULtyxJG4xq2Bq1:14756:0:99999:7::: vivi:$6$XgM4lbim$X2/XVS1Ymb1g0jDaoEFXaBvBRGpTFEk/PwZabvj1f2fRClMCJi4wDW1yOE2ScY6DBwmk9rHfykwI2u5WFgMe..:14756:0:99999:7::: frank:$6$DFnYHGpc$8YQInxXqQjHzWX/1m3xCeK8Myr1t4NoehN.HYeSrdVQU6IAr7BTjgn4yex.eTTSWysqnfGQxXe5yE.P4aIn8p.:14758:0:99999:7::: @@ -49,6 +51,4 @@ vmail:$1$PlXil62T$WTZDda6da9pKsgvD3S4vu.:14756:0:99999:7::: alfred:$6$7QGTopxZ$8cZaNAdFh9HPzgmo2J1klt1pXKacybRWfp3BnTY3q8ufnp8lNYFEdstvxgHD9iqSL8FpvrsGeC3V3BXhgzZO/.:14756:0:99999:7::: steffen:$6$hjuxkJql$9/ANdpksdci1A40kjix8xMXEnrhCeGlfGxHxsWHADY44Xe.NY0sahgAzIAhTtX5/gIaCoTU37z2QbHCoBPy5k0:14756:0:99999:7::: heiko:$1$OcX7G9Sq$YjjhAKtIp7UyxeZuHysq7/:14756:0:99999:7::: -minecraft:!:15220:0:99999:7::: -openvpn:!:15353:::::: -git:!:15393:::::: +ulogd:!:15545:::::: diff --git a/spamassassin b/spamassassin index 7aa4bdf..0541f5b 120000 --- a/spamassassin +++ b/spamassassin @@ -1 +1 @@ -/etc/mail/spamassassin \ No newline at end of file +mail/spamassassin \ No newline at end of file diff --git a/ssh/ssh_config b/ssh/ssh_config index 7c6e807..3974564 100644 --- a/ssh/ssh_config +++ b/ssh/ssh_config @@ -19,7 +19,7 @@ # Host * # ForwardAgent no - ForwardAgent yes +ForwardAgent yes # ForwardX11 no # RhostsRSAAuthentication no # RSAAuthentication yes diff --git a/ssh/sshd_config b/ssh/sshd_config index b106d3c..9a37794 100644 --- a/ssh/sshd_config +++ b/ssh/sshd_config @@ -99,12 +99,13 @@ # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO +#LogLevel DEBUG # Authentication: #LoginGraceTime 2m #PermitRootLogin yes -PermitRootLogin no +PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 @@ -181,6 +182,9 @@ PrintLastLog no # no default banner path #Banner none +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + # override default of no subsystems Subsystem sftp /usr/lib64/misc/sftp-server diff --git a/ssl/apache2/server.crt b/ssl/apache2/server.crt index 394b9cb..5f9c090 100644 --- a/ssl/apache2/server.crt +++ b/ssl/apache2/server.crt @@ -3,16 +3,16 @@ MIIC1TCCAj6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMCVVMx EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExGzAZ BgNVBAoTEkFwYWNoZSBIVFRQIFNlcnZlcjEiMCAGA1UECxMZRm9yIFRlc3Rpbmcg UHVycG9zZXMgT25seTEVMBMGA1UEAxMMbG9jYWxob3N0IENBMR0wGwYJKoZIhvcN -AQkBFg5yb290QGxvY2FsaG9zdDAeFw0xMDA1MjYwMjIxMjlaFw0xMjA1MjUwMjIx -MjlaMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE +AQkBFg5yb290QGxvY2FsaG9zdDAeFw0xMjA3MjMxNTQ5MDVaFw0xNDA3MjMxNTQ5 +MDVaMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE BxMNU2FudGEgQmFyYmFyYTEbMBkGA1UEChMSQXBhY2hlIEhUVFAgU2VydmVyMSIw IAYDVQQLExlGb3IgVGVzdGluZyBQdXJwb3NlcyBPbmx5MRIwEAYDVQQDEwlsb2Nh bGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MIGfMA0GCSqGSIb3 -DQEBAQUAA4GNADCBiQKBgQC+dlAC+rhVn9yXgDtS69cbVliS6wGgsEkUtJ7WRXxx -NQFIeefJ+H6752z49SLx5+6UWPYPs0/ha/KSRn+BP/rot93JO1BSlOSgwp6w9Nj9 -O0QVV5LcwrbJOSCJsjJaER9YHAffbCpBAexv0iD5wX/b1V/HrZ7nv6MBbJayCWHu -nQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJFuBY/r4J+Mva0g7fnZotW3GLGmZTqu -NVUnqTPctmYl0gjhmKExjKgYvwOcZblY7TYcgnW4YUzukWwrMgOe4uPIPmmIhmkZ -RGyb1cojRNV9oTE8VpSTndj/oq6qoyXDHfor5t4ukrbYkylekpleyw10l8LTBm+E -EYDtgPM/1kLB +DQEBAQUAA4GNADCBiQKBgQDWLZSVeCaCRJJrecGt99nVKPtZJLQAo0D/JiQ7PwO+ +6wgx8dTL6eJ1Sum6ry0iA/cLVwm2F8Qf2UGGn/TsOAAX/UwN02EJ4xtMzB8J9YGF +UWyx/uJ36ez1UA0JKBbK7NbkXAWpekt0be5O0oS30yrYKqV6FSX2uiNMG5g4d5yX +RQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAKVumP/K/0dGcfm3uj43TPXhUhN8yf5M +bqHUyQj5Gturv1kE2RviWDuSwrEyRkGSNJGfjRtqMzYgznJ90gj2sSAXoIQPONSN +tHXbHaXFZADIZxy09DT5WtAwtLTu+TNugljnsgfk0OMnn4fpejKvuYkgVK2nzcW+ +7BXbrTnfTiBF -----END CERTIFICATE----- diff --git a/ssl/apache2/server.csr b/ssl/apache2/server.csr index e52a1cc..00304b7 100644 --- a/ssl/apache2/server.csr +++ b/ssl/apache2/server.csr @@ -3,11 +3,11 @@ MIIB7zCCAVgCAQAwga4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHEw1TYW50YSBCYXJiYXJhMRswGQYDVQQKExJBcGFjaGUgSFRUUCBT ZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNV BAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8w -DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL52UAL6uFWf3JeAO1Lr1xtWWJLrAaCw -SRS0ntZFfHE1AUh558n4frvnbPj1IvHn7pRY9g+zT+Fr8pJGf4E/+ui33ck7UFKU -5KDCnrD02P07RBVXktzCtsk5IImyMloRH1gcB99sKkEB7G/SIPnBf9vVX8etnue/ -owFslrIJYe6dAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQCX36zOqG/zeCbKCcD2 -WBC5rlCXtrT/oZxs3p5divRkfWPakeHjkUFJ3B0aempUAravx+bG/mnzDGA8VFpT -Mm2I8M98eAf7QmXpsP0Y5uKF68EVjsmvF+KgNGwh8dmpqt1ZgOtm5lBIOCCjjaUI -yEuxcY+sDP8rpFxVk3U73hjYJg== +DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYtlJV4JoJEkmt5wa332dUo+1kktACj +QP8mJDs/A77rCDHx1Mvp4nVK6bqvLSID9wtXCbYXxB/ZQYaf9Ow4ABf9TA3TYQnj +G0zMHwn1gYVRbLH+4nfp7PVQDQkoFsrs1uRcBal6S3Rt7k7ShLfTKtgqpXoVJfa6 +I0wbmDh3nJdFAgMBAAGgADANBgkqhkiG9w0BAQUFAAOBgQBX6mMv16+ENHT4mNbZ +0wdYEWUOGoaUH3jxSIseM5rL2bLLahvwhfGP+0oYNCXugWEtG8fcacw4sBUgqpOU +FnB2GJEQHzm+BZQIhgIjw6t+6u4LjwyHuu/SdM6V/DFIvoZNn7c8PklCUJHIhsqZ +1RyT71kvlAse437PA9kd7CFIOg== -----END CERTIFICATE REQUEST----- diff --git a/ssl/apache2/server.key b/ssl/apache2/server.key index db17fe9..2cdc5fa 100644 --- a/ssl/apache2/server.key +++ b/ssl/apache2/server.key @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQC+dlAC+rhVn9yXgDtS69cbVliS6wGgsEkUtJ7WRXxxNQFIeefJ -+H6752z49SLx5+6UWPYPs0/ha/KSRn+BP/rot93JO1BSlOSgwp6w9Nj9O0QVV5Lc -wrbJOSCJsjJaER9YHAffbCpBAexv0iD5wX/b1V/HrZ7nv6MBbJayCWHunQIDAQAB -AoGBAIAkX86xWuYY6TRxDPjMPexhmrQ2MuEm2fR5VUh6dbBA5j0Z763+Z14K5VFW -tI0m62iZtet4S+0xUIHDtrOCFU/mYXS95ynGh4zQFWyeDv9X8s1BIvjl9mbYrWbT -eIp+uqblmgybkAPnBgJ3WRiDUpnoJaoYsncvIlEuhuOiY7ftAkEA5FRQJ/+dioSL -KMtABp69EvdOJreaVMjYkChksiXDb/tHpZRco3xu7ob+cfDyZkZ87cHDFHlfWLNO -l0z47tiO+wJBANWLNU0Mvrz5j8ba7rf3vdgVqVHeGS9COzyK4VPGKbQFVfa6MNjr -mT3SEBQFvUJGg5OLWzniwn4X2zDhsRt4JUcCQQDewUbGDwHifnbJIKlhDAKH+096 -REtDhgKJeW7rwh3OJQb8CibqtF4BRR/9h0Tk9MWyqwMn+VVE0wHMaCK/2fR7AkEA -vGihs4SeOZ+7IkmCPCDCiIe8J7Zc5Bx8pVMnscFyhBn9Gb53YLymLSxM8U2LCZGr -f5+B8tXGongr9bn7iG/9+wJAJZRTHrFhjoGq5wNFFbCjWjcD5OoeZ3tYE9dUlzBM -S42SlgBSh3896aWARUHt8VpSTnUbfpDIK34beAOrt1pxSg== +MIICXQIBAAKBgQDWLZSVeCaCRJJrecGt99nVKPtZJLQAo0D/JiQ7PwO+6wgx8dTL +6eJ1Sum6ry0iA/cLVwm2F8Qf2UGGn/TsOAAX/UwN02EJ4xtMzB8J9YGFUWyx/uJ3 +6ez1UA0JKBbK7NbkXAWpekt0be5O0oS30yrYKqV6FSX2uiNMG5g4d5yXRQIDAQAB +AoGBAI6F2Fk6kg2fyfuhE0RMKXXShqgEZ5ABEzB21idiwIBccKCjt6JWKi85QZ3M +EnGPR+cQ7VJyMD2tWhBXAynp/gzACOAIhNhvpM4i82Z4b8H9XT/WYRvmiOw2WM/M +1H4XwyRowumtl5PUKgC/t3X9MYOSrxmZPGt5zNZa6S2MjiSFAkEA/cLz00Dj72FB +KVm0C9xTxB7ngNBL6AVe98yLNNFzZwoE80IAGw1nvZimk3kJTJw4OcjtyehUjNED +pY51GYknKwJBANgRPXKUwfPQOVF2E0hJh5/MkN46o3o1Al1FTHk2bS0GlJb7wOV3 +Ukq2eRHx0GRiayfsve3oCadLP/HwzQZ8A08CQQDH3OEvVJ9xrXal+8nLwaeUAwcw +tF3kiz5mCwrk+cZbtE97zFLK+77mXDFuW1kQpsW99Vwbt0nIcuLdZRsjlptrAkBI +m2qBwZl3nCZWyI3sQcFQosaf1yauX3fe7fWn2fFQKyDtp8YHllRSBQWkURVNVoFZ +1kVw2AO+cxwW6muLXUsjAkAmX9wEinLq6CKdHeVhFvZbiC4bgEdgSFxyV1aRSUfa +R3YdHVk2HWmi51q3e8Wlk7QAFIzhz4nsqcd2O6ufbw44 -----END RSA PRIVATE KEY----- diff --git a/ssl/apache2/server.pem b/ssl/apache2/server.pem index 24daebd..6c67f34 100644 --- a/ssl/apache2/server.pem +++ b/ssl/apache2/server.pem @@ -1,17 +1,17 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQC+dlAC+rhVn9yXgDtS69cbVliS6wGgsEkUtJ7WRXxxNQFIeefJ -+H6752z49SLx5+6UWPYPs0/ha/KSRn+BP/rot93JO1BSlOSgwp6w9Nj9O0QVV5Lc -wrbJOSCJsjJaER9YHAffbCpBAexv0iD5wX/b1V/HrZ7nv6MBbJayCWHunQIDAQAB -AoGBAIAkX86xWuYY6TRxDPjMPexhmrQ2MuEm2fR5VUh6dbBA5j0Z763+Z14K5VFW -tI0m62iZtet4S+0xUIHDtrOCFU/mYXS95ynGh4zQFWyeDv9X8s1BIvjl9mbYrWbT -eIp+uqblmgybkAPnBgJ3WRiDUpnoJaoYsncvIlEuhuOiY7ftAkEA5FRQJ/+dioSL -KMtABp69EvdOJreaVMjYkChksiXDb/tHpZRco3xu7ob+cfDyZkZ87cHDFHlfWLNO -l0z47tiO+wJBANWLNU0Mvrz5j8ba7rf3vdgVqVHeGS9COzyK4VPGKbQFVfa6MNjr -mT3SEBQFvUJGg5OLWzniwn4X2zDhsRt4JUcCQQDewUbGDwHifnbJIKlhDAKH+096 -REtDhgKJeW7rwh3OJQb8CibqtF4BRR/9h0Tk9MWyqwMn+VVE0wHMaCK/2fR7AkEA -vGihs4SeOZ+7IkmCPCDCiIe8J7Zc5Bx8pVMnscFyhBn9Gb53YLymLSxM8U2LCZGr -f5+B8tXGongr9bn7iG/9+wJAJZRTHrFhjoGq5wNFFbCjWjcD5OoeZ3tYE9dUlzBM -S42SlgBSh3896aWARUHt8VpSTnUbfpDIK34beAOrt1pxSg== +MIICXQIBAAKBgQDWLZSVeCaCRJJrecGt99nVKPtZJLQAo0D/JiQ7PwO+6wgx8dTL +6eJ1Sum6ry0iA/cLVwm2F8Qf2UGGn/TsOAAX/UwN02EJ4xtMzB8J9YGFUWyx/uJ3 +6ez1UA0JKBbK7NbkXAWpekt0be5O0oS30yrYKqV6FSX2uiNMG5g4d5yXRQIDAQAB +AoGBAI6F2Fk6kg2fyfuhE0RMKXXShqgEZ5ABEzB21idiwIBccKCjt6JWKi85QZ3M +EnGPR+cQ7VJyMD2tWhBXAynp/gzACOAIhNhvpM4i82Z4b8H9XT/WYRvmiOw2WM/M +1H4XwyRowumtl5PUKgC/t3X9MYOSrxmZPGt5zNZa6S2MjiSFAkEA/cLz00Dj72FB +KVm0C9xTxB7ngNBL6AVe98yLNNFzZwoE80IAGw1nvZimk3kJTJw4OcjtyehUjNED +pY51GYknKwJBANgRPXKUwfPQOVF2E0hJh5/MkN46o3o1Al1FTHk2bS0GlJb7wOV3 +Ukq2eRHx0GRiayfsve3oCadLP/HwzQZ8A08CQQDH3OEvVJ9xrXal+8nLwaeUAwcw +tF3kiz5mCwrk+cZbtE97zFLK+77mXDFuW1kQpsW99Vwbt0nIcuLdZRsjlptrAkBI +m2qBwZl3nCZWyI3sQcFQosaf1yauX3fe7fWn2fFQKyDtp8YHllRSBQWkURVNVoFZ +1kVw2AO+cxwW6muLXUsjAkAmX9wEinLq6CKdHeVhFvZbiC4bgEdgSFxyV1aRSUfa +R3YdHVk2HWmi51q3e8Wlk7QAFIzhz4nsqcd2O6ufbw44 -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- @@ -19,16 +19,16 @@ MIIC1TCCAj6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBsTELMAkGA1UEBhMCVVMx EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExGzAZ BgNVBAoTEkFwYWNoZSBIVFRQIFNlcnZlcjEiMCAGA1UECxMZRm9yIFRlc3Rpbmcg UHVycG9zZXMgT25seTEVMBMGA1UEAxMMbG9jYWxob3N0IENBMR0wGwYJKoZIhvcN -AQkBFg5yb290QGxvY2FsaG9zdDAeFw0xMDA1MjYwMjIxMjlaFw0xMjA1MjUwMjIx -MjlaMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE +AQkBFg5yb290QGxvY2FsaG9zdDAeFw0xMjA3MjMxNTQ5MDVaFw0xNDA3MjMxNTQ5 +MDVaMIGuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE BxMNU2FudGEgQmFyYmFyYTEbMBkGA1UEChMSQXBhY2hlIEhUVFAgU2VydmVyMSIw IAYDVQQLExlGb3IgVGVzdGluZyBQdXJwb3NlcyBPbmx5MRIwEAYDVQQDEwlsb2Nh bGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MIGfMA0GCSqGSIb3 -DQEBAQUAA4GNADCBiQKBgQC+dlAC+rhVn9yXgDtS69cbVliS6wGgsEkUtJ7WRXxx -NQFIeefJ+H6752z49SLx5+6UWPYPs0/ha/KSRn+BP/rot93JO1BSlOSgwp6w9Nj9 -O0QVV5LcwrbJOSCJsjJaER9YHAffbCpBAexv0iD5wX/b1V/HrZ7nv6MBbJayCWHu -nQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJFuBY/r4J+Mva0g7fnZotW3GLGmZTqu -NVUnqTPctmYl0gjhmKExjKgYvwOcZblY7TYcgnW4YUzukWwrMgOe4uPIPmmIhmkZ -RGyb1cojRNV9oTE8VpSTndj/oq6qoyXDHfor5t4ukrbYkylekpleyw10l8LTBm+E -EYDtgPM/1kLB +DQEBAQUAA4GNADCBiQKBgQDWLZSVeCaCRJJrecGt99nVKPtZJLQAo0D/JiQ7PwO+ +6wgx8dTL6eJ1Sum6ry0iA/cLVwm2F8Qf2UGGn/TsOAAX/UwN02EJ4xtMzB8J9YGF +UWyx/uJ36ez1UA0JKBbK7NbkXAWpekt0be5O0oS30yrYKqV6FSX2uiNMG5g4d5yX +RQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAKVumP/K/0dGcfm3uj43TPXhUhN8yf5M +bqHUyQj5Gturv1kE2RviWDuSwrEyRkGSNJGfjRtqMzYgznJ90gj2sSAXoIQPONSN +tHXbHaXFZADIZxy09DT5WtAwtLTu+TNugljnsgfk0OMnn4fpejKvuYkgVK2nzcW+ +7BXbrTnfTiBF -----END CERTIFICATE----- diff --git a/ssl/postfix/server.crt b/ssl/postfix/server.crt index 6fbe56f..bd861a9 100644 --- a/ssl/postfix/server.crt +++ b/ssl/postfix/server.crt @@ -3,16 +3,16 @@ MIIC1zCCAkCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBsjELMAkGA1UEBhMCVVMx EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExHDAa BgNVBAoTE1Bvc3RmaXggU01UUCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5n IFB1cnBvc2VzIE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3 -DQEJARYOcm9vdEBsb2NhbGhvc3QwHhcNMTAwNTI2MTMwMjUzWhcNMTIwNTI1MTMw -MjUzWjCBrzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNV +DQEJARYOcm9vdEBsb2NhbGhvc3QwHhcNMTIwNzIzMTcxMTI0WhcNMTQwNzIzMTcx +MTI0WjCBrzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNV BAcTDVNhbnRhIEJhcmJhcmExHDAaBgNVBAoTE1Bvc3RmaXggU01UUCBTZXJ2ZXIx IjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxv Y2FsaG9zdDEdMBsGCSqGSIb3DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZI -hvcNAQEBBQADgY0AMIGJAoGBAMM3vhl/0UKk8QQOXJI2MqDBZKpE58jppUvuuVA+ -F67Qov+fkAeSSo2bkf5Vw6i2rp0f4QDsUYhOy850LfVWt//LawcLpHRbUg/ywr+t -1Ql6MaVyDzRXLfoUD0jnvb0P2Oe5rSt8Nf3Mc22woeDVc2fbXrW1t3KBOtUOcLcz -xotHAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAhTxV0ezQWbkI7/LiiTycWuCBI57V -MvsZF0wxwz6BUNUqTKkPoM0EWrmOpaFyNuNoiteQoCkUl9PqWafrfx7JWv9U23dG -aEv5qmV85QmfjJU8720KcWJeQi3v8da+Ulb+AtbPxQX+ZRPKSe3mjZR0kte809p9 -r6NIsTOvpPkqUts= +hvcNAQEBBQADgY0AMIGJAoGBAKSgRB36fxyHektWCoyhenuTUnuIpbVvk6YAlBn3 +zvAtp4cLQsaTEyjoXyrc9NwZxThzDb/Sc8xPAb/4YoZGK/bBD//EGQ3Y0DgLHdAL +8FdKSqmFUiNgiXNKvJmvgoasDObkKirckX5EYhWU3rRolp/xA5arqsMLxxtzI0Uk +bMX5AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEANozh8ATYxZhmP/mm5/qK1Bf8taEj +zLtzww017OJIFNI3/ysOipnYMF6rtV9g5JRMKH4DkPExoFPTHeMnvWcYhvutmMlP +qpRdvOh+TjYdKYk+TuQJUFRbADQm7QnqvoZkQDvk9hSMWdKyPoIzYoadcIGAVdQ+ +AK+miDREKjIKA/I= -----END CERTIFICATE----- diff --git a/ssl/postfix/server.csr b/ssl/postfix/server.csr index 0067980..5cd77d2 100644 --- a/ssl/postfix/server.csr +++ b/ssl/postfix/server.csr @@ -3,11 +3,11 @@ MIIB8DCCAVkCAQAwga8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHEw1TYW50YSBCYXJiYXJhMRwwGgYDVQQKExNQb3N0Zml4IFNNVFAg U2VydmVyMSIwIAYDVQQLExlGb3IgVGVzdGluZyBQdXJwb3NlcyBPbmx5MRIwEAYD VQQDEwlsb2NhbGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MIGf -MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDN74Zf9FCpPEEDlySNjKgwWSqROfI -6aVL7rlQPheu0KL/n5AHkkqNm5H+VcOotq6dH+EA7FGITsvOdC31Vrf/y2sHC6R0 -W1IP8sK/rdUJejGlcg80Vy36FA9I5729D9jnua0rfDX9zHNtsKHg1XNn2161tbdy -gTrVDnC3M8aLRwIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEATlg5GumXOYmwwZZy -VNWFFEuBp6wwCZyNpgg7/YmTgOC7BitajbMI/8vW/TabfLJ+04yf+Bd2HUFM0edy -SFB64h0w0a3NwLHAYRdtrsYWh9cGVxZV0TfsgwaxWwdL6ePx0prLzYi+1dhs/ocy -1nweyuVyXYFNspT2Y83AGXQFzbE= +MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCkoEQd+n8ch3pLVgqMoXp7k1J7iKW1 +b5OmAJQZ987wLaeHC0LGkxMo6F8q3PTcGcU4cw2/0nPMTwG/+GKGRiv2wQ//xBkN +2NA4Cx3QC/BXSkqphVIjYIlzSryZr4KGrAzm5Coq3JF+RGIVlN60aJaf8QOWq6rD +C8cbcyNFJGzF+QIDAQABoAAwDQYJKoZIhvcNAQEFBQADgYEAOzGNFvHDwv0DqX5u +ueQ4Uw6PXmkHpebrofmTTKUaDqveWWNbjX4Gc6BfT0FBeQWnq9TRi24UVu0ELyga +sI84vRH1sOsklEyHGCFYpqa4uB9QEwBzlHG1voIXH3YtkiwvUafFG7n/hwEh01Hh +yrSK/OmAKhitLnP8m0eMi7FgY5A= -----END CERTIFICATE REQUEST----- diff --git a/ssl/postfix/server.key b/ssl/postfix/server.key index 4495f65..9dd7b87 100644 --- a/ssl/postfix/server.key +++ b/ssl/postfix/server.key @@ -1,15 +1,15 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDDN74Zf9FCpPEEDlySNjKgwWSqROfI6aVL7rlQPheu0KL/n5AH -kkqNm5H+VcOotq6dH+EA7FGITsvOdC31Vrf/y2sHC6R0W1IP8sK/rdUJejGlcg80 -Vy36FA9I5729D9jnua0rfDX9zHNtsKHg1XNn2161tbdygTrVDnC3M8aLRwIDAQAB -AoGBAIvJToZT0DQ4h5yv6/mGdZpG4R5LWO204HgO6QNccvjqzMzeJPRG/LuJunC0 -WPZmWYKJYUSX84n3YljjOEWFYxq02MUCyZBdpj8iUFAgtUeCXDJR8wnJvtccfd32 -WyKZLTJHgJSUkuwkB/1lKRQAh8ygf1kt05Krh0DFy0lrW9MBAkEA+5zkvpZ0Aekx -GH3Y2OM5l4aardCEygM4FQyNmjjKv7wm/5YpXMTezSUlPEEH+NgrJcBxi0EOGiqw -y8Aa1JuaCQJBAMafH0U0/9+dQfWBHQddTKhuLjakp7aqn0h5umgtnXNgKOqw0lnh -XNe+hU5gAveDKaL2McO/nqABJjJjuBdkjs8CQQCcYlZ18pMlwOcn3sgRfaEFAb9P -uuNdn4SS6Jt2OEgjxXDDuHP62c3U2Xp8KbsnukuPCj5IG+YE83WxHbRPYmrpAkEA -tAyw2xrFTN8QWM33E6L3B8QBbpVqV0Nqate2LBQVo+4qiT1LIiER+Z0C2N5eMiMb -TlehGxKMZ/1Cs/EDg2krrwJAdBqcBAbi7hD3zHye6FLyjYOaPGPlZxEmAwra44d1 -Nxw7juJNluUNvXoD2uT0gL23B8HFliAi1JNb/Fwoq3IXug== +MIICWwIBAAKBgQCkoEQd+n8ch3pLVgqMoXp7k1J7iKW1b5OmAJQZ987wLaeHC0LG +kxMo6F8q3PTcGcU4cw2/0nPMTwG/+GKGRiv2wQ//xBkN2NA4Cx3QC/BXSkqphVIj +YIlzSryZr4KGrAzm5Coq3JF+RGIVlN60aJaf8QOWq6rDC8cbcyNFJGzF+QIDAQAB +An8xhAL5AV86NYWTI04I/ojYoncssO0mpWjDhWkGZoLXuuOourpa/+HDbCEzw0Hi +8d1gHTsFd0ddLGZaV1tLB9Aw7GGbHLEWA0sRd/Y1OfG0nSOBIC3EG+6Lb7bSTebo +TgGm+g3+uq8K32U/Hjiaky2eKFHx3uYC3D1jttiATmtVAkEAznfjEXlSkmgHfK+9 +jZmvtrMZtCiZ092G0Ke2JeGLSkezykEV2aIRIk7/OD/XmQg+xbj6JgPUm3KkW7zM +TbHbwwJBAMweqgTAUd4UzZuhBJHH64oizhtbxG/BBdmi/hLcH0QibwBJl2RrMsOH +DgFMq55pKtu0qS+7Ra6qE4ECA/g9x5MCQQDHlN47ivKFsefi4KK0GWbgjdp/62tf +gNmMI0KQ9ahGwm8KSMYNXXuAlapiPlxzgqPjT38HdlZzeWtlfmhjhlUvAkA0Yk45 +x+16tBYMMaeNjiQJoGMKrGNeVsgckXLo/irb/oZEKZ67u7MccOWMOdP1ZIIGPngI +8uOwLp+wxQalx50XAkEAvPho0u3frMxWJmB4o2LerCqyGwYV9cBzAo2K2DFpCYUG +2CZ7oLxQY9gg7mAnOxch5SzhwpBTSmHCLslAo0JnzA== -----END RSA PRIVATE KEY----- diff --git a/ssl/postfix/server.pem b/ssl/postfix/server.pem index 7c1bf86..4b40673 100644 --- a/ssl/postfix/server.pem +++ b/ssl/postfix/server.pem @@ -1,17 +1,17 @@ -----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDDN74Zf9FCpPEEDlySNjKgwWSqROfI6aVL7rlQPheu0KL/n5AH -kkqNm5H+VcOotq6dH+EA7FGITsvOdC31Vrf/y2sHC6R0W1IP8sK/rdUJejGlcg80 -Vy36FA9I5729D9jnua0rfDX9zHNtsKHg1XNn2161tbdygTrVDnC3M8aLRwIDAQAB -AoGBAIvJToZT0DQ4h5yv6/mGdZpG4R5LWO204HgO6QNccvjqzMzeJPRG/LuJunC0 -WPZmWYKJYUSX84n3YljjOEWFYxq02MUCyZBdpj8iUFAgtUeCXDJR8wnJvtccfd32 -WyKZLTJHgJSUkuwkB/1lKRQAh8ygf1kt05Krh0DFy0lrW9MBAkEA+5zkvpZ0Aekx -GH3Y2OM5l4aardCEygM4FQyNmjjKv7wm/5YpXMTezSUlPEEH+NgrJcBxi0EOGiqw -y8Aa1JuaCQJBAMafH0U0/9+dQfWBHQddTKhuLjakp7aqn0h5umgtnXNgKOqw0lnh -XNe+hU5gAveDKaL2McO/nqABJjJjuBdkjs8CQQCcYlZ18pMlwOcn3sgRfaEFAb9P -uuNdn4SS6Jt2OEgjxXDDuHP62c3U2Xp8KbsnukuPCj5IG+YE83WxHbRPYmrpAkEA -tAyw2xrFTN8QWM33E6L3B8QBbpVqV0Nqate2LBQVo+4qiT1LIiER+Z0C2N5eMiMb -TlehGxKMZ/1Cs/EDg2krrwJAdBqcBAbi7hD3zHye6FLyjYOaPGPlZxEmAwra44d1 -Nxw7juJNluUNvXoD2uT0gL23B8HFliAi1JNb/Fwoq3IXug== +MIICWwIBAAKBgQCkoEQd+n8ch3pLVgqMoXp7k1J7iKW1b5OmAJQZ987wLaeHC0LG +kxMo6F8q3PTcGcU4cw2/0nPMTwG/+GKGRiv2wQ//xBkN2NA4Cx3QC/BXSkqphVIj +YIlzSryZr4KGrAzm5Coq3JF+RGIVlN60aJaf8QOWq6rDC8cbcyNFJGzF+QIDAQAB +An8xhAL5AV86NYWTI04I/ojYoncssO0mpWjDhWkGZoLXuuOourpa/+HDbCEzw0Hi +8d1gHTsFd0ddLGZaV1tLB9Aw7GGbHLEWA0sRd/Y1OfG0nSOBIC3EG+6Lb7bSTebo +TgGm+g3+uq8K32U/Hjiaky2eKFHx3uYC3D1jttiATmtVAkEAznfjEXlSkmgHfK+9 +jZmvtrMZtCiZ092G0Ke2JeGLSkezykEV2aIRIk7/OD/XmQg+xbj6JgPUm3KkW7zM +TbHbwwJBAMweqgTAUd4UzZuhBJHH64oizhtbxG/BBdmi/hLcH0QibwBJl2RrMsOH +DgFMq55pKtu0qS+7Ra6qE4ECA/g9x5MCQQDHlN47ivKFsefi4KK0GWbgjdp/62tf +gNmMI0KQ9ahGwm8KSMYNXXuAlapiPlxzgqPjT38HdlZzeWtlfmhjhlUvAkA0Yk45 +x+16tBYMMaeNjiQJoGMKrGNeVsgckXLo/irb/oZEKZ67u7MccOWMOdP1ZIIGPngI +8uOwLp+wxQalx50XAkEAvPho0u3frMxWJmB4o2LerCqyGwYV9cBzAo2K2DFpCYUG +2CZ7oLxQY9gg7mAnOxch5SzhwpBTSmHCLslAo0JnzA== -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- @@ -19,16 +19,16 @@ MIIC1zCCAkCgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBsjELMAkGA1UEBhMCVVMx EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbnRhIEJhcmJhcmExHDAa BgNVBAoTE1Bvc3RmaXggU01UUCBTZXJ2ZXIxIjAgBgNVBAsTGUZvciBUZXN0aW5n IFB1cnBvc2VzIE9ubHkxFTATBgNVBAMTDGxvY2FsaG9zdCBDQTEdMBsGCSqGSIb3 -DQEJARYOcm9vdEBsb2NhbGhvc3QwHhcNMTAwNTI2MTMwMjUzWhcNMTIwNTI1MTMw -MjUzWjCBrzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNV +DQEJARYOcm9vdEBsb2NhbGhvc3QwHhcNMTIwNzIzMTcxMTI0WhcNMTQwNzIzMTcx +MTI0WjCBrzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNV BAcTDVNhbnRhIEJhcmJhcmExHDAaBgNVBAoTE1Bvc3RmaXggU01UUCBTZXJ2ZXIx IjAgBgNVBAsTGUZvciBUZXN0aW5nIFB1cnBvc2VzIE9ubHkxEjAQBgNVBAMTCWxv Y2FsaG9zdDEdMBsGCSqGSIb3DQEJARYOcm9vdEBsb2NhbGhvc3QwgZ8wDQYJKoZI -hvcNAQEBBQADgY0AMIGJAoGBAMM3vhl/0UKk8QQOXJI2MqDBZKpE58jppUvuuVA+ -F67Qov+fkAeSSo2bkf5Vw6i2rp0f4QDsUYhOy850LfVWt//LawcLpHRbUg/ywr+t -1Ql6MaVyDzRXLfoUD0jnvb0P2Oe5rSt8Nf3Mc22woeDVc2fbXrW1t3KBOtUOcLcz -xotHAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAhTxV0ezQWbkI7/LiiTycWuCBI57V -MvsZF0wxwz6BUNUqTKkPoM0EWrmOpaFyNuNoiteQoCkUl9PqWafrfx7JWv9U23dG -aEv5qmV85QmfjJU8720KcWJeQi3v8da+Ulb+AtbPxQX+ZRPKSe3mjZR0kte809p9 -r6NIsTOvpPkqUts= +hvcNAQEBBQADgY0AMIGJAoGBAKSgRB36fxyHektWCoyhenuTUnuIpbVvk6YAlBn3 +zvAtp4cLQsaTEyjoXyrc9NwZxThzDb/Sc8xPAb/4YoZGK/bBD//EGQ3Y0DgLHdAL +8FdKSqmFUiNgiXNKvJmvgoasDObkKirckX5EYhWU3rRolp/xA5arqsMLxxtzI0Uk +bMX5AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEANozh8ATYxZhmP/mm5/qK1Bf8taEj +zLtzww017OJIFNI3/ysOipnYMF6rtV9g5JRMKH4DkPExoFPTHeMnvWcYhvutmMlP +qpRdvOh+TjYdKYk+TuQJUFRbADQm7QnqvoZkQDvk9hSMWdKyPoIzYoadcIGAVdQ+ +AK+miDREKjIKA/I= -----END CERTIFICATE----- diff --git a/syslog-ng/.rcs/syslog-ng.conf,v b/syslog-ng/.rcs/syslog-ng.conf,v deleted file mode 100644 index afa8cc2..0000000 --- a/syslog-ng/.rcs/syslog-ng.conf,v +++ /dev/null @@ -1,107 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2011.06.22.12.31.06; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.11.29.20.09.47; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@@@version: 3.2 -# $Header: /etc/syslog-ng/.rcs/syslog-ng.conf,v 1.1 2010/11/29 20:09:47 root Exp $ -# -# Syslog-ng default configuration file for Gentoo Linux - -options { - chain_hostnames(no); - flush_lines(0); - - # The default action of syslog-ng is to log a STATS line - # to the file every 10 minutes. That's pretty ugly after a while. - # Change it to every 12 hours so you get a nice daily update of - # how many messages syslog-ng missed (0). - stats_freq(43200); - perm(0640); -}; - -source src { - unix-stream("/dev/log" max-connections(256)); - internal(); - file("/proc/kmsg"); -}; - -destination d_messages { file("/var/log/syslog.d/$FACILITY"); }; -destination d_msg { file("/var/log/messages"); }; -destination d_debug { file("/var/log/debug.log"); }; -destination d_mail { file("/var/log/mail/$PROGRAM" create_dirs(yes)); }; - - -# By default messages are logged to tty12... -destination d_console_all { file("/dev/tty12"); }; -# ...if you intend to use /dev/console for programs like xconsole -# you can comment out the destination line above that references /dev/tty12 -# and uncomment the line below. -#destination console_all { file("/dev/console"); }; - -#destination d_sql { -# sql( type(mysql) -# host("localhost") username("syslog") password("Jafohn7a") -# database("syslog") -# table( "messages_${R_YEAR}_${R_MONTH}" ) -# columns( "datetime DATETIME", "facility VARCHAR(12)", "level VARCHAR(12)", -# "host VARCHAR(32)", "program VARCHAR(250)", "pid VARCHAR(8)", "message TEXT" ) -# values( "${R_YEAR}-${R_MONTH}-${R_DAY} ${R_HOUR}:${R_MIN}:${R_SEC}", "$FACILITY", "$LEVEL", -# "$HOST", "$PROGRAM", "$PID", "$MSGONLY" ) -# indexes( "datetime", "facility", "level", "host", "program" ) -# ); -#}; - -#log { source(src); destination(messages); }; -#log { source(src); destination(d_console_all); }; - -filter f_console { level( warn..emerg ); }; -filter f_messages { level(info..emerg) - and not facility(auth, authpriv, mail, news); }; -filter f_nocron { not ( facility(cron) and level(info) ); }; -filter f_mail { facility(mail); }; - - -log { source(src); destination(d_messages); }; -#log { source(src); destination(d_sql); }; -#log { source(src); destination(d_debug); }; -log { source(src); filter(f_console); destination(d_console_all); }; -log { source(src); filter(f_messages); destination(d_msg); }; -log { source(src); filter(f_mail); destination(d_mail); }; - -@ - - -1.1 -log -@Initial revision -@ -text -@d1 2 -a2 2 -@@version: 3.0 -# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.3,v 1.1 2010/04/06 02:11:35 mr_bones_ Exp $ -@ diff --git a/syslog-ng/.rcs/syslog-ng.conf.org,v b/syslog-ng/.rcs/syslog-ng.conf.org,v deleted file mode 100644 index d0b769d..0000000 --- a/syslog-ng/.rcs/syslog-ng.conf.org,v +++ /dev/null @@ -1,79 +0,0 @@ -head 1.2; -access; -symbols; -locks; strict; -comment @# @; - - -1.2 -date 2011.01.18.17.44.14; author root; state Exp; -branches; -next 1.1; - -1.1 -date 2010.11.29.18.02.41; author root; state Exp; -branches; -next ; - - -desc -@Initialising repository -@ - - -1.2 -log -@Checked in. -@ -text -@@@version: 3.2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.3.2,v 1.1 2011/01/18 17:44:14 mr_bones_ Exp $ -# -# Syslog-ng default configuration file for Gentoo Linux - -options { - chain_hostnames(no); - - # The default action of syslog-ng is to log a STATS line - # to the file every 10 minutes. That's pretty ugly after a while. - # Change it to every 12 hours so you get a nice daily update of - # how many messages syslog-ng missed (0). - stats_freq(43200); - # The default action of syslog-ng is to log a MARK line - # to the file every 20 minutes. That's seems high for most - # people so turn it down to once an hour. Set it to zero - # if you don't want the functionality at all. - mark_freq(3600); -}; - -source src { - unix-stream("/dev/log" max-connections(256)); - internal(); - file("/proc/kmsg"); -}; - -destination messages { file("/var/log/messages"); }; - -# By default messages are logged to tty12... -destination console_all { file("/dev/tty12"); }; -# ...if you intend to use /dev/console for programs like xconsole -# you can comment out the destination line above that references /dev/tty12 -# and uncomment the line below. -#destination console_all { file("/dev/console"); }; - -log { source(src); destination(messages); }; -log { source(src); destination(console_all); }; -@ - - -1.1 -log -@Initial revision -@ -text -@d1 2 -a2 2 -@@version: 3.0 -# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.3,v 1.1 2010/04/06 02:11:35 mr_bones_ Exp $ -d14 5 -@ diff --git a/syslog-ng/syslog-ng.conf b/syslog-ng/syslog-ng.conf index 024f2e6..d31f4f1 100644 --- a/syslog-ng/syslog-ng.conf +++ b/syslog-ng/syslog-ng.conf @@ -1,5 +1,5 @@ @version: 3.2 -# $Header: /etc/syslog-ng/.rcs/syslog-ng.conf,v 1.2 2011/06/22 12:31:06 root Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-admin/syslog-ng/files/syslog-ng.conf.gentoo.3.2,v 1.1 2011/01/18 17:44:14 mr_bones_ Exp $ # # Syslog-ng default configuration file for Gentoo Linux @@ -16,6 +16,12 @@ options { frac_digits(3); ts_format(iso); + + # The default action of syslog-ng is to log a MARK line + # to the file every 20 minutes. That's seems high for most + # people so turn it down to once an hour. Set it to zero + # if you don't want the functionality at all. + mark_freq(3600); }; source src { diff --git a/sysstat b/sysstat index 365d3ad..40ded7e 100644 --- a/sysstat +++ b/sysstat @@ -1,4 +1,4 @@ -# sysstat-10.0.3 configuration file. +# sysstat-10.0.4 configuration file. # How long to keep log files (in days). # If value is greater than 28, then log files are kept in diff --git a/terminfo/r/rxvt-unicode b/terminfo/r/rxvt-unicode index 2ed935e..7cad32c 100644 Binary files a/terminfo/r/rxvt-unicode and b/terminfo/r/rxvt-unicode differ diff --git a/texmf/dvipdfmx/dvipdfmx.cfg b/texmf/dvipdfmx/dvipdfmx.cfg new file mode 100644 index 0000000..893d0ad --- /dev/null +++ b/texmf/dvipdfmx/dvipdfmx.cfg @@ -0,0 +1,191 @@ +%% dvipdfmx.cfg for dvipdfmx. (Public domain.) +%% +%% PDF Version Setting +%% +%% PDF (minor) version stamp to use in output file. +%% This also implies maximal version of PDF file allowed to be included. +%% Dvipdfmx does not support 1.0, 1.1, 1.2 since TrueType font embedded +%% as CIDFontType2 requires at least version 1.3. Transparent imaging +%% model requires version 1.4. So if you want soft-masking support for +%% PNG image with alpha channels, you should set version to 4 or higher. +%% PDF 1.5 enables object compression. + +V 5 + +%% Dvipdfmx Compatibility Flags +%% +%% 0x0002 Use semi-transparent filling for tpic shading command, +%% instead of opaque gray color. (requires PDF 1.4) +%% 0x0004 Treat all CIDFont as fixed-pitch font. +%% This is only for backward compatibility. Don't use that. +%% 0x0008 Do not replace duplicate fontmap entries. +%% Dvipdfm's (not 'x') behaviour. +%% 0x0010 Do not optimize PDF destinations. Use this if you want to +%% refer from other files to destinations in the current file. + +%C 0x0000 + +%% PDF Document Settings +%% +%% Papersize Option: +%% +%% p papersize-spec +%% +%% papersize-spec is 'paper-format' or length-pair, e.g., 'a4', 'letter', +%% '20cm,30cm'. Recognized unit is 'cm', 'mm', 'bp', 'pt', 'in'. + +p a4 + +%% Annotation Box Margin: +%% +%% g length +%% +%% Add margin to annotation rectangle created via various \specials. Many +%% TeX macro packages set the annotation bounding box equal to the TeX box +%% that encloses the material. That's not always what you want. +%% Annotations created by pdf:bannot/pdf:eannot is also affected. + +%g 0 + +%% Bookmark Open Level: +%% +%% O integer +%% +%% Mark bookmark (outline) item as initial state 'open' if the depth +%% of that item (from root node) is less than or equal to the integer +%% specified with this option. + +O 0 + +%% PDF Security (Encryption) Setting +%% +%% Those options won't take effects unless you use flag 'S'. +%% +%% Key bits for PDF encryption (40 - 128) + +K 40 + +%% Permission flag for PDF encryption: Revision will be 3 if the key size +%% is greater than 40 bits. +%% +%% 0x0004 (Revision 2) Print the document. +%% (Revision 3) Print the document (possibly not at the highest quality +%% level, depending on whether bit 12[0x0800] is also set). +%% 0x0008 Modify the contents of the document by operations other than those +%% controlled by bits 6[0x0020], 9[0x0100], and 11[0x0400]. +%% 0x0010 (Revision 2) Copy or otherwise extract text and graphics from the +%% document, including extracting text and graphics (in support of +%% accessibility to disabled users or for other purposes). +%% (Revision 3) Copy or otherwise extract text and grphics from the +%% document by operations other than that controlled by bit 10[0x0200]. +%% 0x0020 Add or modify text annotations, fill in interactive form fields, +%% and, if bit 4[0x0008] is also set, create or modify interactive +%% form fields (including signature fields). +%% +%% (Revision 3 only) +%% 0x0100 Fill in existing interactive form fields (including signature +%% fields), even if bit 6 is clear. +%% 0x0200 Extract text and graphics (in support of accessibility to disabled +%% users or for other purposes). +%% 0x0400 Assemble the document (insert, rotate, or delete pages and create +%% bookmarks or thumbnail images), even if bit 4 is clear. +%% 0x0800 Print the document to a representation from which a faithful digital +%% copy of the PDF content could be generated. When this bit is clear +%% (and bit 3 is set), printing is limited to a low-level representation +%% of the appearance, possibly of degraded quality. + +P 0x003C + +%% Image Handler +%% +%% With 'D' option dvipdfmx may invoke shell command via system() +%% function call. +%% +%% Command-line template for a-to-b conversion: +%% +%% Supported target format ('b') is currently PDF. +%% Percent sign '%' is special character: +%% +%% %i Input file name (FQPN). Name of file to be converted to PDF. +%% %o Output file name (FQPN). Temporary file to store conversion +%% result. Removed after inclusion is finished. (regardless of +%% success or failure) +%% %b The "base" name of the input file, e.g., "foo" instead of +%% "foo.eps". +%% %v The PDF version to be converted to, e.g. "1.4" for PDF 1.4. +%% %% Replaced with single '%'. + +%% Ghostscript (PS-to-PDF and PDF-to-PDF): +%% +%% ps2pdf is a front-end to gs. For a complete list of options, see +%% http://ghostscript.com/doc/current/Ps2pdf.htm#Options +%% +%% By default, gs encodes all images contained in a PS file using +%% the lossy DCT (i.e., JPEG) filter. This often leads to inferior +%% result (see the discussion at http://electron.mit.edu/~gsteele/pdf/). +%% The "-dAutoFilterXXXImages" and "-dXXXImageFilter" options used +%% below force all images to be encoded with the lossless Flate (zlib, +%% same as PNG) filter. Note that if the PS file already contains DCT +%% encoded images (which is possible in PS level 2), then these images +%% will also be re-encoded using Flate. To turn the conversion off, +%% simply remove the options mentioned above. +%% +%% Also note that PAPERSIZE=a0 is specified below. This converts PS +%% files (including EPS) to A0 papersize PDF. This is necessary to +%% prevent gs from clipping PS figure at some papersize. (A0 above +%% simply means large size paper.) If you have figures even larger +%% than A0, and their llx=lly=0, you can use "-dEPSCrop" instead of +%% "-sPAPERSIZE=a0" +%% +D "ps2pdf -dCompatibilityLevel=%v -sPAPERSIZE=a0 -dAutoFilterGrayImages=false -dGrayImageFilter=/FlateEncode -dAutoFilterColorImages=false -dColorImageFilter=/FlateEncode '%i' '%o'" + +%% Frank Siegert's PStill: +%D "/usr/local/bin/pstill -c -o '%o' '%i'" + +%% Adobe Acrobat Distiller: +%D "/usr/local/bin/distill -quiet -pairs '%i' '%o'" + +%% Batik + Fop (SVG-to-PDF): +%% If you want both PS and SVG, you need to write a script or program +%% that selectively invokes converters. +%D "java -classpath classpaths -jar /path/to/batik-rasterizer.jar -m application/pdf -d '%o' '%i'" + +%% There are no way to directly know suggested size of (raster) images. +%% You may want to use %b here, since you can try reading the ebb file +%% to see what is natural (physical) size of images. +%D "ras2pdf -r 300x300 -b '%b.bb' -o '%o' '%i'" + +%% ImageMagick: +%% Easiest way to support various file formats. +%D "convert '%i' 'epdf:%o'" + +%% Other Options +%% +%% DPI for PK font creation + +%r 600 + +%% Set number of fractional digit kept for various numbers in PDF page +%% content output. By setting this to 2 (default), dvipdfmx rounds +%% real numbers at 2nd fractional (decimal) digit; e.g., "3.14159" is +%% written as "3.14". Increasing this to more than 2 isn't meaningful +%% for old Acrobat due to implementation limit of Acrobat. +%% Length 0.01 in unscaled coordinate system amount to width of 1 pixel +%% in 7200ppi display. + +%d 5 + +%% Font Map Files +%% +%% teTeX 2.x and TeX Live using updmap (pdfTeX format) +f pdftex.map + +%% teTeX 2.x and TeX Live using updmap (DVIPDFM format) +%f dvipdfm.map + +%% teTeX 2.x and TeX Live using updmap (DVIPS format) +%% MiKTeX 2.2 and 2.3 +%f psfonts.map + +%% Put additonal fontmap files here (usually for Type0 fonts) +f cid-x.map diff --git a/texmf/dvips/config/config.ps b/texmf/dvips/config/config.ps deleted file mode 100644 index 812c139..0000000 --- a/texmf/dvips/config/config.ps +++ /dev/null @@ -1,589 +0,0 @@ -% config.ps - configuration file for dvips. -% Tomas Rokicki, Thomas Esser, Karl Berry, et al., 1986ff, public domain. - -% Memory available. Download the three-line PostScript file: -% %! Hey, we're PostScript -% /Times-Roman findfont 30 scalefont setfont 144 432 moveto -% vmstatus exch sub 40 string cvs show pop showpage -% to determine this number. (It will be the only thing printed.) -m 3500000 - -% Run securely. z2 disables both shell command execution in -% `\special' and config files (via the `E' option) and opening of any -% absolute filenames. z1, the default, forbids shell escapes but -% allows absolute filenames. z0 allows both. The corresponding -% command line options are -R0|-R1|-R2 -z1 - -% How to print, maybe with lp instead lpr, etc. If commented-out, output -% will go into a file by default. -%o |lpr - -% Default resolution of this device, in dots per inch. -D 600 -X 600 -Y 600 - -% Metafont mode. (This is completely different from the -M -% command-line option, which controls whether mktexpk is invoked.) -% See ../../metafont/misc/modes.mf for a list of mode names. This mode -% and the D number above must agree, or mktexpk will get confused. -M ljfour - -% Last resort bitmap sizes. -R 300 600 - -% Correct printer offset. You can use testpage.tex from the LaTeX -% distribution to find these numbers. -O 0pt,0pt - -% Bitmap font compression. Results in more compact output files, but -% sometimes causes trouble. So the default is disabled. Set Z1 to enable -% this feature. -Z0 - -% Partially download Type 1 fonts by default. Only reason not to do -% this is if you encounter bugs. (Please report them to -% @email{tex-k@tug.org} if you do.) -j - -% This shows how to add your own map file. -% Remove the comment and adjust the name: -% p +myfonts.map - -% If we have setpagedevice, use that. -% else if we have the a4 resp. letter operator, use that. -% else do nothing to set the page size. -% -% In the past, the a4size and letterSize definitions did not set the -% page size, but we want to set it if we can so that ps2pdf can work -% properly. Here, a4 and a4size, and letter and letterSize, are -% identical, and we prefer the a4/letter names -- texconfig uses them. - -% 0 0 595 842 is the right bounding box that applications expect -% for A4. Since dvips always rounds up, choose something slightly -% smaller for our paper size. - -@ a4 210mm 297mm -@+ ! %%DocumentPaperSizes: a4 -@+ %%BeginPaperSize: a4 -@+ /setpagedevice where -@+ { pop << /PageSize [595 842] >> setpagedevice } -@+ { /a4 where { pop a4 } if } -@+ ifelse -@+ %%EndPaperSize - -@ letter 8.5in 11in -@+ ! %%DocumentPaperSizes: Letter -@+ %%BeginPaperSize: Letter -@+ /setpagedevice where -@+ { pop << /PageSize [612 792] >> setpagedevice } -@+ { /letter where { pop letter } if } -@+ ifelse -@+ %%EndPaperSize - -@ a4size 210mm 297mm -@+ ! %%DocumentPaperSizes: a4 -@+ %%BeginPaperSize: a4 -@+ /setpagedevice where -@+ { pop << /PageSize [595 842] >> setpagedevice } -@+ { /a4 where { pop a4 } if } -@+ ifelse -@+ %%EndPaperSize - -@ letterSize 8.5in 11in -@+ ! %%DocumentPaperSizes: Letter -@+ %%BeginPaperSize: Letter -@+ /setpagedevice where -@+ { pop << /PageSize [612 792] >> setpagedevice } -@+ { /letter where { pop letter } if } -@+ ifelse -@+ %%EndPaperSize - -% The jacow paper size is the smaller of letter and a4 in both -% dimensions, and can therefore hopefully be printed on either paper -% size. As far as we know, Volker Schaa first used it for the JACOW -% conference proceedings that he produced. -@ jacow 210mm 11in -@+ ! %%DocumentPaperSizes: jacow -@+ %%BeginPaperSize: jacow -@+ /setpagedevice where -@+ { pop << /PageSize [595 792] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -% The smallbook paper size has been used by the Free Software Foundation -% to print manuals for many years, and is part of Texinfo. -@ smallbook 7in 9.25in -@+ ! %%DocumentPaperSizes: smallbook -@+ %%BeginPaperSize: smallbook -@+ /setpagedevice where -@+ { pop << /PageSize [504 666] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ halfexecutive 133mm 184mm -@+ ! %%DocumentPaperSizes: halfexecutive -@+ %%BeginPaperSize: halfexecutive -@+ /setpagedevice where -@+ { pop << /PageSize [378 522] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ halfletter 140mm 216mm -@+ ! %%DocumentPaperSizes: halfletter -@+ %%BeginPaperSize: halfletter -@+ /setpagedevice where -@+ { pop << /PageSize [396 612] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ statement 140mm 216mm -@+ ! %%DocumentPaperSizes: statement -@+ %%BeginPaperSize: statement -@+ /setpagedevice where -@+ { pop << /PageSize [396 612] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ executive 184mm 267mm -@+ ! %%DocumentPaperSizes: executive -@+ %%BeginPaperSize: executive -@+ /setpagedevice where -@+ { pop << /PageSize [522 756] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -% for powerdot -@ screen 8.25in 11in -@+ ! %%DocumentPaperSizes: Screen -@+ %%BeginPaperSize: Screen -@+ /setpagedevice where -@+ { pop << /PageSize [594 792] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -% a common size for printers (in north america). -@ sixbynine 6in 9in -@+ ! %%DocumentPaperSizes: SixByNine -@+ %%BeginPaperSize: SixByNine -@+ /setpagedevice where -@+ { pop << /PageSize [432 648] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ quarto 215mm 275mm -@+ ! %%DocumentPaperSizes: quarto -@+ %%BeginPaperSize: quarto -@+ /setpagedevice where -@+ { pop << /PageSize [610 780] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ note 216mm 279mm -@+ ! %%DocumentPaperSizes: note -@+ %%BeginPaperSize: note -@+ /setpagedevice where -@+ { pop << /PageSize [612 792] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ folio 216mm 330mm -@+ ! %%DocumentPaperSizes: folio -@+ %%BeginPaperSize: folio -@+ /setpagedevice where -@+ { pop << /PageSize [612 936] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ legal 8.5in 14in -@+ ! %%DocumentPaperSizes: Legal -@+ %%BeginPaperSize: Legal -@+ /setpagedevice where -@+ { pop << /PageSize [612 1008] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ 10x14 10in 14in -@+ ! %%DocumentPaperSizes: 10x14 -@+ %%BeginPaperSize: 10x14 -@+ /setpagedevice where -@+ { pop << /PageSize [720 1008] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ ledger 17in 11in -@+ ! %%DocumentPaperSizes: Ledger -@+ %%BeginPaperSize: Ledger -@+ /setpagedevice where -@+ { pop << /PageSize [1224 792] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ tabloid 11in 17in -@+ ! %%DocumentPaperSizes: Tabloid -@+ %%BeginPaperSize: Tabloid -@+ /setpagedevice where -@+ { pop << /PageSize [792 1224] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ 11x17 11in 17in -@+ ! %%DocumentPaperSizes: 11x17 -@+ %%BeginPaperSize: 11x17 -@+ /setpagedevice where -@+ { pop << /PageSize [792 1224] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ a0 841mm 1189mm -@+ ! %%DocumentPaperSizes: a0 -@+ %%BeginPaperSize: a0 -@+ /setpagedevice where -@+ { pop << /PageSize [2384 3370] >> setpagedevice } -@+ { /a0 where { pop a0 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a1 594mm 841mm -@+ ! %%DocumentPaperSizes: a1 -@+ %%BeginPaperSize: a1 -@+ /setpagedevice where -@+ { pop << /PageSize [1684 2384] >> setpagedevice } -@+ { /a1 where { pop a1 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a2 420mm 594mm -@+ ! %%DocumentPaperSizes: a2 -@+ %%BeginPaperSize: a2 -@+ /setpagedevice where -@+ { pop << /PageSize [1191 1684] >> setpagedevice } -@+ { /a2 where { pop a2 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a3 297mm 420mm -@+ ! %%DocumentPaperSizes: a3 -@+ %%BeginPaperSize: a3 -@+ /setpagedevice where -@+ { pop << /PageSize [842 1191] >> setpagedevice } -@+ { /a3 where { pop a3 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a5 148mm 210mm -@+ ! %%DocumentPaperSizes: a5 -@+ %%BeginPaperSize: a5 -@+ /setpagedevice where -@+ { pop << /PageSize [420 595] >> setpagedevice } -@+ { /a5 where { pop a5 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a6 105mm 148mm -@+ ! %%DocumentPaperSizes: a6 -@+ %%BeginPaperSize: a6 -@+ /setpagedevice where -@+ { pop << /PageSize [298 420] >> setpagedevice } -@+ { /a6 where { pop a6 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a7 74mm 105mm -@+ ! %%DocumentPaperSizes: a7 -@+ %%BeginPaperSize: a7 -@+ /setpagedevice where -@+ { pop << /PageSize [210 298] >> setpagedevice } -@+ { /a7 where { pop a7 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a8 52mm 74mm -@+ ! %%DocumentPaperSizes: a8 -@+ %%BeginPaperSize: a8 -@+ /setpagedevice where -@+ { pop << /PageSize [147 210] >> setpagedevice } -@+ { /a8 where { pop a8 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a9 37mm 52mm -@+ ! %%DocumentPaperSizes: a9 -@+ %%BeginPaperSize: a9 -@+ /setpagedevice where -@+ { pop << /PageSize [105 147] >> setpagedevice } -@+ { /a9 where { pop a9 } if } -@+ ifelse -@+ %%EndPaperSize - -@ a10 26mm 37mm -@+ ! %%DocumentPaperSizes: a10 -@+ %%BeginPaperSize: a10 -@+ /setpagedevice where -@+ { pop << /PageSize [74 105] >> setpagedevice } -@+ { /a10 where { pop a10 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb0 1030mm 1456mm -@+ ! %%DocumentPaperSizes: jisb0 -@+ %%BeginPaperSize: jisb0 -@+ /setpagedevice where -@+ { pop << /PageSize [2920 4127] >> setpagedevice } -@+ { /jisb0 where { pop jisb0 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb1 728mm 1030mm -@+ ! %%DocumentPaperSizes: jisb1 -@+ %%BeginPaperSize: jisb1 -@+ /setpagedevice where -@+ { pop << /PageSize [2064 2920] >> setpagedevice } -@+ { /jisb1 where { pop jisb1 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb2 515mm 728mm -@+ ! %%DocumentPaperSizes: jisb2 -@+ %%BeginPaperSize: jisb2 -@+ /setpagedevice where -@+ { pop << /PageSize [1460 2064] >> setpagedevice } -@+ { /jisb2 where { pop jisb2 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb3 364mm 515mm -@+ ! %%DocumentPaperSizes: jisb3 -@+ %%BeginPaperSize: jisb3 -@+ /setpagedevice where -@+ { pop << /PageSize [1032 1460] >> setpagedevice } -@+ { /jisb3 where { pop jisb3 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb4 257mm 364mm -@+ ! %%DocumentPaperSizes: jisb4 -@+ %%BeginPaperSize: jisb4 -@+ /setpagedevice where -@+ { pop << /PageSize [729 1032] >> setpagedevice } -@+ { /jisb4 where { pop jisb4 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb5 182mm 257mm -@+ ! %%DocumentPaperSizes: jisb5 -@+ %%BeginPaperSize: jisb5 -@+ /setpagedevice where -@+ { pop << /PageSize [516 729] >> setpagedevice } -@+ { /jisb5 where { pop jisb5 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb6 128mm 182mm -@+ ! %%DocumentPaperSizes: jisb6 -@+ %%BeginPaperSize: jisb6 -@+ /setpagedevice where -@+ { pop << /PageSize [363 516] >> setpagedevice } -@+ { /jisb6 where { pop jisb6 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb7 91mm 128mm -@+ ! %%DocumentPaperSizes: jisb7 -@+ %%BeginPaperSize: jisb7 -@+ /setpagedevice where -@+ { pop << /PageSize [258 363] >> setpagedevice } -@+ { /jisb7 where { pop jisb7 } if } -@+ ifelse -@+ %%EndPaperSize - -@ jisb8 64mm 91mm -@+ ! %%DocumentPaperSizes: jisb8 -@+ %%BeginPaperSize: jisb8 -@+ /setpagedevice where -@+ { pop << /PageSize [181 258] >> setpagedevice } -@+ { /jisb8 where { pop jisb8 } if } -@+ ifelse -@+ %%EndPaperSize - -@ b0 1000mm 1414mm -@+ ! %%DocumentPaperSizes: b0 -@+ %%BeginPaperSize: b0 -@+ /setpagedevice where -@+ { pop << /PageSize [2835 4008] >> setpagedevice } -@+ { /b0 where { pop b0 } if } -@+ ifelse -@+ %%EndPaperSize - -@ b1 707mm 1000mm -@+ ! %%DocumentPaperSizes: b1 -@+ %%BeginPaperSize: b1 -@+ /setpagedevice where -@+ { pop << /PageSize [2004 2835] >> setpagedevice } -@+ { /b1 where { pop b1 } if } -@+ ifelse -@+ %%EndPaperSize - -@ b2 500mm 707mm -@+ ! %%DocumentPaperSizes: b2 -@+ %%BeginPaperSize: b2 -@+ /setpagedevice where -@+ { pop << /PageSize [1417 2004] >> setpagedevice } -@+ { /b2 where { pop b2 } if } -@+ ifelse -@+ %%EndPaperSize - -@ b3 353mm 500mm -@+ ! %%DocumentPaperSizes: b3 -@+ %%BeginPaperSize: b3 -@+ /setpagedevice where -@+ { pop << /PageSize [1001 1417] >> setpagedevice } -@+ { /b3 where { pop b3 } if } -@+ ifelse -@+ %%EndPaperSize - -@ b4 250mm 353mm -@+ ! %%DocumentPaperSizes: b4 -@+ %%BeginPaperSize: b4 -@+ /setpagedevice where -@+ { pop << /PageSize [709 1001] >> setpagedevice } -@+ { /b4 where { pop b4 } if } -@+ ifelse -@+ %%EndPaperSize - -@ b5 176mm 250mm -@+ ! %%DocumentPaperSizes: b5 -@+ %%BeginPaperSize: b5 -@+ /setpagedevice where -@+ { pop << /PageSize [499 709] >> setpagedevice } -@+ { /b5 where { pop b5 } if } -@+ ifelse -@+ %%EndPaperSize - -@ b6 125mm 176mm -@+ ! %%DocumentPaperSizes: b6 -@+ %%BeginPaperSize: b6 -@+ /setpagedevice where -@+ { pop << /PageSize [354 499] >> setpagedevice } -@+ { /b6 where { pop b6 } if } -@+ ifelse -@+ %%EndPaperSize - -@ c5 162mm 229mm -@+ ! %%DocumentPaperSizes: c5 -@+ %%BeginPaperSize: c5 -@+ /setpagedevice where -@+ { pop << /PageSize [459 649] >> setpagedevice } -@+ { /c5 where { pop c5 } if } -@+ ifelse -@+ %%EndPaperSize - -@ DL 110mm 220mm -@+ ! %%DocumentPaperSizes: DL -@+ %%BeginPaperSize: DL -@+ /setpagedevice where -@+ { pop << /PageSize [312 624] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ Comm10 105mm 241mm -@+ ! %%DocumentPaperSizes: Comm10 -@+ %%BeginPaperSize: Comm10 -@+ /setpagedevice where -@+ { pop << /PageSize [297 684] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ Monarch 98.4mm 190.5mm -@+ ! %%DocumentPaperSizes: Monarch -@+ %%BeginPaperSize: Monarch -@+ /setpagedevice where -@+ { pop << /PageSize [279 540] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ archE 36in 48in -@+ ! %%DocumentPaperSizes: archE -@+ %%BeginPaperSize: archE -@+ /setpagedevice where -@+ { pop << /PageSize [2592 3456] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ archD 24in 36in -@+ ! %%DocumentPaperSizes: archD -@+ %%BeginPaperSize: archD -@+ /setpagedevice where -@+ { pop << /PageSize [1728 2592] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ archC 18in 24in -@+ ! %%DocumentPaperSizes: archC -@+ %%BeginPaperSize: archC -@+ /setpagedevice where -@+ { pop << /PageSize [1296 1728] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ archB 12in 18in -@+ ! %%DocumentPaperSizes: archB -@+ %%BeginPaperSize: archB -@+ /setpagedevice where -@+ { pop << /PageSize [864 1296] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ archA 9in 12in -@+ ! %%DocumentPaperSizes: archA -@+ %%BeginPaperSize: archA -@+ /setpagedevice where -@+ { pop << /PageSize [648 864] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ flsa 216mm 330.2mm -@+ ! %%DocumentPaperSizes: flsa -@+ %%BeginPaperSize: flsa -@+ /setpagedevice where -@+ { pop << /PageSize [612 936] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ flse 216mm 330.2mm -@+ ! %%DocumentPaperSizes: flse -@+ %%BeginPaperSize: flse -@+ /setpagedevice where -@+ { pop << /PageSize [612 936] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ csheet 431.8mm 558.8mm -@+ ! %%DocumentPaperSizes: csheet -@+ %%BeginPaperSize: csheet -@+ /setpagedevice where -@+ { pop << /PageSize [1224 1584] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ dsheet 558.8mm 863.6mm -@+ ! %%DocumentPaperSizes: dsheet -@+ %%BeginPaperSize: dsheet -@+ /setpagedevice where -@+ { pop << /PageSize [1584 2448] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ esheet 863.6mm 1117.6mm -@+ ! %%DocumentPaperSizes: esheet -@+ %%BeginPaperSize: esheet -@+ /setpagedevice where -@+ { pop << /PageSize [2448 3168] >> setpagedevice } -@+ if -@+ %%EndPaperSize - -@ unknown 0in 0in -@+ statusdict /setpageparams known { hsize vsize 0 1 statusdict begin { -@+ setpageparams } stopped end } { true } ifelse { statusdict /setpage known -@+ { hsize vsize 1 statusdict begin { setpage } stopped pop end } if } if diff --git a/texmf/ls-R b/texmf/ls-R index 532c1b4..b2a5cf3 100644 --- a/texmf/ls-R +++ b/texmf/ls-R @@ -2,7 +2,7 @@ ./: .: dvipdfm -dvips +dvipdfmx dvips.d fmtutil.d language.dat.d @@ -19,11 +19,8 @@ config ./dvipdfm/config: -./dvips: -config - -./dvips/config: -config.ps +./dvipdfmx: +dvipdfmx.cfg ./dvips.d: @@ -49,15 +46,15 @@ format.texlive-latex.cnf 20sizes.cnf ./updmap.d: -.keep_app-text_texlive-core-0 00updmap.cfg +.keep_app-text_texlive-core-0 texlive-basic.cfg texlive-fontsrecommended.cfg texlive-latex.cfg ./web2c: -.keep_app-text_texlive-core-0 fmtutil.cnf +.keep_app-text_texlive-core-0 texmf.cnf updmap.cfg diff --git a/timezone b/timezone deleted file mode 100644 index 94d5acc..0000000 --- a/timezone +++ /dev/null @@ -1 +0,0 @@ -Europe/Berlin diff --git a/udev/rules.d/70-persistent-net.rules b/udev/rules.d/70-persistent-net.rules index f03ed07..eb2d284 100644 --- a/udev/rules.d/70-persistent-net.rules +++ b/udev/rules.d/70-persistent-net.rules @@ -1,11 +1,11 @@ -# This file was automatically generated by the /lib64/udev/write_net_rules +# This file was automatically generated by the /lib/udev/write_net_rules # program, run by the persistent-net-generator.rules rules file. # # You can modify it, as long as you keep each rule on a single # line, and change only the value of the NAME= key. # PCI device 0x8086:0x109a (e1000e) -SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="40:61:86:ee:e4:64", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0" +SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="40:61:86:ee:e6:3b", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1" # PCI device 0x8086:0x109a (e1000e) -SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="40:61:86:ee:e4:65", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth1" +SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="40:61:86:ee:e6:3a", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0" diff --git a/vhosts/webapp-config b/vhosts/webapp-config index 810ef89..02c01cb 100644 --- a/vhosts/webapp-config +++ b/vhosts/webapp-config @@ -65,9 +65,10 @@ vhost_hostname="localhost" # your choices are: # # apache -# aolserver # lighttpd # cherokee +# nginx +# gatling # # you can override this setting by using the -s switch to webapp-config @@ -183,6 +184,9 @@ vhost_perms_virtualowned_file="o-w" vhost_perms_installdir="0755" +# Allow specifying absolute path names using the -d option? +allow_absolute="no" + # ======================================================================== # END OF USER-EDITABLE SETTINGS diff --git a/warnquota.conf b/warnquota.conf deleted file mode 100644 index 929998c..0000000 --- a/warnquota.conf +++ /dev/null @@ -1,69 +0,0 @@ -# this is an example warnquota.conf -# -; ; and # type comments are allowed -# and even blank lines - -# values can be quoted: -MAIL_CMD = "/usr/my/sendmail/instead/sendmail -t" -FROM = "bas@localhost" -# but they don't have to be: -SUBJECT = Hey, user, clean up your account! -CC_TO = "sysadm@localhost" -# If you set this variable CC will be used only when user has less than -# specified grace time left (examples of possible times: 5 seconds, 1 minute, -# 12 hours, 5 days) -# CC_BEFORE = 2 days -SUPPORT = "support@myhost.com" -PHONE = "(123) 456-1111 or (222) 333-4444" -# Text in the beginning of the mail (if not specified, default text is used) -# This way text can be split to more lines -# Line breaks are done by '|' character -# The expressions %i, %h, %d, and %% are substituted for user/group name, -# host name, domain name, and '%' respectively. For backward compatibility -# %s behaves as %i but is deprecated. -MESSAGE = Hello user %i, I've noticed you use too much space\ - on my disk in %h.%d.|Delete your files on the following filesystems:| -# Text in the end of the mail (if not specified, default text using SUPPORT and PHONE -# is created) -SIGNATURE = See you!| Your admin of %h| -# Following text is used for mails about group exceeding quotas -GROUP_MESSAGE = Hello, a group '%i' you're member of use too much space at %h.|\ -I chose you to do the cleanup.|Delete group files on the following filesystems:| -# Text in the end of the mail to the group (if not specified, default text using SUPPORT -# and PHONE is created). -GROUP_SIGNATURE = See you!| Your admin| -# -#If you are running warnquota on a mail server, and don't want bounces -#because clients cannot receive mail setting this to "any" will cause -#warnquota to not send them mail for all devices. If you set this to the -#device name (for example /dev/hdb1) then they will not be sent mail if they -#are overquota on that device only, and will be sent mail for all other -#devices. -#MAILDEV = -# -#Here you can set a charset for emails sent by warnquota (e.g. UTF-8) -#CHARSET = -# If you are using LDAP mail lookups. -# host, port, tls, binddn, and bindpw are straight forward. -# LDAP_BASEDN is your search base dn -# LDAP_SEARCH_ATTRIBUTE is the attr for the value you are looking for -# LDAP_MAIL_ATTRIBUTE is the attribute you want used for the mail address -# LDAP_DEFAULT_MAIL_DOMAIN is the default domain -# if the attribute isn't found -# if binddn and bindpw are blank or left out, an anonymous bind is used -# -# LDAP_MAIL = false # or false if you don't want to use it -# If you have at least LDAP 2.3 installed, you can use LDAP_URI -# LDAP_URI = ldaps://my.server:389 -# Otherwise you can specify LDAP_HOST and LDAP_PORT -# LDAP_HOST = ldap -# LDAP_PORT = 389 -# LDAP_BINDDN = uid=ReadOnlyUser,o=YourOrg -# LDAP_BINDPW = YourReadOnlyUserPassword -# LDAP_BASEDN = YourSearchBase -# LDAP_SEARCH_ATTRIBUTE = uid -# LDAP_MAIL_ATTRIBUTE = mailLocalAddress -# LDAP_DEFAULT_MAIL_DOMAIN = YourDefaultMailDomain.com -# -# end of example warnquota.conf file -# diff --git a/xml/catalog b/xml/catalog index 82584f3..8c13367 100644 --- a/xml/catalog +++ b/xml/catalog @@ -3,7 +3,6 @@ <catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog"> <public publicId="-//OMF//DTD Scrollkeeper OMF Variant V1.0//EN" uri="/usr/share/xml/scrollkeeper/dtds/scrollkeeper-omf.dtd"/> <system systemId="http://scrollkeeper.sourceforge.net/dtds/scrollkeeper-omf-1.0/scrollkeeper-omf.dtd" uri="/usr/share/xml/scrollkeeper/dtds/scrollkeeper-omf.dtd"/> - <system systemId="http://glade.gnome.org/glade-2.0.dtd" uri="/usr/share/xml/libglade/glade-2.0.dtd"/> <delegatePublic publicIdStartString="-//OASIS//ENTITIES DocBook XML" catalog="file:///etc/xml/docbook"/> <delegatePublic publicIdStartString="-//OASIS//DTD DocBook XML" catalog="file:///etc/xml/docbook"/> <delegateSystem systemIdStartString="http://www.oasis-open.org/docbook/" catalog="file:///etc/xml/docbook"/> @@ -11,4 +10,5 @@ <delegatePublic publicIdStartString="ISO 8879:1986" catalog="file:///etc/xml/docbook"/> <delegateSystem systemIdStartString="http://docbook.sourceforge.net/release/xsl/" catalog="file:///etc/xml/docbook"/> <delegateURI uriStartString="http://docbook.sourceforge.net/release/xsl/" catalog="file:///etc/xml/docbook"/> + <system systemId="http://glade.gnome.org/glade-2.0.dtd" uri="/usr/share/xml/libglade/glade-2.0.dtd"/> </catalog> diff --git a/xml/docbook b/xml/docbook index 8485ea9..df5ebfc 100644 --- a/xml/docbook +++ b/xml/docbook @@ -3,16 +3,16 @@ <catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog"> <rewriteSystem systemIdStartString="http://docbook.sourceforge.net/release/xsl/current" rewritePrefix="file:///usr/share/sgml/docbook/xsl-stylesheets"/> <rewriteURI uriStartString="http://docbook.sourceforge.net/release/xsl/current" rewritePrefix="file:///usr/share/sgml/docbook/xsl-stylesheets"/> - <public publicId="-//OASIS//ELEMENTS DocBook XML Information Pool V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbpoolx.mod"/> - <public publicId="-//OASIS//DTD DocBook XML V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/docbookx.dtd"/> - <public publicId="-//OASIS//ENTITIES DocBook XML Character Entities V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbcentx.mod"/> - <public publicId="-//OASIS//ENTITIES DocBook XML Notations V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbnotnx.mod"/> - <public publicId="-//OASIS//ENTITIES DocBook XML Additional General Entities V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbgenent.mod"/> - <public publicId="-//OASIS//ELEMENTS DocBook XML Document Hierarchy V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbhierx.mod"/> - <public publicId="-//OASIS//DTD XML Exchange Table Model 19990315//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/soextblx.dtd"/> - <public publicId="-//OASIS//DTD DocBook XML CALS Table Model V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/calstblx.dtd"/> - <rewriteSystem systemIdStartString="http://www.oasis-open.org/docbook/xml/4.3" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.3"/> - <rewriteURI uriStartString="http://www.oasis-open.org/docbook/xml/4.3" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.3"/> + <public publicId="-//OASIS//ELEMENTS DocBook XML Information Pool V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbpoolx.mod"/> + <public publicId="-//OASIS//DTD DocBook XML V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/docbookx.dtd"/> + <public publicId="-//OASIS//ENTITIES DocBook XML Character Entities V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbcentx.mod"/> + <public publicId="-//OASIS//ENTITIES DocBook XML Notations V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbnotnx.mod"/> + <public publicId="-//OASIS//ENTITIES DocBook XML Additional General Entities V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbgenent.mod"/> + <public publicId="-//OASIS//ELEMENTS DocBook XML Document Hierarchy V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbhierx.mod"/> + <public publicId="-//OASIS//DTD XML Exchange Table Model 19990315//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.5/soextblx.dtd"/> + <public publicId="-//OASIS//DTD DocBook XML CALS Table Model V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/calstblx.dtd"/> + <rewriteSystem systemIdStartString="http://www.oasis-open.org/docbook/xml/4.2" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.2"/> + <rewriteURI uriStartString="http://www.oasis-open.org/docbook/xml/4.2" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.2"/> <public publicId="ISO 8879:1986//ENTITIES Added Math Symbols: Arrow Relations//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/ent/iso-amsa.ent"/> <public publicId="ISO 8879:1986//ENTITIES Added Math Symbols: Binary Operators//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/ent/iso-amsb.ent"/> <public publicId="ISO 8879:1986//ENTITIES Added Math Symbols: Delimiters//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/ent/iso-amsc.ent"/> @@ -41,15 +41,15 @@ <public publicId="-//OASIS//DTD DocBook XML CALS Table Model V4.1.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.1.2/calstblx.dtd"/> <rewriteSystem systemIdStartString="http://www.oasis-open.org/docbook/xml/4.1.2" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.1.2"/> <rewriteURI uriStartString="http://www.oasis-open.org/docbook/xml/4.1.2" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.1.2"/> - <public publicId="-//OASIS//ELEMENTS DocBook XML Information Pool V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbpoolx.mod"/> - <public publicId="-//OASIS//DTD DocBook XML V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/docbookx.dtd"/> - <public publicId="-//OASIS//ENTITIES DocBook XML Character Entities V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbcentx.mod"/> - <public publicId="-//OASIS//ENTITIES DocBook XML Notations V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbnotnx.mod"/> - <public publicId="-//OASIS//ENTITIES DocBook XML Additional General Entities V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbgenent.mod"/> - <public publicId="-//OASIS//ELEMENTS DocBook XML Document Hierarchy V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/dbhierx.mod"/> - <public publicId="-//OASIS//DTD DocBook XML CALS Table Model V4.2//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.2/calstblx.dtd"/> - <rewriteSystem systemIdStartString="http://www.oasis-open.org/docbook/xml/4.2" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.2"/> - <rewriteURI uriStartString="http://www.oasis-open.org/docbook/xml/4.2" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.2"/> + <public publicId="-//OASIS//ELEMENTS DocBook XML Information Pool V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbpoolx.mod"/> + <public publicId="-//OASIS//DTD DocBook XML V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/docbookx.dtd"/> + <public publicId="-//OASIS//ENTITIES DocBook XML Character Entities V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbcentx.mod"/> + <public publicId="-//OASIS//ENTITIES DocBook XML Notations V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbnotnx.mod"/> + <public publicId="-//OASIS//ENTITIES DocBook XML Additional General Entities V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbgenent.mod"/> + <public publicId="-//OASIS//ELEMENTS DocBook XML Document Hierarchy V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/dbhierx.mod"/> + <public publicId="-//OASIS//DTD DocBook XML CALS Table Model V4.3//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.3/calstblx.dtd"/> + <rewriteSystem systemIdStartString="http://www.oasis-open.org/docbook/xml/4.3" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.3"/> + <rewriteURI uriStartString="http://www.oasis-open.org/docbook/xml/4.3" rewritePrefix="file:///usr/share/sgml/docbook/xml-dtd-4.3"/> <public publicId="-//OASIS//ELEMENTS DocBook XML Information Pool V4.4//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.4/dbpoolx.mod"/> <public publicId="-//OASIS//DTD DocBook XML V4.4//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.4/docbookx.dtd"/> <public publicId="-//OASIS//ENTITIES DocBook XML Character Entities V4.4//EN" uri="file:///usr/share/sgml/docbook/xml-dtd-4.4/dbcentx.mod"/>