From: Frank Brehm Date: Wed, 19 Jul 2017 19:39:59 +0000 (+0200) Subject: committing changes in /etc after apt run X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=f124de257752e7f7840f335839f2e3b002c352a6;p=config%2Fsarah%2Fetc.git committing changes in /etc after apt run --- diff --git a/.etckeeper b/.etckeeper index d5d9893..5a65955 100755 --- a/.etckeeper +++ b/.etckeeper @@ -1,6 +1,7 @@ # Generated by etckeeper. Do not edit. mkdir -p './X11/xkb' +mkdir -p './apm/event.d' mkdir -p './apparmor.d/force-complain' mkdir -p './apt/preferences.d' mkdir -p './binfmt.d' @@ -10,11 +11,9 @@ mkdir -p './clamav/onupdateexecute.d' mkdir -p './clamav/virusevent.d' mkdir -p './console' mkdir -p './dbus-1/session.d' -mkdir -p './dkimkeys' mkdir -p './dovecot/private' mkdir -p './dpkg/dpkg.cfg.d' mkdir -p './fail2ban/fail2ban.d' -mkdir -p './fail2ban/jail.d' mkdir -p './initramfs-tools/conf.d' mkdir -p './initramfs-tools/hooks' mkdir -p './initramfs-tools/scripts/init-bottom' @@ -28,26 +27,32 @@ mkdir -p './initramfs-tools/scripts/nfs-premount' mkdir -p './initramfs-tools/scripts/nfs-top' mkdir -p './initramfs-tools/scripts/panic' mkdir -p './insserv/overrides' +mkdir -p './kernel/install.d' mkdir -p './logwatch/scripts/services' -mkdir -p './network/if-post-down.d' +mkdir -p './modprobe.d' mkdir -p './network/if-pre-up.d' mkdir -p './network/interfaces.d' +mkdir -p './nginx/modules-available' mkdir -p './opt' mkdir -p './perl/CPAN' mkdir -p './phpmyadmin/conf.d' +mkdir -p './postfix/dynamicmaps.cf.d' mkdir -p './postfix/sasl' mkdir -p './salt/proxy.d' mkdir -p './security/limits.d' mkdir -p './security/namespace.d' -mkdir -p './systemd/network' -mkdir -p './systemd/ntp-units.d' mkdir -p './systemd/user' mkdir -p './tmpfiles.d' mkdir -p './udev/hwdb.d' maybe chmod 0755 '.' maybe chmod 0700 '.etckeeper' maybe chmod 0600 '.gitignore' +maybe chmod 0755 'NetworkManager' +maybe chmod 0755 'NetworkManager/dispatcher.d' +maybe chmod 0755 'NetworkManager/dispatcher.d/20-chrony' maybe chmod 0755 'X11' +maybe chmod 0755 'X11/Xsession.d' +maybe chmod 0644 'X11/Xsession.d/90gpg-agent' maybe chmod 0755 'X11/xkb' maybe chmod 0755 'acpi' maybe chmod 0755 'acpi/events' @@ -82,16 +87,20 @@ maybe chmod 0644 'amavis/en_US/template-virus-recipient.txt' maybe chmod 0644 'amavis/en_US/template-virus-sender.txt' maybe chmod 0755 'apache2' maybe chmod 0755 'apache2/conf-available' +maybe chmod 0755 'apache2/mods-available' +maybe chmod 0644 'apache2/mods-available/php7.0.conf' +maybe chmod 0644 'apache2/mods-available/php7.0.load' maybe chmod 0755 'apm' maybe chmod 0755 'apm/event.d' -maybe chmod 0755 'apm/event.d/01chrony' maybe chmod 0755 'apparmor.d' maybe chmod 0755 'apparmor.d/force-complain' maybe chmod 0755 'apparmor.d/local' maybe chmod 0644 'apparmor.d/local/usr.bin.freshclam' maybe chmod 0644 'apparmor.d/local/usr.sbin.clamd' +maybe chmod 0644 'apparmor.d/local/usr.sbin.haveged' maybe chmod 0644 'apparmor.d/usr.bin.freshclam' maybe chmod 0644 'apparmor.d/usr.sbin.clamd' +maybe chmod 0644 'apparmor.d/usr.sbin.haveged' maybe chmod 0644 'apparmor.d/usr.sbin.mysqld' maybe chmod 0755 'apt' maybe chmod 0644 'apt/SALTSTACK-GPG-KEY.pub' @@ -99,7 +108,7 @@ maybe chmod 0755 'apt/apt.conf.d' maybe chmod 0644 'apt/apt.conf.d/00recommends' maybe chmod 0644 'apt/apt.conf.d/00trustcdrom' maybe chmod 0644 'apt/apt.conf.d/01autoremove' -maybe chmod 0644 'apt/apt.conf.d/01autoremove-kernels' +maybe chmod 0444 'apt/apt.conf.d/01autoremove-kernels' maybe chmod 0644 'apt/apt.conf.d/05etckeeper' maybe chmod 0644 'apt/apt.conf.d/70debconf' maybe chmod 0644 'apt/apt.conf.d/99force-ipv4' @@ -134,17 +143,12 @@ maybe chmod 0640 'at.deny' maybe chmod 0644 'bash.bashrc' maybe chmod 0644 'bash_completion' maybe chmod 0755 'bash_completion.d' -maybe chmod 0644 'bash_completion.d/debconf' -maybe chmod 0644 'bash_completion.d/etckeeper' maybe chmod 0644 'bash_completion.d/fail2ban' maybe chmod 0644 'bash_completion.d/git-prompt' maybe chmod 0644 'bash_completion.d/grub' -maybe chmod 0644 'bash_completion.d/initramfs-tools' maybe chmod 0644 'bash_completion.d/insserv' -maybe chmod 0644 'bash_completion.d/isoquery' maybe chmod 0644 'bash_completion.d/salt-common' maybe chmod 0644 'bash_completion.d/tig' -maybe chmod 0644 'bash_completion.d/whiptail' maybe chmod 0644 'bindresvport.blacklist' maybe chmod 0755 'binfmt.d' maybe chmod 0755 'ca-certificates' @@ -170,6 +174,9 @@ maybe chmod 0755 'console' maybe chmod 0755 'console-setup' maybe chmod 0644 'console-setup/cached_Lat15-Fixed16.psf.gz' maybe chmod 0644 'console-setup/cached_UTF-8_del.kmap.gz' +maybe chmod 0755 'console-setup/cached_setup_font.sh' +maybe chmod 0755 'console-setup/cached_setup_keyboard.sh' +maybe chmod 0755 'console-setup/cached_setup_terminal.sh' maybe chmod 0644 'console-setup/compose.ARMSCII-8.inc' maybe chmod 0644 'console-setup/compose.CP1251.inc' maybe chmod 0644 'console-setup/compose.CP1255.inc' @@ -203,12 +210,13 @@ maybe chmod 0644 'cron.d/.placeholder' maybe chmod 0644 'cron.d/amavisd-new' maybe chmod 0644 'cron.d/apticron' maybe chmod 0644 'cron.d/greetings' +maybe chmod 0644 'cron.d/php' maybe chmod 0644 'cron.d/php5' maybe chmod 0644 'cron.d/sysstat' maybe chmod 0755 'cron.daily' maybe chmod 0644 'cron.daily/.placeholder' maybe chmod 0755 'cron.daily/00logwatch' -maybe chmod 0755 'cron.daily/apt' +maybe chmod 0755 'cron.daily/apt-compat' maybe chmod 0755 'cron.daily/aptitude' maybe chmod 0755 'cron.daily/bsdmainutils' maybe chmod 0755 'cron.daily/dpkg' @@ -234,14 +242,13 @@ maybe chmod 0755 'dbconfig-common' maybe chmod 0600 'dbconfig-common/config' maybe chmod 0600 'dbconfig-common/phpmyadmin.conf' maybe chmod 0755 'dbus-1' -maybe chmod 0644 'dbus-1/session.conf' maybe chmod 0755 'dbus-1/session.d' -maybe chmod 0644 'dbus-1/system.conf' maybe chmod 0755 'dbus-1/system.d' maybe chmod 0644 'dbus-1/system.d/org.freedesktop.hostname1.conf' maybe chmod 0644 'dbus-1/system.d/org.freedesktop.locale1.conf' maybe chmod 0644 'dbus-1/system.d/org.freedesktop.login1.conf' -maybe chmod 0644 'dbus-1/system.d/org.freedesktop.machine1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.network1.conf' +maybe chmod 0644 'dbus-1/system.d/org.freedesktop.resolve1.conf' maybe chmod 0644 'dbus-1/system.d/org.freedesktop.systemd1.conf' maybe chmod 0644 'dbus-1/system.d/org.freedesktop.timedate1.conf' maybe chmod 0644 'debconf.conf' @@ -251,6 +258,7 @@ maybe chmod 0644 'default/acpid' maybe chmod 0644 'default/amavis-mc' maybe chmod 0644 'default/amavisd-snmp-subagent' maybe chmod 0644 'default/bsdmainutils' +maybe chmod 0644 'default/chrony' maybe chmod 0644 'default/console-setup' maybe chmod 0644 'default/cron' maybe chmod 0644 'default/dbus' @@ -264,6 +272,7 @@ maybe chmod 0644 'default/hwclock' maybe chmod 0644 'default/iptables.bak' maybe chmod 0644 'default/keyboard' maybe chmod 0644 'default/locale' +maybe chmod 0644 'default/mysql' maybe chmod 0644 'default/netfilter-persistent' maybe chmod 0644 'default/networking' maybe chmod 0644 'default/nginx' @@ -280,20 +289,22 @@ maybe chmod 0644 'default/useradd' maybe chmod 0644 'default/uwsgi' maybe chmod 0644 'deluser.conf' maybe chmod 0755 'dhcp' +maybe chmod 0644 'dhcp/debug' maybe chmod 0755 'dhcp/dhclient-enter-hooks.d' -maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/debug' maybe chmod 0644 'dhcp/dhclient-enter-hooks.d/nodnsupdate' maybe chmod 0755 'dhcp/dhclient-exit-hooks.d' -maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/debug' maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes' +maybe chmod 0644 'dhcp/dhclient-exit-hooks.d/timesyncd' maybe chmod 0644 'dhcp/dhclient.conf' maybe chmod 0755 'dictionaries-common' maybe chmod 0644 'discover-modprobe.conf' maybe chmod 0755 'discover.conf.d' maybe chmod 0644 'discover.conf.d/00discover' +maybe chown 'opendkim' 'dkimkeys' +maybe chgrp 'opendkim' 'dkimkeys' maybe chmod 0700 'dkimkeys' +maybe chmod 0644 'dkimkeys/README.PrivateKeys' maybe chmod 0755 'dovecot' -maybe chmod 0644 'dovecot/README' maybe chmod 0755 'dovecot/conf.d' maybe chmod 0644 'dovecot/conf.d/10-auth.conf' maybe chmod 0644 'dovecot/conf.d/10-director.conf' @@ -364,6 +375,7 @@ maybe chmod 0755 'etckeeper/commit.d/30hg-addremove' maybe chmod 0755 'etckeeper/commit.d/50vcs-commit' maybe chmod 0755 'etckeeper/commit.d/99push' maybe chmod 0644 'etckeeper/commit.d/README' +maybe chmod 0755 'etckeeper/daily' maybe chmod 0644 'etckeeper/etckeeper.conf' maybe chmod 0755 'etckeeper/init.d' maybe chmod 0755 'etckeeper/init.d/10restore-metadata' @@ -405,18 +417,25 @@ maybe chmod 0755 'fail2ban' maybe chmod 0755 'fail2ban/action.d' maybe chmod 0644 'fail2ban/action.d/apf.conf' maybe chmod 0644 'fail2ban/action.d/badips.conf' +maybe chmod 0644 'fail2ban/action.d/badips.py' maybe chmod 0644 'fail2ban/action.d/blocklist_de.conf' maybe chmod 0644 'fail2ban/action.d/bsd-ipfw.conf' +maybe chmod 0644 'fail2ban/action.d/cloudflare.conf' maybe chmod 0644 'fail2ban/action.d/complain.conf' maybe chmod 0644 'fail2ban/action.d/dshield.conf' maybe chmod 0644 'fail2ban/action.d/dummy.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-allports.conf' maybe chmod 0644 'fail2ban/action.d/firewallcmd-ipset.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-multiport.conf' maybe chmod 0644 'fail2ban/action.d/firewallcmd-new.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-rich-logging.conf' +maybe chmod 0644 'fail2ban/action.d/firewallcmd-rich-rules.conf' maybe chmod 0644 'fail2ban/action.d/hostsdeny.conf' maybe chmod 0644 'fail2ban/action.d/ipfilter.conf' maybe chmod 0644 'fail2ban/action.d/ipfw.conf' maybe chmod 0644 'fail2ban/action.d/iptables-allports.conf' maybe chmod 0644 'fail2ban/action.d/iptables-blocktype.conf' +maybe chmod 0644 'fail2ban/action.d/iptables-common.conf' maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto4.conf' maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6-allports.conf' maybe chmod 0644 'fail2ban/action.d/iptables-ipset-proto6.conf' @@ -426,59 +445,96 @@ maybe chmod 0644 'fail2ban/action.d/iptables-new.conf' maybe chmod 0644 'fail2ban/action.d/iptables-xt_recent-echo.conf' maybe chmod 0644 'fail2ban/action.d/iptables.conf' maybe chmod 0644 'fail2ban/action.d/mail-buffered.conf' +maybe chmod 0644 'fail2ban/action.d/mail-whois-common.conf' maybe chmod 0644 'fail2ban/action.d/mail-whois-lines.conf' maybe chmod 0644 'fail2ban/action.d/mail-whois.conf' maybe chmod 0644 'fail2ban/action.d/mail.conf' maybe chmod 0644 'fail2ban/action.d/mynetwatchman.conf' +maybe chmod 0644 'fail2ban/action.d/nftables-allports.conf' +maybe chmod 0644 'fail2ban/action.d/nftables-common.conf' +maybe chmod 0644 'fail2ban/action.d/nftables-multiport.conf' +maybe chmod 0644 'fail2ban/action.d/npf.conf' +maybe chmod 0644 'fail2ban/action.d/nsupdate.conf' maybe chmod 0644 'fail2ban/action.d/osx-afctl.conf' maybe chmod 0644 'fail2ban/action.d/osx-ipfw.conf' maybe chmod 0644 'fail2ban/action.d/pf.conf' maybe chmod 0644 'fail2ban/action.d/route.conf' maybe chmod 0644 'fail2ban/action.d/sendmail-buffered.conf' maybe chmod 0644 'fail2ban/action.d/sendmail-common.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-geoip-lines.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois-ipjailmatches.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois-ipmatches.conf' maybe chmod 0644 'fail2ban/action.d/sendmail-whois-lines.conf' +maybe chmod 0644 'fail2ban/action.d/sendmail-whois-matches.conf' maybe chmod 0644 'fail2ban/action.d/sendmail-whois.conf' maybe chmod 0644 'fail2ban/action.d/sendmail.conf' +maybe chmod 0644 'fail2ban/action.d/shorewall-ipset-proto6.conf' maybe chmod 0644 'fail2ban/action.d/shorewall.conf' +maybe chmod 0644 'fail2ban/action.d/smtp.py' +maybe chmod 0644 'fail2ban/action.d/symbiosis-blacklist-allports.conf' maybe chmod 0644 'fail2ban/action.d/ufw.conf' +maybe chmod 0644 'fail2ban/action.d/xarf-login-attack.conf' maybe chmod 0644 'fail2ban/fail2ban.conf' maybe chmod 0755 'fail2ban/fail2ban.d' maybe chmod 0755 'fail2ban/filter.d' maybe chmod 0644 'fail2ban/filter.d/3proxy.conf' maybe chmod 0644 'fail2ban/filter.d/apache-auth.conf' maybe chmod 0644 'fail2ban/filter.d/apache-badbots.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-botsearch.conf' maybe chmod 0644 'fail2ban/filter.d/apache-common.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-fakegooglebot.conf' maybe chmod 0644 'fail2ban/filter.d/apache-modsecurity.conf' maybe chmod 0644 'fail2ban/filter.d/apache-nohome.conf' maybe chmod 0644 'fail2ban/filter.d/apache-noscript.conf' maybe chmod 0644 'fail2ban/filter.d/apache-overflows.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-pass.conf' +maybe chmod 0644 'fail2ban/filter.d/apache-shellshock.conf' maybe chmod 0644 'fail2ban/filter.d/assp.conf' maybe chmod 0644 'fail2ban/filter.d/asterisk.conf' +maybe chmod 0644 'fail2ban/filter.d/botsearch-common.conf' maybe chmod 0644 'fail2ban/filter.d/common.conf' -maybe chmod 0644 'fail2ban/filter.d/courierlogin.conf' -maybe chmod 0644 'fail2ban/filter.d/couriersmtp.conf' +maybe chmod 0644 'fail2ban/filter.d/counter-strike.conf' +maybe chmod 0644 'fail2ban/filter.d/courier-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/courier-smtp.conf' maybe chmod 0644 'fail2ban/filter.d/cyrus-imap.conf' +maybe chmod 0644 'fail2ban/filter.d/directadmin.conf' maybe chmod 0644 'fail2ban/filter.d/dovecot.conf' maybe chmod 0644 'fail2ban/filter.d/dovecot.iredmail.conf' maybe chmod 0644 'fail2ban/filter.d/dropbear.conf' +maybe chmod 0644 'fail2ban/filter.d/drupal-auth.conf' maybe chmod 0644 'fail2ban/filter.d/ejabberd-auth.conf' maybe chmod 0644 'fail2ban/filter.d/exim-common.conf' maybe chmod 0644 'fail2ban/filter.d/exim-spam.conf' maybe chmod 0644 'fail2ban/filter.d/exim.conf' maybe chmod 0644 'fail2ban/filter.d/freeswitch.conf' +maybe chmod 0644 'fail2ban/filter.d/froxlor-auth.conf' maybe chmod 0644 'fail2ban/filter.d/groupoffice.conf' maybe chmod 0644 'fail2ban/filter.d/gssftpd.conf' +maybe chmod 0644 'fail2ban/filter.d/guacamole.conf' +maybe chmod 0644 'fail2ban/filter.d/haproxy-http-auth.conf' maybe chmod 0644 'fail2ban/filter.d/horde.conf' +maybe chmod 0755 'fail2ban/filter.d/ignorecommands' +maybe chmod 0755 'fail2ban/filter.d/ignorecommands/apache-fakegooglebot' +maybe chmod 0644 'fail2ban/filter.d/kerio.conf' maybe chmod 0644 'fail2ban/filter.d/lighttpd-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/mongodb-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/monit.conf' +maybe chmod 0644 'fail2ban/filter.d/murmur.conf' maybe chmod 0644 'fail2ban/filter.d/mysqld-auth.conf' maybe chmod 0644 'fail2ban/filter.d/nagios.conf' maybe chmod 0644 'fail2ban/filter.d/named-refused.conf' +maybe chmod 0644 'fail2ban/filter.d/nginx-botsearch.conf' maybe chmod 0644 'fail2ban/filter.d/nginx-http-auth.conf' +maybe chmod 0644 'fail2ban/filter.d/nginx-limit-req.conf' maybe chmod 0644 'fail2ban/filter.d/nsd.conf' +maybe chmod 0644 'fail2ban/filter.d/openhab.conf' maybe chmod 0644 'fail2ban/filter.d/openwebmail.conf' +maybe chmod 0644 'fail2ban/filter.d/oracleims.conf' maybe chmod 0644 'fail2ban/filter.d/pam-generic.conf' maybe chmod 0644 'fail2ban/filter.d/perdition.conf' maybe chmod 0644 'fail2ban/filter.d/php-url-fopen.conf' +maybe chmod 0644 'fail2ban/filter.d/portsentry.conf' +maybe chmod 0644 'fail2ban/filter.d/postfix-rbl.conf' maybe chmod 0644 'fail2ban/filter.d/postfix-sasl.conf' maybe chmod 0644 'fail2ban/filter.d/postfix.conf' maybe chmod 0644 'fail2ban/filter.d/postfix.iredmail.conf' @@ -488,17 +544,22 @@ maybe chmod 0644 'fail2ban/filter.d/qmail.conf' maybe chmod 0644 'fail2ban/filter.d/recidive.conf' maybe chmod 0644 'fail2ban/filter.d/roundcube-auth.conf' maybe chmod 0644 'fail2ban/filter.d/roundcube.iredmail.conf' +maybe chmod 0644 'fail2ban/filter.d/screensharingd.conf' maybe chmod 0644 'fail2ban/filter.d/selinux-common.conf' maybe chmod 0644 'fail2ban/filter.d/selinux-ssh.conf' maybe chmod 0644 'fail2ban/filter.d/sendmail-auth.conf' maybe chmod 0644 'fail2ban/filter.d/sendmail-reject.conf' maybe chmod 0644 'fail2ban/filter.d/sieve.conf' +maybe chmod 0644 'fail2ban/filter.d/slapd.conf' maybe chmod 0644 'fail2ban/filter.d/sogo-auth.conf' maybe chmod 0644 'fail2ban/filter.d/solid-pop3d.conf' maybe chmod 0644 'fail2ban/filter.d/squid.conf' +maybe chmod 0644 'fail2ban/filter.d/squirrelmail.conf' maybe chmod 0644 'fail2ban/filter.d/sshd-ddos.conf' maybe chmod 0644 'fail2ban/filter.d/sshd.conf' +maybe chmod 0644 'fail2ban/filter.d/stunnel.conf' maybe chmod 0644 'fail2ban/filter.d/suhosin.conf' +maybe chmod 0644 'fail2ban/filter.d/tine20.conf' maybe chmod 0644 'fail2ban/filter.d/uwimap-auth.conf' maybe chmod 0644 'fail2ban/filter.d/vsftpd.conf' maybe chmod 0644 'fail2ban/filter.d/webmin-auth.conf' @@ -506,7 +567,11 @@ maybe chmod 0644 'fail2ban/filter.d/wuftpd.conf' maybe chmod 0644 'fail2ban/filter.d/xinetd-fail.conf' maybe chmod 0644 'fail2ban/jail.conf' maybe chmod 0755 'fail2ban/jail.d' +maybe chmod 0644 'fail2ban/jail.d/defaults-debian.conf' maybe chmod 0644 'fail2ban/jail.local' +maybe chmod 0644 'fail2ban/paths-common.conf' +maybe chmod 0644 'fail2ban/paths-debian.conf' +maybe chmod 0644 'fail2ban/paths-opensuse.conf' maybe chmod 0755 'fonts' maybe chmod 0755 'fonts/conf.avail' maybe chmod 0644 'fonts/conf.avail/20-unhint-small-dejavu-lgc-sans-mono.conf' @@ -569,7 +634,7 @@ maybe chmod 0755 'init.d/checkroot.sh' maybe chmod 0755 'init.d/chrony' maybe chmod 0755 'init.d/clamav-daemon' maybe chmod 0755 'init.d/clamav-freshclam' -maybe chmod 0755 'init.d/console-setup' +maybe chmod 0755 'init.d/console-setup.sh' maybe chmod 0755 'init.d/cron' maybe chmod 0755 'init.d/dbus' maybe chmod 0755 'init.d/dovecot' @@ -581,11 +646,12 @@ maybe chmod 0755 'init.d/hwclock.sh' maybe chmod 0755 'init.d/iptables' maybe chmod 0755 'init.d/iredapd' maybe chmod 0755 'init.d/kbd' -maybe chmod 0755 'init.d/keyboard-setup' -maybe chmod 0755 'init.d/keymap.sh' +maybe chmod 0755 'init.d/keyboard-setup.sh' maybe chmod 0755 'init.d/killprocs' maybe chmod 0755 'init.d/kmod' maybe chmod 0755 'init.d/lvm2' +maybe chmod 0755 'init.d/lvm2-lvmetad' +maybe chmod 0755 'init.d/lvm2-lvmpolld' maybe chmod 0755 'init.d/motd' maybe chmod 0755 'init.d/mountall-bootclean.sh' maybe chmod 0755 'init.d/mountall.sh' @@ -617,7 +683,6 @@ maybe chmod 0755 'init.d/ssh' maybe chmod 0755 'init.d/sudo' maybe chmod 0755 'init.d/sysstat' maybe chmod 0755 'init.d/udev' -maybe chmod 0755 'init.d/udev-finish' maybe chmod 0755 'init.d/ulogd2' maybe chmod 0755 'init.d/umountfs' maybe chmod 0755 'init.d/umountnfs.sh' @@ -628,12 +693,11 @@ maybe chmod 0644 'init/network-interface-container.conf' maybe chmod 0644 'init/network-interface-security.conf' maybe chmod 0644 'init/network-interface.conf' maybe chmod 0644 'init/networking.conf' +maybe chmod 0644 'init/nginx.conf' maybe chmod 0644 'init/php5-fpm.conf' maybe chmod 0644 'init/salt-minion.conf' maybe chmod 0644 'init/ssh.conf' maybe chmod 0644 'init/startpar-bridge.conf' -maybe chmod 0644 'init/udev-fallback-graphics.conf' -maybe chmod 0644 'init/udev-finish.conf' maybe chmod 0644 'init/udev.conf' maybe chmod 0644 'init/udevmonitor.conf' maybe chmod 0644 'init/udevtrigger.conf' @@ -659,16 +723,21 @@ maybe chmod 0644 'inputrc' maybe chmod 0755 'insserv' maybe chmod 0644 'insserv.conf' maybe chmod 0755 'insserv.conf.d' +maybe chmod 0644 'insserv.conf.d/mariadb' maybe chmod 0644 'insserv.conf.d/postfix' maybe chmod 0755 'insserv/overrides' maybe chmod 0755 'iproute2' +maybe chmod 0644 'iproute2/bpf_pinning' maybe chmod 0644 'iproute2/ematch_map' maybe chmod 0644 'iproute2/group' +maybe chmod 0644 'iproute2/nl_protos' maybe chmod 0644 'iproute2/rt_dsfield' maybe chmod 0644 'iproute2/rt_protos' maybe chmod 0644 'iproute2/rt_realms' maybe chmod 0644 'iproute2/rt_scopes' maybe chmod 0644 'iproute2/rt_tables' +maybe chmod 0755 'iproute2/rt_tables.d' +maybe chmod 0644 'iproute2/rt_tables.d/README' maybe chmod 0755 'iptables' maybe chmod 0640 'iptables/rules.v4' maybe chmod 0640 'iptables/rules.v6' @@ -682,6 +751,7 @@ maybe chmod 0644 'kbd/config' maybe chmod 0644 'kbd/remap' maybe chmod 0755 'kernel' maybe chmod 0644 'kernel-img.conf' +maybe chmod 0755 'kernel/install.d' maybe chmod 0755 'kernel/postinst.d' maybe chmod 0755 'kernel/postinst.d/apt-auto-removal' maybe chmod 0755 'kernel/postinst.d/initramfs-tools' @@ -705,19 +775,21 @@ maybe chmod 0644 'libnl-3/pktloc' maybe chmod 0644 'locale.alias' maybe chmod 0644 'locale.gen' maybe chmod 0644 'locale.gen.bak' -maybe chmod 0644 'localtime' maybe chmod 0644 'localtime.bak' maybe chmod 0755 'logcheck' maybe chmod 0755 'logcheck/ignore.d.paranoid' maybe chmod 0644 'logcheck/ignore.d.paranoid/clamav-daemon' maybe chmod 0644 'logcheck/ignore.d.paranoid/mariadb-server-10_0' +maybe chmod 0644 'logcheck/ignore.d.paranoid/mariadb-server-10_1' maybe chmod 0755 'logcheck/ignore.d.server' maybe chmod 0644 'logcheck/ignore.d.server/clamav-daemon' maybe chmod 0644 'logcheck/ignore.d.server/clamav-freshclam' maybe chmod 0644 'logcheck/ignore.d.server/mariadb-server-10_0' +maybe chmod 0644 'logcheck/ignore.d.server/mariadb-server-10_1' maybe chmod 0644 'logcheck/ignore.d.server/rsyslog' maybe chmod 0755 'logcheck/ignore.d.workstation' maybe chmod 0644 'logcheck/ignore.d.workstation/mariadb-server-10_0' +maybe chmod 0644 'logcheck/ignore.d.workstation/mariadb-server-10_1' maybe chmod 0644 'login.defs' maybe chmod 0644 'logrotate.conf' maybe chmod 0755 'logrotate.d' @@ -726,6 +798,7 @@ maybe chmod 0644 'logrotate.d/aptitude' maybe chmod 0644 'logrotate.d/chrony' maybe chmod 0644 'logrotate.d/clamav-daemon' maybe chmod 0644 'logrotate.d/clamav-freshclam' +maybe chmod 0644 'logrotate.d/dbconfig-common' maybe chmod 0644 'logrotate.d/dovecot' maybe chmod 0644 'logrotate.d/dpkg' maybe chmod 0644 'logrotate.d/fail2ban' @@ -764,6 +837,8 @@ maybe chmod 0444 'machine-id' maybe chmod 0644 'magic' maybe chmod 0644 'magic.mime' maybe chmod 0755 'mail' +maybe chmod 0755 'mail/m4' +maybe chmod 0644 'mail/m4/opendkim.m4' maybe chmod 0644 'mailcap' maybe chmod 0644 'mailcap.order' maybe chmod 0644 'mailname' @@ -771,20 +846,31 @@ maybe chmod 0644 'manpath.config' maybe chmod 0644 'mime.types' maybe chmod 0644 'mke2fs.conf' maybe chmod 0755 'modprobe.d' -maybe chmod 0644 'modprobe.d/fbdev-blacklist.conf' maybe chmod 0644 'modules' maybe chmod 0755 'modules-load.d' +maybe chmod 0755 'monit' +maybe chmod 0755 'monit/monitrc.d' +maybe chmod 0644 'monit/monitrc.d/fail2ban' +maybe chmod 0644 'motd' maybe chmod 0644 'motd.tail' maybe chmod 0755 'mysql' maybe chmod 0755 'mysql/conf.d' -maybe chmod 0644 'mysql/conf.d/.keepme' maybe chmod 0644 'mysql/conf.d/mariadb.cnf' +maybe chmod 0644 'mysql/conf.d/mysql.cnf' maybe chmod 0644 'mysql/conf.d/mysqld_safe_syslog.cnf' +maybe chmod 0644 'mysql/conf.d/mysqldump.cnf' maybe chmod 0644 'mysql/conf.d/tokudb.cnf' maybe chmod 0755 'mysql/debian-start' maybe chmod 0600 'mysql/debian.cnf' -maybe chmod 0644 'mysql/my.cnf' +maybe chmod 0644 'mysql/mariadb.cnf' +maybe chmod 0755 'mysql/mariadb.conf.d' +maybe chmod 0644 'mysql/mariadb.conf.d/50-client.cnf' +maybe chmod 0644 'mysql/mariadb.conf.d/50-mysql-clients.cnf' +maybe chmod 0644 'mysql/mariadb.conf.d/50-mysqld_safe.cnf' +maybe chmod 0644 'mysql/mariadb.conf.d/50-server.cnf' maybe chmod 0644 'mysql/my.cnf.2016.07.20.08.58.54' +maybe chmod 0644 'mysql/my.cnf.fallback' +maybe chmod 0644 'mysql/my.cnf.migrated' maybe chmod 0644 'nail.rc' maybe chmod 0644 'nanorc' maybe chmod 0755 'network' @@ -793,8 +879,10 @@ maybe chmod 0755 'network/if-down.d/clamav-freshclam-ifupdown' maybe chmod 0755 'network/if-down.d/postfix' maybe chmod 0755 'network/if-down.d/upstart' maybe chmod 0755 'network/if-post-down.d' +maybe chmod 0755 'network/if-post-down.d/chrony' maybe chmod 0755 'network/if-pre-up.d' maybe chmod 0755 'network/if-up.d' +maybe chmod 0755 'network/if-up.d/chrony' maybe chmod 0755 'network/if-up.d/clamav-freshclam-ifupdown' maybe chmod 0755 'network/if-up.d/mountnfs' maybe chmod 0755 'network/if-up.d/openssh-server' @@ -813,6 +901,8 @@ maybe chmod 0644 'nginx/fastcgi_params' maybe chmod 0644 'nginx/koi-utf' maybe chmod 0644 'nginx/koi-win' maybe chmod 0644 'nginx/mime.types' +maybe chmod 0755 'nginx/modules-available' +maybe chmod 0755 'nginx/modules-enabled' maybe chmod 0644 'nginx/nginx.conf' maybe chmod 0644 'nginx/nginx.conf.2016.07.20.08.58.54' maybe chmod 0644 'nginx/proxy_params' @@ -873,6 +963,45 @@ maybe chmod 0755 'perl/CPAN' maybe chmod 0755 'perl/Net' maybe chmod 0644 'perl/Net/libnet.cfg' maybe chmod 0644 'perl/sitecustomize.pl' +maybe chmod 0755 'php' +maybe chmod 0755 'php/7.0' +maybe chmod 0755 'php/7.0/apache2' +maybe chmod 0755 'php/7.0/apache2/conf.d' +maybe chmod 0644 'php/7.0/apache2/php.ini' +maybe chmod 0755 'php/7.0/cli' +maybe chmod 0755 'php/7.0/cli/conf.d' +maybe chmod 0644 'php/7.0/cli/php.ini' +maybe chmod 0755 'php/7.0/mods-available' +maybe chmod 0644 'php/7.0/mods-available/calendar.ini' +maybe chmod 0644 'php/7.0/mods-available/ctype.ini' +maybe chmod 0644 'php/7.0/mods-available/dom.ini' +maybe chmod 0644 'php/7.0/mods-available/exif.ini' +maybe chmod 0644 'php/7.0/mods-available/fileinfo.ini' +maybe chmod 0644 'php/7.0/mods-available/ftp.ini' +maybe chmod 0644 'php/7.0/mods-available/gettext.ini' +maybe chmod 0644 'php/7.0/mods-available/iconv.ini' +maybe chmod 0644 'php/7.0/mods-available/json.ini' +maybe chmod 0644 'php/7.0/mods-available/mbstring.ini' +maybe chmod 0644 'php/7.0/mods-available/mysqli.ini' +maybe chmod 0644 'php/7.0/mods-available/mysqlnd.ini' +maybe chmod 0644 'php/7.0/mods-available/opcache.ini' +maybe chmod 0644 'php/7.0/mods-available/pdo.ini' +maybe chmod 0644 'php/7.0/mods-available/pdo_mysql.ini' +maybe chmod 0644 'php/7.0/mods-available/phar.ini' +maybe chmod 0644 'php/7.0/mods-available/posix.ini' +maybe chmod 0644 'php/7.0/mods-available/readline.ini' +maybe chmod 0644 'php/7.0/mods-available/shmop.ini' +maybe chmod 0644 'php/7.0/mods-available/simplexml.ini' +maybe chmod 0644 'php/7.0/mods-available/sockets.ini' +maybe chmod 0644 'php/7.0/mods-available/sysvmsg.ini' +maybe chmod 0644 'php/7.0/mods-available/sysvsem.ini' +maybe chmod 0644 'php/7.0/mods-available/sysvshm.ini' +maybe chmod 0644 'php/7.0/mods-available/tokenizer.ini' +maybe chmod 0644 'php/7.0/mods-available/wddx.ini' +maybe chmod 0644 'php/7.0/mods-available/xml.ini' +maybe chmod 0644 'php/7.0/mods-available/xmlreader.ini' +maybe chmod 0644 'php/7.0/mods-available/xmlwriter.ini' +maybe chmod 0644 'php/7.0/mods-available/xsl.ini' maybe chmod 0755 'php5' maybe chmod 0755 'php5/cli' maybe chmod 0755 'php5/cli/conf.d' @@ -917,6 +1046,7 @@ maybe chmod 0640 'postfix/body_checks.pcre' maybe chmod 0755 'postfix/disclaimer' maybe chmod 0644 'postfix/disclaimer/default.txt' maybe chmod 0644 'postfix/dynamicmaps.cf' +maybe chmod 0755 'postfix/dynamicmaps.cf.d' maybe chgrp 'postfix' 'postfix/header_checks' maybe chmod 0640 'postfix/header_checks' maybe chgrp 'postfix' 'postfix/helo_access.pcre' @@ -925,9 +1055,12 @@ maybe chmod 0640 'postfix/helo_access.pcre.2016.07.20.08.58.54' maybe chmod 0644 'postfix/main.cf' maybe chmod 0644 'postfix/main.cf.2016.07.20.08.58.54' maybe chmod 0644 'postfix/main.cf.2016.07.20.09.03.50' +maybe chmod 0644 'postfix/main.cf.proto' +maybe chmod 0644 'postfix/makedefs.out' maybe chmod 0644 'postfix/master.cf' maybe chmod 0644 'postfix/master.cf.2016.07.20.08.58.54' maybe chmod 0644 'postfix/master.cf.2016.07.20.09.03.50' +maybe chmod 0644 'postfix/master.cf.proto' maybe chmod 0755 'postfix/mysql' maybe chgrp 'postfix' 'postfix/mysql/catchall_maps.cf' maybe chmod 0640 'postfix/mysql/catchall_maps.cf' @@ -961,6 +1094,10 @@ maybe chgrp 'postfix' 'postfix/mysql/virtual_mailbox_maps.cf' maybe chmod 0640 'postfix/mysql/virtual_mailbox_maps.cf' maybe chmod 0755 'postfix/post-install' maybe chmod 0644 'postfix/postfix-files' +maybe chmod 0755 'postfix/postfix-files.d' +maybe chmod 0644 'postfix/postfix-files.d/mysql.files' +maybe chmod 0644 'postfix/postfix-files.d/pcre.files' +maybe chmod 0644 'postfix/postfix-files.d/sqlite.files' maybe chmod 0755 'postfix/postfix-script' maybe chmod 0644 'postfix/postscreen_access.cidr' maybe chmod 0644 'postfix/postscreen_dnsbl_reply' @@ -988,6 +1125,8 @@ maybe chmod 0644 'python2.7/sitecustomize.py' maybe chmod 0755 'python3' maybe chmod 0755 'python3.4' maybe chmod 0644 'python3.4/sitecustomize.py' +maybe chmod 0755 'python3.5' +maybe chmod 0644 'python3.5/sitecustomize.py' maybe chmod 0644 'python3/debian_config' maybe chmod 0755 'rc.local' maybe chmod 0755 'rc0.d' @@ -1019,6 +1158,7 @@ maybe chmod 0644 'rsyslog.d/60-default.conf' maybe chmod 0644 'rsyslog.d/60-mail.conf' maybe chmod 0644 'rsyslog.d/70-pb.conf' maybe chmod 0644 'rsyslog.d/postfix.conf' +maybe chmod 0644 's-nail.rc' maybe chmod 0755 'salt' maybe chmod 0644 'salt/minion' maybe chmod 0755 'salt/minion.d' @@ -1073,6 +1213,7 @@ maybe chmod 0644 'spamassassin/v312.pre' maybe chmod 0644 'spamassassin/v320.pre' maybe chmod 0644 'spamassassin/v330.pre' maybe chmod 0644 'spamassassin/v340.pre' +maybe chmod 0644 'spamassassin/v341.pre' maybe chmod 0755 'ssh' maybe chmod 0644 'ssh/moduli' maybe chmod 0644 'ssh/ssh_config' @@ -1113,28 +1254,26 @@ maybe chmod 0755 'sysstat' maybe chmod 0644 'sysstat/sysstat' maybe chmod 0644 'sysstat/sysstat.ioconf' maybe chmod 0755 'systemd' -maybe chmod 0644 'systemd/bootchart.conf' maybe chmod 0644 'systemd/journald.conf' maybe chmod 0644 'systemd/logind.conf' maybe chmod 0755 'systemd/network' -maybe chmod 0755 'systemd/ntp-units.d' +maybe chmod 0644 'systemd/network/50-virtio-kernel-names.link' +maybe chmod 0644 'systemd/network/99-default.link' maybe chmod 0644 'systemd/resolved.conf' maybe chmod 0755 'systemd/system' maybe chmod 0644 'systemd/system.conf' -maybe chmod 0755 'systemd/system/clamav-daemon.socket.d' -maybe chmod 0644 'systemd/system/clamav-daemon.socket.d/extend.conf' +maybe chmod 0755 'systemd/system/clamav-daemon.service.d' +maybe chmod 0644 'systemd/system/clamav-daemon.service.d/extend.conf' maybe chmod 0755 'systemd/system/default.target.wants' maybe chmod 0755 'systemd/system/getty.target.wants' maybe chmod 0755 'systemd/system/getty@tty1.service.d' maybe chmod 0644 'systemd/system/getty@tty1.service.d/noclear.conf' -maybe chmod 0755 'systemd/system/halt.target.wants' -maybe chmod 0755 'systemd/system/local-fs.target.wants' maybe chmod 0755 'systemd/system/multi-user.target.wants' +maybe chmod 0755 'systemd/system/network-online.target.wants' maybe chmod 0755 'systemd/system/paths.target.wants' -maybe chmod 0755 'systemd/system/poweroff.target.wants' -maybe chmod 0755 'systemd/system/reboot.target.wants' maybe chmod 0755 'systemd/system/sockets.target.wants' maybe chmod 0755 'systemd/system/sysinit.target.wants' +maybe chmod 0755 'systemd/system/timers.target.wants' maybe chmod 0644 'systemd/timesyncd.conf' maybe chmod 0755 'systemd/user' maybe chmod 0644 'systemd/user.conf' @@ -1152,10 +1291,14 @@ maybe chmod 0644 'udev/rules.d/90-memory-hotplug.rules' maybe chmod 0644 'udev/udev.conf' maybe chmod 0755 'ufw' maybe chmod 0755 'ufw/applications.d' +maybe chmod 0644 'ufw/applications.d/dovecot-imapd' +maybe chmod 0644 'ufw/applications.d/dovecot-pop3d' maybe chmod 0644 'ufw/applications.d/nginx' maybe chmod 0644 'ufw/applications.d/openssh-server' maybe chmod 0644 'ufw/applications.d/postfix' maybe chmod 0600 'ulogd.conf' +maybe chmod 0755 'update-motd.d' +maybe chmod 0755 'update-motd.d/10-uname' maybe chmod 0644 'updatedb.conf' maybe chmod 0755 'uwsgi' maybe chmod 0755 'uwsgi/apps-available' diff --git a/.gitignore b/.gitignore index 05eeb7a..9196cf5 100644 --- a/.gitignore +++ b/.gitignore @@ -44,8 +44,6 @@ cups/subscriptions.conf.O fake-hwclock.data check_mk/logwatch.state -/motd - # editor temp files *~ .*.sw? diff --git a/NetworkManager/dispatcher.d/20-chrony b/NetworkManager/dispatcher.d/20-chrony new file mode 100755 index 0000000..084aed6 --- /dev/null +++ b/NetworkManager/dispatcher.d/20-chrony @@ -0,0 +1,17 @@ +#!/bin/sh +# This is a NetworkManager dispatcher script for chronyd to set its NTP sources +# online/offline when a default route is configured/removed on the system. + +export LC_ALL=C + +if [ "$2" = "up" ]; then + /sbin/ip route list dev "$1" | grep -q '^default' && + /usr/bin/chronyc online > /dev/null 2>&1 +fi + +if [ "$2" = "down" ]; then + /sbin/ip route list | grep -q '^default' || + /usr/bin/chronyc offline > /dev/null 2>&1 +fi + +exit 0 diff --git a/X11/Xsession.d/90gpg-agent b/X11/Xsession.d/90gpg-agent new file mode 100644 index 0000000..8b45b05 --- /dev/null +++ b/X11/Xsession.d/90gpg-agent @@ -0,0 +1,22 @@ +# On systems with systemd running, we expect the agent to be launched +# via systemd's user mode (see +# /usr/lib/systemd/user/gpg-agent.{socket,service} and +# systemd.unit(5)). This allows systemd to clean up the agent +# automatically at logout. + +# If systemd is absent from your system, or you do not permit it to +# run in user mode, then you may need to manually launch gpg-agent +# from your session initialization with something like "gpgconf +# --launch gpg-agent" + +# Nonetheless, ssh and older versions of gpg require environment +# variables to be set in order to find the agent, so we will set those +# here. + +agent_sock=$(gpgconf --list-dirs agent-socket) +export GPG_AGENT_INFO=${agent_sock}:0:1 +if [ -n "$(gpgconf --list-options gpg-agent | \ + awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then + export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket) +fi + diff --git a/alternatives/Mail b/alternatives/Mail deleted file mode 120000 index 3d47966..0000000 --- a/alternatives/Mail +++ /dev/null @@ -1 +0,0 @@ -/usr/bin/heirloom-mailx \ No newline at end of file diff --git a/alternatives/Mail.1.gz b/alternatives/Mail.1.gz deleted file mode 120000 index 1917ecf..0000000 --- a/alternatives/Mail.1.gz +++ /dev/null @@ -1 +0,0 @@ -/usr/share/man/man1/heirloom-mailx.1.gz \ No newline at end of file diff --git a/alternatives/awk b/alternatives/awk index 6190dcb..19ba657 120000 --- a/alternatives/awk +++ b/alternatives/awk @@ -1 +1 @@ -/usr/bin/mawk \ No newline at end of file +/usr/bin/gawk \ No newline at end of file diff --git a/alternatives/awk.1.gz b/alternatives/awk.1.gz index 5d8f19b..134262b 120000 --- a/alternatives/awk.1.gz +++ b/alternatives/awk.1.gz @@ -1 +1 @@ -/usr/share/man/man1/mawk.1.gz \ No newline at end of file +/usr/share/man/man1/gawk.1.gz \ No newline at end of file diff --git a/alternatives/dotlock b/alternatives/dotlock new file mode 120000 index 0000000..423e888 --- /dev/null +++ b/alternatives/dotlock @@ -0,0 +1 @@ +/usr/bin/dotlock.mailutils \ No newline at end of file diff --git a/alternatives/dotlock.1.gz b/alternatives/dotlock.1.gz new file mode 120000 index 0000000..48fb595 --- /dev/null +++ b/alternatives/dotlock.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/dotlock.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/frm b/alternatives/frm new file mode 120000 index 0000000..def5353 --- /dev/null +++ b/alternatives/frm @@ -0,0 +1 @@ +/usr/bin/frm.mailutils \ No newline at end of file diff --git a/alternatives/frm.1.gz b/alternatives/frm.1.gz new file mode 120000 index 0000000..ec4c491 --- /dev/null +++ b/alternatives/frm.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/frm.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/from b/alternatives/from index 3ee6643..f4e6cdc 120000 --- a/alternatives/from +++ b/alternatives/from @@ -1 +1 @@ -/usr/bin/bsd-from \ No newline at end of file +/usr/bin/from.mailutils \ No newline at end of file diff --git a/alternatives/from.1.gz b/alternatives/from.1.gz index 9c0d8d3..d20001a 120000 --- a/alternatives/from.1.gz +++ b/alternatives/from.1.gz @@ -1 +1 @@ -/usr/share/man/man1/bsd-from.1.gz \ No newline at end of file +/usr/share/man/man1/from.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/mail b/alternatives/mail index 3d47966..e4c7643 120000 --- a/alternatives/mail +++ b/alternatives/mail @@ -1 +1 @@ -/usr/bin/heirloom-mailx \ No newline at end of file +/usr/bin/mail.mailutils \ No newline at end of file diff --git a/alternatives/mail.1.gz b/alternatives/mail.1.gz index 1917ecf..b8055c8 120000 --- a/alternatives/mail.1.gz +++ b/alternatives/mail.1.gz @@ -1 +1 @@ -/usr/share/man/man1/heirloom-mailx.1.gz \ No newline at end of file +/usr/share/man/man1/mail.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/mailx b/alternatives/mailx index 3d47966..e4c7643 120000 --- a/alternatives/mailx +++ b/alternatives/mailx @@ -1 +1 @@ -/usr/bin/heirloom-mailx \ No newline at end of file +/usr/bin/mail.mailutils \ No newline at end of file diff --git a/alternatives/mailx.1.gz b/alternatives/mailx.1.gz index 1917ecf..b8055c8 120000 --- a/alternatives/mailx.1.gz +++ b/alternatives/mailx.1.gz @@ -1 +1 @@ -/usr/share/man/man1/heirloom-mailx.1.gz \ No newline at end of file +/usr/share/man/man1/mail.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/messages b/alternatives/messages new file mode 120000 index 0000000..e66edd3 --- /dev/null +++ b/alternatives/messages @@ -0,0 +1 @@ +/usr/bin/messages.mailutils \ No newline at end of file diff --git a/alternatives/messages.1.gz b/alternatives/messages.1.gz new file mode 120000 index 0000000..8884760 --- /dev/null +++ b/alternatives/messages.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/messages.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/movemail b/alternatives/movemail new file mode 120000 index 0000000..8d4efb3 --- /dev/null +++ b/alternatives/movemail @@ -0,0 +1 @@ +/usr/bin/movemail.mailutils \ No newline at end of file diff --git a/alternatives/movemail.1.gz b/alternatives/movemail.1.gz new file mode 120000 index 0000000..32b3520 --- /dev/null +++ b/alternatives/movemail.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/movemail.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/my.cnf b/alternatives/my.cnf new file mode 120000 index 0000000..1d417a2 --- /dev/null +++ b/alternatives/my.cnf @@ -0,0 +1 @@ +/etc/mysql/my.cnf.migrated \ No newline at end of file diff --git a/alternatives/nawk b/alternatives/nawk index 6190dcb..19ba657 120000 --- a/alternatives/nawk +++ b/alternatives/nawk @@ -1 +1 @@ -/usr/bin/mawk \ No newline at end of file +/usr/bin/gawk \ No newline at end of file diff --git a/alternatives/nawk.1.gz b/alternatives/nawk.1.gz index 5d8f19b..134262b 120000 --- a/alternatives/nawk.1.gz +++ b/alternatives/nawk.1.gz @@ -1 +1 @@ -/usr/share/man/man1/mawk.1.gz \ No newline at end of file +/usr/share/man/man1/gawk.1.gz \ No newline at end of file diff --git a/alternatives/netrc.5.gz b/alternatives/netrc.5.gz new file mode 120000 index 0000000..5702a2c --- /dev/null +++ b/alternatives/netrc.5.gz @@ -0,0 +1 @@ +/usr/share/man/man5/netkit-netrc.5.gz \ No newline at end of file diff --git a/alternatives/pftp b/alternatives/pftp new file mode 120000 index 0000000..f0ae93f --- /dev/null +++ b/alternatives/pftp @@ -0,0 +1 @@ +/usr/bin/netkit-ftp \ No newline at end of file diff --git a/alternatives/pftp.1.gz b/alternatives/pftp.1.gz new file mode 120000 index 0000000..5b3a00b --- /dev/null +++ b/alternatives/pftp.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/netkit-ftp.1.gz \ No newline at end of file diff --git a/alternatives/phar b/alternatives/phar index 238208c..b02bc5b 120000 --- a/alternatives/phar +++ b/alternatives/phar @@ -1 +1 @@ -/usr/bin/phar5 \ No newline at end of file +/usr/bin/phar7.0 \ No newline at end of file diff --git a/alternatives/phar.1.gz b/alternatives/phar.1.gz index 5cab2ce..b627d37 120000 --- a/alternatives/phar.1.gz +++ b/alternatives/phar.1.gz @@ -1 +1 @@ -/usr/share/man/man1/phar5.1.gz \ No newline at end of file +/usr/share/man/man1/phar7.0.1.gz \ No newline at end of file diff --git a/alternatives/phar.phar b/alternatives/phar.phar new file mode 120000 index 0000000..c6602a3 --- /dev/null +++ b/alternatives/phar.phar @@ -0,0 +1 @@ +/usr/bin/phar.phar7.0 \ No newline at end of file diff --git a/alternatives/phar.phar.1.gz b/alternatives/phar.phar.1.gz new file mode 120000 index 0000000..9163d0f --- /dev/null +++ b/alternatives/phar.phar.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/phar.phar7.0.1.gz \ No newline at end of file diff --git a/alternatives/php b/alternatives/php index 07db26c..d87548b 120000 --- a/alternatives/php +++ b/alternatives/php @@ -1 +1 @@ -/usr/bin/php5 \ No newline at end of file +/usr/bin/php7.0 \ No newline at end of file diff --git a/alternatives/php.1.gz b/alternatives/php.1.gz index 28ca7d1..8ef3a9a 120000 --- a/alternatives/php.1.gz +++ b/alternatives/php.1.gz @@ -1 +1 @@ -/usr/share/man/man1/php5.1.gz \ No newline at end of file +/usr/share/man/man1/php7.0.1.gz \ No newline at end of file diff --git a/alternatives/pinentry b/alternatives/pinentry new file mode 120000 index 0000000..01990a3 --- /dev/null +++ b/alternatives/pinentry @@ -0,0 +1 @@ +/usr/bin/pinentry-curses \ No newline at end of file diff --git a/alternatives/pinentry.1.gz b/alternatives/pinentry.1.gz new file mode 120000 index 0000000..8e9ab4f --- /dev/null +++ b/alternatives/pinentry.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/pinentry-curses.1.gz \ No newline at end of file diff --git a/alternatives/readmsg b/alternatives/readmsg new file mode 120000 index 0000000..99bcf73 --- /dev/null +++ b/alternatives/readmsg @@ -0,0 +1 @@ +/usr/bin/readmsg.mailutils \ No newline at end of file diff --git a/alternatives/readmsg.1.gz b/alternatives/readmsg.1.gz new file mode 120000 index 0000000..322d3a6 --- /dev/null +++ b/alternatives/readmsg.1.gz @@ -0,0 +1 @@ +/usr/share/man/man1/readmsg.mailutils.1.gz \ No newline at end of file diff --git a/alternatives/rzsh b/alternatives/rzsh deleted file mode 120000 index 3b005e7..0000000 --- a/alternatives/rzsh +++ /dev/null @@ -1 +0,0 @@ -/bin/zsh5 \ No newline at end of file diff --git a/alternatives/rzsh.1.gz b/alternatives/rzsh.1.gz deleted file mode 120000 index 15dffb2..0000000 --- a/alternatives/rzsh.1.gz +++ /dev/null @@ -1 +0,0 @@ -/usr/share/man/man1/zsh.1.gz \ No newline at end of file diff --git a/alternatives/updatedb.8.gz b/alternatives/updatedb.8.gz new file mode 120000 index 0000000..d48060b --- /dev/null +++ b/alternatives/updatedb.8.gz @@ -0,0 +1 @@ +/usr/share/man/man8/updatedb.mlocate.8.gz \ No newline at end of file diff --git a/alternatives/zsh b/alternatives/zsh deleted file mode 120000 index 3b005e7..0000000 --- a/alternatives/zsh +++ /dev/null @@ -1 +0,0 @@ -/bin/zsh5 \ No newline at end of file diff --git a/alternatives/zsh-usrbin b/alternatives/zsh-usrbin deleted file mode 120000 index 3b005e7..0000000 --- a/alternatives/zsh-usrbin +++ /dev/null @@ -1 +0,0 @@ -/bin/zsh5 \ No newline at end of file diff --git a/apache2/mods-available/php7.0.conf b/apache2/mods-available/php7.0.conf new file mode 100644 index 0000000..41b48f9 --- /dev/null +++ b/apache2/mods-available/php7.0.conf @@ -0,0 +1,25 @@ + + SetHandler application/x-httpd-php + + + SetHandler application/x-httpd-php-source + # Deny access to raw php sources by default + # To re-enable it's recommended to enable access to the files + # only in specific virtual host or directory + Require all denied + +# Deny access to files without filename (e.g. '.php') + + Require all denied + + +# Running PHP scripts in user directories is disabled by default +# +# To re-enable PHP in user directories comment the following lines +# (from to .) Do NOT set it to On as it +# prevents .htaccess files from disabling it. + + + php_admin_flag engine Off + + diff --git a/apache2/mods-available/php7.0.load b/apache2/mods-available/php7.0.load new file mode 100644 index 0000000..b539a0e --- /dev/null +++ b/apache2/mods-available/php7.0.load @@ -0,0 +1,3 @@ +# Conflicts: php5 +# Depends: mpm_prefork +LoadModule php7_module /usr/lib/apache2/modules/libphp7.0.so diff --git a/apm/event.d/01chrony b/apm/event.d/01chrony deleted file mode 100755 index df52908..0000000 --- a/apm/event.d/01chrony +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -# Placed in /etc/apm/event.d by the chrony package at the instruction of -# the apmd maintainer. If you don't have apm and don't intend to install -# apmd you may remove it. It needs to run after 00hwclock but before any -# other scripts. - - -[ -x /usr/sbin/chronyd ] || exit 0 - -if [ "$1" = suspend ]; then - invoke-rc.d chrony stop -elif [ "$1" = standby ]; then - invoke-rc.d chrony stop -elif [ "$1" = resume ]; then - invoke-rc.d chrony start -fi diff --git a/apparmor.d/local/usr.sbin.haveged b/apparmor.d/local/usr.sbin.haveged new file mode 100644 index 0000000..07c2960 --- /dev/null +++ b/apparmor.d/local/usr.sbin.haveged @@ -0,0 +1,2 @@ +# Site-specific additions and overrides for usr.sbin.haveged. +# For more details, please see /etc/apparmor.d/local/README. diff --git a/apparmor.d/usr.sbin.haveged b/apparmor.d/usr.sbin.haveged new file mode 100644 index 0000000..0e61138 --- /dev/null +++ b/apparmor.d/usr.sbin.haveged @@ -0,0 +1,23 @@ +# Last Modified: Fri Aug 21 15:23:17 2015 +#include + +/usr/sbin/haveged { + #include + + # Required for ioctl RNDADDENTROPY + capability sys_admin, + + owner @{PROC}/@{pid}/status r, + + @{PROC}/sys/kernel/osrelease r, + @{PROC}/sys/kernel/random/poolsize r, + @{PROC}/sys/kernel/random/write_wakeup_threshold w, + /dev/random w, + + /sys/devices/system/cpu/ r, + /sys/devices/system/cpu/cpu*/cache/ r, + /sys/devices/system/cpu/cpu*/cache/index*/{type,size,level} r, + /usr/sbin/haveged mr, + + #include +} diff --git a/apt/apt.conf.d/01autoremove b/apt/apt.conf.d/01autoremove index fc02350..3609ca4 100644 --- a/apt/apt.conf.d/01autoremove +++ b/apt/apt.conf.d/01autoremove @@ -29,10 +29,18 @@ APT Never-MarkAuto-Sections { "metapackages"; + "contrib/metapackages"; + "non-free/metapackages"; "restricted/metapackages"; "universe/metapackages"; "multiverse/metapackages"; + }; + + Move-Autobit-Sections + { "oldlibs"; + "contrib/oldlibs"; + "non-free/oldlibs"; "restricted/oldlibs"; "universe/oldlibs"; "multiverse/oldlibs"; diff --git a/apt/apt.conf.d/01autoremove-kernels b/apt/apt.conf.d/01autoremove-kernels index 7afb97f..561f62e 100644 --- a/apt/apt.conf.d/01autoremove-kernels +++ b/apt/apt.conf.d/01autoremove-kernels @@ -3,24 +3,65 @@ APT::NeverAutoRemove { "^linux-image-4\.9\.0-0\.bpo\.2-amd64$"; "^linux-image-4\.9\.0-0\.bpo\.3-amd64$"; + "^linux-image-4\.9\.0-3-amd64$"; "^linux-headers-4\.9\.0-0\.bpo\.2-amd64$"; "^linux-headers-4\.9\.0-0\.bpo\.3-amd64$"; + "^linux-headers-4\.9\.0-3-amd64$"; "^linux-image-extra-4\.9\.0-0\.bpo\.2-amd64$"; "^linux-image-extra-4\.9\.0-0\.bpo\.3-amd64$"; + "^linux-image-extra-4\.9\.0-3-amd64$"; "^linux-signed-image-4\.9\.0-0\.bpo\.2-amd64$"; "^linux-signed-image-4\.9\.0-0\.bpo\.3-amd64$"; + "^linux-signed-image-4\.9\.0-3-amd64$"; "^kfreebsd-image-4\.9\.0-0\.bpo\.2-amd64$"; "^kfreebsd-image-4\.9\.0-0\.bpo\.3-amd64$"; + "^kfreebsd-image-4\.9\.0-3-amd64$"; "^kfreebsd-headers-4\.9\.0-0\.bpo\.2-amd64$"; "^kfreebsd-headers-4\.9\.0-0\.bpo\.3-amd64$"; + "^kfreebsd-headers-4\.9\.0-3-amd64$"; "^gnumach-image-4\.9\.0-0\.bpo\.2-amd64$"; "^gnumach-image-4\.9\.0-0\.bpo\.3-amd64$"; + "^gnumach-image-4\.9\.0-3-amd64$"; "^.*-modules-4\.9\.0-0\.bpo\.2-amd64$"; "^.*-modules-4\.9\.0-0\.bpo\.3-amd64$"; + "^.*-modules-4\.9\.0-3-amd64$"; "^.*-kernel-4\.9\.0-0\.bpo\.2-amd64$"; "^.*-kernel-4\.9\.0-0\.bpo\.3-amd64$"; + "^.*-kernel-4\.9\.0-3-amd64$"; "^linux-backports-modules-.*-4\.9\.0-0\.bpo\.2-amd64$"; "^linux-backports-modules-.*-4\.9\.0-0\.bpo\.3-amd64$"; + "^linux-backports-modules-.*-4\.9\.0-3-amd64$"; "^linux-tools-4\.9\.0-0\.bpo\.2-amd64$"; "^linux-tools-4\.9\.0-0\.bpo\.3-amd64$"; + "^linux-tools-4\.9\.0-3-amd64$"; }; +/* Debug information: +# dpkg list: +rc linux-image-4.7.0-0.bpo.1-amd64 4.7.8-1~bpo8+1 amd64 Linux 4.7 for 64-bit PCs (signed) +rc linux-image-4.8.0-0.bpo.2-amd64 4.8.15-2~bpo8+2 amd64 Linux 4.8 for 64-bit PCs (signed) +rc linux-image-4.9.0-0.bpo.1-amd64 4.9.2-2~bpo8+1 amd64 Linux 4.9 for 64-bit PCs (signed) +ii linux-image-4.9.0-0.bpo.2-amd64 4.9.18-1~bpo8+1 amd64 Linux 4.9 for 64-bit PCs (signed) +ii linux-image-4.9.0-0.bpo.3-amd64 4.9.30-2+deb9u2~bpo8+1 amd64 Linux 4.9 for 64-bit PCs +iF linux-image-4.9.0-3-amd64 4.9.30-2+deb9u2 amd64 Linux 4.9 for 64-bit PCs +iU linux-image-amd64 4.9+80 amd64 Linux for 64-bit PCs (meta-package) +# list of installed kernel packages: +4.9.0-0.bpo.2-amd64 4.9.18-1~bpo8+1 +4.9.0-0.bpo.3-amd64 4.9.30-2+deb9u2~bpo8+1 +4.9.0-3-amd64 4.9.30-2+deb9u2 +# list of different kernel versions: +4.9.30-2+deb9u2 +4.9.30-2+deb9u2~bpo8+1 +4.9.18-1~bpo8+1 +# Installing kernel: 4.9.30-2+deb9u2 (4.9.0-3-amd64) +# Running kernel: 4.9.18-1~bpo8+1 (4.9.0-0.bpo.2-amd64) +# Last kernel: 4.9.30-2+deb9u2 +# Previous kernel: 4.9.30-2+deb9u2~bpo8+1 +# Kernel versions list to keep: +4.9.18-1~bpo8+1 +4.9.30-2+deb9u2 +4.9.30-2+deb9u2~bpo8+1 +# Kernel packages (version part) to protect: +4\.9\.0-0\.bpo\.2-amd64 +4\.9\.0-0\.bpo\.3-amd64 +4\.9\.0-3-amd64 +*/ diff --git a/bash_completion.d/debconf b/bash_completion.d/debconf deleted file mode 100644 index 1880689..0000000 --- a/bash_completion.d/debconf +++ /dev/null @@ -1,12 +0,0 @@ -have debconf-show && -_debconf_show() -{ - local cur - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - COMPREPLY=($( compgen -W '--listowners --listdbs --db=' -- $cur ) \ - $( apt-cache pkgnames -- $cur ) ) -} -complete -F _debconf_show debconf-show - diff --git a/bash_completion.d/etckeeper b/bash_completion.d/etckeeper deleted file mode 100644 index b1a3d31..0000000 --- a/bash_completion.d/etckeeper +++ /dev/null @@ -1,8 +0,0 @@ -_etckeeper() { - local cur; - COMPREPLY=(); - cur=${COMP_WORDS[COMP_CWORD]}; - COMPREPLY=( $( compgen -W '$(cd /etc/etckeeper/; for i in *.d/; do echo ${i%.d/}; done)' -- $cur ) ); -} - -complete -F _etckeeper etckeeper diff --git a/bash_completion.d/fail2ban b/bash_completion.d/fail2ban index 7a42bd1..36e0cbb 100644 --- a/bash_completion.d/fail2ban +++ b/bash_completion.d/fail2ban @@ -19,10 +19,19 @@ __fail2ban_jails () { "$1" status 2>/dev/null | awk -F"\t+" '/Jail list/{print $2}' | sed 's/, / /g' } +__fail2ban_jail_actions () { + "$1" get "$2" actions 2>/dev/null | sed -n '$s/\([^,]\+\),\?/\1/gp' +} +__fail2ban_jail_action_properties () { + "$1" get "$2" actionproperties "$3" 2>/dev/null | sed -n '$s/\([^,]\+\),\?/\1/gp' +} +__fail2ban_jail_action_methods () { + "$1" get "$2" actionmethods "$3" 2>/dev/null | sed -n '$s/\([^,]\+\),\?/\1/gp' +} _fail2ban () { local cur prev words cword - _init_completion || return + _init_completion || return case $prev in -V|--version|-h|--help) @@ -50,7 +59,7 @@ _fail2ban () { _filedir return 0 elif [[ "$1" == *"fail2ban-client" ]];then - local cmd jail + local cmd jail action case $prev in "$1") COMPREPLY=( $( compgen -W \ @@ -71,7 +80,7 @@ _fail2ban () { ;; *) if [[ "${words[$cword-2]}" == "add" ]];then - COMPREPLY=( $( compgen -W "auto polling gamin pyinotify" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "auto polling gamin pyinotify systemd" -- "$cur" ) ) return 0 elif [[ "${words[$cword-2]}" == "set" || "${words[$cword-2]}" == "get" ]];then cmd="${words[cword-2]}" @@ -80,6 +89,11 @@ _fail2ban () { cmd="${words[$cword-3]}" jail="${words[$cword-2]}" # Handle in section below + elif [[ "${words[$cword-4]}" == "set" || "${words[$cword-4]}" == "get" && ${words[$cword-2]} == action* ]];then + cmd="${words[$cword-4]}" + jail="${words[$cword-3]}" + action="${words[$cword-1]}" + # Handle in section below fi ;; esac @@ -88,7 +102,7 @@ _fail2ban () { case $prev in loglevel) if [[ "$cmd" == "set" ]];then - COMPREPLY=( $( compgen -W "0 1 2 3 4" -- "$cur" ) ) + COMPREPLY=( $( compgen -W "CRITICAL ERROR WARNING NOTICE INFO DEBUG" -- "$cur" ) ) fi return 0 ;; @@ -106,6 +120,25 @@ _fail2ban () { return 0 ;; esac + elif [[ -n "$jail" && -n "$action" ]];then + case ${words[$cwords-3]} in + action) + COMPREPLY=( $( compgen -W \ + "$( __fail2ban_jail_action_properties "$1" "$jail" "$action")" \ + -- "$cur" ) ) + if [[ "$cmd" == "set" ]];then + COMPREPLY+=( $(compgen -W "$(__fail2ban_jail_action_methods "$1" "$jail" "$action")" -- "$cur" ) ) + fi + return 0 + ;; + esac + elif [[ -n "$jail" && $prev == action* ]];then + case $prev in + action|actionproperties|actionmethods) + COMPREPLY=( $(compgen -W "$(__fail2ban_jail_actions "$1" "$jail")" -- "$cur" ) ) + return 0 + ;; + esac elif [[ -n "$jail" && "$cmd" == "set" ]];then case $prev in addlogpath) @@ -121,7 +154,7 @@ _fail2ban () { fi return 0 ;; - delfailregex|delignoregex) + delfailregex|delignoreregex) COMPREPLY=( $( compgen -W \ "$( "$1" get "$jail" "${prev/del/}" 2>/dev/null | awk -F"[][]" '{print $2}')" \ -- "$cur" ) ) diff --git a/bash_completion.d/initramfs-tools b/bash_completion.d/initramfs-tools deleted file mode 100644 index a52074f..0000000 --- a/bash_completion.d/initramfs-tools +++ /dev/null @@ -1,26 +0,0 @@ -# update-initramfs(8) completion - -_update_initramfs() -{ - local cur prev valid_options - - # TODO: this can be "_get_comp_words_by_ref cur prev" once - # bash-completion >= 1.2 is available, see #537139 - cur=$(_get_cword) - prev=${COMP_WORDS[COMP_CWORD-1]} - - # The only option that takes an argument is -k - if [[ "$prev" == '-k' ]]; then - # Complete with kernel versions - _kernel_versions - COMPREPLY=( $( compgen -W '${COMPREPLY[@]} all' -- "$cur" ) ) - return; - fi - - # Complete with available options (obtained from -h) - valid_options=$( update-initramfs -h 2>&1 | \ - sed -e '/^ -/!d;s/^ \(-\w\+\).*/\1/' ) - COMPREPLY=( $( compgen -W "$valid_options" -- $cur ) ) -} - -complete -F _update_initramfs update-initramfs diff --git a/bash_completion.d/isoquery b/bash_completion.d/isoquery deleted file mode 100644 index c27ed05..0000000 --- a/bash_completion.d/isoquery +++ /dev/null @@ -1,45 +0,0 @@ -# /etc/bash_completion.d/isoquery -# Programmable Bash command completion for the ‘isoquery’ command. - -shopt -s progcomp - -_isoquery_completion () { - local cur prev opts - - COMPREPLY=() - cur="${COMP_WORDS[COMP_CWORD]}" - prev="${COMP_WORDS[COMP_CWORD-1]}" - - opts="-h --help -v --version" - opts="${opts} -i --iso -x --xmlfile -l --locale -0 --null" - opts="${opts} -n --name -o --official_name -c --common_name" - - case "${prev}" in - -i|--iso) - local standards=(639 639-3 639-5 3166 3166-2 4217 15924) - COMPREPLY=( $(compgen -W "${standards[*]}" -- ${cur}) ) - ;; - - -x|--xmlfile) - COMPREPLY=( $(compgen -A file -- ${cur}) ) - ;; - - -l|--locale) - local locale_names=$(locale --all-locales) - COMPREPLY=( $(compgen -W "${locale_names}" -- ${cur}) ) - ;; - - *) - COMPREPLY=($(compgen -W "${opts}" -- ${cur})) - ;; - esac -} - -complete -F _isoquery_completion isoquery - - -# Local variables: -# coding: utf-8 -# mode: shell-script -# End: -# vim: fileencoding=utf-8 filetype=bash : diff --git a/bash_completion.d/whiptail b/bash_completion.d/whiptail deleted file mode 100644 index 6826e56..0000000 --- a/bash_completion.d/whiptail +++ /dev/null @@ -1,6 +0,0 @@ -complete -W "--msgbox --yesno --infobox --inputbox --passwordbox --textbox --menu --checklist \ - --radiochecklist --gauge --clear --defaultno --default-item \ - --fb --nocancel --yes-button --no-button --ok-button \ - --cancel-button -noitem --separate-output --output-fd \ - --title --backtitle -scrolltext --toplefti \ - --help" -f whiptail diff --git a/ca-certificates.conf b/ca-certificates.conf index 657c928..374fe97 100644 --- a/ca-certificates.conf +++ b/ca-certificates.conf @@ -33,8 +33,8 @@ mozilla/CA_Disig_Root_R1.crt mozilla/CA_Disig_Root_R2.crt mozilla/Camerfirma_Chambers_of_Commerce_Root.crt mozilla/Camerfirma_Global_Chambersign_Root.crt -mozilla/CA_WoSign_ECC_Root.crt -mozilla/Certification_Authority_of_WoSign_G2.crt +!mozilla/CA_WoSign_ECC_Root.crt +!mozilla/Certification_Authority_of_WoSign_G2.crt mozilla/Certigna.crt mozilla/Certinomis_-_Autorité_Racine.crt mozilla/Certinomis_-_Root_CA.crt @@ -135,9 +135,9 @@ mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt mozilla/Starfield_Class_2_CA.crt mozilla/Starfield_Root_Certificate_Authority_-_G2.crt mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt -mozilla/StartCom_Certification_Authority_2.crt -mozilla/StartCom_Certification_Authority.crt -mozilla/StartCom_Certification_Authority_G2.crt +!mozilla/StartCom_Certification_Authority_2.crt +!mozilla/StartCom_Certification_Authority.crt +!mozilla/StartCom_Certification_Authority_G2.crt mozilla/S-TRUST_Authentication_and_Encryption_Root_CA_2005_PN.crt mozilla/S-TRUST_Universal_Root_CA.crt mozilla/Swisscom_Root_CA_1.crt @@ -179,10 +179,10 @@ mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt mozilla/VeriSign_Universal_Root_Certification_Authority.crt mozilla/Visa_eCommerce_Root.crt mozilla/WellsSecure_Public_Root_Certificate_Authority.crt -mozilla/WoSign_China.crt -mozilla/WoSign.crt +!mozilla/WoSign_China.crt +!mozilla/WoSign.crt mozilla/XRamp_Global_CA_Root.crt -spi-inc.org/spi-cacert-2008.crt +!spi-inc.org/spi-cacert-2008.crt mozilla/Certplus_Root_CA_G1.crt mozilla/Certplus_Root_CA_G2.crt mozilla/Certum_Trusted_Network_CA_2.crt diff --git a/chrony/chrony.keys b/chrony/chrony.keys index 49fd5c4..cee70b3 100644 --- a/chrony/chrony.keys +++ b/chrony/chrony.keys @@ -1 +1,10 @@ -1 V3WQr7Er +# This file is solely used for NTP authentication with symmetric keys +# as defined by RFC 1305 and RFC 5905. +# +# It can contain ID/key pairs which can be generated using the “keygen” option +# from “chronyc”; for example: +# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys +# would generate a 256-bit SHA-256 key using ID 1. +# +# A list of supported hash functions and output encoding can be found in +# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" file. diff --git a/colordiffrc b/colordiffrc index 4bcb02d..1ac1a17 100644 --- a/colordiffrc +++ b/colordiffrc @@ -23,7 +23,7 @@ diff_cmd=diff # this, use the default output colour" # plain=off -newtext=blue -oldtext=red -diffstuff=magenta -cvsstuff=green +newtext=darkgreen +oldtext=darkred +diffstuff=darkcyan +cvsstuff=cyan diff --git a/console-setup/cached_UTF-8_del.kmap.gz b/console-setup/cached_UTF-8_del.kmap.gz index d61cb6a..477370a 100644 Binary files a/console-setup/cached_UTF-8_del.kmap.gz and b/console-setup/cached_UTF-8_del.kmap.gz differ diff --git a/console-setup/cached_setup_font.sh b/console-setup/cached_setup_font.sh new file mode 100755 index 0000000..3939676 --- /dev/null +++ b/console-setup/cached_setup_font.sh @@ -0,0 +1,19 @@ +#!/bin/sh + +setfont '/etc/console-setup/cached_Lat15-Fixed16.psf.gz' + +if ls /dev/fb* >/dev/null 2>/dev/null; then + for i in /dev/vcs[0-9]*; do + { : + setfont '/etc/console-setup/cached_Lat15-Fixed16.psf.gz' + } < /dev/tty${i#/dev/vcs} > /dev/tty${i#/dev/vcs} + done +fi + +mkdir -p /run/console-setup +> /run/console-setup/font-loaded +for i in /dev/vcs[0-9]*; do + { : +printf '\033%%G' + } < /dev/tty${i#/dev/vcs} > /dev/tty${i#/dev/vcs} +done diff --git a/console-setup/cached_setup_keyboard.sh b/console-setup/cached_setup_keyboard.sh new file mode 100755 index 0000000..30b46c1 --- /dev/null +++ b/console-setup/cached_setup_keyboard.sh @@ -0,0 +1,13 @@ +#!/bin/sh + +if [ -f /run/console-setup/keymap_loaded ]; then + rm /run/console-setup/keymap_loaded + exit 0 +fi +kbd_mode '-u' < '/dev/tty1' +kbd_mode '-u' < '/dev/tty2' +kbd_mode '-u' < '/dev/tty3' +kbd_mode '-u' < '/dev/tty4' +kbd_mode '-u' < '/dev/tty5' +kbd_mode '-u' < '/dev/tty6' +loadkeys '/etc/console-setup/cached_UTF-8_del.kmap.gz' > '/dev/null' diff --git a/console-setup/cached_setup_terminal.sh b/console-setup/cached_setup_terminal.sh new file mode 100755 index 0000000..494e363 --- /dev/null +++ b/console-setup/cached_setup_terminal.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +{ : +printf '\033%%G' +} < /dev/tty${1#vcs} > /dev/tty${1#vcs} diff --git a/console-setup/compose.ISO-8859-1.inc b/console-setup/compose.ISO-8859-1.inc index c568ba8..a285ddf 100644 --- a/console-setup/compose.ISO-8859-1.inc +++ b/console-setup/compose.ISO-8859-1.inc @@ -56,13 +56,8 @@ compose '/' '^' to '|' compose '/' 'c' to '¢' compose '/' 'o' to 'ø' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '0' 'x' to '¤' compose '1' '2' to '½' compose '1' '4' to '¼' -compose '1' 's' to '¹' -compose '2' 's' to '²' compose '3' '4' to '¾' compose ':' '-' to '÷' compose '<' '/' to '\\' @@ -135,21 +130,21 @@ compose '`' 'u' to ' compose 'a' 'e' to 'æ' compose 'a' 'o' to 'å' compose 'a' 't' to '@' -compose 'b' 'v' to '¦' compose 'c' '0' to '©' compose 'c' 'o' to '©' -compose 'l' 'v' to '|' compose 'o' 'c' to '©' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' compose 'o' 'x' to '¤' +compose 'r' 'o' to '®' compose 's' '0' to '§' +compose 's' '1' to '¹' compose 's' '2' to '²' compose 's' '3' to '³' compose 's' 'o' to '§' compose 't' 'h' to 'þ' compose 'v' 'b' to '¦' +compose 'v' 'l' to '|' compose 'x' '0' to '¤' +compose 'x' 'o' to '¤' compose '|' 'c' to '¢' compose '|' '|' to '¦' compose '~' 'A' to 'Ã' @@ -158,16 +153,3 @@ compose '~' 'O' to ' compose '~' 'a' to 'ã' compose '~' 'n' to 'ñ' compose '~' 'o' to 'õ' -compose '¨' 'A' to 'Ä' -compose '¨' 'E' to 'Ë' -compose '¨' 'I' to 'Ï' -compose '¨' 'O' to 'Ö' -compose '¨' 'U' to 'Ü' -compose '¨' 'a' to 'ä' -compose '¨' 'e' to 'ë' -compose '¨' 'i' to 'ï' -compose '¨' 'o' to 'ö' -compose '¨' 'u' to 'ü' -compose '¨' 'y' to 'ÿ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' diff --git a/console-setup/compose.ISO-8859-13.inc b/console-setup/compose.ISO-8859-13.inc index a867a9e..5b45a26 100644 --- a/console-setup/compose.ISO-8859-13.inc +++ b/console-setup/compose.ISO-8859-13.inc @@ -76,12 +76,8 @@ compose '/' 'c' to ' compose '/' 'l' to 'ù' compose '/' 'o' to '¸' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '0' 'x' to '¤' compose '1' '2' to '½' compose '1' '4' to '¼' -compose '2' 's' to '²' compose '3' '4' to '¾' compose ':' '-' to '÷' compose ';' 'A' to 'À' @@ -145,25 +141,21 @@ compose '_' 'u' to ' compose 'a' 'e' to '¿' compose 'a' 'o' to 'å' compose 'a' 't' to '@' -compose 'b' 'v' to '¦' +compose 'c' '0' to '©' compose 'c' 'o' to '©' compose 'm' 'u' to 'µ' compose 'o' 'c' to '©' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' +compose 'o' 'x' to '¤' +compose 'r' 'o' to '®' compose 's' '0' to '§' compose 's' '1' to '¹' compose 's' '2' to '²' compose 's' '3' to '³' +compose 's' 'o' to '§' +compose 'v' 'b' to '¦' compose 'x' '0' to '¤' compose 'x' 'o' to '¤' compose '|' 'c' to '¢' compose '|' '|' to '¦' compose '~' 'O' to 'Õ' compose '~' 'o' to 'õ' -compose '°' 'A' to 'Å' -compose '°' 'E' to 'Ë' -compose '°' 'Z' to 'Ý' -compose '°' 'a' to 'å' -compose '°' 'e' to 'ë' -compose '°' 'z' to 'ý' diff --git a/console-setup/compose.ISO-8859-14.inc b/console-setup/compose.ISO-8859-14.inc index 21f29ee..e2835df 100644 --- a/console-setup/compose.ISO-8859-14.inc +++ b/console-setup/compose.ISO-8859-14.inc @@ -56,9 +56,6 @@ compose '/' '<' to '\\' compose '/' 'O' to 'Ø' compose '/' '^' to '|' compose '/' 'o' to 'ø' -compose '0' 'c' to '©' -compose '0' 'r' to '®' -compose '0' 's' to '§' compose '<' '/' to '\\' compose '=' 'l' to '£' compose '>' 'A' to 'Â' @@ -117,14 +114,14 @@ compose '`' 'w' to ' compose '`' 'y' to '¼' compose 'a' 'e' to 'æ' compose 'a' 't' to '@' +compose 'c' '0' to '©' compose 'c' 'o' to '©' -compose 'l' 'v' to '|' compose 'o' 'c' to '©' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' compose 'r' '0' to '®' +compose 'r' 'o' to '®' compose 's' '0' to '§' compose 's' 'o' to '§' +compose 'v' 'l' to '|' compose '~' 'A' to 'Ã' compose '~' 'N' to 'Ñ' compose '~' 'O' to 'Õ' diff --git a/console-setup/compose.ISO-8859-15.inc b/console-setup/compose.ISO-8859-15.inc index 63c89db..79c92ed 100644 --- a/console-setup/compose.ISO-8859-15.inc +++ b/console-setup/compose.ISO-8859-15.inc @@ -55,9 +55,6 @@ compose '/' '^' to '|' compose '/' 'c' to '¢' compose '/' 'o' to 'ø' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '1' 's' to '¹' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '<' '<' to '«' @@ -139,8 +136,7 @@ compose 'c' 'o' to ' compose 'e' '=' to '¤' compose 'o' 'c' to '©' compose 'o' 'e' to '½' -compose 'o' 'r' to '®' -compose 'o' 's' to '§' +compose 'r' 'o' to '®' compose 's' '0' to '§' compose 's' '1' to '¹' compose 's' '2' to '²' @@ -155,5 +151,3 @@ compose '~' 'O' to ' compose '~' 'a' to 'ã' compose '~' 'n' to 'ñ' compose '~' 'o' to 'õ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' diff --git a/console-setup/compose.ISO-8859-2.inc b/console-setup/compose.ISO-8859-2.inc index 40734c3..6692ee3 100644 --- a/console-setup/compose.ISO-8859-2.inc +++ b/console-setup/compose.ISO-8859-2.inc @@ -46,13 +46,9 @@ compose '.' 'e' to ' compose '.' 'i' to '¹' compose '.' 'u' to 'ù' compose '.' 'z' to '¿' -compose '.' ' ' to 'ÿ' -compose '.' 'ÿ' to 'ÿ' compose '/' '/' to '\\' compose '/' '<' to '\\' compose '/' '^' to '|' -compose '0' 's' to '§' -compose '0' 'x' to '¤' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '<' '<' to '·' @@ -116,7 +112,6 @@ compose '^' 'O' to ' compose '^' 'a' to 'â' compose '^' 'i' to 'î' compose '^' 'o' to 'ô' -compose '_' ' ' to '¯' compose 'a' 'U' to 'ã' compose 'l' '-' to '³' compose 'o' 'e' to '½' @@ -127,39 +122,3 @@ compose 'v' 'l' to '|' compose 'x' '0' to '¤' compose 'x' 'o' to '¤' compose 'z' '.' to '¿' -compose '¢' 'A' to 'Ã' -compose '¢' 'a' to 'ã' -compose '°' 'A' to 'Å' -compose '°' 'U' to 'Ù' -compose '°' 'a' to 'å' -compose '°' 'u' to 'ù' -compose '°' ' ' to '°' -compose '°' '°' to '°' -compose '²' 'A' to '¡' -compose '²' 'E' to 'Ê' -compose '²' 'a' to '±' -compose '²' 'e' to 'ê' -compose '·' 'C' to 'È' -compose '·' 'D' to 'Ï' -compose '·' 'E' to 'Ì' -compose '·' 'L' to '¥' -compose '·' 'N' to 'Ò' -compose '·' 'R' to 'Ø' -compose '·' 'S' to '©' -compose '·' 'T' to '«' -compose '·' 'Z' to '®' -compose '·' 'c' to 'è' -compose '·' 'd' to 'ï' -compose '·' 'e' to 'ì' -compose '·' 'l' to 'µ' -compose '·' 'n' to 'ò' -compose '·' 'r' to 'ø' -compose '·' 's' to '¹' -compose '·' 't' to '»' -compose '·' 'z' to '¾' -compose '¸' 'C' to 'Ç' -compose '¸' 'S' to 'ª' -compose '¸' 'T' to 'Þ' -compose '¸' 'c' to 'ç' -compose '¸' 's' to 'º' -compose '¸' 't' to 'þ' diff --git a/console-setup/compose.ISO-8859-3.inc b/console-setup/compose.ISO-8859-3.inc index 5e0daef..7e50b6c 100644 --- a/console-setup/compose.ISO-8859-3.inc +++ b/console-setup/compose.ISO-8859-3.inc @@ -57,9 +57,6 @@ compose '/' '/' to '\\' compose '/' '<' to '\\' compose '/' '^' to '|' compose '/' 'u' to 'µ' -compose '0' 's' to '§' -compose '2' 's' to '²' -compose '3' 's' to '³' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '=' 'c' to '¤' @@ -136,8 +133,10 @@ compose '`' 'i' to ' compose '`' 'o' to 'ò' compose '`' 'u' to 'ù' compose 'g' 'U' to '»' -compose 'o' 'r' to '®' +compose 'r' 'o' to '®' compose 's' '0' to '§' +compose 's' '2' to '²' +compose 's' '3' to '³' compose 's' 'o' to '§' compose 'u' 'u' to 'ý' compose 'v' 'l' to '|' @@ -145,23 +144,3 @@ compose '~' 'A' to ' compose '~' 'O' to 'Õ' compose '~' 'a' to 'ã' compose '~' 'o' to 'õ' -compose '¢' 'G' to '«' -compose '¢' 'U' to 'Ý' -compose '¢' 'g' to '»' -compose '¢' 'u' to 'ý' -compose '¨' 'A' to 'Ä' -compose '¨' 'E' to 'Ë' -compose '¨' 'I' to 'Ï' -compose '¨' 'O' to 'Ö' -compose '¨' 'U' to 'Ü' -compose '¨' 'Y' to '¾' -compose '¨' 'a' to 'ä' -compose '¨' 'e' to 'ë' -compose '¨' 'i' to 'ï' -compose '¨' 'o' to 'ö' -compose '¨' 'u' to 'ü' -compose '¨' 'y' to 'ÿ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' -compose '¸' 'S' to 'ª' -compose '¸' 's' to 'º' diff --git a/console-setup/compose.ISO-8859-4.inc b/console-setup/compose.ISO-8859-4.inc index c95e946..4598a22 100644 --- a/console-setup/compose.ISO-8859-4.inc +++ b/console-setup/compose.ISO-8859-4.inc @@ -49,12 +49,10 @@ compose '-' 'u' to ' compose '.' '.' to 'ÿ' compose '.' 'E' to 'Ì' compose '.' 'e' to 'ì' -compose '.' 'ÿ' to 'ÿ' compose '/' 'O' to 'Ø' compose '/' 'T' to '¬' compose '/' 'o' to 'ø' compose '/' 't' to '¼' -compose '0' 's' to '§' compose ':' '-' to '÷' compose '<' '<' to '·' compose '<' 'C' to 'È' @@ -105,10 +103,10 @@ compose '_' 'e' to ' compose '_' 'i' to 'ï' compose '_' 'o' to 'ò' compose '_' 'u' to 'þ' -compose '_' '¯' to '¯' compose 'a' 'e' to 'æ' compose 'n' 'g' to '¿' compose 'o' 'x' to '¤' +compose 's' '0' to '§' compose 's' 'o' to '§' compose 't' '-' to '¼' compose 'x' '0' to '¤' @@ -121,5 +119,3 @@ compose '~' 'a' to ' compose '~' 'i' to 'µ' compose '~' 'o' to 'õ' compose '~' 'u' to 'ý' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' diff --git a/console-setup/compose.ISO-8859-7.inc b/console-setup/compose.ISO-8859-7.inc index 6142e6c..1aa936a 100644 --- a/console-setup/compose.ISO-8859-7.inc +++ b/console-setup/compose.ISO-8859-7.inc @@ -2,10 +2,6 @@ compose '!' '^' to '¦' compose '!' 's' to '§' compose '"' '"' to '¨' -compose '"' 'É' to 'Ú' -compose '"' 'Õ' to 'Û' -compose '"' 'é' to 'ú' -compose '"' 'õ' to 'û' compose '(' '(' to '[' compose '(' '-' to '{' compose '(' 'c' to '©' @@ -26,9 +22,7 @@ compose '.' '^' to ' compose '/' '/' to '\\' compose '/' '<' to '\\' compose '/' '^' to '|' -compose '0' 's' to '§' compose '1' '2' to '½' -compose '2' 's' to '²' compose '<' '/' to '\\' compose '<' '<' to '«' compose '<' '\'' to '¡' @@ -38,20 +32,6 @@ compose '>' '\'' to ' compose '\'' '<' to '¡' compose '\'' '>' to '¢' compose '\'' '\'' to '´' -compose '\'' 'Á' to '¶' -compose '\'' 'Å' to '¸' -compose '\'' 'Ç' to '¹' -compose '\'' 'É' to 'º' -compose '\'' 'Ï' to '¼' -compose '\'' 'Õ' to '¾' -compose '\'' 'Ù' to '¿' -compose '\'' 'á' to 'Ü' -compose '\'' 'å' to 'Ý' -compose '\'' 'ç' to 'Þ' -compose '\'' 'é' to 'ß' -compose '\'' 'ï' to 'ü' -compose '\'' 'õ' to 'ý' -compose '\'' 'ù' to 'þ' compose '^' '!' to '¦' compose '^' '.' to '·' compose '^' '/' to '|' @@ -59,33 +39,14 @@ compose '^' '0' to ' compose '^' '2' to '²' compose '^' '3' to '³' compose 'a' 't' to '@' -compose 'b' 'v' to '¦' compose 'c' '0' to '©' compose 'c' 'o' to '©' compose 'o' 'c' to '©' -compose 'o' 's' to '§' compose 's' '0' to '§' +compose 's' '2' to '²' compose 's' '3' to '³' compose 's' 'o' to '§' compose 'v' 'b' to '¦' compose 'v' 'l' to '|' compose '|' '|' to '¦' compose '~' '~' to '¯' -compose 'Á' '\'' to '¶' -compose 'Å' '\'' to '¸' -compose 'Ç' '\'' to '¹' -compose 'É' '"' to 'Ú' -compose 'É' '\'' to 'º' -compose 'Ï' '\'' to '¼' -compose 'Õ' '"' to 'Û' -compose 'Õ' '\'' to '¾' -compose 'Ù' '\'' to '¿' -compose 'á' '\'' to 'Ü' -compose 'å' '\'' to 'Ý' -compose 'ç' '\'' to 'Þ' -compose 'é' '"' to 'ú' -compose 'é' '\'' to 'ß' -compose 'ï' '\'' to 'ü' -compose 'õ' '"' to 'û' -compose 'õ' '\'' to 'ý' -compose 'ù' '\'' to 'þ' diff --git a/console-setup/compose.ISO-8859-9.inc b/console-setup/compose.ISO-8859-9.inc index 54738d7..e642e1b 100644 --- a/console-setup/compose.ISO-8859-9.inc +++ b/console-setup/compose.ISO-8859-9.inc @@ -62,9 +62,6 @@ compose '/' '^' to '|' compose '/' 'c' to '¢' compose '/' 'o' to 'ø' compose '/' 'u' to 'µ' -compose '0' 'c' to '©' -compose '0' 's' to '§' -compose '3' 's' to '³' compose ':' '-' to '÷' compose '<' '/' to '\\' compose '<' '<' to '«' @@ -138,12 +135,13 @@ compose 'a' 'e' to ' compose 'c' '0' to '©' compose 'c' 'o' to '©' compose 'g' 'U' to 'ð' -compose 'l' 'v' to '|' compose 'o' 'c' to '©' compose 'o' 'e' to '¼' compose 'r' 'o' to '®' +compose 's' '0' to '§' compose 's' '1' to '¹' compose 's' '2' to '²' +compose 's' '3' to '³' compose 's' 'o' to '§' compose 't' 'h' to 'þ' compose 'v' 'Z' to '´' @@ -156,19 +154,3 @@ compose '~' 'O' to ' compose '~' 'a' to 'ã' compose '~' 'n' to 'ñ' compose '~' 'o' to 'õ' -compose '¨' 'A' to 'Ä' -compose '¨' 'E' to 'Ë' -compose '¨' 'I' to 'Ï' -compose '¨' 'O' to 'Ö' -compose '¨' 'U' to 'Ü' -compose '¨' 'Y' to '¾' -compose '¨' 'a' to 'ä' -compose '¨' 'e' to 'ë' -compose '¨' 'i' to 'ï' -compose '¨' 'o' to 'ö' -compose '¨' 'u' to 'ü' -compose '¨' 'y' to 'ÿ' -compose '°' 'A' to 'Å' -compose '°' 'a' to 'å' -compose '¸' 'S' to 'Þ' -compose '¸' 's' to 'þ' diff --git a/cron.d/php b/cron.d/php new file mode 100644 index 0000000..84e5d10 --- /dev/null +++ b/cron.d/php @@ -0,0 +1,14 @@ +# /etc/cron.d/php@PHP_VERSION@: crontab fragment for PHP +# This purges session files in session.save_path older than X, +# where X is defined in seconds as the largest value of +# session.gc_maxlifetime from all your SAPI php.ini files +# or 24 minutes if not defined. The script triggers only +# when session.save_handler=files. +# +# WARNING: The scripts tries hard to honour all relevant +# session PHP options, but if you do something unusual +# you have to disable this script and take care of your +# sessions yourself. + +# Look for and purge old sessions every 30 minutes +09,39 * * * * root [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi diff --git a/cron.daily/apt b/cron.daily/apt deleted file mode 100755 index ee0761b..0000000 --- a/cron.daily/apt +++ /dev/null @@ -1,507 +0,0 @@ -#!/bin/sh -#set -e -# -# This file understands the following apt configuration variables: -# Values here are the default. -# Create /etc/apt/apt.conf.d/02periodic file to set your preference. -# -# Dir "/"; -# - RootDir for all configuration files -# -# Dir::Cache "var/cache/apt/"; -# - Set apt package cache directory -# -# Dir::Cache::Archives "archives/"; -# - Set package archive directory -# -# APT::Periodic::Enable "1"; -# - Enable the update/upgrade script (0=disable) -# -# APT::Periodic::BackupArchiveInterval "0"; -# - Backup after n-days if archive contents changed.(0=disable) -# -# APT::Periodic::BackupLevel "3"; -# - Backup level.(0=disable), 1 is invalid. -# -# Dir::Cache::Backup "backup/"; -# - Set periodic package backup directory -# -# APT::Archives::MaxAge "0"; (old, deprecated) -# APT::Periodic::MaxAge "0"; (new) -# - Set maximum allowed age of a cache package file. If a cache -# package file is older it is deleted (0=disable) -# -# APT::Archives::MinAge "2"; (old, deprecated) -# APT::Periodic::MinAge "2"; (new) -# - Set minimum age of a package file. If a file is younger it -# will not be deleted (0=disable). Useful to prevent races -# and to keep backups of the packages for emergency. -# -# APT::Archives::MaxSize "0"; (old, deprecated) -# APT::Periodic::MaxSize "0"; (new) -# - Set maximum size of the cache in MB (0=disable). If the cache -# is bigger, cached package files are deleted until the size -# requirement is met (the oldest packages will be deleted -# first). -# -# APT::Periodic::Update-Package-Lists "0"; -# - Do "apt-get update" automatically every n-days (0=disable) -# -# APT::Periodic::Download-Upgradeable-Packages "0"; -# - Do "apt-get upgrade --download-only" every n-days (0=disable) -# -# APT::Periodic::Download-Upgradeable-Packages-Debdelta "1"; -# - Use debdelta-upgrade to download updates if available (0=disable) -# -# APT::Periodic::Unattended-Upgrade "0"; -# - Run the "unattended-upgrade" security upgrade script -# every n-days (0=disabled) -# Requires the package "unattended-upgrades" and will write -# a log in /var/log/unattended-upgrades -# -# APT::Periodic::AutocleanInterval "0"; -# - Do "apt-get autoclean" every n-days (0=disable) -# -# APT::Periodic::Verbose "0"; -# - Send report mail to root -# 0: no report (or null string) -# 1: progress report (actually any string) -# 2: + command outputs (remove -qq, remove 2>/dev/null, add -d) -# 3: + trace on - -check_stamp() -{ - stamp="$1" - interval="$2" - - if [ $interval -eq 0 ]; then - debug_echo "check_stamp: interval=0" - # treat as no time has passed - return 1 - fi - - if [ ! -f $stamp ]; then - debug_echo "check_stamp: missing time stamp file: $stamp." - # treat as enough time has passed - return 0 - fi - - # compare midnight today to midnight the day the stamp was updated - stamp_file="$stamp" - stamp=$(date --date=$(date -r $stamp_file --iso-8601) +%s 2>/dev/null) - if [ "$?" != "0" ]; then - # Due to some timezones returning 'invalid date' for midnight on - # certain dates (e.g. America/Sao_Paulo), if date returns with error - # remove the stamp file and return 0. See coreutils bug: - # http://lists.gnu.org/archive/html/bug-coreutils/2007-09/msg00176.html - rm -f "$stamp_file" - return 0 - fi - - now=$(date --date=$(date --iso-8601) +%s 2>/dev/null) - if [ "$?" != "0" ]; then - # As above, due to some timezones returning 'invalid date' for midnight - # on certain dates (e.g. America/Sao_Paulo), if date returns with error - # return 0. - return 0 - fi - - delta=$(($now-$stamp)) - - # interval is in days, convert to sec. - interval=$(($interval*60*60*24)) - debug_echo "check_stamp: interval=$interval, now=$now, stamp=$stamp, delta=$delta (sec)" - - # remove timestamps a day (or more) in the future and force re-check - if [ $stamp -gt $(($now+86400)) ]; then - echo "WARNING: file $stamp_file has a timestamp in the future: $stamp" - rm -f "$stamp_file" - return 0 - fi - - if [ $delta -ge $interval ]; then - return 0 - fi - - return 1 -} - -update_stamp() -{ - stamp="$1" - touch $stamp -} - -# we check here if autoclean was enough sizewise -check_size_constraints() -{ - MaxAge=0 - eval $(apt-config shell MaxAge APT::Archives::MaxAge) - eval $(apt-config shell MaxAge APT::Periodic::MaxAge) - - MinAge=2 - eval $(apt-config shell MinAge APT::Archives::MinAge) - eval $(apt-config shell MinAge APT::Periodic::MinAge) - - MaxSize=0 - eval $(apt-config shell MaxSize APT::Archives::MaxSize) - eval $(apt-config shell MaxSize APT::Periodic::MaxSize) - - Cache="/var/cache/apt/archives/" - eval $(apt-config shell Cache Dir::Cache::archives/d) - - # sanity check - if [ -z "$Cache" ]; then - echo "empty Dir::Cache::archives, exiting" - exit - fi - - # check age - if [ ! $MaxAge -eq 0 ] && [ ! $MinAge -eq 0 ]; then - debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge and ctime>$MinAge and mtime>$MinAge" - find $Cache -name "*.deb" \( -mtime +$MaxAge -and -ctime +$MaxAge \) -and -not \( -mtime -$MinAge -or -ctime -$MinAge \) -print0 | xargs -r -0 rm -f - elif [ ! $MaxAge -eq 0 ]; then - debug_echo "aged: ctime <$MaxAge and mtime <$MaxAge only" - find $Cache -name "*.deb" -ctime +$MaxAge -and -mtime +$MaxAge -print0 | xargs -r -0 rm -f - else - debug_echo "skip aging since MaxAge is 0" - fi - - # check size - if [ ! $MaxSize -eq 0 ]; then - # maxSize is in MB - MaxSize=$(($MaxSize*1024)) - - #get current time - now=$(date --date=$(date --iso-8601) +%s) - MinAge=$(($MinAge*24*60*60)) - - # reverse-sort by mtime - for file in $(ls -rt $Cache/*.deb 2>/dev/null); do - du=$(du -s $Cache) - size=${du%%/*} - # check if the cache is small enough - if [ $size -lt $MaxSize ]; then - debug_echo "end remove by archive size: size=$size < $MaxSize" - break - fi - - # check for MinAge of the file - if [ $MinAge -ne 0 ]; then - # check both ctime and mtime - mtime=$(stat -c %Y $file) - ctime=$(stat -c %Z $file) - if [ $mtime -gt $ctime ]; then - delta=$(($now-$mtime)) - else - delta=$(($now-$ctime)) - fi - if [ $delta -le $MinAge ]; then - debug_echo "skip remove by archive size: $file, delta=$delta < $MinAge" - break - else - # delete oldest file - debug_echo "remove by archive size: $file, delta=$delta >= $MinAge (sec), size=$size >= $MaxSize" - rm -f $file - fi - fi - done - fi -} - -# deal with the Apt::Periodic::BackupArchiveInterval -do_cache_backup() -{ - BackupArchiveInterval="$1" - if [ $BackupArchiveInterval -eq 0 ]; then - return - fi - - # Set default values and normalize - CacheDir="/var/cache/apt" - eval $(apt-config shell CacheDir Dir::Cache/d) - CacheDir=${CacheDir%/} - if [ -z "$CacheDir" ]; then - debug_echo "practically empty Dir::Cache, exiting" - return 0 - fi - - Cache="${CacheDir}/archives/" - eval $(apt-config shell Cache Dir::Cache::Archives/d) - if [ -z "$Cache" ]; then - debug_echo "practically empty Dir::Cache::archives, exiting" - return 0 - fi - - BackupLevel=3 - eval $(apt-config shell BackupLevel APT::Periodic::BackupLevel) - if [ $BackupLevel -le 1 ]; then - BackupLevel=2 ; - fi - - Back="${CacheDir}/backup/" - eval $(apt-config shell Back Dir::Cache::Backup/d) - if [ -z "$Back" ]; then - echo "practically empty Dir::Cache::Backup, exiting" 1>&2 - return - fi - - CacheArchive="$(basename "${Cache}")" - test -n "${CacheArchive}" || CacheArchive="archives" - BackX="${Back}${CacheArchive}/" - for x in $(seq 0 1 $((${BackupLevel}-1))); do - eval "Back${x}=${Back}${x}/" - done - - # backup after n-days if archive contents changed. - # (This uses hardlink to save disk space) - BACKUP_ARCHIVE_STAMP=/var/lib/apt/periodic/backup-archive-stamp - if check_stamp $BACKUP_ARCHIVE_STAMP $BackupArchiveInterval; then - if [ $({(cd $Cache 2>/dev/null; find . -name "*.deb"); (cd $Back0 2>/dev/null;find . -name "*.deb") ;}| sort|uniq -u|wc -l) -ne 0 ]; then - mkdir -p $Back - rm -rf $Back$((${BackupLevel}-1)) - for y in $(seq $((${BackupLevel}-1)) -1 1); do - eval BackY=${Back}$y - eval BackZ=${Back}$(($y-1)) - if [ -e $BackZ ]; then - mv -f $BackZ $BackY ; - fi - done - cp -la $Cache $Back ; mv -f $BackX $Back0 - update_stamp $BACKUP_ARCHIVE_STAMP - debug_echo "backup with hardlinks. (success)" - else - debug_echo "skip backup since same content." - fi - else - debug_echo "skip backup since too new." - fi -} - -# sleep for a random interval of time (default 30min) -# (some code taken from cron-apt, thanks) -random_sleep() -{ - RandomSleep=1800 - eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep) - if [ $RandomSleep -eq 0 ]; then - return - fi - if [ -z "$RANDOM" ] ; then - # A fix for shells that do not have this bash feature. - RANDOM=$(( $(dd if=/dev/urandom bs=2 count=1 2> /dev/null | cksum | cut -d' ' -f1) % 32767 )) - fi - TIME=$(($RANDOM % $RandomSleep)) - debug_echo "sleeping for $TIME seconds" - sleep $TIME -} - - -debug_echo() -{ - # Display message if $VERBOSE >= 1 - if [ "$VERBOSE" -ge 1 ]; then - echo $1 1>&2 - fi -} - -check_power(){ - # laptop check, on_ac_power returns: - # 0 (true) System is on main power - # 1 (false) System is not on main power - # 255 (false) Power status could not be determined - # Desktop systems always return 255 it seems - if which on_ac_power >/dev/null; then - on_ac_power - POWER=$? - if [ $POWER -eq 1 ]; then - debug_echo "exit: system NOT on main power" - return 1 - elif [ $POWER -ne 0 ]; then - debug_echo "power status ($POWER) undetermined, continuing" - fi - debug_echo "system is on main power." - fi - return 0 -} - -# ------------------------ main ---------------------------- - -if test -r /var/lib/apt/extended_states; then - # Backup the 7 last versions of APT's extended_states file - # shameless copy from dpkg cron - if cd /var/backups ; then - if ! cmp -s apt.extended_states.0 /var/lib/apt/extended_states; then - cp -p /var/lib/apt/extended_states apt.extended_states - savelog -c 7 apt.extended_states >/dev/null - fi - fi -fi - -# check apt-config existence -if ! which apt-config >/dev/null ; then - exit 0 -fi - -# check if the user really wants to do something -AutoAptEnable=1 # default is yes -eval $(apt-config shell AutoAptEnable APT::Periodic::Enable) - -if [ $AutoAptEnable -eq 0 ]; then - exit 0 -fi - -# Set VERBOSE mode from apt-config (or inherit from environment) -VERBOSE=0 -eval $(apt-config shell VERBOSE APT::Periodic::Verbose) -debug_echo "verbose level $VERBOSE" -if [ "$VERBOSE" -le 2 ]; then - # quiet for 0,1,2 - XSTDOUT=">/dev/null" - XSTDERR="2>/dev/null" - XAPTOPT="-qq" - XUUPOPT="" -else - XSTDOUT="" - XSTDERR="" - XAPTOPT="" - XUUPOPT="-d" -fi -if [ "$VERBOSE" -ge 3 ]; then - # trace output - set -x -fi - -check_power || exit 0 - -# check if we can lock the cache and if the cache is clean -if which apt-get >/dev/null && ! eval apt-get check $XAPTOPT $XSTDERR ; then - debug_echo "error encountered in cron job with \"apt-get check\"." - exit 0 -fi - -# Global current time in seconds since 1970-01-01 00:00:00 UTC -now=$(date +%s) - -# Support old Archive for compatibility. -# Document only Periodic for all controlling parameters of this script. - -UpdateInterval=0 -eval $(apt-config shell UpdateInterval APT::Periodic::Update-Package-Lists) - -DownloadUpgradeableInterval=0 -eval $(apt-config shell DownloadUpgradeableInterval APT::Periodic::Download-Upgradeable-Packages) - -UnattendedUpgradeInterval=0 -eval $(apt-config shell UnattendedUpgradeInterval APT::Periodic::Unattended-Upgrade) - -AutocleanInterval=0 -eval $(apt-config shell AutocleanInterval APT::Periodic::AutocleanInterval) - -BackupArchiveInterval=0 -eval $(apt-config shell BackupArchiveInterval APT::Periodic::BackupArchiveInterval) - -Debdelta=1 -eval $(apt-config shell Debdelta APT::Periodic::Download-Upgradeable-Packages-Debdelta) - -# check if we actually have to do anything that requires locking the cache -if [ $UpdateInterval -eq 0 ] && - [ $DownloadUpgradeableInterval -eq 0 ] && - [ $UnattendedUpgradeInterval -eq 0 ] && - [ $BackupArchiveInterval -eq 0 ] && - [ $AutocleanInterval -eq 0 ]; then - - # check cache size - check_size_constraints - - exit 0 -fi - -# deal with BackupArchiveInterval -do_cache_backup $BackupArchiveInterval - -# sleep random amount of time to avoid hitting the -# mirrors at the same time -random_sleep -check_power || exit 0 - -# include default system language so that "apt-get update" will -# fetch the right translated package descriptions -if [ -r /etc/default/locale ]; then - . /etc/default/locale - export LANG LANGUAGE LC_MESSAGES LC_ALL -fi - -# update package lists -UPDATED=0 -UPDATE_STAMP=/var/lib/apt/periodic/update-stamp -if check_stamp $UPDATE_STAMP $UpdateInterval; then - if eval apt-get $XAPTOPT -y update $XSTDERR; then - debug_echo "download updated metadata (success)." - if which dbus-send >/dev/null && pidof dbus-daemon >/dev/null; then - if dbus-send --system / app.apt.dbus.updated boolean:true ; then - debug_echo "send dbus signal (success)" - else - debug_echo "send dbus signal (error)" - fi - else - debug_echo "dbus signal not send (command not available)" - fi - update_stamp $UPDATE_STAMP - UPDATED=1 - else - debug_echo "download updated metadata (error)" - fi -else - debug_echo "download updated metadata (not run)." -fi - -# download all upgradeable packages (if it is requested) -DOWNLOAD_UPGRADEABLE_STAMP=/var/lib/apt/periodic/download-upgradeable-stamp -if [ $UPDATED -eq 1 ] && check_stamp $DOWNLOAD_UPGRADEABLE_STAMP $DownloadUpgradeableInterval; then - if [ $Debdelta -eq 1 ]; then - debdelta-upgrade >/dev/null 2>&1 || true - fi - if eval apt-get $XAPTOPT -y -d dist-upgrade $XSTDERR; then - update_stamp $DOWNLOAD_UPGRADEABLE_STAMP - debug_echo "download upgradable (success)" - else - debug_echo "download upgradable (error)" - fi -else - debug_echo "download upgradable (not run)" -fi - -# auto upgrade all upgradeable packages -UPGRADE_STAMP=/var/lib/apt/periodic/upgrade-stamp -if which unattended-upgrade >/dev/null && check_stamp $UPGRADE_STAMP $UnattendedUpgradeInterval; then - if unattended-upgrade $XUUPOPT; then - update_stamp $UPGRADE_STAMP - debug_echo "unattended-upgrade (success)" - else - debug_echo "unattended-upgrade (error)" - fi -else - debug_echo "unattended-upgrade (not run)" -fi - -# autoclean package archive -AUTOCLEAN_STAMP=/var/lib/apt/periodic/autoclean-stamp -if check_stamp $AUTOCLEAN_STAMP $AutocleanInterval; then - if eval apt-get $XAPTOPT -y autoclean $XSTDERR; then - debug_echo "autoclean (success)." - update_stamp $AUTOCLEAN_STAMP - else - debug_echo "autoclean (error)" - fi -else - debug_echo "autoclean (not run)" -fi - -# check cache size -check_size_constraints - -# -# vim: set sts=4 ai : -# - diff --git a/cron.daily/apt-compat b/cron.daily/apt-compat new file mode 100755 index 0000000..095a44c --- /dev/null +++ b/cron.daily/apt-compat @@ -0,0 +1,55 @@ +#!/bin/sh + +set -e + +# Systemd systems use a systemd timer unit which is preferable to +# run. We want to randomize the apt update and unattended-upgrade +# runs as much as possible to avoid hitting the mirrors all at the +# same time. The systemd time is better at this than the fixed +# cron.daily time +if [ -d /run/systemd/system ]; then + exit 0 +fi + +check_power() +{ + # laptop check, on_ac_power returns: + # 0 (true) System is on main power + # 1 (false) System is not on main power + # 255 (false) Power status could not be determined + # Desktop systems always return 255 it seems + if which on_ac_power >/dev/null 2>&1; then + on_ac_power + POWER=$? + if [ $POWER -eq 1 ]; then + return 1 + fi + fi + return 0 +} + +# sleep for a random interval of time (default 30min) +# (some code taken from cron-apt, thanks) +random_sleep() +{ + RandomSleep=1800 + eval $(apt-config shell RandomSleep APT::Periodic::RandomSleep) + if [ $RandomSleep -eq 0 ]; then + return + fi + if [ -z "$RANDOM" ] ; then + # A fix for shells that do not have this bash feature. + RANDOM=$(( $(dd if=/dev/urandom bs=2 count=1 2> /dev/null | cksum | cut -d' ' -f1) % 32767 )) + fi + TIME=$(($RANDOM % $RandomSleep)) + sleep $TIME +} + +# delay the job execution by a random amount of time +random_sleep + +# ensure we don't do this on battery +check_power || exit 0 + +# run daily job +exec /usr/lib/apt/apt.systemd.daily diff --git a/cron.daily/etckeeper b/cron.daily/etckeeper index 5255691..eb74401 100755 --- a/cron.daily/etckeeper +++ b/cron.daily/etckeeper @@ -1,19 +1,8 @@ #!/bin/sh set -e -if [ -x /usr/bin/etckeeper ] && [ -e /etc/etckeeper/etckeeper.conf ]; then +if [ -e /etc/etckeeper/daily ] && [ -e /etc/etckeeper/etckeeper.conf ]; then . /etc/etckeeper/etckeeper.conf if [ "$AVOID_DAILY_AUTOCOMMITS" != "1" ]; then - # avoid autocommit if an install run is in progress - lockfile=/var/cache/etckeeper/packagelist.pre-install - if [ -e "$lockfile" ] && [ -n "$(find "$lockfile" -mtime +1)" ]; then - rm -f "$lockfile" # stale - fi - if [ ! -e "$lockfile" ]; then - AVOID_SPECIAL_FILE_WARNING=1 - export AVOID_SPECIAL_FILE_WARNING - if etckeeper unclean; then - etckeeper commit "daily autocommit" >/dev/null - fi - fi + /etc/etckeeper/daily fi fi diff --git a/cron.daily/man-db b/cron.daily/man-db index c374604..0aeb8a5 100755 --- a/cron.daily/man-db +++ b/cron.daily/man-db @@ -13,18 +13,12 @@ fi if ! [ -d /var/cache/man ]; then # Recover from deletion, per FHS. - mkdir -p /var/cache/man - chown man:root /var/cache/man || true - chmod 2755 /var/cache/man + install -d -o man -g man -m 0755 /var/cache/man fi # expunge old catman pages which have not been read in a week if [ ! -d /run/systemd/system ] && [ -d /var/cache/man ]; then cd / - if ! dpkg-statoverride --list /var/cache/man >/dev/null 2>&1; then - find /var/cache/man -ignore_readdir_race ! -user man -print0 | \ - xargs -r0 chown -f man || true - fi start-stop-daemon --start --pidfile /dev/null --startas /bin/sh \ --oknodo --chuid man $iosched_idle -- -c \ "find /var/cache/man -type f -name '*.gz' -atime +6 -print0 | \ diff --git a/cron.daily/mlocate b/cron.daily/mlocate index aeb1a88..331d063 100755 --- a/cron.daily/mlocate +++ b/cron.daily/mlocate @@ -18,4 +18,10 @@ if [ -x /usr/bin/ionice ] && IONICE="/usr/bin/ionice -c3" fi -flock --nonblock /run/mlocate.daily.lock $IONICE /usr/bin/updatedb.mlocate +# See nocache(1) +NOCACHE= +if [ -x /usr/bin/nocache ]; then + NOCACHE="/usr/bin/nocache" +fi + +flock --nonblock /run/mlocate.daily.lock $NOCACHE $IONICE /usr/bin/updatedb.mlocate diff --git a/cron.daily/spamassassin b/cron.daily/spamassassin index 35b908f..1b42ac8 100755 --- a/cron.daily/spamassassin +++ b/cron.daily/spamassassin @@ -12,6 +12,7 @@ test -f /etc/default/spamassassin && . /etc/default/spamassassin test -x /usr/bin/sa-update || exit 0 test -x /etc/init.d/spamassassin || exit 0 +command -v gpg > /dev/null || exit 0 if [ "$CRON" = "0" ] ; then exit 0 @@ -49,9 +50,11 @@ do_compile() { reload() { # Reload if which invoke-rc.d >/dev/null 2>&1; then - invoke-rc.d spamassassin reload > /dev/null + invoke-rc.d --quiet spamassassin status > /dev/null && \ + invoke-rc.d spamassassin reload > /dev/null else - /etc/init.d/spamassassin reload > /dev/null + invoke-rc.d --quiet spamassassin status > /dev/null && \ + /etc/init.d/spamassassin reload > /dev/null fi if [ -d /etc/spamassassin/sa-update-hooks.d ]; then run-parts --lsbsysinit /etc/spamassassin/sa-update-hooks.d @@ -68,8 +71,8 @@ fi # Update umask 022 -env -i LANG="$LANG" PATH="$PATH" start-stop-daemon \ - --chuid debian-spamd:debian-spamd --start \ +env -i LANG="$LANG" PATH="$PATH" http_proxy="$http_proxy" \ + start-stop-daemon --chuid debian-spamd:debian-spamd --start \ --exec /usr/bin/sa-update -- \ --gpghomedir /var/lib/spamassassin/sa-update-keys 2>&1 diff --git a/cron.weekly/man-db b/cron.weekly/man-db index b890d38..87da3b8 100755 --- a/cron.weekly/man-db +++ b/cron.weekly/man-db @@ -13,9 +13,7 @@ fi if ! [ -d /var/cache/man ]; then # Recover from deletion, per FHS. - mkdir -p /var/cache/man - chown man:root /var/cache/man || true - chmod 2755 /var/cache/man + install -d -o man -g man -m 0755 /var/cache/man fi # regenerate man database diff --git a/dbconfig-common/phpmyadmin.conf b/dbconfig-common/phpmyadmin.conf index c0785a7..4b88f08 100644 --- a/dbconfig-common/phpmyadmin.conf +++ b/dbconfig-common/phpmyadmin.conf @@ -17,7 +17,7 @@ dbc_remove='' # dbc_dbtype: type of underlying database to use # this exists primarily to let dbconfig-common know what database -# type to use when a package supports multiple database types. +# type to use when a package supports multiple database types. # don't change this value unless you know for certain that this # package supports multiple database types dbc_dbtype='mysql' @@ -31,15 +31,24 @@ dbc_dbuser='phpmyadmin' # to a database, if one is required dbc_dbpass='Ash6wuphec8O' -# dbc_dbserver: database host. +# dbc_dballow: allowed host to connect from +# only for database types that support specifying the host from +# which the database user is allowed to connect from +# this string defines for which host the dbc_dbuser is allowed +# to connect +# this value is only really used again when you reconfigure the +# package +dbc_dballow='localhost' + +# dbc_dbserver: database host. # leave unset to use localhost (or a more efficient local method # if it exists). -dbc_dbserver='' +dbc_dbserver='localhost' # dbc_dbport: remote database port # leave unset to use the default. only applicable if you are # using a remote database. -dbc_dbport='' +dbc_dbport='3306' # dbc_dbname: name of database # this is the name of your application's database. @@ -47,11 +56,13 @@ dbc_dbname='phpmyadmin' # dbc_dbadmin: name of the administrative user # this is the administrative user that is used to create all of the above -dbc_dbadmin='root' +# The exception is the MySQL/MariaDB localhost case, where this value is +# ignored and instead is determined from /etc/mysql/debian.cnf. +dbc_dbadmin='debian-sys-maint' # dbc_basepath: base directory to hold database files # leave unset to use the default. only applicable if you are -# using a local (filesystem based) database. +# using a local (filesystem based) database. dbc_basepath='' ## diff --git a/dbus-1/session.conf b/dbus-1/session.conf deleted file mode 100644 index 251b58a..0000000 --- a/dbus-1/session.conf +++ /dev/null @@ -1,75 +0,0 @@ - - - - - - session - - - - - unix:tmpdir=/tmp - - - EXTERNAL - - - - - - - - - - - - - - session.d - - - session-local.conf - - contexts/dbus_contexts - - - - - 1000000000 - 250000000 - 1000000000 - 250000000 - 1000000000 - - 120000 - 240000 - 150000 - 100000 - 10000 - 100000 - 10000 - 50000 - 50000 - 50000 - - diff --git a/dbus-1/session.conf b/dbus-1/session.conf new file mode 120000 index 0000000..b4a3252 --- /dev/null +++ b/dbus-1/session.conf @@ -0,0 +1 @@ +/usr/share/dbus-1/session.conf \ No newline at end of file diff --git a/dbus-1/system.conf b/dbus-1/system.conf deleted file mode 100644 index 891bc00..0000000 --- a/dbus-1/system.conf +++ /dev/null @@ -1,91 +0,0 @@ - - - - - - - - - system - - - messagebus - - - - - - - - - /usr/lib/dbus-1.0/dbus-daemon-launch-helper - - - /var/run/dbus/pid - - - - - - EXTERNAL - - - unix:path=/var/run/dbus/system_bus_socket - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - system.d - - - system-local.conf - - contexts/dbus_contexts - - diff --git a/dbus-1/system.conf b/dbus-1/system.conf new file mode 120000 index 0000000..f22bf8f --- /dev/null +++ b/dbus-1/system.conf @@ -0,0 +1 @@ +/usr/share/dbus-1/system.conf \ No newline at end of file diff --git a/dbus-1/system.d/org.freedesktop.login1.conf b/dbus-1/system.d/org.freedesktop.login1.conf index 1318328..c89e404 100644 --- a/dbus-1/system.d/org.freedesktop.login1.conf +++ b/dbus-1/system.d/org.freedesktop.login1.conf @@ -88,6 +88,42 @@ send_interface="org.freedesktop.login1.Manager" send_member="ActivateSessionOnSeat"/> + + + + + + + + + + + + + + + + + + @@ -128,6 +164,26 @@ send_interface="org.freedesktop.login1.Manager" send_member="CanHybridSleep"/> + + + + + + + + + + @@ -136,6 +192,10 @@ send_interface="org.freedesktop.login1.Manager" send_member="FlushDevices"/> + + @@ -152,14 +212,34 @@ send_interface="org.freedesktop.login1.Seat" send_member="SwitchToNext"/> + + + + + + + + + + @@ -180,6 +260,14 @@ send_interface="org.freedesktop.login1.Session" send_member="PauseDeviceComplete"/> + + + + diff --git a/dbus-1/system.d/org.freedesktop.machine1.conf b/dbus-1/system.d/org.freedesktop.machine1.conf deleted file mode 100644 index 3a77c70..0000000 --- a/dbus-1/system.d/org.freedesktop.machine1.conf +++ /dev/null @@ -1,66 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/dbus-1/system.d/org.freedesktop.network1.conf b/dbus-1/system.d/org.freedesktop.network1.conf new file mode 100644 index 0000000..52dad33 --- /dev/null +++ b/dbus-1/system.d/org.freedesktop.network1.conf @@ -0,0 +1,42 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/dbus-1/system.d/org.freedesktop.resolve1.conf b/dbus-1/system.d/org.freedesktop.resolve1.conf new file mode 100644 index 0000000..25b0977 --- /dev/null +++ b/dbus-1/system.d/org.freedesktop.resolve1.conf @@ -0,0 +1,27 @@ + + + + + + + + + + + + + + + + + + + diff --git a/dbus-1/system.d/org.freedesktop.systemd1.conf b/dbus-1/system.d/org.freedesktop.systemd1.conf index 9dfca81..a61677e 100644 --- a/dbus-1/system.d/org.freedesktop.systemd1.conf +++ b/dbus-1/system.d/org.freedesktop.systemd1.conf @@ -28,6 +28,8 @@ + + @@ -50,6 +52,10 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="GetUnitByPID"/> + + @@ -66,14 +72,30 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="ListUnitsFiltered"/> + + + + + + + + @@ -94,6 +116,140 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="GetDefaultTarget"/> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/debian_version b/debian_version index 43b1584..dd98ee6 100644 --- a/debian_version +++ b/debian_version @@ -1 +1 @@ -8.8 +9.0 diff --git a/default/chrony b/default/chrony new file mode 100644 index 0000000..929dea0 --- /dev/null +++ b/default/chrony @@ -0,0 +1,5 @@ +# This is a configuration file for /etc/init.d/chrony; it allows you to +# pass various options to the chrony daemon without editing the init script. + +# Options to pass to chrony. +DAEMON_OPTS="" diff --git a/default/mysql b/default/mysql new file mode 100644 index 0000000..3d3bc80 --- /dev/null +++ b/default/mysql @@ -0,0 +1,24 @@ +# +# NOTE: This file is read only by the traditional SysV init script and has been +# available only in Ubuntu 16.04 and 16.10 and never in a official Debian release. +# Debian 9 and Ubuntu 17.04 onwards do not normally read this file as they use +# systemd by default. +# +# For similar behaviour, systemd users should override ExecStart by dropping +# files into /etc/systemd/system/mariadb.service.d/ +# +# See also: +# https://wiki.debian.org/Teams/pkg-systemd/Packaging#overriding_options_and_.2Fetc.2Fdefault_handling +# https://mariadb.com/kb/en/mariadb/systemd/ +# +# Note also that MariaDB systemd does _not_ utilize mysqld_safe nor debian-start. + + +# The delay in seconds the init script waits for the server to be up and running after having started "mysqld_safe" to run the "/etc/mysql/debian-start" script. +# If the server is still not responding after the delay, the script won't be executed and an error will be thrown on the syslog. +# Default: 30 +#MYSQLD_STARTUP_TIMEOUT=30 + +# The email recipient(s) of the output of the check for crashed and improperly closed MyISAM and Aria tables done at each server start by the "/etc/mysql/debian-start" script. +# Default: root +#MYCHECK_RCPT="root" diff --git a/default/rcS b/default/rcS index 694ffc7..b60cf6b 100644 --- a/default/rcS +++ b/default/rcS @@ -1,3 +1,6 @@ +################################################################## +# NOTE: This file is ignored when systemd is used as init system # +################################################################## # # /etc/default/rcS # diff --git a/default/rsync b/default/rsync index 13780c2..424b1c0 100644 --- a/default/rsync +++ b/default/rsync @@ -1,4 +1,10 @@ # defaults file for rsync daemon mode +# +# This file is only used for init.d based systems! +# If this system uses systemd, you can specify options etc. for rsync +# in daemon mode by copying /lib/systemd/system/rsync.service to +# /etc/systemd/system/rsync.service and modifying the copy; add required +# options to the ExecStart line. # start rsync in daemon mode from init.d script? # only allowed values are "true", "false", and "inetd" diff --git a/default/tmpfs b/default/tmpfs index a19ba71..80e60a6 100644 --- a/default/tmpfs +++ b/default/tmpfs @@ -1,3 +1,7 @@ +################################################################## +# NOTE: This file is ignored when systemd is used as init system # +################################################################## +# # Configuration for tmpfs filesystems mounted in early boot, before # filesystems from /etc/fstab are mounted. For information about # these variables see the tmpfs(5) manual page. diff --git a/dhcp/debug b/dhcp/debug new file mode 100644 index 0000000..593e7df --- /dev/null +++ b/dhcp/debug @@ -0,0 +1,38 @@ +# +# The purpose of this script is just to show the variables that are +# available to all the scripts in this directory. All these scripts are +# called from dhclient-script, which exports all the variables shown +# before. If you want to debug a problem with your DHCP setup you can +# enable this script and take a look at /tmp/dhclient-script.debug. + +# To enable this script set the following variable to "yes" +RUN="no" + +if [ "$RUN" = "yes" ]; then + echo "$(date): entering ${1%/*}, dumping variables." \ + >> /tmp/dhclient-script.debug + + # loop over the 4 possible prefixes: (empty), cur_, new_, old_ + for prefix in '' 'cur_' 'new_' 'old_'; do + # loop over the DHCP variables passed to dhclient-script + for basevar in reason interface medium alias_ip_address \ + ip_address host_name network_number subnet_mask \ + broadcast_address routers static_routes \ + rfc3442_classless_static_routes \ + domain_name domain_search domain_name_servers \ + netbios_name_servers netbios_scope \ + ntp_servers \ + ip6_address ip6_prefix ip6_prefixlen \ + dhcp6_domain_search dhcp6_name_servers ; do + var="${prefix}${basevar}" + eval "content=\$$var" + + # show only variables with values set + if [ -n "${content}" ]; then + echo "$var='${content}'" >> /tmp/dhclient-script.debug + fi + done + done + + echo '--------------------------' >> /tmp/dhclient-script.debug +fi diff --git a/dhcp/dhclient-enter-hooks.d/debug b/dhcp/dhclient-enter-hooks.d/debug deleted file mode 100644 index 5785a97..0000000 --- a/dhcp/dhclient-enter-hooks.d/debug +++ /dev/null @@ -1,39 +0,0 @@ -# -# The purpose of this script is just to show the variables that are -# available to all the scripts in this directory. All these scripts -# are called from /etc/dhcp3/dhclient-script, which exports all the -# variables shown before. If you want to debug a problem with your DHCP -# setup you can enable this script and take a look at -# /tmp/dhclient-script.debug. - -# To enable this script set the following variable to "yes" -RUN="no" - -if [ "$RUN" = "yes" ]; then - echo $(date): entering ${0%/*}, dumping variables. \ - >> /tmp/dhclient-script.debug - - # loop over the 4 possible prefixes: (empty), cur_, new_, old_ - for prefix in '' 'cur_' 'new_' 'old_'; do - # loop over the DHCP variables passed to dhclient-script - for basevar in reason interface medium alias_ip_address \ - ip_address host_name network_number subnet_mask \ - broadcast_address routers static_routes \ - rfc3442_classless_static_routes \ - domain_name domain_search domain_name_servers \ - netbios_name_servers netbios_scope \ - ntp_servers \ - ip6_address ip6_prefix ip6_prefixlen \ - dhcp6_domain_search dhcp6_name_servers ; do - var="${prefix}${basevar}" - eval "content=\$var" - - # show only variables with values set - if [ -n "${content}" ]; then - echo "$var='${content}'" >> /tmp/dhclient-script.debug - fi - done - done - - echo '--------------------------' >> /tmp/dhclient-script.debug -fi diff --git a/dhcp/dhclient-enter-hooks.d/debug b/dhcp/dhclient-enter-hooks.d/debug new file mode 120000 index 0000000..ee34fdc --- /dev/null +++ b/dhcp/dhclient-enter-hooks.d/debug @@ -0,0 +1 @@ +../debug \ No newline at end of file diff --git a/dhcp/dhclient-exit-hooks.d/debug b/dhcp/dhclient-exit-hooks.d/debug deleted file mode 100644 index 5785a97..0000000 --- a/dhcp/dhclient-exit-hooks.d/debug +++ /dev/null @@ -1,39 +0,0 @@ -# -# The purpose of this script is just to show the variables that are -# available to all the scripts in this directory. All these scripts -# are called from /etc/dhcp3/dhclient-script, which exports all the -# variables shown before. If you want to debug a problem with your DHCP -# setup you can enable this script and take a look at -# /tmp/dhclient-script.debug. - -# To enable this script set the following variable to "yes" -RUN="no" - -if [ "$RUN" = "yes" ]; then - echo $(date): entering ${0%/*}, dumping variables. \ - >> /tmp/dhclient-script.debug - - # loop over the 4 possible prefixes: (empty), cur_, new_, old_ - for prefix in '' 'cur_' 'new_' 'old_'; do - # loop over the DHCP variables passed to dhclient-script - for basevar in reason interface medium alias_ip_address \ - ip_address host_name network_number subnet_mask \ - broadcast_address routers static_routes \ - rfc3442_classless_static_routes \ - domain_name domain_search domain_name_servers \ - netbios_name_servers netbios_scope \ - ntp_servers \ - ip6_address ip6_prefix ip6_prefixlen \ - dhcp6_domain_search dhcp6_name_servers ; do - var="${prefix}${basevar}" - eval "content=\$var" - - # show only variables with values set - if [ -n "${content}" ]; then - echo "$var='${content}'" >> /tmp/dhclient-script.debug - fi - done - done - - echo '--------------------------' >> /tmp/dhclient-script.debug -fi diff --git a/dhcp/dhclient-exit-hooks.d/debug b/dhcp/dhclient-exit-hooks.d/debug new file mode 120000 index 0000000..ee34fdc --- /dev/null +++ b/dhcp/dhclient-exit-hooks.d/debug @@ -0,0 +1 @@ +../debug \ No newline at end of file diff --git a/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes b/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes index 462fb46..1ef7b8a 100644 --- a/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes +++ b/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes @@ -20,26 +20,41 @@ if [ "$RUN" = "yes" ]; then case $net_length in 32|31|30|29|28|27|26|25) + if [ $# -lt 9 ]; then + return 1 + fi net_address="${2}.${3}.${4}.${5}" gateway="${6}.${7}.${8}.${9}" shift 9 ;; 24|23|22|21|20|19|18|17) + if [ $# -lt 8 ]; then + return 1 + fi net_address="${2}.${3}.${4}.0" gateway="${5}.${6}.${7}.${8}" shift 8 ;; 16|15|14|13|12|11|10|9) + if [ $# -lt 7 ]; then + return 1 + fi net_address="${2}.${3}.0.0" gateway="${4}.${5}.${6}.${7}" shift 7 ;; 8|7|6|5|4|3|2|1) + if [ $# -lt 6 ]; then + return 1 + fi net_address="${2}.0.0.0" gateway="${3}.${4}.${5}.${6}" shift 6 ;; 0) # default route + if [ $# -lt 5 ]; then + return 1 + fi net_address="0.0.0.0" gateway="${2}.${3}.${4}.${5}" shift 5 diff --git a/dhcp/dhclient-exit-hooks.d/timesyncd b/dhcp/dhclient-exit-hooks.d/timesyncd new file mode 100644 index 0000000..3cde992 --- /dev/null +++ b/dhcp/dhclient-exit-hooks.d/timesyncd @@ -0,0 +1,42 @@ +TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf + +timesyncd_servers_setup_remove() { + if [ -e $TIMESYNCD_CONF ]; then + rm -f $TIMESYNCD_CONF + systemctl try-restart systemd-timesyncd.service || true + fi +} + +timesyncd_servers_setup_add() { + if [ ! -d /run/systemd/system ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then + return + fi + + if [ -z "$new_ntp_servers" ]; then + timesyncd_servers_setup_remove + return + fi + + mkdir -p $(dirname $TIMESYNCD_CONF) + cat < ${TIMESYNCD_CONF}.new +# NTP server entries received from DHCP server +[Time] +NTP=$new_ntp_servers +EOF + mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF} + systemctl try-restart systemd-timesyncd.service || true +} + + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + timesyncd_servers_setup_add + ;; + EXPIRE|FAIL|RELEASE|STOP) + timesyncd_servers_setup_remove + ;; +esac diff --git a/dhcp/dhclient.conf b/dhcp/dhclient.conf index 431fafd..b85301b 100644 --- a/dhcp/dhclient.conf +++ b/dhcp/dhclient.conf @@ -1,5 +1,4 @@ -# Configuration file for /sbin/dhclient, which is included in Debian's -# dhcp3-client package. +# Configuration file for /sbin/dhclient. # # This is a sample configuration file for dhclient. See dhclient.conf's # man page for more information about the syntax of this file @@ -13,24 +12,24 @@ option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; -#send host-name "andare.fugue.com"; send host-name = gethostname(); -#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; -#send dhcp-lease-time 3600; -#supersede domain-name "fugue.com home.vix.com"; -#prepend domain-name-servers 127.0.0.1; request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, domain-search, host-name, - dhcp6.name-servers, dhcp6.domain-search, + dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, netbios-name-servers, netbios-scope, interface-mtu, rfc3442-classless-static-routes, ntp-servers; + +#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; +#send dhcp-lease-time 3600; +#supersede domain-name "fugue.com home.vix.com"; +#prepend domain-name-servers 127.0.0.1; #require subnet-mask, domain-name-servers; #timeout 60; #retry 60; #reboot 10; #select-timeout 5; #initial-interval 2; -#script "/etc/dhcp3/dhclient-script"; +#script "/sbin/dhclient-script"; #media "-link0 -link1 -link2", "link0 link1"; #reject 192.33.137.209; diff --git a/dkimkeys/README.PrivateKeys b/dkimkeys/README.PrivateKeys new file mode 100644 index 0000000..1e9104a --- /dev/null +++ b/dkimkeys/README.PrivateKeys @@ -0,0 +1,14 @@ +This directory is for storing private keys associated with DKIM signing with +opendkim. + +Here is advice from upstream + +(4) Store the private key in a safe place. We generally use a path like + /var/db/dkim/SELECTOR.key.pem (where "SELECTOR" is the name you chose). + The /var/db/dkim directory and the associated .pem file should be owned by + the user that will be executing the filter (preferably not the + superuser) and be mode 0700 and 0600 respectively. + +In Debian, we use /etc/dkimkeys by default and the directory permissions and +ownership are set correctly. Ensure that the private key is owned by the +opendkim user and the permissions are 0600. diff --git a/dovecot/README b/dovecot/README deleted file mode 100644 index 9dcc22a..0000000 --- a/dovecot/README +++ /dev/null @@ -1,2 +0,0 @@ -Configuration files go to this directory. See example configuration files in -/usr/share/doc/dovecot-core/example-config/ diff --git a/dovecot/conf.d/10-logging.conf b/dovecot/conf.d/10-logging.conf index 5f2c25c..14798f1 100644 --- a/dovecot/conf.d/10-logging.conf +++ b/dovecot/conf.d/10-logging.conf @@ -74,7 +74,8 @@ plugin { # possible variables you can use. #mail_log_prefix = "%s(%u): " -# Format to use for logging mail deliveries. You can use variables: +# Format to use for logging mail deliveries. See doc/wiki/Variables.txt for +# list of all variables you can use. Some of the common ones include: # %$ - Delivery status message (e.g. "saved to INBOX") # %m - Message-ID # %s - Subject diff --git a/dovecot/conf.d/10-mail.conf b/dovecot/conf.d/10-mail.conf index f53c99b..cc0d35e 100644 --- a/dovecot/conf.d/10-mail.conf +++ b/dovecot/conf.d/10-mail.conf @@ -75,6 +75,8 @@ namespace inbox { # Namespace handles its own subscriptions. If set to "no", the parent # namespace handles them (empty prefix should always have this as "yes") #subscriptions = yes + + # See 15-mailboxes.conf for definitions of special mailboxes. } # Example shared namespace configuration @@ -124,10 +126,22 @@ namespace inbox { # or ~user/. #mail_full_filesystem_access = no -# Dictionary for key=value mailbox attributes. Currently used by URLAUTH, but -# soon intended to be used by METADATA as well. +# Dictionary for key=value mailbox attributes. This is used for example by +# URLAUTH and METADATA extensions. #mail_attribute_dict = +# A comment or note that is associated with the server. This value is +# accessible for authenticated users through the IMAP METADATA server +# entry "/shared/comment". +#mail_server_comment = "" + +# Indicates a method for contacting the server administrator. According to +# RFC 5464, this value MUST be a URI (e.g., a mailto: or tel: URL), but that +# is currently not enforced. Use for example mailto:admin@example.com. This +# value is accessible for authenticated users through the IMAP METADATA server +# entry "/shared/admin". +#mail_server_admin = + ## ## Mail processes ## @@ -215,7 +229,7 @@ namespace inbox { # When IDLE command is running, mailbox is checked once in a while to see if # there are any new mails or other changes. This setting defines the minimum -# time to wait between those checks. Dovecot can also use dnotify, inotify and +# time to wait between those checks. Dovecot can also use inotify and # kqueue to find out immediately when changes occur. #mailbox_idle_check_interval = 30 secs diff --git a/dovecot/conf.d/15-mailboxes.conf b/dovecot/conf.d/15-mailboxes.conf index 014f0e0..cd5b21b 100644 --- a/dovecot/conf.d/15-mailboxes.conf +++ b/dovecot/conf.d/15-mailboxes.conf @@ -2,19 +2,48 @@ ## Mailbox definitions ## +# Each mailbox is specified in a separate mailbox section. The section name +# specifies the mailbox name. If it has spaces, you can put the name +# "in quotes". These sections can contain the following mailbox settings: +# +# auto: +# Indicates whether the mailbox with this name is automatically created +# implicitly when it is first accessed. The user can also be automatically +# subscribed to the mailbox after creation. The following values are +# defined for this setting: +# +# no - Never created automatically. +# create - Automatically created, but no automatic subscription. +# subscribe - Automatically created and subscribed. +# +# special_use: +# A space-separated list of SPECIAL-USE flags (RFC 6154) to use for the +# mailbox. There are no validity checks, so you could specify anything +# you want in here, but it's not a good idea to use flags other than the +# standard ones specified in the RFC: +# +# \All - This (virtual) mailbox presents all messages in the +# user's message store. +# \Archive - This mailbox is used to archive messages. +# \Drafts - This mailbox is used to hold draft messages. +# \Flagged - This (virtual) mailbox presents all messages in the +# user's message store marked with the IMAP \Flagged flag. +# \Junk - This mailbox is where messages deemed to be junk mail +# are held. +# \Sent - This mailbox is used to hold copies of messages that +# have been sent. +# \Trash - This mailbox is used to hold messages that have been +# deleted. +# +# comment: +# Defines a default comment or note associated with the mailbox. This +# value is accessible through the IMAP METADATA mailbox entries +# "/shared/comment" and "/private/comment". Users with sufficient +# privileges can override the default value for entries with a custom +# value. + # NOTE: Assumes "namespace inbox" has been defined in 10-mail.conf. namespace inbox { - - #mailbox name { - # auto=create will automatically create this mailbox. - # auto=subscribe will both create and subscribe to the mailbox. - #auto = no - - # Space separated list of IMAP SPECIAL-USE attributes as specified by - # RFC 6154: \All \Archive \Drafts \Flagged \Junk \Sent \Trash - #special_use = - #} - # These mailboxes are widely used and could perhaps be created automatically: mailbox Drafts { special_use = \Drafts @@ -38,10 +67,12 @@ namespace inbox { # If you have a virtual "All messages" mailbox: #mailbox virtual/All { # special_use = \All + # comment = All my messages #} # If you have a virtual "Flagged" mailbox: #mailbox virtual/Flagged { # special_use = \Flagged + # comment = All my flagged messages #} } diff --git a/dovecot/conf.d/20-imap.conf b/dovecot/conf.d/20-imap.conf index 689b0ea..b7dd95d 100644 --- a/dovecot/conf.d/20-imap.conf +++ b/dovecot/conf.d/20-imap.conf @@ -2,6 +2,12 @@ ## IMAP specific settings ## +# If nothing happens for this long while client is IDLEing, move the connection +# to imap-hibernate process and close the old imap process. This saves memory, +# because connections use very little memory in imap-hibernate process. The +# downside is that recreating the imap process back uses some resources. +#imap_hibernate_timeout = 0 + # Maximum IMAP command line length. Some clients generate very long command # lines with huge mailboxes, so you may need to raise this if you get # "Too long argument" or "IMAP command line too large" errors often. @@ -10,6 +16,14 @@ # IMAP logout format string: # %i - total number of bytes read from client # %o - total number of bytes sent to client +# %{fetch_hdr_count} - Number of mails with mail header data sent to client +# %{fetch_hdr_bytes} - Number of bytes with mail header data sent to client +# %{fetch_body_count} - Number of mails with mail body data sent to client +# %{fetch_body_bytes} - Number of bytes with mail body data sent to client +# %{deleted} - Number of mails where client added \Deleted flag +# %{expunged} - Number of mails that client expunged +# %{trashed} - Number of mails that client copied/moved to the +# special_use=\Trash mailbox. #imap_logout_format = in=%i out=%o # Override the IMAP CAPABILITY response. If the value begins with '+', diff --git a/dovecot/conf.d/20-lmtp.conf b/dovecot/conf.d/20-lmtp.conf index f7da3c7..ecd83d1 100644 --- a/dovecot/conf.d/20-lmtp.conf +++ b/dovecot/conf.d/20-lmtp.conf @@ -13,8 +13,14 @@ # Verify quota before replying to RCPT TO. This adds a small overhead. #lmtp_rcpt_check_quota = no +# Which recipient address to use for Delivered-To: header and Received: +# header. The default is "final", which is the same as the one given to +# RCPT TO command. "original" uses the address given in RCPT TO's ORCPT +# parameter, "none" uses nothing. Note that "none" is currently always used +# when a mail has multiple recipients. +#lmtp_hdr_delivery_address = final + protocol lmtp { # Space separated list of plugins to load (default is global mail_plugins). #mail_plugins = $mail_plugins } - \ No newline at end of file diff --git a/dovecot/conf.d/20-pop3.conf b/dovecot/conf.d/20-pop3.conf index 50470e9..e0ba552 100644 --- a/dovecot/conf.d/20-pop3.conf +++ b/dovecot/conf.d/20-pop3.conf @@ -73,6 +73,7 @@ # %r - number of RETR commands # %b - number of bytes sent to client as a result of RETR command # %d - number of deleted messages +# %{deleted_bytes} - number of bytes in deleted messages # %m - number of messages (before deletion) # %s - mailbox size in bytes (before deletion) # %u - old/new UIDL hash. may help finding out if UIDLs changed unexpectedly diff --git a/dovecot/conf.d/90-sieve.conf b/dovecot/conf.d/90-sieve.conf index 1ebf9f3..2902091 100644 --- a/dovecot/conf.d/90-sieve.conf +++ b/dovecot/conf.d/90-sieve.conf @@ -5,39 +5,81 @@ # Do not forget to enable the Sieve plugin in 15-lda.conf and 20-lmtp.conf # by adding it to the respective mail_plugins= settings. +# The Sieve interpreter can retrieve Sieve scripts from several types of +# locations. The default `file' location type is a local filesystem path +# pointing to a Sieve script file or a directory containing multiple Sieve +# script files. More complex setups can use other location types such as +# `ldap' or `dict' to fetch Sieve scripts from remote databases. +# +# All settings that specify the location of one ore more Sieve scripts accept +# the following syntax: +# +# location = [:]path[;