From: Frank Brehm Date: Mon, 16 Jun 2014 20:55:14 +0000 (+0200) Subject: Current state X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=a7b03981fa0a779fca6de2e9fe9f07116c11ddf0;p=config%2Fbruni%2Fetc.git Current state --- diff --git a/alternatives/README b/alternatives/README new file mode 100644 index 00000000..54ef7400 --- /dev/null +++ b/alternatives/README @@ -0,0 +1,2 @@ +Please read the update-alternatives(8) man page for information on this +directory and its contents. diff --git a/apt/apt.conf.d/01autoremove b/apt/apt.conf.d/01autoremove new file mode 100644 index 00000000..c7ad51e6 --- /dev/null +++ b/apt/apt.conf.d/01autoremove @@ -0,0 +1,26 @@ +APT +{ + NeverAutoRemove + { + "^firmware-linux.*"; + "^linux-firmware$"; + "^linux-image.*"; + "^kfreebsd-image.*"; + "^linux-restricted-modules.*"; + "^linux-ubuntu-modules-.*"; + "^gnumach$"; + "^gnumach-image.*"; + }; + + Never-MarkAuto-Sections + { + "metapackages"; + "restricted/metapackages"; + "universe/metapackages"; + "multiverse/metapackages"; + "oldlibs"; + "restricted/oldlibs"; + "universe/oldlibs"; + "multiverse/oldlibs"; + }; +}; diff --git a/apt/preferences.d/.keep_sys-apps_apt-0 b/apt/preferences.d/.keep_sys-apps_apt-0 new file mode 100644 index 00000000..e69de29b diff --git a/apt/sources.list b/apt/sources.list new file mode 100644 index 00000000..cdb45245 --- /dev/null +++ b/apt/sources.list @@ -0,0 +1,8 @@ +# See sources.list(5) manpage for more information +# Remember that CD-ROMs, DVDs and such are managed through the apt-cdrom tool. +deb http://ftp.us.debian.org/debian wheezy main contrib non-free +deb http://security.debian.org wheezy/updates main contrib non-free + +# Uncomment if you want the apt-get source function to work +#deb-src http://ftp.us.debian.org/debian wheezy main contrib non-free +#deb-src http://security.debian.org wheezy/updates main contrib non-free diff --git a/apt/sources.list.d/.keep_sys-apps_apt-0 b/apt/sources.list.d/.keep_sys-apps_apt-0 new file mode 100644 index 00000000..e69de29b diff --git a/apt/trusted.gpg.d/.keep_sys-apps_apt-0 b/apt/trusted.gpg.d/.keep_sys-apps_apt-0 new file mode 100644 index 00000000..e69de29b diff --git a/conf.d/dhcpd b/conf.d/dhcpd new file mode 100644 index 00000000..5cd2eeca --- /dev/null +++ b/conf.d/dhcpd @@ -0,0 +1,28 @@ +# /etc/conf.d/dhcpd: config file for /etc/init.d/dhcpd + +# If you require more than one instance of dhcpd you can create symbolic +# links to dhcpd service like so +# cd /etc/init.d +# ln -s dhcpd dhcpd.foo +# cd ../conf.d +# cp dhcpd dhcpd.foo +# Now you can edit dhcpd.foo and specify a different configuration file. +# You'll also need to specify a pidfile in that dhcpd.conf file. +# See the pid-file-name option in the dhcpd.conf man page for details. + +# If you wish to run dhcpd in a chroot, uncomment the following line +# DHCPD_CHROOT="/var/lib/dhcp/chroot" + +# All file paths below are relative to the chroot. +# You can specify a different chroot directory but MAKE SURE it's empty. + +# Specify a configuration file - the default is /etc/dhcp/dhcpd.conf +# DHCPD_CONF="/etc/dhcp/dhcpd.conf" + +# Configure which interface or interfaces to for dhcpd to listen on. +# List all interfaces space separated. If this is not specified then +# we listen on all interfaces. +# DHCPD_IFACE="" + +# Insert any other dhcpd options - see the man page for a full list. +# DHCPD_OPTS="" diff --git a/conf.d/dhcrelay b/conf.d/dhcrelay new file mode 100644 index 00000000..1102d3a4 --- /dev/null +++ b/conf.d/dhcrelay @@ -0,0 +1,13 @@ +# /etc/conf.d/dhcrelay: config file for /etc/init.d/dhcrelay + +# Configure which interface or interfaces to for dhcrelay to listen on +# and send to. +# List all interfaces space separated. If this is not specified then +# we use all interfaces. +#IFACE="" + +# Insert any other options needed. See dhcrelay(8) for details. +#DHCRELAY_OPTS="" + +# Space separated list of IPs to forward BOOTP/DHCP packets to. +DHCRELAY_SERVERS="" diff --git a/conf.d/dhcrelay6 b/conf.d/dhcrelay6 new file mode 100644 index 00000000..4e8b8c6f --- /dev/null +++ b/conf.d/dhcrelay6 @@ -0,0 +1,8 @@ +# /etc/conf.d/dhcrelay6: config file for /etc/init.d/dhcrelay6 + +# Insert any other options needed. See dhcrelay(8) for details. +# Make sure you specify the lower (-l)/upper (-u) interfaces. +DHCRELAY_OPTS="-6 -l lower-iface -u upper-iface" + +# Space separated list of IPs to forward BOOTP/DHCP packets to. +DHCRELAY_SERVERS="" diff --git a/cron.daily/apt b/cron.daily/apt new file mode 100644 index 00000000..5c00f22d --- /dev/null +++ b/cron.daily/apt @@ -0,0 +1,507 @@ +#!/bin/sh +#set -e +# +# This file understands the following apt configuration variables: +# Values here are the default. +# Create /etc/apt/apt.conf.d/02periodic file to set your preference. +# +# Dir "/"; +# - RootDir for all configuration files +# +# Dir::Cache "var/cache/apt/"; +# - Set apt package cache directory +# +# Dir::Cache::Archives "archives/"; +# - Set package archive directory +# +# APT::Periodic::Enable "1"; +# - Enable the update/upgrade script (0=disable) +# +# APT::Periodic::BackupArchiveInterval "0"; +# - Backup after n-days if archive contents changed.(0=disable) +# +# APT::Periodic::BackupLevel "3"; +# - Backup level.(0=disable), 1 is invalid. +# +# Dir::Cache::Backup "backup/"; +# - Set periodic package backup directory +# +# APT::Archives::MaxAge "0"; (old, deprecated) +# APT::Periodic::MaxAge "0"; (new) +# - Set maximum allowed age of a cache package file. If a cache +# package file is older it is deleted (0=disable) +# +# APT::Archives::MinAge "2"; (old, deprecated) +# APT::Periodic::MinAge "2"; (new) +# - Set minimum age of a package file. If a file is younger it +# will not be deleted (0=disable). Usefull to prevent races +# and to keep backups of the packages for emergency. +# +# APT::Archives::MaxSize "0"; (old, deprecated) +# APT::Periodic::MaxSize "0"; (new) +# - Set maximum size of the cache in MB (0=disable). If the cache +# is bigger, cached package files are deleted until the size +# requirement is met (the biggest packages will be deleted +# first). +# +# APT::Periodic::Update-Package-Lists "0"; +# - Do "apt-get update" automatically every n-days (0=disable) +# +# APT::Periodic::Download-Upgradeable-Packages "0"; +# - Do "apt-get upgrade --download-only" every n-days (0=disable) +# +# APT::Periodic::Download-Upgradeable-Packages-Debdelta "1"; +# - Use debdelta-upgrade to download updates if available (0=disable) +# +# APT::Periodic::Unattended-Upgrade "0"; +# - Run the "unattended-upgrade" security upgrade script +# every n-days (0=disabled) +# Requires the package "unattended-upgrades" and will write +# a log in /var/log/unattended-upgrades +# +# APT::Periodic::AutocleanInterval "0"; +# - Do "apt-get autoclean" every n-days (0=disable) +# +# APT::Periodic::Verbose "0"; +# - Send report mail to root +# 0: no report (or null string) +# 1: progress report (actually any string) +# 2: + command outputs (remove -qq, remove 2>/dev/null, add -d) +# 3: + trace on + +check_stamp() +{ + stamp="$1" + interval="$2" + + if [ $interval -eq 0 ]; then + debug_echo "check_stamp: interval=0" + # treat as no time has passed + return 1 + fi + + if [ ! -f $stamp ]; then + debug_echo "check_stamp: missing time stamp file: $stamp." + # treat as enough time has passed + return 0 + fi + + # compare midnight today to midnight the day the stamp was updated + stamp_file="$stamp" + stamp=$(date --date=$(date -r $stamp_file --iso-8601) +%s 2>/dev/null) + if [ "$?" != "0" ]; then + # Due to some timezones returning 'invalid date' for midnight on + # certain dates (eg America/Sao_Paulo), if date returns with error + # remove the stamp file and return 0. See coreutils bug: + # http://lists.gnu.org/archive/html/bug-coreutils/2007-09/msg00176.html + rm -f "$stamp_file" + return 0 + fi + + now=$(date --date=$(date --iso-8601) +%s 2>/dev/null) + if [ "$?" != "0" ]; then + # As above, due to some timezones returning 'invalid date' for midnight + # on certain dates (eg America/Sao_Paulo), if date returns with error + # return 0. + return 0 + fi + + delta=$(($now-$stamp)) + + # intervall is in days, convert to sec. + interval=$(($interval*60*60*24)) + debug_echo "check_stamp: interval=$interval, now=$now, stamp=$stamp, delta=$delta (sec)" + + # remove timestamps a day (or more) in the future and force re-check + if [ $stamp -gt $(($now+86400)) ]; then + echo "WARNING: file $stamp_file has a timestamp in the future: $stamp" + rm -f "$stamp_file" + return 0 + fi + + if [ $delta -ge $interval ]; then + return 0 + fi + + return 1 +} + +update_stamp() +{ + stamp="$1" + touch $stamp +} + +# we check here if autoclean was enough sizewise +check_size_constraints() +{ + MaxAge=0 + eval $(apt-config shell MaxAge APT::Archives::MaxAge) + eval $(apt-config shell MaxAge APT::Periodic::MaxAge) + + MinAge=2 + eval $(apt-config shell MinAge APT::Archives::MinAge) + eval $(apt-config shell MinAge APT::Periodic::MinAge) + + MaxSize=0 + eval $(apt-config shell MaxSize APT::Archives::MaxSize) + eval $(apt-config shell MaxSize APT::Periodic::MaxSize) + + Cache="/var/cache/apt/archives/" + eval $(apt-config shell Cache Dir::Cache::archives/d) + + # sanity check + if [ -z "$Cache" ]; then + echo "empty Dir::Cache::archives, exiting" + exit + fi + + # check age + if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then + debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge and ctime>$MinAge and mtime>$MinAge" + find $Cache -name "*.deb" \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f + elif [ ! $MaxAge -eq 0 ]; then + debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge only" + find $Cache -name "*.deb" -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f + else + debug_echo "skip aging since MaxAge is 0" + fi + + # check size + if [ ! $MaxSize -eq 0 ]; then + # maxSize is in MB + MaxSize=$(($MaxSize*1024)) + + #get current time + now=$(date --date=$(date --iso-8601) +%s) + MinAge=$(($MinAge*24*60*60)) + + # reverse-sort by mtime + for file in $(ls -rt $Cache/*.deb 2>/dev/null); do + du=$(du -s $Cache) + size=${du%%/*} + # check if the cache is small enough + if [ $size -lt $MaxSize ]; then + debug_echo "end remove by archive size: size=$size < $MaxSize" + break + fi + + # check for MinAge of the file + if [ $MinAge -ne 0 ]; then + # check both ctime and mtime + mtime=$(stat -c %Y $file) + ctime=$(stat -c %Z $file) + if [ $mtime -gt $ctime ]; then + delta=$(($now-$mtime)) + else + delta=$(($now-$ctime)) + fi + if [ $delta -le $MinAge ]; then + debug_echo "skip remove by archive size: $file, delta=$delta < $MinAgeSec" + break + else + # delete oldest file + debug_echo "remove by archive size: $file, delta=$delta >= $MinAgeSec (sec), size=$size >= $MaxSize" + rm -f $file + fi + fi + done + fi +} + +# deal with the Apt::Periodic::BackupArchiveInterval +do_cache_backup() +{ + BackupArchiveInterval="$1" + if [ $BackupArchiveInterval -eq 0 ]; then + return + fi + + # Set default values and normalize + CacheDir="/var/cache/apt" + eval $(apt-config shell CacheDir Dir::Cache/d) + CacheDir=${CacheDir%/} + if [ -z "$CacheDir" ]; then + debug_echo "practically empty Dir::Cache, exiting" + return 0 + fi + + Cache="${CacheDir}/archives/" + eval $(apt-config shell Cache Dir::Cache::Archives/d) + if [ -z "$Cache" ]; then + debug_echo "practically empty Dir::Cache::archives, exiting" + return 0 + fi + + BackupLevel=3 + eval $(apt-config shell BackupLevel APT::Periodic::BackupLevel) + if [ $BackupLevel -le 1 ]; then + BackupLevel=2 ; + fi + + Back="${CacheDir}/backup/" + eval $(apt-config shell Back Dir::Cache::Backup/d) + if [ -z "$Back" ]; then + echo "practically empty Dir::Cache::Backup, exiting" 1>&2 + return + fi + + CacheArchive="$(basename "${Cache}")" + test -n "${CacheArchive}" || CacheArchive="archives" + BackX="${Back}${CacheArchive}/" + for x in $(seq 0 1 $((${BackupLevel}-1))); do + eval "Back${x}=${Back}${x}/" + done + + # backup after n-days if archive contents changed. + # (This uses hardlink to save disk space) + BACKUP_ARCHIVE_STAMP=/var/lib/apt/periodic/backup-archive-stamp + if check_stamp $BACKUP_ARCHIVE_STAMP $BackupArchiveInterval; then + if [ $({(cd $Cache 2>/dev/null; find . -name "*.deb"); (cd $Back0 2>/dev/null;find . -name "*.deb") ;}| sort|uniq -u|wc -l) -ne 0 ]; then + mkdir -p $Back + rm -rf $Back$((${BackupLevel}-1)) + for y in $(seq $((${BackupLevel}-1)) -1 1); do + eval BackY=${Back}$y + eval BackZ=${Back}$(($y-1)) + if [ -e $BackZ ]; then + mv -f $BackZ $BackY ; + fi + done + cp -la $Cache $Back ; mv -f $BackX $Back0 + update_stamp $BACKUP_ARCHIVE_STAMP + debug_echo "backup with hardlinks. (success)" + else + debug_echo "skip backup since same content." + fi + else + debug_echo "skip backup since too new." + fi +} + +# sleep for a random interval of time (default 30min) +# (some code taken from cron-apt, thanks) +random_sleep() +{ + RandomSleep=1800 + eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep) + if [ $RandomSleep -eq 0 ]; then + return + fi + if [ -z "$RANDOM" ] ; then + # A fix for shells that do not have this bash feature. + RANDOM=$(dd if=/dev/urandom count=1 2> /dev/null | cksum | cut -c"1-5") + fi + TIME=$(($RANDOM % $RandomSleep)) + debug_echo "sleeping for $TIME seconds" + sleep $TIME +} + + +debug_echo() +{ + # Display message if $VERBOSE >= 1 + if [ "$VERBOSE" -ge 1 ]; then + echo $1 1>&2 + fi +} + +check_power(){ + # laptop check, on_ac_power returns: + # 0 (true) System is on main power + # 1 (false) System is not on main power + # 255 (false) Power status could not be determined + # Desktop systems always return 255 it seems + if which on_ac_power >/dev/null; then + on_ac_power + POWER=$? + if [ $POWER -eq 1 ]; then + debug_echo "exit: system NOT on main power" + return 1 + elif [ $POWER -ne 0 ]; then + debug_echo "power status ($POWER) undetermined, continuing" + fi + debug_echo "system is on main power." + fi + return 0 +} + +# ------------------------ main ---------------------------- + +if test -r /var/lib/apt/extended_states; then + # Backup the 7 last versions of APT's extended_states file + # shameless copy from dpkg cron + if cd /var/backups ; then + if ! cmp -s apt.extended_states.0 /var/lib/apt/extended_states; then + cp -p /var/lib/apt/extended_states apt.extended_states + savelog -c 7 apt.extended_states >/dev/null + fi + fi +fi + +# check apt-config exstance +if ! which apt-config >/dev/null ; then + exit 0 +fi + +# check if the user really wants to do something +AutoAptEnable=1 # default is yes +eval $(apt-config shell AutoAptEnable APT::Periodic::Enable) + +if [ $AutoAptEnable -eq 0 ]; then + exit 0 +fi + +# Set VERBOSE mode from apt-config (or inherit from environment) +VERBOSE=0 +eval $(apt-config shell VERBOSE APT::Periodic::Verbose) +debug_echo "verbose level $VERBOSE" +if [ "$VERBOSE" -le 2 ]; then + # quiet for 0,1,2 + XSTDOUT=">/dev/null" + XSTDERR="2>/dev/null" + XAPTOPT="-qq" + XUUPOPT="" +else + XSTDOUT="" + XSTDERR="" + XAPTOPT="" + XUUPOPT="-d" +fi +if [ "$VERBOSE" -ge 3 ]; then + # trace output + set -x +fi + +check_power || exit 0 + +# check if we can lock the cache and if the cache is clean +if which apt-get >/dev/null && ! eval apt-get check -f $XAPTOPT $XSTDERR ; then + debug_echo "error encountered in cron job with \"apt-get check\"." + exit 0 +fi + +# Global current time in seconds since 1970-01-01 00:00:00 UTC +now=$(date +%s) + +# Support old Archive for compatibility. +# Document only Periodic for all controling parameters of this script. + +UpdateInterval=0 +eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists) + +DownloadUpgradeableInterval=0 +eval $(apt-config shell DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages) + +UnattendedUpgradeInterval=0 +eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade) + +AutocleanInterval=0 +eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval) + +BackupArchiveInterval=0 +eval $(apt-config shell BackupArchiveInterval APT::Periodic::BackupArchiveInterval) + +Debdelta=1 +eval $(apt-config shell Debdelta APT::Periodic::Download-Upgradeable-Packages-Debdelta) + +# check if we actually have to do anything that requires locking the cache +if [ $UpdateInterval -eq 0 ] && + [ $DownloadUpgradeableInterval -eq 0 ] && + [ $UnattendedUpgradeInterval -eq 0 ] && + [ $BackupArchiveInterval -eq 0 ] && + [ $AutocleanInterval -eq 0 ]; then + + # check cache size + check_size_constraints + + exit 0 +fi + +# deal with BackupArchiveInterval +do_cache_backup $BackupArchiveInterval + +# sleep random amount of time to avoid hitting the +# mirrors at the same time +random_sleep +check_power || exit 0 + +# include default system language so that "apt-get update" will +# fetch the right translated package descriptions +if [ -r /etc/default/locale ]; then + . /etc/default/locale + export LANG LANGUAGE LC_MESSAGES LC_ALL +fi + +# update package lists +UPDATED=0 +UPDATE_STAMP=/var/lib/apt/periodic/update-stamp +if check_stamp $UPDATE_STAMP $UpdateInterval; then + if eval apt-get $XAPTOPT -y update $XSTDERR; then + debug_echo "download updated metadata (success)." + if which dbus-send >/dev/null && pidof dbus-daemon >/dev/null; then + if dbus-send --system / app.apt.dbus.updated boolean:true ; then + debug_echo "send dbus signal (success)" + else + debug_echo "send dbus signal (error)" + fi + else + debug_echo "dbus signal not send (command not available)" + fi + update_stamp $UPDATE_STAMP + UPDATED=1 + else + debug_echo "download updated metadata (error)" + fi +else + debug_echo "download updated metadata (not run)." +fi + +# download all upgradeable packages (if it is requested) +DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp +if [ $UPDATED -eq 1 ] && check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then + if [ $Debdelta -eq 1 ]; then + debdelta-upgrade >/dev/null 2>&1 || true + fi + if eval apt-get $XAPTOPT -y -d dist-upgrade $XSTDERR; then + update_stamp $DOWNLOAD_UPGRADEABLE_STAMP + debug_echo "download upgradable (success)" + else + debug_echo "download upgradable (error)" + fi +else + debug_echo "download upgradable (not run)" +fi + +# auto upgrade all upgradeable packages +UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp +if which unattended-upgrade >/dev/null && check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then + if unattended-upgrade $XUUPOPT; then + update_stamp $UPGRADE_STAMP + debug_echo "unattended-upgrade (success)" + else + debug_echo "unattended-upgrade (error)" + fi +else + debug_echo "unattended-upgrade (not run)" +fi + +# autoclean package archive +AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp +if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then + if eval apt-get $XAPTOPT -y autoclean $XSTDERR; then + debug_echo "autoclean (success)." + update_stamp $AUTOCLEAN_STAMP + else + debug_echo "autoclean (error)" + fi +else + debug_echo "autoclean (not run)" +fi + +# check cache size +check_size_constraints + +# +# vim: set sts=4 ai : +# + diff --git a/dhcp/dhclient.conf b/dhcp/dhclient.conf new file mode 100644 index 00000000..f8b6dd4c --- /dev/null +++ b/dhcp/dhclient.conf @@ -0,0 +1,33 @@ +#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; +#send dhcp-lease-time 3600; +#supersede domain-search "fugue.com", "home.vix.com"; +#prepend domain-name-servers 127.0.0.1; +#request subnet-mask, broadcast-address, time-offset, routers, +# domain-name, domain-name-servers, host-name; +#require subnet-mask, domain-name-servers; +#timeout 60; +#retry 60; +#reboot 10; +#select-timeout 5; +#initial-interval 2; +#media "-link0 -link1 -link2", "link0 link1"; +#reject 192.33.137.209; + +#alias { +# interface "ep0"; +# fixed-address 192.5.5.213; +# option subnet-mask 255.255.255.255; +#} + +#lease { +# interface "ep0"; +# fixed-address 192.33.137.200; +# medium "link0 link1"; +# option subnet-mask 255.255.255.0; +# option broadcast-address 192.33.137.255; +# option routers 192.33.137.250; +# option domain-name-servers 127.0.0.1; +# renew 2 2000/1/12 00:00:01; +# rebind 2 2000/1/12 00:00:01; +# expire 2 2000/1/12 00:00:01; +#} diff --git a/dhcp/dhcpd.conf b/dhcp/dhcpd.conf new file mode 100644 index 00000000..4e2386a0 --- /dev/null +++ b/dhcp/dhcpd.conf @@ -0,0 +1,104 @@ +# dhcpd.conf +# +# Sample configuration file for ISC dhcpd +# + +# option definitions common to all supported networks... +#option domain-name "example.org"; +#option domain-name-servers ns1.example.org, ns2.example.org; + +#default-lease-time 600; +#max-lease-time 7200; + +# Use this to enble / disable dynamic dns updates globally. +#ddns-update-style none; + +# If this DHCP server is the official DHCP server for the local +# network, the authoritative directive should be uncommented. +#authoritative; + +# Use this to send dhcp log messages to a different log file (you also +# have to hack syslog.conf to complete the redirection). +#log-facility local7; + +# No service will be given on this subnet, but declaring it helps the +# DHCP server to understand the network topology. + +#subnet 10.152.187.0 netmask 255.255.255.0 { +#} + +# This is a very basic subnet declaration. + +#subnet 10.254.239.0 netmask 255.255.255.224 { +# range 10.254.239.10 10.254.239.20; +# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org; +#} + +# This declaration allows BOOTP clients to get dynamic addresses, +# which we don't really recommend. + +#subnet 10.254.239.32 netmask 255.255.255.224 { +# range dynamic-bootp 10.254.239.40 10.254.239.60; +# option broadcast-address 10.254.239.31; +# option routers rtr-239-32-1.example.org; +#} + +# A slightly different configuration for an internal subnet. +#subnet 10.5.5.0 netmask 255.255.255.224 { +# range 10.5.5.26 10.5.5.30; +# option domain-name-servers ns1.internal.example.org; +# option domain-name "internal.example.org"; +# option routers 10.5.5.1; +# option broadcast-address 10.5.5.31; +# default-lease-time 600; +# max-lease-time 7200; +#} + +# Hosts which require special configuration options can be listed in +# host statements. If no address is specified, the address will be +# allocated dynamically (if possible), but the host-specific information +# will still come from the host declaration. + +#host passacaglia { +# hardware ethernet 0:0:c0:5d:bd:95; +# filename "vmunix.passacaglia"; +# server-name "toccata.fugue.com"; +#} + +# Fixed IP addresses can also be specified for hosts. These addresses +# should not also be listed as being available for dynamic assignment. +# Hosts for which fixed IP addresses have been specified can boot using +# BOOTP or DHCP. Hosts for which no fixed address is specified can only +# be booted with DHCP, unless there is an address range on the subnet +# to which a BOOTP client is connected which has the dynamic-bootp flag +# set. +#host fantasia { +# hardware ethernet 08:00:07:26:c0:a5; +# fixed-address fantasia.fugue.com; +#} + +# You can declare a class of clients and then do address allocation +# based on that. The example below shows a case where all clients +# in a certain class get addresses on the 10.17.224/24 subnet, and all +# other clients get addresses on the 10.0.29/24 subnet. + +#class "foo" { +# match if substring (option vendor-class-identifier, 0, 4) = "SUNW"; +#} + +#shared-network 224-29 { +# subnet 10.17.224.0 netmask 255.255.255.0 { +# option routers rtr-224.example.org; +# } +# subnet 10.0.29.0 netmask 255.255.255.0 { +# option routers rtr-29.example.org; +# } +# pool { +# allow members of "foo"; +# range 10.17.224.10 10.17.224.250; +# } +# pool { +# deny members of "foo"; +# range 10.0.29.10 10.0.29.230; +# } +#} diff --git a/group b/group index b1fd3219..c65f62e7 100644 --- a/group +++ b/group @@ -74,3 +74,4 @@ colord:x:983: geoclue:x:982: samba:x:981: davfs2:x:980: +dhcp:x:979: diff --git a/group- b/group- index fd630fe5..b1fd3219 100644 --- a/group- +++ b/group- @@ -73,3 +73,4 @@ systemd-journal:x:984: colord:x:983: geoclue:x:982: samba:x:981: +davfs2:x:980: diff --git a/gshadow b/gshadow index 2ea50900..7886d945 100644 --- a/gshadow +++ b/gshadow @@ -72,3 +72,4 @@ colord:!:: geoclue:!:: samba:!:: davfs2:!:: +dhcp:!:: diff --git a/gshadow- b/gshadow- index 214156e3..2ea50900 100644 --- a/gshadow- +++ b/gshadow- @@ -71,3 +71,4 @@ systemd-journal:!:: colord:!:: geoclue:!:: samba:!:: +davfs2:!:: diff --git a/init.d/dhcpd b/init.d/dhcpd new file mode 100755 index 00000000..9bef23dd --- /dev/null +++ b/init.d/dhcpd @@ -0,0 +1,114 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/files/dhcpd.init5,v 1.2 2012/11/11 21:42:02 vapier Exp $ + +extra_commands="configtest" + +: ${DHCPD_CONF:=/etc/dhcp/${SVCNAME}.conf} + +depend() { + need net + use logger dns slapd +} + +get_var() { + local var="$(sed -n 's/^[[:blank:]]\?'"$1"' "*\([^#";]\+\).*/\1/p' "${chroot}${DHCPD_CONF}")" + echo ${var:-$2} +} + +checkconfig() { + set -- ${DHCPD_OPTS} ${chroot:+-chroot} ${chroot} -t + + dhcpd "$@" 1>/dev/null 2>&1 + local ret=$? + if [ ${ret} -ne 0 ] ; then + eerror "${SVCNAME} has detected a syntax error in your configuration files:" + dhcpd "$@" + fi + + return ${ret} +} + +configtest() { + local chroot=${DHCPD_CHROOT%/} + + ebegin "Checking ${SVCNAME} configuration" + checkconfig + eend $? +} + +start() { + local chroot=${DHCPD_CHROOT%/} + + # Work out our cffile if it's in our DHCPD_OPTS + case " ${DHCPD_OPTS} " in + *" -cf "*) + DHCPD_CONF=" ${DHCPD_OPTS} " + DHCPD_CONF="${DHCPD_CONF##* -cf }" + DHCPD_CONF="${DHCPD_CONF%% *}" + ;; + *) DHCPD_OPTS="${DHCPD_OPTS} -cf ${DHCPD_CONF}" + ;; + esac + + if [ -n "${chroot}" ] ; then + # the config test want's these to exist + mkdir -p \ + "${chroot}"/var/run/dhcp \ + "${chroot}"/var/lib/dhcp \ + "${chroot}"/etc/dhcp + fi + + # see comment in get_var() above + if [ ! -f "${chroot}${DHCPD_CONF}" ] ; then + eerror "${chroot}${DHCPD_CONF} does not exist" + return 1 + fi + + checkconfig || return 1 + + checkpath -d -o dhcp:dhcp "${chroot}"/var/run/dhcp "${chroot}"/var/lib/dhcp + + local leasefile="$(get_var lease-file-name /var/lib/dhcp/${SVCNAME}.leases)" + checkpath -f -o dhcp:dhcp "${chroot}${leasefile}" + + # Setup LD_PRELOAD so name resolution works in our chroot. + if [ -n "${chroot}" ] ; then + checkpath -d -o root:root -m 755 "${chroot}"/dev "${chroot}"/etc "${chroot}"/proc + cp -pP /etc/localtime /etc/resolv.conf "${chroot}"/etc/ + export LD_PRELOAD="${LD_PRELOAD} libresolv.so libnss_dns.so" + if ! mountinfo -q "${chroot}/proc" ; then + mount --bind /proc "${chroot}/proc" + fi + fi + + local pidfile="$(get_var pid-file-name /var/run/dhcp/${SVCNAME}.pid)" + + ebegin "Starting ${chroot:+chrooted }${SVCNAME}" + start-stop-daemon --start --exec /usr/sbin/dhcpd \ + --pidfile "${chroot}/${pidfile}" \ + -- ${DHCPD_OPTS} -q -pf "${pidfile}" -lf "${leasefile}" \ + -user dhcp -group dhcp \ + ${chroot:+-chroot} ${chroot} ${DHCPD_IFACE} + eend $? \ + && save_options chroot "${chroot}" \ + && save_options pidfile "${pidfile}" +} + +stop() { + local chroot="$(get_options chroot)" + + ebegin "Stopping ${chroot:+chrooted }${SVCNAME}" + start-stop-daemon --stop --exec /usr/sbin/dhcpd \ + --pidfile "${chroot}/$(get_options pidfile)" + res=$? + + if [ ${res} -eq 0 ] && [ -n "${chroot}" ] ; then + if mountinfo -q "${chroot}/proc" ; then + umount "${chroot}/proc" + fi + fi + + eend $res +} diff --git a/init.d/dhcrelay b/init.d/dhcrelay new file mode 100755 index 00000000..a97d57d7 --- /dev/null +++ b/init.d/dhcrelay @@ -0,0 +1,34 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/files/dhcrelay.init3,v 1.3 2012/11/11 21:42:02 vapier Exp $ + +depend() { + need net + use logger slapd +} + +start() { + if [ -z "${DHCRELAY_SERVERS}" ] ; then + eerror "No DHCRELAY_SERVERS specified in /etc/conf.d/${SVCNAME}" + return 1 + fi + + checkpath -d /var/run/dhcp + + local iface_opts + if [ -n "${IFACE}" ] ; then + iface_opts=$(printf -- '-i %s ' ${IFACE}) + fi + + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec /usr/sbin/dhcrelay \ + -- -q ${iface_opts} ${DHCRELAY_OPTS} ${DHCRELAY_SERVERS} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --pidfile /var/run/dhcp/${SVCNAME}.pid + eend $? +} diff --git a/init.d/dhcrelay6 b/init.d/dhcrelay6 new file mode 100755 index 00000000..a97d57d7 --- /dev/null +++ b/init.d/dhcrelay6 @@ -0,0 +1,34 @@ +#!/sbin/runscript +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcp/files/dhcrelay.init3,v 1.3 2012/11/11 21:42:02 vapier Exp $ + +depend() { + need net + use logger slapd +} + +start() { + if [ -z "${DHCRELAY_SERVERS}" ] ; then + eerror "No DHCRELAY_SERVERS specified in /etc/conf.d/${SVCNAME}" + return 1 + fi + + checkpath -d /var/run/dhcp + + local iface_opts + if [ -n "${IFACE}" ] ; then + iface_opts=$(printf -- '-i %s ' ${IFACE}) + fi + + ebegin "Starting ${SVCNAME}" + start-stop-daemon --start --exec /usr/sbin/dhcrelay \ + -- -q ${iface_opts} ${DHCRELAY_OPTS} ${DHCRELAY_SERVERS} + eend $? +} + +stop() { + ebegin "Stopping ${SVCNAME}" + start-stop-daemon --stop --pidfile /var/run/dhcp/${SVCNAME}.pid + eend $? +} diff --git a/logrotate.d/apt b/logrotate.d/apt new file mode 100644 index 00000000..9a6e5d15 --- /dev/null +++ b/logrotate.d/apt @@ -0,0 +1,16 @@ +/var/log/apt/term.log { + rotate 12 + monthly + compress + missingok + notifempty +} + +/var/log/apt/history.log { + rotate 12 + monthly + compress + missingok + notifempty +} + diff --git a/openldap/schema/dhcp.schema b/openldap/schema/dhcp.schema new file mode 100644 index 00000000..c5ed6c72 --- /dev/null +++ b/openldap/schema/dhcp.schema @@ -0,0 +1,462 @@ +attributetype ( 2.16.840.1.113719.1.203.4.1 + NAME 'dhcpPrimaryDN' + EQUALITY distinguishedNameMatch + DESC 'The DN of the dhcpServer which is the primary server for the configuration.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.2 + NAME 'dhcpSecondaryDN' + EQUALITY distinguishedNameMatch + DESC 'The DN of dhcpServer(s) which provide backup service for the configuration.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.3 + NAME 'dhcpStatements' + EQUALITY caseIgnoreIA5Match + DESC 'Flexible storage for specific data depending on what object this exists in. Like conditional statements, server parameters, etc. This allows the standard to evolve without needing to adjust the schema.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 2.16.840.1.113719.1.203.4.4 + NAME 'dhcpRange' + EQUALITY caseIgnoreIA5Match + DESC 'The starting & ending IP Addresses in the range (inclusive), separated by a hyphen; if the range only contains one address, then just the address can be specified with no hyphen. Each range is defined as a separate value.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 2.16.840.1.113719.1.203.4.5 + NAME 'dhcpPermitList' + EQUALITY caseIgnoreIA5Match + DESC 'This attribute contains the permit lists associated with a pool. Each permit list is defined as a separate value.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 2.16.840.1.113719.1.203.4.6 + NAME 'dhcpNetMask' + EQUALITY integerMatch + DESC 'The subnet mask length for the subnet. The mask can be easily computed from this length.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.7 + NAME 'dhcpOption' + EQUALITY caseIgnoreIA5Match + DESC 'Encoded option values to be sent to clients. Each value represents a single option and contains (OptionTag, Length, OptionValue) encoded in the format used by DHCP.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 2.16.840.1.113719.1.203.4.8 + NAME 'dhcpClassData' + EQUALITY caseIgnoreIA5Match + DESC 'Encoded text string or list of bytes expressed in hexadecimal, separated by colons. Clients match subclasses based on matching the class data with the results of match or spawn with statements in the class name declarations.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.9 + NAME 'dhcpOptionsDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name(s) of the dhcpOption objects containing the configuration options provided by the server.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.10 + NAME 'dhcpHostDN' + EQUALITY distinguishedNameMatch + DESC 'the distinguished name(s) of the dhcpHost objects.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.11 + NAME 'dhcpPoolDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name(s) of pools.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.12 + NAME 'dhcpGroupDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name(s) of the groups.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.13 + NAME 'dhcpSubnetDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name(s) of the subnets.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.14 + NAME 'dhcpLeaseDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name of a client address.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE) + +attributetype ( 2.16.840.1.113719.1.203.4.15 + NAME 'dhcpLeasesDN' + DESC 'The distinguished name(s) client addresses.' + EQUALITY distinguishedNameMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.16 + NAME 'dhcpClassesDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name(s) of a class(es) in a subclass.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.17 + NAME 'dhcpSubclassesDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name(s) of subclass(es).' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.18 + NAME 'dhcpSharedNetworkDN' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name(s) of sharedNetworks.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.19 + NAME 'dhcpServiceDN' + EQUALITY distinguishedNameMatch + DESC 'The DN of dhcpService object(s)which contain the configuration information. Each dhcpServer object has this attribute identifying the DHCP configuration(s) that the server is associated with.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.20 + NAME 'dhcpVersion' + DESC 'The version attribute of this object.' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.21 + NAME 'dhcpImplementation' + EQUALITY caseIgnoreIA5Match + DESC 'Description of the DHCP Server implementation e.g. DHCP Servers vendor.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.22 + NAME 'dhcpAddressState' + EQUALITY caseIgnoreIA5Match + DESC 'This stores information about the current binding-status of an address. For dynamic addresses managed by DHCP, the values should be restricted to the following: "FREE", "ACTIVE", "EXPIRED", "RELEASED", "RESET", "ABANDONED", "BACKUP". For other addresses, it SHOULD be one of the following: "UNKNOWN", "RESERVED" (an address that is managed by DHCP that is reserved for a specific client), "RESERVED-ACTIVE" (same as reserved, but address is currently in use), "ASSIGNED" (assigned manually or by some other mechanism), "UNASSIGNED", "NOTASSIGNABLE".' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.23 + NAME 'dhcpExpirationTime' + EQUALITY generalizedTimeMatch + DESC 'This is the time the current lease for an address expires.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.24 + NAME 'dhcpStartTimeOfState' + EQUALITY generalizedTimeMatch + DESC 'This is the time of the last state change for a leased address.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.25 + NAME 'dhcpLastTransactionTime' + EQUALITY generalizedTimeMatch + DESC 'This is the last time a valid DHCP packet was received from the client.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.26 + NAME 'dhcpBootpFlag' + EQUALITY booleanMatch + DESC 'This indicates whether the address was assigned via BOOTP.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.27 + NAME 'dhcpDomainName' + EQUALITY caseIgnoreIA5Match + DESC 'This is the name of the domain sent to the client by the server. It is essentially the same as the value for DHCP option 15 sent to the client, and represents only the domain - not the full FQDN. To obtain the full FQDN assigned to the client you must prepend the "dhcpAssignedHostName" to this value with a ".".' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.28 + NAME 'dhcpDnsStatus' + EQUALITY integerMatch + DESC 'This indicates the status of updating DNS resource records on behalf of the client by the DHCP server for this address. The value is a 16-bit bitmask.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.29 + NAME 'dhcpRequestedHostName' + EQUALITY caseIgnoreIA5Match + DESC 'This is the hostname that was requested by the client.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.30 + NAME 'dhcpAssignedHostName' + EQUALITY caseIgnoreIA5Match + DESC 'This is the actual hostname that was assigned to a client. It may not be the name that was requested by the client. The fully qualified domain name can be determined by appending the value of "dhcpDomainName" (with a dot separator) to this name.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.31 + NAME 'dhcpReservedForClient' + EQUALITY distinguishedNameMatch + DESC 'The distinguished name of a "dhcpClient" that an address is reserved for. This may not be the same as the "dhcpAssignedToClient" attribute if the address is being reassigned but the current lease has not yet expired.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.32 + NAME 'dhcpAssignedToClient' + EQUALITY distinguishedNameMatch + DESC 'This is the distinguished name of a "dhcpClient" that an address is currently assigned to. This attribute is only present in the class when the address is leased.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.33 + NAME 'dhcpRelayAgentInfo' + EQUALITY octetStringMatch + DESC 'If the client request was received via a relay agent, this contains information about the relay agent that was available from the DHCP request. This is a hex-encoded option value.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.34 + NAME 'dhcpHWAddress' + EQUALITY caseIgnoreIA5Match + DESC 'The clients hardware address that requested this IP address.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.35 + NAME 'dhcpHashBucketAssignment' + EQUALITY octetStringMatch + DESC 'HashBucketAssignment bit map for the DHCP Server, as defined in DHC Load Balancing Algorithm [RFC 3074].' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.36 + NAME 'dhcpDelayedServiceParameter' + EQUALITY integerMatch + DESC 'Delay in seconds corresponding to Delayed Service Parameter configuration, as defined in DHC Load Balancing Algorithm [RFC 3074]. ' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.37 + NAME 'dhcpMaxClientLeadTime' + EQUALITY integerMatch + DESC 'Maximum Client Lead Time configuration in seconds, as defined in DHCP Failover Protocol [FAILOVR]' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.38 + NAME 'dhcpFailOverEndpointState' + EQUALITY caseIgnoreIA5Match + DESC 'Server (Failover Endpoint) state, as defined in DHCP Failover Protocol [FAILOVR]' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.39 + NAME 'dhcpErrorLog' + EQUALITY caseIgnoreIA5Match + DESC 'Generic error log attribute that allows logging error conditions within a dhcpService or a dhcpSubnet, like no IP addresses available for lease.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.40 + NAME 'dhcpLocatorDN' + EQUALITY distinguishedNameMatch + DESC 'The DN of dhcpLocator object which contain the DNs of all DHCP configuration objects. There will be a single dhcpLocator object in the tree with links to all the DHCP objects in the tree' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.41 + NAME 'dhcpKeyAlgorithm' + EQUALITY caseIgnoreIA5Match + DESC 'Algorithm to generate TSIG Key' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.42 + NAME 'dhcpKeySecret' + EQUALITY octetStringMatch + DESC 'Secret to generate TSIG Key' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.43 + NAME 'dhcpDnsZoneServer' + EQUALITY caseIgnoreIA5Match + DESC 'Master server of the DNS Zone' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +attributetype ( 2.16.840.1.113719.1.203.4.44 + NAME 'dhcpKeyDN' + EQUALITY distinguishedNameMatch + DESC 'The DNs of TSIG Key to use in secure dynamic updates. In case of locator object, this will be list of TSIG keys. In case of DHCP Service, Shared Network, Subnet and DNS Zone, it will be a single key.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + +attributetype ( 2.16.840.1.113719.1.203.4.45 + NAME 'dhcpZoneDN' + EQUALITY distinguishedNameMatch + DESC 'The DNs of DNS Zone. In case of locator object, this will be list of DNS Zones in the tree. In case of DHCP Service, Shared Network and Subnet, it will be a single DNS Zone.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) + +attributetype ( 2.16.840.1.113719.1.203.4.46 + NAME 'dhcpFailOverPrimaryServer' + EQUALITY caseIgnoreIA5Match + DESC 'IP address or DNS name of the server playing primary role in DHC Load Balancing and Fail over.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 2.16.840.1.113719.1.203.4.47 + NAME 'dhcpFailOverSecondaryServer' + EQUALITY caseIgnoreIA5Match + DESC 'IP address or DNS name of the server playing secondary role in DHC Load Balancing and Fail over.' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + +attributetype ( 2.16.840.1.113719.1.203.4.48 + NAME 'dhcpFailOverPrimaryPort' + EQUALITY integerMatch + DESC 'Port on which primary server listens for connections from its fail over peer (secondary server)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +attributetype ( 2.16.840.1.113719.1.203.4.49 + NAME 'dhcpFailOverSecondaryPort' + EQUALITY integerMatch + DESC 'Port on which secondary server listens for connections from its fail over peer (primary server)' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +attributetype ( 2.16.840.1.113719.1.203.4.50 + NAME 'dhcpFailOverResponseDelay' + EQUALITY integerMatch + DESC 'Maximum response time in seconds, before Server assumes that connection to fail over peer has failed' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +attributetype ( 2.16.840.1.113719.1.203.4.51 + NAME 'dhcpFailOverUnackedUpdates' + EQUALITY integerMatch + DESC 'Number of BNDUPD messages that server can send before it receives BNDACK from its fail over peer' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +attributetype ( 2.16.840.1.113719.1.203.4.52 + NAME 'dhcpFailOverSplit' + EQUALITY integerMatch + DESC 'Split between the primary and secondary servers for fail over purpose' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +attributetype ( 2.16.840.1.113719.1.203.4.53 + NAME 'dhcpFailOverLoadBalanceTime' + EQUALITY integerMatch + DESC 'Cutoff time in seconds, after which load balance is disabled' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ) + +attributetype ( 2.16.840.1.113719.1.203.4.54 + NAME 'dhcpFailOverPeerDN' + EQUALITY distinguishedNameMatch + DESC 'The DNs of Fail over peers. In case of locator object, this will be list of fail over peers in the tree. In case of Subnet and pool, it will be a single Fail Over Peer' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +#List of all servers in the tree +attributetype ( 2.16.840.1.113719.1.203.4.55 + NAME 'dhcpServerDN' + EQUALITY distinguishedNameMatch + DESC 'List of all DHCP Servers in the tree. Used by dhcpLocatorObject' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) + +attributetype ( 2.16.840.1.113719.1.203.4.56 + NAME 'dhcpComments' + EQUALITY caseIgnoreIA5Match + DESC 'Generic attribute that allows coments within any DHCP object' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE ) + +# Classes + +objectclass ( 2.16.840.1.113719.1.203.6.1 + NAME 'dhcpService' + DESC 'Service object that represents the actual DHCP Service configuration. This is a container object.' + SUP top + MUST (cn) + MAY ( dhcpPrimaryDN $ dhcpSecondaryDN $ dhcpServerDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ dhcpOptionsDN $ dhcpZoneDN $ dhcpKeyDN $ dhcpFailOverPeerDN $ dhcpStatements $dhcpComments $ dhcpOption) ) + +objectclass ( 2.16.840.1.113719.1.203.6.2 + NAME 'dhcpSharedNetwork' + DESC 'This stores configuration information for a shared network.' + SUP top + MUST cn + MAY ( dhcpSubnetDN $ dhcpPoolDN $ dhcpOptionsDN $ dhcpZoneDN $ dhcpStatements $dhcpComments $ dhcpOption) X-NDS_CONTAINMENT ('dhcpService' ) ) + +objectclass ( 2.16.840.1.113719.1.203.6.3 + NAME 'dhcpSubnet' + DESC 'This class defines a subnet. This is a container object.' + SUP top + MUST ( cn $ dhcpNetMask ) + MAY ( dhcpRange $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ dhcpLeasesDN $ dhcpOptionsDN $ dhcpZoneDN $ dhcpKeyDN $ dhcpFailOverPeerDN $ dhcpStatements $ dhcpComments $ dhcpOption ) X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork') ) + +objectclass ( 2.16.840.1.113719.1.203.6.4 + NAME 'dhcpPool' + DESC 'This stores configuration information about a pool.' + SUP top + MUST ( cn $ dhcpRange ) + MAY ( dhcpClassesDN $ dhcpPermitList $ dhcpLeasesDN $ dhcpOptionsDN $ dhcpZoneDN $dhcpKeyDN $ dhcpStatements $ dhcpComments $ dhcpOption ) + X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpSharedNetwork') ) + +objectclass ( 2.16.840.1.113719.1.203.6.5 + NAME 'dhcpGroup' + DESC 'Group object that lists host DNs and parameters. This is a container object.' + SUP top + MUST cn + MAY ( dhcpHostDN $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption ) + X-NDS_CONTAINMENT ('dhcpSubnet' 'dhcpService' ) ) + +objectclass ( 2.16.840.1.113719.1.203.6.6 + NAME 'dhcpHost' + DESC 'This represents information about a particular client' + SUP top + MUST cn + MAY (dhcpLeaseDN $ dhcpHWAddress $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption) + X-NDS_CONTAINMENT ('dhcpService' 'dhcpSubnet' 'dhcpGroup') ) + +objectclass ( 2.16.840.1.113719.1.203.6.7 + NAME 'dhcpClass' + DESC 'Represents information about a collection of related clients.' + SUP top + MUST cn + MAY (dhcpSubClassesDN $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption) + X-NDS_CONTAINMENT ('dhcpService' 'dhcpSubnet' ) ) + +objectclass ( 2.16.840.1.113719.1.203.6.8 + NAME 'dhcpSubClass' + DESC 'Represents information about a collection of related classes.' + SUP top + MUST cn + MAY (dhcpClassData $ dhcpOptionsDN $ dhcpStatements $ dhcpComments $ dhcpOption) X-NDS_CONTAINMENT 'dhcpClass' ) + +objectclass ( 2.16.840.1.113719.1.203.6.9 + NAME 'dhcpOptions' + DESC 'Represents information about a collection of options defined.' + SUP top AUXILIARY + MUST cn + MAY ( dhcpOption $ dhcpComments ) + X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet' 'dhcpPool' 'dhcpGroup' 'dhcpHost' 'dhcpClass' ) ) + +objectclass ( 2.16.840.1.113719.1.203.6.10 + NAME 'dhcpLeases' + DESC 'This class represents an IP Address, which may or may not have been leased.' + SUP top + MUST ( cn $ dhcpAddressState ) + MAY ( dhcpExpirationTime $ dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ dhcpRelayAgentInfo $ dhcpHWAddress ) + X-NDS_CONTAINMENT ( 'dhcpService' 'dhcpSubnet' 'dhcpPool') ) + +objectclass ( 2.16.840.1.113719.1.203.6.11 + NAME 'dhcpLog' + DESC 'This is the object that holds past information about the IP address. The cn is the time/date stamp when the address was assigned or released, the address state at the time, if the address was assigned or released.' + SUP top + MUST ( cn ) + MAY ( dhcpAddressState $ dhcpExpirationTime $ dhcpStartTimeOfState $ dhcpLastTransactionTime $ dhcpBootpFlag $ dhcpDomainName $ dhcpDnsStatus $ dhcpRequestedHostName $ dhcpAssignedHostName $ dhcpReservedForClient $ dhcpAssignedToClient $ dhcpRelayAgentInfo $ dhcpHWAddress $ dhcpErrorLog) + X-NDS_CONTAINMENT ('dhcpLeases' 'dhcpPool' 'dhcpSubnet' 'dhcpSharedNetwork' 'dhcpService' ) ) + +objectclass ( 2.16.840.1.113719.1.203.6.12 + NAME 'dhcpServer' + DESC 'DHCP Server Object' + SUP top + MUST ( cn ) + MAY (dhcpServiceDN $ dhcpLocatorDN $ dhcpVersion $ dhcpImplementation $ dhcpHashBucketAssignment $ dhcpDelayedServiceParameter $ dhcpMaxClientLeadTime $ dhcpFailOverEndpointState $ dhcpStatements $ dhcpComments $ dhcpOption) + X-NDS_CONTAINMENT ('organization' 'organizationalunit' 'domain') ) + +objectclass ( 2.16.840.1.113719.1.203.6.13 + NAME 'dhcpTSigKey' + DESC 'TSIG key for secure dynamic updates' + SUP top + MUST (cn $ dhcpKeyAlgorithm $ dhcpKeySecret ) + MAY ( dhcpComments ) + X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet') ) + +objectclass ( 2.16.840.1.113719.1.203.6.14 + NAME 'dhcpDnsZone' + DESC 'DNS Zone for updating leases' + SUP top + MUST (cn $ dhcpDnsZoneServer ) + MAY (dhcpKeyDN $ dhcpComments) + X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet') ) + +objectclass ( 2.16.840.1.113719.1.203.6.15 + NAME 'dhcpFailOverPeer' + DESC 'This class defines the Fail over peer' + SUP top + MUST ( cn $ dhcpFailOverPrimaryServer $ dhcpFailOverSecondaryServer $ dhcpFailoverPrimaryPort $ dhcpFailOverSecondaryPort) MAY (dhcpFailOverResponseDelay $ dhcpFailOverUnackedUpdates $ dhcpMaxClientLeadTime $ dhcpFailOverSplit $ dhcpHashBucketAssignment $ dhcpFailOverLoadBalanceTime $ dhcpComments ) + X-NDS_CONTAINMENT ('dhcpService' 'dhcpSharedNetwork' 'dhcpSubnet') ) + +objectclass ( 2.16.840.1.113719.1.203.6.16 + NAME 'dhcpLocator' + DESC 'Locator object for DHCP configuration in the tree. There will be a single dhcpLocator object in the tree with links to all the DHCP objects in the tree' + SUP top + MUST ( cn ) + MAY ( dhcpServiceDN $dhcpServerDN $ dhcpSharedNetworkDN $ dhcpSubnetDN $ dhcpPoolDN $ dhcpGroupDN $ dhcpHostDN $ dhcpClassesDN $ dhcpKeyDN $ dhcpZoneDN $ dhcpFailOverPeerDN $ dhcpOption $ dhcpComments) + X-NDS_CONTAINMENT ('organization' 'organizationalunit' 'domain') ) + + diff --git a/openvpn/profitbricks/resolv.conf b/openvpn/profitbricks/resolv.conf index 798c010b..7a104c01 100644 --- a/openvpn/profitbricks/resolv.conf +++ b/openvpn/profitbricks/resolv.conf @@ -1,6 +1,7 @@ # Hand made by Frank Brehm domain home.brehm-online.com -search home.brehm-online.com brehm-online.com hennig-berlin.org uhu-banane.de pb.local dc1.pb.local dc2.pb.local +#search home.brehm-online.com brehm-online.com hennig-berlin.org uhu-banane.de pb.local dc1.pb.local dc2.pb.local +search home.brehm-online.com brehm-online.com uhu-banane.de pb.local dc1.de.profitbricks.net dc2.us.profitbricks.net dc3.de.profitbricks.net #nameserver 10.12.11.1 nameserver 192.168.178.30 nameserver 192.168.178.89 diff --git a/passwd b/passwd index 3347d803..e712e3f6 100644 --- a/passwd +++ b/passwd @@ -57,3 +57,4 @@ ulogd:x:119:985:added by portage for ulogd:/var/log/ulogd:/sbin/nologin qemu:x:77:77:added by portage for libvirt:/dev/null:/sbin/nologin colord:x:120:983:added by portage for colord:/var/lib/colord:/sbin/nologin geoclue:x:121:982:added by portage for geoclue:/var/lib/geoclue:/sbin/nologin +dhcp:x:122:979:added by portage for dhcp:/var/lib/dhcp:/sbin/nologin diff --git a/passwd- b/passwd- index f9868cd9..3347d803 100644 --- a/passwd- +++ b/passwd- @@ -56,3 +56,4 @@ saned:x:118:995:added by portage for sane-backends:/dev/null:/sbin/nologin ulogd:x:119:985:added by portage for ulogd:/var/log/ulogd:/sbin/nologin qemu:x:77:77:added by portage for libvirt:/dev/null:/sbin/nologin colord:x:120:983:added by portage for colord:/var/lib/colord:/sbin/nologin +geoclue:x:121:982:added by portage for geoclue:/var/lib/geoclue:/sbin/nologin diff --git a/portage/package.keywords b/portage/package.keywords index f221e84c..a2f52b4b 100644 --- a/portage/package.keywords +++ b/portage/package.keywords @@ -30,6 +30,7 @@ app-emulation/virtualbox-modules ~app-misc/g15stats-1.9.7 ~app-misc/g15mpd-1.0.0 +~app-text/debiandoc-sgml-1.2.27 ~app-text/mate-document-viewer-1.6.1 ~app-text/mate-document-viewer-1.6.2 ~app-text/mate-doc-utils-1.6.2 @@ -62,6 +63,8 @@ app-emulation/virtualbox-modules ~dev-libs/nspr-4.10 ~dev-libs/nss-3.13.5 ~dev-libs/nss-3.15 +~dev-libs/sgml-data-2.0.8 +~dev-libs/xml-core-0.13_p2 ~dev-perl/Email-Sender-0.110.5 @@ -77,6 +80,7 @@ dev-python/pb-logging ~dev-python/pillow-2.3.0 ~dev-python/pygments-1.6 ~dev-python/pylint-0.28.0 +~dev-python/python-debian-0.1.21_p2 ~dev-python/pythonmagick-0.9.10 ~dev-python/reportlab-2.6 ~dev-python/setuptools-0.8 @@ -187,6 +191,7 @@ net-im/skype # ~perl-core/ExtUtils-CBuilder-0.280.205 # ~perl-core/Module-Load-Conditional-0.500.0 +~sys-apps/apt-0.9.7.8 ~sys-apps/etckeeper-0.58 ~sys-libs/zlib-1.2.7 diff --git a/portage/package.use b/portage/package.use index 0dbd9f2b..66a30dc1 100644 --- a/portage/package.use +++ b/portage/package.use @@ -274,6 +274,7 @@ sci-mathematics/pari -doc sci-visualization/gnuplot latex plotutils thin-splines wxwidgets sys-apps/acl nfs +sys-apps/apt apt-pkg largefile latex rpath utils sys-apps/busybox math -pam savedconfig static # sys-apps/coreutils xattr sys-apps/paludis glsa inquisitio qa visibility diff --git a/sgml/catalog b/sgml/catalog index ed6e8ebf..ee4b4fcd 100644 --- a/sgml/catalog +++ b/sgml/catalog @@ -16,3 +16,6 @@ CATALOG "/etc/sgml/xml-simple-docbook-4.1.2.4.cat" CATALOG "/etc/sgml/xml-simple-docbook-1.0.cat" CATALOG "/etc/sgml/xhtml1.cat" CATALOG "/etc/sgml/linuxdoc.cat" +CATALOG "/etc/sgml/sgml-data-2.0.8.cat" +CATALOG "/etc/sgml/xml-core-0.13_p2.cat" +CATALOG "/etc/sgml/debiandoc-sgml-1.2.27.cat" diff --git a/sgml/debiandoc-sgml-1.2.27.cat b/sgml/debiandoc-sgml-1.2.27.cat new file mode 100644 index 00000000..1c790d31 --- /dev/null +++ b/sgml/debiandoc-sgml-1.2.27.cat @@ -0,0 +1,2 @@ +CATALOG "/usr/share/sgml/debiandoc/dtd/sgml/1.0/catalog" +CATALOG "/usr/share/sgml/debiandoc/entities/catalog" diff --git a/sgml/sgml-data-2.0.8.cat b/sgml/sgml-data-2.0.8.cat new file mode 100644 index 00000000..6c718d46 --- /dev/null +++ b/sgml/sgml-data-2.0.8.cat @@ -0,0 +1,13 @@ +CATALOG "/usr/share/sgml/dtd/catalog" +CATALOG "/usr/share/sgml/entities/ArborText/catalog" +CATALOG "/usr/share/sgml/entities/Hewlett-Packard/catalog" +CATALOG "/usr/share/sgml/entities/sgml-iso-entities-8879.1986/catalog" +CATALOG "/usr/share/sgml/entities/sgml-iso-entities-9573-13.1991/catalog" +CATALOG "/usr/share/sgml/html/dtd/catalog" +CATALOG "/usr/share/sgml/html/dtd/4.0/catalog" +CATALOG "/usr/share/sgml/html/dtd/4.01/catalog" +CATALOG "/usr/share/sgml/html/dtd/iso-15445/catalog" +CATALOG "/usr/share/sgml/html/entities/catalog" +CATALOG "/usr/share/xml/qaml/catalog" +CATALOG "/usr/share/xml/svg/catalog" +CATALOG "/usr/share/xml/entities/xml-iso-entities-8879.1986/catalog" diff --git a/sgml/xml-core-0.13_p2.cat b/sgml/xml-core-0.13_p2.cat new file mode 100644 index 00000000..dc0d9035 --- /dev/null +++ b/sgml/xml-core-0.13_p2.cat @@ -0,0 +1 @@ +CATALOG "/usr/share/sgml/dtd/xml-core/catalog" diff --git a/shadow b/shadow index e9801de6..8bb73568 100644 --- a/shadow +++ b/shadow @@ -56,3 +56,4 @@ ulogd:!:15842:::::: qemu:!:16023:::::: colord:!:16099:::::: geoclue:!:16143:::::: +dhcp:!:16237:::::: diff --git a/shadow- b/shadow- index 16fe896f..e9801de6 100644 --- a/shadow- +++ b/shadow- @@ -55,3 +55,4 @@ saned:!:15734:::::: ulogd:!:15842:::::: qemu:!:16023:::::: colord:!:16099:::::: +geoclue:!:16143:::::: diff --git a/systemd/system/dhcrelay4.service.d/00gentoo.conf b/systemd/system/dhcrelay4.service.d/00gentoo.conf new file mode 100644 index 00000000..1a0465b7 --- /dev/null +++ b/systemd/system/dhcrelay4.service.d/00gentoo.conf @@ -0,0 +1,3 @@ +# Space separated list of IPs to forward BOOTP/DHCP packets to. +[Service] +Environment="DHCRELAY_SERVERS=" \ No newline at end of file diff --git a/systemd/system/dhcrelay6.service.d/00gentoo.conf b/systemd/system/dhcrelay6.service.d/00gentoo.conf new file mode 100644 index 00000000..ae293ab4 --- /dev/null +++ b/systemd/system/dhcrelay6.service.d/00gentoo.conf @@ -0,0 +1,6 @@ +[Service] +# Space separated list of IPs to forward BOOTP/DHCP packets to +Environment="DHCRELAY_SERVERS=" +# Make sure you specify the lower (-l)/upper (-u) interfaces +Environment="lower-iface=" +Environment="upper-iface=" diff --git a/xml/catalog b/xml/catalog index 1567d818..77d48a88 100644 --- a/xml/catalog +++ b/xml/catalog @@ -17,4 +17,17 @@ + + + + + + + + + + + + + diff --git a/xml/sgml-data b/xml/sgml-data new file mode 100644 index 00000000..7fbc44fb --- /dev/null +++ b/xml/sgml-data @@ -0,0 +1,13 @@ + + + + + + + + + + + + + diff --git a/xml/xml-core b/xml/xml-core new file mode 100644 index 00000000..dd64ebf3 --- /dev/null +++ b/xml/xml-core @@ -0,0 +1,8 @@ + + + + + + + +